diff --git a/.github/labeler.yml b/.github/labeler.yml index 503833fc4d7..5401e6afd71 100644 --- a/.github/labeler.yml +++ b/.github/labeler.yml @@ -11,7 +11,7 @@ Go: - change-notes/**/*go.* Java: - - any: [ 'java/**/*', '!java/kotlin-extractor/**/*', '!java/kotlin-explorer/**/*', '!java/ql/test/kotlin/**/*' ] + - any: [ 'java/**/*', '!java/kotlin-extractor/**/*', '!java/ql/test/kotlin/**/*' ] - change-notes/**/*java.* JS: @@ -20,7 +20,6 @@ JS: Kotlin: - java/kotlin-extractor/**/* - - java/kotlin-explorer/**/* - java/ql/test/kotlin/**/* Python: diff --git a/.github/workflows/check-change-note.yml b/.github/workflows/check-change-note.yml index aa255d4cf5a..3967c0ec921 100644 --- a/.github/workflows/check-change-note.yml +++ b/.github/workflows/check-change-note.yml @@ -11,7 +11,6 @@ on: - "*/ql/lib/**/*.yml" - "!**/experimental/**" - "!ql/**" - - "!swift/**" - ".github/workflows/check-change-note.yml" jobs: @@ -27,9 +26,9 @@ jobs: run: | gh api 'repos/${{github.repository}}/pulls/${{github.event.number}}/files' --paginate --jq 'any(.[].filename ; test("/change-notes/.*[.]md$"))' | grep true -c - - name: Fail if the change note filename doesn't match the expected format. The file name must be of the form 'YYYY-MM-DD.md' or 'YYYY-MM-DD-{title}.md', where '{title}' is arbitrary text. + - name: Fail if the change note filename doesn't match the expected format. The file name must be of the form 'YYYY-MM-DD.md', 'YYYY-MM-DD-{title}.md', where '{title}' is arbitrary text, or released/x.y.z.md for released change-notes env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | - gh api 'repos/${{github.repository}}/pulls/${{github.event.number}}/files' --paginate --jq '[.[].filename | select(test("/change-notes/.*[.]md$"))] | all(test("/change-notes/[0-9]{4}-[0-9]{2}-[0-9]{2}.*[.]md$"))' | + gh api 'repos/${{github.repository}}/pulls/${{github.event.number}}/files' --paginate --jq '[.[].filename | select(test("/change-notes/.*[.]md$"))] | all(test("/change-notes/[0-9]{4}-[0-9]{2}-[0-9]{2}.*[.]md$") or test("/change-notes/released/[0-9]*[.][0-9]*[.][0-9]*[.]md$"))' | grep true -c diff --git a/.github/workflows/ql-for-ql-build.yml b/.github/workflows/ql-for-ql-build.yml index 49d73d60fc5..10086d78d78 100644 --- a/.github/workflows/ql-for-ql-build.yml +++ b/.github/workflows/ql-for-ql-build.yml @@ -32,7 +32,7 @@ jobs: path: | ql/extractor-pack/ ql/target/release/buramu - key: ${{ runner.os }}-${{ steps.os_version.outputs.version }}-extractor-${{ hashFiles('ql/**/Cargo.lock') }}-${{ hashFiles('ql/**/*.rs') }} + key: ${{ runner.os }}-${{ steps.os_version.outputs.version }}-extractor-${{ hashFiles('ql/**/Cargo.lock') }}-${{ hashFiles('shared/tree-sitter-extractor') }}-${{ hashFiles('ql/**/*.rs') }} - name: Cache cargo if: steps.cache-extractor.outputs.cache-hit != 'true' uses: actions/cache@v3 diff --git a/.github/workflows/ruby-build.yml b/.github/workflows/ruby-build.yml index 51d1fea9697..935d9da642b 100644 --- a/.github/workflows/ruby-build.yml +++ b/.github/workflows/ruby-build.yml @@ -61,7 +61,7 @@ jobs: ruby/extractor/target/release/codeql-extractor-ruby ruby/extractor/target/release/codeql-extractor-ruby.exe ruby/extractor/ql/lib/codeql/ruby/ast/internal/TreeSitter.qll - key: ${{ runner.os }}-${{ steps.os_version.outputs.version }}-ruby-extractor-${{ hashFiles('ruby/extractor/rust-toolchain.toml', 'ruby/extractor/Cargo.lock') }}--${{ hashFiles('ruby/extractor/**/*.rs') }} + key: ${{ runner.os }}-${{ steps.os_version.outputs.version }}-ruby-extractor-${{ hashFiles('ruby/extractor/rust-toolchain.toml', 'ruby/extractor/Cargo.lock') }}-${{ hashFiles('shared/tree-sitter-extractor') }}-${{ hashFiles('ruby/extractor/**/*.rs') }} - uses: actions/cache@v3 if: steps.cache-extractor.outputs.cache-hit != 'true' with: diff --git a/.github/workflows/swift.yml b/.github/workflows/swift.yml index 806e04e6c68..075a5505f39 100644 --- a/.github/workflows/swift.yml +++ b/.github/workflows/swift.yml @@ -16,6 +16,7 @@ on: branches: - main - rc/* + - codeql-cli-* push: paths: - "swift/**" @@ -30,6 +31,7 @@ on: branches: - main - rc/* + - codeql-cli-* jobs: # not using a matrix as you cannot depend on a specific job in a matrix, and we want to start linux checks diff --git a/.github/workflows/sync-files.yml b/.github/workflows/sync-files.yml index afa1e78edfa..8f4678f1788 100644 --- a/.github/workflows/sync-files.yml +++ b/.github/workflows/sync-files.yml @@ -17,4 +17,6 @@ jobs: - uses: actions/checkout@v3 - name: Check synchronized files run: python config/sync-files.py + - name: Check dbscheme fragments + run: python config/sync-dbscheme-fragments.py diff --git a/.vscode/tasks.json b/.vscode/tasks.json index 169b6bdd64d..68df2f6f498 100644 --- a/.vscode/tasks.json +++ b/.vscode/tasks.json @@ -22,6 +22,22 @@ "command": "${config:python.pythonPath}", }, "problemMatcher": [] + }, + { + "label": "Accept .expected changes from CI", + "type": "process", + // Non-Windows OS will usually have Python 3 already installed at /usr/bin/python3. + "command": "python3", + "args": [ + "misc/scripts/accept-expected-changes-from-ci.py" + ], + "group": "build", + "windows": { + // On Windows, use whatever Python interpreter is configured for this workspace. The default is + // just `python`, so if Python is already on the path, this will find it. + "command": "${config:python.pythonPath}", + }, + "problemMatcher": [] } ] -} \ No newline at end of file +} diff --git a/CODEOWNERS b/CODEOWNERS index 856d325b487..b2eb53f0bb0 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -8,7 +8,6 @@ /swift/ @github/codeql-swift /misc/codegen/ @github/codeql-swift /java/kotlin-extractor/ @github/codeql-kotlin -/java/kotlin-explorer/ @github/codeql-kotlin # ML-powered queries /javascript/ql/experimental/adaptivethreatmodeling/ @github/codeql-ml-powered-queries-reviewers @@ -40,3 +39,6 @@ WORKSPACE.bazel @github/codeql-ci-reviewers /.github/workflows/ql-for-ql-* @github/codeql-ql-for-ql-reviewers /.github/workflows/ruby-* @github/codeql-ruby /.github/workflows/swift.yml @github/codeql-swift + +# Misc +/misc/scripts/accept-expected-changes-from-ci.py @RasmusWL diff --git a/config/dbscheme-fragments.json b/config/dbscheme-fragments.json new file mode 100644 index 00000000000..2a56ed57bae --- /dev/null +++ b/config/dbscheme-fragments.json @@ -0,0 +1,33 @@ +{ + "files": [ + "javascript/ql/lib/semmlecode.javascript.dbscheme", + "python/ql/lib/semmlecode.python.dbscheme", + "ruby/ql/lib/ruby.dbscheme", + "ql/ql/src/ql.dbscheme" + ], + "fragments": [ + "/*- External data -*/", + "/*- Files and folders -*/", + "/*- Diagnostic messages -*/", + "/*- Diagnostic messages: severity -*/", + "/*- Source location prefix -*/", + "/*- Lines of code -*/", + "/*- Configuration files with key value pairs -*/", + "/*- YAML -*/", + "/*- XML Files -*/", + "/*- XML: sourceline -*/", + "/*- DEPRECATED: External defects and metrics -*/", + "/*- DEPRECATED: Snapshot date -*/", + "/*- DEPRECATED: Duplicate code -*/", + "/*- DEPRECATED: Version control data -*/", + "/*- JavaScript-specific part -*/", + "/*- Ruby dbscheme -*/", + "/*- Erb dbscheme -*/", + "/*- QL dbscheme -*/", + "/*- Dbscheme dbscheme -*/", + "/*- Yaml dbscheme -*/", + "/*- Blame dbscheme -*/", + "/*- JSON dbscheme -*/", + "/*- Python dbscheme -*/" + ] +} \ No newline at end of file diff --git a/config/identical-files.json b/config/identical-files.json index 3a9ef5173aa..3c16c953129 100644 --- a/config/identical-files.json +++ b/config/identical-files.json @@ -47,7 +47,6 @@ "python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl2.qll", "python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl3.qll", "python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl4.qll", - "python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImplForRegExp.qll", "ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl1.qll", "ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl2.qll", "ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplForHttpClientLibraries.qll", @@ -512,7 +511,8 @@ "SensitiveDataHeuristics Python/JS": [ "javascript/ql/lib/semmle/javascript/security/internal/SensitiveDataHeuristics.qll", "python/ql/lib/semmle/python/security/internal/SensitiveDataHeuristics.qll", - "ruby/ql/lib/codeql/ruby/security/internal/SensitiveDataHeuristics.qll" + "ruby/ql/lib/codeql/ruby/security/internal/SensitiveDataHeuristics.qll", + "swift/ql/lib/codeql/swift/security/internal/SensitiveDataHeuristics.qll" ], "CFG": [ "csharp/ql/lib/semmle/code/csharp/controlflow/internal/ControlFlowGraphImplShared.qll", @@ -599,4 +599,4 @@ "python/ql/lib/semmle/python/security/internal/EncryptionKeySizes.qll", "java/ql/lib/semmle/code/java/security/internal/EncryptionKeySizes.qll" ] -} \ No newline at end of file +} diff --git a/config/sync-dbscheme-fragments.py b/config/sync-dbscheme-fragments.py new file mode 100755 index 00000000000..266a504691e --- /dev/null +++ b/config/sync-dbscheme-fragments.py @@ -0,0 +1,86 @@ +#!/usr/bin/env python3 + +import argparse +import json +import os +import pathlib +import re + + +def make_groups(blocks): + groups = {} + for block in blocks: + groups.setdefault("".join(block["lines"]), []).append(block) + return list(groups.values()) + + +def validate_fragments(fragments): + ok = True + for header, blocks in fragments.items(): + groups = make_groups(blocks) + if len(groups) > 1: + ok = False + print("Warning: dbscheme fragments with header '{}' are different for {}".format(header, ["{}:{}:{}".format( + group[0]["file"], group[0]["start"], group[0]["end"]) for group in groups])) + return ok + + +def main(): + script_path = os.path.realpath(__file__) + script_dir = os.path.dirname(script_path) + parser = argparse.ArgumentParser( + prog=os.path.basename(script_path), + description='Sync dbscheme fragments across files.' + ) + parser.add_argument('files', metavar='dbscheme_file', type=pathlib.Path, nargs='*', default=[], + help='dbscheme files to check') + args = parser.parse_args() + + with open(os.path.join(script_dir, "dbscheme-fragments.json"), "r") as f: + config = json.load(f) + + fragment_headers = set(config["fragments"]) + fragments = {} + ok = True + for file in args.files + config["files"]: + with open(os.path.join(os.path.dirname(script_dir), file), "r") as dbscheme: + header = None + line_number = 1 + block = {"file": file, "start": line_number, + "end": None, "lines": []} + + def end_block(): + block["end"] = line_number - 1 + if len(block["lines"]) > 0: + if header is None: + if re.match(r'(?m)\A(\s|//.*$|/\*(\**[^\*])*\*+/)*\Z', "".join(block["lines"])): + # Ignore comments at the beginning of the file + pass + else: + ok = False + print("Warning: dbscheme fragment without header: {}:{}:{}".format( + block["file"], block["start"], block["end"])) + else: + fragments.setdefault(header, []).append(block) + for line in dbscheme: + m = re.match(r"^\/\*-.*-\*\/$", line) + if m: + end_block() + header = line.strip() + if header not in fragment_headers: + ok = False + print("Warning: unknown header for dbscheme fragment: '{}': {}:{}".format( + header, file, line_number)) + block = {"file": file, "start": line_number, + "end": None, "lines": []} + block["lines"].append(line) + line_number += 1 + block["lines"].append('\n') + line_number += 1 + end_block() + if not ok or not validate_fragments(fragments): + exit(1) + + +if __name__ == "__main__": + main() diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md index f77a14c328f..e5d2ae643bc 100644 --- a/cpp/ql/lib/CHANGELOG.md +++ b/cpp/ql/lib/CHANGELOG.md @@ -1,3 +1,19 @@ +## 0.7.2 + +### New Features + +* Added an AST-based interface (`semmle.code.cpp.rangeanalysis.new.RangeAnalysis`) for the relative range analysis library. +* A new predicate `BarrierGuard::getAnIndirectBarrierNode` has been added to the new dataflow library (`semmle.code.cpp.dataflow.new.DataFlow`) to mark indirect expressions as barrier nodes using the `BarrierGuard` API. + +### Major Analysis Improvements + +* In the intermediate representation, handling of control flow after non-returning calls has been improved. This should remove false positives in queries that use the intermedite representation or libraries based on it, including the new data flow library. + +### Minor Analysis Improvements + +* The `StdNamespace` class now also includes all inline namespaces that are children of `std` namespace. +* The new dataflow (`semmle.code.cpp.dataflow.new.DataFlow`) and taint-tracking libraries (`semmle.code.cpp.dataflow.new.TaintTracking`) now support tracking flow through static local variables. + ## 0.7.1 No user-facing changes. diff --git a/cpp/ql/lib/change-notes/2023-04-28-indirect-barrier-node.md b/cpp/ql/lib/change-notes/2023-04-28-indirect-barrier-node.md deleted file mode 100644 index 68421139e7d..00000000000 --- a/cpp/ql/lib/change-notes/2023-04-28-indirect-barrier-node.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* A new predicate `BarrierGuard::getAnIndirectBarrierNode` has been added to the new dataflow library (`semmle.code.cpp.dataflow.new.DataFlow`) to mark indirect expressions as barrier nodes using the `BarrierGuard` API. diff --git a/cpp/ql/lib/change-notes/2023-04-28-static-local-dataflow.md b/cpp/ql/lib/change-notes/2023-04-28-static-local-dataflow.md deleted file mode 100644 index be4c4e73ed0..00000000000 --- a/cpp/ql/lib/change-notes/2023-04-28-static-local-dataflow.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The new dataflow (`semmle.code.cpp.dataflow.new.DataFlow`) and taint-tracking libraries (`semmle.code.cpp.dataflow.new.TaintTracking`) now support tracking flow through static local variables. diff --git a/cpp/ql/lib/change-notes/2023-05-02-ir-noreturn-calls.md b/cpp/ql/lib/change-notes/2023-05-02-ir-noreturn-calls.md deleted file mode 100644 index 5688945dc80..00000000000 --- a/cpp/ql/lib/change-notes/2023-05-02-ir-noreturn-calls.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: majorAnalysis ---- -* In the intermediate representation, handling of control flow after non-returning calls has been improved. This should remove false positives in queries that use the intermedite representation or libraries based on it, including the new data flow library. \ No newline at end of file diff --git a/cpp/ql/lib/change-notes/2023-05-02-range-analysis-wrapper.md b/cpp/ql/lib/change-notes/2023-05-02-range-analysis-wrapper.md deleted file mode 100644 index b28167dc52d..00000000000 --- a/cpp/ql/lib/change-notes/2023-05-02-range-analysis-wrapper.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* Added an AST-based interface (`semmle.code.cpp.rangeanalysis.new.RangeAnalysis`) for the relative range analysis library. \ No newline at end of file diff --git a/cpp/ql/lib/change-notes/released/0.7.2.md b/cpp/ql/lib/change-notes/released/0.7.2.md new file mode 100644 index 00000000000..4decad06ae8 --- /dev/null +++ b/cpp/ql/lib/change-notes/released/0.7.2.md @@ -0,0 +1,15 @@ +## 0.7.2 + +### New Features + +* Added an AST-based interface (`semmle.code.cpp.rangeanalysis.new.RangeAnalysis`) for the relative range analysis library. +* A new predicate `BarrierGuard::getAnIndirectBarrierNode` has been added to the new dataflow library (`semmle.code.cpp.dataflow.new.DataFlow`) to mark indirect expressions as barrier nodes using the `BarrierGuard` API. + +### Major Analysis Improvements + +* In the intermediate representation, handling of control flow after non-returning calls has been improved. This should remove false positives in queries that use the intermedite representation or libraries based on it, including the new data flow library. + +### Minor Analysis Improvements + +* The `StdNamespace` class now also includes all inline namespaces that are children of `std` namespace. +* The new dataflow (`semmle.code.cpp.dataflow.new.DataFlow`) and taint-tracking libraries (`semmle.code.cpp.dataflow.new.TaintTracking`) now support tracking flow through static local variables. diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml index e007a9aec3e..fee171e9685 100644 --- a/cpp/ql/lib/codeql-pack.release.yml +++ b/cpp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.7.1 +lastReleaseVersion: 0.7.2 diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/rangeanalysis/RangeAnalysis.qll b/cpp/ql/lib/experimental/semmle/code/cpp/rangeanalysis/RangeAnalysis.qll index ee0c70c3754..e5de44b396d 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/rangeanalysis/RangeAnalysis.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/rangeanalysis/RangeAnalysis.qll @@ -238,7 +238,7 @@ class NoReason extends Reason, TNoReason { class CondReason extends Reason, TCondReason { IRGuardCondition getCond() { this = TCondReason(result) } - override string toString() { result = getCond().toString() } + override string toString() { result = this.getCond().toString() } } /** @@ -260,14 +260,14 @@ private predicate typeBound(IRIntegerType typ, int lowerbound, int upperbound) { private class NarrowingCastInstruction extends ConvertInstruction { NarrowingCastInstruction() { not this instanceof SafeCastInstruction and - typeBound(getResultIRType(), _, _) + typeBound(this.getResultIRType(), _, _) } /** Gets the lower bound of the resulting type. */ - int getLowerBound() { typeBound(getResultIRType(), result, _) } + int getLowerBound() { typeBound(this.getResultIRType(), result, _) } /** Gets the upper bound of the resulting type. */ - int getUpperBound() { typeBound(getResultIRType(), _, result) } + int getUpperBound() { typeBound(this.getResultIRType(), _, result) } } /** diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/rangeanalysis/RangeUtils.qll b/cpp/ql/lib/experimental/semmle/code/cpp/rangeanalysis/RangeUtils.qll index bffd08fbe52..6cc7a024f88 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/rangeanalysis/RangeUtils.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/rangeanalysis/RangeUtils.qll @@ -109,8 +109,8 @@ private predicate safeCast(IRIntegerType fromtyp, IRIntegerType totyp) { */ class PtrToPtrCastInstruction extends ConvertInstruction { PtrToPtrCastInstruction() { - getResultIRType() instanceof IRAddressType and - getUnary().getResultIRType() instanceof IRAddressType + this.getResultIRType() instanceof IRAddressType and + this.getUnary().getResultIRType() instanceof IRAddressType } } @@ -119,7 +119,7 @@ class PtrToPtrCastInstruction extends ConvertInstruction { * that cannot overflow or underflow. */ class SafeIntCastInstruction extends ConvertInstruction { - SafeIntCastInstruction() { safeCast(getUnary().getResultIRType(), getResultIRType()) } + SafeIntCastInstruction() { safeCast(this.getUnary().getResultIRType(), this.getResultIRType()) } } /** diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/rangeanalysis/extensions/ConstantBitwiseAndExprRange.qll b/cpp/ql/lib/experimental/semmle/code/cpp/rangeanalysis/extensions/ConstantBitwiseAndExprRange.qll index 33776bd8105..20e3f6abb17 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/rangeanalysis/extensions/ConstantBitwiseAndExprRange.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/rangeanalysis/extensions/ConstantBitwiseAndExprRange.qll @@ -50,8 +50,8 @@ private class ConstantBitwiseAndExprRange extends SimpleRangeAnalysisExpr { // If an operand can have negative values, the lower bound is unconstrained. // Otherwise, the lower bound is zero. exists(float lLower, float rLower | - lLower = getFullyConvertedLowerBounds(getLeftOperand()) and - rLower = getFullyConvertedLowerBounds(getRightOperand()) and + lLower = getFullyConvertedLowerBounds(this.getLeftOperand()) and + rLower = getFullyConvertedLowerBounds(this.getRightOperand()) and ( (lLower < 0 or rLower < 0) and result = exprMinVal(this) @@ -68,10 +68,10 @@ private class ConstantBitwiseAndExprRange extends SimpleRangeAnalysisExpr { // If an operand can have negative values, the upper bound is unconstrained. // Otherwise, the upper bound is the minimum of the upper bounds of the operands exists(float lLower, float lUpper, float rLower, float rUpper | - lLower = getFullyConvertedLowerBounds(getLeftOperand()) and - lUpper = getFullyConvertedUpperBounds(getLeftOperand()) and - rLower = getFullyConvertedLowerBounds(getRightOperand()) and - rUpper = getFullyConvertedUpperBounds(getRightOperand()) and + lLower = getFullyConvertedLowerBounds(this.getLeftOperand()) and + lUpper = getFullyConvertedUpperBounds(this.getLeftOperand()) and + rLower = getFullyConvertedLowerBounds(this.getRightOperand()) and + rUpper = getFullyConvertedUpperBounds(this.getRightOperand()) and ( (lLower < 0 or rLower < 0) and result = exprMaxVal(this) @@ -85,6 +85,6 @@ private class ConstantBitwiseAndExprRange extends SimpleRangeAnalysisExpr { } override predicate dependsOnChild(Expr child) { - child = getLeftOperand() or child = getRightOperand() + child = this.getLeftOperand() or child = this.getRightOperand() } } diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/rangeanalysis/extensions/ConstantShiftExprRange.qll b/cpp/ql/lib/experimental/semmle/code/cpp/rangeanalysis/extensions/ConstantShiftExprRange.qll index b4189b0f4cc..3f300d7aa8d 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/rangeanalysis/extensions/ConstantShiftExprRange.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/rangeanalysis/extensions/ConstantShiftExprRange.qll @@ -50,7 +50,7 @@ class ConstantRShiftExprRange extends SimpleRangeAnalysisExpr { * We don't handle the case where `a` and `b` are both non-constant values. */ ConstantRShiftExprRange() { - getUnspecifiedType() instanceof IntegralType and + this.getUnspecifiedType() instanceof IntegralType and exists(Expr l, Expr r | l = this.(RShiftExpr).getLeftOperand() and r = this.(RShiftExpr).getRightOperand() @@ -84,10 +84,10 @@ class ConstantRShiftExprRange extends SimpleRangeAnalysisExpr { override float getLowerBounds() { exists(int lLower, int lUpper, int rLower, int rUpper | - lLower = getFullyConvertedLowerBounds(getLeftOperand()) and - lUpper = getFullyConvertedUpperBounds(getLeftOperand()) and - rLower = getFullyConvertedLowerBounds(getRightOperand()) and - rUpper = getFullyConvertedUpperBounds(getRightOperand()) and + lLower = getFullyConvertedLowerBounds(this.getLeftOperand()) and + lUpper = getFullyConvertedUpperBounds(this.getLeftOperand()) and + rLower = getFullyConvertedLowerBounds(this.getRightOperand()) and + rUpper = getFullyConvertedUpperBounds(this.getRightOperand()) and lLower <= lUpper and rLower <= rUpper | @@ -95,8 +95,8 @@ class ConstantRShiftExprRange extends SimpleRangeAnalysisExpr { lLower < 0 or not ( - isValidShiftExprShift(rLower, getLeftOperand()) and - isValidShiftExprShift(rUpper, getLeftOperand()) + isValidShiftExprShift(rLower, this.getLeftOperand()) and + isValidShiftExprShift(rUpper, this.getLeftOperand()) ) then // We don't want to deal with shifting negative numbers at the moment, @@ -111,10 +111,10 @@ class ConstantRShiftExprRange extends SimpleRangeAnalysisExpr { override float getUpperBounds() { exists(int lLower, int lUpper, int rLower, int rUpper | - lLower = getFullyConvertedLowerBounds(getLeftOperand()) and - lUpper = getFullyConvertedUpperBounds(getLeftOperand()) and - rLower = getFullyConvertedLowerBounds(getRightOperand()) and - rUpper = getFullyConvertedUpperBounds(getRightOperand()) and + lLower = getFullyConvertedLowerBounds(this.getLeftOperand()) and + lUpper = getFullyConvertedUpperBounds(this.getLeftOperand()) and + rLower = getFullyConvertedLowerBounds(this.getRightOperand()) and + rUpper = getFullyConvertedUpperBounds(this.getRightOperand()) and lLower <= lUpper and rLower <= rUpper | @@ -122,8 +122,8 @@ class ConstantRShiftExprRange extends SimpleRangeAnalysisExpr { lLower < 0 or not ( - isValidShiftExprShift(rLower, getLeftOperand()) and - isValidShiftExprShift(rUpper, getLeftOperand()) + isValidShiftExprShift(rLower, this.getLeftOperand()) and + isValidShiftExprShift(rUpper, this.getLeftOperand()) ) then // We don't want to deal with shifting negative numbers at the moment, @@ -137,7 +137,7 @@ class ConstantRShiftExprRange extends SimpleRangeAnalysisExpr { } override predicate dependsOnChild(Expr child) { - child = getLeftOperand() or child = getRightOperand() + child = this.getLeftOperand() or child = this.getRightOperand() } } @@ -163,7 +163,7 @@ class ConstantLShiftExprRange extends SimpleRangeAnalysisExpr { * We don't handle the case where `a` and `b` are both non-constant values. */ ConstantLShiftExprRange() { - getUnspecifiedType() instanceof IntegralType and + this.getUnspecifiedType() instanceof IntegralType and exists(Expr l, Expr r | l = this.(LShiftExpr).getLeftOperand() and r = this.(LShiftExpr).getRightOperand() @@ -197,10 +197,10 @@ class ConstantLShiftExprRange extends SimpleRangeAnalysisExpr { override float getLowerBounds() { exists(int lLower, int lUpper, int rLower, int rUpper | - lLower = getFullyConvertedLowerBounds(getLeftOperand()) and - lUpper = getFullyConvertedUpperBounds(getLeftOperand()) and - rLower = getFullyConvertedLowerBounds(getRightOperand()) and - rUpper = getFullyConvertedUpperBounds(getRightOperand()) and + lLower = getFullyConvertedLowerBounds(this.getLeftOperand()) and + lUpper = getFullyConvertedUpperBounds(this.getLeftOperand()) and + rLower = getFullyConvertedLowerBounds(this.getRightOperand()) and + rUpper = getFullyConvertedUpperBounds(this.getRightOperand()) and lLower <= lUpper and rLower <= rUpper | @@ -208,8 +208,8 @@ class ConstantLShiftExprRange extends SimpleRangeAnalysisExpr { lLower < 0 or not ( - isValidShiftExprShift(rLower, getLeftOperand()) and - isValidShiftExprShift(rUpper, getLeftOperand()) + isValidShiftExprShift(rLower, this.getLeftOperand()) and + isValidShiftExprShift(rUpper, this.getLeftOperand()) ) then // We don't want to deal with shifting negative numbers at the moment, @@ -228,10 +228,10 @@ class ConstantLShiftExprRange extends SimpleRangeAnalysisExpr { override float getUpperBounds() { exists(int lLower, int lUpper, int rLower, int rUpper | - lLower = getFullyConvertedLowerBounds(getLeftOperand()) and - lUpper = getFullyConvertedUpperBounds(getLeftOperand()) and - rLower = getFullyConvertedLowerBounds(getRightOperand()) and - rUpper = getFullyConvertedUpperBounds(getRightOperand()) and + lLower = getFullyConvertedLowerBounds(this.getLeftOperand()) and + lUpper = getFullyConvertedUpperBounds(this.getLeftOperand()) and + rLower = getFullyConvertedLowerBounds(this.getRightOperand()) and + rUpper = getFullyConvertedUpperBounds(this.getRightOperand()) and lLower <= lUpper and rLower <= rUpper | @@ -239,8 +239,8 @@ class ConstantLShiftExprRange extends SimpleRangeAnalysisExpr { lLower < 0 or not ( - isValidShiftExprShift(rLower, getLeftOperand()) and - isValidShiftExprShift(rUpper, getLeftOperand()) + isValidShiftExprShift(rLower, this.getLeftOperand()) and + isValidShiftExprShift(rUpper, this.getLeftOperand()) ) then // We don't want to deal with shifting negative numbers at the moment, @@ -258,6 +258,6 @@ class ConstantLShiftExprRange extends SimpleRangeAnalysisExpr { } override predicate dependsOnChild(Expr child) { - child = getLeftOperand() or child = getRightOperand() + child = this.getLeftOperand() or child = this.getRightOperand() } } diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/rangeanalysis/extensions/RangeNode.qll b/cpp/ql/lib/experimental/semmle/code/cpp/rangeanalysis/extensions/RangeNode.qll index d24d754a4ac..d862b207da4 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/rangeanalysis/extensions/RangeNode.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/rangeanalysis/extensions/RangeNode.qll @@ -83,20 +83,23 @@ private class ExprRangeNode extends DataFlow::ExprNode { private string getCallBounds(Call e) { result = getExprBoundAsString(e) + "(" + - concat(Expr arg, int i | arg = e.getArgument(i) | getIntegralBounds(arg) order by i, ",") + - ")" + concat(Expr arg, int i | + arg = e.getArgument(i) + | + this.getIntegralBounds(arg), "," order by i + ) + ")" } override string toString() { - exists(Expr e | e = getExpr() | + exists(Expr e | e = this.getExpr() | if hasIntegralOrReferenceIntegralType(e) then - result = super.toString() + ": " + getOperationBounds(e) + result = super.toString() + ": " + this.getOperationBounds(e) or - result = super.toString() + ": " + getCallBounds(e) + result = super.toString() + ": " + this.getCallBounds(e) or - not exists(getOperationBounds(e)) and - not exists(getCallBounds(e)) and + not exists(this.getOperationBounds(e)) and + not exists(this.getCallBounds(e)) and result = super.toString() + ": " + getExprBoundAsString(e) else result = super.toString() ) @@ -108,8 +111,8 @@ private class ExprRangeNode extends DataFlow::ExprNode { */ private class ReferenceArgumentRangeNode extends DataFlow::DefinitionByReferenceNode { override string toString() { - if hasIntegralOrReferenceIntegralType(asDefiningArgument()) - then result = super.toString() + ": " + getExprBoundAsString(getArgument()) + if hasIntegralOrReferenceIntegralType(this.asDefiningArgument()) + then result = super.toString() + ": " + getExprBoundAsString(this.getArgument()) else result = super.toString() } } diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/rangeanalysis/extensions/StrlenLiteralRangeExpr.qll b/cpp/ql/lib/experimental/semmle/code/cpp/rangeanalysis/extensions/StrlenLiteralRangeExpr.qll index 39326e89a51..f301263d0e3 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/rangeanalysis/extensions/StrlenLiteralRangeExpr.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/rangeanalysis/extensions/StrlenLiteralRangeExpr.qll @@ -7,12 +7,12 @@ private import experimental.semmle.code.cpp.models.interfaces.SimpleRangeAnalysi */ class StrlenLiteralRangeExpr extends SimpleRangeAnalysisExpr, FunctionCall { StrlenLiteralRangeExpr() { - getTarget().hasGlobalOrStdName("strlen") and getArgument(0).isConstant() + this.getTarget().hasGlobalOrStdName("strlen") and this.getArgument(0).isConstant() } - override int getLowerBounds() { result = getArgument(0).getValue().length() } + override int getLowerBounds() { result = this.getArgument(0).getValue().length() } - override int getUpperBounds() { result = getArgument(0).getValue().length() } + override int getUpperBounds() { result = this.getArgument(0).getValue().length() } override predicate dependsOnChild(Expr e) { none() } } diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/rangeanalysis/extensions/SubtractSelf.qll b/cpp/ql/lib/experimental/semmle/code/cpp/rangeanalysis/extensions/SubtractSelf.qll index ff716d02d6f..32b4d2a4fba 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/rangeanalysis/extensions/SubtractSelf.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/rangeanalysis/extensions/SubtractSelf.qll @@ -3,8 +3,8 @@ import experimental.semmle.code.cpp.models.interfaces.SimpleRangeAnalysisExpr private class SelfSub extends SimpleRangeAnalysisExpr, SubExpr { SelfSub() { // Match `x - x` but not `myInt - (unsigned char)myInt`. - getLeftOperand().getExplicitlyConverted().(VariableAccess).getTarget() = - getRightOperand().getExplicitlyConverted().(VariableAccess).getTarget() + this.getLeftOperand().getExplicitlyConverted().(VariableAccess).getTarget() = + this.getRightOperand().getExplicitlyConverted().(VariableAccess).getTarget() } override float getLowerBounds() { result = 0 } diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index 2c84e013333..1982886c434 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 0.7.2-dev +version: 0.7.3-dev groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp @@ -9,3 +9,4 @@ dependencies: codeql/ssa: ${workspace} codeql/tutorial: ${workspace} codeql/util: ${workspace} +warnOnImplicitThis: true diff --git a/cpp/ql/lib/semmle/code/cpp/Compilation.qll b/cpp/ql/lib/semmle/code/cpp/Compilation.qll index 812c417dbdd..1a8d90f991c 100644 --- a/cpp/ql/lib/semmle/code/cpp/Compilation.qll +++ b/cpp/ql/lib/semmle/code/cpp/Compilation.qll @@ -42,7 +42,7 @@ class Compilation extends @compilation { } /** Gets a file compiled during this invocation. */ - File getAFileCompiled() { result = getFileCompiled(_) } + File getAFileCompiled() { result = this.getFileCompiled(_) } /** Gets the `i`th file compiled during this invocation */ File getFileCompiled(int i) { compilation_compiling_files(this, i, unresolveElement(result)) } @@ -74,7 +74,7 @@ class Compilation extends @compilation { /** * Gets an argument passed to the extractor on this invocation. */ - string getAnArgument() { result = getArgument(_) } + string getAnArgument() { result = this.getArgument(_) } /** * Gets the `i`th argument passed to the extractor on this invocation. diff --git a/cpp/ql/lib/semmle/code/cpp/Field.qll b/cpp/ql/lib/semmle/code/cpp/Field.qll index 95e55568c4b..2e1f20e8d30 100644 --- a/cpp/ql/lib/semmle/code/cpp/Field.qll +++ b/cpp/ql/lib/semmle/code/cpp/Field.qll @@ -39,7 +39,8 @@ class Field extends MemberVariable { * complete most-derived object. */ int getAByteOffsetIn(Class mostDerivedClass) { - result = mostDerivedClass.getABaseClassByteOffset(getDeclaringType()) + getByteOffset() + result = + mostDerivedClass.getABaseClassByteOffset(this.getDeclaringType()) + this.getByteOffset() } /** @@ -116,10 +117,10 @@ class BitField extends Field { int getBitOffset() { fieldoffsets(underlyingElement(this), _, result) } /** Holds if this bitfield is anonymous. */ - predicate isAnonymous() { hasName("(unnamed bitfield)") } + predicate isAnonymous() { this.hasName("(unnamed bitfield)") } override predicate isInitializable() { // Anonymous bitfields are not initializable. - not isAnonymous() + not this.isAnonymous() } } diff --git a/cpp/ql/lib/semmle/code/cpp/Linkage.qll b/cpp/ql/lib/semmle/code/cpp/Linkage.qll index e604ce06dee..da192e57dee 100644 --- a/cpp/ql/lib/semmle/code/cpp/Linkage.qll +++ b/cpp/ql/lib/semmle/code/cpp/Linkage.qll @@ -24,10 +24,10 @@ class LinkTarget extends @link_target { * captured as part of the snapshot, then everything is grouped together * into a single dummy link target. */ - predicate isDummy() { getBinary().getAbsolutePath() = "" } + predicate isDummy() { this.getBinary().getAbsolutePath() = "" } /** Gets a textual representation of this element. */ - string toString() { result = getBinary().getAbsolutePath() } + string toString() { result = this.getBinary().getAbsolutePath() } /** * Gets a function which was compiled into this link target, or had its diff --git a/cpp/ql/lib/semmle/code/cpp/Macro.qll b/cpp/ql/lib/semmle/code/cpp/Macro.qll index 4378cec4857..bd916d4bc4e 100644 --- a/cpp/ql/lib/semmle/code/cpp/Macro.qll +++ b/cpp/ql/lib/semmle/code/cpp/Macro.qll @@ -34,7 +34,7 @@ class Macro extends PreprocessorDirective, @ppd_define { * Gets the name of the macro. For example, `MAX` in * `#define MAX(x,y) (((x)>(y))?(x):(y))`. */ - string getName() { result = this.getHead().splitAt("(", 0) } + string getName() { result = this.getHead().regexpCapture("([^(]*+).*", 1) } /** Holds if the macro has name `name`. */ predicate hasName(string name) { this.getName() = name } diff --git a/cpp/ql/lib/semmle/code/cpp/NameQualifiers.qll b/cpp/ql/lib/semmle/code/cpp/NameQualifiers.qll index a5894e21071..df52735f653 100644 --- a/cpp/ql/lib/semmle/code/cpp/NameQualifiers.qll +++ b/cpp/ql/lib/semmle/code/cpp/NameQualifiers.qll @@ -24,7 +24,7 @@ class NameQualifier extends NameQualifiableElement, @namequalifier { * Gets the expression ultimately qualified by the chain of name * qualifiers. For example, `f()` in `N1::N2::f()`. */ - Expr getExpr() { result = getQualifiedElement+() } + Expr getExpr() { result = this.getQualifiedElement+() } /** Gets a location for this name qualifier. */ override Location getLocation() { namequalifiers(underlyingElement(this), _, _, result) } @@ -56,12 +56,12 @@ class NameQualifier extends NameQualifiableElement, @namequalifier { if nqe instanceof SpecialNameQualifyingElement then exists(Access a | - a = getQualifiedElement() and + a = this.getQualifiedElement() and result = a.getTarget().getDeclaringType() ) or exists(FunctionCall c | - c = getQualifiedElement() and + c = this.getQualifiedElement() and result = c.getTarget().getDeclaringType() ) else result = nqe @@ -109,7 +109,7 @@ class NameQualifiableElement extends Element, @namequalifiableelement { * namespace. */ predicate hasGlobalQualifiedName() { - getNameQualifier*().getQualifyingElement() instanceof GlobalNamespace + this.getNameQualifier*().getQualifyingElement() instanceof GlobalNamespace } /** @@ -119,7 +119,7 @@ class NameQualifiableElement extends Element, @namequalifiableelement { */ predicate hasSuperQualifiedName() { exists(NameQualifier nq, SpecialNameQualifyingElement snqe | - nq = getNameQualifier*() and + nq = this.getNameQualifier*() and namequalifiers(unresolveElement(nq), _, unresolveElement(snqe), _) and snqe.getName() = "__super" ) @@ -164,5 +164,5 @@ library class SpecialNameQualifyingElement extends NameQualifyingElement, /** Gets the name of this special qualifying element. */ override string getName() { specialnamequalifyingelements(underlyingElement(this), result) } - override string toString() { result = getName() } + override string toString() { result = this.getName() } } diff --git a/cpp/ql/lib/semmle/code/cpp/Namespace.qll b/cpp/ql/lib/semmle/code/cpp/Namespace.qll index 129e1449c32..065e28c8429 100644 --- a/cpp/ql/lib/semmle/code/cpp/Namespace.qll +++ b/cpp/ql/lib/semmle/code/cpp/Namespace.qll @@ -230,8 +230,12 @@ class GlobalNamespace extends Namespace { } /** - * The C++ `std::` namespace. + * The C++ `std::` namespace and its inline namespaces. */ class StdNamespace extends Namespace { - StdNamespace() { this.hasName("std") and this.getParentNamespace() instanceof GlobalNamespace } + StdNamespace() { + this.hasName("std") and this.getParentNamespace() instanceof GlobalNamespace + or + this.isInline() and this.getParentNamespace() instanceof StdNamespace + } } diff --git a/cpp/ql/lib/semmle/code/cpp/NestedFields.qll b/cpp/ql/lib/semmle/code/cpp/NestedFields.qll index ce67719a7e2..798c17e8cd0 100644 --- a/cpp/ql/lib/semmle/code/cpp/NestedFields.qll +++ b/cpp/ql/lib/semmle/code/cpp/NestedFields.qll @@ -37,7 +37,7 @@ class NestedFieldAccess extends FieldAccess { NestedFieldAccess() { ultimateQualifier = getUltimateQualifier(this) and - getTarget() = getANestedField(ultimateQualifier.getType().stripType()) + this.getTarget() = getANestedField(ultimateQualifier.getType().stripType()) } /** diff --git a/cpp/ql/lib/semmle/code/cpp/PrintAST.qll b/cpp/ql/lib/semmle/code/cpp/PrintAST.qll index 1b04f5e7a7b..b4d89eb8c1d 100644 --- a/cpp/ql/lib/semmle/code/cpp/PrintAST.qll +++ b/cpp/ql/lib/semmle/code/cpp/PrintAST.qll @@ -130,7 +130,7 @@ class PrintAstNode extends TPrintAstNode { // The exact value of `childIndex` doesn't matter, as long as we preserve the correct order. result = rank[childIndex](PrintAstNode child, int nonConvertedIndex, boolean isConverted | - childAndAccessorPredicate(child, _, nonConvertedIndex, isConverted) + this.childAndAccessorPredicate(child, _, nonConvertedIndex, isConverted) | // Unconverted children come first, then sort by original child index within each group. child order by isConverted, nonConvertedIndex @@ -143,7 +143,7 @@ class PrintAstNode extends TPrintAstNode { */ private PrintAstNode getConvertedChild(int childIndex) { exists(Expr expr | - expr = getChildInternal(childIndex).(AstNode).getAst() and + expr = this.getChildInternal(childIndex).(AstNode).getAst() and expr.getFullyConverted() instanceof Conversion and result.(AstNode).getAst() = expr.getFullyConverted() and not expr instanceof Conversion @@ -155,8 +155,8 @@ class PrintAstNode extends TPrintAstNode { * at index `childIndex`, if that node has any conversions. */ private string getConvertedChildAccessorPredicate(int childIndex) { - exists(getConvertedChild(childIndex)) and - result = getChildAccessorPredicateInternal(childIndex) + ".getFullyConverted()" + exists(this.getConvertedChild(childIndex)) and + result = this.getChildAccessorPredicateInternal(childIndex) + ".getFullyConverted()" } /** @@ -164,12 +164,12 @@ class PrintAstNode extends TPrintAstNode { * within a function are printed, but the query can override * `PrintASTConfiguration.shouldPrintFunction` to filter the output. */ - final predicate shouldPrint() { shouldPrintFunction(getEnclosingFunction()) } + final predicate shouldPrint() { shouldPrintFunction(this.getEnclosingFunction()) } /** * Gets the children of this node. */ - final PrintAstNode getAChild() { result = getChild(_) } + final PrintAstNode getAChild() { result = this.getChild(_) } /** * Gets the parent of this node, if any. @@ -187,7 +187,7 @@ class PrintAstNode extends TPrintAstNode { */ string getProperty(string key) { key = "semmle.label" and - result = toString() + result = this.toString() } /** @@ -201,12 +201,12 @@ class PrintAstNode extends TPrintAstNode { private predicate childAndAccessorPredicate( PrintAstNode child, string childPredicate, int nonConvertedIndex, boolean isConverted ) { - child = getChildInternal(nonConvertedIndex) and - childPredicate = getChildAccessorPredicateInternal(nonConvertedIndex) and + child = this.getChildInternal(nonConvertedIndex) and + childPredicate = this.getChildAccessorPredicateInternal(nonConvertedIndex) and isConverted = false or - child = getConvertedChild(nonConvertedIndex) and - childPredicate = getConvertedChildAccessorPredicate(nonConvertedIndex) and + child = this.getConvertedChild(nonConvertedIndex) and + childPredicate = this.getConvertedChildAccessorPredicate(nonConvertedIndex) and isConverted = true } @@ -218,7 +218,7 @@ class PrintAstNode extends TPrintAstNode { // The exact value of `childIndex` doesn't matter, as long as we preserve the correct order. result = rank[childIndex](string childPredicate, int nonConvertedIndex, boolean isConverted | - childAndAccessorPredicate(_, childPredicate, nonConvertedIndex, isConverted) + this.childAndAccessorPredicate(_, childPredicate, nonConvertedIndex, isConverted) | // Unconverted children come first, then sort by original child index within each group. childPredicate order by isConverted, nonConvertedIndex @@ -234,7 +234,9 @@ class PrintAstNode extends TPrintAstNode { /** * Gets the `Function` that contains this node. */ - private Function getEnclosingFunction() { result = getParent*().(FunctionNode).getFunction() } + private Function getEnclosingFunction() { + result = this.getParent*().(FunctionNode).getFunction() + } } /** DEPRECATED: Alias for PrintAstNode */ @@ -253,7 +255,7 @@ private class PrintableElement extends Element { } pragma[noinline] - string getAPrimaryQlClass0() { result = getAPrimaryQlClass() } + string getAPrimaryQlClass0() { result = this.getAPrimaryQlClass() } } /** @@ -281,7 +283,7 @@ abstract class BaseAstNode extends PrintAstNode { final Locatable getAst() { result = ast } /** DEPRECATED: Alias for getAst */ - deprecated Locatable getAST() { result = getAst() } + deprecated Locatable getAST() { result = this.getAst() } } /** DEPRECATED: Alias for BaseAstNode */ @@ -311,7 +313,7 @@ class ExprNode extends AstNode { result = super.getProperty(key) or key = "Value" and - result = qlClass(expr) + getValue() + result = qlClass(expr) + this.getValue() or key = "Type" and result = qlClass(expr.getType()) + expr.getType().toString() @@ -321,7 +323,7 @@ class ExprNode extends AstNode { } override string getChildAccessorPredicateInternal(int childIndex) { - result = getChildAccessorWithoutConversions(ast, getChildInternal(childIndex).getAst()) + result = getChildAccessorWithoutConversions(ast, this.getChildInternal(childIndex).getAst()) } /** @@ -441,7 +443,7 @@ class StmtNode extends AstNode { } override string getChildAccessorPredicateInternal(int childIndex) { - result = getChildAccessorWithoutConversions(ast, getChildInternal(childIndex).getAst()) + result = getChildAccessorWithoutConversions(ast, this.getChildInternal(childIndex).getAst()) } } @@ -517,7 +519,7 @@ class ParametersNode extends PrintAstNode, TParametersNode { } override string getChildAccessorPredicateInternal(int childIndex) { - exists(getChildInternal(childIndex)) and + exists(this.getChildInternal(childIndex)) and result = "getParameter(" + childIndex.toString() + ")" } @@ -544,7 +546,7 @@ class ConstructorInitializersNode extends PrintAstNode, TConstructorInitializers } final override string getChildAccessorPredicateInternal(int childIndex) { - exists(getChildInternal(childIndex)) and + exists(this.getChildInternal(childIndex)) and result = "getInitializer(" + childIndex.toString() + ")" } @@ -571,7 +573,7 @@ class DestructorDestructionsNode extends PrintAstNode, TDestructorDestructionsNo } final override string getChildAccessorPredicateInternal(int childIndex) { - exists(getChildInternal(childIndex)) and + exists(this.getChildInternal(childIndex)) and result = "getDestruction(" + childIndex.toString() + ")" } @@ -628,7 +630,7 @@ class FunctionNode extends AstNode { override string getProperty(string key) { result = super.getProperty(key) or - key = "semmle.order" and result = getOrder().toString() + key = "semmle.order" and result = this.getOrder().toString() } /** diff --git a/cpp/ql/lib/semmle/code/cpp/Type.qll b/cpp/ql/lib/semmle/code/cpp/Type.qll index 438c697f27d..91354ef2e08 100644 --- a/cpp/ql/lib/semmle/code/cpp/Type.qll +++ b/cpp/ql/lib/semmle/code/cpp/Type.qll @@ -1699,7 +1699,28 @@ class AutoType extends TemplateParameter { private predicate suppressUnusedThis(Type t) { any() } -/** A source code location referring to a type */ +/** + * A source code location referring to a user-defined type. + * + * Note that only _user-defined_ types have `TypeMention`s. In particular, + * built-in types, and derived types with built-in types as their base don't + * have any `TypeMention`s. For example, given + * ```cpp + * struct S { ... }; + * void f(S s1, int i1) { + * S s2; + * S* s3; + * S& s4 = s2; + * decltype(s2) s5; + * + * int i2; + * int* i3; + * int i4[10]; + * } + * ``` + * there will be a `TypeMention` for the mention of `S` at `S s1`, `S s2`, and `S& s4 = s2`, + * but not at `decltype(s2) s5`. Additionally, there will be no `TypeMention`s for `int`. + */ class TypeMention extends Locatable, @type_mention { override string toString() { result = "type mention" } diff --git a/cpp/ql/lib/semmle/code/cpp/commons/Strcat.qll b/cpp/ql/lib/semmle/code/cpp/commons/Strcat.qll index c9cd0b2ebdd..472de0c34b1 100644 --- a/cpp/ql/lib/semmle/code/cpp/commons/Strcat.qll +++ b/cpp/ql/lib/semmle/code/cpp/commons/Strcat.qll @@ -8,7 +8,7 @@ import cpp */ deprecated class StrcatFunction extends Function { StrcatFunction() { - getName() = + this.getName() = [ "strcat", // strcat(dst, src) "strncat", // strncat(dst, src, max_amount) diff --git a/cpp/ql/lib/semmle/code/cpp/controlflow/DefinitionsAndUses.qll b/cpp/ql/lib/semmle/code/cpp/controlflow/DefinitionsAndUses.qll index dcabba51ce2..6a18f6cc149 100644 --- a/cpp/ql/lib/semmle/code/cpp/controlflow/DefinitionsAndUses.qll +++ b/cpp/ql/lib/semmle/code/cpp/controlflow/DefinitionsAndUses.qll @@ -98,7 +98,7 @@ library class DefOrUse extends ControlFlowNodeBase { pragma[noinline] private predicate reaches_helper(boolean isDef, SemanticStackVariable v, BasicBlock bb, int i) { - getVariable(isDef) = v and + this.getVariable(isDef) = v and bb.getNode(i) = this } @@ -118,21 +118,21 @@ library class DefOrUse extends ControlFlowNodeBase { * predicates are duplicated for now. */ - exists(BasicBlock bb, int i | reaches_helper(isDef, v, bb, i) | + exists(BasicBlock bb, int i | this.reaches_helper(isDef, v, bb, i) | exists(int j | j > i and (bbDefAt(bb, j, v, defOrUse) or bbUseAt(bb, j, v, defOrUse)) and - not exists(int k | firstBarrierAfterThis(isDef, k, v) and k < j) + not exists(int k | this.firstBarrierAfterThis(isDef, k, v) and k < j) ) or - not firstBarrierAfterThis(isDef, _, v) and + not this.firstBarrierAfterThis(isDef, _, v) and bbSuccessorEntryReachesDefOrUse(bb, v, defOrUse, _) ) } private predicate firstBarrierAfterThis(boolean isDef, int j, SemanticStackVariable v) { exists(BasicBlock bb, int i | - getVariable(isDef) = v and + this.getVariable(isDef) = v and bb.getNode(i) = this and j = min(int k | bbBarrierAt(bb, k, v, _) and k > i) ) diff --git a/cpp/ql/lib/semmle/code/cpp/controlflow/SSAUtils.qll b/cpp/ql/lib/semmle/code/cpp/controlflow/SSAUtils.qll index 2252864c249..45ef36f339d 100644 --- a/cpp/ql/lib/semmle/code/cpp/controlflow/SSAUtils.qll +++ b/cpp/ql/lib/semmle/code/cpp/controlflow/SSAUtils.qll @@ -130,7 +130,7 @@ library class SsaHelper extends int { * Remove any custom phi nodes that are invalid. */ private predicate sanitized_custom_phi_node(StackVariable v, BasicBlock b) { - custom_phi_node(v, b) and + this.custom_phi_node(v, b) and not addressTakenVariable(v) and not isReferenceVar(v) and b.isReachable() @@ -142,7 +142,7 @@ library class SsaHelper extends int { */ cached predicate phi_node(StackVariable v, BasicBlock b) { - frontier_phi_node(v, b) or sanitized_custom_phi_node(v, b) + this.frontier_phi_node(v, b) or this.sanitized_custom_phi_node(v, b) } /** @@ -154,14 +154,15 @@ library class SsaHelper extends int { */ private predicate frontier_phi_node(StackVariable v, BasicBlock b) { exists(BasicBlock x | - dominanceFrontier(x, b) and ssa_defn_rec(pragma[only_bind_into](v), pragma[only_bind_into](x)) + dominanceFrontier(x, b) and + this.ssa_defn_rec(pragma[only_bind_into](v), pragma[only_bind_into](x)) ) and /* We can also eliminate those nodes where the variable is not live on any incoming edge */ live_at_start_of_bb(pragma[only_bind_into](v), b) } private predicate ssa_defn_rec(StackVariable v, BasicBlock b) { - phi_node(v, b) + this.phi_node(v, b) or variableUpdate(v, _, b, _) } @@ -172,7 +173,7 @@ library class SsaHelper extends int { */ cached predicate ssa_defn(StackVariable v, ControlFlowNode node, BasicBlock b, int index) { - phi_node(v, b) and b.getStart() = node and index = -1 + this.phi_node(v, b) and b.getStart() = node and index = -1 or variableUpdate(v, node, b, index) } @@ -196,7 +197,7 @@ library class SsaHelper extends int { * basic blocks. */ private predicate defUseRank(StackVariable v, BasicBlock b, int rankix, int i) { - i = rank[rankix](int j | ssa_defn(v, _, b, j) or ssa_use(v, _, b, j)) + i = rank[rankix](int j | this.ssa_defn(v, _, b, j) or ssa_use(v, _, b, j)) } /** @@ -206,7 +207,7 @@ library class SsaHelper extends int { * the block. */ private int lastRank(StackVariable v, BasicBlock b) { - result = max(int rankix | defUseRank(v, b, rankix, _)) + 1 + result = max(int rankix | this.defUseRank(v, b, rankix, _)) + 1 } /** @@ -215,8 +216,8 @@ library class SsaHelper extends int { */ private predicate ssaDefRank(StackVariable v, ControlFlowNode def, BasicBlock b, int rankix) { exists(int i | - ssa_defn(v, def, b, i) and - defUseRank(v, b, rankix, i) + this.ssa_defn(v, def, b, i) and + this.defUseRank(v, b, rankix, i) ) } @@ -232,21 +233,21 @@ library class SsaHelper extends int { // use is understood to happen _before_ the definition. Phi nodes are // at rankidx -1 and will therefore always reach the first node in the // basic block. - ssaDefRank(v, def, b, rankix - 1) + this.ssaDefRank(v, def, b, rankix - 1) or - ssaDefReachesRank(v, def, b, rankix - 1) and - rankix <= lastRank(v, b) and // Without this, the predicate would be infinite. - not ssaDefRank(v, _, b, rankix - 1) // Range is inclusive of but not past next def. + this.ssaDefReachesRank(v, def, b, rankix - 1) and + rankix <= this.lastRank(v, b) and // Without this, the predicate would be infinite. + not this.ssaDefRank(v, _, b, rankix - 1) // Range is inclusive of but not past next def. } /** Holds if SSA variable `(v, def)` reaches the end of block `b`. */ cached predicate ssaDefinitionReachesEndOfBB(StackVariable v, ControlFlowNode def, BasicBlock b) { - live_at_exit_of_bb(v, b) and ssaDefReachesRank(v, def, b, lastRank(v, b)) + live_at_exit_of_bb(v, b) and this.ssaDefReachesRank(v, def, b, this.lastRank(v, b)) or exists(BasicBlock idom | - ssaDefinitionReachesEndOfBB(v, def, idom) and - noDefinitionsSinceIDominator(v, idom, b) + this.ssaDefinitionReachesEndOfBB(v, def, idom) and + this.noDefinitionsSinceIDominator(v, idom, b) ) } @@ -260,7 +261,7 @@ library class SsaHelper extends int { private predicate noDefinitionsSinceIDominator(StackVariable v, BasicBlock idom, BasicBlock b) { bbIDominates(idom, b) and // It is sufficient to traverse the dominator graph, cf. discussion above. live_at_exit_of_bb(v, b) and - not ssa_defn(v, _, b, _) + not this.ssa_defn(v, _, b, _) } /** @@ -269,8 +270,8 @@ library class SsaHelper extends int { */ private predicate ssaDefinitionReachesUseWithinBB(StackVariable v, ControlFlowNode def, Expr use) { exists(BasicBlock b, int rankix, int i | - ssaDefReachesRank(v, def, b, rankix) and - defUseRank(v, b, rankix, i) and + this.ssaDefReachesRank(v, def, b, rankix) and + this.defUseRank(v, b, rankix, i) and ssa_use(v, use, b, i) ) } @@ -279,12 +280,12 @@ library class SsaHelper extends int { * Holds if SSA variable `(v, def)` reaches the control-flow node `use`. */ private predicate ssaDefinitionReaches(StackVariable v, ControlFlowNode def, Expr use) { - ssaDefinitionReachesUseWithinBB(v, def, use) + this.ssaDefinitionReachesUseWithinBB(v, def, use) or exists(BasicBlock b | ssa_use(v, use, b, _) and - ssaDefinitionReachesEndOfBB(v, def, b.getAPredecessor()) and - not ssaDefinitionReachesUseWithinBB(v, _, use) + this.ssaDefinitionReachesEndOfBB(v, def, b.getAPredecessor()) and + not this.ssaDefinitionReachesUseWithinBB(v, _, use) ) } @@ -294,10 +295,10 @@ library class SsaHelper extends int { */ cached string toString(ControlFlowNode node, StackVariable v) { - if phi_node(v, node) + if this.phi_node(v, node) then result = "SSA phi(" + v.getName() + ")" else ( - ssa_defn(v, node, _, _) and result = "SSA def(" + v.getName() + ")" + this.ssa_defn(v, node, _, _) and result = "SSA def(" + v.getName() + ")" ) } @@ -307,7 +308,7 @@ library class SsaHelper extends int { */ cached VariableAccess getAUse(ControlFlowNode def, StackVariable v) { - ssaDefinitionReaches(v, def, result) and + this.ssaDefinitionReaches(v, def, result) and ssa_use(v, result, _, _) } } diff --git a/cpp/ql/lib/semmle/code/cpp/controlflow/StackVariableReachability.qll b/cpp/ql/lib/semmle/code/cpp/controlflow/StackVariableReachability.qll index 3af5f2dbf0c..9fa5c57ef12 100644 --- a/cpp/ql/lib/semmle/code/cpp/controlflow/StackVariableReachability.qll +++ b/cpp/ql/lib/semmle/code/cpp/controlflow/StackVariableReachability.qll @@ -25,7 +25,7 @@ import cpp */ abstract class StackVariableReachability extends string { bindingset[this] - StackVariableReachability() { length() >= 0 } + StackVariableReachability() { this.length() >= 0 } /** Holds if `node` is a source for the reachability analysis using variable `v`. */ abstract predicate isSource(ControlFlowNode node, StackVariable v); @@ -227,7 +227,7 @@ predicate bbSuccessorEntryReachesLoopInvariant( */ abstract class StackVariableReachabilityWithReassignment extends StackVariableReachability { bindingset[this] - StackVariableReachabilityWithReassignment() { length() >= 0 } + StackVariableReachabilityWithReassignment() { this.length() >= 0 } /** Override this predicate rather than `isSource` (`isSource` is used internally). */ abstract predicate isSourceActual(ControlFlowNode node, StackVariable v); @@ -330,7 +330,7 @@ abstract class StackVariableReachabilityWithReassignment extends StackVariableRe */ abstract class StackVariableReachabilityExt extends string { bindingset[this] - StackVariableReachabilityExt() { length() >= 0 } + StackVariableReachabilityExt() { this.length() >= 0 } /** `node` is a source for the reachability analysis using variable `v`. */ abstract predicate isSource(ControlFlowNode node, StackVariable v); diff --git a/cpp/ql/lib/semmle/code/cpp/exprs/ComparisonOperation.qll b/cpp/ql/lib/semmle/code/cpp/exprs/ComparisonOperation.qll index 2c6387f1844..9135e15fb49 100644 --- a/cpp/ql/lib/semmle/code/cpp/exprs/ComparisonOperation.qll +++ b/cpp/ql/lib/semmle/code/cpp/exprs/ComparisonOperation.qll @@ -76,9 +76,9 @@ class GTExpr extends RelationalOperation, @gtexpr { override string getOperator() { result = ">" } - override Expr getGreaterOperand() { result = getLeftOperand() } + override Expr getGreaterOperand() { result = this.getLeftOperand() } - override Expr getLesserOperand() { result = getRightOperand() } + override Expr getLesserOperand() { result = this.getRightOperand() } } /** @@ -92,9 +92,9 @@ class LTExpr extends RelationalOperation, @ltexpr { override string getOperator() { result = "<" } - override Expr getGreaterOperand() { result = getRightOperand() } + override Expr getGreaterOperand() { result = this.getRightOperand() } - override Expr getLesserOperand() { result = getLeftOperand() } + override Expr getLesserOperand() { result = this.getLeftOperand() } } /** @@ -108,9 +108,9 @@ class GEExpr extends RelationalOperation, @geexpr { override string getOperator() { result = ">=" } - override Expr getGreaterOperand() { result = getLeftOperand() } + override Expr getGreaterOperand() { result = this.getLeftOperand() } - override Expr getLesserOperand() { result = getRightOperand() } + override Expr getLesserOperand() { result = this.getRightOperand() } } /** @@ -124,7 +124,7 @@ class LEExpr extends RelationalOperation, @leexpr { override string getOperator() { result = "<=" } - override Expr getGreaterOperand() { result = getRightOperand() } + override Expr getGreaterOperand() { result = this.getRightOperand() } - override Expr getLesserOperand() { result = getLeftOperand() } + override Expr getLesserOperand() { result = this.getLeftOperand() } } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll index efd33b82a89..cc8d0cdbe94 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll @@ -210,8 +210,8 @@ class IndirectOperand extends Node { this.(RawIndirectOperand).getOperand() = operand and this.(RawIndirectOperand).getIndirectionIndex() = indirectionIndex or - this.(OperandNode).getOperand() = - Ssa::getIRRepresentationOfIndirectOperand(operand, indirectionIndex) + nodeHasOperand(this, Ssa::getIRRepresentationOfIndirectOperand(operand, indirectionIndex), + indirectionIndex - 1) } /** Gets the underlying operand. */ @@ -250,8 +250,8 @@ class IndirectInstruction extends Node { this.(RawIndirectInstruction).getInstruction() = instr and this.(RawIndirectInstruction).getIndirectionIndex() = indirectionIndex or - this.(InstructionNode).getInstruction() = - Ssa::getIRRepresentationOfIndirectInstruction(instr, indirectionIndex) + nodeHasInstruction(this, Ssa::getIRRepresentationOfIndirectInstruction(instr, indirectionIndex), + indirectionIndex - 1) } /** Gets the underlying instruction. */ diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll index bdde7830c1e..9a3fd679f23 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll @@ -562,6 +562,14 @@ class SsaPhiNode extends Node, TSsaPhiNode { /** Gets the source variable underlying this phi node. */ Ssa::SourceVariable getSourceVariable() { result = phi.getSourceVariable() } + + /** + * Holds if this phi node is a phi-read node. + * + * Phi-read nodes are like normal phi nodes, but they are inserted based + * on reads instead of writes. + */ + predicate isPhiRead() { phi.isPhiRead() } } /** @@ -1540,7 +1548,7 @@ private module Cached { cached predicate simpleLocalFlowStep(Node nodeFrom, Node nodeTo) { // Post update node -> Node flow - Ssa::ssaFlow(nodeFrom.(PostUpdateNode).getPreUpdateNode(), nodeTo) + Ssa::postUpdateFlow(nodeFrom, nodeTo) or // Def-use/Use-use flow Ssa::ssaFlow(nodeFrom, nodeTo) @@ -1632,8 +1640,15 @@ predicate localInstructionFlow(Instruction e1, Instruction e2) { localFlow(instructionNode(e1), instructionNode(e2)) } +/** + * INTERNAL: Do not use. + * + * Ideally this module would be private, but the `asExprInternal` predicate is + * needed in `DefaultTaintTrackingImpl`. Once `DefaultTaintTrackingImpl` is gone + * we can make this module private. + */ cached -private module ExprFlowCached { +module ExprFlowCached { /** * Holds if `n` is an indirect operand of a `PointerArithmeticInstruction`, and * `e` is the result of loading from the `PointerArithmeticInstruction`. @@ -1684,7 +1699,8 @@ private module ExprFlowCached { * `x[i]` steps to the expression `x[i - 1]` without traversing the * entire chain. */ - private Expr asExpr(Node n) { + cached + Expr asExprInternal(Node n) { isIndirectBaseOfArrayAccess(n, result) or not isIndirectBaseOfArrayAccess(n, _) and @@ -1696,7 +1712,7 @@ private module ExprFlowCached { * dataflow step. */ private predicate localStepFromNonExpr(Node n1, Node n2) { - not exists(asExpr(n1)) and + not exists(asExprInternal(n1)) and localFlowStep(n1, n2) } @@ -1707,7 +1723,7 @@ private module ExprFlowCached { pragma[nomagic] private predicate localStepsToExpr(Node n1, Node n2, Expr e2) { localStepFromNonExpr*(n1, n2) and - e2 = asExpr(n2) + e2 = asExprInternal(n2) } /** @@ -1718,7 +1734,7 @@ private module ExprFlowCached { exists(Node mid | localFlowStep(n1, mid) and localStepsToExpr(mid, n2, e2) and - e1 = asExpr(n1) + e1 = asExprInternal(n1) ) } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DefaultTaintTrackingImpl.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DefaultTaintTrackingImpl.qll index e21a83fcb54..960b373b4fa 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DefaultTaintTrackingImpl.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DefaultTaintTrackingImpl.qll @@ -60,7 +60,7 @@ private DataFlow::Node getNodeForSource(Expr source) { } private DataFlow::Node getNodeForExpr(Expr node) { - result = DataFlow::exprNode(node) + node = DataFlow::ExprFlowCached::asExprInternal(result) or // Some of the sources in `isUserInput` are intended to match the value of // an expression, while others (those modeled below) are intended to match @@ -221,7 +221,7 @@ private module Cached { predicate nodeIsBarrierIn(DataFlow::Node node) { // don't use dataflow into taint sources, as this leads to duplicate results. exists(Expr source | isUserInput(source, _) | - node = DataFlow::exprNode(source) + source = DataFlow::ExprFlowCached::asExprInternal(node) or // This case goes together with the similar (but not identical) rule in // `getNodeForSource`. diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/PrintIRFieldFlowSteps.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/PrintIRFieldFlowSteps.qll new file mode 100644 index 00000000000..f0286c00cbc --- /dev/null +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/PrintIRFieldFlowSteps.qll @@ -0,0 +1,38 @@ +/** + * Print the dataflow local store steps in IR dumps. + */ + +private import cpp +private import semmle.code.cpp.ir.IR +private import semmle.code.cpp.ir.dataflow.internal.DataFlowUtil +private import semmle.code.cpp.ir.dataflow.internal.DataFlowPrivate +private import PrintIRUtilities + +/** A property provider for local IR dataflow store steps. */ +class FieldFlowPropertyProvider extends IRPropertyProvider { + override string getOperandProperty(Operand operand, string key) { + exists(PostFieldUpdateNode pfun, Content content | + key = "store " + content.toString() and + operand = pfun.getPreUpdateNode().(IndirectOperand).getOperand() and + result = + strictconcat(string element, Node node | + storeStep(node, content, pfun) and + element = nodeId(node, _, _) + | + element, ", " + ) + ) + or + exists(Node node2, Content content | + key = "read " + content.toString() and + operand = node2.(IndirectOperand).getOperand() and + result = + strictconcat(string element, Node node1 | + readStep(node1, content, node2) and + element = nodeId(node1, _, _) + | + element, ", " + ) + ) + } +} diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/PrintIRLocalFlow.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/PrintIRLocalFlow.qll index bbe236311fb..e92a4a8933e 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/PrintIRLocalFlow.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/PrintIRLocalFlow.qll @@ -1,119 +1,44 @@ private import cpp -// The `ValueNumbering` library has to be imported right after `cpp` to ensure -// that the cached IR gets the same checksum here as it does in queries that use -// `ValueNumbering` without `DataFlow`. -private import semmle.code.cpp.ir.ValueNumbering private import semmle.code.cpp.ir.IR -private import semmle.code.cpp.ir.dataflow.DataFlow private import semmle.code.cpp.ir.dataflow.internal.DataFlowUtil +private import SsaInternals as Ssa private import PrintIRUtilities /** * Gets the local dataflow from other nodes in the same function to this node. */ -private string getFromFlow(DataFlow::Node useNode, int order1, int order2) { - exists(DataFlow::Node defNode, string prefix | - ( - simpleLocalFlowStep(defNode, useNode) and prefix = "" - or - any(DataFlow::Configuration cfg).isAdditionalFlowStep(defNode, useNode) and - defNode.getEnclosingCallable() = useNode.getEnclosingCallable() and - prefix = "+" - ) and - if defNode.asInstruction() = useNode.asOperand().getAnyDef() - then - // Shorthand for flow from the def of this operand. - result = prefix + "def" and - order1 = -1 and - order2 = 0 - else - if defNode.asOperand().getUse() = useNode.asInstruction() - then - // Shorthand for flow from an operand of this instruction - result = prefix + defNode.asOperand().getDumpId() and - order1 = -1 and - order2 = defNode.asOperand().getDumpSortOrder() - else result = prefix + nodeId(defNode, order1, order2) +private string getFromFlow(Node node2, int order1, int order2) { + exists(Node node1 | + simpleLocalFlowStep(node1, node2) and + result = nodeId(node1, order1, order2) ) } /** * Gets the local dataflow from this node to other nodes in the same function. */ -private string getToFlow(DataFlow::Node defNode, int order1, int order2) { - exists(DataFlow::Node useNode, string prefix | - ( - simpleLocalFlowStep(defNode, useNode) and prefix = "" - or - any(DataFlow::Configuration cfg).isAdditionalFlowStep(defNode, useNode) and - defNode.getEnclosingCallable() = useNode.getEnclosingCallable() and - prefix = "+" - ) and - if useNode.asInstruction() = defNode.asOperand().getUse() - then - // Shorthand for flow to this operand's instruction. - result = prefix + "result" and - order1 = -1 and - order2 = 0 - else result = prefix + nodeId(useNode, order1, order2) +private string getToFlow(Node node1, int order1, int order2) { + exists(Node node2 | + simpleLocalFlowStep(node1, node2) and + result = nodeId(node2, order1, order2) ) } /** * Gets the properties of the dataflow node `node`. */ -private string getNodeProperty(DataFlow::Node node, string key) { +private string getNodeProperty(Node node, string key) { // List dataflow into and out of this node. Flow into this node is printed as `src->@`, and flow // out of this node is printed as `@->dest`. key = "flow" and result = strictconcat(string flow, boolean to, int order1, int order2 | - flow = getFromFlow(node, order1, order2) + "->@" and to = false + flow = getFromFlow(node, order1, order2) + "->" + starsForNode(node) + "@" and to = false or - flow = "@->" + getToFlow(node, order1, order2) and to = true + flow = starsForNode(node) + "@->" + getToFlow(node, order1, order2) and to = true | flow, ", " order by to, order1, order2, flow ) - or - // Is this node a dataflow sink? - key = "sink" and - any(DataFlow::Configuration cfg).isSink(node) and - result = "true" - or - // Is this node a dataflow source? - key = "source" and - any(DataFlow::Configuration cfg).isSource(node) and - result = "true" - or - // Is this node a dataflow barrier, and if so, what kind? - key = "barrier" and - result = - strictconcat(string kind | - any(DataFlow::Configuration cfg).isBarrier(node) and kind = "full" - or - any(DataFlow::Configuration cfg).isBarrierIn(node) and kind = "in" - or - any(DataFlow::Configuration cfg).isBarrierOut(node) and kind = "out" - | - kind, ", " - ) - // or - // // Is there partial flow from a source to this node? - // // This property will only be emitted if partial flow is enabled by overriding - // // `DataFlow::Configuration::explorationLimit()`. - // key = "pflow" and - // result = - // strictconcat(DataFlow::PartialPathNode sourceNode, DataFlow::PartialPathNode destNode, int dist, - // int order1, int order2 | - // any(DataFlow::Configuration cfg).hasPartialFlow(sourceNode, destNode, dist) and - // destNode.getNode() = node and - // // Only print flow from a source in the same function. - // sourceNode.getNode().getEnclosingCallable() = node.getEnclosingCallable() - // | - // nodeId(sourceNode.getNode(), order1, order2) + "+" + dist.toString(), ", " - // order by - // order1, order2, dist desc - // ) } /** @@ -121,16 +46,21 @@ private string getNodeProperty(DataFlow::Node node, string key) { */ class LocalFlowPropertyProvider extends IRPropertyProvider { override string getOperandProperty(Operand operand, string key) { - exists(DataFlow::Node node | - operand = node.asOperand() and + exists(Node node | + operand = [node.asOperand(), node.(RawIndirectOperand).getOperand()] and result = getNodeProperty(node, key) ) } override string getInstructionProperty(Instruction instruction, string key) { - exists(DataFlow::Node node | - instruction = node.asInstruction() and + exists(Node node | + instruction = [node.asInstruction(), node.(RawIndirectInstruction).getInstruction()] + | result = getNodeProperty(node, key) ) } + + override predicate shouldPrintOperand(Operand operand) { not Ssa::ignoreOperand(operand) } + + override predicate shouldPrintInstruction(Instruction instr) { not Ssa::ignoreInstruction(instr) } } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/PrintIRStoreSteps.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/PrintIRStoreSteps.qll deleted file mode 100644 index 8c318216217..00000000000 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/PrintIRStoreSteps.qll +++ /dev/null @@ -1,33 +0,0 @@ -/** - * Print the dataflow local store steps in IR dumps. - */ - -private import cpp -// The `ValueNumbering` library has to be imported right after `cpp` to ensure -// that the cached IR gets the same checksum here as it does in queries that use -// `ValueNumbering` without `DataFlow`. -private import semmle.code.cpp.ir.ValueNumbering -private import semmle.code.cpp.ir.IR -private import semmle.code.cpp.ir.dataflow.DataFlow -private import semmle.code.cpp.ir.dataflow.internal.DataFlowUtil -private import semmle.code.cpp.ir.dataflow.internal.DataFlowPrivate -private import PrintIRUtilities - -/** - * Property provider for local IR dataflow store steps. - */ -class LocalFlowPropertyProvider extends IRPropertyProvider { - override string getInstructionProperty(Instruction instruction, string key) { - exists(DataFlow::Node objectNode, Content content | - key = "content[" + content.toString() + "]" and - instruction = objectNode.asInstruction() and - result = - strictconcat(string element, DataFlow::Node fieldNode | - storeStep(fieldNode, content, objectNode) and - element = nodeId(fieldNode, _, _) - | - element, ", " - ) - ) - } -} diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/PrintIRUtilities.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/PrintIRUtilities.qll index 5fc15cf986c..5c6cdebf800 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/PrintIRUtilities.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/PrintIRUtilities.qll @@ -3,37 +3,59 @@ */ private import cpp -// The `ValueNumbering` library has to be imported right after `cpp` to ensure -// that the cached IR gets the same checksum here as it does in queries that use -// `ValueNumbering` without `DataFlow`. -private import semmle.code.cpp.ir.ValueNumbering private import semmle.code.cpp.ir.IR -private import semmle.code.cpp.ir.dataflow.DataFlow +private import semmle.code.cpp.ir.dataflow.internal.DataFlowUtil +private import semmle.code.cpp.ir.dataflow.internal.DataFlowPrivate + +private string stars(int k) { + k = + [0 .. max([ + any(RawIndirectInstruction n).getIndirectionIndex(), + any(RawIndirectOperand n).getIndirectionIndex() + ] + )] and + (if k = 0 then result = "" else result = "*" + stars(k - 1)) +} + +string starsForNode(Node node) { + result = stars(node.(IndirectInstruction).getIndirectionIndex()) + or + result = stars(node.(IndirectOperand).getIndirectionIndex()) + or + not node instanceof IndirectInstruction and + not node instanceof IndirectOperand and + result = "" +} + +private Instruction getInstruction(Node n, string stars) { + result = [n.asInstruction(), n.(RawIndirectInstruction).getInstruction()] and + stars = starsForNode(n) +} + +private Operand getOperand(Node n, string stars) { + result = [n.asOperand(), n.(RawIndirectOperand).getOperand()] and + stars = starsForNode(n) +} /** * Gets a short ID for an IR dataflow node. * - For `Instruction`s, this is just the result ID of the instruction (e.g. `m128`). * - For `Operand`s, this is the label of the operand, prefixed with the result ID of the * instruction and a dot (e.g. `m128.left`). - * - For `Variable`s, this is the qualified name of the variable. */ -string nodeId(DataFlow::Node node, int order1, int order2) { - exists(Instruction instruction | instruction = node.asInstruction() | - result = instruction.getResultId() and +string nodeId(Node node, int order1, int order2) { + exists(Instruction instruction, string stars | instruction = getInstruction(node, stars) | + result = stars + instruction.getResultId() and order1 = instruction.getBlock().getDisplayIndex() and order2 = instruction.getDisplayIndexInBlock() ) or - exists(Operand operand, Instruction instruction | - operand = node.asOperand() and + exists(Operand operand, Instruction instruction, string stars | + operand = getOperand(node, stars) and instruction = operand.getUse() | - result = instruction.getResultId() + "." + operand.getDumpId() and + result = stars + instruction.getResultId() + "." + operand.getDumpId() and order1 = instruction.getBlock().getDisplayIndex() and order2 = instruction.getDisplayIndexInBlock() ) - or - result = "var(" + node.asVariable().getQualifiedName() + ")" and - order1 = 1000000 and - order2 = 0 } diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/dataflow/ProductFlow.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/ProductFlow.qll similarity index 76% rename from cpp/ql/lib/experimental/semmle/code/cpp/dataflow/ProductFlow.qll rename to cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/ProductFlow.qll index c2c27158434..cb06245c568 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/dataflow/ProductFlow.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/ProductFlow.qll @@ -1,10 +1,29 @@ -import semmle.code.cpp.ir.dataflow.DataFlow -private import semmle.code.cpp.ir.dataflow.internal.DataFlowPrivate -private import semmle.code.cpp.ir.dataflow.internal.DataFlowUtil -private import semmle.code.cpp.ir.dataflow.internal.DataFlowImplCommon +/** + * Provides a library for global (inter-procedural) data flow analysis of two + * values "simultaneously". This can be used, for example, if you want to track + * a memory allocation as well as the size of the allocation. + * + * Intuitively, you can think of this as regular dataflow, but where each node + * in the dataflow graph has been replaced by a pair of nodes `(node1, node2)`, + * and two node pairs `(n11, n12)`, `(n21, n22)` is then connected by a dataflow + * edge if there's a regular dataflow edge between `n11` and `n21`, and `n12` + * and `n22`. + * + * Note that the above intuition does not reflect the actual implementation. + */ + +import semmle.code.cpp.dataflow.new.DataFlow +private import DataFlowPrivate +private import DataFlowUtil +private import DataFlowImplCommon private import codeql.util.Unit +/** + * Provides classes for performing global (inter-procedural) data flow analyses + * on a product dataflow graph. + */ module ProductFlow { + /** An input configuration for product data-flow. */ signature module ConfigSig { /** * Holds if `(source1, source2)` is a relevant data flow source. @@ -70,6 +89,9 @@ module ProductFlow { default predicate isBarrierIn2(DataFlow::Node node) { none() } } + /** + * The output of a global data flow computation. + */ module Global { private module StateConfig implements StateConfigSig { class FlowState1 = Unit; @@ -138,6 +160,7 @@ module ProductFlow { import GlobalWithState } + /** An input configuration for data flow using flow state. */ signature module StateConfigSig { bindingset[this] class FlowState1; @@ -247,6 +270,9 @@ module ProductFlow { default predicate isBarrierIn2(DataFlow::Node node) { none() } } + /** + * The output of a global data flow computation. + */ module GlobalWithState { class PathNode1 = Flow1::PathNode; @@ -260,6 +286,7 @@ module ProductFlow { class FlowState2 = Config::FlowState2; + /** Holds if data can flow from `(source1, source2)` to `(sink1, sink2)`. */ predicate flowPath( Flow1::PathNode source1, Flow2::PathNode source2, Flow1::PathNode sink1, Flow2::PathNode sink2 ) { @@ -290,9 +317,9 @@ module ProductFlow { predicate isBarrierIn(DataFlow::Node node) { Config::isBarrierIn1(node) } } - module Flow1 = DataFlow::GlobalWithState; + private module Flow1 = DataFlow::GlobalWithState; - module Config2 implements DataFlow::StateConfigSig { + private module Config2 implements DataFlow::StateConfigSig { class FlowState = FlowState2; predicate isSource(DataFlow::Node source, FlowState state) { @@ -322,27 +349,90 @@ module ProductFlow { predicate isBarrierIn(DataFlow::Node node) { Config::isBarrierIn2(node) } } - module Flow2 = DataFlow::GlobalWithState; + private module Flow2 = DataFlow::GlobalWithState; + + private predicate isSourcePair(Flow1::PathNode node1, Flow2::PathNode node2) { + Config::isSourcePair(node1.getNode(), node1.getState(), node2.getNode(), node2.getState()) + } + + private predicate isSinkPair(Flow1::PathNode node1, Flow2::PathNode node2) { + Config::isSinkPair(node1.getNode(), node1.getState(), node2.getNode(), node2.getState()) + } + + pragma[assume_small_delta] + pragma[nomagic] + private predicate fwdReachableInterprocEntry(Flow1::PathNode node1, Flow2::PathNode node2) { + isSourcePair(node1, node2) + or + fwdIsSuccessor(_, _, node1, node2) + } pragma[nomagic] - private predicate reachableInterprocEntry( - Flow1::PathNode source1, Flow2::PathNode source2, Flow1::PathNode node1, Flow2::PathNode node2 + private predicate fwdIsSuccessorExit( + Flow1::PathNode mid1, Flow2::PathNode mid2, Flow1::PathNode succ1, Flow2::PathNode succ2 ) { - Config::isSourcePair(node1.getNode(), node1.getState(), node2.getNode(), node2.getState()) and - node1 = source1 and - node2 = source2 + isSinkPair(mid1, mid2) and + succ1 = mid1 and + succ2 = mid2 or - exists( - Flow1::PathNode midEntry1, Flow2::PathNode midEntry2, Flow1::PathNode midExit1, - Flow2::PathNode midExit2 - | - reachableInterprocEntry(source1, source2, midEntry1, midEntry2) and - interprocEdgePair(midExit1, midExit2, node1, node2) and - localPathStep1*(midEntry1, midExit1) and - localPathStep2*(midEntry2, midExit2) + interprocEdgePair(mid1, mid2, succ1, succ2) + } + + private predicate fwdIsSuccessor1( + Flow1::PathNode pred1, Flow2::PathNode pred2, Flow1::PathNode mid1, Flow2::PathNode mid2, + Flow1::PathNode succ1, Flow2::PathNode succ2 + ) { + fwdReachableInterprocEntry(pred1, pred2) and + localPathStep1*(pred1, mid1) and + fwdIsSuccessorExit(pragma[only_bind_into](mid1), pragma[only_bind_into](mid2), succ1, succ2) + } + + private predicate fwdIsSuccessor2( + Flow1::PathNode pred1, Flow2::PathNode pred2, Flow1::PathNode mid1, Flow2::PathNode mid2, + Flow1::PathNode succ1, Flow2::PathNode succ2 + ) { + fwdReachableInterprocEntry(pred1, pred2) and + localPathStep2*(pred2, mid2) and + fwdIsSuccessorExit(pragma[only_bind_into](mid1), pragma[only_bind_into](mid2), succ1, succ2) + } + + pragma[assume_small_delta] + private predicate fwdIsSuccessor( + Flow1::PathNode pred1, Flow2::PathNode pred2, Flow1::PathNode succ1, Flow2::PathNode succ2 + ) { + exists(Flow1::PathNode mid1, Flow2::PathNode mid2 | + fwdIsSuccessor1(pred1, pred2, mid1, mid2, succ1, succ2) and + fwdIsSuccessor2(pred1, pred2, mid1, mid2, succ1, succ2) ) } + pragma[assume_small_delta] + pragma[nomagic] + private predicate revReachableInterprocEntry(Flow1::PathNode node1, Flow2::PathNode node2) { + fwdReachableInterprocEntry(node1, node2) and + isSinkPair(node1, node2) + or + exists(Flow1::PathNode succ1, Flow2::PathNode succ2 | + revReachableInterprocEntry(succ1, succ2) and + fwdIsSuccessor(node1, node2, succ1, succ2) + ) + } + + private newtype TNodePair = + TMkNodePair(Flow1::PathNode node1, Flow2::PathNode node2) { + revReachableInterprocEntry(node1, node2) + } + + private predicate pathSucc(TNodePair n1, TNodePair n2) { + exists(Flow1::PathNode n11, Flow2::PathNode n12, Flow1::PathNode n21, Flow2::PathNode n22 | + n1 = TMkNodePair(n11, n12) and + n2 = TMkNodePair(n21, n22) and + fwdIsSuccessor(n11, n12, n21, n22) + ) + } + + private predicate pathSuccPlus(TNodePair n1, TNodePair n2) = fastTC(pathSucc/2)(n1, n2) + private predicate localPathStep1(Flow1::PathNode pred, Flow1::PathNode succ) { Flow1::PathGraph::edges(pred, succ) and pragma[only_bind_out](pred.getNode().getEnclosingCallable()) = @@ -474,11 +564,14 @@ module ProductFlow { private predicate reachable( Flow1::PathNode source1, Flow2::PathNode source2, Flow1::PathNode sink1, Flow2::PathNode sink2 ) { - exists(Flow1::PathNode mid1, Flow2::PathNode mid2 | - reachableInterprocEntry(source1, source2, mid1, mid2) and - Config::isSinkPair(sink1.getNode(), sink1.getState(), sink2.getNode(), sink2.getState()) and - localPathStep1*(mid1, sink1) and - localPathStep2*(mid2, sink2) + isSourcePair(source1, source2) and + isSinkPair(sink1, sink2) and + exists(TNodePair n1, TNodePair n2 | + n1 = TMkNodePair(source1, source2) and + n2 = TMkNodePair(sink1, sink2) + | + pathSuccPlus(n1, n2) or + n1 = n2 ) } } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaInternals.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaInternals.qll index a1cfa44bb8e..551653c3aca 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaInternals.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaInternals.qll @@ -657,27 +657,20 @@ private predicate indirectConversionFlowStep(Node nFrom, Node nTo) { * So this predicate recurses back along conversions and `PointerArithmeticInstruction`s to find the * first use that has provides use-use flow, and uses that target as the target of the `nodeFrom`. */ -private predicate adjustForPointerArith( - DefOrUse defOrUse, Node nodeFrom, UseOrPhi use, boolean uncertain -) { - nodeFrom = any(PostUpdateNode pun).getPreUpdateNode() and - exists(Node adjusted | - indirectConversionFlowStep*(adjusted, nodeFrom) and - nodeToDefOrUse(adjusted, defOrUse, uncertain) and +private predicate adjustForPointerArith(PostUpdateNode pun, UseOrPhi use) { + exists(DefOrUse defOrUse, Node adjusted | + indirectConversionFlowStep*(adjusted, pun.getPreUpdateNode()) and + nodeToDefOrUse(adjusted, defOrUse, _) and adjacentDefRead(defOrUse, use) ) } private predicate ssaFlowImpl(SsaDefOrUse defOrUse, Node nodeFrom, Node nodeTo, boolean uncertain) { - // `nodeFrom = any(PostUpdateNode pun).getPreUpdateNode()` is implied by adjustedForPointerArith. exists(UseOrPhi use | - adjustForPointerArith(defOrUse, nodeFrom, use, uncertain) and - useToNode(use, nodeTo) - or - not nodeFrom = any(PostUpdateNode pun).getPreUpdateNode() and nodeToDefOrUse(nodeFrom, defOrUse, uncertain) and adjacentDefRead(defOrUse, use) and - useToNode(use, nodeTo) + useToNode(use, nodeTo) and + nodeFrom != nodeTo or // Initial global variable value to a first use nodeFrom.(InitialGlobalValue).getGlobalDef() = defOrUse and @@ -712,11 +705,28 @@ private Node getAPriorDefinition(SsaDefOrUse defOrUse) { /** Holds if there is def-use or use-use flow from `nodeFrom` to `nodeTo`. */ predicate ssaFlow(Node nodeFrom, Node nodeTo) { exists(Node nFrom, boolean uncertain, SsaDefOrUse defOrUse | - ssaFlowImpl(defOrUse, nFrom, nodeTo, uncertain) and + ssaFlowImpl(defOrUse, nFrom, nodeTo, uncertain) and nodeFrom != nodeTo + | if uncertain = true then nodeFrom = [nFrom, getAPriorDefinition(defOrUse)] else nodeFrom = nFrom ) } +private predicate isArgumentOfCallable(DataFlowCall call, ArgumentNode arg) { + arg.argumentOf(call, _) +} + +/** Holds if there is def-use or use-use flow from `pun` to `nodeTo`. */ +predicate postUpdateFlow(PostUpdateNode pun, Node nodeTo) { + exists(UseOrPhi use, Node preUpdate | + adjustForPointerArith(pun, use) and + useToNode(use, nodeTo) and + preUpdate = pun.getPreUpdateNode() and + not exists(DataFlowCall call | + isArgumentOfCallable(call, preUpdate) and isArgumentOfCallable(call, nodeTo) + ) + ) +} + /** * Holds if `use` is a use of `sv` and is a next adjacent use of `phi` in * index `i1` in basic block `bb1`. @@ -742,6 +752,7 @@ predicate fromPhiNode(SsaPhiNode nodeFrom, Node nodeTo) { fromPhiNodeToUse(phi, sv, bb1, i1, use) or exists(PhiNode phiTo | + phi != phiTo and lastRefRedefExt(phi, _, _, phiTo) and nodeTo.(SsaPhiNode).getPhiNode() = phiTo ) @@ -998,6 +1009,14 @@ class PhiNode extends SsaImpl::DefinitionExt { this instanceof SsaImpl::PhiNode or this instanceof SsaImpl::PhiReadNode } + + /** + * Holds if this phi node is a phi-read node. + * + * Phi-read nodes are like normal phi nodes, but they are inserted based + * on reads instead of writes. + */ + predicate isPhiRead() { this instanceof SsaImpl::PhiReadNode } } class DefinitionExt = SsaImpl::DefinitionExt; diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaInternalsCommon.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaInternalsCommon.qll index dca2b3850ba..d8571b8b74a 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaInternalsCommon.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaInternalsCommon.qll @@ -144,6 +144,20 @@ class AllocationInstruction extends CallInstruction { AllocationInstruction() { this.getStaticCallTarget() instanceof Cpp::AllocationFunction } } +private predicate isIndirectionType(Type t) { t instanceof Indirection } + +private predicate hasUnspecifiedBaseType(Indirection t, Type base) { + base = t.getBaseType().getUnspecifiedType() +} + +/** + * Holds if `t2` is the same type as `t1`, but after stripping away `result` number + * of indirections. + * Furthermore, specifies in `t2` been deeply stripped and typedefs has been resolved. + */ +private int getNumberOfIndirectionsImpl(Type t1, Type t2) = + shortestDistances(isIndirectionType/1, hasUnspecifiedBaseType/2)(t1, t2, result) + /** * An abstract class for handling indirections. * @@ -162,7 +176,10 @@ abstract class Indirection extends Type { * For example, the number of indirections of a variable `p` of type * `int**` is `3` (i.e., `p`, `*p` and `**p`). */ - abstract int getNumberOfIndirections(); + final int getNumberOfIndirections() { + result = + getNumberOfIndirectionsImpl(this.getType(), any(Type end | not end instanceof Indirection)) + } /** * Holds if `deref` is an instruction that behaves as a `LoadInstruction` @@ -200,19 +217,11 @@ private class PointerOrArrayOrReferenceTypeIndirection extends Indirection insta PointerOrArrayOrReferenceTypeIndirection() { baseType = PointerOrArrayOrReferenceType.super.getBaseType() } - - override int getNumberOfIndirections() { - result = 1 + countIndirections(this.getBaseType().getUnspecifiedType()) - } } private class PointerWrapperTypeIndirection extends Indirection instanceof PointerWrapper { PointerWrapperTypeIndirection() { baseType = PointerWrapper.super.getBaseType() } - override int getNumberOfIndirections() { - result = 1 + countIndirections(this.getBaseType().getUnspecifiedType()) - } - override predicate isAdditionalDereference(Instruction deref, Operand address) { exists(CallInstruction call | operandForFullyConvertedCall(getAUse(deref), call) and @@ -233,10 +242,6 @@ private module IteratorIndirections { baseType = super.getValueType() } - override int getNumberOfIndirections() { - result = 1 + countIndirections(this.getBaseType().getUnspecifiedType()) - } - override predicate isAdditionalDereference(Instruction deref, Operand address) { exists(CallInstruction call | operandForFullyConvertedCall(getAUse(deref), call) and diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/IRType.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/IRType.qll index e0bccafae6b..9fbcf8c4a3b 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/IRType.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/IRType.qll @@ -39,7 +39,7 @@ class IRType extends TIRType { * Gets a string that uniquely identifies this `IRType`. This string is often the same as the * result of `IRType.toString()`, but for some types it may be more verbose to ensure uniqueness. */ - string getIdentityString() { result = toString() } + string getIdentityString() { result = this.toString() } /** * Gets the size of the type, in bytes, if known. @@ -206,7 +206,7 @@ class IRFloatingPointType extends IRNumericType, TIRFloatingPointType { IRFloatingPointType() { this = TIRFloatingPointType(_, base, domain) } final override string toString() { - result = getDomainPrefix() + getBaseString() + byteSize.toString() + result = this.getDomainPrefix() + this.getBaseString() + byteSize.toString() } final override Language::LanguageType getCanonicalLanguageType() { diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/Opcode.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/Opcode.qll index 7b064340ffe..a9ecdf46984 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/Opcode.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/Opcode.qll @@ -135,11 +135,11 @@ class Opcode extends TOpcode { * Holds if the instruction must have an operand with the specified `OperandTag`. */ final predicate hasOperand(OperandTag tag) { - hasOperandInternal(tag) + this.hasOperandInternal(tag) or - hasAddressOperand() and tag instanceof AddressOperandTag + this.hasAddressOperand() and tag instanceof AddressOperandTag or - hasBufferSizeOperand() and tag instanceof BufferSizeOperandTag + this.hasBufferSizeOperand() and tag instanceof BufferSizeOperandTag } /** diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IR.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IR.qll index c96783fe6e8..79873d8366e 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IR.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IR.qll @@ -77,4 +77,16 @@ class IRPropertyProvider extends TIRPropertyProvider { * Gets the value of the property named `key` for the specified operand. */ string getOperandProperty(Operand operand, string key) { none() } + + /** + * Holds if the instruction `instr` should be included when printing + * the IR instructions. + */ + predicate shouldPrintInstruction(Instruction instr) { any() } + + /** + * Holds if the operand `operand` should be included when printing the an + * instruction's operand list. + */ + predicate shouldPrintOperand(Operand operand) { any() } } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRFunction.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRFunction.qll index 5968e58f90b..354ba41e3d1 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRFunction.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRFunction.qll @@ -45,7 +45,9 @@ class IRFunction extends IRFunctionBase { * Gets the block containing the entry point of this function. */ pragma[noinline] - final IRBlock getEntryBlock() { result.getFirstInstruction() = getEnterFunctionInstruction() } + final IRBlock getEntryBlock() { + result.getFirstInstruction() = this.getEnterFunctionInstruction() + } /** * Gets all instructions in this function. diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRVariable.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRVariable.qll index c92082d767d..b31c7898ba7 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRVariable.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRVariable.qll @@ -39,12 +39,12 @@ class IRVariable extends TIRVariable { /** * Gets the type of the variable. */ - final Language::Type getType() { getLanguageType().hasType(result, false) } + final Language::Type getType() { this.getLanguageType().hasType(result, false) } /** * Gets the language-neutral type of the variable. */ - final IRType getIRType() { result = getLanguageType().getIRType() } + final IRType getIRType() { result = this.getLanguageType().getIRType() } /** * Gets the type of the variable. @@ -58,7 +58,7 @@ class IRVariable extends TIRVariable { Language::AST getAst() { none() } /** DEPRECATED: Alias for getAst */ - deprecated Language::AST getAST() { result = getAst() } + deprecated Language::AST getAST() { result = this.getAst() } /** * Gets an identifier string for the variable. This identifier is unique @@ -69,7 +69,7 @@ class IRVariable extends TIRVariable { /** * Gets the source location of this variable. */ - final Language::Location getLocation() { result = getAst().getLocation() } + final Language::Location getLocation() { result = this.getAst().getLocation() } /** * Gets the IR for the function that references this variable. @@ -91,15 +91,15 @@ class IRUserVariable extends IRVariable, TIRUserVariable { IRUserVariable() { this = TIRUserVariable(var, type, func) } - final override string toString() { result = getVariable().toString() } + final override string toString() { result = this.getVariable().toString() } final override Language::AST getAst() { result = var } /** DEPRECATED: Alias for getAst */ - deprecated override Language::AST getAST() { result = getAst() } + deprecated override Language::AST getAST() { result = this.getAst() } final override string getUniqueId() { - result = getVariable().toString() + " " + getVariable().getLocation().toString() + result = this.getVariable().toString() + " " + this.getVariable().getLocation().toString() } final override Language::LanguageType getLanguageType() { result = type } @@ -166,9 +166,9 @@ class IRGeneratedVariable extends IRVariable { final override Language::AST getAst() { result = ast } /** DEPRECATED: Alias for getAst */ - deprecated override Language::AST getAST() { result = getAst() } + deprecated override Language::AST getAST() { result = this.getAst() } - override string toString() { result = getBaseString() + getLocationString() } + override string toString() { result = this.getBaseString() + this.getLocationString() } override string getUniqueId() { none() } @@ -272,7 +272,7 @@ class IRStringLiteral extends IRGeneratedVariable, TIRStringLiteral { final override predicate isReadOnly() { any() } final override string getUniqueId() { - result = "String: " + getLocationString() + "=" + Language::getStringLiteralText(literal) + result = "String: " + this.getLocationString() + "=" + Language::getStringLiteralText(literal) } final override string getBaseString() { result = "#string" } @@ -303,7 +303,8 @@ class IRDynamicInitializationFlag extends IRGeneratedVariable, TIRDynamicInitial final Language::Variable getVariable() { result = var } final override string getUniqueId() { - result = "Init: " + getVariable().toString() + " " + getVariable().getLocation().toString() + result = + "Init: " + this.getVariable().toString() + " " + this.getVariable().getLocation().toString() } final override string getBaseString() { result = "#init:" + var.toString() + ":" } @@ -332,5 +333,5 @@ class IRParameter extends IRAutomaticVariable { * An IR variable representing a positional parameter. */ class IRPositionalParameter extends IRParameter, IRAutomaticUserVariable { - final override int getIndex() { result = getVariable().(Language::Parameter).getIndex() } + final override int getIndex() { result = this.getVariable().(Language::Parameter).getIndex() } } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/Instruction.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/Instruction.qll index 0aa7c552638..1b5ea432946 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/Instruction.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/Instruction.qll @@ -210,9 +210,6 @@ class Instruction extends Construction::TStageInstruction { */ final Language::AST getAst() { result = Construction::getInstructionAst(this) } - /** DEPRECATED: Alias for getAst */ - deprecated Language::AST getAST() { result = this.getAst() } - /** * Gets the location of the source code for this instruction. */ @@ -463,9 +460,6 @@ class VariableInstruction extends Instruction { * Gets the AST variable that this instruction's IR variable refers to, if one exists. */ final Language::Variable getAstVariable() { result = var.(IRUserVariable).getVariable() } - - /** DEPRECATED: Alias for getAstVariable */ - deprecated Language::Variable getASTVariable() { result = this.getAstVariable() } } /** diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/PrintIR.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/PrintIR.qll index aae12b0047a..b9106a7bfc7 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/PrintIR.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/PrintIR.qll @@ -42,6 +42,14 @@ private predicate shouldPrintFunction(Language::Declaration decl) { exists(PrintIRConfiguration config | config.shouldPrintFunction(decl)) } +private predicate shouldPrintInstruction(Instruction i) { + exists(IRPropertyProvider provider | provider.shouldPrintInstruction(i)) +} + +private predicate shouldPrintOperand(Operand operand) { + exists(IRPropertyProvider provider | provider.shouldPrintOperand(operand)) +} + private string getAdditionalInstructionProperty(Instruction instr, string key) { exists(IRPropertyProvider provider | result = provider.getInstructionProperty(instr, key)) } @@ -84,7 +92,9 @@ private string getOperandPropertyString(Operand operand) { private newtype TPrintableIRNode = TPrintableIRFunction(IRFunction irFunc) { shouldPrintFunction(irFunc.getFunction()) } or TPrintableIRBlock(IRBlock block) { shouldPrintFunction(block.getEnclosingFunction()) } or - TPrintableInstruction(Instruction instr) { shouldPrintFunction(instr.getEnclosingFunction()) } + TPrintableInstruction(Instruction instr) { + shouldPrintInstruction(instr) and shouldPrintFunction(instr.getEnclosingFunction()) + } /** * A node to be emitted in the IR graph. @@ -127,13 +137,13 @@ abstract private class PrintableIRNode extends TPrintableIRNode { * Gets the value of the node property with the specified key. */ string getProperty(string key) { - key = "semmle.label" and result = getLabel() + key = "semmle.label" and result = this.getLabel() or - key = "semmle.order" and result = getOrder().toString() + key = "semmle.order" and result = this.getOrder().toString() or - key = "semmle.graphKind" and result = getGraphKind() + key = "semmle.graphKind" and result = this.getGraphKind() or - key = "semmle.forceText" and forceText() and result = "true" + key = "semmle.forceText" and this.forceText() and result = "true" } } @@ -178,7 +188,7 @@ private class PrintableIRBlock extends PrintableIRNode, TPrintableIRBlock { PrintableIRBlock() { this = TPrintableIRBlock(block) } - override string toString() { result = getLabel() } + override string toString() { result = this.getLabel() } override Language::Location getLocation() { result = block.getLocation() } @@ -223,7 +233,7 @@ private class PrintableInstruction extends PrintableIRNode, TPrintableInstructio | resultString = instr.getResultString() and operationString = instr.getOperationString() and - operandsString = getOperandsString() and + operandsString = this.getOperandsString() and columnWidths(block, resultWidth, operationWidth) and result = resultString + getPaddingString(resultWidth - resultString.length()) + " = " + @@ -252,7 +262,8 @@ private class PrintableInstruction extends PrintableIRNode, TPrintableInstructio private string getOperandsString() { result = concat(Operand operand | - operand = instr.getAnOperand() + operand = instr.getAnOperand() and + shouldPrintOperand(operand) | operand.getDumpString() + getOperandPropertyString(operand), ", " order by diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/gvn/ValueNumbering.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/gvn/ValueNumbering.qll index ca3c378cd7e..2a46e16c52f 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/gvn/ValueNumbering.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/gvn/ValueNumbering.qll @@ -7,17 +7,19 @@ private import internal.ValueNumberingImports class ValueNumber extends TValueNumber { final string toString() { result = "GVN" } - final string getDebugString() { result = strictconcat(getAnInstruction().getResultId(), ", ") } + final string getDebugString() { + result = strictconcat(this.getAnInstruction().getResultId(), ", ") + } final Language::Location getLocation() { if exists(Instruction i | - i = getAnInstruction() and not i.getLocation() instanceof Language::UnknownLocation + i = this.getAnInstruction() and not i.getLocation() instanceof Language::UnknownLocation ) then result = min(Language::Location l | - l = getAnInstruction().getLocation() and not l instanceof Language::UnknownLocation + l = this.getAnInstruction().getLocation() and not l instanceof Language::UnknownLocation | l order by @@ -40,7 +42,7 @@ class ValueNumber extends TValueNumber { final Instruction getExampleInstruction() { result = min(Instruction instr | - instr = getAnInstruction() + instr = this.getAnInstruction() | instr order by instr.getBlock().getDisplayIndex(), instr.getDisplayIndexInBlock() ) diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/AliasConfiguration.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/AliasConfiguration.qll index 7e12ebc1c90..8cf69dec6ef 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/AliasConfiguration.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/AliasConfiguration.qll @@ -22,7 +22,7 @@ private newtype TAllocation = abstract class Allocation extends TAllocation { abstract string toString(); - final string getAllocationString() { result = toString() } + final string getAllocationString() { result = this.toString() } abstract Instruction getABaseInstruction(); diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/AliasedSSA.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/AliasedSSA.qll index 4e606c1f9c5..1dd116d6c0e 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/AliasedSSA.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/AliasedSSA.qll @@ -95,7 +95,9 @@ private newtype TMemoryLocation = */ abstract class MemoryLocation extends TMemoryLocation { final string toString() { - if isMayAccess() then result = "?" + toStringInternal() else result = toStringInternal() + if this.isMayAccess() + then result = "?" + this.toStringInternal() + else result = this.toStringInternal() } abstract string toStringInternal(); @@ -110,7 +112,7 @@ abstract class MemoryLocation extends TMemoryLocation { abstract Location getLocation(); - final IRType getIRType() { result = getType().getIRType() } + final IRType getIRType() { result = this.getType().getIRType() } abstract predicate isMayAccess(); @@ -136,7 +138,7 @@ abstract class MemoryLocation extends TMemoryLocation { final predicate canReuseSsa() { none() } /** DEPRECATED: Alias for canReuseSsa */ - deprecated predicate canReuseSSA() { canReuseSsa() } + deprecated predicate canReuseSSA() { this.canReuseSsa() } } /** @@ -191,19 +193,19 @@ class VariableMemoryLocation extends TVariableMemoryLocation, AllocationMemoryLo } private string getIntervalString() { - if coversEntireVariable() + if this.coversEntireVariable() then result = "" else result = Interval::getIntervalString(startBitOffset, endBitOffset) } private string getTypeString() { - if coversEntireVariable() and type = var.getIRType() + if this.coversEntireVariable() and type = var.getIRType() then result = "" else result = "<" + languageType.toString() + ">" } final override string toStringInternal() { - result = var.toString() + getIntervalString() + getTypeString() + result = var.toString() + this.getIntervalString() + this.getTypeString() } final override Language::LanguageType getType() { @@ -236,7 +238,7 @@ class VariableMemoryLocation extends TVariableMemoryLocation, AllocationMemoryLo /** * Holds if this memory location covers the entire variable. */ - final predicate coversEntireVariable() { varIRTypeHasBitRange(startBitOffset, endBitOffset) } + final predicate coversEntireVariable() { this.varIRTypeHasBitRange(startBitOffset, endBitOffset) } pragma[noinline] private predicate varIRTypeHasBitRange(int start, int end) { @@ -262,7 +264,7 @@ class EntireAllocationMemoryLocation extends TEntireAllocationMemoryLocation, class EntireAllocationVirtualVariable extends EntireAllocationMemoryLocation, VirtualVariable { EntireAllocationVirtualVariable() { not allocationEscapes(var) and - not isMayAccess() + not this.isMayAccess() } } @@ -275,8 +277,8 @@ class VariableVirtualVariable extends VariableMemoryLocation, VirtualVariable { VariableVirtualVariable() { not allocationEscapes(var) and type = var.getIRType() and - coversEntireVariable() and - not isMayAccess() + this.coversEntireVariable() and + not this.isMayAccess() } } @@ -337,7 +339,7 @@ class AllNonLocalMemory extends TAllNonLocalMemory, MemoryLocation { // instruction, which provides the initial definition for all memory outside of the current // function's stack frame. This memory includes string literals and other read-only globals, so // we allow such an access to be the definition for a use of a read-only location. - not isMayAccess() + not this.isMayAccess() } } @@ -360,7 +362,7 @@ class AllAliasedMemory extends TAllAliasedMemory, MemoryLocation { final override Location getLocation() { result = irFunc.getLocation() } - final override string getUniqueId() { result = " " + toString() } + final override string getUniqueId() { result = " " + this.toString() } final override VirtualVariable getVirtualVariable() { result = TAllAliasedMemory(irFunc, false) } @@ -369,7 +371,7 @@ class AllAliasedMemory extends TAllAliasedMemory, MemoryLocation { /** A virtual variable that groups all escaped memory within a function. */ class AliasedVirtualVariable extends AllAliasedMemory, VirtualVariable { - AliasedVirtualVariable() { not isMayAccess() } + AliasedVirtualVariable() { not this.isMayAccess() } } /** diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/SSAConstruction.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/SSAConstruction.qll index dc785f3e0b1..63dc4142a13 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/SSAConstruction.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/SSAConstruction.qll @@ -422,12 +422,6 @@ private module Cached { ) } - /** DEPRECATED: Alias for getInstructionAst */ - cached - deprecated Language::AST getInstructionAST(Instruction instr) { - result = getInstructionAst(instr) - } - cached Language::LanguageType getInstructionResultType(Instruction instr) { result = instr.(RawIR::Instruction).getResultLanguageType() @@ -993,9 +987,6 @@ predicate canReuseSsaForMemoryResult(Instruction instruction) { // We don't support reusing SSA for any location that could create a `Chi` instruction. } -/** DEPRECATED: Alias for canReuseSsaForMemoryResult */ -deprecated predicate canReuseSSAForMemoryResult = canReuseSsaForMemoryResult/1; - /** * Expose some of the internal predicates to PrintSSA.qll. We do this by publicly importing those modules in the * `DebugSsa` module, which is then imported by PrintSSA. @@ -1005,9 +996,6 @@ module DebugSsa { import DefUse } -/** DEPRECATED: Alias for DebugSsa */ -deprecated module DebugSSA = DebugSsa; - import CachedForDebugging cached diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/internal/OperandTag.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/internal/OperandTag.qll index 21dfedd95cd..f2e23b01a13 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/internal/OperandTag.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/internal/OperandTag.qll @@ -40,7 +40,9 @@ abstract class OperandTag extends TOperandTag { /** * Gets a label that will appear before the operand when the IR is printed. */ - final string getLabel() { if alwaysPrintLabel() then result = getId() + ":" else result = "" } + final string getLabel() { + if this.alwaysPrintLabel() then result = this.getId() + ":" else result = "" + } /** * Gets an identifier that uniquely identifies this operand within its instruction. diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/internal/TInstruction.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/internal/TInstruction.qll index 169de03c2dc..bb3eb683653 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/internal/TInstruction.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/internal/TInstruction.qll @@ -73,9 +73,6 @@ module UnaliasedSsaInstructions { } } -/** DEPRECATED: Alias for UnaliasedSsaInstructions */ -deprecated module UnaliasedSSAInstructions = UnaliasedSsaInstructions; - /** * Provides wrappers for the constructors of each branch of `TInstruction` that is used by the * aliased SSA stage. @@ -107,6 +104,3 @@ module AliasedSsaInstructions { result = TAliasedSsaUnreachedInstruction(irFunc) } } - -/** DEPRECATED: Alias for AliasedSsaInstructions */ -deprecated module AliasedSSAInstructions = AliasedSsaInstructions; diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IR.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IR.qll index c96783fe6e8..79873d8366e 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IR.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IR.qll @@ -77,4 +77,16 @@ class IRPropertyProvider extends TIRPropertyProvider { * Gets the value of the property named `key` for the specified operand. */ string getOperandProperty(Operand operand, string key) { none() } + + /** + * Holds if the instruction `instr` should be included when printing + * the IR instructions. + */ + predicate shouldPrintInstruction(Instruction instr) { any() } + + /** + * Holds if the operand `operand` should be included when printing the an + * instruction's operand list. + */ + predicate shouldPrintOperand(Operand operand) { any() } } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRFunction.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRFunction.qll index 5968e58f90b..354ba41e3d1 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRFunction.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRFunction.qll @@ -45,7 +45,9 @@ class IRFunction extends IRFunctionBase { * Gets the block containing the entry point of this function. */ pragma[noinline] - final IRBlock getEntryBlock() { result.getFirstInstruction() = getEnterFunctionInstruction() } + final IRBlock getEntryBlock() { + result.getFirstInstruction() = this.getEnterFunctionInstruction() + } /** * Gets all instructions in this function. diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRVariable.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRVariable.qll index c92082d767d..b31c7898ba7 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRVariable.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRVariable.qll @@ -39,12 +39,12 @@ class IRVariable extends TIRVariable { /** * Gets the type of the variable. */ - final Language::Type getType() { getLanguageType().hasType(result, false) } + final Language::Type getType() { this.getLanguageType().hasType(result, false) } /** * Gets the language-neutral type of the variable. */ - final IRType getIRType() { result = getLanguageType().getIRType() } + final IRType getIRType() { result = this.getLanguageType().getIRType() } /** * Gets the type of the variable. @@ -58,7 +58,7 @@ class IRVariable extends TIRVariable { Language::AST getAst() { none() } /** DEPRECATED: Alias for getAst */ - deprecated Language::AST getAST() { result = getAst() } + deprecated Language::AST getAST() { result = this.getAst() } /** * Gets an identifier string for the variable. This identifier is unique @@ -69,7 +69,7 @@ class IRVariable extends TIRVariable { /** * Gets the source location of this variable. */ - final Language::Location getLocation() { result = getAst().getLocation() } + final Language::Location getLocation() { result = this.getAst().getLocation() } /** * Gets the IR for the function that references this variable. @@ -91,15 +91,15 @@ class IRUserVariable extends IRVariable, TIRUserVariable { IRUserVariable() { this = TIRUserVariable(var, type, func) } - final override string toString() { result = getVariable().toString() } + final override string toString() { result = this.getVariable().toString() } final override Language::AST getAst() { result = var } /** DEPRECATED: Alias for getAst */ - deprecated override Language::AST getAST() { result = getAst() } + deprecated override Language::AST getAST() { result = this.getAst() } final override string getUniqueId() { - result = getVariable().toString() + " " + getVariable().getLocation().toString() + result = this.getVariable().toString() + " " + this.getVariable().getLocation().toString() } final override Language::LanguageType getLanguageType() { result = type } @@ -166,9 +166,9 @@ class IRGeneratedVariable extends IRVariable { final override Language::AST getAst() { result = ast } /** DEPRECATED: Alias for getAst */ - deprecated override Language::AST getAST() { result = getAst() } + deprecated override Language::AST getAST() { result = this.getAst() } - override string toString() { result = getBaseString() + getLocationString() } + override string toString() { result = this.getBaseString() + this.getLocationString() } override string getUniqueId() { none() } @@ -272,7 +272,7 @@ class IRStringLiteral extends IRGeneratedVariable, TIRStringLiteral { final override predicate isReadOnly() { any() } final override string getUniqueId() { - result = "String: " + getLocationString() + "=" + Language::getStringLiteralText(literal) + result = "String: " + this.getLocationString() + "=" + Language::getStringLiteralText(literal) } final override string getBaseString() { result = "#string" } @@ -303,7 +303,8 @@ class IRDynamicInitializationFlag extends IRGeneratedVariable, TIRDynamicInitial final Language::Variable getVariable() { result = var } final override string getUniqueId() { - result = "Init: " + getVariable().toString() + " " + getVariable().getLocation().toString() + result = + "Init: " + this.getVariable().toString() + " " + this.getVariable().getLocation().toString() } final override string getBaseString() { result = "#init:" + var.toString() + ":" } @@ -332,5 +333,5 @@ class IRParameter extends IRAutomaticVariable { * An IR variable representing a positional parameter. */ class IRPositionalParameter extends IRParameter, IRAutomaticUserVariable { - final override int getIndex() { result = getVariable().(Language::Parameter).getIndex() } + final override int getIndex() { result = this.getVariable().(Language::Parameter).getIndex() } } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/Instruction.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/Instruction.qll index 0aa7c552638..1b5ea432946 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/Instruction.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/Instruction.qll @@ -210,9 +210,6 @@ class Instruction extends Construction::TStageInstruction { */ final Language::AST getAst() { result = Construction::getInstructionAst(this) } - /** DEPRECATED: Alias for getAst */ - deprecated Language::AST getAST() { result = this.getAst() } - /** * Gets the location of the source code for this instruction. */ @@ -463,9 +460,6 @@ class VariableInstruction extends Instruction { * Gets the AST variable that this instruction's IR variable refers to, if one exists. */ final Language::Variable getAstVariable() { result = var.(IRUserVariable).getVariable() } - - /** DEPRECATED: Alias for getAstVariable */ - deprecated Language::Variable getASTVariable() { result = this.getAstVariable() } } /** diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/PrintIR.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/PrintIR.qll index aae12b0047a..b9106a7bfc7 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/PrintIR.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/PrintIR.qll @@ -42,6 +42,14 @@ private predicate shouldPrintFunction(Language::Declaration decl) { exists(PrintIRConfiguration config | config.shouldPrintFunction(decl)) } +private predicate shouldPrintInstruction(Instruction i) { + exists(IRPropertyProvider provider | provider.shouldPrintInstruction(i)) +} + +private predicate shouldPrintOperand(Operand operand) { + exists(IRPropertyProvider provider | provider.shouldPrintOperand(operand)) +} + private string getAdditionalInstructionProperty(Instruction instr, string key) { exists(IRPropertyProvider provider | result = provider.getInstructionProperty(instr, key)) } @@ -84,7 +92,9 @@ private string getOperandPropertyString(Operand operand) { private newtype TPrintableIRNode = TPrintableIRFunction(IRFunction irFunc) { shouldPrintFunction(irFunc.getFunction()) } or TPrintableIRBlock(IRBlock block) { shouldPrintFunction(block.getEnclosingFunction()) } or - TPrintableInstruction(Instruction instr) { shouldPrintFunction(instr.getEnclosingFunction()) } + TPrintableInstruction(Instruction instr) { + shouldPrintInstruction(instr) and shouldPrintFunction(instr.getEnclosingFunction()) + } /** * A node to be emitted in the IR graph. @@ -127,13 +137,13 @@ abstract private class PrintableIRNode extends TPrintableIRNode { * Gets the value of the node property with the specified key. */ string getProperty(string key) { - key = "semmle.label" and result = getLabel() + key = "semmle.label" and result = this.getLabel() or - key = "semmle.order" and result = getOrder().toString() + key = "semmle.order" and result = this.getOrder().toString() or - key = "semmle.graphKind" and result = getGraphKind() + key = "semmle.graphKind" and result = this.getGraphKind() or - key = "semmle.forceText" and forceText() and result = "true" + key = "semmle.forceText" and this.forceText() and result = "true" } } @@ -178,7 +188,7 @@ private class PrintableIRBlock extends PrintableIRNode, TPrintableIRBlock { PrintableIRBlock() { this = TPrintableIRBlock(block) } - override string toString() { result = getLabel() } + override string toString() { result = this.getLabel() } override Language::Location getLocation() { result = block.getLocation() } @@ -223,7 +233,7 @@ private class PrintableInstruction extends PrintableIRNode, TPrintableInstructio | resultString = instr.getResultString() and operationString = instr.getOperationString() and - operandsString = getOperandsString() and + operandsString = this.getOperandsString() and columnWidths(block, resultWidth, operationWidth) and result = resultString + getPaddingString(resultWidth - resultString.length()) + " = " + @@ -252,7 +262,8 @@ private class PrintableInstruction extends PrintableIRNode, TPrintableInstructio private string getOperandsString() { result = concat(Operand operand | - operand = instr.getAnOperand() + operand = instr.getAnOperand() and + shouldPrintOperand(operand) | operand.getDumpString() + getOperandPropertyString(operand), ", " order by diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/gvn/ValueNumbering.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/gvn/ValueNumbering.qll index ca3c378cd7e..2a46e16c52f 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/gvn/ValueNumbering.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/gvn/ValueNumbering.qll @@ -7,17 +7,19 @@ private import internal.ValueNumberingImports class ValueNumber extends TValueNumber { final string toString() { result = "GVN" } - final string getDebugString() { result = strictconcat(getAnInstruction().getResultId(), ", ") } + final string getDebugString() { + result = strictconcat(this.getAnInstruction().getResultId(), ", ") + } final Language::Location getLocation() { if exists(Instruction i | - i = getAnInstruction() and not i.getLocation() instanceof Language::UnknownLocation + i = this.getAnInstruction() and not i.getLocation() instanceof Language::UnknownLocation ) then result = min(Language::Location l | - l = getAnInstruction().getLocation() and not l instanceof Language::UnknownLocation + l = this.getAnInstruction().getLocation() and not l instanceof Language::UnknownLocation | l order by @@ -40,7 +42,7 @@ class ValueNumber extends TValueNumber { final Instruction getExampleInstruction() { result = min(Instruction instr | - instr = getAnInstruction() + instr = this.getAnInstruction() | instr order by instr.getBlock().getDisplayIndex(), instr.getDisplayIndexInBlock() ) diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCall.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCall.qll index 8eea58e170a..68f7a5fbdb4 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCall.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCall.qll @@ -31,42 +31,42 @@ abstract class TranslatedCall extends TranslatedExpr { // The qualifier is evaluated before the call target, because the value of // the call target may depend on the value of the qualifier for virtual // calls. - id = -2 and result = getQualifier() + id = -2 and result = this.getQualifier() or - id = -1 and result = getCallTarget() + id = -1 and result = this.getCallTarget() or - result = getArgument(id) + result = this.getArgument(id) or - id = getNumberOfArguments() and result = getSideEffects() + id = this.getNumberOfArguments() and result = this.getSideEffects() } final override Instruction getFirstInstruction() { - if exists(getQualifier()) - then result = getQualifier().getFirstInstruction() - else result = getFirstCallTargetInstruction() + if exists(this.getQualifier()) + then result = this.getQualifier().getFirstInstruction() + else result = this.getFirstCallTargetInstruction() } override predicate hasInstruction(Opcode opcode, InstructionTag tag, CppType resultType) { tag = CallTag() and opcode instanceof Opcode::Call and - resultType = getTypeForPRValue(getCallResultType()) + resultType = getTypeForPRValue(this.getCallResultType()) } override Instruction getChildSuccessor(TranslatedElement child) { - child = getQualifier() and - result = getFirstCallTargetInstruction() + child = this.getQualifier() and + result = this.getFirstCallTargetInstruction() or - child = getCallTarget() and - result = getFirstArgumentOrCallInstruction() + child = this.getCallTarget() and + result = this.getFirstArgumentOrCallInstruction() or exists(int argIndex | - child = getArgument(argIndex) and - if exists(getArgument(argIndex + 1)) - then result = getArgument(argIndex + 1).getFirstInstruction() - else result = getInstruction(CallTag()) + child = this.getArgument(argIndex) and + if exists(this.getArgument(argIndex + 1)) + then result = this.getArgument(argIndex + 1).getFirstInstruction() + else result = this.getInstruction(CallTag()) ) or - child = getSideEffects() and + child = this.getSideEffects() and if this.isNoReturn() then result = @@ -79,26 +79,26 @@ abstract class TranslatedCall extends TranslatedExpr { override Instruction getInstructionSuccessor(InstructionTag tag, EdgeKind kind) { kind instanceof GotoEdge and tag = CallTag() and - result = getSideEffects().getFirstInstruction() + result = this.getSideEffects().getFirstInstruction() } override Instruction getInstructionRegisterOperand(InstructionTag tag, OperandTag operandTag) { tag = CallTag() and ( operandTag instanceof CallTargetOperandTag and - result = getCallTargetResult() + result = this.getCallTargetResult() or operandTag instanceof ThisArgumentOperandTag and - result = getQualifierResult() + result = this.getQualifierResult() or exists(PositionalArgumentOperandTag argTag | argTag = operandTag and - result = getArgument(argTag.getArgIndex()).getResult() + result = this.getArgument(argTag.getArgIndex()).getResult() ) ) } - final override Instruction getResult() { result = getInstruction(CallTag()) } + final override Instruction getResult() { result = this.getInstruction(CallTag()) } /** * Gets the result type of the call. @@ -108,7 +108,7 @@ abstract class TranslatedCall extends TranslatedExpr { /** * Holds if the call has a `this` argument. */ - predicate hasQualifier() { exists(getQualifier()) } + predicate hasQualifier() { exists(this.getQualifier()) } /** * Gets the `TranslatedExpr` for the indirect target of the call, if any. @@ -121,7 +121,9 @@ abstract class TranslatedCall extends TranslatedExpr { * it can be overridden by a subclass for cases where there is a call target * that is not computed from an expression (e.g. a direct call). */ - Instruction getFirstCallTargetInstruction() { result = getCallTarget().getFirstInstruction() } + Instruction getFirstCallTargetInstruction() { + result = this.getCallTarget().getFirstInstruction() + } /** * Gets the instruction whose result value is the target of the call. By @@ -129,7 +131,7 @@ abstract class TranslatedCall extends TranslatedExpr { * overridden by a subclass for cases where there is a call target that is not * computed from an expression (e.g. a direct call). */ - Instruction getCallTargetResult() { result = getCallTarget().getResult() } + Instruction getCallTargetResult() { result = this.getCallTarget().getResult() } /** * Gets the `TranslatedExpr` for the qualifier of the call (i.e. the value @@ -143,7 +145,7 @@ abstract class TranslatedCall extends TranslatedExpr { * overridden by a subclass for cases where there is a `this` argument that is * not computed from a child expression (e.g. a constructor call). */ - Instruction getQualifierResult() { result = getQualifier().getResult() } + Instruction getQualifierResult() { result = this.getQualifier().getResult() } /** * Gets the argument with the specified `index`. Does not include the `this` @@ -158,9 +160,9 @@ abstract class TranslatedCall extends TranslatedExpr { * argument. Otherwise, returns the call instruction. */ final Instruction getFirstArgumentOrCallInstruction() { - if hasArguments() - then result = getArgument(0).getFirstInstruction() - else result = getInstruction(CallTag()) + if this.hasArguments() + then result = this.getArgument(0).getFirstInstruction() + else result = this.getInstruction(CallTag()) } /** @@ -184,17 +186,17 @@ abstract class TranslatedSideEffects extends TranslatedElement { /** Gets the expression whose side effects are being modeled. */ abstract Expr getExpr(); - final override Locatable getAst() { result = getExpr() } + final override Locatable getAst() { result = this.getExpr() } /** DEPRECATED: Alias for getAst */ - deprecated override Locatable getAST() { result = getAst() } + deprecated override Locatable getAST() { result = this.getAst() } - final override Declaration getFunction() { result = getEnclosingDeclaration(getExpr()) } + final override Declaration getFunction() { result = getEnclosingDeclaration(this.getExpr()) } final override TranslatedElement getChild(int i) { result = rank[i + 1](TranslatedSideEffect tse, int group, int indexInGroup | - tse.getPrimaryExpr() = getExpr() and + tse.getPrimaryExpr() = this.getExpr() and tse.sortOrder(group, indexInGroup) | tse order by group, indexInGroup @@ -203,10 +205,10 @@ abstract class TranslatedSideEffects extends TranslatedElement { final override Instruction getChildSuccessor(TranslatedElement te) { exists(int i | - getChild(i) = te and - if exists(getChild(i + 1)) - then result = getChild(i + 1).getFirstInstruction() - else result = getParent().getChildSuccessor(this) + this.getChild(i) = te and + if exists(this.getChild(i + 1)) + then result = this.getChild(i + 1).getFirstInstruction() + else result = this.getParent().getChildSuccessor(this) ) } @@ -215,10 +217,10 @@ abstract class TranslatedSideEffects extends TranslatedElement { } final override Instruction getFirstInstruction() { - result = getChild(0).getFirstInstruction() + result = this.getChild(0).getFirstInstruction() or // Some functions, like `std::move()`, have no side effects whatsoever. - not exists(getChild(0)) and result = getParent().getChildSuccessor(this) + not exists(this.getChild(0)) and result = this.getParent().getChildSuccessor(this) } final override Instruction getInstructionSuccessor(InstructionTag tag, EdgeKind kind) { none() } @@ -234,10 +236,10 @@ abstract class TranslatedSideEffects extends TranslatedElement { */ abstract class TranslatedDirectCall extends TranslatedCall { final override Instruction getFirstCallTargetInstruction() { - result = getInstruction(CallTargetTag()) + result = this.getInstruction(CallTargetTag()) } - final override Instruction getCallTargetResult() { result = getInstruction(CallTargetTag()) } + final override Instruction getCallTargetResult() { result = this.getInstruction(CallTargetTag()) } override predicate hasInstruction(Opcode opcode, InstructionTag tag, CppType resultType) { TranslatedCall.super.hasInstruction(opcode, tag, resultType) @@ -252,7 +254,7 @@ abstract class TranslatedDirectCall extends TranslatedCall { or tag = CallTargetTag() and kind instanceof GotoEdge and - result = getFirstArgumentOrCallInstruction() + result = this.getFirstArgumentOrCallInstruction() } } @@ -301,12 +303,12 @@ class TranslatedFunctionCall extends TranslatedCallExpr, TranslatedDirectCall { } override Instruction getQualifierResult() { - hasQualifier() and - result = getQualifier().getResult() + this.hasQualifier() and + result = this.getQualifier().getResult() } override predicate hasQualifier() { - exists(getQualifier()) and + exists(this.getQualifier()) and not exists(MemberFunction func | expr.getTarget() = func and func.isStatic()) } } @@ -322,7 +324,7 @@ class TranslatedStructorCall extends TranslatedFunctionCall { override Instruction getQualifierResult() { exists(StructorCallContext context | - context = getParent() and + context = this.getParent() and result = context.getReceiver() ) } @@ -373,24 +375,26 @@ abstract class TranslatedSideEffect extends TranslatedElement { final override Instruction getChildSuccessor(TranslatedElement child) { none() } - final override Instruction getFirstInstruction() { result = getInstruction(OnlyInstructionTag()) } + final override Instruction getFirstInstruction() { + result = this.getInstruction(OnlyInstructionTag()) + } final override predicate hasInstruction(Opcode opcode, InstructionTag tag, CppType type) { tag = OnlyInstructionTag() and - sideEffectInstruction(opcode, type) + this.sideEffectInstruction(opcode, type) } final override Instruction getInstructionSuccessor(InstructionTag tag, EdgeKind kind) { - result = getParent().getChildSuccessor(this) and + result = this.getParent().getChildSuccessor(this) and tag = OnlyInstructionTag() and kind instanceof GotoEdge } - final override Declaration getFunction() { result = getParent().getFunction() } + final override Declaration getFunction() { result = this.getParent().getFunction() } final override Instruction getPrimaryInstructionForSideEffect(InstructionTag tag) { tag = OnlyInstructionTag() and - result = getParent().(TranslatedSideEffects).getPrimaryInstruction() + result = this.getParent().(TranslatedSideEffects).getPrimaryInstruction() } /** @@ -428,18 +432,18 @@ abstract class TranslatedArgumentSideEffect extends TranslatedSideEffect { TranslatedArgumentSideEffect() { any() } override string toString() { - isWrite() and - result = "(write side effect for " + getArgString() + ")" + this.isWrite() and + result = "(write side effect for " + this.getArgString() + ")" or - not isWrite() and - result = "(read side effect for " + getArgString() + ")" + not this.isWrite() and + result = "(read side effect for " + this.getArgString() + ")" } override Call getPrimaryExpr() { result = call } override predicate sortOrder(int group, int indexInGroup) { indexInGroup = index and - if isWrite() then group = argumentWriteGroup() else group = argumentReadGroup() + if this.isWrite() then group = argumentWriteGroup() else group = argumentReadGroup() } final override int getInstructionIndex(InstructionTag tag) { @@ -450,20 +454,20 @@ abstract class TranslatedArgumentSideEffect extends TranslatedSideEffect { final override predicate sideEffectInstruction(Opcode opcode, CppType type) { opcode = sideEffectOpcode and ( - isWrite() and + this.isWrite() and ( opcode instanceof BufferAccessOpcode and type = getUnknownType() or not opcode instanceof BufferAccessOpcode and - exists(Type indirectionType | indirectionType = getIndirectionType() | + exists(Type indirectionType | indirectionType = this.getIndirectionType() | if indirectionType instanceof VoidType then type = getUnknownType() else type = getTypeForPRValueOrUnknown(indirectionType) ) ) or - not isWrite() and + not this.isWrite() and type = getVoidType() ) } @@ -471,7 +475,7 @@ abstract class TranslatedArgumentSideEffect extends TranslatedSideEffect { final override CppType getInstructionMemoryOperandType( InstructionTag tag, TypedOperandTag operandTag ) { - not isWrite() and + not this.isWrite() and if sideEffectOpcode instanceof BufferAccessOpcode then result = getUnknownType() and @@ -480,7 +484,7 @@ abstract class TranslatedArgumentSideEffect extends TranslatedSideEffect { else exists(Type operandType | tag instanceof OnlyInstructionTag and - operandType = getIndirectionType() and + operandType = this.getIndirectionType() and operandTag instanceof SideEffectOperandTag | // If the type we select is an incomplete type (e.g. a forward-declared `struct`), there will @@ -492,7 +496,7 @@ abstract class TranslatedArgumentSideEffect extends TranslatedSideEffect { final override Instruction getInstructionRegisterOperand(InstructionTag tag, OperandTag operandTag) { tag instanceof OnlyInstructionTag and operandTag instanceof AddressOperandTag and - result = getArgInstruction() + result = this.getArgInstruction() or tag instanceof OnlyInstructionTag and operandTag instanceof BufferSizeOperandTag and @@ -533,7 +537,7 @@ class TranslatedArgumentExprSideEffect extends TranslatedArgumentSideEffect, final override Locatable getAst() { result = arg } /** DEPRECATED: Alias for getAst */ - deprecated override Locatable getAST() { result = getAst() } + deprecated override Locatable getAST() { result = this.getAst() } final override Type getIndirectionType() { result = arg.getUnspecifiedType().(DerivedType).getBaseType() @@ -568,7 +572,7 @@ class TranslatedStructorQualifierSideEffect extends TranslatedArgumentSideEffect final override Locatable getAst() { result = call } /** DEPRECATED: Alias for getAst */ - deprecated override Locatable getAST() { result = getAst() } + deprecated override Locatable getAST() { result = this.getAst() } final override Type getIndirectionType() { result = call.getTarget().getDeclaringType() } @@ -592,7 +596,7 @@ class TranslatedCallSideEffect extends TranslatedSideEffect, TTranslatedCallSide override Locatable getAst() { result = expr } /** DEPRECATED: Alias for getAst */ - deprecated override Locatable getAST() { result = getAst() } + deprecated override Locatable getAST() { result = this.getAst() } override Expr getPrimaryExpr() { result = expr } @@ -633,7 +637,7 @@ class TranslatedAllocationSideEffect extends TranslatedSideEffect, TTranslatedAl override Locatable getAst() { result = expr } /** DEPRECATED: Alias for getAst */ - deprecated override Locatable getAST() { result = getAst() } + deprecated override Locatable getAST() { result = this.getAst() } override Expr getPrimaryExpr() { result = expr } @@ -646,7 +650,7 @@ class TranslatedAllocationSideEffect extends TranslatedSideEffect, TTranslatedAl override Instruction getInstructionRegisterOperand(InstructionTag tag, OperandTag operandTag) { tag = OnlyInstructionTag() and operandTag = addressOperand() and - result = getPrimaryInstructionForSideEffect(OnlyInstructionTag()) + result = this.getPrimaryInstructionForSideEffect(OnlyInstructionTag()) } override predicate sideEffectInstruction(Opcode opcode, CppType type) { diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCondition.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCondition.qll index 29b931e0ab6..30755f0f000 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCondition.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCondition.qll @@ -22,9 +22,9 @@ abstract class TranslatedCondition extends TranslatedElement { final override Locatable getAst() { result = expr } /** DEPRECATED: Alias for getAst */ - deprecated override Locatable getAST() { result = getAst() } + deprecated override Locatable getAST() { result = this.getAst() } - final ConditionContext getConditionContext() { result = getParent() } + final ConditionContext getConditionContext() { result = this.getParent() } final Expr getExpr() { result = expr } @@ -42,9 +42,11 @@ abstract class TranslatedFlexibleCondition extends TranslatedCondition, Conditio { TranslatedFlexibleCondition() { this = TTranslatedFlexibleCondition(expr) } - final override TranslatedElement getChild(int id) { id = 0 and result = getOperand() } + final override TranslatedElement getChild(int id) { id = 0 and result = this.getOperand() } - final override Instruction getFirstInstruction() { result = getOperand().getFirstInstruction() } + final override Instruction getFirstInstruction() { + result = this.getOperand().getFirstInstruction() + } final override predicate hasInstruction(Opcode opcode, InstructionTag tag, CppType resultType) { none() @@ -61,13 +63,13 @@ class TranslatedParenthesisCondition extends TranslatedFlexibleCondition { override ParenthesisExpr expr; final override Instruction getChildTrueSuccessor(TranslatedCondition child) { - child = getOperand() and - result = getConditionContext().getChildTrueSuccessor(this) + child = this.getOperand() and + result = this.getConditionContext().getChildTrueSuccessor(this) } final override Instruction getChildFalseSuccessor(TranslatedCondition child) { - child = getOperand() and - result = getConditionContext().getChildFalseSuccessor(this) + child = this.getOperand() and + result = this.getConditionContext().getChildFalseSuccessor(this) } final override TranslatedCondition getOperand() { @@ -79,13 +81,13 @@ class TranslatedNotCondition extends TranslatedFlexibleCondition { override NotExpr expr; override Instruction getChildTrueSuccessor(TranslatedCondition child) { - child = getOperand() and - result = getConditionContext().getChildFalseSuccessor(this) + child = this.getOperand() and + result = this.getConditionContext().getChildFalseSuccessor(this) } override Instruction getChildFalseSuccessor(TranslatedCondition child) { - child = getOperand() and - result = getConditionContext().getChildTrueSuccessor(this) + child = this.getOperand() and + result = this.getConditionContext().getChildTrueSuccessor(this) } override TranslatedCondition getOperand() { @@ -103,13 +105,13 @@ abstract class TranslatedBinaryLogicalOperation extends TranslatedNativeConditio override BinaryLogicalOperation expr; final override TranslatedElement getChild(int id) { - id = 0 and result = getLeftOperand() + id = 0 and result = this.getLeftOperand() or - id = 1 and result = getRightOperand() + id = 1 and result = this.getRightOperand() } final override Instruction getFirstInstruction() { - result = getLeftOperand().getFirstInstruction() + result = this.getLeftOperand().getFirstInstruction() } final override predicate hasInstruction(Opcode opcode, InstructionTag tag, CppType resultType) { @@ -131,16 +133,16 @@ class TranslatedLogicalAndExpr extends TranslatedBinaryLogicalOperation { TranslatedLogicalAndExpr() { expr instanceof LogicalAndExpr } override Instruction getChildTrueSuccessor(TranslatedCondition child) { - child = getLeftOperand() and - result = getRightOperand().getFirstInstruction() + child = this.getLeftOperand() and + result = this.getRightOperand().getFirstInstruction() or - child = getRightOperand() and - result = getConditionContext().getChildTrueSuccessor(this) + child = this.getRightOperand() and + result = this.getConditionContext().getChildTrueSuccessor(this) } override Instruction getChildFalseSuccessor(TranslatedCondition child) { - (child = getLeftOperand() or child = getRightOperand()) and - result = getConditionContext().getChildFalseSuccessor(this) + (child = this.getLeftOperand() or child = this.getRightOperand()) and + result = this.getConditionContext().getChildFalseSuccessor(this) } } @@ -148,25 +150,25 @@ class TranslatedLogicalOrExpr extends TranslatedBinaryLogicalOperation { override LogicalOrExpr expr; override Instruction getChildTrueSuccessor(TranslatedCondition child) { - (child = getLeftOperand() or child = getRightOperand()) and - result = getConditionContext().getChildTrueSuccessor(this) + (child = this.getLeftOperand() or child = this.getRightOperand()) and + result = this.getConditionContext().getChildTrueSuccessor(this) } override Instruction getChildFalseSuccessor(TranslatedCondition child) { - child = getLeftOperand() and - result = getRightOperand().getFirstInstruction() + child = this.getLeftOperand() and + result = this.getRightOperand().getFirstInstruction() or - child = getRightOperand() and - result = getConditionContext().getChildFalseSuccessor(this) + child = this.getRightOperand() and + result = this.getConditionContext().getChildFalseSuccessor(this) } } class TranslatedValueCondition extends TranslatedCondition, TTranslatedValueCondition { TranslatedValueCondition() { this = TTranslatedValueCondition(expr) } - override TranslatedElement getChild(int id) { id = 0 and result = getValueExpr() } + override TranslatedElement getChild(int id) { id = 0 and result = this.getValueExpr() } - override Instruction getFirstInstruction() { result = getValueExpr().getFirstInstruction() } + override Instruction getFirstInstruction() { result = this.getValueExpr().getFirstInstruction() } override predicate hasInstruction(Opcode opcode, InstructionTag tag, CppType resultType) { tag = ValueConditionConditionalBranchTag() and @@ -175,25 +177,25 @@ class TranslatedValueCondition extends TranslatedCondition, TTranslatedValueCond } override Instruction getChildSuccessor(TranslatedElement child) { - child = getValueExpr() and - result = getInstruction(ValueConditionConditionalBranchTag()) + child = this.getValueExpr() and + result = this.getInstruction(ValueConditionConditionalBranchTag()) } override Instruction getInstructionSuccessor(InstructionTag tag, EdgeKind kind) { tag = ValueConditionConditionalBranchTag() and ( kind instanceof TrueEdge and - result = getConditionContext().getChildTrueSuccessor(this) + result = this.getConditionContext().getChildTrueSuccessor(this) or kind instanceof FalseEdge and - result = getConditionContext().getChildFalseSuccessor(this) + result = this.getConditionContext().getChildFalseSuccessor(this) ) } override Instruction getInstructionRegisterOperand(InstructionTag tag, OperandTag operandTag) { tag = ValueConditionConditionalBranchTag() and operandTag instanceof ConditionOperandTag and - result = getValueExpr().getResult() + result = this.getValueExpr().getResult() } private TranslatedExpr getValueExpr() { result = getTranslatedExpr(expr) } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedDeclarationEntry.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedDeclarationEntry.qll index 2b959f21df4..df2e8879341 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedDeclarationEntry.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedDeclarationEntry.qll @@ -47,7 +47,7 @@ abstract class TranslatedDeclarationEntry extends TranslatedElement, TTranslated final override Locatable getAst() { result = entry.getAst() } /** DEPRECATED: Alias for getAst */ - deprecated override Locatable getAST() { result = getAst() } + deprecated override Locatable getAST() { result = this.getAst() } } /** @@ -60,19 +60,19 @@ abstract class TranslatedLocalVariableDeclaration extends TranslatedVariableInit */ abstract LocalVariable getVariable(); - final override Type getTargetType() { result = getVariableType(getVariable()) } + final override Type getTargetType() { result = getVariableType(this.getVariable()) } final override TranslatedInitialization getInitialization() { result = - getTranslatedInitialization(getVariable().getInitializer().getExpr().getFullyConverted()) + getTranslatedInitialization(this.getVariable().getInitializer().getExpr().getFullyConverted()) } final override Instruction getInitializationSuccessor() { - result = getParent().getChildSuccessor(this) + result = this.getParent().getChildSuccessor(this) } final override IRVariable getIRVariable() { - result = getIRUserVariable(getFunction(), getVariable()) + result = getIRUserVariable(this.getFunction(), this.getVariable()) } } @@ -123,7 +123,7 @@ class TranslatedStaticLocalVariableDeclarationEntry extends TranslatedDeclaratio TranslatedStaticLocalVariableDeclarationEntry() { var = entry.getDeclaration() } - final override TranslatedElement getChild(int id) { id = 0 and result = getInitialization() } + final override TranslatedElement getChild(int id) { id = 0 and result = this.getInitialization() } final override predicate hasInstruction(Opcode opcode, InstructionTag tag, CppType type) { tag = DynamicInitializationFlagAddressTag() and @@ -148,39 +148,39 @@ class TranslatedStaticLocalVariableDeclarationEntry extends TranslatedDeclaratio } final override Instruction getFirstInstruction() { - result = getInstruction(DynamicInitializationFlagAddressTag()) + result = this.getInstruction(DynamicInitializationFlagAddressTag()) } final override Instruction getInstructionSuccessor(InstructionTag tag, EdgeKind kind) { tag = DynamicInitializationFlagAddressTag() and kind instanceof GotoEdge and - result = getInstruction(DynamicInitializationFlagLoadTag()) + result = this.getInstruction(DynamicInitializationFlagLoadTag()) or tag = DynamicInitializationFlagLoadTag() and kind instanceof GotoEdge and - result = getInstruction(DynamicInitializationConditionalBranchTag()) + result = this.getInstruction(DynamicInitializationConditionalBranchTag()) or tag = DynamicInitializationConditionalBranchTag() and ( kind instanceof TrueEdge and - result = getParent().getChildSuccessor(this) + result = this.getParent().getChildSuccessor(this) or kind instanceof FalseEdge and - result = getInitialization().getFirstInstruction() + result = this.getInitialization().getFirstInstruction() ) or tag = DynamicInitializationFlagConstantTag() and kind instanceof GotoEdge and - result = getInstruction(DynamicInitializationFlagStoreTag()) + result = this.getInstruction(DynamicInitializationFlagStoreTag()) or tag = DynamicInitializationFlagStoreTag() and kind instanceof GotoEdge and - result = getParent().getChildSuccessor(this) + result = this.getParent().getChildSuccessor(this) } final override Instruction getChildSuccessor(TranslatedElement child) { - child = getInitialization() and - result = getInstruction(DynamicInitializationFlagConstantTag()) + child = this.getInitialization() and + result = this.getInstruction(DynamicInitializationFlagConstantTag()) } final override IRDynamicInitializationFlag getInstructionVariable(InstructionTag tag) { @@ -196,20 +196,20 @@ class TranslatedStaticLocalVariableDeclarationEntry extends TranslatedDeclaratio tag = DynamicInitializationFlagLoadTag() and ( operandTag instanceof AddressOperandTag and - result = getInstruction(DynamicInitializationFlagAddressTag()) + result = this.getInstruction(DynamicInitializationFlagAddressTag()) ) or tag = DynamicInitializationConditionalBranchTag() and operandTag instanceof ConditionOperandTag and - result = getInstruction(DynamicInitializationFlagLoadTag()) + result = this.getInstruction(DynamicInitializationFlagLoadTag()) or tag = DynamicInitializationFlagStoreTag() and ( operandTag instanceof AddressOperandTag and - result = getInstruction(DynamicInitializationFlagAddressTag()) + result = this.getInstruction(DynamicInitializationFlagAddressTag()) or operandTag instanceof StoreValueOperandTag and - result = getInstruction(DynamicInitializationFlagConstantTag()) + result = this.getInstruction(DynamicInitializationFlagConstantTag()) ) } @@ -238,7 +238,7 @@ class TranslatedStaticLocalVariableInitialization extends TranslatedElement, final override Locatable getAst() { result = entry.getAst() } /** DEPRECATED: Alias for getAst */ - deprecated override Locatable getAST() { result = getAst() } + deprecated override Locatable getAST() { result = this.getAst() } final override LocalVariable getVariable() { result = var } @@ -267,7 +267,7 @@ class TranslatedConditionDecl extends TranslatedLocalVariableDeclaration, TTrans override Locatable getAst() { result = conditionDeclExpr } /** DEPRECATED: Alias for getAst */ - deprecated override Locatable getAST() { result = getAst() } + deprecated override Locatable getAST() { result = this.getAst() } override Declaration getFunction() { result = getEnclosingFunction(conditionDeclExpr) } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedFunction.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedFunction.qll index d02cb716fe5..5c5ee3c04c1 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedFunction.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedFunction.qll @@ -68,7 +68,7 @@ class TranslatedFunction extends TranslatedRootElement, TTranslatedFunction { final override Locatable getAst() { result = func } /** DEPRECATED: Alias for getAst */ - deprecated override Locatable getAST() { result = getAst() } + deprecated override Locatable getAST() { result = this.getAst() } /** * Gets the function being translated. @@ -76,15 +76,15 @@ class TranslatedFunction extends TranslatedRootElement, TTranslatedFunction { final override Function getFunction() { result = func } final override TranslatedElement getChild(int id) { - id = -5 and result = getReadEffects() + id = -5 and result = this.getReadEffects() or - id = -4 and result = getConstructorInitList() + id = -4 and result = this.getConstructorInitList() or - id = -3 and result = getBody() + id = -3 and result = this.getBody() or - id = -2 and result = getDestructorDestructionList() + id = -2 and result = this.getDestructorDestructionList() or - id >= -1 and result = getParameter(id) + id >= -1 and result = this.getParameter(id) } final private TranslatedConstructorInitList getConstructorInitList() { @@ -109,64 +109,66 @@ class TranslatedFunction extends TranslatedRootElement, TTranslatedFunction { result = getTranslatedEllipsisParameter(func) } - final override Instruction getFirstInstruction() { result = getInstruction(EnterFunctionTag()) } + final override Instruction getFirstInstruction() { + result = this.getInstruction(EnterFunctionTag()) + } final override Instruction getInstructionSuccessor(InstructionTag tag, EdgeKind kind) { kind instanceof GotoEdge and ( tag = EnterFunctionTag() and - result = getInstruction(AliasedDefinitionTag()) + result = this.getInstruction(AliasedDefinitionTag()) or tag = AliasedDefinitionTag() and - result = getInstruction(InitializeNonLocalTag()) + result = this.getInstruction(InitializeNonLocalTag()) or ( tag = InitializeNonLocalTag() and - if exists(getThisType()) - then result = getParameter(-1).getFirstInstruction() + if exists(this.getThisType()) + then result = this.getParameter(-1).getFirstInstruction() else - if exists(getParameter(0)) - then result = getParameter(0).getFirstInstruction() - else result = getBody().getFirstInstruction() + if exists(this.getParameter(0)) + then result = this.getParameter(0).getFirstInstruction() + else result = this.getBody().getFirstInstruction() ) or tag = ReturnValueAddressTag() and - result = getInstruction(ReturnTag()) + result = this.getInstruction(ReturnTag()) or tag = ReturnTag() and - result = getInstruction(AliasedUseTag()) + result = this.getInstruction(AliasedUseTag()) or tag = UnwindTag() and - result = getInstruction(AliasedUseTag()) + result = this.getInstruction(AliasedUseTag()) or tag = AliasedUseTag() and - result = getInstruction(ExitFunctionTag()) + result = this.getInstruction(ExitFunctionTag()) ) } final override Instruction getChildSuccessor(TranslatedElement child) { exists(int paramIndex | - child = getParameter(paramIndex) and + child = this.getParameter(paramIndex) and if exists(func.getParameter(paramIndex + 1)) or getEllipsisParameterIndexForFunction(func) = paramIndex + 1 - then result = getParameter(paramIndex + 1).getFirstInstruction() - else result = getConstructorInitList().getFirstInstruction() + then result = this.getParameter(paramIndex + 1).getFirstInstruction() + else result = this.getConstructorInitList().getFirstInstruction() ) or - child = getConstructorInitList() and - result = getBody().getFirstInstruction() + child = this.getConstructorInitList() and + result = this.getBody().getFirstInstruction() or - child = getBody() and - result = getReturnSuccessorInstruction() + child = this.getBody() and + result = this.getReturnSuccessorInstruction() or - child = getDestructorDestructionList() and - result = getReadEffects().getFirstInstruction() + child = this.getDestructorDestructionList() and + result = this.getReadEffects().getFirstInstruction() or - child = getReadEffects() and - if hasReturnValue() - then result = getInstruction(ReturnValueAddressTag()) - else result = getInstruction(ReturnTag()) + child = this.getReadEffects() and + if this.hasReturnValue() + then result = this.getInstruction(ReturnValueAddressTag()) + else result = this.getInstruction(ReturnTag()) } final override predicate hasInstruction(Opcode opcode, InstructionTag tag, CppType resultType) { @@ -185,13 +187,13 @@ class TranslatedFunction extends TranslatedRootElement, TTranslatedFunction { or tag = ReturnValueAddressTag() and opcode instanceof Opcode::VariableAddress and - resultType = getTypeForGLValue(getReturnType()) and - hasReturnValue() + resultType = getTypeForGLValue(this.getReturnType()) and + this.hasReturnValue() or ( tag = ReturnTag() and resultType = getVoidType() and - if hasReturnValue() + if this.hasReturnValue() then opcode instanceof Opcode::ReturnValue else opcode instanceof Opcode::ReturnVoid ) @@ -217,23 +219,23 @@ class TranslatedFunction extends TranslatedRootElement, TTranslatedFunction { } final override Instruction getExceptionSuccessorInstruction() { - result = getInstruction(UnwindTag()) + result = this.getInstruction(UnwindTag()) } final override Instruction getInstructionRegisterOperand(InstructionTag tag, OperandTag operandTag) { tag = ReturnTag() and - hasReturnValue() and + this.hasReturnValue() and operandTag instanceof AddressOperandTag and - result = getInstruction(ReturnValueAddressTag()) + result = this.getInstruction(ReturnValueAddressTag()) } final override CppType getInstructionMemoryOperandType( InstructionTag tag, TypedOperandTag operandTag ) { tag = ReturnTag() and - hasReturnValue() and + this.hasReturnValue() and operandTag instanceof LoadOperandTag and - result = getTypeForPRValue(getReturnType()) + result = getTypeForPRValue(this.getReturnType()) or tag = AliasedUseTag() and operandTag instanceof SideEffectOperandTag and @@ -242,7 +244,7 @@ class TranslatedFunction extends TranslatedRootElement, TTranslatedFunction { final override IRVariable getInstructionVariable(InstructionTag tag) { tag = ReturnValueAddressTag() and - result = getReturnVariable() + result = this.getReturnVariable() } final override predicate needsUnknownOpaqueType(int byteSize) { @@ -251,15 +253,15 @@ class TranslatedFunction extends TranslatedRootElement, TTranslatedFunction { final override predicate hasTempVariable(TempVariableTag tag, CppType type) { tag = ReturnValueTempVar() and - hasReturnValue() and - type = getTypeForPRValue(getReturnType()) + this.hasReturnValue() and + type = getTypeForPRValue(this.getReturnType()) or tag = EllipsisTempVar() and func.isVarargs() and type = getEllipsisVariablePRValueType() or tag = ThisTempVar() and - type = getTypeForGLValue(getThisType()) + type = getTypeForGLValue(this.getThisType()) } /** @@ -267,7 +269,7 @@ class TranslatedFunction extends TranslatedRootElement, TTranslatedFunction { * statement. */ final Instruction getReturnSuccessorInstruction() { - result = getDestructorDestructionList().getFirstInstruction() + result = this.getDestructorDestructionList().getFirstInstruction() } /** @@ -368,25 +370,25 @@ abstract class TranslatedParameter extends TranslatedElement { final override TranslatedElement getChild(int id) { none() } final override Instruction getFirstInstruction() { - result = getInstruction(InitializerVariableAddressTag()) + result = this.getInstruction(InitializerVariableAddressTag()) } final override Instruction getInstructionSuccessor(InstructionTag tag, EdgeKind kind) { kind instanceof GotoEdge and ( tag = InitializerVariableAddressTag() and - result = getInstruction(InitializerStoreTag()) + result = this.getInstruction(InitializerStoreTag()) or tag = InitializerStoreTag() and - if hasIndirection() - then result = getInstruction(InitializerIndirectAddressTag()) - else result = getParent().getChildSuccessor(this) + if this.hasIndirection() + then result = this.getInstruction(InitializerIndirectAddressTag()) + else result = this.getParent().getChildSuccessor(this) or tag = InitializerIndirectAddressTag() and - result = getInstruction(InitializerIndirectStoreTag()) + result = this.getInstruction(InitializerIndirectStoreTag()) or tag = InitializerIndirectStoreTag() and - result = getParent().getChildSuccessor(this) + result = this.getParent().getChildSuccessor(this) ) } @@ -395,21 +397,21 @@ abstract class TranslatedParameter extends TranslatedElement { final override predicate hasInstruction(Opcode opcode, InstructionTag tag, CppType resultType) { tag = InitializerVariableAddressTag() and opcode instanceof Opcode::VariableAddress and - resultType = getGLValueType() + resultType = this.getGLValueType() or tag = InitializerStoreTag() and opcode instanceof Opcode::InitializeParameter and - resultType = getPRValueType() + resultType = this.getPRValueType() or - hasIndirection() and + this.hasIndirection() and tag = InitializerIndirectAddressTag() and opcode instanceof Opcode::Load and - resultType = getPRValueType() + resultType = this.getPRValueType() or - hasIndirection() and + this.hasIndirection() and tag = InitializerIndirectStoreTag() and opcode instanceof Opcode::InitializeIndirection and - resultType = getInitializationResultType() + resultType = this.getInitializationResultType() } final override IRVariable getInstructionVariable(InstructionTag tag) { @@ -418,26 +420,26 @@ abstract class TranslatedParameter extends TranslatedElement { tag = InitializerVariableAddressTag() or tag = InitializerIndirectStoreTag() ) and - result = getIRVariable() + result = this.getIRVariable() } final override Instruction getInstructionRegisterOperand(InstructionTag tag, OperandTag operandTag) { tag = InitializerStoreTag() and ( operandTag instanceof AddressOperandTag and - result = getInstruction(InitializerVariableAddressTag()) + result = this.getInstruction(InitializerVariableAddressTag()) ) or // this feels a little strange, but I think it's the best we can do tag = InitializerIndirectAddressTag() and ( operandTag instanceof AddressOperandTag and - result = getInstruction(InitializerVariableAddressTag()) + result = this.getInstruction(InitializerVariableAddressTag()) ) or tag = InitializerIndirectStoreTag() and operandTag instanceof AddressOperandTag and - result = getInstruction(InitializerIndirectAddressTag()) + result = this.getInstruction(InitializerIndirectAddressTag()) } abstract predicate hasIndirection(); @@ -465,7 +467,7 @@ class TranslatedThisParameter extends TranslatedParameter, TTranslatedThisParame final override Locatable getAst() { result = func } /** DEPRECATED: Alias for getAst */ - deprecated override Locatable getAST() { result = getAst() } + deprecated override Locatable getAST() { result = this.getAst() } final override Function getFunction() { result = func } @@ -500,7 +502,7 @@ class TranslatedPositionalParameter extends TranslatedParameter, TTranslatedPara final override Locatable getAst() { result = param } /** DEPRECATED: Alias for getAst */ - deprecated override Locatable getAST() { result = getAst() } + deprecated override Locatable getAST() { result = this.getAst() } final override Function getFunction() { result = param.getFunction() or @@ -522,7 +524,7 @@ class TranslatedPositionalParameter extends TranslatedParameter, TTranslatedPara final override CppType getInitializationResultType() { result = getUnknownType() } final override IRAutomaticUserVariable getIRVariable() { - result = getIRUserVariable(getFunction(), param) + result = getIRUserVariable(this.getFunction(), param) } } @@ -540,7 +542,7 @@ class TranslatedEllipsisParameter extends TranslatedParameter, TTranslatedEllips final override Locatable getAst() { result = func } /** DEPRECATED: Alias for getAst */ - deprecated override Locatable getAST() { result = getAst() } + deprecated override Locatable getAST() { result = this.getAst() } final override Function getFunction() { result = func } @@ -579,7 +581,7 @@ class TranslatedConstructorInitList extends TranslatedElement, InitializationCon override Locatable getAst() { result = func } /** DEPRECATED: Alias for getAst */ - deprecated override Locatable getAST() { result = getAst() } + deprecated override Locatable getAST() { result = this.getAst() } override TranslatedElement getChild(int id) { exists(ConstructorFieldInit fieldInit | @@ -599,9 +601,9 @@ class TranslatedConstructorInitList extends TranslatedElement, InitializationCon } override Instruction getFirstInstruction() { - if exists(getChild(0)) - then result = getChild(0).getFirstInstruction() - else result = getParent().getChildSuccessor(this) + if exists(this.getChild(0)) + then result = this.getChild(0).getFirstInstruction() + else result = this.getParent().getChildSuccessor(this) } override predicate hasInstruction(Opcode opcode, InstructionTag tag, CppType resultType) { @@ -614,10 +616,10 @@ class TranslatedConstructorInitList extends TranslatedElement, InitializationCon override Instruction getChildSuccessor(TranslatedElement child) { exists(int id | - child = getChild(id) and - if exists(getChild(id + 1)) - then result = getChild(id + 1).getFirstInstruction() - else result = getParent().getChildSuccessor(this) + child = this.getChild(id) and + if exists(this.getChild(id + 1)) + then result = this.getChild(id + 1).getFirstInstruction() + else result = this.getParent().getChildSuccessor(this) ) } @@ -651,7 +653,7 @@ class TranslatedDestructorDestructionList extends TranslatedElement, override Locatable getAst() { result = func } /** DEPRECATED: Alias for getAst */ - deprecated override Locatable getAST() { result = getAst() } + deprecated override Locatable getAST() { result = this.getAst() } override TranslatedElement getChild(int id) { exists(DestructorFieldDestruction fieldDestruction | @@ -666,9 +668,9 @@ class TranslatedDestructorDestructionList extends TranslatedElement, } override Instruction getFirstInstruction() { - if exists(getChild(0)) - then result = getChild(0).getFirstInstruction() - else result = getParent().getChildSuccessor(this) + if exists(this.getChild(0)) + then result = this.getChild(0).getFirstInstruction() + else result = this.getParent().getChildSuccessor(this) } override predicate hasInstruction(Opcode opcode, InstructionTag tag, CppType resultType) { @@ -681,10 +683,10 @@ class TranslatedDestructorDestructionList extends TranslatedElement, override Instruction getChildSuccessor(TranslatedElement child) { exists(int id | - child = getChild(id) and - if exists(getChild(id + 1)) - then result = getChild(id + 1).getFirstInstruction() - else result = getParent().getChildSuccessor(this) + child = this.getChild(id) and + if exists(this.getChild(id + 1)) + then result = this.getChild(id + 1).getFirstInstruction() + else result = this.getParent().getChildSuccessor(this) ) } } @@ -699,7 +701,7 @@ class TranslatedReadEffects extends TranslatedElement, TTranslatedReadEffects { override Locatable getAst() { result = func } /** DEPRECATED: Alias for getAst */ - deprecated override Locatable getAST() { result = getAst() } + deprecated override Locatable getAST() { result = this.getAst() } override Function getFunction() { result = func } @@ -713,25 +715,25 @@ class TranslatedReadEffects extends TranslatedElement, TTranslatedReadEffects { } override Instruction getFirstInstruction() { - if exists(getAChild()) + if exists(this.getAChild()) then result = - min(TranslatedElement child, int id | child = getChild(id) | child order by id) + min(TranslatedElement child, int id | child = this.getChild(id) | child order by id) .getFirstInstruction() - else result = getParent().getChildSuccessor(this) + else result = this.getParent().getChildSuccessor(this) } override Instruction getChildSuccessor(TranslatedElement child) { - exists(int id | child = getChild(id) | - if exists(TranslatedReadEffect child2, int id2 | id2 > id and child2 = getChild(id2)) + exists(int id | child = this.getChild(id) | + if exists(TranslatedReadEffect child2, int id2 | id2 > id and child2 = this.getChild(id2)) then result = min(TranslatedReadEffect child2, int id2 | - child2 = getChild(id2) and id2 > id + child2 = this.getChild(id2) and id2 > id | child2 order by id2 ).getFirstInstruction() - else result = getParent().getChildSuccessor(this) + else result = this.getParent().getChildSuccessor(this) ) } @@ -758,10 +760,10 @@ abstract class TranslatedReadEffect extends TranslatedElement { override Instruction getInstructionSuccessor(InstructionTag tag, EdgeKind kind) { tag = OnlyInstructionTag() and kind = EdgeKind::gotoEdge() and - result = getParent().getChildSuccessor(this) + result = this.getParent().getChildSuccessor(this) } - override Instruction getFirstInstruction() { result = getInstruction(OnlyInstructionTag()) } + override Instruction getFirstInstruction() { result = this.getInstruction(OnlyInstructionTag()) } override predicate hasInstruction(Opcode opcode, InstructionTag tag, CppType resultType) { opcode instanceof Opcode::ReturnIndirection and @@ -786,7 +788,7 @@ class TranslatedThisReadEffect extends TranslatedReadEffect, TTranslatedThisRead override Locatable getAst() { result = func } /** DEPRECATED: Alias for getAst */ - deprecated override Locatable getAST() { result = getAst() } + deprecated override Locatable getAST() { result = this.getAst() } override Function getFunction() { result = func } @@ -812,7 +814,7 @@ class TranslatedParameterReadEffect extends TranslatedReadEffect, TTranslatedPar override Locatable getAst() { result = param } /** DEPRECATED: Alias for getAst */ - deprecated override Locatable getAST() { result = getAst() } + deprecated override Locatable getAST() { result = this.getAst() } override string toString() { result = "read effect: " + param.toString() } @@ -826,6 +828,6 @@ class TranslatedParameterReadEffect extends TranslatedReadEffect, TTranslatedPar final override IRVariable getInstructionVariable(InstructionTag tag) { tag = OnlyInstructionTag() and - result = getIRUserVariable(getFunction(), param) + result = getIRUserVariable(this.getFunction(), param) } } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IR.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IR.qll index c96783fe6e8..79873d8366e 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IR.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IR.qll @@ -77,4 +77,16 @@ class IRPropertyProvider extends TIRPropertyProvider { * Gets the value of the property named `key` for the specified operand. */ string getOperandProperty(Operand operand, string key) { none() } + + /** + * Holds if the instruction `instr` should be included when printing + * the IR instructions. + */ + predicate shouldPrintInstruction(Instruction instr) { any() } + + /** + * Holds if the operand `operand` should be included when printing the an + * instruction's operand list. + */ + predicate shouldPrintOperand(Operand operand) { any() } } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRFunction.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRFunction.qll index 5968e58f90b..354ba41e3d1 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRFunction.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRFunction.qll @@ -45,7 +45,9 @@ class IRFunction extends IRFunctionBase { * Gets the block containing the entry point of this function. */ pragma[noinline] - final IRBlock getEntryBlock() { result.getFirstInstruction() = getEnterFunctionInstruction() } + final IRBlock getEntryBlock() { + result.getFirstInstruction() = this.getEnterFunctionInstruction() + } /** * Gets all instructions in this function. diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRVariable.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRVariable.qll index c92082d767d..b31c7898ba7 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRVariable.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRVariable.qll @@ -39,12 +39,12 @@ class IRVariable extends TIRVariable { /** * Gets the type of the variable. */ - final Language::Type getType() { getLanguageType().hasType(result, false) } + final Language::Type getType() { this.getLanguageType().hasType(result, false) } /** * Gets the language-neutral type of the variable. */ - final IRType getIRType() { result = getLanguageType().getIRType() } + final IRType getIRType() { result = this.getLanguageType().getIRType() } /** * Gets the type of the variable. @@ -58,7 +58,7 @@ class IRVariable extends TIRVariable { Language::AST getAst() { none() } /** DEPRECATED: Alias for getAst */ - deprecated Language::AST getAST() { result = getAst() } + deprecated Language::AST getAST() { result = this.getAst() } /** * Gets an identifier string for the variable. This identifier is unique @@ -69,7 +69,7 @@ class IRVariable extends TIRVariable { /** * Gets the source location of this variable. */ - final Language::Location getLocation() { result = getAst().getLocation() } + final Language::Location getLocation() { result = this.getAst().getLocation() } /** * Gets the IR for the function that references this variable. @@ -91,15 +91,15 @@ class IRUserVariable extends IRVariable, TIRUserVariable { IRUserVariable() { this = TIRUserVariable(var, type, func) } - final override string toString() { result = getVariable().toString() } + final override string toString() { result = this.getVariable().toString() } final override Language::AST getAst() { result = var } /** DEPRECATED: Alias for getAst */ - deprecated override Language::AST getAST() { result = getAst() } + deprecated override Language::AST getAST() { result = this.getAst() } final override string getUniqueId() { - result = getVariable().toString() + " " + getVariable().getLocation().toString() + result = this.getVariable().toString() + " " + this.getVariable().getLocation().toString() } final override Language::LanguageType getLanguageType() { result = type } @@ -166,9 +166,9 @@ class IRGeneratedVariable extends IRVariable { final override Language::AST getAst() { result = ast } /** DEPRECATED: Alias for getAst */ - deprecated override Language::AST getAST() { result = getAst() } + deprecated override Language::AST getAST() { result = this.getAst() } - override string toString() { result = getBaseString() + getLocationString() } + override string toString() { result = this.getBaseString() + this.getLocationString() } override string getUniqueId() { none() } @@ -272,7 +272,7 @@ class IRStringLiteral extends IRGeneratedVariable, TIRStringLiteral { final override predicate isReadOnly() { any() } final override string getUniqueId() { - result = "String: " + getLocationString() + "=" + Language::getStringLiteralText(literal) + result = "String: " + this.getLocationString() + "=" + Language::getStringLiteralText(literal) } final override string getBaseString() { result = "#string" } @@ -303,7 +303,8 @@ class IRDynamicInitializationFlag extends IRGeneratedVariable, TIRDynamicInitial final Language::Variable getVariable() { result = var } final override string getUniqueId() { - result = "Init: " + getVariable().toString() + " " + getVariable().getLocation().toString() + result = + "Init: " + this.getVariable().toString() + " " + this.getVariable().getLocation().toString() } final override string getBaseString() { result = "#init:" + var.toString() + ":" } @@ -332,5 +333,5 @@ class IRParameter extends IRAutomaticVariable { * An IR variable representing a positional parameter. */ class IRPositionalParameter extends IRParameter, IRAutomaticUserVariable { - final override int getIndex() { result = getVariable().(Language::Parameter).getIndex() } + final override int getIndex() { result = this.getVariable().(Language::Parameter).getIndex() } } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/Instruction.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/Instruction.qll index 0aa7c552638..1b5ea432946 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/Instruction.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/Instruction.qll @@ -210,9 +210,6 @@ class Instruction extends Construction::TStageInstruction { */ final Language::AST getAst() { result = Construction::getInstructionAst(this) } - /** DEPRECATED: Alias for getAst */ - deprecated Language::AST getAST() { result = this.getAst() } - /** * Gets the location of the source code for this instruction. */ @@ -463,9 +460,6 @@ class VariableInstruction extends Instruction { * Gets the AST variable that this instruction's IR variable refers to, if one exists. */ final Language::Variable getAstVariable() { result = var.(IRUserVariable).getVariable() } - - /** DEPRECATED: Alias for getAstVariable */ - deprecated Language::Variable getASTVariable() { result = this.getAstVariable() } } /** diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/PrintIR.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/PrintIR.qll index aae12b0047a..b9106a7bfc7 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/PrintIR.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/PrintIR.qll @@ -42,6 +42,14 @@ private predicate shouldPrintFunction(Language::Declaration decl) { exists(PrintIRConfiguration config | config.shouldPrintFunction(decl)) } +private predicate shouldPrintInstruction(Instruction i) { + exists(IRPropertyProvider provider | provider.shouldPrintInstruction(i)) +} + +private predicate shouldPrintOperand(Operand operand) { + exists(IRPropertyProvider provider | provider.shouldPrintOperand(operand)) +} + private string getAdditionalInstructionProperty(Instruction instr, string key) { exists(IRPropertyProvider provider | result = provider.getInstructionProperty(instr, key)) } @@ -84,7 +92,9 @@ private string getOperandPropertyString(Operand operand) { private newtype TPrintableIRNode = TPrintableIRFunction(IRFunction irFunc) { shouldPrintFunction(irFunc.getFunction()) } or TPrintableIRBlock(IRBlock block) { shouldPrintFunction(block.getEnclosingFunction()) } or - TPrintableInstruction(Instruction instr) { shouldPrintFunction(instr.getEnclosingFunction()) } + TPrintableInstruction(Instruction instr) { + shouldPrintInstruction(instr) and shouldPrintFunction(instr.getEnclosingFunction()) + } /** * A node to be emitted in the IR graph. @@ -127,13 +137,13 @@ abstract private class PrintableIRNode extends TPrintableIRNode { * Gets the value of the node property with the specified key. */ string getProperty(string key) { - key = "semmle.label" and result = getLabel() + key = "semmle.label" and result = this.getLabel() or - key = "semmle.order" and result = getOrder().toString() + key = "semmle.order" and result = this.getOrder().toString() or - key = "semmle.graphKind" and result = getGraphKind() + key = "semmle.graphKind" and result = this.getGraphKind() or - key = "semmle.forceText" and forceText() and result = "true" + key = "semmle.forceText" and this.forceText() and result = "true" } } @@ -178,7 +188,7 @@ private class PrintableIRBlock extends PrintableIRNode, TPrintableIRBlock { PrintableIRBlock() { this = TPrintableIRBlock(block) } - override string toString() { result = getLabel() } + override string toString() { result = this.getLabel() } override Language::Location getLocation() { result = block.getLocation() } @@ -223,7 +233,7 @@ private class PrintableInstruction extends PrintableIRNode, TPrintableInstructio | resultString = instr.getResultString() and operationString = instr.getOperationString() and - operandsString = getOperandsString() and + operandsString = this.getOperandsString() and columnWidths(block, resultWidth, operationWidth) and result = resultString + getPaddingString(resultWidth - resultString.length()) + " = " + @@ -252,7 +262,8 @@ private class PrintableInstruction extends PrintableIRNode, TPrintableInstructio private string getOperandsString() { result = concat(Operand operand | - operand = instr.getAnOperand() + operand = instr.getAnOperand() and + shouldPrintOperand(operand) | operand.getDumpString() + getOperandPropertyString(operand), ", " order by diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/gvn/ValueNumbering.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/gvn/ValueNumbering.qll index ca3c378cd7e..2a46e16c52f 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/gvn/ValueNumbering.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/gvn/ValueNumbering.qll @@ -7,17 +7,19 @@ private import internal.ValueNumberingImports class ValueNumber extends TValueNumber { final string toString() { result = "GVN" } - final string getDebugString() { result = strictconcat(getAnInstruction().getResultId(), ", ") } + final string getDebugString() { + result = strictconcat(this.getAnInstruction().getResultId(), ", ") + } final Language::Location getLocation() { if exists(Instruction i | - i = getAnInstruction() and not i.getLocation() instanceof Language::UnknownLocation + i = this.getAnInstruction() and not i.getLocation() instanceof Language::UnknownLocation ) then result = min(Language::Location l | - l = getAnInstruction().getLocation() and not l instanceof Language::UnknownLocation + l = this.getAnInstruction().getLocation() and not l instanceof Language::UnknownLocation | l order by @@ -40,7 +42,7 @@ class ValueNumber extends TValueNumber { final Instruction getExampleInstruction() { result = min(Instruction instr | - instr = getAnInstruction() + instr = this.getAnInstruction() | instr order by instr.getBlock().getDisplayIndex(), instr.getDisplayIndexInBlock() ) diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/AliasConfiguration.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/AliasConfiguration.qll index dbdd3c14c85..110e673e1d2 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/AliasConfiguration.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/AliasConfiguration.qll @@ -7,7 +7,7 @@ private import AliasConfigurationImports class Allocation extends IRAutomaticVariable { VariableAddressInstruction getABaseInstruction() { result.getIRVariable() = this } - final string getAllocationString() { result = toString() } + final string getAllocationString() { result = this.toString() } predicate alwaysEscapes() { // An automatic variable only escapes if its address is taken and escapes. diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/SSAConstruction.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/SSAConstruction.qll index dc785f3e0b1..63dc4142a13 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/SSAConstruction.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/SSAConstruction.qll @@ -422,12 +422,6 @@ private module Cached { ) } - /** DEPRECATED: Alias for getInstructionAst */ - cached - deprecated Language::AST getInstructionAST(Instruction instr) { - result = getInstructionAst(instr) - } - cached Language::LanguageType getInstructionResultType(Instruction instr) { result = instr.(RawIR::Instruction).getResultLanguageType() @@ -993,9 +987,6 @@ predicate canReuseSsaForMemoryResult(Instruction instruction) { // We don't support reusing SSA for any location that could create a `Chi` instruction. } -/** DEPRECATED: Alias for canReuseSsaForMemoryResult */ -deprecated predicate canReuseSSAForMemoryResult = canReuseSsaForMemoryResult/1; - /** * Expose some of the internal predicates to PrintSSA.qll. We do this by publicly importing those modules in the * `DebugSsa` module, which is then imported by PrintSSA. @@ -1005,9 +996,6 @@ module DebugSsa { import DefUse } -/** DEPRECATED: Alias for DebugSsa */ -deprecated module DebugSSA = DebugSsa; - import CachedForDebugging cached diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/SimpleSSA.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/SimpleSSA.qll index ec2e6f5ef34..5c33ecf5f99 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/SimpleSSA.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/internal/SimpleSSA.qll @@ -46,9 +46,6 @@ predicate canReuseSsaForVariable(IRAutomaticVariable var) { not allocationEscapes(var) } -/** DEPRECATED: Alias for canReuseSsaForVariable */ -deprecated predicate canReuseSSAForVariable = canReuseSsaForVariable/1; - private newtype TMemoryLocation = MkMemoryLocation(Allocation var) { isVariableModeled(var) } private MemoryLocation getMemoryLocation(Allocation var) { result.getAllocation() = var } @@ -75,14 +72,11 @@ class MemoryLocation extends TMemoryLocation { final predicate canReuseSsa() { canReuseSsaForVariable(var) } /** DEPRECATED: Alias for canReuseSsa */ - deprecated predicate canReuseSSA() { canReuseSsa() } + deprecated predicate canReuseSSA() { this.canReuseSsa() } } predicate canReuseSsaForOldResult(Instruction instr) { none() } -/** DEPRECATED: Alias for canReuseSsaForOldResult */ -deprecated predicate canReuseSSAForOldResult = canReuseSsaForOldResult/1; - /** * Represents a set of `MemoryLocation`s that cannot overlap with * `MemoryLocation`s outside of the set. The `VirtualVariable` will be diff --git a/cpp/ql/lib/semmle/code/cpp/ir/internal/ASTValueNumbering.qll b/cpp/ql/lib/semmle/code/cpp/ir/internal/ASTValueNumbering.qll index dcc013fd387..2dd51d39151 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/internal/ASTValueNumbering.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/internal/ASTValueNumbering.qll @@ -62,14 +62,14 @@ class GVN extends TValueNumber { final string toString() { result = "GVN" } - final string getDebugString() { result = strictconcat(getAnExpr().toString(), ", ") } + final string getDebugString() { result = strictconcat(this.getAnExpr().toString(), ", ") } final Location getLocation() { - if exists(Expr e | e = getAnExpr() and not e.getLocation() instanceof UnknownLocation) + if exists(Expr e | e = this.getAnExpr() and not e.getLocation() instanceof UnknownLocation) then result = min(Location l | - l = getAnExpr().getLocation() and not l instanceof UnknownLocation + l = this.getAnExpr().getLocation() and not l instanceof UnknownLocation | l order by @@ -102,13 +102,13 @@ class GVN extends TValueNumber { } /** Gets an expression that has this GVN. */ - Expr getAnExpr() { result = getAnUnconvertedExpr() } + Expr getAnExpr() { result = this.getAnUnconvertedExpr() } /** Gets an expression that has this GVN. */ - Expr getAnUnconvertedExpr() { result = getAnInstruction().getUnconvertedResultExpression() } + Expr getAnUnconvertedExpr() { result = this.getAnInstruction().getUnconvertedResultExpression() } /** Gets an expression that has this GVN. */ - Expr getAConvertedExpr() { result = getAnInstruction().getConvertedResultExpression() } + Expr getAConvertedExpr() { result = this.getAnInstruction().getConvertedResultExpression() } } /** Gets the global value number of expression `e`. */ diff --git a/cpp/ql/lib/semmle/code/cpp/ir/internal/CppType.qll b/cpp/ql/lib/semmle/code/cpp/ir/internal/CppType.qll index bace59a872b..315db83a5cc 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/internal/CppType.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/internal/CppType.qll @@ -208,10 +208,10 @@ class CppType extends TCppType { string toString() { none() } /** Gets a string used in IR dumps */ - string getDumpString() { result = toString() } + string getDumpString() { result = this.toString() } /** Gets the size of the type in bytes, if known. */ - final int getByteSize() { result = getIRType().getByteSize() } + final int getByteSize() { result = this.getIRType().getByteSize() } /** * Gets the `IRType` that represents this `CppType`. Many different `CppType`s can map to a single @@ -232,7 +232,7 @@ class CppType extends TCppType { */ final predicate hasUnspecifiedType(Type type, boolean isGLValue) { exists(Type specifiedType | - hasType(specifiedType, isGLValue) and + this.hasType(specifiedType, isGLValue) and type = specifiedType.getUnspecifiedType() ) } diff --git a/cpp/ql/lib/semmle/code/cpp/models/implementations/Allocation.qll b/cpp/ql/lib/semmle/code/cpp/models/implementations/Allocation.qll index a1fa08daa7d..5aa421b2bcf 100644 --- a/cpp/ql/lib/semmle/code/cpp/models/implementations/Allocation.qll +++ b/cpp/ql/lib/semmle/code/cpp/models/implementations/Allocation.qll @@ -206,7 +206,34 @@ private predicate deconstructSizeExpr(Expr sizeExpr, Expr lengthExpr, int sizeof } /** A `Function` that is a call target of an allocation. */ -private signature class CallAllocationExprTarget extends Function; +private signature class CallAllocationExprTarget extends Function { + /** + * Gets the index of the input pointer argument to be reallocated, if + * this is a `realloc` function. + */ + int getReallocPtrArg(); + + /** + * Gets the index of the argument for the allocation size, if any. The actual + * allocation size is the value of this argument multiplied by the result of + * `getSizeMult()`, in bytes. + */ + int getSizeArg(); + + /** + * Gets the index of an argument that multiplies the allocation size given + * by `getSizeArg`, if any. + */ + int getSizeMult(); + + /** + * Holds if this allocation requires a + * corresponding deallocation of some sort (most do, but `alloca` for example + * does not). If it is unclear, we default to no (for example a placement `new` + * allocation may or may not require a corresponding `delete`). + */ + predicate requiresDealloc(); +} /** * This module abstracts over the type of allocation call-targets and provides a @@ -220,118 +247,68 @@ private signature class CallAllocationExprTarget extends Function; * function using various heuristics. */ private module CallAllocationExprBase { - /** A module that contains the collection of member-predicates required on `Target`. */ - signature module Param { - /** - * Gets the index of the input pointer argument to be reallocated, if - * this is a `realloc` function. - */ - int getReallocPtrArg(Target target); - - /** - * Gets the index of the argument for the allocation size, if any. The actual - * allocation size is the value of this argument multiplied by the result of - * `getSizeMult()`, in bytes. - */ - int getSizeArg(Target target); - - /** - * Gets the index of an argument that multiplies the allocation size given - * by `getSizeArg`, if any. - */ - int getSizeMult(Target target); - - /** - * Holds if this allocation requires a - * corresponding deallocation of some sort (most do, but `alloca` for example - * does not). If it is unclear, we default to no (for example a placement `new` - * allocation may or may not require a corresponding `delete`). - */ - predicate requiresDealloc(Target target); - } - /** - * A module that abstracts over a collection of predicates in - * the `Param` module). This should really be member-predicates - * on `CallAllocationExprTarget`, but we cannot yet write this in QL. + * An allocation expression that is a function call, such as call to `malloc`. */ - module With { - private import P + class CallAllocationExprImpl instanceof FunctionCall { + Target target; - /** - * An allocation expression that is a function call, such as call to `malloc`. - */ - class CallAllocationExprImpl instanceof FunctionCall { - Target target; - - CallAllocationExprImpl() { - target = this.getTarget() and - // realloc(ptr, 0) only frees the pointer - not ( - exists(getReallocPtrArg(target)) and - this.getArgument(getSizeArg(target)).getValue().toInt() = 0 - ) and - // these are modeled directly (and more accurately), avoid duplication - not exists(NewOrNewArrayExpr new | new.getAllocatorCall() = this) - } - - string toString() { result = super.toString() } - - Expr getSizeExprImpl() { - exists(Expr sizeExpr | sizeExpr = super.getArgument(getSizeArg(target)) | - if exists(getSizeMult(target)) - then result = sizeExpr - else - exists(Expr lengthExpr | - deconstructSizeExpr(sizeExpr, lengthExpr, _) and - result = lengthExpr - ) - ) - } - - int getSizeMultImpl() { - // malloc with multiplier argument that is a constant - result = super.getArgument(getSizeMult(target)).getValue().toInt() - or - // malloc with no multiplier argument - not exists(getSizeMult(target)) and - deconstructSizeExpr(super.getArgument(getSizeArg(target)), _, result) - } - - int getSizeBytesImpl() { - result = this.getSizeExprImpl().getValue().toInt() * this.getSizeMultImpl() - } - - Expr getReallocPtrImpl() { result = super.getArgument(getReallocPtrArg(target)) } - - Type getAllocatedElementTypeImpl() { - result = - super.getFullyConverted().getType().stripTopLevelSpecifiers().(PointerType).getBaseType() and - not result instanceof VoidType - } - - predicate requiresDeallocImpl() { requiresDealloc(target) } + CallAllocationExprImpl() { + target = this.getTarget() and + // realloc(ptr, 0) only frees the pointer + not ( + exists(target.getReallocPtrArg()) and + this.getArgument(target.getSizeArg()).getValue().toInt() = 0 + ) and + // these are modeled directly (and more accurately), avoid duplication + not exists(NewOrNewArrayExpr new | new.getAllocatorCall() = this) } + + string toString() { result = super.toString() } + + Expr getSizeExprImpl() { + exists(Expr sizeExpr | sizeExpr = super.getArgument(target.getSizeArg()) | + if exists(target.getSizeMult()) + then result = sizeExpr + else + exists(Expr lengthExpr | + deconstructSizeExpr(sizeExpr, lengthExpr, _) and + result = lengthExpr + ) + ) + } + + int getSizeMultImpl() { + // malloc with multiplier argument that is a constant + result = super.getArgument(target.getSizeMult()).getValue().toInt() + or + // malloc with no multiplier argument + not exists(target.getSizeMult()) and + deconstructSizeExpr(super.getArgument(target.getSizeArg()), _, result) + } + + int getSizeBytesImpl() { + result = this.getSizeExprImpl().getValue().toInt() * this.getSizeMultImpl() + } + + Expr getReallocPtrImpl() { result = super.getArgument(target.getReallocPtrArg()) } + + Type getAllocatedElementTypeImpl() { + result = + super.getFullyConverted().getType().stripTopLevelSpecifiers().(PointerType).getBaseType() and + not result instanceof VoidType + } + + predicate requiresDeallocImpl() { target.requiresDealloc() } } } private module CallAllocationExpr { - private module Param implements CallAllocationExprBase::Param { - int getReallocPtrArg(AllocationFunction f) { result = f.getReallocPtrArg() } - - int getSizeArg(AllocationFunction f) { result = f.getSizeArg() } - - int getSizeMult(AllocationFunction f) { result = f.getSizeMult() } - - predicate requiresDealloc(AllocationFunction f) { f.requiresDealloc() } - } - /** * A class that provides the implementation of `AllocationExpr` for an allocation * that calls an `AllocationFunction`. */ - private class Base = - CallAllocationExprBase::With::CallAllocationExprImpl; + private class Base = CallAllocationExprBase::CallAllocationExprImpl; class CallAllocationExpr extends AllocationExpr, Base { override Expr getSizeExpr() { result = super.getSizeExprImpl() } @@ -437,7 +414,7 @@ private module HeuristicAllocation { int sizeArg; HeuristicAllocationFunctionByName() { - Function.super.getName().matches("%alloc%") and + Function.super.getName().matches(["%alloc%", "%Alloc%"]) and Function.super.getUnspecifiedType() instanceof PointerType and sizeArg = unique( | | getAnUnsignedParameter(this)) } @@ -452,22 +429,11 @@ private module HeuristicAllocation { override predicate requiresDealloc() { none() } } - private module Param implements CallAllocationExprBase::Param { - int getReallocPtrArg(HeuristicAllocationFunction f) { result = f.getReallocPtrArg() } - - int getSizeArg(HeuristicAllocationFunction f) { result = f.getSizeArg() } - - int getSizeMult(HeuristicAllocationFunction f) { result = f.getSizeMult() } - - predicate requiresDealloc(HeuristicAllocationFunction f) { f.requiresDealloc() } - } - /** * A class that provides the implementation of `AllocationExpr` for an allocation * that calls an `HeuristicAllocationFunction`. */ - private class Base = - CallAllocationExprBase::With::CallAllocationExprImpl; + private class Base = CallAllocationExprBase::CallAllocationExprImpl; private class CallAllocationExpr extends HeuristicAllocationExpr, Base { override Expr getSizeExpr() { result = super.getSizeExprImpl() } diff --git a/cpp/ql/lib/semmle/code/cpp/models/implementations/Deallocation.qll b/cpp/ql/lib/semmle/code/cpp/models/implementations/Deallocation.qll index 6bd2916b733..de1c3389be0 100644 --- a/cpp/ql/lib/semmle/code/cpp/models/implementations/Deallocation.qll +++ b/cpp/ql/lib/semmle/code/cpp/models/implementations/Deallocation.qll @@ -13,19 +13,19 @@ private class StandardDeallocationFunction extends DeallocationFunction { int freedArg; StandardDeallocationFunction() { - hasGlobalOrStdOrBslName([ + this.hasGlobalOrStdOrBslName([ // --- C library allocation "free", "realloc" ]) and freedArg = 0 or - hasGlobalName([ + this.hasGlobalName([ // --- OpenSSL memory allocation "CRYPTO_free", "CRYPTO_secure_free" ]) and freedArg = 0 or - hasGlobalOrStdName([ + this.hasGlobalOrStdName([ // --- Windows Memory Management for Windows Drivers "ExFreePoolWithTag", "ExDeleteTimer", "IoFreeMdl", "IoFreeWorkItem", "IoFreeErrorLogEntry", "MmFreeContiguousMemory", "MmFreeContiguousMemorySpecifyCache", "MmFreeNonCachedMemory", @@ -44,7 +44,7 @@ private class StandardDeallocationFunction extends DeallocationFunction { ]) and freedArg = 0 or - hasGlobalOrStdName([ + this.hasGlobalOrStdName([ // --- Windows Memory Management for Windows Drivers "ExFreeToLookasideListEx", "ExFreeToPagedLookasideList", "ExFreeToNPagedLookasideList", // --- NetBSD pool manager @@ -52,7 +52,7 @@ private class StandardDeallocationFunction extends DeallocationFunction { ]) and freedArg = 1 or - hasGlobalOrStdName(["HeapFree", "HeapReAlloc"]) and + this.hasGlobalOrStdName(["HeapFree", "HeapReAlloc"]) and freedArg = 2 } @@ -65,9 +65,9 @@ private class StandardDeallocationFunction extends DeallocationFunction { private class CallDeallocationExpr extends DeallocationExpr, FunctionCall { DeallocationFunction target; - CallDeallocationExpr() { target = getTarget() } + CallDeallocationExpr() { target = this.getTarget() } - override Expr getFreedExpr() { result = getArgument(target.getFreedArg()) } + override Expr getFreedExpr() { result = this.getArgument(target.getFreedArg()) } } /** @@ -76,7 +76,7 @@ private class CallDeallocationExpr extends DeallocationExpr, FunctionCall { private class DeleteDeallocationExpr extends DeallocationExpr, DeleteExpr { DeleteDeallocationExpr() { this instanceof DeleteExpr } - override Expr getFreedExpr() { result = getExpr() } + override Expr getFreedExpr() { result = this.getExpr() } } /** @@ -85,5 +85,5 @@ private class DeleteDeallocationExpr extends DeallocationExpr, DeleteExpr { private class DeleteArrayDeallocationExpr extends DeallocationExpr, DeleteArrayExpr { DeleteArrayDeallocationExpr() { this instanceof DeleteArrayExpr } - override Expr getFreedExpr() { result = getExpr() } + override Expr getFreedExpr() { result = this.getExpr() } } diff --git a/cpp/ql/lib/semmle/code/cpp/models/implementations/MemberFunction.qll b/cpp/ql/lib/semmle/code/cpp/models/implementations/MemberFunction.qll index 31752b304a4..70fd04859da 100644 --- a/cpp/ql/lib/semmle/code/cpp/models/implementations/MemberFunction.qll +++ b/cpp/ql/lib/semmle/code/cpp/models/implementations/MemberFunction.qll @@ -14,8 +14,8 @@ import semmle.code.cpp.models.interfaces.Taint */ private class ConversionConstructorModel extends Constructor, TaintFunction { ConversionConstructorModel() { - strictcount(Parameter p | p = getAParameter() and not p.hasInitializer()) = 1 and - not hasSpecifier("explicit") + strictcount(Parameter p | p = this.getAParameter() and not p.hasInitializer()) = 1 and + not this.hasSpecifier("explicit") } override predicate hasTaintFlow(FunctionInput input, FunctionOutput output) { diff --git a/cpp/ql/lib/semmle/code/cpp/models/implementations/Printf.qll b/cpp/ql/lib/semmle/code/cpp/models/implementations/Printf.qll index e360fa7b2bb..f0a25dfa30d 100644 --- a/cpp/ql/lib/semmle/code/cpp/models/implementations/Printf.qll +++ b/cpp/ql/lib/semmle/code/cpp/models/implementations/Printf.qll @@ -15,10 +15,10 @@ private class Printf extends FormattingFunction, AliasFunction { Printf() { this instanceof TopLevelFunction and ( - hasGlobalOrStdOrBslName(["printf", "wprintf"]) or - hasGlobalName(["printf_s", "wprintf_s", "g_printf"]) + this.hasGlobalOrStdOrBslName(["printf", "wprintf"]) or + this.hasGlobalName(["printf_s", "wprintf_s", "g_printf"]) ) and - not exists(getDefinition().getFile().getRelativePath()) + not exists(this.getDefinition().getFile().getRelativePath()) } override int getFormatParameterIndex() { result = 0 } @@ -39,10 +39,10 @@ private class Fprintf extends FormattingFunction { Fprintf() { this instanceof TopLevelFunction and ( - hasGlobalOrStdOrBslName(["fprintf", "fwprintf"]) or - hasGlobalName("g_fprintf") + this.hasGlobalOrStdOrBslName(["fprintf", "fwprintf"]) or + this.hasGlobalName("g_fprintf") ) and - not exists(getDefinition().getFile().getRelativePath()) + not exists(this.getDefinition().getFile().getRelativePath()) } override int getFormatParameterIndex() { result = 1 } @@ -57,12 +57,12 @@ private class Sprintf extends FormattingFunction { Sprintf() { this instanceof TopLevelFunction and ( - hasGlobalOrStdOrBslName([ + this.hasGlobalOrStdOrBslName([ "sprintf", // sprintf(dst, format, args...) "wsprintf" // wsprintf(dst, format, args...) ]) or - hasGlobalName([ + this.hasGlobalName([ "_sprintf_l", // _sprintf_l(dst, format, locale, args...) "__swprintf_l", // __swprintf_l(dst, format, locale, args...) "g_strdup_printf", // g_strdup_printf(format, ...) @@ -70,24 +70,26 @@ private class Sprintf extends FormattingFunction { "__builtin___sprintf_chk" // __builtin___sprintf_chk(dst, flag, os, format, ...) ]) ) and - not exists(getDefinition().getFile().getRelativePath()) + not exists(this.getDefinition().getFile().getRelativePath()) } override int getFormatParameterIndex() { - hasName("g_strdup_printf") and result = 0 + this.hasName("g_strdup_printf") and result = 0 or - hasName("__builtin___sprintf_chk") and result = 3 + this.hasName("__builtin___sprintf_chk") and result = 3 or - not getName() = ["g_strdup_printf", "__builtin___sprintf_chk"] and + not this.getName() = ["g_strdup_printf", "__builtin___sprintf_chk"] and result = 1 } override int getOutputParameterIndex(boolean isStream) { - not hasName("g_strdup_printf") and result = 0 and isStream = false + not this.hasName("g_strdup_printf") and result = 0 and isStream = false } override int getFirstFormatArgumentIndex() { - if hasName("__builtin___sprintf_chk") then result = 4 else result = getNumberOfParameters() + if this.hasName("__builtin___sprintf_chk") + then result = 4 + else result = this.getNumberOfParameters() } } @@ -98,46 +100,46 @@ private class SnprintfImpl extends Snprintf { SnprintfImpl() { this instanceof TopLevelFunction and ( - hasGlobalOrStdOrBslName([ + this.hasGlobalOrStdOrBslName([ "snprintf", // C99 defines snprintf "swprintf" // The s version of wide-char printf is also always the n version ]) or // Microsoft has _snprintf as well as several other variations - hasGlobalName([ + this.hasGlobalName([ "sprintf_s", "snprintf_s", "swprintf_s", "_snprintf", "_snprintf_s", "_snprintf_l", "_snprintf_s_l", "_snwprintf", "_snwprintf_s", "_snwprintf_l", "_snwprintf_s_l", "_sprintf_s_l", "_swprintf_l", "_swprintf_s_l", "g_snprintf", "wnsprintf", "__builtin___snprintf_chk" ]) ) and - not exists(getDefinition().getFile().getRelativePath()) + not exists(this.getDefinition().getFile().getRelativePath()) } override int getFormatParameterIndex() { - if getName().matches("%\\_l") - then result = getFirstFormatArgumentIndex() - 2 - else result = getFirstFormatArgumentIndex() - 1 + if this.getName().matches("%\\_l") + then result = this.getFirstFormatArgumentIndex() - 2 + else result = this.getFirstFormatArgumentIndex() - 1 } override int getOutputParameterIndex(boolean isStream) { result = 0 and isStream = false } override int getFirstFormatArgumentIndex() { exists(string name | - name = getQualifiedName() and + name = this.getQualifiedName() and ( name = "__builtin___snprintf_chk" and result = 5 or name != "__builtin___snprintf_chk" and - result = getNumberOfParameters() + result = this.getNumberOfParameters() ) ) } override predicate returnsFullFormatLength() { - hasName(["snprintf", "g_snprintf", "__builtin___snprintf_chk", "snprintf_s"]) and - not exists(getDefinition().getFile().getRelativePath()) + this.hasName(["snprintf", "g_snprintf", "__builtin___snprintf_chk", "snprintf_s"]) and + not exists(this.getDefinition().getFile().getRelativePath()) } override int getSizeParameterIndex() { result = 1 } @@ -149,15 +151,15 @@ private class SnprintfImpl extends Snprintf { private class StringCchPrintf extends FormattingFunction { StringCchPrintf() { this instanceof TopLevelFunction and - hasGlobalName([ + this.hasGlobalName([ "StringCchPrintf", "StringCchPrintfEx", "StringCchPrintf_l", "StringCchPrintf_lEx", "StringCbPrintf", "StringCbPrintfEx", "StringCbPrintf_l", "StringCbPrintf_lEx" ]) and - not exists(getDefinition().getFile().getRelativePath()) + not exists(this.getDefinition().getFile().getRelativePath()) } override int getFormatParameterIndex() { - if getName().matches("%Ex") then result = 5 else result = 2 + if this.getName().matches("%Ex") then result = 5 else result = 2 } override int getOutputParameterIndex(boolean isStream) { result = 0 and isStream = false } @@ -171,8 +173,8 @@ private class StringCchPrintf extends FormattingFunction { private class Syslog extends FormattingFunction { Syslog() { this instanceof TopLevelFunction and - hasGlobalName("syslog") and - not exists(getDefinition().getFile().getRelativePath()) + this.hasGlobalName("syslog") and + not exists(this.getDefinition().getFile().getRelativePath()) } override int getFormatParameterIndex() { result = 1 } diff --git a/cpp/ql/lib/semmle/code/cpp/models/implementations/Strdup.qll b/cpp/ql/lib/semmle/code/cpp/models/implementations/Strdup.qll index 51d496fc69e..e83178134a8 100644 --- a/cpp/ql/lib/semmle/code/cpp/models/implementations/Strdup.qll +++ b/cpp/ql/lib/semmle/code/cpp/models/implementations/Strdup.qll @@ -13,7 +13,7 @@ import semmle.code.cpp.models.interfaces.Taint */ private class StrdupFunction extends AllocationFunction, ArrayFunction, DataFlowFunction { StrdupFunction() { - hasGlobalName([ + this.hasGlobalName([ // --- C library allocation "strdup", // strdup(str) "strdupa", // strdupa(str) - returns stack allocated buffer @@ -33,7 +33,7 @@ private class StrdupFunction extends AllocationFunction, ArrayFunction, DataFlow output.isReturnValueDeref() } - override predicate requiresDealloc() { not hasGlobalName("strdupa") } + override predicate requiresDealloc() { not this.hasGlobalName("strdupa") } } /** @@ -41,7 +41,7 @@ private class StrdupFunction extends AllocationFunction, ArrayFunction, DataFlow */ private class StrndupFunction extends AllocationFunction, ArrayFunction, DataFlowFunction { StrndupFunction() { - hasGlobalName([ + this.hasGlobalName([ // -- C library allocation "strndup", // strndup(str, maxlen) "strndupa" // strndupa(str, maxlen) -- returns stack allocated buffer @@ -60,5 +60,5 @@ private class StrndupFunction extends AllocationFunction, ArrayFunction, DataFlo output.isReturnValueDeref() } - override predicate requiresDealloc() { not hasGlobalName("strndupa") } + override predicate requiresDealloc() { not this.hasGlobalName("strndupa") } } diff --git a/cpp/ql/lib/semmle/code/cpp/models/implementations/Strftime.qll b/cpp/ql/lib/semmle/code/cpp/models/implementations/Strftime.qll index 0dad89e950f..a0f00662d37 100644 --- a/cpp/ql/lib/semmle/code/cpp/models/implementations/Strftime.qll +++ b/cpp/ql/lib/semmle/code/cpp/models/implementations/Strftime.qll @@ -2,7 +2,7 @@ import semmle.code.cpp.models.interfaces.Taint import semmle.code.cpp.models.interfaces.ArrayFunction private class Strftime extends TaintFunction, ArrayFunction { - Strftime() { hasGlobalName("strftime") } + Strftime() { this.hasGlobalName("strftime") } override predicate hasTaintFlow(FunctionInput input, FunctionOutput output) { ( diff --git a/cpp/ql/lib/semmle/code/cpp/models/implementations/Strset.qll b/cpp/ql/lib/semmle/code/cpp/models/implementations/Strset.qll index e5b493cc2ee..24ac6080aa6 100644 --- a/cpp/ql/lib/semmle/code/cpp/models/implementations/Strset.qll +++ b/cpp/ql/lib/semmle/code/cpp/models/implementations/Strset.qll @@ -16,7 +16,7 @@ private class StrsetFunction extends ArrayFunction, DataFlowFunction, AliasFunct SideEffectFunction { StrsetFunction() { - hasGlobalName([ + this.hasGlobalName([ "strset", "_strset", "_strset_l", "_wcsset", "_wcsset_l", "_mbsset", "_mbsset_l", "_mbsnbset", "_mbsnbset_l", "_strnset", "_strnset_l", "_wcsnset", "_wcsnset_l", "_mbsnset", "_mbsnset_l" diff --git a/cpp/ql/lib/semmle/code/cpp/models/implementations/System.qll b/cpp/ql/lib/semmle/code/cpp/models/implementations/System.qll index de62517e5bb..8d473afb4ca 100644 --- a/cpp/ql/lib/semmle/code/cpp/models/implementations/System.qll +++ b/cpp/ql/lib/semmle/code/cpp/models/implementations/System.qll @@ -10,12 +10,12 @@ private class SystemFunction extends CommandExecutionFunction, ArrayFunction, Al SideEffectFunction { SystemFunction() { - hasGlobalOrStdName("system") or // system(command) - hasGlobalName("popen") or // popen(command, mode) + this.hasGlobalOrStdName("system") or // system(command) + this.hasGlobalName("popen") or // popen(command, mode) // Windows variants - hasGlobalName("_popen") or // _popen(command, mode) - hasGlobalName("_wpopen") or // _wpopen(command, mode) - hasGlobalName("_wsystem") // _wsystem(command) + this.hasGlobalName("_popen") or // _popen(command, mode) + this.hasGlobalName("_wpopen") or // _wpopen(command, mode) + this.hasGlobalName("_wsystem") // _wsystem(command) } override predicate hasCommandArgument(FunctionInput input) { input.isParameterDeref(0) } @@ -33,8 +33,8 @@ private class SystemFunction extends CommandExecutionFunction, ArrayFunction, Al override predicate hasOnlySpecificReadSideEffects() { any() } override predicate hasOnlySpecificWriteSideEffects() { - hasGlobalOrStdName("system") or - hasGlobalName("_wsystem") + this.hasGlobalOrStdName("system") or + this.hasGlobalName("_wsystem") } override predicate hasSpecificReadSideEffect(ParameterIndex i, boolean buffer) { diff --git a/cpp/ql/lib/semmle/code/cpp/models/interfaces/Allocation.qll b/cpp/ql/lib/semmle/code/cpp/models/interfaces/Allocation.qll index 086cb9a6f73..d170783e31e 100644 --- a/cpp/ql/lib/semmle/code/cpp/models/interfaces/Allocation.qll +++ b/cpp/ql/lib/semmle/code/cpp/models/interfaces/Allocation.qll @@ -96,7 +96,7 @@ abstract class AllocationFunction extends Function { */ class OperatorNewAllocationFunction extends AllocationFunction { OperatorNewAllocationFunction() { - hasGlobalName([ + this.hasGlobalName([ "operator new", // operator new(bytes, ...) "operator new[]" // operator new[](bytes, ...) ]) @@ -104,15 +104,15 @@ class OperatorNewAllocationFunction extends AllocationFunction { override int getSizeArg() { result = 0 } - override predicate requiresDealloc() { not exists(getPlacementArgument()) } + override predicate requiresDealloc() { not exists(this.getPlacementArgument()) } /** * Gets the position of the placement pointer if this is a placement * `operator new` function. */ int getPlacementArgument() { - getNumberOfParameters() = 2 and - getParameter(1).getType() instanceof VoidPointerType and + this.getNumberOfParameters() = 2 and + this.getParameter(1).getType() instanceof VoidPointerType and result = 1 } } diff --git a/cpp/ql/lib/semmle/code/cpp/models/interfaces/Deallocation.qll b/cpp/ql/lib/semmle/code/cpp/models/interfaces/Deallocation.qll index 569caebe36f..b7582e17f2c 100644 --- a/cpp/ql/lib/semmle/code/cpp/models/interfaces/Deallocation.qll +++ b/cpp/ql/lib/semmle/code/cpp/models/interfaces/Deallocation.qll @@ -41,7 +41,7 @@ abstract class DeallocationFunction extends Function { */ class OperatorDeleteDeallocationFunction extends DeallocationFunction { OperatorDeleteDeallocationFunction() { - hasGlobalName([ + this.hasGlobalName([ "operator delete", // operator delete(pointer, ...) "operator delete[]" // operator delete[](pointer, ...) ]) diff --git a/cpp/ql/lib/semmle/code/cpp/models/interfaces/FormattingFunction.qll b/cpp/ql/lib/semmle/code/cpp/models/interfaces/FormattingFunction.qll index 0b14bf9cb0e..66f0a1dae01 100644 --- a/cpp/ql/lib/semmle/code/cpp/models/interfaces/FormattingFunction.qll +++ b/cpp/ql/lib/semmle/code/cpp/models/interfaces/FormattingFunction.qll @@ -57,7 +57,7 @@ abstract class FormattingFunction extends ArrayFunction, TaintFunction { */ Type getFormatCharType() { result = - stripTopLevelSpecifiersOnly(stripTopLevelSpecifiersOnly(getParameter(getFormatParameterIndex()) + stripTopLevelSpecifiersOnly(stripTopLevelSpecifiersOnly(this.getParameter(this.getFormatParameterIndex()) .getType() .getUnderlyingType()).(PointerType).getBaseType()) } @@ -67,10 +67,10 @@ abstract class FormattingFunction extends ArrayFunction, TaintFunction { * `char` or `wchar_t`. */ Type getDefaultCharType() { - isMicrosoft() and - result = getFormatCharType() + this.isMicrosoft() and + result = this.getFormatCharType() or - not isMicrosoft() and + not this.isMicrosoft() and result instanceof PlainCharType } @@ -80,10 +80,10 @@ abstract class FormattingFunction extends ArrayFunction, TaintFunction { * which is correct for a particular function. */ Type getNonDefaultCharType() { - getDefaultCharType().getSize() = 1 and - result = getWideCharType() + this.getDefaultCharType().getSize() = 1 and + result = this.getWideCharType() or - not getDefaultCharType().getSize() = 1 and + not this.getDefaultCharType().getSize() = 1 and result instanceof PlainCharType } @@ -94,10 +94,10 @@ abstract class FormattingFunction extends ArrayFunction, TaintFunction { */ pragma[nomagic] Type getWideCharType() { - result = getFormatCharType() and + result = this.getFormatCharType() and result.getSize() > 1 or - not getFormatCharType().getSize() > 1 and + not this.getFormatCharType().getSize() > 1 and result = getAFormatterWideTypeOrDefault() // may have more than one result } @@ -120,14 +120,14 @@ abstract class FormattingFunction extends ArrayFunction, TaintFunction { * the first format specifier in the format string. */ int getFirstFormatArgumentIndex() { - result = getNumberOfParameters() and + result = this.getNumberOfParameters() and // the formatting function either has a definition in the snapshot, or all // `DeclarationEntry`s agree on the number of parameters (otherwise we don't // really know the correct number) ( - hasDefinition() + this.hasDefinition() or - forall(FunctionDeclarationEntry fde | fde = getADeclarationEntry() | + forall(FunctionDeclarationEntry fde | fde = this.getADeclarationEntry() | result = fde.getNumberOfParameters() ) ) @@ -139,30 +139,30 @@ abstract class FormattingFunction extends ArrayFunction, TaintFunction { int getSizeParameterIndex() { none() } override predicate hasArrayWithNullTerminator(int bufParam) { - bufParam = getFormatParameterIndex() + bufParam = this.getFormatParameterIndex() } override predicate hasArrayWithVariableSize(int bufParam, int countParam) { - bufParam = getOutputParameterIndex(false) and - countParam = getSizeParameterIndex() + bufParam = this.getOutputParameterIndex(false) and + countParam = this.getSizeParameterIndex() } override predicate hasArrayWithUnknownSize(int bufParam) { - bufParam = getOutputParameterIndex(false) and - not exists(getSizeParameterIndex()) + bufParam = this.getOutputParameterIndex(false) and + not exists(this.getSizeParameterIndex()) } - override predicate hasArrayInput(int bufParam) { bufParam = getFormatParameterIndex() } + override predicate hasArrayInput(int bufParam) { bufParam = this.getFormatParameterIndex() } - override predicate hasArrayOutput(int bufParam) { bufParam = getOutputParameterIndex(false) } + override predicate hasArrayOutput(int bufParam) { bufParam = this.getOutputParameterIndex(false) } override predicate hasTaintFlow(FunctionInput input, FunctionOutput output) { exists(int arg | - arg = getFormatParameterIndex() or - arg >= getFirstFormatArgumentIndex() + arg = this.getFormatParameterIndex() or + arg >= this.getFirstFormatArgumentIndex() | (input.isParameterDeref(arg) or input.isParameter(arg)) and - output.isParameterDeref(getOutputParameterIndex(_)) + output.isParameterDeref(this.getOutputParameterIndex(_)) ) } } diff --git a/cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/SemanticExpr.qll b/cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/SemanticExpr.qll index 2ea958931da..46a5c735ca0 100644 --- a/cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/SemanticExpr.qll +++ b/cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/SemanticExpr.qll @@ -87,7 +87,7 @@ class SemIntegerLiteralExpr extends SemNumericLiteralExpr { final int getIntValue() { Specific::integerLiteral(this, _, result) } final override float getApproximateFloatValue() { - result = getIntValue() + result = this.getIntValue() or Specific::largeIntegerLiteral(this, _, result) } @@ -124,13 +124,13 @@ class SemBinaryExpr extends SemKnownExpr { /** Holds if `a` and `b` are the two operands, in either order. */ final predicate hasOperands(SemExpr a, SemExpr b) { - a = getLeftOperand() and b = getRightOperand() + a = this.getLeftOperand() and b = this.getRightOperand() or - a = getRightOperand() and b = getLeftOperand() + a = this.getRightOperand() and b = this.getLeftOperand() } /** Gets the two operands. */ - final SemExpr getAnOperand() { result = getLeftOperand() or result = getRightOperand() } + final SemExpr getAnOperand() { result = this.getLeftOperand() or result = this.getRightOperand() } } /** An expression that performs and ordered comparison of two operands. */ @@ -154,8 +154,8 @@ class SemRelationalExpr extends SemBinaryExpr { */ final SemExpr getLesserOperand() { if opcode instanceof Opcode::CompareLT or opcode instanceof Opcode::CompareLE - then result = getLeftOperand() - else result = getRightOperand() + then result = this.getLeftOperand() + else result = this.getRightOperand() } /** @@ -167,8 +167,8 @@ class SemRelationalExpr extends SemBinaryExpr { */ final SemExpr getGreaterOperand() { if opcode instanceof Opcode::CompareGT or opcode instanceof Opcode::CompareGE - then result = getLeftOperand() - else result = getRightOperand() + then result = this.getLeftOperand() + else result = this.getRightOperand() } /** Holds if this comparison returns `false` if the two operands are equal. */ @@ -280,11 +280,11 @@ class SemLoadExpr extends SemNullaryExpr { } class SemSsaLoadExpr extends SemLoadExpr { - SemSsaLoadExpr() { exists(getDef()) } + SemSsaLoadExpr() { exists(this.getDef()) } } class SemNonSsaLoadExpr extends SemLoadExpr { - SemNonSsaLoadExpr() { not exists(getDef()) } + SemNonSsaLoadExpr() { not exists(this.getDef()) } } class SemStoreExpr extends SemUnaryExpr { diff --git a/cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/SemanticSSA.qll b/cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/SemanticSSA.qll index 307f6e386b5..29580c2c507 100644 --- a/cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/SemanticSSA.qll +++ b/cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/SemanticSSA.qll @@ -59,7 +59,7 @@ class SemSsaReadPositionBlock extends SemSsaReadPosition { SemBasicBlock getBlock() { result = block } - SemExpr getAnExpr() { result = getBlock().getAnExpr() } + SemExpr getAnExpr() { result = this.getBlock().getAnExpr() } } /** diff --git a/cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/SemanticType.qll b/cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/SemanticType.qll index b86db02702c..cf20bdfeff8 100644 --- a/cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/SemanticType.qll +++ b/cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/SemanticType.qll @@ -38,7 +38,7 @@ class SemType extends TSemType { * Gets a string that uniquely identifies this `SemType`. This string is often the same as the * result of `SemType.toString()`, but for some types it may be more verbose to ensure uniqueness. */ - string getIdentityString() { result = toString() } + string getIdentityString() { result = this.toString() } /** * Gets the size of the type, in bytes, if known. @@ -132,7 +132,7 @@ class SemIntegerType extends SemNumericType { final predicate isSigned() { signed = true } /** Holds if this integer type is unsigned. */ - final predicate isUnsigned() { not isSigned() } + final predicate isUnsigned() { not this.isSigned() } // Don't override `getByteSize()` here. The optimizer seems to generate better code when this is // overridden only in the leaf classes. } diff --git a/cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/analysis/Bound.qll b/cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/analysis/Bound.qll index abff447ca87..27883aedf3e 100644 --- a/cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/analysis/Bound.qll +++ b/cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/analysis/Bound.qll @@ -45,7 +45,7 @@ abstract class Bound extends TBound { abstract Instruction getInstruction(int delta); /** Gets an expression that equals this bound. */ - Instruction getInstruction() { result = getInstruction(0) } + Instruction getInstruction() { result = this.getInstruction(0) } abstract Location getLocation(); } diff --git a/cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/analysis/RangeAnalysisImpl.qll b/cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/analysis/RangeAnalysisImpl.qll index a5c129f638f..938857c0c2d 100644 --- a/cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/analysis/RangeAnalysisImpl.qll +++ b/cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/analysis/RangeAnalysisImpl.qll @@ -109,6 +109,6 @@ module Public { /** Gets the condition that is the reason for the bound. */ SemGuard getCond() { this = TSemCondReason(result) } - override string toString() { result = getCond().toString() } + override string toString() { result = this.getCond().toString() } } } diff --git a/cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/analysis/RangeAnalysisStage.qll b/cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/analysis/RangeAnalysisStage.qll index 019d69c36cf..c07a3ea55a0 100644 --- a/cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/analysis/RangeAnalysisStage.qll +++ b/cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/analysis/RangeAnalysisStage.qll @@ -277,7 +277,7 @@ module RangeStage< */ private class SafeCastExpr extends ConvertOrBoxExpr { SafeCastExpr() { - conversionCannotOverflow(getTrackedType(pragma[only_bind_into](getOperand())), + conversionCannotOverflow(getTrackedType(pragma[only_bind_into](this.getOperand())), pragma[only_bind_out](getTrackedType(this))) } } @@ -536,7 +536,7 @@ module RangeStage< /** Gets the condition that is the reason for the bound. */ SemGuard getCond() { this = TSemCondReason(result) } - override string toString() { result = getCond().toString() } + override string toString() { result = this.getCond().toString() } } /** @@ -729,7 +729,7 @@ module RangeStage< ) { exists(SemExpr e, D::Delta d1, D::Delta d2 | unequalFlowStepIntegralSsa(v, pos, e, d1, reason) and - boundedUpper(e, b, d1) and + boundedUpper(e, b, d2) and boundedLower(e, b, d2) and delta = D::fromFloat(D::toFloat(d1) + D::toFloat(d2)) ) diff --git a/cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/analysis/Sign.qll b/cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/analysis/Sign.qll index 814691d9bcd..8c1de7c7b54 100644 --- a/cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/analysis/Sign.qll +++ b/cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/analysis/Sign.qll @@ -73,7 +73,7 @@ class Sign extends TSign { * Gets a possible sign after subtracting an expression with sign `s` from an expression * that has this sign. */ - Sign sub(Sign s) { result = add(s.neg()) } + Sign sub(Sign s) { result = this.add(s.neg()) } /** * Gets a possible sign after multiplying an expression with sign `s` to an expression @@ -231,37 +231,37 @@ class Sign extends TSign { or op instanceof Opcode::Store and result = this or - op instanceof Opcode::AddOne and result = inc() + op instanceof Opcode::AddOne and result = this.inc() or - op instanceof Opcode::SubOne and result = dec() + op instanceof Opcode::SubOne and result = this.dec() or - op instanceof Opcode::Negate and result = neg() + op instanceof Opcode::Negate and result = this.neg() or - op instanceof Opcode::BitComplement and result = bitnot() + op instanceof Opcode::BitComplement and result = this.bitnot() } /** Perform `op` on this sign and sign `s`. */ Sign applyBinaryOp(Sign s, Opcode op) { - op instanceof Opcode::Add and result = add(s) + op instanceof Opcode::Add and result = this.add(s) or - op instanceof Opcode::Sub and result = sub(s) + op instanceof Opcode::Sub and result = this.sub(s) or - op instanceof Opcode::Mul and result = mul(s) + op instanceof Opcode::Mul and result = this.mul(s) or - op instanceof Opcode::Div and result = div(s) + op instanceof Opcode::Div and result = this.div(s) or - op instanceof Opcode::Rem and result = rem(s) + op instanceof Opcode::Rem and result = this.rem(s) or - op instanceof Opcode::BitAnd and result = bitand(s) + op instanceof Opcode::BitAnd and result = this.bitand(s) or - op instanceof Opcode::BitOr and result = bitor(s) + op instanceof Opcode::BitOr and result = this.bitor(s) or - op instanceof Opcode::BitXor and result = bitxor(s) + op instanceof Opcode::BitXor and result = this.bitxor(s) or - op instanceof Opcode::ShiftLeft and result = lshift(s) + op instanceof Opcode::ShiftLeft and result = this.lshift(s) or - op instanceof Opcode::ShiftRight and result = rshift(s) + op instanceof Opcode::ShiftRight and result = this.rshift(s) or - op instanceof Opcode::ShiftRightUnsigned and result = urshift(s) + op instanceof Opcode::ShiftRightUnsigned and result = this.urshift(s) } } diff --git a/cpp/ql/lib/semmle/code/cpp/security/CommandExecution.qll b/cpp/ql/lib/semmle/code/cpp/security/CommandExecution.qll index 063c7300031..116f8a77216 100644 --- a/cpp/ql/lib/semmle/code/cpp/security/CommandExecution.qll +++ b/cpp/ql/lib/semmle/code/cpp/security/CommandExecution.qll @@ -28,7 +28,7 @@ class SystemFunction extends FunctionWithWrappers instanceof CommandExecutionFun */ class VarargsExecFunctionCall extends FunctionCall { VarargsExecFunctionCall() { - getTarget() + this.getTarget() .hasGlobalName([ "execl", "execle", "execlp", // Windows @@ -40,7 +40,7 @@ class VarargsExecFunctionCall extends FunctionCall { /** Whether the last argument to the function is an environment pointer */ predicate hasEnvironmentArgument() { - getTarget().hasGlobalName(["execle", "_execle", "_execlpe", "_wexecle", "_wexeclpe"]) + this.getTarget().hasGlobalName(["execle", "_execle", "_execlpe", "_wexecle", "_wexeclpe"]) } /** @@ -49,25 +49,27 @@ class VarargsExecFunctionCall extends FunctionCall { */ Expr getCommandArgument(int idx) { exists(int underlyingIdx | - result = getArgument(underlyingIdx) and - underlyingIdx > getCommandIdx() and + result = this.getArgument(underlyingIdx) and + underlyingIdx > this.getCommandIdx() and ( - underlyingIdx < getNumberOfArguments() - 1 or - not hasEnvironmentArgument() + underlyingIdx < this.getNumberOfArguments() - 1 or + not this.hasEnvironmentArgument() ) and - idx = underlyingIdx - getCommandIdx() - 1 + idx = underlyingIdx - this.getCommandIdx() - 1 ) } /** The expression denoting the program to execute */ - Expr getCommand() { result = getArgument(getCommandIdx()) } + Expr getCommand() { result = this.getArgument(this.getCommandIdx()) } /** * The index of the command. The spawn variants start with a mode, whereas * all the other ones start with the command. */ private int getCommandIdx() { - if getTarget().getName().matches(["\\_spawn%", "\\_wspawn%"]) then result = 1 else result = 0 + if this.getTarget().getName().matches(["\\_spawn%", "\\_wspawn%"]) + then result = 1 + else result = 0 } } @@ -78,7 +80,7 @@ class VarargsExecFunctionCall extends FunctionCall { */ class ArrayExecFunctionCall extends FunctionCall { ArrayExecFunctionCall() { - getTarget() + this.getTarget() .hasGlobalName([ "execv", "execvp", "execvpe", "execve", "fexecve", // Windows variants @@ -89,17 +91,19 @@ class ArrayExecFunctionCall extends FunctionCall { } /** The argument with the array of command arguments */ - Expr getArrayArgument() { result = getArgument(getCommandIdx() + 1) } + Expr getArrayArgument() { result = this.getArgument(this.getCommandIdx() + 1) } /** The expression denoting the program to execute */ - Expr getCommand() { result = getArgument(getCommandIdx()) } + Expr getCommand() { result = this.getArgument(this.getCommandIdx()) } /** * The index of the command. The spawn variants start with a mode, whereas * all the other ones start with the command. */ private int getCommandIdx() { - if getTarget().getName().matches(["\\_spawn%", "\\_wspawn%"]) then result = 1 else result = 0 + if this.getTarget().getName().matches(["\\_spawn%", "\\_wspawn%"]) + then result = 1 + else result = 0 } } diff --git a/cpp/ql/lib/semmle/code/cpp/security/TaintTrackingImpl.qll b/cpp/ql/lib/semmle/code/cpp/security/TaintTrackingImpl.qll index 285aba40e86..bf6bcc3acb6 100644 --- a/cpp/ql/lib/semmle/code/cpp/security/TaintTrackingImpl.qll +++ b/cpp/ql/lib/semmle/code/cpp/security/TaintTrackingImpl.qll @@ -564,9 +564,9 @@ abstract deprecated library class DataSensitiveCallExpr extends Expr { * Searches backwards from `getSrc()` to `src`. */ predicate flowsFrom(Element src, boolean allowFromArg) { - src = getSrc() and allowFromArg = true + src = this.getSrc() and allowFromArg = true or - exists(Element other, boolean allowOtherFromArg | flowsFrom(other, allowOtherFromArg) | + exists(Element other, boolean allowOtherFromArg | this.flowsFrom(other, allowOtherFromArg) | exists(boolean otherFromArg | betweenFunctionsValueMoveToStatic(src, other, otherFromArg) | otherFromArg = true and allowOtherFromArg = true and allowFromArg = true or @@ -582,10 +582,10 @@ abstract deprecated library class DataSensitiveCallExpr extends Expr { /** Call through a function pointer. */ deprecated library class DataSensitiveExprCall extends DataSensitiveCallExpr, ExprCall { - override Expr getSrc() { result = getExpr() } + override Expr getSrc() { result = this.getExpr() } override Function resolve() { - exists(FunctionAccess fa | flowsFrom(fa, true) | result = fa.getTarget()) + exists(FunctionAccess fa | this.flowsFrom(fa, true) | result = fa.getTarget()) } } @@ -594,16 +594,16 @@ deprecated library class DataSensitiveOverriddenFunctionCall extends DataSensiti FunctionCall { DataSensitiveOverriddenFunctionCall() { - exists(getTarget().(VirtualFunction).getAnOverridingFunction()) + exists(this.getTarget().(VirtualFunction).getAnOverridingFunction()) } - override Expr getSrc() { result = getQualifier() } + override Expr getSrc() { result = this.getQualifier() } override MemberFunction resolve() { exists(NewExpr new | - flowsFrom(new, true) and + this.flowsFrom(new, true) and memberFunctionFromNewExpr(new, result) and - result.overrides*(getTarget().(VirtualFunction)) + result.overrides*(this.getTarget().(VirtualFunction)) ) } } diff --git a/cpp/ql/lib/semmle/code/cpp/valuenumbering/GlobalValueNumberingImpl.qll b/cpp/ql/lib/semmle/code/cpp/valuenumbering/GlobalValueNumberingImpl.qll index c1fe36e3430..8f43e19c7b5 100644 --- a/cpp/ql/lib/semmle/code/cpp/valuenumbering/GlobalValueNumberingImpl.qll +++ b/cpp/ql/lib/semmle/code/cpp/valuenumbering/GlobalValueNumberingImpl.qll @@ -284,10 +284,10 @@ deprecated class GVN extends GvnBase { } /** Gets a textual representation of this element. */ - string toString() { result = exampleExpr().toString() } + string toString() { result = this.exampleExpr().toString() } /** Gets the primary location of this element. */ - Location getLocation() { result = exampleExpr().getLocation() } + Location getLocation() { result = this.exampleExpr().getLocation() } } private predicate analyzableIntConst(Expr e) { diff --git a/cpp/ql/lib/semmle/code/cpp/valuenumbering/HashCons.qll b/cpp/ql/lib/semmle/code/cpp/valuenumbering/HashCons.qll index 6570eb64425..78ab6c739bd 100644 --- a/cpp/ql/lib/semmle/code/cpp/valuenumbering/HashCons.qll +++ b/cpp/ql/lib/semmle/code/cpp/valuenumbering/HashCons.qll @@ -282,10 +282,10 @@ class HashCons extends HCBase { } /** Gets a textual representation of this element. */ - string toString() { result = exampleExpr().toString() } + string toString() { result = this.exampleExpr().toString() } /** Gets the primary location of this element. */ - Location getLocation() { result = exampleExpr().getLocation() } + Location getLocation() { result = this.exampleExpr().getLocation() } } /** diff --git a/cpp/ql/lib/upgrades/282c13bfdbcbd57a887972b47a471342a4ad5507/member_function_this_type.ql b/cpp/ql/lib/upgrades/282c13bfdbcbd57a887972b47a471342a4ad5507/member_function_this_type.ql index 2e99f1ed5f0..4b10d3627c1 100644 --- a/cpp/ql/lib/upgrades/282c13bfdbcbd57a887972b47a471342a4ad5507/member_function_this_type.ql +++ b/cpp/ql/lib/upgrades/282c13bfdbcbd57a887972b47a471342a4ad5507/member_function_this_type.ql @@ -24,7 +24,7 @@ class ClassPointerType extends @derivedtype { Class getBaseType() { derivedtypes(this, _, _, result) } - string toString() { result = getBaseType().toString() + "*" } + string toString() { result = this.getBaseType().toString() + "*" } } class DefinedMemberFunction extends @function { diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index 1314e6d7553..4991b66538f 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.6.2 + +No user-facing changes. + ## 0.6.1 ### New Queries diff --git a/cpp/ql/src/Critical/FileMayNotBeClosed.ql b/cpp/ql/src/Critical/FileMayNotBeClosed.ql index 9a3aa6f8d4d..0c247441a3b 100644 --- a/cpp/ql/src/Critical/FileMayNotBeClosed.ql +++ b/cpp/ql/src/Critical/FileMayNotBeClosed.ql @@ -118,7 +118,7 @@ class FOpenReachability extends StackVariableReachabilityExt { override predicate isBarrier( ControlFlowNode source, ControlFlowNode node, ControlFlowNode next, StackVariable v ) { - isSource(source, v) and + this.isSource(source, v) and next = node.getASuccessor() and // the file (stored in any variable `v0`) opened at `source` is closed or // assigned to a global at node, or NULL checked on the edge node -> next. diff --git a/cpp/ql/src/Critical/MemoryMayNotBeFreed.ql b/cpp/ql/src/Critical/MemoryMayNotBeFreed.ql index d2afdad1306..d49a3bc4132 100644 --- a/cpp/ql/src/Critical/MemoryMayNotBeFreed.ql +++ b/cpp/ql/src/Critical/MemoryMayNotBeFreed.ql @@ -144,7 +144,7 @@ class AllocReachability extends StackVariableReachabilityExt { override predicate isBarrier( ControlFlowNode source, ControlFlowNode node, ControlFlowNode next, StackVariable v ) { - isSource(source, v) and + this.isSource(source, v) and next = node.getASuccessor() and // the memory (stored in any variable `v0`) allocated at `source` is freed or // assigned to a global at node, or NULL checked on the edge node -> next. diff --git a/cpp/ql/src/JPL_C/LOC-4/Rule 23/MismatchedIfdefs.ql b/cpp/ql/src/JPL_C/LOC-4/Rule 23/MismatchedIfdefs.ql index 1e5fed2bfb7..f0faafbf855 100644 --- a/cpp/ql/src/JPL_C/LOC-4/Rule 23/MismatchedIfdefs.ql +++ b/cpp/ql/src/JPL_C/LOC-4/Rule 23/MismatchedIfdefs.ql @@ -19,20 +19,22 @@ class FileWithDirectives extends File { } int getDirectiveIndex(Directive d) { - exists(int line | line = getDirectiveLine(d) | line = rank[result](getDirectiveLine(_))) + exists(int line | line = this.getDirectiveLine(d) | + line = rank[result](this.getDirectiveLine(_)) + ) } int depth(Directive d) { - exists(int index | index = getDirectiveIndex(d) | + exists(int index | index = this.getDirectiveIndex(d) | index = 1 and result = d.depthChange() or - exists(Directive prev | getDirectiveIndex(prev) = index - 1 | - result = d.depthChange() + depth(prev) + exists(Directive prev | this.getDirectiveIndex(prev) = index - 1 | + result = d.depthChange() + this.depth(prev) ) ) } - Directive lastDirective() { getDirectiveIndex(result) = max(getDirectiveIndex(_)) } + Directive lastDirective() { this.getDirectiveIndex(result) = max(this.getDirectiveIndex(_)) } } abstract class Directive extends PreprocessorDirective { @@ -63,13 +65,13 @@ class ElseDirective extends Directive { override int depthChange() { result = 0 } - override predicate mismatched() { depth() < 1 } + override predicate mismatched() { this.depth() < 1 } } class EndifDirective extends Directive instanceof PreprocessorEndif { override int depthChange() { result = -1 } - override predicate mismatched() { depth() < 0 } + override predicate mismatched() { this.depth() < 0 } } from FileWithDirectives f, Directive d, string msg diff --git a/cpp/ql/src/Likely Bugs/Likely Typos/UsingStrcpyAsBoolean.ql b/cpp/ql/src/Likely Bugs/Likely Typos/UsingStrcpyAsBoolean.ql index 3e7cdbe43b9..5b1d54b51f8 100644 --- a/cpp/ql/src/Likely Bugs/Likely Typos/UsingStrcpyAsBoolean.ql +++ b/cpp/ql/src/Likely Bugs/Likely Typos/UsingStrcpyAsBoolean.ql @@ -20,7 +20,7 @@ import semmle.code.cpp.ir.dataflow.DataFlow * code). */ class InterestingStrcpyFunction extends StrcpyFunction { - InterestingStrcpyFunction() { getType().getUnspecifiedType() instanceof PointerType } + InterestingStrcpyFunction() { this.getType().getUnspecifiedType() instanceof PointerType } } predicate isBoolean(Expr e1) { diff --git a/cpp/ql/src/Likely Bugs/Memory Management/ImproperNullTermination.ql b/cpp/ql/src/Likely Bugs/Memory Management/ImproperNullTermination.ql index 025e50b246f..412e1b44e5b 100644 --- a/cpp/ql/src/Likely Bugs/Memory Management/ImproperNullTermination.ql +++ b/cpp/ql/src/Likely Bugs/Memory Management/ImproperNullTermination.ql @@ -56,7 +56,7 @@ class ImproperNullTerminationReachability extends StackVariableReachabilityWithR override predicate isBarrier(ControlFlowNode node, StackVariable v) { exprDefinition(v, node, _) or - isSinkActual(node, v) // only report first use + this.isSinkActual(node, v) // only report first use } } diff --git a/cpp/ql/src/Likely Bugs/Memory Management/SuspiciousSizeof.ql b/cpp/ql/src/Likely Bugs/Memory Management/SuspiciousSizeof.ql index a80af562bda..f7fbec45994 100644 --- a/cpp/ql/src/Likely Bugs/Memory Management/SuspiciousSizeof.ql +++ b/cpp/ql/src/Likely Bugs/Memory Management/SuspiciousSizeof.ql @@ -19,10 +19,10 @@ import cpp class CandidateParameter extends Parameter { CandidateParameter() { // an array parameter - getUnspecifiedType() instanceof ArrayType + this.getUnspecifiedType() instanceof ArrayType or // a pointer parameter - getUnspecifiedType() instanceof PointerType and + this.getUnspecifiedType() instanceof PointerType and // whose address is never taken (rules out common // false positive patterns) not exists(AddressOfExpr aoe | aoe.getAddressable() = this) diff --git a/cpp/ql/src/Metrics/Dependencies/ExternalDependencies.qll b/cpp/ql/src/Metrics/Dependencies/ExternalDependencies.qll index b94212123ec..fed054262e6 100644 --- a/cpp/ql/src/Metrics/Dependencies/ExternalDependencies.qll +++ b/cpp/ql/src/Metrics/Dependencies/ExternalDependencies.qll @@ -56,7 +56,7 @@ class Library extends LibraryT { result = "unknown" } - string toString() { result = getName() + "-" + getVersion() } + string toString() { result = this.getName() + "-" + this.getVersion() } File getAFile() { exists(LibraryElement lib | diff --git a/cpp/ql/src/Security/CWE/CWE-020/ExternalAPIs.qll b/cpp/ql/src/Security/CWE/CWE-020/ExternalAPIs.qll index 70247bdf4a4..5135aab8d83 100644 --- a/cpp/ql/src/Security/CWE/CWE-020/ExternalAPIs.qll +++ b/cpp/ql/src/Security/CWE/CWE-020/ExternalAPIs.qll @@ -38,7 +38,7 @@ class ExternalApiUsedWithUntrustedData extends TExternalApi { /** Gets the number of untrusted sources used with this external API. */ int getNumberOfUntrustedSources() { - result = strictcount(getUntrustedDataNode().getAnUntrustedSource()) + result = strictcount(this.getUntrustedDataNode().getAnUntrustedSource()) } /** Gets a textual representation of this element. */ diff --git a/cpp/ql/src/Security/CWE/CWE-020/ir/ExternalAPIs.qll b/cpp/ql/src/Security/CWE/CWE-020/ir/ExternalAPIs.qll index 70247bdf4a4..5135aab8d83 100644 --- a/cpp/ql/src/Security/CWE/CWE-020/ir/ExternalAPIs.qll +++ b/cpp/ql/src/Security/CWE/CWE-020/ir/ExternalAPIs.qll @@ -38,7 +38,7 @@ class ExternalApiUsedWithUntrustedData extends TExternalApi { /** Gets the number of untrusted sources used with this external API. */ int getNumberOfUntrustedSources() { - result = strictcount(getUntrustedDataNode().getAnUntrustedSource()) + result = strictcount(this.getUntrustedDataNode().getAnUntrustedSource()) } /** Gets a textual representation of this element. */ diff --git a/cpp/ql/src/Security/CWE/CWE-079/CgiXss.ql b/cpp/ql/src/Security/CWE/CWE-079/CgiXss.ql index ffadb381a76..e16f0568056 100644 --- a/cpp/ql/src/Security/CWE/CWE-079/CgiXss.ql +++ b/cpp/ql/src/Security/CWE/CWE-079/CgiXss.ql @@ -19,14 +19,14 @@ import TaintedWithPath /** A call that prints its arguments to `stdout`. */ class PrintStdoutCall extends FunctionCall { PrintStdoutCall() { - getTarget().hasGlobalOrStdName("puts") or - getTarget().hasGlobalOrStdName("printf") + this.getTarget().hasGlobalOrStdName("puts") or + this.getTarget().hasGlobalOrStdName("printf") } } /** A read of the QUERY_STRING environment variable */ class QueryString extends EnvironmentRead { - QueryString() { getEnvironmentVariable() = "QUERY_STRING" } + QueryString() { this.getEnvironmentVariable() = "QUERY_STRING" } } class Configuration extends TaintTrackingConfiguration { diff --git a/cpp/ql/src/experimental/Likely Bugs/OverrunWriteProductFlow.cpp b/cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.cpp similarity index 100% rename from cpp/ql/src/experimental/Likely Bugs/OverrunWriteProductFlow.cpp rename to cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.cpp diff --git a/cpp/ql/src/experimental/Likely Bugs/OverrunWriteProductFlow.qhelp b/cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.qhelp similarity index 100% rename from cpp/ql/src/experimental/Likely Bugs/OverrunWriteProductFlow.qhelp rename to cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.qhelp diff --git a/cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.ql b/cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.ql new file mode 100644 index 00000000000..0d8648aac0a --- /dev/null +++ b/cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.ql @@ -0,0 +1,317 @@ +/** + * @name Overrunning write + * @description Exceeding the size of a static array during write or access operations + * may result in a buffer overflow. + * @kind path-problem + * @problem.severity error + * @security-severity 9.3 + * @precision medium + * @id cpp/overrun-write + * @tags reliability + * security + * external/cwe/cwe-119 + * external/cwe/cwe-131 + */ + +import cpp +import semmle.code.cpp.ir.dataflow.internal.ProductFlow +import semmle.code.cpp.ir.IR +import semmle.code.cpp.models.interfaces.Allocation +import semmle.code.cpp.models.interfaces.ArrayFunction +import semmle.code.cpp.rangeanalysis.new.internal.semantic.analysis.RangeAnalysis +import semmle.code.cpp.rangeanalysis.new.internal.semantic.SemanticExprSpecific +import StringSizeFlow::PathGraph1 +import codeql.util.Unit + +pragma[nomagic] +Instruction getABoundIn(SemBound b, IRFunction func) { + getSemanticExpr(result) = b.getExpr(0) and + result.getEnclosingIRFunction() = func +} + +/** + * Holds if `i <= b + delta`. + */ +bindingset[i] +pragma[inline_late] +predicate bounded(Instruction i, Instruction b, int delta) { + exists(SemBound bound, IRFunction func | + semBounded(getSemanticExpr(i), bound, delta, true, _) and + b = getABoundIn(bound, func) and + i.getEnclosingIRFunction() = func + ) +} + +VariableAccess getAVariableAccess(Expr e) { e.getAChild*() = result } + +/** + * Holds if `(n, state)` pair represents the source of flow for the size + * expression associated with `alloc`. + */ +predicate hasSize(HeuristicAllocationExpr alloc, DataFlow::Node n, int state) { + exists(VariableAccess va, Expr size, int delta | + size = alloc.getSizeExpr() and + // Get the unique variable in a size expression like `x` in `malloc(x + 1)`. + va = unique( | | getAVariableAccess(size)) and + // Compute `delta` as the constant difference between `x` and `x + 1`. + bounded(any(Instruction instr | instr.getUnconvertedResultExpression() = size), + any(LoadInstruction load | load.getUnconvertedResultExpression() = va), delta) and + n.asConvertedExpr() = va.getFullyConverted() and + state = delta + ) +} + +predicate isSinkPairImpl( + CallInstruction c, DataFlow::Node bufSink, DataFlow::Node sizeSink, int delta, Expr eBuf +) { + exists( + int bufIndex, int sizeIndex, Instruction sizeInstr, Instruction bufInstr, ArrayFunction func + | + bufInstr = bufSink.asInstruction() and + c.getArgument(bufIndex) = bufInstr and + sizeInstr = sizeSink.asInstruction() and + c.getStaticCallTarget() = func and + pragma[only_bind_into](func) + .hasArrayWithVariableSize(pragma[only_bind_into](bufIndex), + pragma[only_bind_into](sizeIndex)) and + bounded(c.getArgument(sizeIndex), sizeInstr, delta) and + eBuf = bufInstr.getUnconvertedResultExpression() + ) +} + +module ValidState { + /** + * In the `StringSizeConfig` configuration we use an integer as the flow state for the second + * projection of the dataflow graph. The integer represents an offset that is added to the + * size of the allocation. For example, given: + * ```cpp + * char* p = new char[size + 1]; + * size += 1; + * memset(p, 0, size); + * ``` + * the initial flow state is `1`. This represents the fact that `size + 1` is a valid bound + * for the size of the allocation pointed to by `p`. After updating the size using `+=`, the + * flow state changes to `0`, which represents the fact that `size + 0` is a valid bound for + * the allocation. + * + * So we need to compute a set of valid integers that represent the offset applied to the + * size. We do this in two steps: + * 1. We first perform the dataflow traversal that the second projection of the product-flow + * library will perform, and visit all the places where the size argument is modified. + * 2. Once that dataflow traversal is done, we accumulate the offsets added at each places + * where the offset is modified (see `validStateImpl`). + * + * Because we want to guarantee that each place where we modify the offset has a `PathNode` + * we "flip" a boolean flow state in each `isAdditionalFlowStep`. This ensures that the node + * has a corresponding `PathNode`. + */ + private module ValidStateConfig implements DataFlow::StateConfigSig { + class FlowState = boolean; + + predicate isSource(DataFlow::Node source, FlowState state) { + hasSize(_, source, _) and + state = false + } + + predicate isSink(DataFlow::Node sink, FlowState state) { + isSinkPairImpl(_, _, sink, _, _) and + state = [false, true] + } + + predicate isBarrier(DataFlow::Node node, FlowState state) { none() } + + predicate isAdditionalFlowStep( + DataFlow::Node node1, FlowState state1, DataFlow::Node node2, FlowState state2 + ) { + isAdditionalFlowStep2(node1, node2, _) and + state1 = [false, true] and + state2 = state1.booleanNot() + } + + predicate includeHiddenNodes() { any() } + } + + private import DataFlow::GlobalWithState + + private predicate inLoop(PathNode n) { n.getASuccessor+() = n } + + /** + * Holds if `value` is a possible offset for `n`. + * + * To ensure termination, we limit `value` to be in the + * range `[-2, 2]` if the node is part of a loop. Without + * this restriction we wouldn't terminate on an example like: + * ```cpp + * while(unknown()) { size++; } + * ``` + */ + private predicate validStateImpl(PathNode n, int value) { + // If the dataflow node depends recursively on itself we restrict the range. + (inLoop(n) implies value = [-2 .. 2]) and + ( + // For the dataflow source we have an allocation such as `malloc(size + k)`, + // and the value of the flow-state is then `k`. + hasSize(_, n.getNode(), value) + or + // For a dataflow sink any `value` that is strictly smaller than the delta + // needs to be a valid flow-state. That is, for a snippet like: + // ``` + // p = b ? new char[size] : new char[size + 1]; + // memset(p, 0, size + 2); + // ``` + // the valid flow-states at the `memset` must include the set `{0, 1}` since the + // flow-state at `new char[size]` is `0`, and the flow-state at `new char[size + 1]` + // is `1`. + // + // So we find a valid flow-state at the sink's predecessor, and use the definition + // of our sink predicate to compute the valid flow-states at the sink. + exists(int delta, PathNode n0 | + n0.getASuccessor() = n and + validStateImpl(n0, value) and + isSinkPairImpl(_, _, n.getNode(), delta, _) and + delta > value + ) + or + // For a non-source and non-sink node there is two cases to consider. + // 1. A node where we have to update the flow-state, or + // 2. A node that doesn't update the flow-state. + // + // For case 1, we compute the new flow-state by adding the constant operand of the + // `AddInstruction` to the flow-state of any predecessor node. + // For case 2 we simply propagate the valid flow-states from the predecessor node to + // the next one. + exists(PathNode n0, DataFlow::Node node0, DataFlow::Node node, int value0 | + n0.getASuccessor() = n and + validStateImpl(n0, value0) and + node = n.getNode() and + node0 = n0.getNode() + | + exists(int delta | + isAdditionalFlowStep2(node0, node, delta) and + value0 = value + delta + ) + or + not isAdditionalFlowStep2(node0, node, _) and + value = value0 + ) + ) + } + + predicate validState(DataFlow::Node n, int value) { + validStateImpl(any(PathNode pn | pn.getNode() = n), value) + } +} + +import ValidState + +/** + * Holds if `node2` is a dataflow node that represents an addition of two operands `op1` + * and `op2` such that: + * 1. `node1` is the dataflow node that represents `op1`, and + * 2. the value of `op2` can be upper bounded by `delta.` + */ +predicate isAdditionalFlowStep2(DataFlow::Node node1, DataFlow::Node node2, int delta) { + exists(AddInstruction add, Operand op | + add.hasOperands(node1.asOperand(), op) and + semBounded(getSemanticExpr(op.getDef()), any(SemZeroBound zero), delta, true, _) and + node2.asInstruction() = add + ) +} + +module StringSizeConfig implements ProductFlow::StateConfigSig { + class FlowState1 = Unit; + + class FlowState2 = int; + + predicate isSourcePair( + DataFlow::Node bufSource, FlowState1 state1, DataFlow::Node sizeSource, FlowState2 state2 + ) { + // In the case of an allocation like + // ```cpp + // malloc(size + 1); + // ``` + // we use `state2` to remember that there was an offset (in this case an offset of `1`) added + // to the size of the allocation. This state is then checked in `isSinkPair`. + exists(state1) and + hasSize(bufSource.asConvertedExpr(), sizeSource, state2) + } + + predicate isSinkPair( + DataFlow::Node bufSink, FlowState1 state1, DataFlow::Node sizeSink, FlowState2 state2 + ) { + exists(state1) and + validState(sizeSink, state2) and + exists(int delta | + isSinkPairImpl(_, bufSink, sizeSink, delta, _) and + delta > state2 + ) + } + + predicate isBarrier1(DataFlow::Node node, FlowState1 state) { none() } + + predicate isBarrier2(DataFlow::Node node, FlowState2 state) { none() } + + predicate isBarrierOut2(DataFlow::Node node) { + node = any(DataFlow::SsaPhiNode phi).getAnInput(true) + } + + predicate isAdditionalFlowStep1( + DataFlow::Node node1, FlowState1 state1, DataFlow::Node node2, FlowState1 state2 + ) { + none() + } + + predicate isAdditionalFlowStep2( + DataFlow::Node node1, FlowState2 state1, DataFlow::Node node2, FlowState2 state2 + ) { + validState(node2, state2) and + exists(int delta | + isAdditionalFlowStep2(node1, node2, delta) and + state1 = state2 + delta + ) + } +} + +module StringSizeFlow = ProductFlow::GlobalWithState; + +/** + * Gets the maximum number of elements accessed past the buffer `buffer` by the formatting + * function call `c` when an overflow is detected starting at the `(source1, source2)` pair + * and ending at the `(sink1, sink2)` pair. + * + * Implementation note: Since the number of elements accessed past the buffer is computed + * using a `FlowState` on the second component of the `DataFlow::PathNode` pair we project + * the columns down to the underlying `DataFlow::Node` in order to deduplicate the flow + * state. + */ +int getOverflow( + DataFlow::Node source1, DataFlow::Node source2, DataFlow::Node sink1, DataFlow::Node sink2, + CallInstruction c, Expr buffer +) { + result > 0 and + exists( + StringSizeFlow::PathNode1 pathSource1, StringSizeFlow::PathNode2 pathSource2, + StringSizeFlow::PathNode1 pathSink1, StringSizeFlow::PathNode2 pathSink2 + | + StringSizeFlow::flowPath(pathSource1, pathSource2, pathSink1, pathSink2) and + source1 = pathSource1.getNode() and + source2 = pathSource2.getNode() and + sink1 = pathSink1.getNode() and + sink2 = pathSink2.getNode() and + isSinkPairImpl(c, sink1, sink2, result + pathSink2.getState(), buffer) + ) +} + +from + StringSizeFlow::PathNode1 source1, StringSizeFlow::PathNode2 source2, + StringSizeFlow::PathNode1 sink1, StringSizeFlow::PathNode2 sink2, int overflow, CallInstruction c, + Expr buffer, string element +where + StringSizeFlow::flowPath(source1, source2, sink1, sink2) and + overflow = + max(getOverflow(source1.getNode(), source2.getNode(), sink1.getNode(), sink2.getNode(), c, + buffer) + ) and + if overflow = 1 then element = " element." else element = " elements." +select c.getUnconvertedResultExpression(), source1, sink1, + "This write may overflow $@ by " + overflow + element, buffer, buffer.toString() diff --git a/cpp/ql/src/Security/CWE/CWE-295/SSLResultConflation.ql b/cpp/ql/src/Security/CWE/CWE-295/SSLResultConflation.ql index 5eab70c5cc9..8a3c2f3664d 100644 --- a/cpp/ql/src/Security/CWE/CWE-295/SSLResultConflation.ql +++ b/cpp/ql/src/Security/CWE/CWE-295/SSLResultConflation.ql @@ -18,7 +18,7 @@ import semmle.code.cpp.ir.dataflow.DataFlow * A call to `SSL_get_verify_result`. */ class SslGetVerifyResultCall extends FunctionCall { - SslGetVerifyResultCall() { getTarget().getName() = "SSL_get_verify_result" } + SslGetVerifyResultCall() { this.getTarget().getName() = "SSL_get_verify_result" } } /** diff --git a/cpp/ql/src/Security/CWE/CWE-295/SSLResultNotChecked.ql b/cpp/ql/src/Security/CWE/CWE-295/SSLResultNotChecked.ql index 0d972a734b3..de8520de1b3 100644 --- a/cpp/ql/src/Security/CWE/CWE-295/SSLResultNotChecked.ql +++ b/cpp/ql/src/Security/CWE/CWE-295/SSLResultNotChecked.ql @@ -19,10 +19,10 @@ import semmle.code.cpp.controlflow.IRGuards */ class SslGetPeerCertificateCall extends FunctionCall { SslGetPeerCertificateCall() { - getTarget().getName() = "SSL_get_peer_certificate" // SSL_get_peer_certificate(ssl) + this.getTarget().getName() = "SSL_get_peer_certificate" // SSL_get_peer_certificate(ssl) } - Expr getSslArgument() { result = getArgument(0) } + Expr getSslArgument() { result = this.getArgument(0) } } /** @@ -30,10 +30,10 @@ class SslGetPeerCertificateCall extends FunctionCall { */ class SslGetVerifyResultCall extends FunctionCall { SslGetVerifyResultCall() { - getTarget().getName() = "SSL_get_verify_result" // SSL_get_peer_certificate(ssl) + this.getTarget().getName() = "SSL_get_verify_result" // SSL_get_peer_certificate(ssl) } - Expr getSslArgument() { result = getArgument(0) } + Expr getSslArgument() { result = this.getArgument(0) } } /** diff --git a/cpp/ql/src/Security/CWE/CWE-327/BrokenCryptoAlgorithm.ql b/cpp/ql/src/Security/CWE/CWE-327/BrokenCryptoAlgorithm.ql index e6c7b186ce2..02ab64179c9 100644 --- a/cpp/ql/src/Security/CWE/CWE-327/BrokenCryptoAlgorithm.ql +++ b/cpp/ql/src/Security/CWE/CWE-327/BrokenCryptoAlgorithm.ql @@ -150,7 +150,7 @@ class BlamedElement extends Element { */ predicate hasFileRank(File f, int num) { exists(int loc | - getLocation().charLoc(f, loc, _) and + this.getLocation().charLoc(f, loc, _) and loc = rank[num](BlamedElement other, int loc2 | other.getLocation().charLoc(f, loc2, _) | loc2) ) diff --git a/cpp/ql/src/change-notes/2023-05-24-overrun-write-query.md b/cpp/ql/src/change-notes/2023-05-24-overrun-write-query.md new file mode 100644 index 00000000000..32195223fcd --- /dev/null +++ b/cpp/ql/src/change-notes/2023-05-24-overrun-write-query.md @@ -0,0 +1,4 @@ +--- +category: newQuery +--- +* Added a new query, `cpp/overrun-write`, to detect buffer overflows in C-style functions that manipulate buffers. diff --git a/cpp/ql/src/change-notes/released/0.6.2.md b/cpp/ql/src/change-notes/released/0.6.2.md new file mode 100644 index 00000000000..43f80640fc5 --- /dev/null +++ b/cpp/ql/src/change-notes/released/0.6.2.md @@ -0,0 +1,3 @@ +## 0.6.2 + +No user-facing changes. diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml index 80fb0899f64..5501a2a1cc5 100644 --- a/cpp/ql/src/codeql-pack.release.yml +++ b/cpp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.1 +lastReleaseVersion: 0.6.2 diff --git a/cpp/ql/src/experimental/Likely Bugs/ArrayAccessProductFlow.ql b/cpp/ql/src/experimental/Likely Bugs/ArrayAccessProductFlow.ql index a5df698aeea..ffb9362417e 100644 --- a/cpp/ql/src/experimental/Likely Bugs/ArrayAccessProductFlow.ql +++ b/cpp/ql/src/experimental/Likely Bugs/ArrayAccessProductFlow.ql @@ -10,7 +10,7 @@ */ import cpp -import experimental.semmle.code.cpp.dataflow.ProductFlow +import semmle.code.cpp.ir.dataflow.internal.ProductFlow import semmle.code.cpp.rangeanalysis.new.internal.semantic.analysis.RangeAnalysis import semmle.code.cpp.rangeanalysis.new.internal.semantic.SemanticExprSpecific import semmle.code.cpp.rangeanalysis.new.internal.semantic.analysis.Bound diff --git a/cpp/ql/src/experimental/Likely Bugs/OverrunWriteProductFlow.ql b/cpp/ql/src/experimental/Likely Bugs/OverrunWriteProductFlow.ql deleted file mode 100644 index b49deb45ee3..00000000000 --- a/cpp/ql/src/experimental/Likely Bugs/OverrunWriteProductFlow.ql +++ /dev/null @@ -1,177 +0,0 @@ -/** - * @name Overrunning write - * @description Exceeding the size of a static array during write or access operations - * may result in a buffer overflow. - * @kind path-problem - * @problem.severity error - * @id cpp/overrun-write - * @tags reliability - * security - * experimental - * external/cwe/cwe-119 - * external/cwe/cwe-131 - */ - -import cpp -import experimental.semmle.code.cpp.dataflow.ProductFlow -import semmle.code.cpp.ir.IR -import semmle.code.cpp.models.interfaces.Allocation -import semmle.code.cpp.models.interfaces.ArrayFunction -import semmle.code.cpp.rangeanalysis.new.internal.semantic.analysis.RangeAnalysis -import semmle.code.cpp.rangeanalysis.new.internal.semantic.SemanticExprSpecific -import StringSizeFlow::PathGraph1 -import codeql.util.Unit - -pragma[nomagic] -Instruction getABoundIn(SemBound b, IRFunction func) { - getSemanticExpr(result) = b.getExpr(0) and - result.getEnclosingIRFunction() = func -} - -/** - * Holds if `i <= b + delta`. - */ -bindingset[i] -pragma[inline_late] -predicate bounded(Instruction i, Instruction b, int delta) { - exists(SemBound bound, IRFunction func | - semBounded(getSemanticExpr(i), bound, delta, true, _) and - b = getABoundIn(bound, func) and - i.getEnclosingIRFunction() = func - ) -} - -VariableAccess getAVariableAccess(Expr e) { e.getAChild*() = result } - -/** - * Holds if `(n, state)` pair represents the source of flow for the size - * expression associated with `alloc`. - */ -predicate hasSize(AllocationExpr alloc, DataFlow::Node n, int state) { - exists(VariableAccess va, Expr size, int delta | - size = alloc.getSizeExpr() and - // Get the unique variable in a size expression like `x` in `malloc(x + 1)`. - va = unique( | | getAVariableAccess(size)) and - // Compute `delta` as the constant difference between `x` and `x + 1`. - bounded(any(Instruction instr | instr.getUnconvertedResultExpression() = size), - any(LoadInstruction load | load.getUnconvertedResultExpression() = va), delta) and - n.asConvertedExpr() = va.getFullyConverted() and - state = delta - ) -} - -predicate isSinkPairImpl( - CallInstruction c, DataFlow::Node bufSink, DataFlow::Node sizeSink, int delta, Expr eBuf -) { - exists( - int bufIndex, int sizeIndex, Instruction sizeInstr, Instruction bufInstr, ArrayFunction func - | - bufInstr = bufSink.asInstruction() and - c.getArgument(bufIndex) = bufInstr and - sizeInstr = sizeSink.asInstruction() and - c.getStaticCallTarget() = func and - pragma[only_bind_into](func) - .hasArrayWithVariableSize(pragma[only_bind_into](bufIndex), - pragma[only_bind_into](sizeIndex)) and - bounded(c.getArgument(sizeIndex), sizeInstr, delta) and - eBuf = bufInstr.getUnconvertedResultExpression() - ) -} - -module StringSizeConfig implements ProductFlow::StateConfigSig { - class FlowState1 = Unit; - - class FlowState2 = int; - - predicate isSourcePair( - DataFlow::Node bufSource, FlowState1 state1, DataFlow::Node sizeSource, FlowState2 state2 - ) { - // In the case of an allocation like - // ```cpp - // malloc(size + 1); - // ``` - // we use `state2` to remember that there was an offset (in this case an offset of `1`) added - // to the size of the allocation. This state is then checked in `isSinkPair`. - exists(state1) and - hasSize(bufSource.asConvertedExpr(), sizeSource, state2) - } - - predicate isSinkPair( - DataFlow::Node bufSink, FlowState1 state1, DataFlow::Node sizeSink, FlowState2 state2 - ) { - exists(state1) and - state2 = [-32 .. 32] and // An arbitrary bound because we need to bound `state2` - exists(int delta | - isSinkPairImpl(_, bufSink, sizeSink, delta, _) and - delta > state2 - ) - } - - predicate isBarrier1(DataFlow::Node node, FlowState1 state) { none() } - - predicate isBarrier2(DataFlow::Node node, FlowState2 state) { none() } - - predicate isAdditionalFlowStep1( - DataFlow::Node node1, FlowState1 state1, DataFlow::Node node2, FlowState1 state2 - ) { - none() - } - - predicate isAdditionalFlowStep2( - DataFlow::Node node1, FlowState2 state1, DataFlow::Node node2, FlowState2 state2 - ) { - exists(AddInstruction add, Operand op, int delta, int s1, int s2 | - s1 = [-32 .. 32] and // An arbitrary bound because we need to bound `state` - state1 = s1 and - state2 = s2 and - add.hasOperands(node1.asOperand(), op) and - semBounded(getSemanticExpr(op.getDef()), any(SemZeroBound zero), delta, true, _) and - node2.asInstruction() = add and - s1 = s2 + delta - ) - } -} - -module StringSizeFlow = ProductFlow::GlobalWithState; - -/** - * Gets the maximum number of elements accessed past the buffer `buffer` by the formatting - * function call `c` when an overflow is detected starting at the `(source1, source2)` pair - * and ending at the `(sink1, sink2)` pair. - * - * Implementation note: Since the number of elements accessed past the buffer is computed - * using a `FlowState` on the second component of the `DataFlow::PathNode` pair we project - * the columns down to the underlying `DataFlow::Node` in order to deduplicate the flow - * state. - */ -int getOverflow( - DataFlow::Node source1, DataFlow::Node source2, DataFlow::Node sink1, DataFlow::Node sink2, - CallInstruction c, Expr buffer -) { - result > 0 and - exists( - StringSizeFlow::PathNode1 pathSource1, StringSizeFlow::PathNode2 pathSource2, - StringSizeFlow::PathNode1 pathSink1, StringSizeFlow::PathNode2 pathSink2 - | - StringSizeFlow::flowPath(pathSource1, pathSource2, pathSink1, pathSink2) and - source1 = pathSource1.getNode() and - source2 = pathSource2.getNode() and - sink1 = pathSink1.getNode() and - sink2 = pathSink2.getNode() and - isSinkPairImpl(c, sink1, sink2, result + pathSink2.getState(), buffer) - ) -} - -from - StringSizeFlow::PathNode1 source1, StringSizeFlow::PathNode2 source2, - StringSizeFlow::PathNode1 sink1, StringSizeFlow::PathNode2 sink2, int overflow, CallInstruction c, - Expr buffer, string element -where - StringSizeFlow::flowPath(source1, source2, sink1, sink2) and - overflow = - max(getOverflow(source1.getNode(), source2.getNode(), sink1.getNode(), sink2.getNode(), c, - buffer) - ) and - if overflow = 1 then element = " element." else element = " elements." -select c.getUnconvertedResultExpression(), source1, sink1, - "This write may overflow $@ by " + overflow + element, buffer, buffer.toString() diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-078/WordexpTainted.ql b/cpp/ql/src/experimental/Security/CWE/CWE-078/WordexpTainted.ql index cf346cb812e..095b4abea02 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-078/WordexpTainted.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-078/WordexpTainted.ql @@ -21,7 +21,7 @@ import WordexpTaint::PathGraph * The `wordexp` function, which can perform command substitution. */ private class WordexpFunction extends Function { - WordexpFunction() { hasGlobalName("wordexp") } + WordexpFunction() { this.hasGlobalName("wordexp") } } /** diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-1041/FindWrapperFunctions.ql b/cpp/ql/src/experimental/Security/CWE/CWE-1041/FindWrapperFunctions.ql index cc25326f0b4..649b4769c47 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-1041/FindWrapperFunctions.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-1041/FindWrapperFunctions.ql @@ -31,7 +31,7 @@ class CallUsedToHandleErrors extends FunctionCall { this.(ControlFlowNode).getASuccessor() instanceof FormattingFunction or // enabling recursive search - exists(CallUsedToHandleErrors fr | getTarget() = fr.getEnclosingFunction()) + exists(CallUsedToHandleErrors fr | this.getTarget() = fr.getEnclosingFunction()) } } diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-190/IfStatementAdditionOverflow.qhelp b/cpp/ql/src/experimental/Security/CWE/CWE-190/IfStatementAdditionOverflow.qhelp new file mode 100644 index 00000000000..72491838fd2 --- /dev/null +++ b/cpp/ql/src/experimental/Security/CWE/CWE-190/IfStatementAdditionOverflow.qhelp @@ -0,0 +1,33 @@ + + + + +

+Detects if (a+b>c) a=c-b, which incorrectly implements +a = min(a,c-b) if a+b overflows. +

+

+Also detects variants such as if (b+a>c) a=c-b (swapped +terms in addition), if (a+b>c) { a=c-b } (assignment +inside block), c<a+b (swapped operands), and +>=, <, <= instead of +> (all operators). +

+

+This integer overflow is the root cause of the buffer overflow in +the SHA-3 reference implementation (CVE-2022-37454). +

+ + +

+Replace by if (a>c-b) a=c-b. This avoids the overflow +and makes it easy to see that a = min(a,c-b). +

+ + +
  • CVE-2022-37454: The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.
    • +
  • GitHub Advisory Database: CVE-2022-37454: Buffer overflow in sponge queue functions
    • +     +     diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-190/IfStatementAdditionOverflow.ql b/cpp/ql/src/experimental/Security/CWE/CWE-190/IfStatementAdditionOverflow.ql new file mode 100644 index 00000000000..3667f068a25 --- /dev/null +++ b/cpp/ql/src/experimental/Security/CWE/CWE-190/IfStatementAdditionOverflow.ql @@ -0,0 +1,42 @@ +/** + * @name Integer addition may overflow inside if statement + * @description Writing 'if (a+b>c) a=c-b' incorrectly implements + * 'a = min(a,c-b)' if 'a+b' overflows. This integer + * overflow is the root cause of the buffer overflow + * in the SHA-3 reference implementation (CVE-2022-37454). + * @kind problem + * @problem.severity warning + * @id cpp/if-statement-addition-overflow + * @tags: experimental + * correctness + * security + * external/cwe/cwe-190 + */ + +import cpp +import semmle.code.cpp.valuenumbering.GlobalValueNumbering +import semmle.code.cpp.valuenumbering.HashCons +import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis +import semmle.code.cpp.controlflow.Guards + +from + GuardCondition guard, Expr expr, ExprStmt exprstmt, BasicBlock block, AssignExpr assignexpr, + AddExpr addexpr, SubExpr subexpr +where + (guard.ensuresLt(expr, addexpr, 0, block, _) or guard.ensuresLt(addexpr, expr, 0, block, _)) and + addexpr.getUnspecifiedType() instanceof IntegralType and + exprMightOverflowPositively(addexpr) and + block.getANode() = exprstmt and + exprstmt.getExpr() = assignexpr and + assignexpr.getRValue() = subexpr and + ( + hashCons(addexpr.getLeftOperand()) = hashCons(assignexpr.getLValue()) and + globalValueNumber(addexpr.getRightOperand()) = globalValueNumber(subexpr.getRightOperand()) + or + hashCons(addexpr.getRightOperand()) = hashCons(assignexpr.getLValue()) and + globalValueNumber(addexpr.getLeftOperand()) = globalValueNumber(subexpr.getRightOperand()) + ) and + globalValueNumber(expr) = globalValueNumber(subexpr.getLeftOperand()) +select guard, + "\"if (a+b>c) a=c-b\" was detected where the $@ may potentially overflow/wraparound. The code can be rewritten as \"if (a>c-b) a=c-b\" which avoids the overflow.", + addexpr, "addition" diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql b/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql index bc68a7f14d5..aa0358a99ad 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql @@ -14,7 +14,7 @@ import semmle.code.cpp.rangeanalysis.new.internal.semantic.analysis.RangeAnalysi import semmle.code.cpp.rangeanalysis.new.internal.semantic.SemanticExprSpecific import semmle.code.cpp.ir.IR import semmle.code.cpp.ir.dataflow.DataFlow -import PointerArithmeticToDerefFlow::PathGraph +import FieldAddressToDerefFlow::PathGraph pragma[nomagic] Instruction getABoundIn(SemBound b, IRFunction func) { @@ -42,21 +42,6 @@ bindingset[b] pragma[inline_late] predicate bounded2(Instruction i, Instruction b, int delta) { boundedImpl(i, b, delta) } -module FieldAddressToPointerArithmeticConfig implements DataFlow::ConfigSig { - predicate isSource(DataFlow::Node source) { isFieldAddressSource(_, source) } - - predicate isSink(DataFlow::Node sink) { - exists(PointerAddInstruction pai | pai.getLeft() = sink.asInstruction()) - } -} - -module FieldAddressToPointerArithmeticFlow = - DataFlow::Global; - -predicate isFieldAddressSource(Field f, DataFlow::Node source) { - source.asInstruction().(FieldAddressInstruction).getField() = f -} - bindingset[delta] predicate isInvalidPointerDerefSinkImpl( int delta, Instruction i, AddressOperand addr, string operation @@ -93,38 +78,96 @@ predicate isInvalidPointerDerefSink2(DataFlow::Node sink, Instruction i, string ) } -predicate isConstantSizeOverflowSource(Field f, PointerAddInstruction pai, int delta) { - exists(int size, int bound, DataFlow::Node source, DataFlow::InstructionNode sink | - FieldAddressToPointerArithmeticFlow::flow(source, sink) and - isFieldAddressSource(f, source) and - pai.getLeft() = sink.asInstruction() and - f.getUnspecifiedType().(ArrayType).getArraySize() = size and - semBounded(getSemanticExpr(pai.getRight()), any(SemZeroBound b), bound, true, _) and - delta = bound - size and - delta >= 0 and - size != 0 and - size != 1 - ) +pragma[nomagic] +predicate arrayTypeHasSizes(ArrayType arr, int baseTypeSize, int arraySize) { + arr.getBaseType().getSize() = baseTypeSize and + arr.getArraySize() = arraySize +} + +predicate pointerArithOverflow0( + PointerArithmeticInstruction pai, Field f, int size, int bound, int delta +) { + not f.getNamespace() instanceof StdNamespace and + arrayTypeHasSizes(f.getUnspecifiedType(), pai.getElementSize(), size) and + semBounded(getSemanticExpr(pai.getRight()), any(SemZeroBound b), bound, true, _) and + delta = bound - size and + delta >= 0 and + size != 0 and + size != 1 } module PointerArithmeticToDerefConfig implements DataFlow::ConfigSig { predicate isSource(DataFlow::Node source) { - isConstantSizeOverflowSource(_, source.asInstruction(), _) + pointerArithOverflow0(source.asInstruction(), _, _, _, _) } - pragma[inline] + predicate isBarrierIn(DataFlow::Node node) { isSource(node) } + + predicate isBarrierOut(DataFlow::Node node) { isSink(node) } + predicate isSink(DataFlow::Node sink) { isInvalidPointerDerefSink1(sink, _, _) } } module PointerArithmeticToDerefFlow = DataFlow::Global; +predicate pointerArithOverflow( + PointerArithmeticInstruction pai, Field f, int size, int bound, int delta +) { + pointerArithOverflow0(pai, f, size, bound, delta) and + PointerArithmeticToDerefFlow::flow(DataFlow::instructionNode(pai), _) +} + +module FieldAddressToDerefConfig implements DataFlow::StateConfigSig { + newtype FlowState = + additional TArray(Field f) { pointerArithOverflow(_, f, _, _, _) } or + additional TOverflowArithmetic(PointerArithmeticInstruction pai) { + pointerArithOverflow(pai, _, _, _, _) + } + + predicate isSource(DataFlow::Node source, FlowState state) { + exists(Field f | + source.asInstruction().(FieldAddressInstruction).getField() = f and + state = TArray(f) + ) + } + + predicate isSink(DataFlow::Node sink, FlowState state) { + exists(DataFlow::Node pai | + state = TOverflowArithmetic(pai.asInstruction()) and + PointerArithmeticToDerefFlow::flow(pai, sink) + ) + } + + predicate isBarrier(DataFlow::Node node, FlowState state) { none() } + + predicate isBarrierIn(DataFlow::Node node) { isSource(node, _) } + + predicate isBarrierOut(DataFlow::Node node) { isSink(node, _) } + + predicate isAdditionalFlowStep( + DataFlow::Node node1, FlowState state1, DataFlow::Node node2, FlowState state2 + ) { + exists(PointerArithmeticInstruction pai, Field f | + state1 = TArray(f) and + state2 = TOverflowArithmetic(pai) and + pai.getLeft() = node1.asInstruction() and + node2.asInstruction() = pai and + pointerArithOverflow(pai, f, _, _, _) + ) + } +} + +module FieldAddressToDerefFlow = DataFlow::GlobalWithState; + from - Field f, PointerArithmeticToDerefFlow::PathNode source, - PointerArithmeticToDerefFlow::PathNode sink, Instruction deref, string operation, int delta + Field f, FieldAddressToDerefFlow::PathNode source, PointerArithmeticInstruction pai, + FieldAddressToDerefFlow::PathNode sink, Instruction deref, string operation, int delta where - PointerArithmeticToDerefFlow::flowPath(source, sink) and + FieldAddressToDerefFlow::flowPath(source, sink) and isInvalidPointerDerefSink2(sink.getNode(), deref, operation) and - isConstantSizeOverflowSource(f, source.getNode().asInstruction(), delta) -select source, source, sink, + source.getState() = FieldAddressToDerefConfig::TArray(f) and + sink.getState() = FieldAddressToDerefConfig::TOverflowArithmetic(pai) and + pointerArithOverflow(pai, f, _, _, delta) +select pai, source, sink, "This pointer arithmetic may have an off-by-" + (delta + 1) + " error allowing it to overrun $@ at this $@.", f, f.getName(), deref, operation diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql b/cpp/ql/src/experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql index 2f77fff2ebf..478ab2cc92a 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql @@ -16,7 +16,7 @@ */ import cpp -import experimental.semmle.code.cpp.dataflow.ProductFlow +import semmle.code.cpp.ir.dataflow.internal.ProductFlow import semmle.code.cpp.rangeanalysis.new.internal.semantic.analysis.RangeAnalysis import semmle.code.cpp.rangeanalysis.new.internal.semantic.SemanticExprSpecific import semmle.code.cpp.ir.IR @@ -48,44 +48,23 @@ bindingset[b] pragma[inline_late] predicate bounded2(Instruction i, Instruction b, int delta) { boundedImpl(i, b, delta) } -/** - * Holds if the combination of `n` and `state` represents an appropriate - * source for the expression `e` suitable for use-use flow. - */ -private predicate hasSizeImpl(Expr e, DataFlow::Node n, int state) { - // The simple case: If the size is a variable access with no qualifier we can just use the - // dataflow node for that expression and no state. - exists(VariableAccess va | - va = e and - not va instanceof FieldAccess and - n.asConvertedExpr() = va.getFullyConverted() and - state = 0 - ) - or - // If the size is a choice between two expressions we allow both to be nodes representing the size. - exists(ConditionalExpr cond | cond = e | hasSizeImpl([cond.getThen(), cond.getElse()], n, state)) - or - // If the size is an expression plus a constant, we pick the dataflow node of the expression and - // remember the constant in the state. - exists(Expr const, Expr nonconst | - e.(AddExpr).hasOperands(const, nonconst) and - state = const.getValue().toInt() and - hasSizeImpl(nonconst, n, _) - ) - or - exists(Expr const, Expr nonconst | - e.(SubExpr).hasOperands(const, nonconst) and - state = -const.getValue().toInt() and - hasSizeImpl(nonconst, n, _) - ) -} +VariableAccess getAVariableAccess(Expr e) { e.getAChild*() = result } /** * Holds if `(n, state)` pair represents the source of flow for the size * expression associated with `alloc`. */ predicate hasSize(HeuristicAllocationExpr alloc, DataFlow::Node n, int state) { - hasSizeImpl(alloc.getSizeExpr(), n, state) + exists(VariableAccess va, Expr size, int delta | + size = alloc.getSizeExpr() and + // Get the unique variable in a size expression like `x` in `malloc(x + 1)`. + va = unique( | | getAVariableAccess(size)) and + // Compute `delta` as the constant difference between `x` and `x + 1`. + bounded1(any(Instruction instr | instr.getUnconvertedResultExpression() = size), + any(LoadInstruction load | load.getUnconvertedResultExpression() = va), delta) and + n.asConvertedExpr() = va.getFullyConverted() and + state = delta + ) } /** @@ -102,8 +81,8 @@ predicate hasSize(HeuristicAllocationExpr alloc, DataFlow::Node n, int state) { * ``` * * We do this by splitting the task up into two configurations: - * 1. `AllocToInvalidPointerConf` find flow from `malloc(size)` to `begin + size`, and - * 2. `InvalidPointerToDerefConf` finds flow from `begin + size` to an `end` (on line 3). + * 1. `AllocToInvalidPointerConfig` find flow from `malloc(size)` to `begin + size`, and + * 2. `InvalidPointerToDerefConfig` finds flow from `begin + size` to an `end` (on line 3). * * Finally, the range-analysis library will find a load from (or store to) an address that * is non-strictly upper-bounded by `end` (which in this case is `*p`). @@ -201,14 +180,33 @@ predicate isSinkImpl( } /** - * Holds if `sink` is a sink for `InvalidPointerToDerefConf` and `i` is a `StoreInstruction` that + * Yields any instruction that is control-flow reachable from `instr`. + */ +bindingset[instr, result] +pragma[inline_late] +Instruction getASuccessor(Instruction instr) { + exists(IRBlock b, int instrIndex, int resultIndex | + result.getBlock() = b and + instr.getBlock() = b and + b.getInstruction(instrIndex) = instr and + b.getInstruction(resultIndex) = result + | + resultIndex >= instrIndex + ) + or + instr.getBlock().getASuccessor+() = result.getBlock() +} + +/** + * Holds if `sink` is a sink for `InvalidPointerToDerefConfig` and `i` is a `StoreInstruction` that * writes to an address that non-strictly upper-bounds `sink`, or `i` is a `LoadInstruction` that * reads from an address that non-strictly upper-bounds `sink`. */ pragma[inline] -predicate isInvalidPointerDerefSink(DataFlow::Node sink, Instruction i, string operation) { - exists(AddressOperand addr, int delta | - bounded1(addr.getDef(), sink.asInstruction(), delta) and +predicate isInvalidPointerDerefSink(DataFlow::Node sink, Instruction i, string operation, int delta) { + exists(AddressOperand addr, Instruction s | + s = sink.asInstruction() and + bounded1(addr.getDef(), s, delta) and delta >= 0 and i.getAnOperand() = addr | @@ -222,13 +220,17 @@ predicate isInvalidPointerDerefSink(DataFlow::Node sink, Instruction i, string o /** * A configuration to track flow from a pointer-arithmetic operation found - * by `AllocToInvalidPointerConf` to a dereference of the pointer. + * by `AllocToInvalidPointerConfig` to a dereference of the pointer. */ module InvalidPointerToDerefConfig implements DataFlow::ConfigSig { predicate isSource(DataFlow::Node source) { invalidPointerToDerefSource(_, source, _) } pragma[inline] - predicate isSink(DataFlow::Node sink) { isInvalidPointerDerefSink(sink, _, _) } + predicate isSink(DataFlow::Node sink) { isInvalidPointerDerefSink(sink, _, _, _) } + + predicate isBarrier(DataFlow::Node node) { + node = any(DataFlow::SsaPhiNode phi | not phi.isPhiRead()).getAnInput(true) + } } module InvalidPointerToDerefFlow = DataFlow::Global; @@ -254,17 +256,18 @@ predicate invalidPointerToDerefSource( } newtype TMergedPathNode = - // The path nodes computed by the first projection of `AllocToInvalidPointerConf` + // The path nodes computed by the first projection of `AllocToInvalidPointerConfig` TPathNode1(AllocToInvalidPointerFlow::PathNode1 p) or - // The path nodes computed by `InvalidPointerToDerefConf` + // The path nodes computed by `InvalidPointerToDerefConfig` TPathNode3(InvalidPointerToDerefFlow::PathNode p) or - // The read/write that uses the invalid pointer identified by `InvalidPointerToDerefConf`. - // This one is needed because the sink identified by `InvalidPointerToDerefConf` is the + // The read/write that uses the invalid pointer identified by `InvalidPointerToDerefConfig`. + // This one is needed because the sink identified by `InvalidPointerToDerefConfig` is the // pointer, but we want to raise an alert at the dereference. TPathNodeSink(Instruction i) { exists(DataFlow::Node n | InvalidPointerToDerefFlow::flowTo(n) and - isInvalidPointerDerefSink(n, i, _) + isInvalidPointerDerefSink(n, i, _, _) and + i = getASuccessor(n.asInstruction()) ) } @@ -338,12 +341,30 @@ query predicate edges(MergedPathNode node1, MergedPathNode node2) { or node1.asPathNode3().getASuccessor() = node2.asPathNode3() or - joinOn2(node1.asPathNode3(), node2.asSinkNode(), _) + joinOn2(node1.asPathNode3(), node2.asSinkNode(), _, _) +} + +query predicate nodes(MergedPathNode n, string key, string val) { + AllocToInvalidPointerFlow::PathGraph1::nodes(n.asPathNode1(), key, val) + or + InvalidPointerToDerefFlow::PathGraph::nodes(n.asPathNode3(), key, val) + or + key = "semmle.label" and val = n.asSinkNode().toString() +} + +query predicate subpaths( + MergedPathNode arg, MergedPathNode par, MergedPathNode ret, MergedPathNode out +) { + AllocToInvalidPointerFlow::PathGraph1::subpaths(arg.asPathNode1(), par.asPathNode1(), + ret.asPathNode1(), out.asPathNode1()) + or + InvalidPointerToDerefFlow::PathGraph::subpaths(arg.asPathNode3(), par.asPathNode3(), + ret.asPathNode3(), out.asPathNode3()) } /** - * Holds if `p1` is a sink of `AllocToInvalidPointerConf` and `p2` is a source - * of `InvalidPointerToDerefConf`, and they are connected through `pai`. + * Holds if `p1` is a sink of `AllocToInvalidPointerConfig` and `p2` is a source + * of `InvalidPointerToDerefConfig`, and they are connected through `pai`. */ predicate joinOn1( PointerArithmeticInstruction pai, AllocToInvalidPointerFlow::PathNode1 p1, @@ -354,34 +375,38 @@ predicate joinOn1( } /** - * Holds if `p1` is a sink of `InvalidPointerToDerefConf` and `i` is the instruction + * Holds if `p1` is a sink of `InvalidPointerToDerefConfig` and `i` is the instruction * that dereferences `p1`. The string `operation` describes whether the `i` is * a `StoreInstruction` or `LoadInstruction`. */ pragma[inline] -predicate joinOn2(InvalidPointerToDerefFlow::PathNode p1, Instruction i, string operation) { - isInvalidPointerDerefSink(p1.getNode(), i, operation) +predicate joinOn2(InvalidPointerToDerefFlow::PathNode p1, Instruction i, string operation, int delta) { + isInvalidPointerDerefSink(p1.getNode(), i, operation, delta) } predicate hasFlowPath( MergedPathNode source1, MergedPathNode sink, InvalidPointerToDerefFlow::PathNode source3, - PointerArithmeticInstruction pai, string operation + PointerArithmeticInstruction pai, string operation, int delta ) { exists(InvalidPointerToDerefFlow::PathNode sink3, AllocToInvalidPointerFlow::PathNode1 sink1 | AllocToInvalidPointerFlow::flowPath(source1.asPathNode1(), _, sink1, _) and joinOn1(pai, sink1, source3) and InvalidPointerToDerefFlow::flowPath(source3, sink3) and - joinOn2(sink3, sink.asSinkNode(), operation) + joinOn2(sink3, sink.asSinkNode(), operation, delta) ) } from - MergedPathNode source, MergedPathNode sink, int k, string kstr, - InvalidPointerToDerefFlow::PathNode source3, PointerArithmeticInstruction pai, string operation, - Expr offset, DataFlow::Node n + MergedPathNode source, MergedPathNode sink, int k, string kstr, PointerArithmeticInstruction pai, + string operation, Expr offset, DataFlow::Node n where - hasFlowPath(source, sink, source3, pai, operation) and - invalidPointerToDerefSource(pai, source3.getNode(), k) and + k = + min(int k2, int k3, InvalidPointerToDerefFlow::PathNode source3 | + hasFlowPath(source, sink, source3, pai, operation, k3) and + invalidPointerToDerefSource(pai, source3.getNode(), k2) + | + k2 + k3 + ) and offset = pai.getRight().getUnconvertedResultExpression() and n = source.asPathNode1().getNode() and if k = 0 then kstr = "" else kstr = " + " + k diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-675/DoubleRelease.ql b/cpp/ql/src/experimental/Security/CWE/CWE-675/DoubleRelease.ql index a933ed063b2..5543e9dad66 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-675/DoubleRelease.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-675/DoubleRelease.ql @@ -25,7 +25,7 @@ class CallMayNotReturn extends FunctionCall { not exists(this.(ControlFlowNode).getASuccessor()) or // call to another function that may not return - exists(CallMayNotReturn exit | getTarget() = exit.getEnclosingFunction()) + exists(CallMayNotReturn exit | this.getTarget() = exit.getEnclosingFunction()) or this.(ControlFlowNode).getASuccessor() instanceof ThrowExpr } diff --git a/cpp/ql/src/external/DefectFilter.qll b/cpp/ql/src/external/DefectFilter.qll index b932ffd0470..ad786e9cbc9 100644 --- a/cpp/ql/src/external/DefectFilter.qll +++ b/cpp/ql/src/external/DefectFilter.qll @@ -49,7 +49,7 @@ class DefectResult extends int { /** Gets the URL corresponding to the location of this query result. */ string getURL() { result = - "file://" + getFile().getAbsolutePath() + ":" + getStartLine() + ":" + getStartColumn() + ":" + - getEndLine() + ":" + getEndColumn() + "file://" + this.getFile().getAbsolutePath() + ":" + this.getStartLine() + ":" + + this.getStartColumn() + ":" + this.getEndLine() + ":" + this.getEndColumn() } } diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index 3718b83cb14..46dffc3e763 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 0.6.2-dev +version: 0.6.3-dev groups: - cpp - queries @@ -10,3 +10,4 @@ dependencies: suites: codeql-suites extractor: cpp defaultSuiteFile: codeql-suites/cpp-code-scanning.qls +warnOnImplicitThis: true diff --git a/cpp/ql/test/TestUtilities/dataflow/FlowTestCommon.qll b/cpp/ql/test/TestUtilities/dataflow/FlowTestCommon.qll index d2172604384..8f393cccde5 100644 --- a/cpp/ql/test/TestUtilities/dataflow/FlowTestCommon.qll +++ b/cpp/ql/test/TestUtilities/dataflow/FlowTestCommon.qll @@ -16,18 +16,16 @@ private import semmle.code.cpp.ir.dataflow.DataFlow::DataFlow as IRDataFlow private import semmle.code.cpp.dataflow.DataFlow::DataFlow as AstDataFlow import TestUtilities.InlineExpectationsTest -class IRFlowTest extends InlineExpectationsTest { - IRFlowTest() { this = "IRFlowTest" } +module IRFlowTest implements TestSig { + string getARelevantTag() { result = "ir" } - override string getARelevantTag() { result = "ir" } - - override predicate hasActualResult(Location location, string element, string tag, string value) { - exists(IRDataFlow::Node source, IRDataFlow::Node sink, IRDataFlow::Configuration conf, int n | + predicate hasActualResult(Location location, string element, string tag, string value) { + exists(IRDataFlow::Node source, IRDataFlow::Node sink, int n | tag = "ir" and - conf.hasFlow(source, sink) and + Flow::flow(source, sink) and n = strictcount(int line, int column | - conf.hasFlow(any(IRDataFlow::Node otherSource | + Flow::flow(any(IRDataFlow::Node otherSource | otherSource.hasLocationInfo(_, line, column, _, _) ), sink) ) and @@ -47,20 +45,16 @@ class IRFlowTest extends InlineExpectationsTest { } } -class AstFlowTest extends InlineExpectationsTest { - AstFlowTest() { this = "ASTFlowTest" } +module AstFlowTest implements TestSig { + string getARelevantTag() { result = "ast" } - override string getARelevantTag() { result = "ast" } - - override predicate hasActualResult(Location location, string element, string tag, string value) { - exists( - AstDataFlow::Node source, AstDataFlow::Node sink, AstDataFlow::Configuration conf, int n - | + predicate hasActualResult(Location location, string element, string tag, string value) { + exists(AstDataFlow::Node source, AstDataFlow::Node sink, int n | tag = "ast" and - conf.hasFlow(source, sink) and + Flow::flow(source, sink) and n = strictcount(int line, int column | - conf.hasFlow(any(AstDataFlow::Node otherSource | + Flow::flow(any(AstDataFlow::Node otherSource | otherSource.hasLocationInfo(_, line, column, _, _) ), sink) ) and @@ -79,6 +73,3 @@ class AstFlowTest extends InlineExpectationsTest { ) } } - -/** DEPRECATED: Alias for AstFlowTest */ -deprecated class ASTFlowTest = AstFlowTest; diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-119/OverrunWriteProductFlow.expected b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-119/OverrunWriteProductFlow.expected deleted file mode 100644 index bca05e2a4ef..00000000000 --- a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-119/OverrunWriteProductFlow.expected +++ /dev/null @@ -1,424 +0,0 @@ -edges -| test.cpp:16:11:16:21 | mk_string_t indirection [string] | test.cpp:24:21:24:31 | call to mk_string_t indirection [string] | -| test.cpp:16:11:16:21 | mk_string_t indirection [string] | test.cpp:34:21:34:31 | call to mk_string_t indirection [string] | -| test.cpp:16:11:16:21 | mk_string_t indirection [string] | test.cpp:39:21:39:31 | call to mk_string_t indirection [string] | -| test.cpp:18:5:18:30 | ... = ... | test.cpp:18:10:18:15 | str indirection [post update] [string] | -| test.cpp:18:10:18:15 | str indirection [post update] [string] | test.cpp:16:11:16:21 | mk_string_t indirection [string] | -| test.cpp:18:19:18:24 | call to malloc | test.cpp:18:5:18:30 | ... = ... | -| test.cpp:24:21:24:31 | call to mk_string_t indirection [string] | test.cpp:26:13:26:15 | str indirection [string] | -| test.cpp:26:13:26:15 | str indirection [string] | test.cpp:26:18:26:23 | string | -| test.cpp:26:13:26:15 | str indirection [string] | test.cpp:26:18:26:23 | string indirection | -| test.cpp:26:18:26:23 | string indirection | test.cpp:26:18:26:23 | string | -| test.cpp:29:32:29:34 | str indirection [string] | test.cpp:30:13:30:15 | str indirection [string] | -| test.cpp:30:13:30:15 | str indirection [string] | test.cpp:30:18:30:23 | string | -| test.cpp:30:13:30:15 | str indirection [string] | test.cpp:30:18:30:23 | string indirection | -| test.cpp:30:18:30:23 | string indirection | test.cpp:30:18:30:23 | string | -| test.cpp:34:21:34:31 | call to mk_string_t indirection [string] | test.cpp:35:21:35:23 | str indirection [string] | -| test.cpp:35:21:35:23 | str indirection [string] | test.cpp:29:32:29:34 | str indirection [string] | -| test.cpp:39:21:39:31 | call to mk_string_t indirection [string] | test.cpp:41:13:41:15 | str indirection [string] | -| test.cpp:39:21:39:31 | call to mk_string_t indirection [string] | test.cpp:42:13:42:15 | str indirection [string] | -| test.cpp:39:21:39:31 | call to mk_string_t indirection [string] | test.cpp:44:13:44:15 | str indirection [string] | -| test.cpp:39:21:39:31 | call to mk_string_t indirection [string] | test.cpp:45:13:45:15 | str indirection [string] | -| test.cpp:39:21:39:31 | call to mk_string_t indirection [string] | test.cpp:48:17:48:19 | str indirection [string] | -| test.cpp:39:21:39:31 | call to mk_string_t indirection [string] | test.cpp:52:17:52:19 | str indirection [string] | -| test.cpp:39:21:39:31 | call to mk_string_t indirection [string] | test.cpp:56:17:56:19 | str indirection [string] | -| test.cpp:39:21:39:31 | call to mk_string_t indirection [string] | test.cpp:60:17:60:19 | str indirection [string] | -| test.cpp:39:21:39:31 | call to mk_string_t indirection [string] | test.cpp:64:17:64:19 | str indirection [string] | -| test.cpp:39:21:39:31 | call to mk_string_t indirection [string] | test.cpp:68:17:68:19 | str indirection [string] | -| test.cpp:39:21:39:31 | call to mk_string_t indirection [string] | test.cpp:72:17:72:19 | str indirection [string] | -| test.cpp:39:21:39:31 | call to mk_string_t indirection [string] | test.cpp:76:17:76:19 | str indirection [string] | -| test.cpp:39:21:39:31 | call to mk_string_t indirection [string] | test.cpp:80:17:80:19 | str indirection [string] | -| test.cpp:39:21:39:31 | call to mk_string_t indirection [string] | test.cpp:84:17:84:19 | str indirection [string] | -| test.cpp:41:13:41:15 | str indirection [string] | test.cpp:41:18:41:23 | string | -| test.cpp:41:13:41:15 | str indirection [string] | test.cpp:41:18:41:23 | string indirection | -| test.cpp:41:18:41:23 | string indirection | test.cpp:41:18:41:23 | string | -| test.cpp:42:13:42:15 | str indirection [string] | test.cpp:42:18:42:23 | string | -| test.cpp:42:13:42:15 | str indirection [string] | test.cpp:42:18:42:23 | string indirection | -| test.cpp:42:18:42:23 | string indirection | test.cpp:42:18:42:23 | string | -| test.cpp:44:13:44:15 | str indirection [string] | test.cpp:44:18:44:23 | string | -| test.cpp:44:13:44:15 | str indirection [string] | test.cpp:44:18:44:23 | string indirection | -| test.cpp:44:18:44:23 | string indirection | test.cpp:44:18:44:23 | string | -| test.cpp:45:13:45:15 | str indirection [string] | test.cpp:45:18:45:23 | string | -| test.cpp:45:13:45:15 | str indirection [string] | test.cpp:45:18:45:23 | string indirection | -| test.cpp:45:18:45:23 | string indirection | test.cpp:45:18:45:23 | string | -| test.cpp:48:17:48:19 | str indirection [string] | test.cpp:48:22:48:27 | string | -| test.cpp:48:17:48:19 | str indirection [string] | test.cpp:48:22:48:27 | string indirection | -| test.cpp:48:22:48:27 | string indirection | test.cpp:48:22:48:27 | string | -| test.cpp:52:17:52:19 | str indirection [string] | test.cpp:52:22:52:27 | string | -| test.cpp:52:17:52:19 | str indirection [string] | test.cpp:52:22:52:27 | string indirection | -| test.cpp:52:22:52:27 | string indirection | test.cpp:52:22:52:27 | string | -| test.cpp:56:17:56:19 | str indirection [string] | test.cpp:56:22:56:27 | string | -| test.cpp:56:17:56:19 | str indirection [string] | test.cpp:56:22:56:27 | string indirection | -| test.cpp:56:22:56:27 | string indirection | test.cpp:56:22:56:27 | string | -| test.cpp:60:17:60:19 | str indirection [string] | test.cpp:60:22:60:27 | string | -| test.cpp:60:17:60:19 | str indirection [string] | test.cpp:60:22:60:27 | string indirection | -| test.cpp:60:22:60:27 | string indirection | test.cpp:60:22:60:27 | string | -| test.cpp:64:17:64:19 | str indirection [string] | test.cpp:64:22:64:27 | string | -| test.cpp:64:17:64:19 | str indirection [string] | test.cpp:64:22:64:27 | string indirection | -| test.cpp:64:22:64:27 | string indirection | test.cpp:64:22:64:27 | string | -| test.cpp:68:17:68:19 | str indirection [string] | test.cpp:68:22:68:27 | string | -| test.cpp:68:17:68:19 | str indirection [string] | test.cpp:68:22:68:27 | string indirection | -| test.cpp:68:22:68:27 | string indirection | test.cpp:68:22:68:27 | string | -| test.cpp:72:17:72:19 | str indirection [string] | test.cpp:72:22:72:27 | string | -| test.cpp:72:17:72:19 | str indirection [string] | test.cpp:72:22:72:27 | string indirection | -| test.cpp:72:22:72:27 | string indirection | test.cpp:72:22:72:27 | string | -| test.cpp:76:17:76:19 | str indirection [string] | test.cpp:76:22:76:27 | string | -| test.cpp:76:17:76:19 | str indirection [string] | test.cpp:76:22:76:27 | string indirection | -| test.cpp:76:22:76:27 | string indirection | test.cpp:76:22:76:27 | string | -| test.cpp:80:17:80:19 | str indirection [string] | test.cpp:80:22:80:27 | string | -| test.cpp:80:17:80:19 | str indirection [string] | test.cpp:80:22:80:27 | string indirection | -| test.cpp:80:22:80:27 | string indirection | test.cpp:80:22:80:27 | string | -| test.cpp:84:17:84:19 | str indirection [string] | test.cpp:84:22:84:27 | string | -| test.cpp:84:17:84:19 | str indirection [string] | test.cpp:84:22:84:27 | string indirection | -| test.cpp:84:22:84:27 | string indirection | test.cpp:84:22:84:27 | string | -| test.cpp:88:11:88:30 | mk_string_t_plus_one indirection [string] | test.cpp:96:21:96:40 | call to mk_string_t_plus_one indirection [string] | -| test.cpp:90:5:90:34 | ... = ... | test.cpp:90:10:90:15 | str indirection [post update] [string] | -| test.cpp:90:10:90:15 | str indirection [post update] [string] | test.cpp:88:11:88:30 | mk_string_t_plus_one indirection [string] | -| test.cpp:90:19:90:24 | call to malloc | test.cpp:90:5:90:34 | ... = ... | -| test.cpp:96:21:96:40 | call to mk_string_t_plus_one indirection [string] | test.cpp:98:13:98:15 | str indirection [string] | -| test.cpp:96:21:96:40 | call to mk_string_t_plus_one indirection [string] | test.cpp:99:13:99:15 | str indirection [string] | -| test.cpp:96:21:96:40 | call to mk_string_t_plus_one indirection [string] | test.cpp:101:13:101:15 | str indirection [string] | -| test.cpp:96:21:96:40 | call to mk_string_t_plus_one indirection [string] | test.cpp:102:13:102:15 | str indirection [string] | -| test.cpp:96:21:96:40 | call to mk_string_t_plus_one indirection [string] | test.cpp:105:17:105:19 | str indirection [string] | -| test.cpp:96:21:96:40 | call to mk_string_t_plus_one indirection [string] | test.cpp:109:17:109:19 | str indirection [string] | -| test.cpp:96:21:96:40 | call to mk_string_t_plus_one indirection [string] | test.cpp:113:17:113:19 | str indirection [string] | -| test.cpp:96:21:96:40 | call to mk_string_t_plus_one indirection [string] | test.cpp:117:17:117:19 | str indirection [string] | -| test.cpp:96:21:96:40 | call to mk_string_t_plus_one indirection [string] | test.cpp:121:17:121:19 | str indirection [string] | -| test.cpp:96:21:96:40 | call to mk_string_t_plus_one indirection [string] | test.cpp:125:17:125:19 | str indirection [string] | -| test.cpp:96:21:96:40 | call to mk_string_t_plus_one indirection [string] | test.cpp:129:17:129:19 | str indirection [string] | -| test.cpp:96:21:96:40 | call to mk_string_t_plus_one indirection [string] | test.cpp:133:17:133:19 | str indirection [string] | -| test.cpp:96:21:96:40 | call to mk_string_t_plus_one indirection [string] | test.cpp:137:17:137:19 | str indirection [string] | -| test.cpp:96:21:96:40 | call to mk_string_t_plus_one indirection [string] | test.cpp:141:17:141:19 | str indirection [string] | -| test.cpp:98:13:98:15 | str indirection [string] | test.cpp:98:18:98:23 | string | -| test.cpp:98:13:98:15 | str indirection [string] | test.cpp:98:18:98:23 | string indirection | -| test.cpp:98:18:98:23 | string indirection | test.cpp:98:18:98:23 | string | -| test.cpp:99:13:99:15 | str indirection [string] | test.cpp:99:18:99:23 | string | -| test.cpp:99:13:99:15 | str indirection [string] | test.cpp:99:18:99:23 | string indirection | -| test.cpp:99:18:99:23 | string indirection | test.cpp:99:18:99:23 | string | -| test.cpp:101:13:101:15 | str indirection [string] | test.cpp:101:18:101:23 | string | -| test.cpp:101:13:101:15 | str indirection [string] | test.cpp:101:18:101:23 | string indirection | -| test.cpp:101:18:101:23 | string indirection | test.cpp:101:18:101:23 | string | -| test.cpp:102:13:102:15 | str indirection [string] | test.cpp:102:18:102:23 | string | -| test.cpp:102:13:102:15 | str indirection [string] | test.cpp:102:18:102:23 | string indirection | -| test.cpp:102:18:102:23 | string indirection | test.cpp:102:18:102:23 | string | -| test.cpp:105:17:105:19 | str indirection [string] | test.cpp:105:22:105:27 | string | -| test.cpp:105:17:105:19 | str indirection [string] | test.cpp:105:22:105:27 | string indirection | -| test.cpp:105:22:105:27 | string indirection | test.cpp:105:22:105:27 | string | -| test.cpp:109:17:109:19 | str indirection [string] | test.cpp:109:22:109:27 | string | -| test.cpp:109:17:109:19 | str indirection [string] | test.cpp:109:22:109:27 | string indirection | -| test.cpp:109:22:109:27 | string indirection | test.cpp:109:22:109:27 | string | -| test.cpp:113:17:113:19 | str indirection [string] | test.cpp:113:22:113:27 | string | -| test.cpp:113:17:113:19 | str indirection [string] | test.cpp:113:22:113:27 | string indirection | -| test.cpp:113:22:113:27 | string indirection | test.cpp:113:22:113:27 | string | -| test.cpp:117:17:117:19 | str indirection [string] | test.cpp:117:22:117:27 | string | -| test.cpp:117:17:117:19 | str indirection [string] | test.cpp:117:22:117:27 | string indirection | -| test.cpp:117:22:117:27 | string indirection | test.cpp:117:22:117:27 | string | -| test.cpp:121:17:121:19 | str indirection [string] | test.cpp:121:22:121:27 | string | -| test.cpp:121:17:121:19 | str indirection [string] | test.cpp:121:22:121:27 | string indirection | -| test.cpp:121:22:121:27 | string indirection | test.cpp:121:22:121:27 | string | -| test.cpp:125:17:125:19 | str indirection [string] | test.cpp:125:22:125:27 | string | -| test.cpp:125:17:125:19 | str indirection [string] | test.cpp:125:22:125:27 | string indirection | -| test.cpp:125:22:125:27 | string indirection | test.cpp:125:22:125:27 | string | -| test.cpp:129:17:129:19 | str indirection [string] | test.cpp:129:22:129:27 | string | -| test.cpp:129:17:129:19 | str indirection [string] | test.cpp:129:22:129:27 | string indirection | -| test.cpp:129:22:129:27 | string indirection | test.cpp:129:22:129:27 | string | -| test.cpp:133:17:133:19 | str indirection [string] | test.cpp:133:22:133:27 | string | -| test.cpp:133:17:133:19 | str indirection [string] | test.cpp:133:22:133:27 | string indirection | -| test.cpp:133:22:133:27 | string indirection | test.cpp:133:22:133:27 | string | -| test.cpp:137:17:137:19 | str indirection [string] | test.cpp:137:22:137:27 | string | -| test.cpp:137:17:137:19 | str indirection [string] | test.cpp:137:22:137:27 | string indirection | -| test.cpp:137:22:137:27 | string indirection | test.cpp:137:22:137:27 | string | -| test.cpp:141:17:141:19 | str indirection [string] | test.cpp:141:22:141:27 | string | -| test.cpp:141:17:141:19 | str indirection [string] | test.cpp:141:22:141:27 | string indirection | -| test.cpp:141:22:141:27 | string indirection | test.cpp:141:22:141:27 | string | -| test.cpp:147:5:147:34 | ... = ... | test.cpp:147:10:147:15 | str indirection [post update] [string] | -| test.cpp:147:10:147:15 | str indirection [post update] [string] | test.cpp:150:13:150:15 | str indirection [string] | -| test.cpp:147:10:147:15 | str indirection [post update] [string] | test.cpp:151:13:151:15 | str indirection [string] | -| test.cpp:147:10:147:15 | str indirection [post update] [string] | test.cpp:152:13:152:15 | str indirection [string] | -| test.cpp:147:10:147:15 | str indirection [post update] [string] | test.cpp:154:13:154:15 | str indirection [string] | -| test.cpp:147:10:147:15 | str indirection [post update] [string] | test.cpp:155:13:155:15 | str indirection [string] | -| test.cpp:147:10:147:15 | str indirection [post update] [string] | test.cpp:156:13:156:15 | str indirection [string] | -| test.cpp:147:10:147:15 | str indirection [post update] [string] | test.cpp:159:17:159:19 | str indirection [string] | -| test.cpp:147:10:147:15 | str indirection [post update] [string] | test.cpp:163:17:163:19 | str indirection [string] | -| test.cpp:147:10:147:15 | str indirection [post update] [string] | test.cpp:167:17:167:19 | str indirection [string] | -| test.cpp:147:10:147:15 | str indirection [post update] [string] | test.cpp:171:17:171:19 | str indirection [string] | -| test.cpp:147:10:147:15 | str indirection [post update] [string] | test.cpp:175:17:175:19 | str indirection [string] | -| test.cpp:147:10:147:15 | str indirection [post update] [string] | test.cpp:179:17:179:19 | str indirection [string] | -| test.cpp:147:10:147:15 | str indirection [post update] [string] | test.cpp:183:17:183:19 | str indirection [string] | -| test.cpp:147:10:147:15 | str indirection [post update] [string] | test.cpp:187:17:187:19 | str indirection [string] | -| test.cpp:147:10:147:15 | str indirection [post update] [string] | test.cpp:191:17:191:19 | str indirection [string] | -| test.cpp:147:10:147:15 | str indirection [post update] [string] | test.cpp:195:17:195:19 | str indirection [string] | -| test.cpp:147:10:147:15 | str indirection [post update] [string] | test.cpp:199:17:199:19 | str indirection [string] | -| test.cpp:147:10:147:15 | str indirection [post update] [string] | test.cpp:203:17:203:19 | str indirection [string] | -| test.cpp:147:10:147:15 | str indirection [post update] [string] | test.cpp:207:17:207:19 | str indirection [string] | -| test.cpp:147:19:147:24 | call to malloc | test.cpp:147:5:147:34 | ... = ... | -| test.cpp:150:13:150:15 | str indirection [string] | test.cpp:150:18:150:23 | string | -| test.cpp:150:13:150:15 | str indirection [string] | test.cpp:150:18:150:23 | string indirection | -| test.cpp:150:18:150:23 | string indirection | test.cpp:150:18:150:23 | string | -| test.cpp:151:13:151:15 | str indirection [string] | test.cpp:151:18:151:23 | string | -| test.cpp:151:13:151:15 | str indirection [string] | test.cpp:151:18:151:23 | string indirection | -| test.cpp:151:18:151:23 | string indirection | test.cpp:151:18:151:23 | string | -| test.cpp:152:13:152:15 | str indirection [string] | test.cpp:152:18:152:23 | string | -| test.cpp:152:13:152:15 | str indirection [string] | test.cpp:152:18:152:23 | string indirection | -| test.cpp:152:18:152:23 | string indirection | test.cpp:152:18:152:23 | string | -| test.cpp:154:13:154:15 | str indirection [string] | test.cpp:154:18:154:23 | string | -| test.cpp:154:13:154:15 | str indirection [string] | test.cpp:154:18:154:23 | string indirection | -| test.cpp:154:18:154:23 | string indirection | test.cpp:154:18:154:23 | string | -| test.cpp:155:13:155:15 | str indirection [string] | test.cpp:155:18:155:23 | string | -| test.cpp:155:13:155:15 | str indirection [string] | test.cpp:155:18:155:23 | string indirection | -| test.cpp:155:18:155:23 | string indirection | test.cpp:155:18:155:23 | string | -| test.cpp:156:13:156:15 | str indirection [string] | test.cpp:156:18:156:23 | string | -| test.cpp:156:13:156:15 | str indirection [string] | test.cpp:156:18:156:23 | string indirection | -| test.cpp:156:18:156:23 | string indirection | test.cpp:156:18:156:23 | string | -| test.cpp:159:17:159:19 | str indirection [string] | test.cpp:159:22:159:27 | string | -| test.cpp:159:17:159:19 | str indirection [string] | test.cpp:159:22:159:27 | string indirection | -| test.cpp:159:22:159:27 | string indirection | test.cpp:159:22:159:27 | string | -| test.cpp:163:17:163:19 | str indirection [string] | test.cpp:163:22:163:27 | string | -| test.cpp:163:17:163:19 | str indirection [string] | test.cpp:163:22:163:27 | string indirection | -| test.cpp:163:22:163:27 | string indirection | test.cpp:163:22:163:27 | string | -| test.cpp:167:17:167:19 | str indirection [string] | test.cpp:167:22:167:27 | string | -| test.cpp:167:17:167:19 | str indirection [string] | test.cpp:167:22:167:27 | string indirection | -| test.cpp:167:22:167:27 | string indirection | test.cpp:167:22:167:27 | string | -| test.cpp:171:17:171:19 | str indirection [string] | test.cpp:171:22:171:27 | string | -| test.cpp:171:17:171:19 | str indirection [string] | test.cpp:171:22:171:27 | string indirection | -| test.cpp:171:22:171:27 | string indirection | test.cpp:171:22:171:27 | string | -| test.cpp:175:17:175:19 | str indirection [string] | test.cpp:175:22:175:27 | string | -| test.cpp:175:17:175:19 | str indirection [string] | test.cpp:175:22:175:27 | string indirection | -| test.cpp:175:22:175:27 | string indirection | test.cpp:175:22:175:27 | string | -| test.cpp:179:17:179:19 | str indirection [string] | test.cpp:179:22:179:27 | string | -| test.cpp:179:17:179:19 | str indirection [string] | test.cpp:179:22:179:27 | string indirection | -| test.cpp:179:22:179:27 | string indirection | test.cpp:179:22:179:27 | string | -| test.cpp:183:17:183:19 | str indirection [string] | test.cpp:183:22:183:27 | string | -| test.cpp:183:17:183:19 | str indirection [string] | test.cpp:183:22:183:27 | string indirection | -| test.cpp:183:22:183:27 | string indirection | test.cpp:183:22:183:27 | string | -| test.cpp:187:17:187:19 | str indirection [string] | test.cpp:187:22:187:27 | string | -| test.cpp:187:17:187:19 | str indirection [string] | test.cpp:187:22:187:27 | string indirection | -| test.cpp:187:22:187:27 | string indirection | test.cpp:187:22:187:27 | string | -| test.cpp:191:17:191:19 | str indirection [string] | test.cpp:191:22:191:27 | string | -| test.cpp:191:17:191:19 | str indirection [string] | test.cpp:191:22:191:27 | string indirection | -| test.cpp:191:22:191:27 | string indirection | test.cpp:191:22:191:27 | string | -| test.cpp:195:17:195:19 | str indirection [string] | test.cpp:195:22:195:27 | string | -| test.cpp:195:17:195:19 | str indirection [string] | test.cpp:195:22:195:27 | string indirection | -| test.cpp:195:22:195:27 | string indirection | test.cpp:195:22:195:27 | string | -| test.cpp:199:17:199:19 | str indirection [string] | test.cpp:199:22:199:27 | string | -| test.cpp:199:17:199:19 | str indirection [string] | test.cpp:199:22:199:27 | string indirection | -| test.cpp:199:22:199:27 | string indirection | test.cpp:199:22:199:27 | string | -| test.cpp:203:17:203:19 | str indirection [string] | test.cpp:203:22:203:27 | string | -| test.cpp:203:17:203:19 | str indirection [string] | test.cpp:203:22:203:27 | string indirection | -| test.cpp:203:22:203:27 | string indirection | test.cpp:203:22:203:27 | string | -| test.cpp:207:17:207:19 | str indirection [string] | test.cpp:207:22:207:27 | string | -| test.cpp:207:17:207:19 | str indirection [string] | test.cpp:207:22:207:27 | string indirection | -| test.cpp:207:22:207:27 | string indirection | test.cpp:207:22:207:27 | string | -| test.cpp:214:24:214:24 | p | test.cpp:216:10:216:10 | p | -| test.cpp:220:43:220:48 | call to malloc | test.cpp:222:15:222:20 | buffer | -| test.cpp:222:15:222:20 | buffer | test.cpp:214:24:214:24 | p | -| test.cpp:228:43:228:48 | call to malloc | test.cpp:232:10:232:15 | buffer | -| test.cpp:235:40:235:45 | buffer | test.cpp:236:5:236:26 | ... = ... | -| test.cpp:236:5:236:26 | ... = ... | test.cpp:236:12:236:17 | p_str indirection [post update] [string] | -| test.cpp:241:27:241:32 | call to malloc | test.cpp:242:22:242:27 | buffer | -| test.cpp:242:16:242:19 | set_string output argument [string] | test.cpp:243:12:243:14 | str indirection [string] | -| test.cpp:242:22:242:27 | buffer | test.cpp:235:40:235:45 | buffer | -| test.cpp:242:22:242:27 | buffer | test.cpp:242:16:242:19 | set_string output argument [string] | -| test.cpp:243:12:243:14 | str indirection [string] | test.cpp:243:12:243:21 | string | -| test.cpp:243:12:243:14 | str indirection [string] | test.cpp:243:16:243:21 | string indirection | -| test.cpp:243:16:243:21 | string indirection | test.cpp:243:12:243:21 | string | -nodes -| test.cpp:16:11:16:21 | mk_string_t indirection [string] | semmle.label | mk_string_t indirection [string] | -| test.cpp:18:5:18:30 | ... = ... | semmle.label | ... = ... | -| test.cpp:18:10:18:15 | str indirection [post update] [string] | semmle.label | str indirection [post update] [string] | -| test.cpp:18:19:18:24 | call to malloc | semmle.label | call to malloc | -| test.cpp:24:21:24:31 | call to mk_string_t indirection [string] | semmle.label | call to mk_string_t indirection [string] | -| test.cpp:26:13:26:15 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:26:18:26:23 | string | semmle.label | string | -| test.cpp:26:18:26:23 | string indirection | semmle.label | string indirection | -| test.cpp:29:32:29:34 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:30:13:30:15 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:30:18:30:23 | string | semmle.label | string | -| test.cpp:30:18:30:23 | string indirection | semmle.label | string indirection | -| test.cpp:34:21:34:31 | call to mk_string_t indirection [string] | semmle.label | call to mk_string_t indirection [string] | -| test.cpp:35:21:35:23 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:39:21:39:31 | call to mk_string_t indirection [string] | semmle.label | call to mk_string_t indirection [string] | -| test.cpp:41:13:41:15 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:41:18:41:23 | string | semmle.label | string | -| test.cpp:41:18:41:23 | string indirection | semmle.label | string indirection | -| test.cpp:42:13:42:15 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:42:18:42:23 | string | semmle.label | string | -| test.cpp:42:18:42:23 | string indirection | semmle.label | string indirection | -| test.cpp:44:13:44:15 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:44:18:44:23 | string | semmle.label | string | -| test.cpp:44:18:44:23 | string indirection | semmle.label | string indirection | -| test.cpp:45:13:45:15 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:45:18:45:23 | string | semmle.label | string | -| test.cpp:45:18:45:23 | string indirection | semmle.label | string indirection | -| test.cpp:48:17:48:19 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:48:22:48:27 | string | semmle.label | string | -| test.cpp:48:22:48:27 | string indirection | semmle.label | string indirection | -| test.cpp:52:17:52:19 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:52:22:52:27 | string | semmle.label | string | -| test.cpp:52:22:52:27 | string indirection | semmle.label | string indirection | -| test.cpp:56:17:56:19 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:56:22:56:27 | string | semmle.label | string | -| test.cpp:56:22:56:27 | string indirection | semmle.label | string indirection | -| test.cpp:60:17:60:19 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:60:22:60:27 | string | semmle.label | string | -| test.cpp:60:22:60:27 | string indirection | semmle.label | string indirection | -| test.cpp:64:17:64:19 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:64:22:64:27 | string | semmle.label | string | -| test.cpp:64:22:64:27 | string indirection | semmle.label | string indirection | -| test.cpp:68:17:68:19 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:68:22:68:27 | string | semmle.label | string | -| test.cpp:68:22:68:27 | string indirection | semmle.label | string indirection | -| test.cpp:72:17:72:19 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:72:22:72:27 | string | semmle.label | string | -| test.cpp:72:22:72:27 | string indirection | semmle.label | string indirection | -| test.cpp:76:17:76:19 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:76:22:76:27 | string | semmle.label | string | -| test.cpp:76:22:76:27 | string indirection | semmle.label | string indirection | -| test.cpp:80:17:80:19 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:80:22:80:27 | string | semmle.label | string | -| test.cpp:80:22:80:27 | string indirection | semmle.label | string indirection | -| test.cpp:84:17:84:19 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:84:22:84:27 | string | semmle.label | string | -| test.cpp:84:22:84:27 | string indirection | semmle.label | string indirection | -| test.cpp:88:11:88:30 | mk_string_t_plus_one indirection [string] | semmle.label | mk_string_t_plus_one indirection [string] | -| test.cpp:90:5:90:34 | ... = ... | semmle.label | ... = ... | -| test.cpp:90:10:90:15 | str indirection [post update] [string] | semmle.label | str indirection [post update] [string] | -| test.cpp:90:19:90:24 | call to malloc | semmle.label | call to malloc | -| test.cpp:96:21:96:40 | call to mk_string_t_plus_one indirection [string] | semmle.label | call to mk_string_t_plus_one indirection [string] | -| test.cpp:98:13:98:15 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:98:18:98:23 | string | semmle.label | string | -| test.cpp:98:18:98:23 | string indirection | semmle.label | string indirection | -| test.cpp:99:13:99:15 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:99:18:99:23 | string | semmle.label | string | -| test.cpp:99:18:99:23 | string indirection | semmle.label | string indirection | -| test.cpp:101:13:101:15 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:101:18:101:23 | string | semmle.label | string | -| test.cpp:101:18:101:23 | string indirection | semmle.label | string indirection | -| test.cpp:102:13:102:15 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:102:18:102:23 | string | semmle.label | string | -| test.cpp:102:18:102:23 | string indirection | semmle.label | string indirection | -| test.cpp:105:17:105:19 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:105:22:105:27 | string | semmle.label | string | -| test.cpp:105:22:105:27 | string indirection | semmle.label | string indirection | -| test.cpp:109:17:109:19 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:109:22:109:27 | string | semmle.label | string | -| test.cpp:109:22:109:27 | string indirection | semmle.label | string indirection | -| test.cpp:113:17:113:19 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:113:22:113:27 | string | semmle.label | string | -| test.cpp:113:22:113:27 | string indirection | semmle.label | string indirection | -| test.cpp:117:17:117:19 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:117:22:117:27 | string | semmle.label | string | -| test.cpp:117:22:117:27 | string indirection | semmle.label | string indirection | -| test.cpp:121:17:121:19 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:121:22:121:27 | string | semmle.label | string | -| test.cpp:121:22:121:27 | string indirection | semmle.label | string indirection | -| test.cpp:125:17:125:19 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:125:22:125:27 | string | semmle.label | string | -| test.cpp:125:22:125:27 | string indirection | semmle.label | string indirection | -| test.cpp:129:17:129:19 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:129:22:129:27 | string | semmle.label | string | -| test.cpp:129:22:129:27 | string indirection | semmle.label | string indirection | -| test.cpp:133:17:133:19 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:133:22:133:27 | string | semmle.label | string | -| test.cpp:133:22:133:27 | string indirection | semmle.label | string indirection | -| test.cpp:137:17:137:19 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:137:22:137:27 | string | semmle.label | string | -| test.cpp:137:22:137:27 | string indirection | semmle.label | string indirection | -| test.cpp:141:17:141:19 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:141:22:141:27 | string | semmle.label | string | -| test.cpp:141:22:141:27 | string indirection | semmle.label | string indirection | -| test.cpp:147:5:147:34 | ... = ... | semmle.label | ... = ... | -| test.cpp:147:10:147:15 | str indirection [post update] [string] | semmle.label | str indirection [post update] [string] | -| test.cpp:147:19:147:24 | call to malloc | semmle.label | call to malloc | -| test.cpp:150:13:150:15 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:150:18:150:23 | string | semmle.label | string | -| test.cpp:150:18:150:23 | string indirection | semmle.label | string indirection | -| test.cpp:151:13:151:15 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:151:18:151:23 | string | semmle.label | string | -| test.cpp:151:18:151:23 | string indirection | semmle.label | string indirection | -| test.cpp:152:13:152:15 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:152:18:152:23 | string | semmle.label | string | -| test.cpp:152:18:152:23 | string indirection | semmle.label | string indirection | -| test.cpp:154:13:154:15 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:154:18:154:23 | string | semmle.label | string | -| test.cpp:154:18:154:23 | string indirection | semmle.label | string indirection | -| test.cpp:155:13:155:15 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:155:18:155:23 | string | semmle.label | string | -| test.cpp:155:18:155:23 | string indirection | semmle.label | string indirection | -| test.cpp:156:13:156:15 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:156:18:156:23 | string | semmle.label | string | -| test.cpp:156:18:156:23 | string indirection | semmle.label | string indirection | -| test.cpp:159:17:159:19 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:159:22:159:27 | string | semmle.label | string | -| test.cpp:159:22:159:27 | string indirection | semmle.label | string indirection | -| test.cpp:163:17:163:19 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:163:22:163:27 | string | semmle.label | string | -| test.cpp:163:22:163:27 | string indirection | semmle.label | string indirection | -| test.cpp:167:17:167:19 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:167:22:167:27 | string | semmle.label | string | -| test.cpp:167:22:167:27 | string indirection | semmle.label | string indirection | -| test.cpp:171:17:171:19 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:171:22:171:27 | string | semmle.label | string | -| test.cpp:171:22:171:27 | string indirection | semmle.label | string indirection | -| test.cpp:175:17:175:19 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:175:22:175:27 | string | semmle.label | string | -| test.cpp:175:22:175:27 | string indirection | semmle.label | string indirection | -| test.cpp:179:17:179:19 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:179:22:179:27 | string | semmle.label | string | -| test.cpp:179:22:179:27 | string indirection | semmle.label | string indirection | -| test.cpp:183:17:183:19 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:183:22:183:27 | string | semmle.label | string | -| test.cpp:183:22:183:27 | string indirection | semmle.label | string indirection | -| test.cpp:187:17:187:19 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:187:22:187:27 | string | semmle.label | string | -| test.cpp:187:22:187:27 | string indirection | semmle.label | string indirection | -| test.cpp:191:17:191:19 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:191:22:191:27 | string | semmle.label | string | -| test.cpp:191:22:191:27 | string indirection | semmle.label | string indirection | -| test.cpp:195:17:195:19 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:195:22:195:27 | string | semmle.label | string | -| test.cpp:195:22:195:27 | string indirection | semmle.label | string indirection | -| test.cpp:199:17:199:19 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:199:22:199:27 | string | semmle.label | string | -| test.cpp:199:22:199:27 | string indirection | semmle.label | string indirection | -| test.cpp:203:17:203:19 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:203:22:203:27 | string | semmle.label | string | -| test.cpp:203:22:203:27 | string indirection | semmle.label | string indirection | -| test.cpp:207:17:207:19 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:207:22:207:27 | string | semmle.label | string | -| test.cpp:207:22:207:27 | string indirection | semmle.label | string indirection | -| test.cpp:214:24:214:24 | p | semmle.label | p | -| test.cpp:216:10:216:10 | p | semmle.label | p | -| test.cpp:220:43:220:48 | call to malloc | semmle.label | call to malloc | -| test.cpp:222:15:222:20 | buffer | semmle.label | buffer | -| test.cpp:228:43:228:48 | call to malloc | semmle.label | call to malloc | -| test.cpp:232:10:232:15 | buffer | semmle.label | buffer | -| test.cpp:235:40:235:45 | buffer | semmle.label | buffer | -| test.cpp:236:5:236:26 | ... = ... | semmle.label | ... = ... | -| test.cpp:236:12:236:17 | p_str indirection [post update] [string] | semmle.label | p_str indirection [post update] [string] | -| test.cpp:241:27:241:32 | call to malloc | semmle.label | call to malloc | -| test.cpp:242:16:242:19 | set_string output argument [string] | semmle.label | set_string output argument [string] | -| test.cpp:242:22:242:27 | buffer | semmle.label | buffer | -| test.cpp:243:12:243:14 | str indirection [string] | semmle.label | str indirection [string] | -| test.cpp:243:12:243:21 | string | semmle.label | string | -| test.cpp:243:16:243:21 | string indirection | semmle.label | string indirection | -subpaths -| test.cpp:242:22:242:27 | buffer | test.cpp:235:40:235:45 | buffer | test.cpp:236:12:236:17 | p_str indirection [post update] [string] | test.cpp:242:16:242:19 | set_string output argument [string] | -#select -| test.cpp:42:5:42:11 | call to strncpy | test.cpp:18:19:18:24 | call to malloc | test.cpp:42:18:42:23 | string | This write may overflow $@ by 1 element. | test.cpp:42:18:42:23 | string | string | -| test.cpp:72:9:72:15 | call to strncpy | test.cpp:18:19:18:24 | call to malloc | test.cpp:72:22:72:27 | string | This write may overflow $@ by 1 element. | test.cpp:72:22:72:27 | string | string | -| test.cpp:80:9:80:15 | call to strncpy | test.cpp:18:19:18:24 | call to malloc | test.cpp:80:22:80:27 | string | This write may overflow $@ by 2 elements. | test.cpp:80:22:80:27 | string | string | -| test.cpp:99:5:99:11 | call to strncpy | test.cpp:90:19:90:24 | call to malloc | test.cpp:99:18:99:23 | string | This write may overflow $@ by 1 element. | test.cpp:99:18:99:23 | string | string | -| test.cpp:129:9:129:15 | call to strncpy | test.cpp:90:19:90:24 | call to malloc | test.cpp:129:22:129:27 | string | This write may overflow $@ by 1 element. | test.cpp:129:22:129:27 | string | string | -| test.cpp:137:9:137:15 | call to strncpy | test.cpp:90:19:90:24 | call to malloc | test.cpp:137:22:137:27 | string | This write may overflow $@ by 2 elements. | test.cpp:137:22:137:27 | string | string | -| test.cpp:152:5:152:11 | call to strncpy | test.cpp:147:19:147:24 | call to malloc | test.cpp:152:18:152:23 | string | This write may overflow $@ by 1 element. | test.cpp:152:18:152:23 | string | string | -| test.cpp:154:5:154:11 | call to strncpy | test.cpp:147:19:147:24 | call to malloc | test.cpp:154:18:154:23 | string | This write may overflow $@ by 1 element. | test.cpp:154:18:154:23 | string | string | -| test.cpp:156:5:156:11 | call to strncpy | test.cpp:147:19:147:24 | call to malloc | test.cpp:156:18:156:23 | string | This write may overflow $@ by 2 elements. | test.cpp:156:18:156:23 | string | string | -| test.cpp:175:9:175:15 | call to strncpy | test.cpp:147:19:147:24 | call to malloc | test.cpp:175:22:175:27 | string | This write may overflow $@ by 1 element. | test.cpp:175:22:175:27 | string | string | -| test.cpp:187:9:187:15 | call to strncpy | test.cpp:147:19:147:24 | call to malloc | test.cpp:187:22:187:27 | string | This write may overflow $@ by 1 element. | test.cpp:187:22:187:27 | string | string | -| test.cpp:195:9:195:15 | call to strncpy | test.cpp:147:19:147:24 | call to malloc | test.cpp:195:22:195:27 | string | This write may overflow $@ by 1 element. | test.cpp:195:22:195:27 | string | string | -| test.cpp:199:9:199:15 | call to strncpy | test.cpp:147:19:147:24 | call to malloc | test.cpp:199:22:199:27 | string | This write may overflow $@ by 2 elements. | test.cpp:199:22:199:27 | string | string | -| test.cpp:203:9:203:15 | call to strncpy | test.cpp:147:19:147:24 | call to malloc | test.cpp:203:22:203:27 | string | This write may overflow $@ by 2 elements. | test.cpp:203:22:203:27 | string | string | -| test.cpp:207:9:207:15 | call to strncpy | test.cpp:147:19:147:24 | call to malloc | test.cpp:207:22:207:27 | string | This write may overflow $@ by 3 elements. | test.cpp:207:22:207:27 | string | string | -| test.cpp:232:3:232:8 | call to memset | test.cpp:228:43:228:48 | call to malloc | test.cpp:232:10:232:15 | buffer | This write may overflow $@ by 32 elements. | test.cpp:232:10:232:15 | buffer | buffer | -| test.cpp:243:5:243:10 | call to memset | test.cpp:241:27:241:32 | call to malloc | test.cpp:243:12:243:21 | string | This write may overflow $@ by 1 element. | test.cpp:243:16:243:21 | string | string | diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-119/OverrunWriteProductFlow.qlref b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-119/OverrunWriteProductFlow.qlref deleted file mode 100644 index 21ced45de5d..00000000000 --- a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-119/OverrunWriteProductFlow.qlref +++ /dev/null @@ -1 +0,0 @@ -experimental/Likely Bugs/OverrunWriteProductFlow.ql \ No newline at end of file diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-190/IfStatementAdditionOverflow/IfStatementAdditionOverflow.expected b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-190/IfStatementAdditionOverflow/IfStatementAdditionOverflow.expected new file mode 100644 index 00000000000..2e31f173faa --- /dev/null +++ b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-190/IfStatementAdditionOverflow/IfStatementAdditionOverflow.expected @@ -0,0 +1,35 @@ +| test.cpp:18:6:18:10 | ... > ... | "if (a+b>c) a=c-b" was detected where the $@ may potentially overflow/wraparound. The code can be rewritten as "if (a>c-b) a=c-b" which avoids the overflow. | test.cpp:18:6:18:8 | ... + ... | addition | +| test.cpp:19:6:19:10 | ... > ... | "if (a+b>c) a=c-b" was detected where the $@ may potentially overflow/wraparound. The code can be rewritten as "if (a>c-b) a=c-b" which avoids the overflow. | test.cpp:19:6:19:8 | ... + ... | addition | +| test.cpp:20:6:20:10 | ... > ... | "if (a+b>c) a=c-b" was detected where the $@ may potentially overflow/wraparound. The code can be rewritten as "if (a>c-b) a=c-b" which avoids the overflow. | test.cpp:20:6:20:8 | ... + ... | addition | +| test.cpp:21:6:21:10 | ... > ... | "if (a+b>c) a=c-b" was detected where the $@ may potentially overflow/wraparound. The code can be rewritten as "if (a>c-b) a=c-b" which avoids the overflow. | test.cpp:21:6:21:8 | ... + ... | addition | +| test.cpp:22:6:22:10 | ... > ... | "if (a+b>c) a=c-b" was detected where the $@ may potentially overflow/wraparound. The code can be rewritten as "if (a>c-b) a=c-b" which avoids the overflow. | test.cpp:22:8:22:10 | ... + ... | addition | +| test.cpp:23:6:23:10 | ... > ... | "if (a+b>c) a=c-b" was detected where the $@ may potentially overflow/wraparound. The code can be rewritten as "if (a>c-b) a=c-b" which avoids the overflow. | test.cpp:23:8:23:10 | ... + ... | addition | +| test.cpp:24:6:24:10 | ... > ... | "if (a+b>c) a=c-b" was detected where the $@ may potentially overflow/wraparound. The code can be rewritten as "if (a>c-b) a=c-b" which avoids the overflow. | test.cpp:24:8:24:10 | ... + ... | addition | +| test.cpp:25:6:25:10 | ... > ... | "if (a+b>c) a=c-b" was detected where the $@ may potentially overflow/wraparound. The code can be rewritten as "if (a>c-b) a=c-b" which avoids the overflow. | test.cpp:25:8:25:10 | ... + ... | addition | +| test.cpp:27:6:27:11 | ... >= ... | "if (a+b>c) a=c-b" was detected where the $@ may potentially overflow/wraparound. The code can be rewritten as "if (a>c-b) a=c-b" which avoids the overflow. | test.cpp:27:6:27:8 | ... + ... | addition | +| test.cpp:28:6:28:11 | ... >= ... | "if (a+b>c) a=c-b" was detected where the $@ may potentially overflow/wraparound. The code can be rewritten as "if (a>c-b) a=c-b" which avoids the overflow. | test.cpp:28:6:28:8 | ... + ... | addition | +| test.cpp:29:6:29:11 | ... >= ... | "if (a+b>c) a=c-b" was detected where the $@ may potentially overflow/wraparound. The code can be rewritten as "if (a>c-b) a=c-b" which avoids the overflow. | test.cpp:29:6:29:8 | ... + ... | addition | +| test.cpp:30:6:30:11 | ... >= ... | "if (a+b>c) a=c-b" was detected where the $@ may potentially overflow/wraparound. The code can be rewritten as "if (a>c-b) a=c-b" which avoids the overflow. | test.cpp:30:6:30:8 | ... + ... | addition | +| test.cpp:31:6:31:11 | ... >= ... | "if (a+b>c) a=c-b" was detected where the $@ may potentially overflow/wraparound. The code can be rewritten as "if (a>c-b) a=c-b" which avoids the overflow. | test.cpp:31:9:31:11 | ... + ... | addition | +| test.cpp:32:6:32:11 | ... >= ... | "if (a+b>c) a=c-b" was detected where the $@ may potentially overflow/wraparound. The code can be rewritten as "if (a>c-b) a=c-b" which avoids the overflow. | test.cpp:32:9:32:11 | ... + ... | addition | +| test.cpp:33:6:33:11 | ... >= ... | "if (a+b>c) a=c-b" was detected where the $@ may potentially overflow/wraparound. The code can be rewritten as "if (a>c-b) a=c-b" which avoids the overflow. | test.cpp:33:9:33:11 | ... + ... | addition | +| test.cpp:34:6:34:11 | ... >= ... | "if (a+b>c) a=c-b" was detected where the $@ may potentially overflow/wraparound. The code can be rewritten as "if (a>c-b) a=c-b" which avoids the overflow. | test.cpp:34:9:34:11 | ... + ... | addition | +| test.cpp:36:6:36:10 | ... < ... | "if (a+b>c) a=c-b" was detected where the $@ may potentially overflow/wraparound. The code can be rewritten as "if (a>c-b) a=c-b" which avoids the overflow. | test.cpp:36:6:36:8 | ... + ... | addition | +| test.cpp:37:6:37:10 | ... < ... | "if (a+b>c) a=c-b" was detected where the $@ may potentially overflow/wraparound. The code can be rewritten as "if (a>c-b) a=c-b" which avoids the overflow. | test.cpp:37:6:37:8 | ... + ... | addition | +| test.cpp:38:6:38:10 | ... < ... | "if (a+b>c) a=c-b" was detected where the $@ may potentially overflow/wraparound. The code can be rewritten as "if (a>c-b) a=c-b" which avoids the overflow. | test.cpp:38:6:38:8 | ... + ... | addition | +| test.cpp:39:6:39:10 | ... < ... | "if (a+b>c) a=c-b" was detected where the $@ may potentially overflow/wraparound. The code can be rewritten as "if (a>c-b) a=c-b" which avoids the overflow. | test.cpp:39:6:39:8 | ... + ... | addition | +| test.cpp:40:6:40:10 | ... < ... | "if (a+b>c) a=c-b" was detected where the $@ may potentially overflow/wraparound. The code can be rewritten as "if (a>c-b) a=c-b" which avoids the overflow. | test.cpp:40:8:40:10 | ... + ... | addition | +| test.cpp:41:6:41:10 | ... < ... | "if (a+b>c) a=c-b" was detected where the $@ may potentially overflow/wraparound. The code can be rewritten as "if (a>c-b) a=c-b" which avoids the overflow. | test.cpp:41:8:41:10 | ... + ... | addition | +| test.cpp:42:6:42:10 | ... < ... | "if (a+b>c) a=c-b" was detected where the $@ may potentially overflow/wraparound. The code can be rewritten as "if (a>c-b) a=c-b" which avoids the overflow. | test.cpp:42:8:42:10 | ... + ... | addition | +| test.cpp:43:6:43:10 | ... < ... | "if (a+b>c) a=c-b" was detected where the $@ may potentially overflow/wraparound. The code can be rewritten as "if (a>c-b) a=c-b" which avoids the overflow. | test.cpp:43:8:43:10 | ... + ... | addition | +| test.cpp:45:6:45:11 | ... <= ... | "if (a+b>c) a=c-b" was detected where the $@ may potentially overflow/wraparound. The code can be rewritten as "if (a>c-b) a=c-b" which avoids the overflow. | test.cpp:45:6:45:8 | ... + ... | addition | +| test.cpp:46:6:46:11 | ... <= ... | "if (a+b>c) a=c-b" was detected where the $@ may potentially overflow/wraparound. The code can be rewritten as "if (a>c-b) a=c-b" which avoids the overflow. | test.cpp:46:6:46:8 | ... + ... | addition | +| test.cpp:47:6:47:11 | ... <= ... | "if (a+b>c) a=c-b" was detected where the $@ may potentially overflow/wraparound. The code can be rewritten as "if (a>c-b) a=c-b" which avoids the overflow. | test.cpp:47:6:47:8 | ... + ... | addition | +| test.cpp:48:6:48:11 | ... <= ... | "if (a+b>c) a=c-b" was detected where the $@ may potentially overflow/wraparound. The code can be rewritten as "if (a>c-b) a=c-b" which avoids the overflow. | test.cpp:48:6:48:8 | ... + ... | addition | +| test.cpp:49:6:49:11 | ... <= ... | "if (a+b>c) a=c-b" was detected where the $@ may potentially overflow/wraparound. The code can be rewritten as "if (a>c-b) a=c-b" which avoids the overflow. | test.cpp:49:9:49:11 | ... + ... | addition | +| test.cpp:50:6:50:11 | ... <= ... | "if (a+b>c) a=c-b" was detected where the $@ may potentially overflow/wraparound. The code can be rewritten as "if (a>c-b) a=c-b" which avoids the overflow. | test.cpp:50:9:50:11 | ... + ... | addition | +| test.cpp:51:6:51:11 | ... <= ... | "if (a+b>c) a=c-b" was detected where the $@ may potentially overflow/wraparound. The code can be rewritten as "if (a>c-b) a=c-b" which avoids the overflow. | test.cpp:51:9:51:11 | ... + ... | addition | +| test.cpp:52:6:52:11 | ... <= ... | "if (a+b>c) a=c-b" was detected where the $@ may potentially overflow/wraparound. The code can be rewritten as "if (a>c-b) a=c-b" which avoids the overflow. | test.cpp:52:9:52:11 | ... + ... | addition | +| test.cpp:54:6:54:10 | ... > ... | "if (a+b>c) a=c-b" was detected where the $@ may potentially overflow/wraparound. The code can be rewritten as "if (a>c-b) a=c-b" which avoids the overflow. | test.cpp:54:6:54:8 | ... + ... | addition | +| test.cpp:61:6:61:11 | ... <= ... | "if (a+b>c) a=c-b" was detected where the $@ may potentially overflow/wraparound. The code can be rewritten as "if (a>c-b) a=c-b" which avoids the overflow. | test.cpp:61:6:61:8 | ... + ... | addition | +| test.cpp:62:6:62:11 | ... <= ... | "if (a+b>c) a=c-b" was detected where the $@ may potentially overflow/wraparound. The code can be rewritten as "if (a>c-b) a=c-b" which avoids the overflow. | test.cpp:62:6:62:8 | ... + ... | addition | diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-190/IfStatementAdditionOverflow/IfStatementAdditionOverflow.qlref b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-190/IfStatementAdditionOverflow/IfStatementAdditionOverflow.qlref new file mode 100644 index 00000000000..0873051581d --- /dev/null +++ b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-190/IfStatementAdditionOverflow/IfStatementAdditionOverflow.qlref @@ -0,0 +1 @@ +experimental/Security/CWE/CWE-190/IfStatementAdditionOverflow.ql diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-190/IfStatementAdditionOverflow/test.cpp b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-190/IfStatementAdditionOverflow/test.cpp new file mode 100644 index 00000000000..7c5ab91832e --- /dev/null +++ b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-190/IfStatementAdditionOverflow/test.cpp @@ -0,0 +1,63 @@ + +int getAnInt(); +double getADouble(); +unsigned short getAnUnsignedShort(); + +void test() +{ + int a = getAnInt(); + int b = getAnInt(); + int c = getAnInt(); + int x = getAnInt(); + int y = getAnInt(); + double d = getADouble(); + unsigned short a1 = getAnUnsignedShort(); + unsigned short b1 = getAnUnsignedShort(); + unsigned short c1 = getAnUnsignedShort(); + + if (a+b>c) a = c-b; // BAD + if (a+b>c) { a = c-b; } // BAD + if (b+a>c) a = c-b; // BAD + if (b+a>c) { a = c-b; } // BAD + if (c>a+b) a = c-b; // BAD + if (c>a+b) { a = c-b; } // BAD + if (c>b+a) a = c-b; // BAD + if (c>b+a) { a = c-b; } // BAD + + if (a+b>=c) a = c-b; // BAD + if (a+b>=c) { a = c-b; } // BAD + if (b+a>=c) a = c-b; // BAD + if (b+a>=c) { a = c-b; } // BAD + if (c>=a+b) a = c-b; // BAD + if (c>=a+b) { a = c-b; } // BAD + if (c>=b+a) a = c-b; // BAD + if (c>=b+a) { a = c-b; } // BAD + + if (a+bd) a = d-b; // BAD + if (a+(double)b>c) a = c-b; // GOOD + if (a+(-x)>c) a = c-(-y); // GOOD + if (a+b>c) { b++; a = c-b; } // GOOD + if (a+d>c) a = c-d; // GOOD + if (a1+b1>c1) a1 = c1-b1; // GOOD + + if (a+b<=c) { /* ... */ } else { a = c-b; } // BAD + if (a+b<=c) { return; } a = c-b; // BAD +} diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/ConstantSizeArrayOffByOne.expected b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/ConstantSizeArrayOffByOne.expected index e201ef15af9..7d3df8cb7cb 100644 --- a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/ConstantSizeArrayOffByOne.expected +++ b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/ConstantSizeArrayOffByOne.expected @@ -1,37 +1,46 @@ edges -| test.cpp:66:32:66:32 | p | test.cpp:66:32:66:32 | p | -| test.cpp:66:32:66:32 | p | test.cpp:67:5:67:6 | * ... | -| test.cpp:66:32:66:32 | p | test.cpp:67:6:67:6 | p | +| test.cpp:35:10:35:12 | buf | test.cpp:35:5:35:22 | access to array | +| test.cpp:36:10:36:12 | buf | test.cpp:36:5:36:24 | access to array | +| test.cpp:43:14:43:16 | buf | test.cpp:43:9:43:19 | access to array | +| test.cpp:49:10:49:12 | buf | test.cpp:49:5:49:22 | access to array | +| test.cpp:50:10:50:12 | buf | test.cpp:50:5:50:24 | access to array | +| test.cpp:57:14:57:16 | buf | test.cpp:57:9:57:19 | access to array | +| test.cpp:61:14:61:16 | buf | test.cpp:61:9:61:19 | access to array | +| test.cpp:70:33:70:33 | p | test.cpp:72:5:72:15 | access to array | | test.cpp:77:26:77:44 | & ... | test.cpp:66:32:66:32 | p | -| test.cpp:77:26:77:44 | & ... | test.cpp:66:32:66:32 | p | -| test.cpp:77:27:77:44 | access to array | test.cpp:77:26:77:44 | & ... | +| test.cpp:77:32:77:34 | buf | test.cpp:77:26:77:44 | & ... | +| test.cpp:79:27:79:34 | buf | test.cpp:70:33:70:33 | p | +| test.cpp:79:32:79:34 | buf | test.cpp:79:27:79:34 | buf | nodes | test.cpp:35:5:35:22 | access to array | semmle.label | access to array | +| test.cpp:35:10:35:12 | buf | semmle.label | buf | | test.cpp:36:5:36:24 | access to array | semmle.label | access to array | +| test.cpp:36:10:36:12 | buf | semmle.label | buf | | test.cpp:43:9:43:19 | access to array | semmle.label | access to array | +| test.cpp:43:14:43:16 | buf | semmle.label | buf | | test.cpp:49:5:49:22 | access to array | semmle.label | access to array | +| test.cpp:49:10:49:12 | buf | semmle.label | buf | | test.cpp:50:5:50:24 | access to array | semmle.label | access to array | +| test.cpp:50:10:50:12 | buf | semmle.label | buf | | test.cpp:57:9:57:19 | access to array | semmle.label | access to array | +| test.cpp:57:14:57:16 | buf | semmle.label | buf | | test.cpp:61:9:61:19 | access to array | semmle.label | access to array | +| test.cpp:61:14:61:16 | buf | semmle.label | buf | | test.cpp:66:32:66:32 | p | semmle.label | p | -| test.cpp:66:32:66:32 | p | semmle.label | p | -| test.cpp:66:32:66:32 | p | semmle.label | p | -| test.cpp:67:5:67:6 | * ... | semmle.label | * ... | -| test.cpp:67:6:67:6 | p | semmle.label | p | +| test.cpp:70:33:70:33 | p | semmle.label | p | | test.cpp:72:5:72:15 | access to array | semmle.label | access to array | | test.cpp:77:26:77:44 | & ... | semmle.label | & ... | -| test.cpp:77:27:77:44 | access to array | semmle.label | access to array | +| test.cpp:77:32:77:34 | buf | semmle.label | buf | +| test.cpp:79:27:79:34 | buf | semmle.label | buf | +| test.cpp:79:32:79:34 | buf | semmle.label | buf | subpaths #select -| test.cpp:35:5:35:22 | access to array | test.cpp:35:5:35:22 | access to array | test.cpp:35:5:35:22 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:35:5:35:26 | Store: ... = ... | write | -| test.cpp:36:5:36:24 | access to array | test.cpp:36:5:36:24 | access to array | test.cpp:36:5:36:24 | access to array | This pointer arithmetic may have an off-by-2 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:36:5:36:28 | Store: ... = ... | write | -| test.cpp:43:9:43:19 | access to array | test.cpp:43:9:43:19 | access to array | test.cpp:43:9:43:19 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:43:9:43:23 | Store: ... = ... | write | -| test.cpp:49:5:49:22 | access to array | test.cpp:49:5:49:22 | access to array | test.cpp:49:5:49:22 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:19:9:19:11 | buf | buf | test.cpp:49:5:49:26 | Store: ... = ... | write | -| test.cpp:50:5:50:24 | access to array | test.cpp:50:5:50:24 | access to array | test.cpp:50:5:50:24 | access to array | This pointer arithmetic may have an off-by-2 error allowing it to overrun $@ at this $@. | test.cpp:19:9:19:11 | buf | buf | test.cpp:50:5:50:28 | Store: ... = ... | write | -| test.cpp:57:9:57:19 | access to array | test.cpp:57:9:57:19 | access to array | test.cpp:57:9:57:19 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:19:9:19:11 | buf | buf | test.cpp:57:9:57:23 | Store: ... = ... | write | -| test.cpp:61:9:61:19 | access to array | test.cpp:61:9:61:19 | access to array | test.cpp:61:9:61:19 | access to array | This pointer arithmetic may have an off-by-2 error allowing it to overrun $@ at this $@. | test.cpp:19:9:19:11 | buf | buf | test.cpp:61:9:61:23 | Store: ... = ... | write | -| test.cpp:72:5:72:15 | access to array | test.cpp:72:5:72:15 | access to array | test.cpp:72:5:72:15 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:72:5:72:19 | Store: ... = ... | write | -| test.cpp:77:27:77:44 | access to array | test.cpp:77:27:77:44 | access to array | test.cpp:66:32:66:32 | p | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:67:5:67:10 | Store: ... = ... | write | -| test.cpp:77:27:77:44 | access to array | test.cpp:77:27:77:44 | access to array | test.cpp:66:32:66:32 | p | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:67:5:67:10 | Store: ... = ... | write | -| test.cpp:77:27:77:44 | access to array | test.cpp:77:27:77:44 | access to array | test.cpp:67:5:67:6 | * ... | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:67:5:67:10 | Store: ... = ... | write | -| test.cpp:77:27:77:44 | access to array | test.cpp:77:27:77:44 | access to array | test.cpp:67:6:67:6 | p | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:67:5:67:10 | Store: ... = ... | write | +| test.cpp:35:5:35:22 | PointerAdd: access to array | test.cpp:35:10:35:12 | buf | test.cpp:35:5:35:22 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:35:5:35:26 | Store: ... = ... | write | +| test.cpp:36:5:36:24 | PointerAdd: access to array | test.cpp:36:10:36:12 | buf | test.cpp:36:5:36:24 | access to array | This pointer arithmetic may have an off-by-2 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:36:5:36:28 | Store: ... = ... | write | +| test.cpp:43:9:43:19 | PointerAdd: access to array | test.cpp:43:14:43:16 | buf | test.cpp:43:9:43:19 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:43:9:43:23 | Store: ... = ... | write | +| test.cpp:49:5:49:22 | PointerAdd: access to array | test.cpp:49:10:49:12 | buf | test.cpp:49:5:49:22 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:19:9:19:11 | buf | buf | test.cpp:49:5:49:26 | Store: ... = ... | write | +| test.cpp:50:5:50:24 | PointerAdd: access to array | test.cpp:50:10:50:12 | buf | test.cpp:50:5:50:24 | access to array | This pointer arithmetic may have an off-by-2 error allowing it to overrun $@ at this $@. | test.cpp:19:9:19:11 | buf | buf | test.cpp:50:5:50:28 | Store: ... = ... | write | +| test.cpp:57:9:57:19 | PointerAdd: access to array | test.cpp:57:14:57:16 | buf | test.cpp:57:9:57:19 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:19:9:19:11 | buf | buf | test.cpp:57:9:57:23 | Store: ... = ... | write | +| test.cpp:61:9:61:19 | PointerAdd: access to array | test.cpp:61:14:61:16 | buf | test.cpp:61:9:61:19 | access to array | This pointer arithmetic may have an off-by-2 error allowing it to overrun $@ at this $@. | test.cpp:19:9:19:11 | buf | buf | test.cpp:61:9:61:23 | Store: ... = ... | write | +| test.cpp:72:5:72:15 | PointerAdd: access to array | test.cpp:79:32:79:34 | buf | test.cpp:72:5:72:15 | access to array | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:72:5:72:19 | Store: ... = ... | write | +| test.cpp:77:27:77:44 | PointerAdd: access to array | test.cpp:77:32:77:34 | buf | test.cpp:66:32:66:32 | p | This pointer arithmetic may have an off-by-1 error allowing it to overrun $@ at this $@. | test.cpp:15:9:15:11 | buf | buf | test.cpp:67:5:67:10 | Store: ... = ... | write | diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/test.cpp b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/test.cpp index df4cd7b4491..a33f43bfa49 100644 --- a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/test.cpp +++ b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/constant-size/test.cpp @@ -78,3 +78,45 @@ void testInterproc(BigArray *arr) { addToPointerAndAssign(arr->buf); } + +#define MAX_SIZE_BYTES 4096 + +void testCharIndex(BigArray *arr) { + char *charBuf = (char*) arr->buf; + + charBuf[MAX_SIZE_BYTES - 1] = 0; // GOOD + charBuf[MAX_SIZE_BYTES] = 0; // BAD [FALSE NEGATIVE] +} + +void testEqRefinement() { + int arr[MAX_SIZE]; + + for(int i = 0; i <= MAX_SIZE; i++) { + if(i != MAX_SIZE) { + arr[i] = 0; // GOOD + } + } +} + +void testEqRefinement2() { + int arr[MAX_SIZE]; + + int n = 0; + + for(int i = 0; i <= MAX_SIZE; i++) { + if(n == 0) { + if(i == MAX_SIZE) { + break; + } + n = arr[i]; // GOOD + continue; + } + + if (i == MAX_SIZE || n != arr[i]) { + if (i == MAX_SIZE) { + break; + } + n = arr[i]; // GOOD + } + } +} diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/InvalidPointerDeref.expected b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/InvalidPointerDeref.expected index 338def9dfe0..1bff2ec77f7 100644 --- a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/InvalidPointerDeref.expected +++ b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/InvalidPointerDeref.expected @@ -594,8 +594,6 @@ edges | test.cpp:261:14:261:15 | xs | test.cpp:262:26:262:28 | end | | test.cpp:261:14:261:15 | xs | test.cpp:262:26:262:28 | end | | test.cpp:261:14:261:15 | xs | test.cpp:262:31:262:31 | x | -| test.cpp:261:14:261:15 | xs | test.cpp:262:31:262:33 | ... ++ | -| test.cpp:261:14:261:15 | xs | test.cpp:262:31:262:33 | ... ++ | | test.cpp:261:14:261:15 | xs | test.cpp:264:14:264:14 | x | | test.cpp:261:14:261:15 | xs | test.cpp:264:14:264:14 | x | | test.cpp:261:14:261:21 | ... + ... | test.cpp:261:14:261:21 | ... + ... | @@ -608,20 +606,11 @@ edges | test.cpp:261:14:261:21 | ... + ... | test.cpp:264:13:264:14 | Load: * ... | | test.cpp:261:14:261:21 | ... + ... | test.cpp:264:13:264:14 | Load: * ... | | test.cpp:261:14:261:21 | ... + ... | test.cpp:264:13:264:14 | Load: * ... | -| test.cpp:262:21:262:21 | x | test.cpp:264:13:264:14 | Load: * ... | | test.cpp:262:26:262:28 | end | test.cpp:262:26:262:28 | end | | test.cpp:262:26:262:28 | end | test.cpp:262:26:262:28 | end | | test.cpp:262:26:262:28 | end | test.cpp:264:13:264:14 | Load: * ... | | test.cpp:262:26:262:28 | end | test.cpp:264:13:264:14 | Load: * ... | | test.cpp:262:31:262:31 | x | test.cpp:264:13:264:14 | Load: * ... | -| test.cpp:262:31:262:33 | ... ++ | test.cpp:262:21:262:21 | x | -| test.cpp:262:31:262:33 | ... ++ | test.cpp:262:21:262:21 | x | -| test.cpp:262:31:262:33 | ... ++ | test.cpp:262:31:262:31 | x | -| test.cpp:262:31:262:33 | ... ++ | test.cpp:262:31:262:31 | x | -| test.cpp:262:31:262:33 | ... ++ | test.cpp:264:14:264:14 | x | -| test.cpp:262:31:262:33 | ... ++ | test.cpp:264:14:264:14 | x | -| test.cpp:262:31:262:33 | ... ++ | test.cpp:264:14:264:14 | x | -| test.cpp:262:31:262:33 | ... ++ | test.cpp:264:14:264:14 | x | | test.cpp:264:14:264:14 | x | test.cpp:262:31:262:31 | x | | test.cpp:264:14:264:14 | x | test.cpp:264:13:264:14 | Load: * ... | | test.cpp:264:14:264:14 | x | test.cpp:264:13:264:14 | Load: * ... | @@ -634,8 +623,6 @@ edges | test.cpp:271:14:271:15 | xs | test.cpp:272:26:272:28 | end | | test.cpp:271:14:271:15 | xs | test.cpp:272:26:272:28 | end | | test.cpp:271:14:271:15 | xs | test.cpp:272:31:272:31 | x | -| test.cpp:271:14:271:15 | xs | test.cpp:272:31:272:33 | ... ++ | -| test.cpp:271:14:271:15 | xs | test.cpp:272:31:272:33 | ... ++ | | test.cpp:271:14:271:15 | xs | test.cpp:274:5:274:6 | * ... | | test.cpp:271:14:271:15 | xs | test.cpp:274:6:274:6 | x | | test.cpp:271:14:271:15 | xs | test.cpp:274:6:274:6 | x | @@ -649,66 +636,475 @@ edges | test.cpp:271:14:271:21 | ... + ... | test.cpp:274:5:274:10 | Store: ... = ... | | test.cpp:271:14:271:21 | ... + ... | test.cpp:274:5:274:10 | Store: ... = ... | | test.cpp:271:14:271:21 | ... + ... | test.cpp:274:5:274:10 | Store: ... = ... | -| test.cpp:272:21:272:21 | x | test.cpp:274:5:274:10 | Store: ... = ... | | test.cpp:272:26:272:28 | end | test.cpp:272:26:272:28 | end | | test.cpp:272:26:272:28 | end | test.cpp:272:26:272:28 | end | | test.cpp:272:26:272:28 | end | test.cpp:274:5:274:10 | Store: ... = ... | | test.cpp:272:26:272:28 | end | test.cpp:274:5:274:10 | Store: ... = ... | | test.cpp:272:31:272:31 | x | test.cpp:274:5:274:10 | Store: ... = ... | -| test.cpp:272:31:272:33 | ... ++ | test.cpp:272:21:272:21 | x | -| test.cpp:272:31:272:33 | ... ++ | test.cpp:272:21:272:21 | x | -| test.cpp:272:31:272:33 | ... ++ | test.cpp:272:31:272:31 | x | -| test.cpp:272:31:272:33 | ... ++ | test.cpp:272:31:272:31 | x | -| test.cpp:272:31:272:33 | ... ++ | test.cpp:274:5:274:6 | * ... | -| test.cpp:272:31:272:33 | ... ++ | test.cpp:274:5:274:6 | * ... | -| test.cpp:272:31:272:33 | ... ++ | test.cpp:274:6:274:6 | x | -| test.cpp:272:31:272:33 | ... ++ | test.cpp:274:6:274:6 | x | -| test.cpp:272:31:272:33 | ... ++ | test.cpp:274:6:274:6 | x | -| test.cpp:272:31:272:33 | ... ++ | test.cpp:274:6:274:6 | x | | test.cpp:274:5:274:6 | * ... | test.cpp:274:5:274:10 | Store: ... = ... | | test.cpp:274:6:274:6 | x | test.cpp:272:31:272:31 | x | | test.cpp:274:6:274:6 | x | test.cpp:274:5:274:6 | * ... | | test.cpp:274:6:274:6 | x | test.cpp:274:5:274:10 | Store: ... = ... | | test.cpp:274:6:274:6 | x | test.cpp:274:5:274:10 | Store: ... = ... | | test.cpp:280:13:280:24 | new[] | test.cpp:281:14:281:15 | xs | -| test.cpp:281:14:281:15 | xs | test.cpp:282:30:282:32 | ... ++ | -| test.cpp:281:14:281:15 | xs | test.cpp:282:30:282:32 | ... ++ | -| test.cpp:282:21:282:21 | x | test.cpp:284:13:284:14 | Load: * ... | -| test.cpp:282:30:282:30 | x | test.cpp:284:13:284:14 | Load: * ... | -| test.cpp:282:30:282:32 | ... ++ | test.cpp:282:21:282:21 | x | -| test.cpp:282:30:282:32 | ... ++ | test.cpp:282:21:282:21 | x | -| test.cpp:282:30:282:32 | ... ++ | test.cpp:282:30:282:30 | x | -| test.cpp:282:30:282:32 | ... ++ | test.cpp:282:30:282:30 | x | -| test.cpp:282:30:282:32 | ... ++ | test.cpp:284:14:284:14 | x | -| test.cpp:282:30:282:32 | ... ++ | test.cpp:284:14:284:14 | x | -| test.cpp:284:14:284:14 | x | test.cpp:284:13:284:14 | Load: * ... | | test.cpp:290:13:290:24 | new[] | test.cpp:291:14:291:15 | xs | | test.cpp:290:13:290:24 | new[] | test.cpp:292:30:292:30 | x | -| test.cpp:291:14:291:15 | xs | test.cpp:292:30:292:32 | ... ++ | -| test.cpp:291:14:291:15 | xs | test.cpp:292:30:292:32 | ... ++ | -| test.cpp:292:21:292:21 | x | test.cpp:294:5:294:10 | Store: ... = ... | -| test.cpp:292:30:292:30 | x | test.cpp:294:5:294:10 | Store: ... = ... | -| test.cpp:292:30:292:32 | ... ++ | test.cpp:292:21:292:21 | x | -| test.cpp:292:30:292:32 | ... ++ | test.cpp:292:21:292:21 | x | -| test.cpp:292:30:292:32 | ... ++ | test.cpp:292:30:292:30 | x | -| test.cpp:292:30:292:32 | ... ++ | test.cpp:292:30:292:30 | x | -| test.cpp:292:30:292:32 | ... ++ | test.cpp:294:5:294:6 | * ... | -| test.cpp:292:30:292:32 | ... ++ | test.cpp:294:5:294:6 | * ... | -| test.cpp:292:30:292:32 | ... ++ | test.cpp:294:6:294:6 | x | -| test.cpp:292:30:292:32 | ... ++ | test.cpp:294:6:294:6 | x | -| test.cpp:294:5:294:6 | * ... | test.cpp:294:5:294:10 | Store: ... = ... | -| test.cpp:294:6:294:6 | x | test.cpp:294:5:294:10 | Store: ... = ... | +| test.cpp:304:15:304:26 | new[] | test.cpp:307:5:307:6 | xs | +| test.cpp:304:15:304:26 | new[] | test.cpp:308:5:308:6 | xs | +| test.cpp:308:5:308:6 | xs | test.cpp:308:5:308:11 | access to array | +| test.cpp:308:5:308:11 | access to array | test.cpp:308:5:308:29 | Store: ... = ... | +| test.cpp:313:14:313:27 | new[] | test.cpp:314:15:314:16 | xs | +| test.cpp:325:14:325:27 | new[] | test.cpp:326:15:326:16 | xs | +| test.cpp:326:15:326:16 | xs | test.cpp:326:15:326:23 | ... + ... | +| test.cpp:326:15:326:16 | xs | test.cpp:326:15:326:23 | ... + ... | +| test.cpp:326:15:326:16 | xs | test.cpp:338:8:338:15 | * ... | +| test.cpp:326:15:326:16 | xs | test.cpp:341:8:341:17 | * ... | +| test.cpp:326:15:326:23 | ... + ... | test.cpp:342:8:342:17 | * ... | +| test.cpp:326:15:326:23 | ... + ... | test.cpp:342:8:342:17 | * ... | +| test.cpp:338:8:338:15 | * ... | test.cpp:342:8:342:17 | * ... | +| test.cpp:341:8:341:17 | * ... | test.cpp:342:8:342:17 | * ... | +| test.cpp:347:14:347:27 | new[] | test.cpp:348:15:348:16 | xs | +| test.cpp:348:15:348:16 | xs | test.cpp:350:16:350:19 | ... ++ | +| test.cpp:348:15:348:16 | xs | test.cpp:350:16:350:19 | ... ++ | +| test.cpp:350:16:350:19 | ... ++ | test.cpp:350:15:350:19 | Load: * ... | +| test.cpp:350:16:350:19 | ... ++ | test.cpp:350:16:350:19 | ... ++ | +| test.cpp:350:16:350:19 | ... ++ | test.cpp:350:16:350:19 | ... ++ | +| test.cpp:355:14:355:27 | new[] | test.cpp:356:15:356:16 | xs | +| test.cpp:356:15:356:16 | xs | test.cpp:356:15:356:23 | ... + ... | +| test.cpp:356:15:356:16 | xs | test.cpp:356:15:356:23 | ... + ... | +| test.cpp:356:15:356:16 | xs | test.cpp:356:15:356:23 | ... + ... | +| test.cpp:356:15:356:16 | xs | test.cpp:356:15:356:23 | ... + ... | +| test.cpp:356:15:356:16 | xs | test.cpp:357:24:357:26 | end | +| test.cpp:356:15:356:16 | xs | test.cpp:357:24:357:30 | ... + ... | +| test.cpp:356:15:356:16 | xs | test.cpp:357:24:357:30 | ... + ... | +| test.cpp:356:15:356:16 | xs | test.cpp:357:24:357:30 | ... + ... | +| test.cpp:356:15:356:16 | xs | test.cpp:357:24:357:30 | ... + ... | +| test.cpp:356:15:356:16 | xs | test.cpp:358:15:358:26 | end_plus_one | +| test.cpp:356:15:356:16 | xs | test.cpp:358:15:358:26 | end_plus_one | +| test.cpp:356:15:356:16 | xs | test.cpp:359:16:359:27 | end_plus_one | +| test.cpp:356:15:356:16 | xs | test.cpp:359:16:359:31 | ... + ... | +| test.cpp:356:15:356:23 | ... + ... | test.cpp:356:15:356:23 | ... + ... | +| test.cpp:356:15:356:23 | ... + ... | test.cpp:356:15:356:23 | ... + ... | +| test.cpp:356:15:356:23 | ... + ... | test.cpp:357:24:357:26 | end | +| test.cpp:356:15:356:23 | ... + ... | test.cpp:357:24:357:26 | end | +| test.cpp:356:15:356:23 | ... + ... | test.cpp:358:14:358:26 | Load: * ... | +| test.cpp:356:15:356:23 | ... + ... | test.cpp:358:14:358:26 | Load: * ... | +| test.cpp:356:15:356:23 | ... + ... | test.cpp:358:14:358:26 | Load: * ... | +| test.cpp:356:15:356:23 | ... + ... | test.cpp:358:14:358:26 | Load: * ... | +| test.cpp:356:15:356:23 | ... + ... | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:356:15:356:23 | ... + ... | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:356:15:356:23 | ... + ... | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:356:15:356:23 | ... + ... | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:357:24:357:26 | end | test.cpp:358:14:358:26 | Load: * ... | +| test.cpp:357:24:357:26 | end | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:357:24:357:30 | ... + ... | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:357:24:357:30 | ... + ... | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:358:14:358:26 | Load: * ... | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:358:14:358:26 | Load: * ... | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:358:14:358:26 | Load: * ... | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:358:14:358:26 | Load: * ... | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:358:15:358:26 | end_plus_one | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:358:15:358:26 | end_plus_one | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:358:15:358:26 | end_plus_one | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:358:15:358:26 | end_plus_one | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:359:16:359:27 | end_plus_one | +| test.cpp:357:24:357:30 | ... + ... | test.cpp:359:16:359:27 | end_plus_one | +| test.cpp:358:15:358:26 | end_plus_one | test.cpp:358:14:358:26 | Load: * ... | +| test.cpp:358:15:358:26 | end_plus_one | test.cpp:358:14:358:26 | Load: * ... | +| test.cpp:358:15:358:26 | end_plus_one | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:358:15:358:26 | end_plus_one | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:358:15:358:26 | end_plus_one | test.cpp:359:16:359:27 | end_plus_one | +| test.cpp:359:16:359:27 | end_plus_one | test.cpp:358:14:358:26 | Load: * ... | +| test.cpp:359:16:359:27 | end_plus_one | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:359:16:359:31 | ... + ... | test.cpp:359:14:359:32 | Load: * ... | +| test.cpp:363:14:363:27 | new[] | test.cpp:365:15:365:15 | p | +| test.cpp:365:15:365:15 | p | test.cpp:368:5:368:10 | ... += ... | +| test.cpp:365:15:365:15 | p | test.cpp:368:5:368:10 | ... += ... | +| test.cpp:368:5:368:10 | ... += ... | test.cpp:371:7:371:7 | p | +| test.cpp:368:5:368:10 | ... += ... | test.cpp:371:7:371:7 | p | +| test.cpp:368:5:368:10 | ... += ... | test.cpp:372:16:372:16 | p | +| test.cpp:368:5:368:10 | ... += ... | test.cpp:372:16:372:16 | p | +| test.cpp:371:7:371:7 | p | test.cpp:372:15:372:16 | Load: * ... | +| test.cpp:372:16:372:16 | p | test.cpp:372:15:372:16 | Load: * ... | +| test.cpp:377:14:377:27 | new[] | test.cpp:378:15:378:16 | xs | +| test.cpp:378:15:378:16 | xs | test.cpp:378:15:378:23 | ... + ... | +| test.cpp:378:15:378:16 | xs | test.cpp:378:15:378:23 | ... + ... | +| test.cpp:378:15:378:16 | xs | test.cpp:378:15:378:23 | ... + ... | +| test.cpp:378:15:378:16 | xs | test.cpp:378:15:378:23 | ... + ... | +| test.cpp:378:15:378:16 | xs | test.cpp:381:5:381:7 | end | +| test.cpp:378:15:378:16 | xs | test.cpp:381:5:381:9 | ... ++ | +| test.cpp:378:15:378:16 | xs | test.cpp:381:5:381:9 | ... ++ | +| test.cpp:378:15:378:16 | xs | test.cpp:384:14:384:16 | end | +| test.cpp:378:15:378:23 | ... + ... | test.cpp:378:15:378:23 | ... + ... | +| test.cpp:378:15:378:23 | ... + ... | test.cpp:378:15:378:23 | ... + ... | +| test.cpp:378:15:378:23 | ... + ... | test.cpp:381:5:381:7 | end | +| test.cpp:378:15:378:23 | ... + ... | test.cpp:381:5:381:7 | end | +| test.cpp:378:15:378:23 | ... + ... | test.cpp:384:13:384:16 | Load: * ... | +| test.cpp:378:15:378:23 | ... + ... | test.cpp:384:13:384:16 | Load: * ... | +| test.cpp:378:15:378:23 | ... + ... | test.cpp:384:13:384:16 | Load: * ... | +| test.cpp:378:15:378:23 | ... + ... | test.cpp:384:13:384:16 | Load: * ... | +| test.cpp:378:15:378:23 | ... + ... | test.cpp:384:14:384:16 | end | +| test.cpp:378:15:378:23 | ... + ... | test.cpp:384:14:384:16 | end | +| test.cpp:381:5:381:7 | end | test.cpp:384:13:384:16 | Load: * ... | +| test.cpp:381:5:381:9 | ... ++ | test.cpp:384:14:384:16 | end | +| test.cpp:381:5:381:9 | ... ++ | test.cpp:384:14:384:16 | end | +| test.cpp:384:14:384:16 | end | test.cpp:384:13:384:16 | Load: * ... | +nodes +| test.cpp:4:15:4:20 | call to malloc | semmle.label | call to malloc | +| test.cpp:5:15:5:15 | p | semmle.label | p | +| test.cpp:5:15:5:22 | ... + ... | semmle.label | ... + ... | +| test.cpp:5:15:5:22 | ... + ... | semmle.label | ... + ... | +| test.cpp:5:15:5:22 | ... + ... | semmle.label | ... + ... | +| test.cpp:5:15:5:22 | ... + ... | semmle.label | ... + ... | +| test.cpp:6:14:6:15 | Load: * ... | semmle.label | Load: * ... | +| test.cpp:6:15:6:15 | q | semmle.label | q | +| test.cpp:6:15:6:15 | q | semmle.label | q | +| test.cpp:7:16:7:16 | q | semmle.label | q | +| test.cpp:7:16:7:16 | q | semmle.label | q | +| test.cpp:8:14:8:21 | Load: * ... | semmle.label | Load: * ... | +| test.cpp:8:16:8:16 | q | semmle.label | q | +| test.cpp:8:16:8:16 | q | semmle.label | q | +| test.cpp:8:16:8:20 | ... + ... | semmle.label | ... + ... | +| test.cpp:9:16:9:16 | q | semmle.label | q | +| test.cpp:9:16:9:16 | q | semmle.label | q | +| test.cpp:10:16:10:16 | q | semmle.label | q | +| test.cpp:10:16:10:16 | q | semmle.label | q | +| test.cpp:11:16:11:16 | q | semmle.label | q | +| test.cpp:11:16:11:16 | q | semmle.label | q | +| test.cpp:12:16:12:16 | q | semmle.label | q | +| test.cpp:16:15:16:20 | call to malloc | semmle.label | call to malloc | +| test.cpp:17:15:17:15 | p | semmle.label | p | +| test.cpp:17:15:17:22 | ... + ... | semmle.label | ... + ... | +| test.cpp:20:14:20:21 | Load: * ... | semmle.label | Load: * ... | +| test.cpp:20:16:20:20 | ... + ... | semmle.label | ... + ... | +| test.cpp:28:15:28:20 | call to malloc | semmle.label | call to malloc | +| test.cpp:29:15:29:15 | p | semmle.label | p | +| test.cpp:29:15:29:28 | ... + ... | semmle.label | ... + ... | +| test.cpp:29:15:29:28 | ... + ... | semmle.label | ... + ... | +| test.cpp:29:15:29:28 | ... + ... | semmle.label | ... + ... | +| test.cpp:29:15:29:28 | ... + ... | semmle.label | ... + ... | +| test.cpp:30:14:30:15 | Load: * ... | semmle.label | Load: * ... | +| test.cpp:30:15:30:15 | q | semmle.label | q | +| test.cpp:30:15:30:15 | q | semmle.label | q | +| test.cpp:31:16:31:16 | q | semmle.label | q | +| test.cpp:31:16:31:16 | q | semmle.label | q | +| test.cpp:32:14:32:21 | Load: * ... | semmle.label | Load: * ... | +| test.cpp:32:16:32:16 | q | semmle.label | q | +| test.cpp:32:16:32:16 | q | semmle.label | q | +| test.cpp:32:16:32:20 | ... + ... | semmle.label | ... + ... | +| test.cpp:33:16:33:16 | q | semmle.label | q | +| test.cpp:33:16:33:16 | q | semmle.label | q | +| test.cpp:34:16:34:16 | q | semmle.label | q | +| test.cpp:34:16:34:16 | q | semmle.label | q | +| test.cpp:35:16:35:16 | q | semmle.label | q | +| test.cpp:35:16:35:16 | q | semmle.label | q | +| test.cpp:36:16:36:16 | q | semmle.label | q | +| test.cpp:40:15:40:20 | call to malloc | semmle.label | call to malloc | +| test.cpp:41:15:41:15 | p | semmle.label | p | +| test.cpp:41:15:41:28 | ... + ... | semmle.label | ... + ... | +| test.cpp:41:15:41:28 | ... + ... | semmle.label | ... + ... | +| test.cpp:41:15:41:28 | ... + ... | semmle.label | ... + ... | +| test.cpp:41:15:41:28 | ... + ... | semmle.label | ... + ... | +| test.cpp:42:14:42:15 | Load: * ... | semmle.label | Load: * ... | +| test.cpp:42:15:42:15 | q | semmle.label | q | +| test.cpp:42:15:42:15 | q | semmle.label | q | +| test.cpp:43:16:43:16 | q | semmle.label | q | +| test.cpp:43:16:43:16 | q | semmle.label | q | +| test.cpp:44:14:44:21 | Load: * ... | semmle.label | Load: * ... | +| test.cpp:44:16:44:16 | q | semmle.label | q | +| test.cpp:44:16:44:16 | q | semmle.label | q | +| test.cpp:44:16:44:20 | ... + ... | semmle.label | ... + ... | +| test.cpp:45:16:45:16 | q | semmle.label | q | +| test.cpp:45:16:45:16 | q | semmle.label | q | +| test.cpp:46:16:46:16 | q | semmle.label | q | +| test.cpp:46:16:46:16 | q | semmle.label | q | +| test.cpp:47:16:47:16 | q | semmle.label | q | +| test.cpp:47:16:47:16 | q | semmle.label | q | +| test.cpp:48:16:48:16 | q | semmle.label | q | +| test.cpp:51:7:51:14 | mk_array indirection | semmle.label | mk_array indirection | +| test.cpp:51:33:51:35 | end | semmle.label | end | +| test.cpp:52:19:52:24 | call to malloc | semmle.label | call to malloc | +| test.cpp:53:5:53:23 | ... = ... | semmle.label | ... = ... | +| test.cpp:53:12:53:16 | begin | semmle.label | begin | +| test.cpp:53:12:53:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:60:19:60:26 | call to mk_array | semmle.label | call to mk_array | +| test.cpp:60:34:60:37 | mk_array output argument | semmle.label | mk_array output argument | +| test.cpp:62:32:62:34 | end | semmle.label | end | +| test.cpp:62:39:62:39 | p | semmle.label | p | +| test.cpp:66:32:66:34 | end | semmle.label | end | +| test.cpp:66:39:66:39 | p | semmle.label | p | +| test.cpp:67:9:67:14 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:70:31:70:33 | end | semmle.label | end | +| test.cpp:70:38:70:38 | p | semmle.label | p | +| test.cpp:80:9:80:16 | mk_array indirection [begin] | semmle.label | mk_array indirection [begin] | +| test.cpp:80:9:80:16 | mk_array indirection [end] | semmle.label | mk_array indirection [end] | +| test.cpp:82:5:82:28 | ... = ... | semmle.label | ... = ... | +| test.cpp:82:9:82:13 | arr indirection [post update] [begin] | semmle.label | arr indirection [post update] [begin] | +| test.cpp:82:17:82:22 | call to malloc | semmle.label | call to malloc | +| test.cpp:83:5:83:30 | ... = ... | semmle.label | ... = ... | +| test.cpp:83:9:83:11 | arr indirection [post update] [end] | semmle.label | arr indirection [post update] [end] | +| test.cpp:83:15:83:17 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:83:15:83:30 | ... + ... | semmle.label | ... + ... | +| test.cpp:83:19:83:23 | begin | semmle.label | begin | +| test.cpp:83:19:83:23 | begin indirection | semmle.label | begin indirection | +| test.cpp:89:19:89:26 | call to mk_array [begin] | semmle.label | call to mk_array [begin] | +| test.cpp:89:19:89:26 | call to mk_array [end] | semmle.label | call to mk_array [end] | +| test.cpp:91:20:91:22 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:91:24:91:28 | begin | semmle.label | begin | +| test.cpp:91:24:91:28 | begin indirection | semmle.label | begin indirection | +| test.cpp:91:36:91:38 | arr indirection [end] | semmle.label | arr indirection [end] | +| test.cpp:91:40:91:42 | end | semmle.label | end | +| test.cpp:91:40:91:42 | end indirection | semmle.label | end indirection | +| test.cpp:91:47:91:47 | p | semmle.label | p | +| test.cpp:95:20:95:22 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:95:24:95:28 | begin | semmle.label | begin | +| test.cpp:95:24:95:28 | begin indirection | semmle.label | begin indirection | +| test.cpp:95:36:95:38 | arr indirection [end] | semmle.label | arr indirection [end] | +| test.cpp:95:40:95:42 | end | semmle.label | end | +| test.cpp:95:40:95:42 | end indirection | semmle.label | end indirection | +| test.cpp:95:47:95:47 | p | semmle.label | p | +| test.cpp:96:9:96:14 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:99:20:99:22 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:99:24:99:28 | begin | semmle.label | begin | +| test.cpp:99:24:99:28 | begin indirection | semmle.label | begin indirection | +| test.cpp:99:35:99:37 | arr indirection [end] | semmle.label | arr indirection [end] | +| test.cpp:99:39:99:41 | end | semmle.label | end | +| test.cpp:99:39:99:41 | end indirection | semmle.label | end indirection | +| test.cpp:99:46:99:46 | p | semmle.label | p | +| test.cpp:104:27:104:29 | arr [begin] | semmle.label | arr [begin] | +| test.cpp:104:27:104:29 | arr [end] | semmle.label | arr [end] | +| test.cpp:105:20:105:22 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:105:24:105:28 | begin | semmle.label | begin | +| test.cpp:105:24:105:28 | begin indirection | semmle.label | begin indirection | +| test.cpp:105:36:105:38 | arr indirection [end] | semmle.label | arr indirection [end] | +| test.cpp:105:40:105:42 | end | semmle.label | end | +| test.cpp:105:40:105:42 | end indirection | semmle.label | end indirection | +| test.cpp:105:47:105:47 | p | semmle.label | p | +| test.cpp:109:20:109:22 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:109:24:109:28 | begin | semmle.label | begin | +| test.cpp:109:24:109:28 | begin indirection | semmle.label | begin indirection | +| test.cpp:109:36:109:38 | arr indirection [end] | semmle.label | arr indirection [end] | +| test.cpp:109:40:109:42 | end | semmle.label | end | +| test.cpp:109:40:109:42 | end indirection | semmle.label | end indirection | +| test.cpp:109:47:109:47 | p | semmle.label | p | +| test.cpp:110:9:110:14 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:113:20:113:22 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:113:24:113:28 | begin | semmle.label | begin | +| test.cpp:113:24:113:28 | begin indirection | semmle.label | begin indirection | +| test.cpp:113:35:113:37 | arr indirection [end] | semmle.label | arr indirection [end] | +| test.cpp:113:39:113:41 | end | semmle.label | end | +| test.cpp:113:39:113:41 | end indirection | semmle.label | end indirection | +| test.cpp:113:46:113:46 | p | semmle.label | p | +| test.cpp:119:18:119:25 | call to mk_array [begin] | semmle.label | call to mk_array [begin] | +| test.cpp:119:18:119:25 | call to mk_array [end] | semmle.label | call to mk_array [end] | +| test.cpp:124:15:124:20 | call to malloc | semmle.label | call to malloc | +| test.cpp:125:5:125:17 | ... = ... | semmle.label | ... = ... | +| test.cpp:125:9:125:13 | arr indirection [post update] [begin] | semmle.label | arr indirection [post update] [begin] | +| test.cpp:126:15:126:15 | p | semmle.label | p | +| test.cpp:129:11:129:13 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:129:15:129:19 | begin | semmle.label | begin | +| test.cpp:129:15:129:19 | begin indirection | semmle.label | begin indirection | +| test.cpp:133:11:133:13 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:133:15:133:19 | begin | semmle.label | begin | +| test.cpp:133:15:133:19 | begin indirection | semmle.label | begin indirection | +| test.cpp:137:11:137:13 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:137:15:137:19 | begin | semmle.label | begin | +| test.cpp:137:15:137:19 | begin indirection | semmle.label | begin indirection | +| test.cpp:141:10:141:19 | mk_array_p indirection [begin] | semmle.label | mk_array_p indirection [begin] | +| test.cpp:141:10:141:19 | mk_array_p indirection [end] | semmle.label | mk_array_p indirection [end] | +| test.cpp:143:5:143:29 | ... = ... | semmle.label | ... = ... | +| test.cpp:143:10:143:14 | arr indirection [post update] [begin] | semmle.label | arr indirection [post update] [begin] | +| test.cpp:143:18:143:23 | call to malloc | semmle.label | call to malloc | +| test.cpp:144:5:144:32 | ... = ... | semmle.label | ... = ... | +| test.cpp:144:10:144:12 | arr indirection [post update] [end] | semmle.label | arr indirection [post update] [end] | +| test.cpp:144:16:144:18 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:144:16:144:32 | ... + ... | semmle.label | ... + ... | +| test.cpp:144:21:144:25 | begin | semmle.label | begin | +| test.cpp:144:21:144:25 | begin indirection | semmle.label | begin indirection | +| test.cpp:150:20:150:29 | call to mk_array_p indirection [begin] | semmle.label | call to mk_array_p indirection [begin] | +| test.cpp:150:20:150:29 | call to mk_array_p indirection [end] | semmle.label | call to mk_array_p indirection [end] | +| test.cpp:152:20:152:22 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:152:25:152:29 | begin | semmle.label | begin | +| test.cpp:152:25:152:29 | begin indirection | semmle.label | begin indirection | +| test.cpp:152:49:152:49 | p | semmle.label | p | +| test.cpp:156:20:156:22 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:156:25:156:29 | begin | semmle.label | begin | +| test.cpp:156:25:156:29 | begin indirection | semmle.label | begin indirection | +| test.cpp:156:37:156:39 | arr indirection [end] | semmle.label | arr indirection [end] | +| test.cpp:156:42:156:44 | end | semmle.label | end | +| test.cpp:156:42:156:44 | end indirection | semmle.label | end indirection | +| test.cpp:156:49:156:49 | p | semmle.label | p | +| test.cpp:157:9:157:14 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:160:20:160:22 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:160:25:160:29 | begin | semmle.label | begin | +| test.cpp:160:25:160:29 | begin indirection | semmle.label | begin indirection | +| test.cpp:160:48:160:48 | p | semmle.label | p | +| test.cpp:165:29:165:31 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:165:29:165:31 | arr indirection [end] | semmle.label | arr indirection [end] | +| test.cpp:166:20:166:22 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:166:25:166:29 | begin | semmle.label | begin | +| test.cpp:166:25:166:29 | begin indirection | semmle.label | begin indirection | +| test.cpp:166:37:166:39 | arr indirection [end] | semmle.label | arr indirection [end] | +| test.cpp:166:42:166:44 | end | semmle.label | end | +| test.cpp:166:42:166:44 | end indirection | semmle.label | end indirection | +| test.cpp:166:49:166:49 | p | semmle.label | p | +| test.cpp:170:20:170:22 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:170:25:170:29 | begin | semmle.label | begin | +| test.cpp:170:25:170:29 | begin indirection | semmle.label | begin indirection | +| test.cpp:170:37:170:39 | arr indirection [end] | semmle.label | arr indirection [end] | +| test.cpp:170:42:170:44 | end | semmle.label | end | +| test.cpp:170:42:170:44 | end indirection | semmle.label | end indirection | +| test.cpp:170:49:170:49 | p | semmle.label | p | +| test.cpp:171:9:171:14 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:174:20:174:22 | arr indirection [begin] | semmle.label | arr indirection [begin] | +| test.cpp:174:25:174:29 | begin | semmle.label | begin | +| test.cpp:174:25:174:29 | begin indirection | semmle.label | begin indirection | +| test.cpp:174:36:174:38 | arr indirection [end] | semmle.label | arr indirection [end] | +| test.cpp:174:41:174:43 | end | semmle.label | end | +| test.cpp:174:41:174:43 | end indirection | semmle.label | end indirection | +| test.cpp:174:48:174:48 | p | semmle.label | p | +| test.cpp:180:19:180:28 | call to mk_array_p indirection [begin] | semmle.label | call to mk_array_p indirection [begin] | +| test.cpp:180:19:180:28 | call to mk_array_p indirection [end] | semmle.label | call to mk_array_p indirection [end] | +| test.cpp:188:15:188:20 | call to malloc | semmle.label | call to malloc | +| test.cpp:189:15:189:15 | p | semmle.label | p | +| test.cpp:194:23:194:28 | call to malloc | semmle.label | call to malloc | +| test.cpp:195:17:195:17 | p | semmle.label | p | +| test.cpp:195:17:195:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:195:17:195:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:195:17:195:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:195:17:195:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:197:8:197:8 | p | semmle.label | p | +| test.cpp:197:20:197:22 | end | semmle.label | end | +| test.cpp:201:5:201:5 | p | semmle.label | p | +| test.cpp:201:5:201:12 | access to array | semmle.label | access to array | +| test.cpp:201:5:201:19 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:205:23:205:28 | call to malloc | semmle.label | call to malloc | +| test.cpp:206:17:206:17 | p | semmle.label | p | +| test.cpp:206:17:206:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:206:17:206:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:206:17:206:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:206:17:206:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:208:15:208:15 | p | semmle.label | p | +| test.cpp:209:12:209:14 | end | semmle.label | end | +| test.cpp:213:5:213:6 | * ... | semmle.label | * ... | +| test.cpp:213:5:213:13 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:213:6:213:6 | q | semmle.label | q | +| test.cpp:213:6:213:6 | q | semmle.label | q | +| test.cpp:221:17:221:22 | call to malloc | semmle.label | call to malloc | +| test.cpp:222:5:222:5 | p | semmle.label | p | +| test.cpp:231:18:231:30 | new[] | semmle.label | new[] | +| test.cpp:232:3:232:9 | newname | semmle.label | newname | +| test.cpp:232:3:232:16 | access to array | semmle.label | access to array | +| test.cpp:232:3:232:20 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:238:20:238:32 | new[] | semmle.label | new[] | +| test.cpp:239:5:239:11 | newname | semmle.label | newname | +| test.cpp:239:5:239:18 | access to array | semmle.label | access to array | +| test.cpp:239:5:239:22 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:248:24:248:30 | call to realloc | semmle.label | call to realloc | +| test.cpp:249:9:249:9 | p | semmle.label | p | +| test.cpp:250:22:250:22 | p | semmle.label | p | +| test.cpp:254:9:254:9 | p | semmle.label | p | +| test.cpp:254:9:254:12 | access to array | semmle.label | access to array | +| test.cpp:254:9:254:16 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:260:13:260:24 | new[] | semmle.label | new[] | +| test.cpp:261:14:261:15 | xs | semmle.label | xs | +| test.cpp:261:14:261:21 | ... + ... | semmle.label | ... + ... | +| test.cpp:261:14:261:21 | ... + ... | semmle.label | ... + ... | +| test.cpp:261:14:261:21 | ... + ... | semmle.label | ... + ... | +| test.cpp:261:14:261:21 | ... + ... | semmle.label | ... + ... | +| test.cpp:262:26:262:28 | end | semmle.label | end | +| test.cpp:262:26:262:28 | end | semmle.label | end | +| test.cpp:262:31:262:31 | x | semmle.label | x | +| test.cpp:264:13:264:14 | Load: * ... | semmle.label | Load: * ... | +| test.cpp:264:14:264:14 | x | semmle.label | x | +| test.cpp:264:14:264:14 | x | semmle.label | x | +| test.cpp:270:13:270:24 | new[] | semmle.label | new[] | +| test.cpp:271:14:271:15 | xs | semmle.label | xs | +| test.cpp:271:14:271:21 | ... + ... | semmle.label | ... + ... | +| test.cpp:271:14:271:21 | ... + ... | semmle.label | ... + ... | +| test.cpp:271:14:271:21 | ... + ... | semmle.label | ... + ... | +| test.cpp:271:14:271:21 | ... + ... | semmle.label | ... + ... | +| test.cpp:272:26:272:28 | end | semmle.label | end | +| test.cpp:272:26:272:28 | end | semmle.label | end | +| test.cpp:272:31:272:31 | x | semmle.label | x | +| test.cpp:272:31:272:31 | x | semmle.label | x | +| test.cpp:274:5:274:6 | * ... | semmle.label | * ... | +| test.cpp:274:5:274:10 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:274:6:274:6 | x | semmle.label | x | +| test.cpp:274:6:274:6 | x | semmle.label | x | +| test.cpp:280:13:280:24 | new[] | semmle.label | new[] | +| test.cpp:281:14:281:15 | xs | semmle.label | xs | +| test.cpp:290:13:290:24 | new[] | semmle.label | new[] | +| test.cpp:291:14:291:15 | xs | semmle.label | xs | +| test.cpp:292:30:292:30 | x | semmle.label | x | +| test.cpp:304:15:304:26 | new[] | semmle.label | new[] | +| test.cpp:307:5:307:6 | xs | semmle.label | xs | +| test.cpp:308:5:308:6 | xs | semmle.label | xs | +| test.cpp:308:5:308:11 | access to array | semmle.label | access to array | +| test.cpp:308:5:308:29 | Store: ... = ... | semmle.label | Store: ... = ... | +| test.cpp:313:14:313:27 | new[] | semmle.label | new[] | +| test.cpp:314:15:314:16 | xs | semmle.label | xs | +| test.cpp:325:14:325:27 | new[] | semmle.label | new[] | +| test.cpp:326:15:326:16 | xs | semmle.label | xs | +| test.cpp:326:15:326:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:326:15:326:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:338:8:338:15 | * ... | semmle.label | * ... | +| test.cpp:341:8:341:17 | * ... | semmle.label | * ... | +| test.cpp:342:8:342:17 | * ... | semmle.label | * ... | +| test.cpp:347:14:347:27 | new[] | semmle.label | new[] | +| test.cpp:348:15:348:16 | xs | semmle.label | xs | +| test.cpp:350:15:350:19 | Load: * ... | semmle.label | Load: * ... | +| test.cpp:350:16:350:19 | ... ++ | semmle.label | ... ++ | +| test.cpp:350:16:350:19 | ... ++ | semmle.label | ... ++ | +| test.cpp:350:16:350:19 | ... ++ | semmle.label | ... ++ | +| test.cpp:355:14:355:27 | new[] | semmle.label | new[] | +| test.cpp:356:15:356:16 | xs | semmle.label | xs | +| test.cpp:356:15:356:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:356:15:356:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:356:15:356:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:356:15:356:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:357:24:357:26 | end | semmle.label | end | +| test.cpp:357:24:357:30 | ... + ... | semmle.label | ... + ... | +| test.cpp:357:24:357:30 | ... + ... | semmle.label | ... + ... | +| test.cpp:357:24:357:30 | ... + ... | semmle.label | ... + ... | +| test.cpp:357:24:357:30 | ... + ... | semmle.label | ... + ... | +| test.cpp:358:14:358:26 | Load: * ... | semmle.label | Load: * ... | +| test.cpp:358:15:358:26 | end_plus_one | semmle.label | end_plus_one | +| test.cpp:358:15:358:26 | end_plus_one | semmle.label | end_plus_one | +| test.cpp:359:14:359:32 | Load: * ... | semmle.label | Load: * ... | +| test.cpp:359:16:359:27 | end_plus_one | semmle.label | end_plus_one | +| test.cpp:359:16:359:31 | ... + ... | semmle.label | ... + ... | +| test.cpp:363:14:363:27 | new[] | semmle.label | new[] | +| test.cpp:365:15:365:15 | p | semmle.label | p | +| test.cpp:368:5:368:10 | ... += ... | semmle.label | ... += ... | +| test.cpp:368:5:368:10 | ... += ... | semmle.label | ... += ... | +| test.cpp:371:7:371:7 | p | semmle.label | p | +| test.cpp:372:15:372:16 | Load: * ... | semmle.label | Load: * ... | +| test.cpp:372:16:372:16 | p | semmle.label | p | +| test.cpp:377:14:377:27 | new[] | semmle.label | new[] | +| test.cpp:378:15:378:16 | xs | semmle.label | xs | +| test.cpp:378:15:378:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:378:15:378:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:378:15:378:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:378:15:378:23 | ... + ... | semmle.label | ... + ... | +| test.cpp:381:5:381:7 | end | semmle.label | end | +| test.cpp:381:5:381:9 | ... ++ | semmle.label | ... ++ | +| test.cpp:381:5:381:9 | ... ++ | semmle.label | ... ++ | +| test.cpp:384:13:384:16 | Load: * ... | semmle.label | Load: * ... | +| test.cpp:384:14:384:16 | end | semmle.label | end | +subpaths #select | test.cpp:6:14:6:15 | Load: * ... | test.cpp:4:15:4:20 | call to malloc | test.cpp:6:14:6:15 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:4:15:4:20 | call to malloc | call to malloc | test.cpp:5:19:5:22 | size | size | | test.cpp:8:14:8:21 | Load: * ... | test.cpp:4:15:4:20 | call to malloc | test.cpp:8:14:8:21 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@ + 1. | test.cpp:4:15:4:20 | call to malloc | call to malloc | test.cpp:5:19:5:22 | size | size | -| test.cpp:8:14:8:21 | Load: * ... | test.cpp:4:15:4:20 | call to malloc | test.cpp:8:14:8:21 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:4:15:4:20 | call to malloc | call to malloc | test.cpp:5:19:5:22 | size | size | | test.cpp:20:14:20:21 | Load: * ... | test.cpp:16:15:16:20 | call to malloc | test.cpp:20:14:20:21 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:16:15:16:20 | call to malloc | call to malloc | test.cpp:17:19:17:22 | size | size | | test.cpp:30:14:30:15 | Load: * ... | test.cpp:28:15:28:20 | call to malloc | test.cpp:30:14:30:15 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:28:15:28:20 | call to malloc | call to malloc | test.cpp:29:20:29:27 | ... + ... | ... + ... | | test.cpp:32:14:32:21 | Load: * ... | test.cpp:28:15:28:20 | call to malloc | test.cpp:32:14:32:21 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@ + 1. | test.cpp:28:15:28:20 | call to malloc | call to malloc | test.cpp:29:20:29:27 | ... + ... | ... + ... | -| test.cpp:32:14:32:21 | Load: * ... | test.cpp:28:15:28:20 | call to malloc | test.cpp:32:14:32:21 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:28:15:28:20 | call to malloc | call to malloc | test.cpp:29:20:29:27 | ... + ... | ... + ... | | test.cpp:42:14:42:15 | Load: * ... | test.cpp:40:15:40:20 | call to malloc | test.cpp:42:14:42:15 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:40:15:40:20 | call to malloc | call to malloc | test.cpp:41:20:41:27 | ... - ... | ... - ... | | test.cpp:44:14:44:21 | Load: * ... | test.cpp:40:15:40:20 | call to malloc | test.cpp:44:14:44:21 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@ + 1. | test.cpp:40:15:40:20 | call to malloc | call to malloc | test.cpp:41:20:41:27 | ... - ... | ... - ... | -| test.cpp:44:14:44:21 | Load: * ... | test.cpp:40:15:40:20 | call to malloc | test.cpp:44:14:44:21 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:40:15:40:20 | call to malloc | call to malloc | test.cpp:41:20:41:27 | ... - ... | ... - ... | | test.cpp:67:9:67:14 | Store: ... = ... | test.cpp:52:19:52:24 | call to malloc | test.cpp:67:9:67:14 | Store: ... = ... | This write might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:52:19:52:24 | call to malloc | call to malloc | test.cpp:53:20:53:23 | size | size | | test.cpp:96:9:96:14 | Store: ... = ... | test.cpp:82:17:82:22 | call to malloc | test.cpp:96:9:96:14 | Store: ... = ... | This write might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:82:17:82:22 | call to malloc | call to malloc | test.cpp:83:27:83:30 | size | size | | test.cpp:110:9:110:14 | Store: ... = ... | test.cpp:82:17:82:22 | call to malloc | test.cpp:110:9:110:14 | Store: ... = ... | This write might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:82:17:82:22 | call to malloc | call to malloc | test.cpp:83:27:83:30 | size | size | @@ -719,9 +1115,11 @@ edges | test.cpp:232:3:232:20 | Store: ... = ... | test.cpp:231:18:231:30 | new[] | test.cpp:232:3:232:20 | Store: ... = ... | This write might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:231:18:231:30 | new[] | new[] | test.cpp:232:11:232:15 | index | index | | test.cpp:239:5:239:22 | Store: ... = ... | test.cpp:238:20:238:32 | new[] | test.cpp:239:5:239:22 | Store: ... = ... | This write might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:238:20:238:32 | new[] | new[] | test.cpp:239:13:239:17 | index | index | | test.cpp:254:9:254:16 | Store: ... = ... | test.cpp:248:24:248:30 | call to realloc | test.cpp:254:9:254:16 | Store: ... = ... | This write might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:248:24:248:30 | call to realloc | call to realloc | test.cpp:254:11:254:11 | i | i | -| test.cpp:264:13:264:14 | Load: * ... | test.cpp:260:13:260:24 | new[] | test.cpp:264:13:264:14 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@ + 1. | test.cpp:260:13:260:24 | new[] | new[] | test.cpp:261:19:261:21 | len | len | | test.cpp:264:13:264:14 | Load: * ... | test.cpp:260:13:260:24 | new[] | test.cpp:264:13:264:14 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:260:13:260:24 | new[] | new[] | test.cpp:261:19:261:21 | len | len | -| test.cpp:274:5:274:10 | Store: ... = ... | test.cpp:270:13:270:24 | new[] | test.cpp:274:5:274:10 | Store: ... = ... | This write might be out of bounds, as the pointer might be equal to $@ + $@ + 1. | test.cpp:270:13:270:24 | new[] | new[] | test.cpp:271:19:271:21 | len | len | | test.cpp:274:5:274:10 | Store: ... = ... | test.cpp:270:13:270:24 | new[] | test.cpp:274:5:274:10 | Store: ... = ... | This write might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:270:13:270:24 | new[] | new[] | test.cpp:271:19:271:21 | len | len | -| test.cpp:284:13:284:14 | Load: * ... | test.cpp:280:13:280:24 | new[] | test.cpp:284:13:284:14 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:280:13:280:24 | new[] | new[] | test.cpp:281:19:281:21 | len | len | -| test.cpp:294:5:294:10 | Store: ... = ... | test.cpp:290:13:290:24 | new[] | test.cpp:294:5:294:10 | Store: ... = ... | This write might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:290:13:290:24 | new[] | new[] | test.cpp:291:19:291:21 | len | len | +| test.cpp:308:5:308:29 | Store: ... = ... | test.cpp:304:15:304:26 | new[] | test.cpp:308:5:308:29 | Store: ... = ... | This write might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:304:15:304:26 | new[] | new[] | test.cpp:308:8:308:10 | ... + ... | ... + ... | +| test.cpp:350:15:350:19 | Load: * ... | test.cpp:347:14:347:27 | new[] | test.cpp:350:15:350:19 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:347:14:347:27 | new[] | new[] | test.cpp:348:20:348:23 | size | size | +| test.cpp:358:14:358:26 | Load: * ... | test.cpp:355:14:355:27 | new[] | test.cpp:358:14:358:26 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@ + 1. | test.cpp:355:14:355:27 | new[] | new[] | test.cpp:356:20:356:23 | size | size | +| test.cpp:359:14:359:32 | Load: * ... | test.cpp:355:14:355:27 | new[] | test.cpp:359:14:359:32 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@ + 2. | test.cpp:355:14:355:27 | new[] | new[] | test.cpp:356:20:356:23 | size | size | +| test.cpp:372:15:372:16 | Load: * ... | test.cpp:363:14:363:27 | new[] | test.cpp:372:15:372:16 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:363:14:363:27 | new[] | new[] | test.cpp:365:19:365:22 | size | size | +| test.cpp:384:13:384:16 | Load: * ... | test.cpp:377:14:377:27 | new[] | test.cpp:384:13:384:16 | Load: * ... | This read might be out of bounds, as the pointer might be equal to $@ + $@. | test.cpp:377:14:377:27 | new[] | new[] | test.cpp:378:20:378:23 | size | size | diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/test.cpp b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/test.cpp index 3cd2cd9ad3d..7269af0153f 100644 --- a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/test.cpp +++ b/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-193/pointer-deref/test.cpp @@ -281,7 +281,7 @@ void test19(unsigned len) int *end = xs + len; for (int *x = xs; x < end; x++) { - int i = *x; // GOOD [FALSE POSITIVE] + int i = *x; // GOOD } } @@ -291,6 +291,95 @@ void test20(unsigned len) int *end = xs + len; for (int *x = xs; x < end; x++) { - *x = 0; // GOOD [FALSE POSITIVE] + *x = 0; // GOOD } -} \ No newline at end of file +} + +void* test21_get(int n); + +void test21() { + int n = 0; + while (test21_get(n)) n+=2; + + void** xs = new void*[n]; + + for (int i = 0; i < n; i += 2) { + xs[i] = test21_get(i); // GOOD + xs[i+1] = test21_get(i+1); // GOOD [FALSE POSITIVE] + } +} + +void test22(unsigned size, int val) { + char *xs = new char[size]; + char *end = xs + size; // GOOD + char **current = &end; + do { + if (*current - xs < 1) // GOOD + return; + *--(*current) = 0; // GOOD + val >>= 8; + } while (val > 0); +} + +void test23(unsigned size, int val) { + char *xs = new char[size]; + char *end = xs + size; + char **current = &end; + + if (val < 1) { + if(*current - xs < 1) + return; + + *--(*current) = 0; // GOOD + return; + } + + if (val < 2) { + if(*current - xs < 2) + return; + + *--(*current) = 0; // GOOD + *--(*current) = 0; // GOOD + } +} + +void test24(unsigned size) { + char *xs = new char[size]; + char *end = xs + size; + if (xs < end) { + int val = *xs++; // GOOD [FALSE POSITIVE] + } +} + +void test25(unsigned size) { + char *xs = new char[size]; + char *end = xs + size; + char *end_plus_one = end + 1; + int val1 = *end_plus_one; // BAD + int val2 = *(end_plus_one + 1); // BAD +} + +void test26(unsigned size) { + char *xs = new char[size]; + char *p = xs; + char *end = p + size; + + if (p + 4 <= end) { + p += 4; + } + + if (p < end) { + int val = *p; // GOOD [FALSE POSITIVE] + } +} + +void test27(unsigned size, bool b) { + char *xs = new char[size]; + char *end = xs + size; + + if (b) { + end++; + } + + int val = *end; // BAD +} diff --git a/cpp/ql/test/library-tests/blocks/cpp/exprs.ql b/cpp/ql/test/library-tests/blocks/cpp/exprs.ql index bfc312e00ea..d930dea676f 100644 --- a/cpp/ql/test/library-tests/blocks/cpp/exprs.ql +++ b/cpp/ql/test/library-tests/blocks/cpp/exprs.ql @@ -6,7 +6,7 @@ import cpp */ class CStyleCastPlain extends CStyleCast { - override string toString() { result = "Conversion of " + getExpr().toString() } + override string toString() { result = "Conversion of " + this.getExpr().toString() } } from Expr e diff --git a/cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/annotate_path_to_sink/tainted.expected b/cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/annotate_path_to_sink/tainted.expected index 6f00f28e455..15a586f6f32 100644 --- a/cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/annotate_path_to_sink/tainted.expected +++ b/cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/annotate_path_to_sink/tainted.expected @@ -1,2 +1,4 @@ WARNING: Module TaintedWithPath has been deprecated and may be removed in future (tainted.ql:9,8-47) WARNING: Predicate tainted has been deprecated and may be removed in future (tainted.ql:20,49-74) +failures +testFailures diff --git a/cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/annotate_path_to_sink/tainted.ql b/cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/annotate_path_to_sink/tainted.ql index 177c7ac2387..92fb3994721 100644 --- a/cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/annotate_path_to_sink/tainted.ql +++ b/cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/annotate_path_to_sink/tainted.ql @@ -38,12 +38,10 @@ predicate irTaint(Element source, TaintedWithPath::PathNode predNode, string tag ) } -class IRDefaultTaintTrackingTest extends InlineExpectationsTest { - IRDefaultTaintTrackingTest() { this = "IRDefaultTaintTrackingTest" } +module IRDefaultTaintTrackingTest implements TestSig { + string getARelevantTag() { result = ["ir-path", "ir-sink"] } - override string getARelevantTag() { result = ["ir-path", "ir-sink"] } - - override predicate hasActualResult(Location location, string element, string tag, string value) { + predicate hasActualResult(Location location, string element, string tag, string value) { exists(Element elem, TaintedWithPath::PathNode node, int n | irTaint(_, node, tag) and elem = getElementFromPathNode(node) and @@ -67,12 +65,10 @@ class IRDefaultTaintTrackingTest extends InlineExpectationsTest { } } -class AstTaintTrackingTest extends InlineExpectationsTest { - AstTaintTrackingTest() { this = "ASTTaintTrackingTest" } +module AstTaintTrackingTest implements TestSig { + string getARelevantTag() { result = "ast" } - override string getARelevantTag() { result = "ast" } - - override predicate hasActualResult(Location location, string element, string tag, string value) { + predicate hasActualResult(Location location, string element, string tag, string value) { exists(Expr source, Element tainted, int n | tag = "ast" and astTaint(source, tainted) and @@ -100,3 +96,5 @@ class AstTaintTrackingTest extends InlineExpectationsTest { ) } } + +import MakeTest> diff --git a/cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/annotate_sinks_only/tainted.expected b/cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/annotate_sinks_only/tainted.expected index 5c235d0802d..4cac8898022 100644 --- a/cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/annotate_sinks_only/tainted.expected +++ b/cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/annotate_sinks_only/tainted.expected @@ -1,2 +1,4 @@ WARNING: Module TaintedWithPath has been deprecated and may be removed in future (tainted.ql:10,8-47) WARNING: Predicate tainted has been deprecated and may be removed in future (tainted.ql:21,3-28) +failures +testFailures diff --git a/cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/annotate_sinks_only/tainted.ql b/cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/annotate_sinks_only/tainted.ql index 5c9583b800a..6b51f265d1e 100644 --- a/cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/annotate_sinks_only/tainted.ql +++ b/cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/annotate_sinks_only/tainted.ql @@ -29,12 +29,10 @@ predicate irTaint(Expr source, Element sink) { TaintedWithPath::taintedWithPath(source, sink, _, _) } -class IRDefaultTaintTrackingTest extends InlineExpectationsTest { - IRDefaultTaintTrackingTest() { this = "IRDefaultTaintTrackingTest" } +module IRDefaultTaintTrackingTest implements TestSig { + string getARelevantTag() { result = "ir" } - override string getARelevantTag() { result = "ir" } - - override predicate hasActualResult(Location location, string element, string tag, string value) { + predicate hasActualResult(Location location, string element, string tag, string value) { exists(Expr source, Element tainted, int n | tag = "ir" and irTaint(source, tainted) and @@ -55,12 +53,10 @@ class IRDefaultTaintTrackingTest extends InlineExpectationsTest { } } -class AstTaintTrackingTest extends InlineExpectationsTest { - AstTaintTrackingTest() { this = "ASTTaintTrackingTest" } +module AstTaintTrackingTest implements TestSig { + string getARelevantTag() { result = "ast" } - override string getARelevantTag() { result = "ast" } - - override predicate hasActualResult(Location location, string element, string tag, string value) { + predicate hasActualResult(Location location, string element, string tag, string value) { exists(Expr source, Element tainted, int n | tag = "ast" and astTaint(source, tainted) and @@ -80,3 +76,5 @@ class AstTaintTrackingTest extends InlineExpectationsTest { ) } } + +import MakeTest> diff --git a/cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/globals/global.expected b/cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/globals/global.expected index b1d79c1079e..4ebf9d0d0e0 100644 --- a/cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/globals/global.expected +++ b/cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/globals/global.expected @@ -1,2 +1,4 @@ WARNING: Predicate taintedIncludingGlobalVars has been deprecated and may be removed in future (global.ql:8,3-47) WARNING: Predicate taintedIncludingGlobalVars has been deprecated and may be removed in future (global.ql:12,3-53) +failures +testFailures diff --git a/cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/globals/global.ql b/cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/globals/global.ql index a7a8560908e..1179c76937d 100644 --- a/cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/globals/global.ql +++ b/cpp/ql/test/library-tests/dataflow/DefaultTaintTracking/globals/global.ql @@ -12,12 +12,10 @@ predicate irTaint(Expr source, Element sink, string globalVar) { IRDefaultTaintTracking::taintedIncludingGlobalVars(source, sink, globalVar) and globalVar != "" } -class IRGlobalDefaultTaintTrackingTest extends InlineExpectationsTest { - IRGlobalDefaultTaintTrackingTest() { this = "IRGlobalDefaultTaintTrackingTest" } +module IRGlobalDefaultTaintTrackingTest implements TestSig { + string getARelevantTag() { result = "ir" } - override string getARelevantTag() { result = "ir" } - - override predicate hasActualResult(Location location, string element, string tag, string value) { + predicate hasActualResult(Location location, string element, string tag, string value) { exists(Element tainted | tag = "ir" and irTaint(_, tainted, value) and @@ -27,12 +25,10 @@ class IRGlobalDefaultTaintTrackingTest extends InlineExpectationsTest { } } -class AstGlobalDefaultTaintTrackingTest extends InlineExpectationsTest { - AstGlobalDefaultTaintTrackingTest() { this = "ASTGlobalDefaultTaintTrackingTest" } +module AstGlobalDefaultTaintTrackingTest implements TestSig { + string getARelevantTag() { result = "ast" } - override string getARelevantTag() { result = "ast" } - - override predicate hasActualResult(Location location, string element, string tag, string value) { + predicate hasActualResult(Location location, string element, string tag, string value) { exists(Element tainted | tag = "ast" and astTaint(_, tainted, value) and @@ -41,3 +37,5 @@ class AstGlobalDefaultTaintTrackingTest extends InlineExpectationsTest { ) } } + +import MakeTest> diff --git a/cpp/ql/test/library-tests/dataflow/dataflow-tests/clang.cpp b/cpp/ql/test/library-tests/dataflow/dataflow-tests/clang.cpp index 71e752720de..499e8b8a62b 100644 --- a/cpp/ql/test/library-tests/dataflow/dataflow-tests/clang.cpp +++ b/cpp/ql/test/library-tests/dataflow/dataflow-tests/clang.cpp @@ -1,7 +1,7 @@ // semmle-extractor-options: --edg --clang int source(); -void sink(int); void sink(const int *); void sink(int **); +void sink(int); void sink(const int *); void sink(int **); void indirect_sink(...); struct twoIntFields { int m1, m2; @@ -19,7 +19,8 @@ void following_pointers( // $ ast-def=sourceStruct1_ptr sink(sourceArray1[0]); // no flow sink(*sourceArray1); // no flow - sink(&sourceArray1); // $ ast,ir // [should probably be taint only] + sink(&sourceArray1); // $ ast // [should probably be taint only] + indirect_sink(&sourceArray1); // $ ast,ir sink(sourceStruct1.m1); // no flow sink(sourceStruct1_ptr->m1); // no flow @@ -48,5 +49,6 @@ void following_pointers( // $ ast-def=sourceStruct1_ptr int stackArray[2] = { source(), source() }; stackArray[0] = source(); - sink(stackArray); // $ ast ir ir=49:25 ir=49:35 ir=50:19 + sink(stackArray); // $ ast,ir + indirect_sink(stackArray); // $ ast ir=50:25 ir=50:35 ir=51:19 } diff --git a/cpp/ql/test/library-tests/dataflow/dataflow-tests/dataflow-consistency.expected b/cpp/ql/test/library-tests/dataflow/dataflow-tests/dataflow-consistency.expected index 26b2bd0351d..acf233ed2ee 100644 --- a/cpp/ql/test/library-tests/dataflow/dataflow-tests/dataflow-consistency.expected +++ b/cpp/ql/test/library-tests/dataflow/dataflow-tests/dataflow-consistency.expected @@ -28,9 +28,10 @@ postWithInFlow | BarrierGuard.cpp:49:6:49:6 | x [post update] | PostUpdateNode should not be the target of local flow. | | BarrierGuard.cpp:60:7:60:7 | x [post update] | PostUpdateNode should not be the target of local flow. | | clang.cpp:22:9:22:20 | sourceArray1 [inner post update] | PostUpdateNode should not be the target of local flow. | -| clang.cpp:28:22:28:23 | m1 [post update] | PostUpdateNode should not be the target of local flow. | -| clang.cpp:50:3:50:12 | stackArray [inner post update] | PostUpdateNode should not be the target of local flow. | -| clang.cpp:50:3:50:15 | access to array [post update] | PostUpdateNode should not be the target of local flow. | +| clang.cpp:23:18:23:29 | sourceArray1 [inner post update] | PostUpdateNode should not be the target of local flow. | +| clang.cpp:29:22:29:23 | m1 [post update] | PostUpdateNode should not be the target of local flow. | +| clang.cpp:51:3:51:12 | stackArray [inner post update] | PostUpdateNode should not be the target of local flow. | +| clang.cpp:51:3:51:15 | access to array [post update] | PostUpdateNode should not be the target of local flow. | | dispatch.cpp:60:3:60:14 | globalBottom [post update] | PostUpdateNode should not be the target of local flow. | | dispatch.cpp:61:3:61:14 | globalMiddle [post update] | PostUpdateNode should not be the target of local flow. | | dispatch.cpp:78:24:78:37 | call to allocateBottom [inner post update] | PostUpdateNode should not be the target of local flow. | @@ -125,6 +126,8 @@ postWithInFlow | test.cpp:681:3:681:3 | s [post update] | PostUpdateNode should not be the target of local flow. | | test.cpp:689:3:689:3 | s [post update] | PostUpdateNode should not be the target of local flow. | | test.cpp:690:3:690:3 | s [post update] | PostUpdateNode should not be the target of local flow. | +| test.cpp:694:4:694:6 | buf [inner post update] | PostUpdateNode should not be the target of local flow. | +| test.cpp:704:23:704:25 | buf [inner post update] | PostUpdateNode should not be the target of local flow. | viableImplInCallContextTooLarge uniqueParameterNodeAtPosition uniqueParameterNodePosition diff --git a/cpp/ql/test/library-tests/dataflow/dataflow-tests/dataflow-ir-consistency.expected b/cpp/ql/test/library-tests/dataflow/dataflow-tests/dataflow-ir-consistency.expected index 5a2e6ee9050..58049de095d 100644 --- a/cpp/ql/test/library-tests/dataflow/dataflow-tests/dataflow-ir-consistency.expected +++ b/cpp/ql/test/library-tests/dataflow/dataflow-tests/dataflow-ir-consistency.expected @@ -32,403 +32,3 @@ uniqueParameterNodeAtPosition uniqueParameterNodePosition uniqueContentApprox identityLocalStep -| BarrierGuard.cpp:6:15:6:20 | source | Node steps to itself | -| BarrierGuard.cpp:7:10:7:15 | source | Node steps to itself | -| BarrierGuard.cpp:9:10:9:15 | source | Node steps to itself | -| BarrierGuard.cpp:14:16:14:21 | source | Node steps to itself | -| BarrierGuard.cpp:15:10:15:15 | source | Node steps to itself | -| BarrierGuard.cpp:17:10:17:15 | source | Node steps to itself | -| BarrierGuard.cpp:22:15:22:20 | source | Node steps to itself | -| BarrierGuard.cpp:22:26:22:34 | arbitrary | Node steps to itself | -| BarrierGuard.cpp:23:10:23:15 | source | Node steps to itself | -| BarrierGuard.cpp:25:10:25:15 | source | Node steps to itself | -| BarrierGuard.cpp:30:15:30:20 | source | Node steps to itself | -| BarrierGuard.cpp:30:26:30:34 | arbitrary | Node steps to itself | -| BarrierGuard.cpp:31:10:31:15 | source | Node steps to itself | -| BarrierGuard.cpp:33:10:33:15 | source | Node steps to itself | -| BarrierGuard.cpp:38:16:38:21 | source | Node steps to itself | -| BarrierGuard.cpp:41:8:41:13 | source | Node steps to itself | -| BarrierGuard.cpp:60:3:60:4 | p1 | Node steps to itself | -| BarrierGuard.cpp:61:15:61:16 | p1 | Node steps to itself | -| BarrierGuard.cpp:62:10:62:11 | p1 | Node steps to itself | -| BarrierGuard.cpp:62:10:62:11 | p1 indirection | Node steps to itself | -| BarrierGuard.cpp:63:22:63:23 | p1 | Node steps to itself | -| BarrierGuard.cpp:64:10:64:11 | p1 | Node steps to itself | -| BarrierGuard.cpp:64:10:64:11 | p1 indirection | Node steps to itself | -| BarrierGuard.cpp:65:22:65:23 | p2 | Node steps to itself | -| BarrierGuard.cpp:65:22:65:23 | p2 indirection | Node steps to itself | -| BarrierGuard.cpp:66:10:66:11 | p1 | Node steps to itself | -| BarrierGuard.cpp:66:10:66:11 | p1 indirection | Node steps to itself | -| BarrierGuard.cpp:76:10:76:12 | buf | Node steps to itself | -| BarrierGuard.cpp:76:10:76:12 | buf indirection | Node steps to itself | -| clang.cpp:8:27:8:28 | this | Node steps to itself | -| clang.cpp:8:27:8:28 | this indirection | Node steps to itself | -| clang.cpp:20:8:20:19 | sourceArray1 | Node steps to itself | -| clang.cpp:21:9:21:20 | sourceArray1 | Node steps to itself | -| clang.cpp:25:8:25:24 | sourceStruct1_ptr | Node steps to itself | -| clang.cpp:26:8:26:24 | sourceStruct1_ptr | Node steps to itself | -| clang.cpp:28:3:28:19 | sourceStruct1_ptr | Node steps to itself | -| clang.cpp:29:8:29:24 | sourceStruct1_ptr | Node steps to itself | -| clang.cpp:30:8:30:24 | sourceStruct1_ptr | Node steps to itself | -| clang.cpp:31:8:31:24 | sourceStruct1_ptr | Node steps to itself | -| clang.cpp:31:8:31:24 | sourceStruct1_ptr indirection | Node steps to itself | -| clang.cpp:47:8:47:28 | sourceFunctionPointer | Node steps to itself | -| dispatch.cpp:11:38:11:38 | x | Node steps to itself | -| dispatch.cpp:23:38:23:38 | x | Node steps to itself | -| dispatch.cpp:31:8:31:13 | topPtr | Node steps to itself | -| dispatch.cpp:32:8:32:13 | topPtr | Node steps to itself | -| dispatch.cpp:33:3:33:8 | topPtr | Node steps to itself | -| dispatch.cpp:35:8:35:13 | topPtr | Node steps to itself | -| dispatch.cpp:36:8:36:13 | topPtr | Node steps to itself | -| dispatch.cpp:37:3:37:8 | topPtr | Node steps to itself | -| dispatch.cpp:37:3:37:8 | topPtr indirection | Node steps to itself | -| dispatch.cpp:45:3:45:8 | topRef indirection | Node steps to itself | -| dispatch.cpp:51:10:51:21 | globalBottom | Node steps to itself | -| dispatch.cpp:55:8:55:19 | globalBottom | Node steps to itself | -| dispatch.cpp:55:8:55:19 | globalBottom indirection | Node steps to itself | -| dispatch.cpp:56:8:56:19 | globalMiddle | Node steps to itself | -| dispatch.cpp:56:8:56:19 | globalMiddle indirection | Node steps to itself | -| dispatch.cpp:69:3:69:5 | top | Node steps to itself | -| dispatch.cpp:69:3:69:5 | top indirection | Node steps to itself | -| dispatch.cpp:73:3:73:5 | top indirection | Node steps to itself | -| dispatch.cpp:81:3:81:3 | x | Node steps to itself | -| dispatch.cpp:81:3:81:3 | x indirection | Node steps to itself | -| dispatch.cpp:85:10:85:12 | top | Node steps to itself | -| dispatch.cpp:89:12:89:17 | bottom indirection | Node steps to itself | -| dispatch.cpp:90:12:90:14 | top | Node steps to itself | -| dispatch.cpp:90:12:90:14 | top indirection | Node steps to itself | -| dispatch.cpp:96:8:96:8 | x | Node steps to itself | -| dispatch.cpp:104:7:104:7 | b | Node steps to itself | -| dispatch.cpp:107:3:107:15 | maybeCallSink | Node steps to itself | -| dispatch.cpp:108:3:108:14 | dontCallSink | Node steps to itself | -| dispatch.cpp:129:10:129:15 | topPtr | Node steps to itself | -| dispatch.cpp:129:10:129:15 | topPtr indirection | Node steps to itself | -| dispatch.cpp:130:10:130:15 | topRef indirection | Node steps to itself | -| dispatch.cpp:140:3:140:6 | func | Node steps to itself | -| dispatch.cpp:144:3:144:6 | func | Node steps to itself | -| dispatch.cpp:160:3:160:6 | func | Node steps to itself | -| dispatch.cpp:164:3:164:6 | func | Node steps to itself | -| example.c:19:6:19:6 | b | Node steps to itself | -| example.c:19:6:19:6 | b indirection | Node steps to itself | -| example.c:24:24:24:26 | pos | Node steps to itself | -| file://:0:0:0:0 | this | Node steps to itself | -| file://:0:0:0:0 | this indirection | Node steps to itself | -| globals.cpp:6:10:6:14 | local | Node steps to itself | -| globals.cpp:12:10:12:24 | flowTestGlobal1 | Node steps to itself | -| globals.cpp:19:10:19:24 | flowTestGlobal2 | Node steps to itself | -| lambdas.cpp:13:10:17:2 | [...](...){...} | Node steps to itself | -| lambdas.cpp:13:11:13:11 | (unnamed parameter 0) indirection | Node steps to itself | -| lambdas.cpp:13:12:13:12 | t | Node steps to itself | -| lambdas.cpp:13:15:13:15 | u | Node steps to itself | -| lambdas.cpp:14:3:14:6 | this | Node steps to itself | -| lambdas.cpp:15:3:15:6 | this | Node steps to itself | -| lambdas.cpp:20:10:24:2 | [...](...){...} | Node steps to itself | -| lambdas.cpp:20:11:20:11 | (unnamed parameter 0) indirection | Node steps to itself | -| lambdas.cpp:21:3:21:6 | this | Node steps to itself | -| lambdas.cpp:22:3:22:6 | this | Node steps to itself | -| lambdas.cpp:23:3:23:14 | this | Node steps to itself | -| lambdas.cpp:23:3:23:14 | this indirection | Node steps to itself | -| lambdas.cpp:26:7:26:7 | v | Node steps to itself | -| lambdas.cpp:28:10:31:2 | [...](...){...} | Node steps to itself | -| lambdas.cpp:28:10:31:2 | t | Node steps to itself | -| lambdas.cpp:28:10:31:2 | u | Node steps to itself | -| lambdas.cpp:28:11:28:11 | (unnamed parameter 0) indirection | Node steps to itself | -| lambdas.cpp:29:3:29:6 | this | Node steps to itself | -| lambdas.cpp:30:3:30:6 | this | Node steps to itself | -| lambdas.cpp:30:3:30:6 | this indirection | Node steps to itself | -| lambdas.cpp:34:11:37:2 | [...](...){...} | Node steps to itself | -| lambdas.cpp:35:8:35:8 | a | Node steps to itself | -| lambdas.cpp:36:8:36:8 | b | Node steps to itself | -| lambdas.cpp:38:4:38:4 | t | Node steps to itself | -| lambdas.cpp:38:7:38:7 | u | Node steps to itself | -| lambdas.cpp:40:11:44:2 | [...](...){...} | Node steps to itself | -| lambdas.cpp:41:8:41:8 | a | Node steps to itself | -| lambdas.cpp:42:8:42:8 | b | Node steps to itself | -| lambdas.cpp:46:7:46:7 | w | Node steps to itself | -| ref.cpp:11:11:11:13 | rhs | Node steps to itself | -| ref.cpp:16:12:16:14 | lhs indirection | Node steps to itself | -| ref.cpp:16:17:16:19 | rhs | Node steps to itself | -| ref.cpp:20:11:20:13 | rhs | Node steps to itself | -| ref.cpp:21:9:21:17 | arbitrary | Node steps to itself | -| ref.cpp:30:9:30:17 | arbitrary | Node steps to itself | -| ref.cpp:36:9:36:17 | arbitrary | Node steps to itself | -| ref.cpp:45:9:45:17 | arbitrary | Node steps to itself | -| ref.cpp:56:10:56:11 | x1 | Node steps to itself | -| ref.cpp:59:10:59:11 | x2 | Node steps to itself | -| ref.cpp:62:10:62:11 | x3 | Node steps to itself | -| ref.cpp:65:10:65:11 | x4 | Node steps to itself | -| ref.cpp:75:5:75:7 | lhs indirection | Node steps to itself | -| ref.cpp:75:15:75:17 | rhs | Node steps to itself | -| ref.cpp:79:12:79:14 | lhs indirection | Node steps to itself | -| ref.cpp:79:17:79:19 | rhs | Node steps to itself | -| ref.cpp:83:15:83:17 | rhs | Node steps to itself | -| ref.cpp:86:9:86:17 | arbitrary | Node steps to itself | -| ref.cpp:87:7:87:9 | lhs indirection | Node steps to itself | -| ref.cpp:89:7:89:9 | lhs indirection | Node steps to itself | -| ref.cpp:95:9:95:17 | arbitrary | Node steps to itself | -| ref.cpp:96:7:96:9 | out indirection | Node steps to itself | -| ref.cpp:101:9:101:17 | arbitrary | Node steps to itself | -| ref.cpp:102:21:102:23 | out indirection | Node steps to itself | -| ref.cpp:104:7:104:9 | out indirection | Node steps to itself | -| ref.cpp:112:9:112:17 | arbitrary | Node steps to itself | -| ref.cpp:113:7:113:9 | out indirection | Node steps to itself | -| ref.cpp:115:7:115:9 | out indirection | Node steps to itself | -| test.cpp:7:8:7:9 | t1 | Node steps to itself | -| test.cpp:8:8:8:9 | t1 | Node steps to itself | -| test.cpp:9:8:9:9 | t1 | Node steps to itself | -| test.cpp:10:8:10:9 | t2 | Node steps to itself | -| test.cpp:11:7:11:8 | t1 | Node steps to itself | -| test.cpp:13:10:13:11 | t2 | Node steps to itself | -| test.cpp:15:8:15:9 | t2 | Node steps to itself | -| test.cpp:21:8:21:9 | t1 | Node steps to itself | -| test.cpp:23:19:23:19 | Phi | Node steps to itself | -| test.cpp:23:19:23:19 | Phi | Node steps to itself | -| test.cpp:23:19:23:19 | Phi | Node steps to itself | -| test.cpp:23:19:23:19 | Phi | Node steps to itself | -| test.cpp:23:19:23:19 | i | Node steps to itself | -| test.cpp:23:23:23:24 | t1 | Node steps to itself | -| test.cpp:23:27:23:27 | i | Node steps to itself | -| test.cpp:24:10:24:11 | t2 | Node steps to itself | -| test.cpp:26:8:26:9 | t1 | Node steps to itself | -| test.cpp:30:8:30:8 | t | Node steps to itself | -| test.cpp:31:8:31:8 | c | Node steps to itself | -| test.cpp:43:10:43:10 | t | Node steps to itself | -| test.cpp:43:10:43:20 | ... ? ... : ... | Node steps to itself | -| test.cpp:43:14:43:15 | t1 | Node steps to itself | -| test.cpp:43:19:43:20 | t2 | Node steps to itself | -| test.cpp:45:9:45:9 | b | Node steps to itself | -| test.cpp:45:9:45:19 | ... ? ... : ... | Node steps to itself | -| test.cpp:45:13:45:14 | t1 | Node steps to itself | -| test.cpp:45:18:45:19 | t2 | Node steps to itself | -| test.cpp:46:10:46:10 | t | Node steps to itself | -| test.cpp:51:9:51:9 | b | Node steps to itself | -| test.cpp:52:11:52:12 | t1 | Node steps to itself | -| test.cpp:58:10:58:10 | t | Node steps to itself | -| test.cpp:69:14:69:15 | x2 | Node steps to itself | -| test.cpp:71:8:71:9 | x4 | Node steps to itself | -| test.cpp:76:8:76:9 | u1 | Node steps to itself | -| test.cpp:78:8:78:9 | u1 | Node steps to itself | -| test.cpp:81:8:81:9 | i1 | Node steps to itself | -| test.cpp:84:8:84:9 | i1 | Node steps to itself | -| test.cpp:84:8:84:18 | ... ? ... : ... | Node steps to itself | -| test.cpp:84:13:84:14 | u2 | Node steps to itself | -| test.cpp:85:8:85:9 | u2 | Node steps to itself | -| test.cpp:86:8:86:9 | i1 | Node steps to itself | -| test.cpp:90:8:90:14 | source1 | Node steps to itself | -| test.cpp:91:13:91:18 | clean1 | Node steps to itself | -| test.cpp:92:8:92:14 | source1 | Node steps to itself | -| test.cpp:102:9:102:14 | clean1 | Node steps to itself | -| test.cpp:103:10:103:12 | ref | Node steps to itself | -| test.cpp:107:13:107:18 | clean1 | Node steps to itself | -| test.cpp:110:10:110:12 | ref | Node steps to itself | -| test.cpp:125:10:125:11 | in | Node steps to itself | -| test.cpp:134:10:134:10 | p | Node steps to itself | -| test.cpp:139:11:139:11 | x | Node steps to itself | -| test.cpp:140:8:140:8 | y | Node steps to itself | -| test.cpp:144:8:144:8 | s | Node steps to itself | -| test.cpp:145:10:145:10 | s | Node steps to itself | -| test.cpp:150:8:150:8 | x | Node steps to itself | -| test.cpp:152:8:152:8 | y | Node steps to itself | -| test.cpp:156:11:156:11 | s | Node steps to itself | -| test.cpp:157:8:157:8 | x | Node steps to itself | -| test.cpp:158:10:158:10 | x | Node steps to itself | -| test.cpp:163:8:163:8 | x | Node steps to itself | -| test.cpp:165:8:165:8 | y | Node steps to itself | -| test.cpp:172:10:172:10 | x | Node steps to itself | -| test.cpp:177:11:177:11 | x | Node steps to itself | -| test.cpp:178:8:178:8 | y | Node steps to itself | -| test.cpp:190:12:190:12 | p | Node steps to itself | -| test.cpp:194:13:194:27 | this | Node steps to itself | -| test.cpp:194:13:194:27 | this indirection | Node steps to itself | -| test.cpp:195:19:195:19 | x | Node steps to itself | -| test.cpp:196:13:196:19 | barrier | Node steps to itself | -| test.cpp:197:10:197:10 | y | Node steps to itself | -| test.cpp:201:19:201:24 | source | Node steps to itself | -| test.cpp:202:10:202:16 | barrier | Node steps to itself | -| test.cpp:203:12:203:18 | barrier | Node steps to itself | -| test.cpp:207:13:207:33 | this | Node steps to itself | -| test.cpp:208:10:208:10 | x | Node steps to itself | -| test.cpp:209:13:209:33 | this | Node steps to itself | -| test.cpp:209:13:209:33 | this indirection | Node steps to itself | -| test.cpp:210:10:210:10 | y | Node steps to itself | -| test.cpp:214:19:214:24 | source | Node steps to itself | -| test.cpp:215:13:215:19 | barrier | Node steps to itself | -| test.cpp:216:10:216:10 | x | Node steps to itself | -| test.cpp:217:12:217:12 | x | Node steps to itself | -| test.cpp:221:13:221:34 | this | Node steps to itself | -| test.cpp:222:10:222:10 | x | Node steps to itself | -| test.cpp:223:13:223:34 | this | Node steps to itself | -| test.cpp:223:13:223:34 | this indirection | Node steps to itself | -| test.cpp:224:10:224:10 | y | Node steps to itself | -| test.cpp:231:19:231:19 | x | Node steps to itself | -| test.cpp:232:12:232:18 | barrier | Node steps to itself | -| test.cpp:236:13:236:24 | this | Node steps to itself | -| test.cpp:236:13:236:24 | this indirection | Node steps to itself | -| test.cpp:237:13:237:13 | x | Node steps to itself | -| test.cpp:238:10:238:10 | y | Node steps to itself | -| test.cpp:245:7:245:12 | this | Node steps to itself | -| test.cpp:246:7:246:16 | this | Node steps to itself | -| test.cpp:246:7:246:16 | this indirection | Node steps to itself | -| test.cpp:250:15:250:15 | x | Node steps to itself | -| test.cpp:251:7:251:12 | this | Node steps to itself | -| test.cpp:251:7:251:12 | this indirection | Node steps to itself | -| test.cpp:251:14:251:14 | y | Node steps to itself | -| test.cpp:255:21:255:21 | x | Node steps to itself | -| test.cpp:256:7:256:12 | this | Node steps to itself | -| test.cpp:256:7:256:12 | this indirection | Node steps to itself | -| test.cpp:256:14:256:20 | barrier | Node steps to itself | -| test.cpp:260:12:260:12 | x | Node steps to itself | -| test.cpp:265:15:265:20 | this | Node steps to itself | -| test.cpp:266:12:266:12 | x | Node steps to itself | -| test.cpp:267:11:267:20 | this | Node steps to itself | -| test.cpp:267:11:267:20 | this indirection | Node steps to itself | -| test.cpp:268:12:268:12 | x | Node steps to itself | -| test.cpp:272:15:272:15 | x | Node steps to itself | -| test.cpp:273:14:273:19 | this | Node steps to itself | -| test.cpp:273:14:273:19 | this indirection | Node steps to itself | -| test.cpp:273:21:273:21 | y | Node steps to itself | -| test.cpp:277:21:277:21 | x | Node steps to itself | -| test.cpp:278:14:278:19 | this | Node steps to itself | -| test.cpp:278:14:278:19 | this indirection | Node steps to itself | -| test.cpp:278:21:278:27 | barrier | Node steps to itself | -| test.cpp:282:15:282:15 | x | Node steps to itself | -| test.cpp:283:14:283:14 | y | Node steps to itself | -| test.cpp:288:17:288:22 | this | Node steps to itself | -| test.cpp:289:14:289:14 | x | Node steps to itself | -| test.cpp:290:13:290:22 | this | Node steps to itself | -| test.cpp:290:13:290:22 | this indirection | Node steps to itself | -| test.cpp:291:14:291:14 | x | Node steps to itself | -| test.cpp:295:17:295:22 | this | Node steps to itself | -| test.cpp:295:17:295:22 | this indirection | Node steps to itself | -| test.cpp:296:16:296:16 | y | Node steps to itself | -| test.cpp:300:23:300:28 | this | Node steps to itself | -| test.cpp:300:23:300:28 | this indirection | Node steps to itself | -| test.cpp:301:16:301:22 | barrier | Node steps to itself | -| test.cpp:306:16:306:16 | y | Node steps to itself | -| test.cpp:314:2:314:2 | this | Node steps to itself | -| test.cpp:314:2:314:2 | this indirection | Node steps to itself | -| test.cpp:317:10:317:10 | this | Node steps to itself | -| test.cpp:317:12:317:12 | p | Node steps to itself | -| test.cpp:318:7:318:7 | x | Node steps to itself | -| test.cpp:319:10:319:10 | this | Node steps to itself | -| test.cpp:320:7:320:7 | y | Node steps to itself | -| test.cpp:321:2:321:2 | this | Node steps to itself | -| test.cpp:321:2:321:2 | this indirection | Node steps to itself | -| test.cpp:324:9:324:9 | p | Node steps to itself | -| test.cpp:337:10:337:18 | globalVar | Node steps to itself | -| test.cpp:339:10:339:18 | globalVar | Node steps to itself | -| test.cpp:343:10:343:18 | globalVar | Node steps to itself | -| test.cpp:349:10:349:18 | globalVar | Node steps to itself | -| test.cpp:359:5:359:9 | this | Node steps to itself | -| test.cpp:359:5:359:9 | this indirection | Node steps to itself | -| test.cpp:363:10:363:14 | this | Node steps to itself | -| test.cpp:364:5:364:14 | this | Node steps to itself | -| test.cpp:365:10:365:14 | this | Node steps to itself | -| test.cpp:365:10:365:14 | this indirection | Node steps to itself | -| test.cpp:369:10:369:14 | this | Node steps to itself | -| test.cpp:369:10:369:14 | this indirection | Node steps to itself | -| test.cpp:373:5:373:9 | this | Node steps to itself | -| test.cpp:374:5:374:20 | this | Node steps to itself | -| test.cpp:375:10:375:14 | this | Node steps to itself | -| test.cpp:375:10:375:14 | this indirection | Node steps to itself | -| test.cpp:385:8:385:10 | tmp | Node steps to itself | -| test.cpp:392:8:392:10 | tmp | Node steps to itself | -| test.cpp:393:7:393:7 | b | Node steps to itself | -| test.cpp:394:10:394:12 | tmp | Node steps to itself | -| test.cpp:401:8:401:10 | tmp | Node steps to itself | -| test.cpp:408:8:408:10 | tmp | Node steps to itself | -| test.cpp:418:8:418:12 | local | Node steps to itself | -| test.cpp:424:8:424:12 | local | Node steps to itself | -| test.cpp:436:8:436:13 | * ... | Node steps to itself | -| test.cpp:442:8:442:12 | local | Node steps to itself | -| test.cpp:451:8:451:13 | * ... | Node steps to itself | -| test.cpp:462:9:462:14 | clean1 | Node steps to itself | -| test.cpp:463:13:463:19 | source1 | Node steps to itself | -| test.cpp:465:13:465:18 | clean1 | Node steps to itself | -| test.cpp:468:8:468:12 | local | Node steps to itself | -| test.cpp:478:8:478:8 | x | Node steps to itself | -| test.cpp:488:21:488:21 | s | Node steps to itself | -| test.cpp:489:20:489:20 | s | Node steps to itself | -| test.cpp:489:20:489:20 | s indirection | Node steps to itself | -| test.cpp:490:9:490:17 | p_content | Node steps to itself | -| test.cpp:497:10:497:16 | Phi | Node steps to itself | -| test.cpp:497:10:497:16 | Phi | Node steps to itself | -| test.cpp:497:10:497:16 | Phi | Node steps to itself | -| test.cpp:498:9:498:14 | clean1 | Node steps to itself | -| test.cpp:500:10:500:10 | x | Node steps to itself | -| test.cpp:513:8:513:8 | x | Node steps to itself | -| test.cpp:520:19:520:23 | clean | Node steps to itself | -| test.cpp:532:9:532:9 | e | Node steps to itself | -| test.cpp:536:11:536:11 | p | Node steps to itself | -| test.cpp:541:10:541:10 | y | Node steps to itself | -| test.cpp:552:28:552:28 | y | Node steps to itself | -| test.cpp:566:11:566:19 | globalInt | Node steps to itself | -| test.cpp:568:11:568:19 | globalInt | Node steps to itself | -| test.cpp:572:11:572:19 | globalInt | Node steps to itself | -| test.cpp:578:11:578:19 | globalInt | Node steps to itself | -| test.cpp:590:8:590:8 | x | Node steps to itself | -| test.cpp:596:11:596:11 | p | Node steps to itself | -| test.cpp:601:20:601:20 | p | Node steps to itself | -| test.cpp:602:3:602:3 | p | Node steps to itself | -| test.cpp:603:9:603:9 | p | Node steps to itself | -| test.cpp:607:20:607:20 | p | Node steps to itself | -| test.cpp:609:9:609:9 | p | Node steps to itself | -| test.cpp:614:20:614:20 | p | Node steps to itself | -| test.cpp:624:7:624:7 | b | Node steps to itself | -| test.cpp:634:8:634:8 | x | Node steps to itself | -| test.cpp:640:8:640:8 | x | Node steps to itself | -| test.cpp:645:8:645:8 | x | Node steps to itself | -| test.cpp:651:8:651:8 | x | Node steps to itself | -| test.cpp:658:8:658:8 | x | Node steps to itself | -| test.cpp:666:9:666:16 | ptr_to_s | Node steps to itself | -| test.cpp:673:9:673:16 | ptr_to_s | Node steps to itself | -| test.cpp:679:9:679:16 | ptr_to_s | Node steps to itself | -| test.cpp:687:9:687:16 | ptr_to_s | Node steps to itself | -| true_upon_entry.cpp:10:19:10:19 | Phi | Node steps to itself | -| true_upon_entry.cpp:10:19:10:19 | i | Node steps to itself | -| true_upon_entry.cpp:10:27:10:27 | i | Node steps to itself | -| true_upon_entry.cpp:13:8:13:8 | x | Node steps to itself | -| true_upon_entry.cpp:18:19:18:19 | Phi | Node steps to itself | -| true_upon_entry.cpp:18:19:18:19 | Phi | Node steps to itself | -| true_upon_entry.cpp:18:19:18:19 | Phi | Node steps to itself | -| true_upon_entry.cpp:18:19:18:19 | i | Node steps to itself | -| true_upon_entry.cpp:18:23:18:32 | iterations | Node steps to itself | -| true_upon_entry.cpp:18:35:18:35 | i | Node steps to itself | -| true_upon_entry.cpp:21:8:21:8 | x | Node steps to itself | -| true_upon_entry.cpp:26:19:26:19 | Phi | Node steps to itself | -| true_upon_entry.cpp:26:19:26:19 | i | Node steps to itself | -| true_upon_entry.cpp:26:27:26:27 | i | Node steps to itself | -| true_upon_entry.cpp:29:8:29:8 | x | Node steps to itself | -| true_upon_entry.cpp:34:19:34:19 | Phi | Node steps to itself | -| true_upon_entry.cpp:34:19:34:19 | i | Node steps to itself | -| true_upon_entry.cpp:34:27:34:27 | i | Node steps to itself | -| true_upon_entry.cpp:39:8:39:8 | x | Node steps to itself | -| true_upon_entry.cpp:44:19:44:19 | Phi | Node steps to itself | -| true_upon_entry.cpp:44:19:44:19 | i | Node steps to itself | -| true_upon_entry.cpp:44:27:44:27 | i | Node steps to itself | -| true_upon_entry.cpp:49:8:49:8 | x | Node steps to itself | -| true_upon_entry.cpp:55:19:55:19 | Phi | Node steps to itself | -| true_upon_entry.cpp:55:19:55:19 | i | Node steps to itself | -| true_upon_entry.cpp:55:38:55:38 | i | Node steps to itself | -| true_upon_entry.cpp:57:8:57:8 | x | Node steps to itself | -| true_upon_entry.cpp:63:19:63:19 | Phi | Node steps to itself | -| true_upon_entry.cpp:63:19:63:19 | i | Node steps to itself | -| true_upon_entry.cpp:63:38:63:38 | i | Node steps to itself | -| true_upon_entry.cpp:66:8:66:8 | x | Node steps to itself | -| true_upon_entry.cpp:76:19:76:19 | Phi | Node steps to itself | -| true_upon_entry.cpp:76:19:76:19 | i | Node steps to itself | -| true_upon_entry.cpp:76:38:76:38 | i | Node steps to itself | -| true_upon_entry.cpp:78:8:78:8 | x | Node steps to itself | -| true_upon_entry.cpp:84:24:84:24 | Phi | Node steps to itself | -| true_upon_entry.cpp:84:30:84:30 | i | Node steps to itself | -| true_upon_entry.cpp:84:38:84:38 | i | Node steps to itself | -| true_upon_entry.cpp:86:8:86:8 | x | Node steps to itself | -| true_upon_entry.cpp:91:24:91:24 | Phi | Node steps to itself | -| true_upon_entry.cpp:91:30:91:30 | i | Node steps to itself | -| true_upon_entry.cpp:91:38:91:38 | i | Node steps to itself | -| true_upon_entry.cpp:93:8:93:8 | x | Node steps to itself | -| true_upon_entry.cpp:99:7:99:7 | b | Node steps to itself | -| true_upon_entry.cpp:101:10:101:10 | i | Node steps to itself | -| true_upon_entry.cpp:101:18:101:18 | i | Node steps to itself | -| true_upon_entry.cpp:101:23:101:23 | d | Node steps to itself | -| true_upon_entry.cpp:105:8:105:8 | x | Node steps to itself | diff --git a/cpp/ql/test/library-tests/dataflow/dataflow-tests/has-parameter-flow-out.expected b/cpp/ql/test/library-tests/dataflow/dataflow-tests/has-parameter-flow-out.expected index e69de29bb2d..48de9172b36 100644 --- a/cpp/ql/test/library-tests/dataflow/dataflow-tests/has-parameter-flow-out.expected +++ b/cpp/ql/test/library-tests/dataflow/dataflow-tests/has-parameter-flow-out.expected @@ -0,0 +1,2 @@ +failures +testFailures diff --git a/cpp/ql/test/library-tests/dataflow/dataflow-tests/has-parameter-flow-out.ql b/cpp/ql/test/library-tests/dataflow/dataflow-tests/has-parameter-flow-out.ql index bdeeccbc211..4b637fda714 100644 --- a/cpp/ql/test/library-tests/dataflow/dataflow-tests/has-parameter-flow-out.ql +++ b/cpp/ql/test/library-tests/dataflow/dataflow-tests/has-parameter-flow-out.ql @@ -5,12 +5,10 @@ module AstTest { private import semmle.code.cpp.dataflow.DataFlow::DataFlow private import semmle.code.cpp.dataflow.internal.DataFlowPrivate - class AstParameterDefTest extends InlineExpectationsTest { - AstParameterDefTest() { this = "AstParameterDefTest" } + module AstParameterDefTest implements TestSig { + string getARelevantTag() { result = "ast-def" } - override string getARelevantTag() { result = "ast-def" } - - override predicate hasActualResult(Location location, string element, string tag, string value) { + predicate hasActualResult(Location location, string element, string tag, string value) { exists(Function f, Parameter p, RefParameterFinalValueNode n | p.isNamed() and n.getParameter() = p and @@ -33,12 +31,10 @@ module IRTest { (if k = 0 then result = "" else result = "*" + stars(k - 1)) } - class IRParameterDefTest extends InlineExpectationsTest { - IRParameterDefTest() { this = "IRParameterDefTest" } + module IRParameterDefTest implements TestSig { + string getARelevantTag() { result = "ir-def" } - override string getARelevantTag() { result = "ir-def" } - - override predicate hasActualResult(Location location, string element, string tag, string value) { + predicate hasActualResult(Location location, string element, string tag, string value) { exists(Function f, Parameter p, FinalParameterNode n | p.isNamed() and n.getParameter() = p and @@ -51,3 +47,5 @@ module IRTest { } } } + +import MakeTest> diff --git a/cpp/ql/test/library-tests/dataflow/dataflow-tests/test-number-of-outnodes.expected b/cpp/ql/test/library-tests/dataflow/dataflow-tests/test-number-of-outnodes.expected index e69de29bb2d..48de9172b36 100644 --- a/cpp/ql/test/library-tests/dataflow/dataflow-tests/test-number-of-outnodes.expected +++ b/cpp/ql/test/library-tests/dataflow/dataflow-tests/test-number-of-outnodes.expected @@ -0,0 +1,2 @@ +failures +testFailures diff --git a/cpp/ql/test/library-tests/dataflow/dataflow-tests/test-number-of-outnodes.ql b/cpp/ql/test/library-tests/dataflow/dataflow-tests/test-number-of-outnodes.ql index f5fcd216882..95423a1ec7d 100644 --- a/cpp/ql/test/library-tests/dataflow/dataflow-tests/test-number-of-outnodes.ql +++ b/cpp/ql/test/library-tests/dataflow/dataflow-tests/test-number-of-outnodes.ql @@ -5,12 +5,10 @@ module AstTest { private import semmle.code.cpp.dataflow.DataFlow::DataFlow private import semmle.code.cpp.dataflow.internal.DataFlowPrivate - class AstMultipleOutNodesTest extends InlineExpectationsTest { - AstMultipleOutNodesTest() { this = "AstMultipleOutNodesTest" } + module AstMultipleOutNodesTest implements TestSig { + string getARelevantTag() { result = "ast-count(" + any(ReturnKind k).toString() + ")" } - override string getARelevantTag() { result = "ast-count(" + any(ReturnKind k).toString() + ")" } - - override predicate hasActualResult(Location location, string element, string tag, string value) { + predicate hasActualResult(Location location, string element, string tag, string value) { exists(DataFlowCall call, int n, ReturnKind kind | call.getLocation() = location and n = strictcount(getAnOutNode(call, kind)) and @@ -27,12 +25,10 @@ module IRTest { private import semmle.code.cpp.ir.dataflow.DataFlow private import semmle.code.cpp.ir.dataflow.internal.DataFlowPrivate - class IRMultipleOutNodesTest extends InlineExpectationsTest { - IRMultipleOutNodesTest() { this = "IRMultipleOutNodesTest" } + module IRMultipleOutNodesTest implements TestSig { + string getARelevantTag() { result = "ir-count(" + any(ReturnKind k).toString() + ")" } - override string getARelevantTag() { result = "ir-count(" + any(ReturnKind k).toString() + ")" } - - override predicate hasActualResult(Location location, string element, string tag, string value) { + predicate hasActualResult(Location location, string element, string tag, string value) { exists(DataFlowCall call, int n, ReturnKind kind | call.getLocation() = location and n = strictcount(getAnOutNode(call, kind)) and @@ -44,3 +40,5 @@ module IRTest { } } } + +import MakeTest> diff --git a/cpp/ql/test/library-tests/dataflow/dataflow-tests/test.cpp b/cpp/ql/test/library-tests/dataflow/dataflow-tests/test.cpp index 5fae604f4d9..915a8421475 100644 --- a/cpp/ql/test/library-tests/dataflow/dataflow-tests/test.cpp +++ b/cpp/ql/test/library-tests/dataflow/dataflow-tests/test.cpp @@ -1,5 +1,5 @@ int source(); -void sink(int); void sink(const int *); void sink(int **); +void sink(int); void sink(const int *); void sink(int **); void indirect_sink(...); void intraprocedural_with_local_flow() { int t2; @@ -626,7 +626,7 @@ void test_def_via_phi_read(bool b) use(buffer); } intPointerSource(buffer); - sink(buffer); // $ ast,ir + indirect_sink(buffer); // $ ast,ir } void test_static_local_1() { @@ -690,3 +690,16 @@ void test_static_local_9() { s = 0; } +void increment_buf(int** buf) { // $ ast-def=buf ir-def=*buf ir-def=**buf + *buf += 10; + sink(buf); // $ SPURIOUS: ast +} + +void call_increment_buf(int** buf) { // $ ast-def=buf + increment_buf(buf); +} + +void test_conflation_regression(int* source) { // $ ast-def=source + int* buf = source; + call_increment_buf(&buf); +} \ No newline at end of file diff --git a/cpp/ql/test/library-tests/dataflow/dataflow-tests/test.expected b/cpp/ql/test/library-tests/dataflow/dataflow-tests/test.expected index e69de29bb2d..48de9172b36 100644 --- a/cpp/ql/test/library-tests/dataflow/dataflow-tests/test.expected +++ b/cpp/ql/test/library-tests/dataflow/dataflow-tests/test.expected @@ -0,0 +1,2 @@ +failures +testFailures diff --git a/cpp/ql/test/library-tests/dataflow/dataflow-tests/test.ql b/cpp/ql/test/library-tests/dataflow/dataflow-tests/test.ql index 49c23907c1d..ea27ec0d51d 100644 --- a/cpp/ql/test/library-tests/dataflow/dataflow-tests/test.ql +++ b/cpp/ql/test/library-tests/dataflow/dataflow-tests/test.ql @@ -16,10 +16,8 @@ module AstTest { } /** Common data flow configuration to be used by tests. */ - class AstTestAllocationConfig extends DataFlow::Configuration { - AstTestAllocationConfig() { this = "ASTTestAllocationConfig" } - - override predicate isSource(DataFlow::Node source) { + module AstTestAllocationConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { source.asExpr().(FunctionCall).getTarget().getName() = "source" or source.asParameter().getName().matches("source%") @@ -32,18 +30,20 @@ module AstTest { exists(source.asUninitialized()) } - override predicate isSink(DataFlow::Node sink) { + predicate isSink(DataFlow::Node sink) { exists(FunctionCall call | - call.getTarget().getName() = "sink" and + call.getTarget().getName() = ["sink", "indirect_sink"] and sink.asExpr() = call.getAnArgument() ) } - override predicate isBarrier(DataFlow::Node barrier) { + predicate isBarrier(DataFlow::Node barrier) { barrier.asExpr().(VariableAccess).getTarget().hasName("barrier") or barrier = DataFlow::BarrierGuard::getABarrierNode() } } + + module AstFlow = DataFlow::Global; } module IRTest { @@ -67,10 +67,8 @@ module IRTest { } /** Common data flow configuration to be used by tests. */ - class IRTestAllocationConfig extends DataFlow::Configuration { - IRTestAllocationConfig() { this = "IRTestAllocationConfig" } - - override predicate isSource(DataFlow::Node source) { + module IRTestAllocationConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { source.asExpr().(FunctionCall).getTarget().getName() = "source" or source.asIndirectExpr(1).(FunctionCall).getTarget().getName() = "indirect_source" @@ -82,14 +80,17 @@ module IRTest { exists(source.asUninitialized()) } - override predicate isSink(DataFlow::Node sink) { - exists(FunctionCall call | + predicate isSink(DataFlow::Node sink) { + exists(FunctionCall call, Expr e | e = call.getAnArgument() | call.getTarget().getName() = "sink" and - call.getAnArgument() in [sink.asExpr(), sink.asIndirectExpr()] + sink.asExpr() = e + or + call.getTarget().getName() = "indirect_sink" and + sink.asIndirectExpr() = e ) } - override predicate isBarrier(DataFlow::Node barrier) { + predicate isBarrier(DataFlow::Node barrier) { exists(Expr barrierExpr | barrierExpr in [barrier.asExpr(), barrier.asIndirectExpr()] | barrierExpr.(VariableAccess).getTarget().hasName("barrier") ) @@ -99,4 +100,8 @@ module IRTest { barrier = DataFlow::BarrierGuard::getAnIndirectBarrierNode() } } + + module IRFlow = DataFlow::Global; } + +import MakeTest, IRFlowTest>> diff --git a/cpp/ql/test/library-tests/dataflow/fields/ASTConfiguration.qll b/cpp/ql/test/library-tests/dataflow/fields/ASTConfiguration.qll index 39d6cff3492..b0d5b607de9 100644 --- a/cpp/ql/test/library-tests/dataflow/fields/ASTConfiguration.qll +++ b/cpp/ql/test/library-tests/dataflow/fields/ASTConfiguration.qll @@ -1,10 +1,8 @@ private import semmle.code.cpp.dataflow.DataFlow private import DataFlow -class AstConf extends Configuration { - AstConf() { this = "ASTFieldFlowConf" } - - override predicate isSource(Node src) { +module AstConfig implements ConfigSig { + predicate isSource(Node src) { src.asExpr() instanceof NewExpr or src.asExpr().(Call).getTarget().hasName("user_input") @@ -15,14 +13,14 @@ class AstConf extends Configuration { ) } - override predicate isSink(Node sink) { + predicate isSink(Node sink) { exists(Call c | c.getTarget().hasName("sink") and c.getAnArgument() = sink.asExpr() ) } - override predicate isAdditionalFlowStep(Node a, Node b) { + predicate isAdditionalFlowStep(Node a, Node b) { b.asPartialDefinition() = any(Call c | c.getTarget().hasName("insert") and c.getAnArgument() = a.asExpr()) .getQualifier() @@ -31,5 +29,4 @@ class AstConf extends Configuration { } } -/** DEPRECATED: Alias for AstConf */ -deprecated class ASTConf = AstConf; +module AstFlow = Global; diff --git a/cpp/ql/test/library-tests/dataflow/fields/IRConfiguration.qll b/cpp/ql/test/library-tests/dataflow/fields/IRConfiguration.qll index dac495f132b..494d15efb9c 100644 --- a/cpp/ql/test/library-tests/dataflow/fields/IRConfiguration.qll +++ b/cpp/ql/test/library-tests/dataflow/fields/IRConfiguration.qll @@ -1,10 +1,8 @@ private import semmle.code.cpp.ir.dataflow.DataFlow private import DataFlow -class IRConf extends Configuration { - IRConf() { this = "IRFieldFlowConf" } - - override predicate isSource(Node src) { +module IRConfig implements ConfigSig { + predicate isSource(Node src) { src.asExpr() instanceof NewExpr or src.asExpr().(Call).getTarget().hasName("user_input") @@ -15,14 +13,14 @@ class IRConf extends Configuration { ) } - override predicate isSink(Node sink) { + predicate isSink(Node sink) { exists(Call c | c.getTarget().hasName("sink") and c.getAnArgument() = [sink.asExpr(), sink.asIndirectExpr(), sink.asConvertedExpr()] ) } - override predicate isAdditionalFlowStep(Node a, Node b) { + predicate isAdditionalFlowStep(Node a, Node b) { b.asPartialDefinition() = any(Call c | c.getTarget().hasName("insert") and c.getAnArgument() = a.asExpr()) .getQualifier() @@ -30,3 +28,5 @@ class IRConf extends Configuration { b.asExpr().(AddressOfExpr).getOperand() = a.asExpr() } } + +module IRFlow = Global; diff --git a/cpp/ql/test/library-tests/dataflow/fields/Nodes.qll b/cpp/ql/test/library-tests/dataflow/fields/Nodes.qll index 2c3186b3dfa..7313518af91 100644 --- a/cpp/ql/test/library-tests/dataflow/fields/Nodes.qll +++ b/cpp/ql/test/library-tests/dataflow/fields/Nodes.qll @@ -14,7 +14,7 @@ class Node extends TNode { AST::DataFlow::Node asAst() { none() } /** DEPRECATED: Alias for asAst */ - deprecated AST::DataFlow::Node asAST() { result = asAst() } + deprecated AST::DataFlow::Node asAST() { result = this.asAst() } Location getLocation() { none() } } @@ -29,7 +29,7 @@ class AstNode extends Node, TAstNode { override AST::DataFlow::Node asAst() { result = n } /** DEPRECATED: Alias for asAst */ - deprecated override AST::DataFlow::Node asAST() { result = asAst() } + deprecated override AST::DataFlow::Node asAST() { result = this.asAst() } override Location getLocation() { result = n.getLocation() } } diff --git a/cpp/ql/test/library-tests/dataflow/fields/dataflow-ir-consistency.expected b/cpp/ql/test/library-tests/dataflow/fields/dataflow-ir-consistency.expected index 29bb90d455c..ba007019708 100644 --- a/cpp/ql/test/library-tests/dataflow/fields/dataflow-ir-consistency.expected +++ b/cpp/ql/test/library-tests/dataflow/fields/dataflow-ir-consistency.expected @@ -42,379 +42,3 @@ uniqueParameterNodeAtPosition uniqueParameterNodePosition uniqueContentApprox identityLocalStep -| A.cpp:25:7:25:10 | this | Node steps to itself | -| A.cpp:25:7:25:10 | this indirection | Node steps to itself | -| A.cpp:25:17:25:17 | c | Node steps to itself | -| A.cpp:27:22:27:25 | this | Node steps to itself | -| A.cpp:27:22:27:25 | this indirection | Node steps to itself | -| A.cpp:27:32:27:32 | c | Node steps to itself | -| A.cpp:28:23:28:26 | this | Node steps to itself | -| A.cpp:28:23:28:26 | this indirection | Node steps to itself | -| A.cpp:31:20:31:20 | c | Node steps to itself | -| A.cpp:31:20:31:20 | c indirection | Node steps to itself | -| A.cpp:41:15:41:21 | new indirection | Node steps to itself | -| A.cpp:48:20:48:20 | c | Node steps to itself | -| A.cpp:48:20:48:20 | c indirection | Node steps to itself | -| A.cpp:49:10:49:10 | b | Node steps to itself | -| A.cpp:49:10:49:10 | b indirection | Node steps to itself | -| A.cpp:55:5:55:5 | b | Node steps to itself | -| A.cpp:55:12:55:19 | new indirection | Node steps to itself | -| A.cpp:56:10:56:10 | b | Node steps to itself | -| A.cpp:56:10:56:10 | b indirection | Node steps to itself | -| A.cpp:64:10:64:15 | this | Node steps to itself | -| A.cpp:64:10:64:15 | this indirection | Node steps to itself | -| A.cpp:64:17:64:18 | b1 | Node steps to itself | -| A.cpp:64:21:64:28 | new indirection | Node steps to itself | -| A.cpp:65:10:65:11 | b1 | Node steps to itself | -| A.cpp:65:10:65:11 | b1 indirection | Node steps to itself | -| A.cpp:66:10:66:11 | b2 | Node steps to itself | -| A.cpp:66:10:66:11 | b2 indirection | Node steps to itself | -| A.cpp:73:10:73:19 | this | Node steps to itself | -| A.cpp:73:10:73:19 | this indirection | Node steps to itself | -| A.cpp:73:21:73:22 | b1 | Node steps to itself | -| A.cpp:73:25:73:32 | new indirection | Node steps to itself | -| A.cpp:74:10:74:11 | b1 | Node steps to itself | -| A.cpp:74:10:74:11 | b1 indirection | Node steps to itself | -| A.cpp:75:10:75:11 | b2 | Node steps to itself | -| A.cpp:75:10:75:11 | b2 indirection | Node steps to itself | -| A.cpp:81:10:81:15 | this | Node steps to itself | -| A.cpp:81:17:81:18 | b1 | Node steps to itself | -| A.cpp:81:21:81:21 | c | Node steps to itself | -| A.cpp:81:21:81:21 | c indirection | Node steps to itself | -| A.cpp:82:12:82:12 | this | Node steps to itself | -| A.cpp:82:12:82:12 | this indirection | Node steps to itself | -| A.cpp:82:12:82:24 | ... ? ... : ... | Node steps to itself | -| A.cpp:82:18:82:19 | b1 | Node steps to itself | -| A.cpp:82:23:82:24 | b2 | Node steps to itself | -| A.cpp:87:9:87:9 | this | Node steps to itself | -| A.cpp:87:9:87:9 | this indirection | Node steps to itself | -| A.cpp:90:7:90:8 | b2 | Node steps to itself | -| A.cpp:90:15:90:15 | c | Node steps to itself | -| A.cpp:90:15:90:15 | c indirection | Node steps to itself | -| A.cpp:91:14:91:15 | b2 | Node steps to itself | -| A.cpp:93:12:93:13 | b1 | Node steps to itself | -| A.cpp:100:5:100:6 | c1 | Node steps to itself | -| A.cpp:100:13:100:13 | a | Node steps to itself | -| A.cpp:101:5:101:6 | this | Node steps to itself | -| A.cpp:101:5:101:6 | this indirection | Node steps to itself | -| A.cpp:101:8:101:9 | c1 indirection | Node steps to itself | -| A.cpp:105:13:105:14 | c1 | Node steps to itself | -| A.cpp:107:12:107:13 | c1 | Node steps to itself | -| A.cpp:107:12:107:13 | c1 indirection | Node steps to itself | -| A.cpp:110:13:110:14 | c2 | Node steps to itself | -| A.cpp:118:13:118:14 | c1 | Node steps to itself | -| A.cpp:120:12:120:13 | c1 | Node steps to itself | -| A.cpp:120:12:120:13 | c1 indirection | Node steps to itself | -| A.cpp:126:5:126:5 | b | Node steps to itself | -| A.cpp:126:5:126:5 | b indirection | Node steps to itself | -| A.cpp:131:5:131:6 | this | Node steps to itself | -| A.cpp:131:5:131:6 | this indirection | Node steps to itself | -| A.cpp:131:8:131:8 | b | Node steps to itself | -| A.cpp:132:10:132:10 | b | Node steps to itself | -| A.cpp:132:10:132:10 | b indirection | Node steps to itself | -| A.cpp:142:7:142:7 | b | Node steps to itself | -| A.cpp:143:7:143:10 | this | Node steps to itself | -| A.cpp:143:7:143:10 | this indirection | Node steps to itself | -| A.cpp:143:17:143:17 | x | Node steps to itself | -| A.cpp:143:17:143:31 | ... ? ... : ... | Node steps to itself | -| A.cpp:143:21:143:21 | b | Node steps to itself | -| A.cpp:151:18:151:18 | b | Node steps to itself | -| A.cpp:151:21:151:21 | this | Node steps to itself | -| A.cpp:151:21:151:21 | this indirection | Node steps to itself | -| A.cpp:152:10:152:10 | d | Node steps to itself | -| A.cpp:153:10:153:10 | d | Node steps to itself | -| A.cpp:153:10:153:10 | d indirection | Node steps to itself | -| A.cpp:154:10:154:10 | b | Node steps to itself | -| A.cpp:154:10:154:10 | b indirection | Node steps to itself | -| A.cpp:160:29:160:29 | b | Node steps to itself | -| A.cpp:160:29:160:29 | b indirection | Node steps to itself | -| A.cpp:161:38:161:39 | l1 | Node steps to itself | -| A.cpp:161:38:161:39 | l1 indirection | Node steps to itself | -| A.cpp:162:38:162:39 | l2 | Node steps to itself | -| A.cpp:162:38:162:39 | l2 indirection | Node steps to itself | -| A.cpp:163:10:163:11 | l3 | Node steps to itself | -| A.cpp:164:10:164:11 | l3 | Node steps to itself | -| A.cpp:165:10:165:11 | l3 | Node steps to itself | -| A.cpp:166:10:166:11 | l3 | Node steps to itself | -| A.cpp:167:22:167:23 | l3 | Node steps to itself | -| A.cpp:167:26:167:26 | Phi | Node steps to itself | -| A.cpp:167:26:167:26 | l | Node steps to itself | -| A.cpp:167:44:167:44 | l | Node steps to itself | -| A.cpp:167:44:167:44 | l indirection | Node steps to itself | -| A.cpp:169:12:169:12 | l | Node steps to itself | -| A.cpp:183:7:183:10 | this | Node steps to itself | -| A.cpp:183:14:183:20 | newHead | Node steps to itself | -| A.cpp:184:7:184:10 | this | Node steps to itself | -| A.cpp:184:7:184:10 | this indirection | Node steps to itself | -| A.cpp:184:20:184:23 | next | Node steps to itself | -| B.cpp:7:25:7:25 | e | Node steps to itself | -| B.cpp:7:25:7:25 | e indirection | Node steps to itself | -| B.cpp:8:25:8:26 | b1 | Node steps to itself | -| B.cpp:8:25:8:26 | b1 indirection | Node steps to itself | -| B.cpp:9:10:9:11 | b2 | Node steps to itself | -| B.cpp:10:10:10:11 | b2 | Node steps to itself | -| B.cpp:10:10:10:11 | b2 indirection | Node steps to itself | -| B.cpp:16:37:16:37 | e | Node steps to itself | -| B.cpp:16:37:16:37 | e indirection | Node steps to itself | -| B.cpp:17:25:17:26 | b1 | Node steps to itself | -| B.cpp:17:25:17:26 | b1 indirection | Node steps to itself | -| B.cpp:18:10:18:11 | b2 | Node steps to itself | -| B.cpp:19:10:19:11 | b2 | Node steps to itself | -| B.cpp:19:10:19:11 | b2 indirection | Node steps to itself | -| B.cpp:35:7:35:10 | this | Node steps to itself | -| B.cpp:35:21:35:22 | e1 | Node steps to itself | -| B.cpp:36:7:36:10 | this | Node steps to itself | -| B.cpp:36:7:36:10 | this indirection | Node steps to itself | -| B.cpp:36:21:36:22 | e2 | Node steps to itself | -| B.cpp:46:7:46:10 | this | Node steps to itself | -| B.cpp:46:7:46:10 | this indirection | Node steps to itself | -| B.cpp:46:20:46:21 | b1 | Node steps to itself | -| C.cpp:19:5:19:5 | c | Node steps to itself | -| C.cpp:19:5:19:5 | c indirection | Node steps to itself | -| C.cpp:24:5:24:8 | this | Node steps to itself | -| C.cpp:24:5:24:8 | this indirection | Node steps to itself | -| C.cpp:29:10:29:11 | this | Node steps to itself | -| C.cpp:30:10:30:11 | this | Node steps to itself | -| C.cpp:31:10:31:11 | this | Node steps to itself | -| C.cpp:31:10:31:11 | this indirection | Node steps to itself | -| D.cpp:9:21:9:24 | this | Node steps to itself | -| D.cpp:9:21:9:24 | this indirection | Node steps to itself | -| D.cpp:9:28:9:28 | e | Node steps to itself | -| D.cpp:10:30:10:33 | this | Node steps to itself | -| D.cpp:10:30:10:33 | this indirection | Node steps to itself | -| D.cpp:11:29:11:32 | this | Node steps to itself | -| D.cpp:11:29:11:32 | this indirection | Node steps to itself | -| D.cpp:11:36:11:36 | e | Node steps to itself | -| D.cpp:16:21:16:23 | this | Node steps to itself | -| D.cpp:16:21:16:23 | this indirection | Node steps to itself | -| D.cpp:16:27:16:27 | b | Node steps to itself | -| D.cpp:17:30:17:32 | this | Node steps to itself | -| D.cpp:17:30:17:32 | this indirection | Node steps to itself | -| D.cpp:18:29:18:31 | this | Node steps to itself | -| D.cpp:18:29:18:31 | this indirection | Node steps to itself | -| D.cpp:18:35:18:35 | b | Node steps to itself | -| D.cpp:22:10:22:11 | b2 | Node steps to itself | -| D.cpp:22:10:22:11 | b2 indirection | Node steps to itself | -| D.cpp:30:5:30:5 | b | Node steps to itself | -| D.cpp:30:20:30:20 | e | Node steps to itself | -| D.cpp:31:14:31:14 | b | Node steps to itself | -| D.cpp:31:14:31:14 | b indirection | Node steps to itself | -| D.cpp:37:5:37:5 | b | Node steps to itself | -| D.cpp:37:21:37:21 | e | Node steps to itself | -| D.cpp:37:21:37:21 | e indirection | Node steps to itself | -| D.cpp:38:14:38:14 | b | Node steps to itself | -| D.cpp:38:14:38:14 | b indirection | Node steps to itself | -| D.cpp:44:5:44:5 | b | Node steps to itself | -| D.cpp:44:26:44:26 | e | Node steps to itself | -| D.cpp:45:14:45:14 | b | Node steps to itself | -| D.cpp:45:14:45:14 | b indirection | Node steps to itself | -| D.cpp:51:5:51:5 | b | Node steps to itself | -| D.cpp:51:27:51:27 | e | Node steps to itself | -| D.cpp:51:27:51:27 | e indirection | Node steps to itself | -| D.cpp:52:14:52:14 | b | Node steps to itself | -| D.cpp:52:14:52:14 | b indirection | Node steps to itself | -| D.cpp:57:5:57:12 | this | Node steps to itself | -| D.cpp:58:5:58:12 | this | Node steps to itself | -| D.cpp:58:27:58:27 | e | Node steps to itself | -| D.cpp:59:5:59:7 | this | Node steps to itself | -| D.cpp:59:5:59:7 | this indirection | Node steps to itself | -| D.cpp:64:10:64:17 | this | Node steps to itself | -| D.cpp:64:10:64:17 | this indirection | Node steps to itself | -| E.cpp:21:10:21:10 | p | Node steps to itself | -| E.cpp:21:10:21:10 | p indirection | Node steps to itself | -| E.cpp:29:21:29:21 | b | Node steps to itself | -| E.cpp:31:10:31:12 | raw | Node steps to itself | -| E.cpp:31:10:31:12 | raw indirection | Node steps to itself | -| E.cpp:32:10:32:10 | b | Node steps to itself | -| E.cpp:32:10:32:10 | b indirection | Node steps to itself | -| aliasing.cpp:9:3:9:3 | s | Node steps to itself | -| aliasing.cpp:9:3:9:3 | s indirection | Node steps to itself | -| aliasing.cpp:13:3:13:3 | s indirection | Node steps to itself | -| aliasing.cpp:27:14:27:15 | s3 | Node steps to itself | -| aliasing.cpp:37:3:37:6 | ref1 indirection | Node steps to itself | -| aliasing.cpp:43:8:43:11 | ref2 indirection | Node steps to itself | -| aliasing.cpp:48:13:48:14 | s1 | Node steps to itself | -| aliasing.cpp:53:13:53:14 | s2 | Node steps to itself | -| aliasing.cpp:61:13:61:14 | s2 | Node steps to itself | -| aliasing.cpp:79:3:79:3 | s | Node steps to itself | -| aliasing.cpp:79:3:79:3 | s indirection | Node steps to itself | -| aliasing.cpp:86:3:86:3 | s indirection | Node steps to itself | -| aliasing.cpp:100:14:100:14 | s | Node steps to itself | -| aliasing.cpp:102:9:102:10 | px | Node steps to itself | -| aliasing.cpp:121:15:121:16 | xs | Node steps to itself | -| aliasing.cpp:122:8:122:9 | xs | Node steps to itself | -| aliasing.cpp:126:15:126:16 | xs | Node steps to itself | -| aliasing.cpp:127:10:127:11 | xs | Node steps to itself | -| aliasing.cpp:131:15:131:16 | xs | Node steps to itself | -| aliasing.cpp:147:16:147:16 | s | Node steps to itself | -| aliasing.cpp:148:8:148:8 | s | Node steps to itself | -| aliasing.cpp:188:13:188:14 | s2 | Node steps to itself | -| aliasing.cpp:195:13:195:14 | s2 | Node steps to itself | -| aliasing.cpp:200:16:200:18 | ps2 | Node steps to itself | -| aliasing.cpp:201:8:201:10 | ps2 | Node steps to itself | -| aliasing.cpp:201:8:201:10 | ps2 indirection | Node steps to itself | -| aliasing.cpp:205:16:205:18 | ps2 | Node steps to itself | -| aliasing.cpp:206:8:206:10 | ps2 | Node steps to itself | -| aliasing.cpp:206:8:206:10 | ps2 indirection | Node steps to itself | -| arrays.cpp:9:8:9:11 | * ... | Node steps to itself | -| by_reference.cpp:12:5:12:5 | s | Node steps to itself | -| by_reference.cpp:12:5:12:5 | s indirection | Node steps to itself | -| by_reference.cpp:12:12:12:16 | value | Node steps to itself | -| by_reference.cpp:16:5:16:8 | this | Node steps to itself | -| by_reference.cpp:16:5:16:8 | this indirection | Node steps to itself | -| by_reference.cpp:16:15:16:19 | value | Node steps to itself | -| by_reference.cpp:20:5:20:8 | this | Node steps to itself | -| by_reference.cpp:20:5:20:8 | this indirection | Node steps to itself | -| by_reference.cpp:20:23:20:27 | value | Node steps to itself | -| by_reference.cpp:20:23:20:27 | value indirection | Node steps to itself | -| by_reference.cpp:20:23:20:27 | value indirection | Node steps to itself | -| by_reference.cpp:24:19:24:22 | this | Node steps to itself | -| by_reference.cpp:24:19:24:22 | this indirection | Node steps to itself | -| by_reference.cpp:24:25:24:29 | value | Node steps to itself | -| by_reference.cpp:24:25:24:29 | value indirection | Node steps to itself | -| by_reference.cpp:24:25:24:29 | value indirection | Node steps to itself | -| by_reference.cpp:32:12:32:12 | s | Node steps to itself | -| by_reference.cpp:32:12:32:12 | s indirection | Node steps to itself | -| by_reference.cpp:36:12:36:15 | this | Node steps to itself | -| by_reference.cpp:36:12:36:15 | this indirection | Node steps to itself | -| by_reference.cpp:40:12:40:15 | this | Node steps to itself | -| by_reference.cpp:40:12:40:15 | this indirection | Node steps to itself | -| by_reference.cpp:44:26:44:29 | this | Node steps to itself | -| by_reference.cpp:44:26:44:29 | this indirection | Node steps to itself | -| by_reference.cpp:84:3:84:7 | inner | Node steps to itself | -| by_reference.cpp:84:3:84:7 | inner indirection | Node steps to itself | -| by_reference.cpp:88:3:88:7 | inner indirection | Node steps to itself | -| by_reference.cpp:106:22:106:27 | pouter | Node steps to itself | -| by_reference.cpp:107:21:107:26 | pouter | Node steps to itself | -| by_reference.cpp:108:16:108:21 | pouter | Node steps to itself | -| by_reference.cpp:114:8:114:13 | pouter | Node steps to itself | -| by_reference.cpp:115:8:115:13 | pouter | Node steps to itself | -| by_reference.cpp:116:8:116:13 | pouter | Node steps to itself | -| by_reference.cpp:116:8:116:13 | pouter indirection | Node steps to itself | -| by_reference.cpp:126:21:126:26 | pouter | Node steps to itself | -| by_reference.cpp:127:22:127:27 | pouter | Node steps to itself | -| by_reference.cpp:128:15:128:20 | pouter | Node steps to itself | -| by_reference.cpp:134:8:134:13 | pouter | Node steps to itself | -| by_reference.cpp:135:8:135:13 | pouter | Node steps to itself | -| by_reference.cpp:136:8:136:13 | pouter | Node steps to itself | -| by_reference.cpp:136:8:136:13 | pouter indirection | Node steps to itself | -| complex.cpp:9:20:9:21 | this | Node steps to itself | -| complex.cpp:9:20:9:21 | this indirection | Node steps to itself | -| complex.cpp:10:20:10:21 | this | Node steps to itself | -| complex.cpp:10:20:10:21 | this indirection | Node steps to itself | -| complex.cpp:11:22:11:23 | this | Node steps to itself | -| complex.cpp:11:22:11:23 | this indirection | Node steps to itself | -| complex.cpp:11:27:11:27 | a | Node steps to itself | -| complex.cpp:12:22:12:23 | this | Node steps to itself | -| complex.cpp:12:22:12:23 | this indirection | Node steps to itself | -| complex.cpp:12:27:12:27 | b | Node steps to itself | -| complex.cpp:14:26:14:26 | a | Node steps to itself | -| complex.cpp:14:33:14:33 | b | Node steps to itself | -| complex.cpp:43:8:43:8 | b indirection | Node steps to itself | -| conflated.cpp:11:9:11:10 | ra indirection | Node steps to itself | -| conflated.cpp:20:8:20:10 | raw indirection | Node steps to itself | -| conflated.cpp:29:3:29:4 | pa | Node steps to itself | -| conflated.cpp:30:8:30:9 | pa | Node steps to itself | -| conflated.cpp:30:8:30:9 | pa indirection | Node steps to itself | -| conflated.cpp:35:8:35:14 | unknown | Node steps to itself | -| conflated.cpp:35:8:35:28 | ... ? ... : ... | Node steps to itself | -| conflated.cpp:35:18:35:20 | arg | Node steps to itself | -| conflated.cpp:36:3:36:4 | pa | Node steps to itself | -| conflated.cpp:37:8:37:9 | pa | Node steps to itself | -| conflated.cpp:37:8:37:9 | pa indirection | Node steps to itself | -| conflated.cpp:45:39:45:42 | next | Node steps to itself | -| conflated.cpp:53:3:53:4 | ll | Node steps to itself | -| conflated.cpp:54:3:54:4 | ll | Node steps to itself | -| conflated.cpp:55:8:55:9 | ll | Node steps to itself | -| conflated.cpp:55:8:55:9 | ll indirection | Node steps to itself | -| conflated.cpp:59:35:59:38 | next | Node steps to itself | -| conflated.cpp:59:35:59:38 | next indirection | Node steps to itself | -| conflated.cpp:60:3:60:4 | ll | Node steps to itself | -| conflated.cpp:61:8:61:9 | ll | Node steps to itself | -| conflated.cpp:61:8:61:9 | ll indirection | Node steps to itself | -| constructors.cpp:18:22:18:23 | this | Node steps to itself | -| constructors.cpp:18:22:18:23 | this indirection | Node steps to itself | -| constructors.cpp:19:22:19:23 | this | Node steps to itself | -| constructors.cpp:19:22:19:23 | this indirection | Node steps to itself | -| constructors.cpp:20:24:20:25 | this | Node steps to itself | -| constructors.cpp:20:24:20:25 | this indirection | Node steps to itself | -| constructors.cpp:20:29:20:29 | a | Node steps to itself | -| constructors.cpp:21:24:21:25 | this | Node steps to itself | -| constructors.cpp:21:24:21:25 | this indirection | Node steps to itself | -| constructors.cpp:21:29:21:29 | b | Node steps to itself | -| constructors.cpp:23:28:23:28 | a | Node steps to itself | -| constructors.cpp:23:35:23:35 | b | Node steps to itself | -| constructors.cpp:29:10:29:10 | f indirection | Node steps to itself | -| qualifiers.cpp:9:30:9:33 | this | Node steps to itself | -| qualifiers.cpp:9:30:9:33 | this indirection | Node steps to itself | -| qualifiers.cpp:9:40:9:44 | value | Node steps to itself | -| qualifiers.cpp:12:49:12:53 | inner | Node steps to itself | -| qualifiers.cpp:12:49:12:53 | inner indirection | Node steps to itself | -| qualifiers.cpp:12:60:12:64 | value | Node steps to itself | -| qualifiers.cpp:13:51:13:55 | inner indirection | Node steps to itself | -| qualifiers.cpp:13:61:13:65 | value | Node steps to itself | -| qualifiers.cpp:18:32:18:36 | this | Node steps to itself | -| qualifiers.cpp:18:32:18:36 | this indirection | Node steps to itself | -| realistic.cpp:24:9:24:12 | size | Node steps to itself | -| realistic.cpp:25:30:25:35 | offset | Node steps to itself | -| realistic.cpp:26:15:26:18 | size | Node steps to itself | -| realistic.cpp:27:12:27:12 | m | Node steps to itself | -| realistic.cpp:32:13:32:13 | d | Node steps to itself | -| realistic.cpp:32:17:32:19 | num | Node steps to itself | -| realistic.cpp:33:11:33:11 | Phi | Node steps to itself | -| realistic.cpp:33:11:33:11 | Phi | Node steps to itself | -| realistic.cpp:33:11:33:11 | Phi | Node steps to itself | -| realistic.cpp:33:11:33:11 | Phi | Node steps to itself | -| realistic.cpp:33:11:33:11 | Phi | Node steps to itself | -| realistic.cpp:33:11:33:11 | d | Node steps to itself | -| realistic.cpp:33:16:33:16 | e | Node steps to itself | -| realistic.cpp:36:12:36:22 | destination | Node steps to itself | -| realistic.cpp:42:20:42:20 | o | Node steps to itself | -| realistic.cpp:42:20:42:20 | o indirection | Node steps to itself | -| realistic.cpp:42:20:42:20 | o indirection | Node steps to itself | -| realistic.cpp:48:21:48:21 | Phi | Node steps to itself | -| realistic.cpp:48:21:48:21 | Phi | Node steps to itself | -| realistic.cpp:48:21:48:21 | Phi | Node steps to itself | -| realistic.cpp:48:21:48:21 | Phi | Node steps to itself | -| realistic.cpp:48:21:48:21 | i | Node steps to itself | -| realistic.cpp:48:34:48:34 | i | Node steps to itself | -| realistic.cpp:49:17:49:17 | i | Node steps to itself | -| realistic.cpp:52:11:52:11 | Phi | Node steps to itself | -| realistic.cpp:52:11:52:11 | Phi | Node steps to itself | -| realistic.cpp:52:11:52:11 | Phi | Node steps to itself | -| realistic.cpp:52:11:52:11 | Phi | Node steps to itself | -| realistic.cpp:52:11:52:11 | Phi | Node steps to itself | -| realistic.cpp:52:11:52:11 | Phi | Node steps to itself | -| realistic.cpp:52:11:52:11 | i | Node steps to itself | -| realistic.cpp:53:17:53:17 | i | Node steps to itself | -| realistic.cpp:54:24:54:24 | i | Node steps to itself | -| realistic.cpp:55:20:55:20 | i | Node steps to itself | -| realistic.cpp:57:96:57:96 | i | Node steps to itself | -| realistic.cpp:60:29:60:29 | i | Node steps to itself | -| realistic.cpp:60:63:60:63 | i | Node steps to itself | -| realistic.cpp:61:29:61:29 | i | Node steps to itself | -| realistic.cpp:65:29:65:29 | i | Node steps to itself | -| realistic.cpp:67:9:67:9 | i | Node steps to itself | -| simple.cpp:18:22:18:23 | this | Node steps to itself | -| simple.cpp:18:22:18:23 | this indirection | Node steps to itself | -| simple.cpp:19:22:19:23 | this | Node steps to itself | -| simple.cpp:19:22:19:23 | this indirection | Node steps to itself | -| simple.cpp:20:24:20:25 | this | Node steps to itself | -| simple.cpp:20:24:20:25 | this indirection | Node steps to itself | -| simple.cpp:20:29:20:29 | a | Node steps to itself | -| simple.cpp:21:24:21:25 | this | Node steps to itself | -| simple.cpp:21:24:21:25 | this indirection | Node steps to itself | -| simple.cpp:21:29:21:29 | b | Node steps to itself | -| simple.cpp:23:28:23:28 | a | Node steps to itself | -| simple.cpp:23:35:23:35 | b | Node steps to itself | -| simple.cpp:29:10:29:10 | f indirection | Node steps to itself | -| simple.cpp:66:12:66:12 | a | Node steps to itself | -| simple.cpp:79:16:79:17 | this | Node steps to itself | -| simple.cpp:79:16:79:17 | this indirection | Node steps to itself | -| simple.cpp:83:9:83:10 | this | Node steps to itself | -| simple.cpp:84:14:84:20 | this | Node steps to itself | -| simple.cpp:84:14:84:20 | this indirection | Node steps to itself | -| simple.cpp:93:20:93:20 | a | Node steps to itself | -| struct_init.c:15:8:15:9 | ab | Node steps to itself | -| struct_init.c:16:8:16:9 | ab | Node steps to itself | -| struct_init.c:16:8:16:9 | ab indirection | Node steps to itself | diff --git a/cpp/ql/test/library-tests/dataflow/fields/flow.expected b/cpp/ql/test/library-tests/dataflow/fields/flow.expected index e69de29bb2d..48de9172b36 100644 --- a/cpp/ql/test/library-tests/dataflow/fields/flow.expected +++ b/cpp/ql/test/library-tests/dataflow/fields/flow.expected @@ -0,0 +1,2 @@ +failures +testFailures diff --git a/cpp/ql/test/library-tests/dataflow/fields/flow.ql b/cpp/ql/test/library-tests/dataflow/fields/flow.ql index f902afd33db..433aa0ad68f 100644 --- a/cpp/ql/test/library-tests/dataflow/fields/flow.ql +++ b/cpp/ql/test/library-tests/dataflow/fields/flow.ql @@ -1,9 +1,11 @@ import TestUtilities.dataflow.FlowTestCommon module AstTest { - private import ASTConfiguration + import ASTConfiguration } module IRTest { - private import IRConfiguration + import IRConfiguration } + +import MakeTest, IRFlowTest>> diff --git a/cpp/ql/test/library-tests/dataflow/fields/ir-path-flow.ql b/cpp/ql/test/library-tests/dataflow/fields/ir-path-flow.ql index b918417cd66..d20dec6a94f 100644 --- a/cpp/ql/test/library-tests/dataflow/fields/ir-path-flow.ql +++ b/cpp/ql/test/library-tests/dataflow/fields/ir-path-flow.ql @@ -4,8 +4,8 @@ import semmle.code.cpp.ir.dataflow.DataFlow import IRConfiguration -import DataFlow::PathGraph +import IRFlow::PathGraph -from DataFlow::PathNode src, DataFlow::PathNode sink, IRConf conf -where conf.hasFlowPath(src, sink) +from IRFlow::PathNode src, IRFlow::PathNode sink +where IRFlow::flowPath(src, sink) select sink, src, sink, sink + " flows from $@", src, src.toString() diff --git a/cpp/ql/test/library-tests/dataflow/fields/path-flow.ql b/cpp/ql/test/library-tests/dataflow/fields/path-flow.ql index 7456e114712..6958ae19700 100644 --- a/cpp/ql/test/library-tests/dataflow/fields/path-flow.ql +++ b/cpp/ql/test/library-tests/dataflow/fields/path-flow.ql @@ -4,8 +4,8 @@ import semmle.code.cpp.dataflow.DataFlow import ASTConfiguration -import DataFlow::PathGraph +import AstFlow::PathGraph -from DataFlow::PathNode src, DataFlow::PathNode sink, AstConf conf -where conf.hasFlowPath(src, sink) +from AstFlow::PathNode src, AstFlow::PathNode sink +where AstFlow::flowPath(src, sink) select sink, src, sink, sink + " flows from $@", src, src.toString() diff --git a/cpp/ql/test/library-tests/dataflow/smart-pointers-taint/taint.expected b/cpp/ql/test/library-tests/dataflow/smart-pointers-taint/taint.expected index e69de29bb2d..48de9172b36 100644 --- a/cpp/ql/test/library-tests/dataflow/smart-pointers-taint/taint.expected +++ b/cpp/ql/test/library-tests/dataflow/smart-pointers-taint/taint.expected @@ -0,0 +1,2 @@ +failures +testFailures diff --git a/cpp/ql/test/library-tests/dataflow/smart-pointers-taint/taint.ql b/cpp/ql/test/library-tests/dataflow/smart-pointers-taint/taint.ql index d16552d983d..b887539d588 100644 --- a/cpp/ql/test/library-tests/dataflow/smart-pointers-taint/taint.ql +++ b/cpp/ql/test/library-tests/dataflow/smart-pointers-taint/taint.ql @@ -3,37 +3,39 @@ import TestUtilities.dataflow.FlowTestCommon module AstTest { private import semmle.code.cpp.dataflow.TaintTracking - class AstSmartPointerTaintConfig extends TaintTracking::Configuration { - AstSmartPointerTaintConfig() { this = "ASTSmartPointerTaintConfig" } - - override predicate isSource(DataFlow::Node source) { + module AstSmartPointerTaintConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { source.asExpr().(FunctionCall).getTarget().getName() = "source" } - override predicate isSink(DataFlow::Node sink) { + predicate isSink(DataFlow::Node sink) { exists(FunctionCall call | call.getTarget().getName() = "sink" and sink.asExpr() = call.getAnArgument() ) } } + + module AstFlow = TaintTracking::Global; } module IRTest { private import semmle.code.cpp.ir.dataflow.TaintTracking - class IRSmartPointerTaintConfig extends TaintTracking::Configuration { - IRSmartPointerTaintConfig() { this = "IRSmartPointerTaintConfig" } - - override predicate isSource(DataFlow::Node source) { + module IRSmartPointerTaintConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { source.asExpr().(FunctionCall).getTarget().getName() = "source" } - override predicate isSink(DataFlow::Node sink) { + predicate isSink(DataFlow::Node sink) { exists(FunctionCall call | call.getTarget().getName() = "sink" and sink.asExpr() = call.getAnArgument() ) } } + + module IRFlow = TaintTracking::Global; } + +import MakeTest, IRFlowTest>> diff --git a/cpp/ql/test/library-tests/dataflow/source-sink-tests/local-flow.expected b/cpp/ql/test/library-tests/dataflow/source-sink-tests/local-flow.expected index e69de29bb2d..48de9172b36 100644 --- a/cpp/ql/test/library-tests/dataflow/source-sink-tests/local-flow.expected +++ b/cpp/ql/test/library-tests/dataflow/source-sink-tests/local-flow.expected @@ -0,0 +1,2 @@ +failures +testFailures diff --git a/cpp/ql/test/library-tests/dataflow/source-sink-tests/local-flow.ql b/cpp/ql/test/library-tests/dataflow/source-sink-tests/local-flow.ql index cb687f1d3bf..15f5f43576a 100644 --- a/cpp/ql/test/library-tests/dataflow/source-sink-tests/local-flow.ql +++ b/cpp/ql/test/library-tests/dataflow/source-sink-tests/local-flow.ql @@ -4,12 +4,10 @@ import cpp import TestUtilities.InlineExpectationsTest import semmle.code.cpp.security.FlowSources -class LocalFlowSourceTest extends InlineExpectationsTest { - LocalFlowSourceTest() { this = "LocalFlowSourceTest" } +module LocalFlowSourceTest implements TestSig { + string getARelevantTag() { result = "local_source" } - override string getARelevantTag() { result = "local_source" } - - override predicate hasActualResult(Location location, string element, string tag, string value) { + predicate hasActualResult(Location location, string element, string tag, string value) { tag = "local_source" and exists(LocalFlowSource node, int n | n = @@ -30,3 +28,5 @@ class LocalFlowSourceTest extends InlineExpectationsTest { ) } } + +import MakeTest diff --git a/cpp/ql/test/library-tests/dataflow/source-sink-tests/remote-flow.expected b/cpp/ql/test/library-tests/dataflow/source-sink-tests/remote-flow.expected index e69de29bb2d..48de9172b36 100644 --- a/cpp/ql/test/library-tests/dataflow/source-sink-tests/remote-flow.expected +++ b/cpp/ql/test/library-tests/dataflow/source-sink-tests/remote-flow.expected @@ -0,0 +1,2 @@ +failures +testFailures diff --git a/cpp/ql/test/library-tests/dataflow/source-sink-tests/remote-flow.ql b/cpp/ql/test/library-tests/dataflow/source-sink-tests/remote-flow.ql index 703b62b9ffc..45427141fe0 100644 --- a/cpp/ql/test/library-tests/dataflow/source-sink-tests/remote-flow.ql +++ b/cpp/ql/test/library-tests/dataflow/source-sink-tests/remote-flow.ql @@ -4,12 +4,10 @@ import cpp import TestUtilities.InlineExpectationsTest import semmle.code.cpp.security.FlowSources -class RemoteFlowSourceTest extends InlineExpectationsTest { - RemoteFlowSourceTest() { this = "RemoteFlowSourceTest" } +module RemoteFlowSourceTest implements TestSig { + string getARelevantTag() { result = "remote_source" } - override string getARelevantTag() { result = "remote_source" } - - override predicate hasActualResult(Location location, string element, string tag, string value) { + predicate hasActualResult(Location location, string element, string tag, string value) { tag = "remote_source" and exists(RemoteFlowSource node, int n | n = @@ -31,12 +29,10 @@ class RemoteFlowSourceTest extends InlineExpectationsTest { } } -class RemoteFlowSinkTest extends InlineExpectationsTest { - RemoteFlowSinkTest() { this = "RemoteFlowSinkTest" } +module RemoteFlowSinkTest implements TestSig { + string getARelevantTag() { result = "remote_sink" } - override string getARelevantTag() { result = "remote_sink" } - - override predicate hasActualResult(Location location, string element, string tag, string value) { + predicate hasActualResult(Location location, string element, string tag, string value) { tag = "remote_sink" and exists(RemoteFlowSink node, int n | n = @@ -57,3 +53,5 @@ class RemoteFlowSinkTest extends InlineExpectationsTest { ) } } + +import MakeTest> diff --git a/cpp/ql/test/library-tests/dataflow/taint-tests/localTaint.expected b/cpp/ql/test/library-tests/dataflow/taint-tests/localTaint.expected index 85fc3526dc7..907cccd197b 100644 --- a/cpp/ql/test/library-tests/dataflow/taint-tests/localTaint.expected +++ b/cpp/ql/test/library-tests/dataflow/taint-tests/localTaint.expected @@ -8090,20 +8090,20 @@ | vector.cpp:520:25:520:31 | call to vector | vector.cpp:523:8:523:9 | vs | | | vector.cpp:520:25:520:31 | call to vector | vector.cpp:524:8:524:9 | vs | | | vector.cpp:520:25:520:31 | call to vector | vector.cpp:526:8:526:9 | vs | | -| vector.cpp:520:25:520:31 | call to vector | vector.cpp:539:8:539:9 | vs | | -| vector.cpp:520:25:520:31 | call to vector | vector.cpp:540:2:540:2 | vs | | +| vector.cpp:520:25:520:31 | call to vector | vector.cpp:532:8:532:9 | vs | | +| vector.cpp:520:25:520:31 | call to vector | vector.cpp:533:2:533:2 | vs | | | vector.cpp:520:30:520:30 | 0 | vector.cpp:520:25:520:31 | call to vector | TAINT | | vector.cpp:523:8:523:9 | ref arg vs | vector.cpp:524:8:524:9 | vs | | | vector.cpp:523:8:523:9 | ref arg vs | vector.cpp:526:8:526:9 | vs | | -| vector.cpp:523:8:523:9 | ref arg vs | vector.cpp:539:8:539:9 | vs | | -| vector.cpp:523:8:523:9 | ref arg vs | vector.cpp:540:2:540:2 | vs | | +| vector.cpp:523:8:523:9 | ref arg vs | vector.cpp:532:8:532:9 | vs | | +| vector.cpp:523:8:523:9 | ref arg vs | vector.cpp:533:2:533:2 | vs | | | vector.cpp:523:8:523:9 | vs | vector.cpp:523:10:523:10 | call to operator[] | TAINT | | vector.cpp:524:8:524:9 | ref arg vs | vector.cpp:526:8:526:9 | vs | | -| vector.cpp:524:8:524:9 | ref arg vs | vector.cpp:539:8:539:9 | vs | | -| vector.cpp:524:8:524:9 | ref arg vs | vector.cpp:540:2:540:2 | vs | | +| vector.cpp:524:8:524:9 | ref arg vs | vector.cpp:532:8:532:9 | vs | | +| vector.cpp:524:8:524:9 | ref arg vs | vector.cpp:533:2:533:2 | vs | | | vector.cpp:524:8:524:9 | vs | vector.cpp:524:10:524:10 | call to operator[] | TAINT | -| vector.cpp:526:8:526:9 | ref arg vs | vector.cpp:539:8:539:9 | vs | | -| vector.cpp:526:8:526:9 | ref arg vs | vector.cpp:540:2:540:2 | vs | | +| vector.cpp:526:8:526:9 | ref arg vs | vector.cpp:532:8:532:9 | vs | | +| vector.cpp:526:8:526:9 | ref arg vs | vector.cpp:533:2:533:2 | vs | | | vector.cpp:526:8:526:9 | vs | vector.cpp:526:11:526:15 | call to begin | TAINT | | vector.cpp:526:11:526:15 | call to begin | vector.cpp:526:3:526:17 | ... = ... | | | vector.cpp:526:11:526:15 | call to begin | vector.cpp:527:9:527:10 | it | | @@ -8128,5 +8128,5 @@ | vector.cpp:530:3:530:4 | ref arg it | vector.cpp:531:9:531:10 | it | | | vector.cpp:530:9:530:14 | call to source | vector.cpp:530:3:530:4 | ref arg it | TAINT | | vector.cpp:531:9:531:10 | it | vector.cpp:531:8:531:8 | call to operator* | TAINT | -| vector.cpp:539:8:539:9 | ref arg vs | vector.cpp:540:2:540:2 | vs | | -| vector.cpp:539:8:539:9 | vs | vector.cpp:539:10:539:10 | call to operator[] | TAINT | +| vector.cpp:532:8:532:9 | ref arg vs | vector.cpp:533:2:533:2 | vs | | +| vector.cpp:532:8:532:9 | vs | vector.cpp:532:10:532:10 | call to operator[] | TAINT | diff --git a/cpp/ql/test/library-tests/dataflow/taint-tests/taint.expected b/cpp/ql/test/library-tests/dataflow/taint-tests/taint.expected index e69de29bb2d..48de9172b36 100644 --- a/cpp/ql/test/library-tests/dataflow/taint-tests/taint.expected +++ b/cpp/ql/test/library-tests/dataflow/taint-tests/taint.expected @@ -0,0 +1,2 @@ +failures +testFailures diff --git a/cpp/ql/test/library-tests/dataflow/taint-tests/taint.ql b/cpp/ql/test/library-tests/dataflow/taint-tests/taint.ql index fc0b0976348..ef79f065921 100644 --- a/cpp/ql/test/library-tests/dataflow/taint-tests/taint.ql +++ b/cpp/ql/test/library-tests/dataflow/taint-tests/taint.ql @@ -43,10 +43,8 @@ module AstTest { private import semmle.code.cpp.models.interfaces.Taint /** Common data flow configuration to be used by tests. */ - class AstTestAllocationConfig extends TaintTracking::Configuration { - AstTestAllocationConfig() { this = "ASTTestAllocationConfig" } - - override predicate isSource(DataFlow::Node source) { + module AstTestAllocationConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { source.asExpr().(FunctionCall).getTarget().getName() = "source" or source.asParameter().getName().matches("source%") @@ -60,17 +58,19 @@ module AstTest { ) } - override predicate isSink(DataFlow::Node sink) { + predicate isSink(DataFlow::Node sink) { exists(FunctionCall call | call.getTarget().getName() = "sink" and sink.asExpr() = call.getAnArgument() ) } - override predicate isSanitizer(DataFlow::Node barrier) { + predicate isBarrier(DataFlow::Node barrier) { barrier.asExpr().(VariableAccess).getTarget().hasName("sanitizer") } } + + module AstFlow = TaintTracking::Global; } module IRTest { @@ -78,10 +78,8 @@ module IRTest { private import semmle.code.cpp.ir.dataflow.TaintTracking /** Common data flow configuration to be used by tests. */ - class TestAllocationConfig extends TaintTracking::Configuration { - TestAllocationConfig() { this = "TestAllocationConfig" } - - override predicate isSource(DataFlow::Node source) { + module TestAllocationConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { source.asExpr().(FunctionCall).getTarget().getName() = "source" or source.asIndirectExpr().(FunctionCall).getTarget().getName() = "source" @@ -94,21 +92,25 @@ module IRTest { ) } - override predicate isSink(DataFlow::Node sink) { + predicate isSink(DataFlow::Node sink) { exists(FunctionCall call | call.getTarget().getName() = "sink" and [sink.asExpr(), sink.asIndirectExpr()] = call.getAnArgument() ) } - override predicate isSanitizer(DataFlow::Node barrier) { + predicate isBarrier(DataFlow::Node barrier) { barrier.asExpr().(VariableAccess).getTarget().hasName("sanitizer") } - override predicate allowImplicitRead(DataFlow::Node node, DataFlow::ContentSet c) { + predicate allowImplicitRead(DataFlow::Node node, DataFlow::ContentSet c) { // allow arbitrary reads at sinks - this.isSink(node) and + isSink(node) and c.(DataFlow::FieldContent).getField().getDeclaringType() = node.getType().getUnspecifiedType() } } + + module IRFlow = TaintTracking::Global; } + +import MakeTest, IRFlowTest>> diff --git a/cpp/ql/test/library-tests/dataflow/taint-tests/vector.cpp b/cpp/ql/test/library-tests/dataflow/taint-tests/vector.cpp index 19824641560..a26ac8f0513 100644 --- a/cpp/ql/test/library-tests/dataflow/taint-tests/vector.cpp +++ b/cpp/ql/test/library-tests/dataflow/taint-tests/vector.cpp @@ -523,19 +523,12 @@ void test_vector_iterator() { sink(vs[1]); sink(vs[source()]); // $ MISSING: ast,ir - it = vs.begin(); // (1) + it = vs.begin(); sink(*it); it += 1; sink(*it); - it += source(); // (2) - sink(*it); // $ ast,ir // (3) - // This FP happens because of the following flows: - // 1. There's a write to the iterator at (2) - // 2. This write propagates to `it` on the next line at (3) - // 3. There's a taint step from `it` to `*it` at (3) - // 4. The `*it` is seen as a use of `vs` because of (1). - // 5. There's use-use flow from `*it` at (3) (which is a use of `vs`) to `vs` at (4) - // 6. There's a taint step from vs to vs[1] - sink(vs[1]); // $ SPURIOUS: ir // (4) + it += source(); + sink(*it); // $ ast,ir + sink(vs[1]); // clean } } diff --git a/cpp/ql/test/library-tests/identity_string/identity_string.ql b/cpp/ql/test/library-tests/identity_string/identity_string.ql index c663bc6d89b..21f83f9ba3c 100644 --- a/cpp/ql/test/library-tests/identity_string/identity_string.ql +++ b/cpp/ql/test/library-tests/identity_string/identity_string.ql @@ -6,11 +6,11 @@ abstract class CheckCall extends FunctionCall { final string getExpectedString() { exists(int lastArgIndex | - lastArgIndex = getNumberOfArguments() - 1 and + lastArgIndex = this.getNumberOfArguments() - 1 and ( - result = getArgument(lastArgIndex).getValue() + result = this.getArgument(lastArgIndex).getValue() or - not exists(getArgument(lastArgIndex).getValue()) and result = "" + not exists(this.getArgument(lastArgIndex).getValue()) and result = "" ) ) } @@ -20,50 +20,54 @@ abstract class CheckCall extends FunctionCall { class CheckTypeCall extends CheckCall { CheckTypeCall() { - getTarget().(FunctionTemplateInstantiation).getTemplate().hasGlobalName("check_type") + this.getTarget().(FunctionTemplateInstantiation).getTemplate().hasGlobalName("check_type") } override string getActualString() { - result = getTypeIdentityString(getSpecifiedType()) + result = getTypeIdentityString(this.getSpecifiedType()) or - not exists(getTypeIdentityString(getSpecifiedType())) and result = "" + not exists(getTypeIdentityString(this.getSpecifiedType())) and result = "" } - override string explain() { result = getSpecifiedType().explain() } + override string explain() { result = this.getSpecifiedType().explain() } - final Type getSpecifiedType() { result = getTarget().getTemplateArgument(0) } + final Type getSpecifiedType() { result = this.getTarget().getTemplateArgument(0) } } class CheckFuncCall extends CheckCall { CheckFuncCall() { - getTarget().(FunctionTemplateInstantiation).getTemplate().hasGlobalName("check_func") + this.getTarget().(FunctionTemplateInstantiation).getTemplate().hasGlobalName("check_func") } override string getActualString() { - result = getIdentityString(getSpecifiedFunction()) + result = getIdentityString(this.getSpecifiedFunction()) or - not exists(getIdentityString(getSpecifiedFunction())) and result = "" + not exists(getIdentityString(this.getSpecifiedFunction())) and result = "" } - override string explain() { result = getSpecifiedFunction().toString() } + override string explain() { result = this.getSpecifiedFunction().toString() } - final Function getSpecifiedFunction() { result = getArgument(0).(FunctionAccess).getTarget() } + final Function getSpecifiedFunction() { + result = this.getArgument(0).(FunctionAccess).getTarget() + } } class CheckVarCall extends CheckCall { CheckVarCall() { - getTarget().(FunctionTemplateInstantiation).getTemplate().hasGlobalName("check_var") + this.getTarget().(FunctionTemplateInstantiation).getTemplate().hasGlobalName("check_var") } override string getActualString() { - result = getIdentityString(getSpecifiedVariable()) + result = getIdentityString(this.getSpecifiedVariable()) or - not exists(getIdentityString(getSpecifiedVariable())) and result = "" + not exists(getIdentityString(this.getSpecifiedVariable())) and result = "" } - override string explain() { result = getSpecifiedVariable().toString() } + override string explain() { result = this.getSpecifiedVariable().toString() } - final Variable getSpecifiedVariable() { result = getArgument(0).(VariableAccess).getTarget() } + final Variable getSpecifiedVariable() { + result = this.getArgument(0).(VariableAccess).getTarget() + } } bindingset[s] diff --git a/cpp/ql/test/library-tests/ir/modulus-analysis/ModulusAnalysis.expected b/cpp/ql/test/library-tests/ir/modulus-analysis/ModulusAnalysis.expected index e69de29bb2d..48de9172b36 100644 --- a/cpp/ql/test/library-tests/ir/modulus-analysis/ModulusAnalysis.expected +++ b/cpp/ql/test/library-tests/ir/modulus-analysis/ModulusAnalysis.expected @@ -0,0 +1,2 @@ +failures +testFailures diff --git a/cpp/ql/test/library-tests/ir/modulus-analysis/ModulusAnalysis.ql b/cpp/ql/test/library-tests/ir/modulus-analysis/ModulusAnalysis.ql index 6cfb22803bd..5ba30a1627d 100644 --- a/cpp/ql/test/library-tests/ir/modulus-analysis/ModulusAnalysis.ql +++ b/cpp/ql/test/library-tests/ir/modulus-analysis/ModulusAnalysis.ql @@ -12,12 +12,10 @@ import TestUtilities.InlineExpectationsTest module ModulusAnalysisInstantiated = ModulusAnalysis>; -class ModulusAnalysisTest extends InlineExpectationsTest { - ModulusAnalysisTest() { this = "ModulusAnalysisTest" } +module ModulusAnalysisTest implements TestSig { + string getARelevantTag() { result = "mod" } - override string getARelevantTag() { result = "mod" } - - override predicate hasActualResult(Location location, string element, string tag, string value) { + predicate hasActualResult(Location location, string element, string tag, string value) { exists(SemExpr e, IR::CallInstruction call | getSemanticExpr(call.getArgument(0)) = e and call.getStaticCallTarget().hasName("mod") and @@ -29,6 +27,8 @@ class ModulusAnalysisTest extends InlineExpectationsTest { } } +import MakeTest + private string getAModString(SemExpr e) { exists(SemBound b, int delta, int mod | ModulusAnalysisInstantiated::semExprModulus(e, b, delta, mod) and diff --git a/cpp/ql/test/library-tests/ir/points_to/points_to.expected b/cpp/ql/test/library-tests/ir/points_to/points_to.expected index e69de29bb2d..48de9172b36 100644 --- a/cpp/ql/test/library-tests/ir/points_to/points_to.expected +++ b/cpp/ql/test/library-tests/ir/points_to/points_to.expected @@ -0,0 +1,2 @@ +failures +testFailures diff --git a/cpp/ql/test/library-tests/ir/points_to/points_to.ql b/cpp/ql/test/library-tests/ir/points_to/points_to.ql index 6cc7b7efb34..2eafcc55ef0 100644 --- a/cpp/ql/test/library-tests/ir/points_to/points_to.ql +++ b/cpp/ql/test/library-tests/ir/points_to/points_to.ql @@ -21,12 +21,10 @@ module Raw { result = getOperandMemoryLocation(instr.getAnOperand()) } - class RawPointsToTest extends InlineExpectationsTest { - RawPointsToTest() { this = "RawPointsToTest" } + module RawPointsToTest implements TestSig { + string getARelevantTag() { result = "raw" } - override string getARelevantTag() { result = "raw" } - - override predicate hasActualResult(Location location, string element, string tag, string value) { + predicate hasActualResult(Location location, string element, string tag, string value) { exists(Instruction instr, MemoryLocation memLocation | memLocation = getAMemoryAccess(instr) and tag = "raw" and @@ -49,12 +47,10 @@ module UnaliasedSsa { result = getOperandMemoryLocation(instr.getAnOperand()) } - class UnaliasedSsaPointsToTest extends InlineExpectationsTest { - UnaliasedSsaPointsToTest() { this = "UnaliasedSSAPointsToTest" } + module UnaliasedSsaPointsToTest implements TestSig { + string getARelevantTag() { result = "ussa" } - override string getARelevantTag() { result = "ussa" } - - override predicate hasActualResult(Location location, string element, string tag, string value) { + predicate hasActualResult(Location location, string element, string tag, string value) { exists(Instruction instr, MemoryLocation memLocation | memLocation = getAMemoryAccess(instr) and not memLocation.getVirtualVariable() instanceof AliasedVirtualVariable and @@ -69,3 +65,5 @@ module UnaliasedSsa { } } } + +import MakeTest> diff --git a/cpp/ql/test/library-tests/ir/range-analysis/Overflow.expected b/cpp/ql/test/library-tests/ir/range-analysis/Overflow.expected index e69de29bb2d..48de9172b36 100644 --- a/cpp/ql/test/library-tests/ir/range-analysis/Overflow.expected +++ b/cpp/ql/test/library-tests/ir/range-analysis/Overflow.expected @@ -0,0 +1,2 @@ +failures +testFailures diff --git a/cpp/ql/test/library-tests/ir/range-analysis/Overflow.ql b/cpp/ql/test/library-tests/ir/range-analysis/Overflow.ql index e0491e6e0ed..40d80f3d7b0 100644 --- a/cpp/ql/test/library-tests/ir/range-analysis/Overflow.ql +++ b/cpp/ql/test/library-tests/ir/range-analysis/Overflow.ql @@ -2,12 +2,10 @@ import cpp import semmle.code.cpp.rangeanalysis.new.SimpleRangeAnalysis import TestUtilities.InlineExpectationsTest -class RangeAnalysisTest extends InlineExpectationsTest { - RangeAnalysisTest() { this = "RangeAnalysisTest" } +module RangeAnalysisTest implements TestSig { + string getARelevantTag() { result = "overflow" } - override string getARelevantTag() { result = "overflow" } - - override predicate hasActualResult(Location location, string element, string tag, string value) { + predicate hasActualResult(Location location, string element, string tag, string value) { exists(Expr e | tag = "overflow" and element = e.toString() and @@ -21,3 +19,5 @@ class RangeAnalysisTest extends InlineExpectationsTest { ) } } + +import MakeTest diff --git a/cpp/ql/test/library-tests/ir/range-analysis/RangeAnalysis.expected b/cpp/ql/test/library-tests/ir/range-analysis/RangeAnalysis.expected index e69de29bb2d..48de9172b36 100644 --- a/cpp/ql/test/library-tests/ir/range-analysis/RangeAnalysis.expected +++ b/cpp/ql/test/library-tests/ir/range-analysis/RangeAnalysis.expected @@ -0,0 +1,2 @@ +failures +testFailures diff --git a/cpp/ql/test/library-tests/ir/range-analysis/RangeAnalysis.ql b/cpp/ql/test/library-tests/ir/range-analysis/RangeAnalysis.ql index 6c79e56cc5b..b5a86c23d97 100644 --- a/cpp/ql/test/library-tests/ir/range-analysis/RangeAnalysis.ql +++ b/cpp/ql/test/library-tests/ir/range-analysis/RangeAnalysis.ql @@ -5,12 +5,10 @@ import semmle.code.cpp.rangeanalysis.new.internal.semantic.SemanticExprSpecific import semmle.code.cpp.ir.IR as IR import TestUtilities.InlineExpectationsTest -class RangeAnalysisTest extends InlineExpectationsTest { - RangeAnalysisTest() { this = "RangeAnalysisTest" } +module RangeAnalysisTest implements TestSig { + string getARelevantTag() { result = "range" } - override string getARelevantTag() { result = "range" } - - override predicate hasActualResult(Location location, string element, string tag, string value) { + predicate hasActualResult(Location location, string element, string tag, string value) { exists(SemExpr e, IR::CallInstruction call | getSemanticExpr(call.getArgument(0)) = e and call.getStaticCallTarget().hasName("range") and @@ -22,6 +20,8 @@ class RangeAnalysisTest extends InlineExpectationsTest { } } +import MakeTest + private string getDirectionString(boolean d) { result = "<=" and d = true or @@ -40,14 +40,7 @@ bindingset[delta] private string getBoundString(SemBound b, float delta) { b instanceof SemZeroBound and result = delta.toString() or - result = - strictconcat(b.(SemSsaBound) - .getAVariable() - .(SemanticExprConfig::SsaVariable) - .asInstruction() - .getAst() - .toString(), ":" - ) + getOffsetString(delta) + result = strictconcat(b.(SemSsaBound).getAVariable().toString(), " | ") + getOffsetString(delta) } private string getARangeString(SemExpr e) { diff --git a/cpp/ql/test/library-tests/ir/range-analysis/SimpleRangeAnalysis_tests.cpp b/cpp/ql/test/library-tests/ir/range-analysis/SimpleRangeAnalysis_tests.cpp index eed0a7d7e47..df29578409b 100644 --- a/cpp/ql/test/library-tests/ir/range-analysis/SimpleRangeAnalysis_tests.cpp +++ b/cpp/ql/test/library-tests/ir/range-analysis/SimpleRangeAnalysis_tests.cpp @@ -8,7 +8,7 @@ int test1(struct List* p) { int count = 0; for (; p; p = p->next) { count = count+1; - range(count); // $ range===count:p+1 + range(count); // $ range="==Phi: p | Store: count+1" } range(count); return count; @@ -18,7 +18,7 @@ int test2(struct List* p) { int count = 0; for (; p; p = p->next) { count = (count+1) % 10; - range(count); // $ range=<=9 range=>=-9 range=<=count:p+1 + range(count); // $ range=<=9 range=>=-9 range="<=Phi: p | Store: count+1" } range(count); // $ range=>=-9 range=<=9 return count; @@ -29,7 +29,7 @@ int test3(struct List* p) { for (; p; p = p->next) { range(count++); // $ range=>=-9 range=<=9 count = count % 10; - range(count); // $ range=<=9 range=>=-9 range="<=... +++0" range=<=count:p+1 + range(count); // $ range=<=9 range=>=-9 range="<=Store: ... +++0" range="<=Phi: p | Store: count+1" } range(count); // $ range=>=-9 range=<=9 return count; @@ -42,11 +42,11 @@ int test4() { range(i); // $ range=<=1 range=>=0 range(total); total += i; - range(total); // $ range=<=i+1 range=<=i+1 MISSING: range=>=0 range=>=i+0 + range(total); // $ range="<=Phi: i+1" MISSING: range=>=0 range=>=i+0 } range(total); // $ MISSING: range=>=0 range(i); // $ range===2 - range(total + i); // $ range=<=i+2 MISSING: range===i+2 range=>=2 range=>=i+0 + range(total + i); // $ range="<=Phi: i+2" MISSING: range===i+2 range=>=2 range=>=i+0 return total + i; } @@ -57,11 +57,11 @@ int test5() { range(i); // $ range=<=1 range=>=0 range(total); // $ MISSING: range=>=0 total += i; - range(total); // $ range=<=i+1 MISSING: range=>=0 range=>=i+0 + range(total); // $ range="<=Phi: i+1" MISSING: range=>=0 range=>=i+0 } range(total); // $ MISSING: range=>=0 range(i); // $ range===2 - range(total + i); // $ range=<=i+2 MISSING: range===i+2 range=>=2 range=>=i+0 + range(total + i); // $ range="<=Phi: i+2" MISSING: range===i+2 range=>=2 range=>=i+0 return total + i; } @@ -72,7 +72,7 @@ int test6() { range(i); // $ range=<=1 range=>=0 range(total); // $ MISSING: range=>=0 total += i; - range(total); // $ range=<=i+1 MISSING: range=>=0 range=>=i+0 + range(total); // $ range="<=Phi: i+1" MISSING: range=>=0 range=>=i+0 } return total + i; } @@ -93,12 +93,12 @@ int test8(int x, int y) { if (-1000 < y && y < 10) { range(y); // $ range=<=9 range=>=-999 if (x < y-2) { - range(x); // $ range=<=6 range=<=y-3 - range(y); // $ range=<=9 range=>=-999 range=>=x+3 + range(x); // $ range=<=6 range="<=InitializeParameter: y | Store: y-3" + range(y); // $ range=<=9 range=>=-999 range=">=InitializeParameter: x | Store: x+3" return x; } - range(x); // $ range=>=-1001 range=>=y-2 - range(y); // $ range=<=9 range=<=x+2 range=>=-999 + range(x); // $ range=>=-1001 range=">=InitializeParameter: y | Store: y-2" + range(y); // $ range=<=9 range="<=InitializeParameter: x | Store: x+2" range=>=-999 } range(x); range(y); @@ -127,12 +127,12 @@ int test10(int x, int y) { if (y > 7) { range(y); // $ range=>=8 if (x < y) { - range(x); // $ range=<=y-1 - range(y); // $ range=>=8 range=>=x+1 + range(x); // $ range="<=InitializeParameter: y-1" + range(y); // $ range=>=8 range=">=InitializeParameter: x | Store: x+1" return 0; } - range(x); // $ range=>=8 range=>=y+0 - range(y); // $ range=<=x+0 range=>=8 + range(x); // $ range=>=8 range=">=InitializeParameter: y+0" + range(y); // $ range="<=InitializeParameter: x | Store: x+0" range=>=8 return x; } range(y); // $ range=<=7 @@ -145,7 +145,7 @@ int test11(char *p) { range(*p); if (c != '\0') { *p++ = '\0'; - range(p); // $ range===p+1 + range(p); // $ range="==InitializeParameter: p+1" range(*p); } if (c == ':') { @@ -155,7 +155,7 @@ int test11(char *p) { if (c != '\0') { range(c); *p++ = '\0'; - range(p); // $ range=<=p+2 range===c+1 range=>=p+1 + range(p); // $ range="<=InitializeParameter: p+2" range="==Phi: c+1" range=">=InitializeParameter: p+1" } if (c != ',') { return 1; @@ -193,7 +193,7 @@ int test13(char c, int i) { unsigned int y = x-1; // $ overflow=- range(y); // $ range===-1 overflow=- int z = i+1; // $ overflow=+ - range(z); // $ range===i+1 + range(z); // $ range="==InitializeParameter: i+1" range(c + i + uc + x + y + z); // $ overflow=+- overflow=+ overflow=- MISSING: range=>=1 range((double)(c + i + uc + x + y + z)); // $ overflow=+ overflow=+- overflow=- MISSING: range=>=1 return (double)(c + i + uc + x + y + z); // $ overflow=+- overflow=+ overflow=- @@ -245,7 +245,7 @@ int test_unary(int a) { range(c); // $ range=<=0 range=>=-11 range(b+c); // $ range=<=11 range=>=-11 MISSING:range=">=- ...+0" total += b+c; - range(total); // $ range=<=0+11 range=<=19 range=>=0-11 range=>=-19 + range(total); // $ range="<=Phi: 0+11" range=<=19 range=">=Phi: 0-11" range=>=-19 } if (-7 <= a && a <= 11) { range(a); // $ range=<=11 range=>=-7 @@ -255,7 +255,7 @@ int test_unary(int a) { range(c); // $ range=<=7 range=>=-11 range(b+c); // $ range=<=18 range=>=-18 total += b+c; - range(total); // $ range="<=- ...+18" range=">=- ...-18" range=<=0+29 range=<=37 range=>=0-29 range=>=-37 + range(total); // $ range="<=Phi: - ...+18" range=">=Phi: - ...-18" range="<=Phi: 0+29" range=<=37 range=">=Phi: 0-29" range=>=-37 } if (-7 <= a && a <= 1) { range(a); // $ range=<=1 range=>=-7 @@ -265,7 +265,7 @@ int test_unary(int a) { range(c); // $ range=<=7 range=>=-1 range(b+c); // $ range=<=8 range=>=-8 total += b+c; - range(total); // $ range="<=- ...+8" range="<=- ...+26" range=">=- ...-8" range=">=- ...-26" range=<=0+37 range=<=45 range=>=0-37 range=>=-45 + range(total); // $ range="<=Phi: - ...+8" range="<=Phi: - ...+26" range=">=Phi: - ...-8" range=">=Phi: - ...-26" range="<=Phi: 0+37" range=<=45 range=">=Phi: 0-37" range=>=-45 } if (-7 <= a && a <= 0) { range(a); // $ range=<=0 range=>=-7 @@ -275,7 +275,7 @@ int test_unary(int a) { range(c); // $ range=<=7 range=>=0 range(b+c); // $ range=>=-7 range=<=7 MISSING:range="<=- ...+0" total += b+c; - range(total); // $ range="<=- ...+7" range="<=- ...+15" range="<=- ...+33" range=">=- ...-7" range=">=- ...-15" range=">=- ...-33" range=<=0+44 range=<=52 range=>=0-44 range=>=-52 + range(total); // $ range="<=Phi: - ...+7" range="<=Phi: - ...+15" range="<=Phi: - ...+33" range=">=Phi: - ...-7" range=">=Phi: - ...-15" range=">=Phi: - ...-33" range="<=Phi: 0+44" range=<=52 Unexpected result: range=">=Phi: 0-44" range=>=-52 } if (-7 <= a && a <= -2) { range(a); // $ range=<=-2 range=>=-7 @@ -285,9 +285,9 @@ int test_unary(int a) { range(c); // $ range=<=7 range=>=2 range(b+c); // $ range=<=5 range=>=-5 total += b+c; - range(total); // $ range="<=- ...+5" range="<=- ...+12" range="<=- ...+20" range="<=- ...+38" range=">=- ...-5" range=">=- ...-12" range=">=- ...-20" range=">=- ...-38" range=<=0+49 range=<=57 range=>=0-49 range=>=-57 + range(total); // $ range="<=Phi: - ...+5" range="<=Phi: - ...+12" range="<=Phi: - ...+20" range="<=Phi: - ...+38" range=">=Phi: - ...-5" range=">=Phi: - ...-12" range=">=Phi: - ...-20" range=">=Phi: - ...-38" range="<=Phi: 0+49" range=<=57 range=">=Phi: 0-49" range=>=-57 } - range(total); // $ range="<=- ...+5" range="<=- ...+12" range="<=- ...+20" range="<=- ...+38" range=">=- ...-5" range=">=- ...-12" range=">=- ...-20" range=">=- ...-38" range=<=0+49 range=<=57 range=>=0-49 range=>=-57 + range(total); // $ range="<=Phi: - ...+5" range="<=Phi: - ...+12" range="<=Phi: - ...+20" range="<=Phi: - ...+38" range=">=Phi: - ...-5" range=">=Phi: - ...-12" range=">=Phi: - ...-20" range=">=Phi: - ...-38" range="<=Phi: 0+49" range=<=57 range=">=Phi: 0-49" range=>=-57 return total; } @@ -310,7 +310,7 @@ int test_mult01(int a, int b) { int r = a*b; // 0 .. 253 range(r); // $ range=<=253 range=>=0 total += r; - range(total); // $ range=<=3+253 range=<=506 range=>=0 range=>=3+0 + range(total); // $ range="<=Phi: 3+253" range=<=506 range=>=0 range=">=Phi: 3+0" } if (3 <= a && a <= 11 && -13 <= b && b <= 23) { range(a); // $ range=<=11 range=>=3 @@ -326,7 +326,7 @@ int test_mult01(int a, int b) { int r = a*b; // -143 .. 0 range(r); // $ range=<=0 range=>=-143 total += r; - range(total); // $ range=>=3-143 + range(total); // $ range=">=Phi: 3-143" } if (3 <= a && a <= 11 && -13 <= b && b <= -7) { range(a); // $ range=<=11 range=>=3 @@ -334,9 +334,9 @@ int test_mult01(int a, int b) { int r = a*b; // -143 .. -21 range(r); // $ range=<=-21 range=>=-143 total += r; - range(total); // $ range=>=3-143 range=>=3-286 + range(total); // $ range=">=Phi: 3-143" range=">=Phi: 3-286" } - range(total); // $ range=>=3-143 range=>=3-286 + range(total); // $ range=">=Phi: 3-143" range=">=Phi: 3-286" return total; } @@ -358,7 +358,7 @@ int test_mult02(int a, int b) { int r = a*b; // 0 .. 253 range(r); // $ range=<=253 range=>=0 total += r; - range(total); // $ range=>=0 range=>=0+0 range=<=0+253 range=<=506 + range(total); // $ range=>=0 range=">=Phi: 0+0" range="<=Phi: 0+253" range=<=506 } if (0 <= a && a <= 11 && -13 <= b && b <= 23) { range(a); // $ range=<=11 range=>=0 @@ -374,7 +374,7 @@ int test_mult02(int a, int b) { int r = a*b; // -143 .. 0 range(r); // $ range=<=0 range=>=-143 total += r; - range(total); // $ range=>=0-143 + range(total); // $ range=">=Phi: 0-143" } if (0 <= a && a <= 11 && -13 <= b && b <= -7) { range(a); // $ range=<=11 range=>=0 @@ -382,9 +382,9 @@ int test_mult02(int a, int b) { int r = a*b; // -143 .. 0 range(r); // $ range=<=0 range=>=-143 total += r; - range(total); // $ range=>=0-143 range=>=0-286 + range(total); // $ range=">=Phi: 0-143" range=">=Phi: 0-286" } - range(total); // $range=>=0-143 range=>=0-286 + range(total); // $range=">=Phi: 0-143" range=">=Phi: 0-286" return total; } @@ -453,7 +453,7 @@ int test_mult04(int a, int b) { int r = a*b; // -391 .. 0 range(r); // $ range=<=0 range=>=-391 total += r; - range(total); // $ range="<=- ...+0" range=<=0 range=">=- ...-391" range=>=-782 + range(total); // $ range="<=Phi: - ...+0" range=<=0 range=">=Phi: - ...-391" range=>=-782 } if (-17 <= a && a <= 0 && -13 <= b && b <= 23) { range(a); // $ range=<=0 range=>=-17 @@ -469,7 +469,7 @@ int test_mult04(int a, int b) { int r = a*b; // 0 .. 221 range(r); // $ range=<=221 range=>=0 total += r; - range(total); // $ range="<=- ...+221" + range(total); // $ range="<=Phi: - ...+221" } if (-17 <= a && a <= 0 && -13 <= b && b <= -7) { range(a); // $ range=<=0 range=>=-17 @@ -477,9 +477,9 @@ int test_mult04(int a, int b) { int r = a*b; // 0 .. 221 range(r); // $ range=<=221 range=>=0 total += r; - range(total); // $ range="<=- ...+221" range="<=- ...+442" + range(total); // $ range="<=Phi: - ...+221" range="<=Phi: - ...+442" } - range(total); // $ range="<=- ...+221" range="<=- ...+442" + range(total); // $ range="<=Phi: - ...+221" range="<=Phi: - ...+442" return total; } @@ -501,7 +501,7 @@ int test_mult05(int a, int b) { int r = a*b; // -391 .. 0 range(r); // $ range=<=0 range=>=-391 total += r; - range(total); // $ range="<=- ...+0" range=<=0 range=">=- ...-391" range=>=-782 + range(total); // $ range="<=Phi: - ...+0" range=<=0 range=">=Phi: - ...-391" range=>=-782 } if (-17 <= a && a <= -2 && -13 <= b && b <= 23) { range(a); // $ range=<=-2 range=>=-17 @@ -517,7 +517,7 @@ int test_mult05(int a, int b) { int r = a*b; // 0 .. 221 range(r); // $ range=<=221 range=>=0 total += r; - range(total); // $ range="<=- ...+221" + range(total); // $ range="<=Phi: - ...+221" } if (-17 <= a && a <= -2 && -13 <= b && b <= -7) { range(a); // $ range=<=-2 range=>=-17 @@ -525,9 +525,9 @@ int test_mult05(int a, int b) { int r = a*b; // 14 .. 221 range(r); // $ range=<=221 range=>=14 total += r; - range(total); // $ range="<=- ...+221" range="<=- ...+442" + range(total); // $ range="<=Phi: - ...+221" range="<=Phi: - ...+442" } - range(total); // $ range="<=- ...+221" range="<=- ...+442" + range(total); // $ range="<=Phi: - ...+221" range="<=Phi: - ...+442" return total; } @@ -541,7 +541,7 @@ int test16(int x) { while (i < 3) { range(i); // $ range=<=2 range=>=0 i++; - range(i); // $ range=<=3 range=>=1 range="==... = ...:i+1" SPURIOUS:range="==... = ...:i+1" + range(i); // $ range=<=3 range=>=1 range="==Phi: i | Store: ... = ...+1" } range(d); d = i; @@ -640,14 +640,14 @@ unsigned int test_comma01(unsigned int x) { unsigned int y1; unsigned int y2; y1 = (++y, y); - range(y1); // $ range=<=101 range="==... ? ... : ...+1" + range(y1); // $ range=<=101 range="==Phi: ... ? ... : ... | Store: ... ? ... : ...+1" y2 = (y++, - range(y), // $ range=<=102 range="==++ ...:... = ...+1" range="==... ? ... : ...+2" + range(y), // $ range=<=102 range="==Store: ++ ... | Store: ... = ...+1" range="==Phi: ... ? ... : ... | Store: ... ? ... : ...+2" y += 3, - range(y), // $ range=<=105 range="==++ ...:... = ...+4" range="==... +++3" range="==... ? ... : ...+5" + range(y), // $ range=<=105 range="==Store: ++ ... | Store: ... = ...+4" range="==Store: ... +++3" range="==Phi: ... ? ... : ... | Store: ... ? ... : ...+5" y); - range(y2); // $ range=<=105 range="==++ ...:... = ...+4" range="==... +++3" range="==... ? ... : ...+5" - range(y1 + y2); // $ range=<=206 range="<=... ? ... : ...+106" MISSING: range=">=++ ...:... = ...+5" range=">=... +++4" range=">=... += ...:... = ...+1" range=">=... ? ... : ...+6" + range(y2); // $ range=<=105 range="==Store: ++ ... | Store: ... = ...+4" range="==Store: ... +++3" Unexpected result: range="==Phi: ... ? ... : ... | Store: ... ? ... : ...+5" + range(y1 + y2); // $ range=<=206 range="<=Phi: ... ? ... : ... | Store: ... ? ... : ...+106" MISSING: range=">=++ ...:... = ...+5" range=">=... +++4" range=">=... += ...:... = ...+1" range=">=... ? ... : ...+6" return y1 + y2; } @@ -672,7 +672,7 @@ void test17() { range(i); // $ range===50 i = 20 + (j -= 10); - range(i); // $ range="==... += ...:... = ...+10" range===60 + range(i); // $ range="==Store: ... += ... | Store: ... = ...+10" range===60 } // Tests for unsigned multiplication. @@ -693,7 +693,7 @@ int test_unsigned_mult01(unsigned int a, unsigned b) { int r = a*b; // 0 .. 253 range(r);// $ range=>=0 range=<=253 total += r; - range(total); // $ range=">=(unsigned int)...+0" range=>=0 range=<=506 range="<=(unsigned int)...+253" + range(total); // $ range=">=Phi: (unsigned int)...+0" range=>=0 range=<=506 range="<=Phi: (unsigned int)...+253" } if (3 <= a && a <= 11 && 13 <= b && b <= 23) { range(a); // $ range=<=11 range=>=3 @@ -701,9 +701,9 @@ int test_unsigned_mult01(unsigned int a, unsigned b) { int r = a*b; // 39 .. 253 range(r); // $ range=>=39 range=<=253 total += r; - range(total); // $ range=>=39 range=<=759 range="<=(unsigned int)...+253" range="<=(unsigned int)...+506" range=">=(unsigned int)...+39" + range(total); // $ range=>=39 range=<=759 range="<=Phi: (unsigned int)...+253" range="<=Phi: (unsigned int)...+506" range=">=Phi: (unsigned int)...+39" } - range(total); // $ range=>=0 range=<=759 range=">=(unsigned int)...+0" range="<=(unsigned int)...+506" range="<=(unsigned int)...+253" + range(total); // $ range=>=0 range=<=759 range=">=Phi: (unsigned int)...+0" range="<=Phi: (unsigned int)...+506" range="<=Phi: (unsigned int)...+253" return total; } @@ -722,16 +722,16 @@ int test_unsigned_mult02(unsigned b) { int r = 11*b; // 0 .. 253 range(r); // $ range=>=0 range=<=253 total += r; - range(total); // $ range=">=(unsigned int)...+0" range=>=0 range="<=(unsigned int)...+253" range=<=506 + range(total); // $ range=">=Phi: (unsigned int)...+0" range=>=0 range="<=Phi: (unsigned int)...+253" range=<=506 } if (13 <= b && b <= 23) { range(b); // $ range=<=23 range=>=13 int r = 11*b; // 143 .. 253 range(r); // $ range=>=143 range=<=253 total += r; - range(total); // $ range="<=(unsigned int)...+253" range="<=(unsigned int)...+506" range=">=(unsigned int)...+143" range=>=143 range=<=759 + range(total); // $ range="<=Phi: (unsigned int)...+253" range="<=Phi: (unsigned int)...+506" range=">=Phi: (unsigned int)...+143" range=>=143 range=<=759 } - range(total); // $ range=>=0 range=<=759 range=">=(unsigned int)...+0" range="<=(unsigned int)...+506" range="<=(unsigned int)...+253" + range(total); // $ range=>=0 range=<=759 range=">=Phi: (unsigned int)...+0" range="<=Phi: (unsigned int)...+506" range="<=Phi: (unsigned int)...+253" return total; } @@ -851,7 +851,7 @@ int notequal_type_endpoint(unsigned n) { n--; // 1 .. } - range(n); // $ range=<=n+0 // 0 .. 0 + range(n); // $ range="<=InitializeParameter: n+0" // 0 .. 0 } void notequal_refinement(short n) { @@ -946,7 +946,7 @@ void widen_recursive_expr() { for (s = 0; s < 10; s++) { range(s); // $ range=<=9 range=>=0 int result = s + s; - range(result); // $ range=<=18 range=<=s+9 range=>=0 range=>=s+0 + range(result); // $ range=<=18 Unexpected result: range="<=Phi: s+9" range=>=0 Unexpected result: range=">=Phi: s+0" } } @@ -974,7 +974,7 @@ void test_mod_neg(int s) { void test_mod_ternary(int s, bool b) { int s2 = s % (b ? 5 : 500); - range(s2); // $ range=>=-499 range=<=499 range="<=... ? ... : ...-1" + range(s2); // $ range=>=-499 range=<=499 range="<=Phi: ... ? ... : ...-1" } void test_mod_ternary2(int s, bool b1, bool b2) { diff --git a/cpp/ql/test/library-tests/ir/range-analysis/test.cpp b/cpp/ql/test/library-tests/ir/range-analysis/test.cpp index 682b74d2e78..95e6474124a 100644 --- a/cpp/ql/test/library-tests/ir/range-analysis/test.cpp +++ b/cpp/ql/test/library-tests/ir/range-analysis/test.cpp @@ -16,8 +16,8 @@ int sum = x + y; // $ overflow=+- } else { if (y > 300) { - range(x); // $ range=>=302 range=<=400 range=<=y+1 MISSING: range===y+1 - range(y); // $ range=>=301 range=<=399 range===x-1 + range(x); // $ range=>=302 range=<=400 range="<=InitializeParameter: y+1" MISSING: range===y+1 + range(y); // $ range=>=301 range=<=399 range="==InitializeParameter: x | Store: x-1" int sum = x + y; } } @@ -39,9 +39,9 @@ } if (y == x - 1 && y > 300 && y + 2 == z && z == 350) { // $ overflow=+ overflow=- - range(x); // $ range===349 range===y+1 range===z-1 - range(y); // $ range===348 range=>=x-1 range===z-2 MISSING: range===x-1 - range(z); // $ range===350 range=<=y+2 MISSING: range===x+1 range===y+2 + range(x); // $ range===349 range="==InitializeParameter: y+1" range="==InitializeParameter: z-1" + range(y); // $ range===348 range=">=InitializeParameter: x | Store: x-1" range="==InitializeParameter: z-2" MISSING: range===x-1 + range(z); // $ range===350 range="<=InitializeParameter: y+2" MISSING: range===x+1 range===y+2 return x + y + z; } } @@ -49,3 +49,24 @@ return 0; } + void* f3_get(int n); + + void f3() { + int n = 0; + while (f3_get(n)) n+=2; + + for (int i = 0; i < n; i += 2) { + range(i); // $ range=>=0 SPURIOUS: range="<=Phi: call to f3_get-1" range="<=Phi: call to f3_get-2" + } + } + +int f4(int x) { + for (int i = 0; i <= 100; i++) { + range(i); // $ range=<=100 range=>=0 + if(i == 100) { + range(i); // $ range===100 + } else { + range(i); // $ range=<=99 range=>=0 + } + } +} diff --git a/cpp/ql/test/library-tests/ir/sign-analysis/SignAnalysis.expected b/cpp/ql/test/library-tests/ir/sign-analysis/SignAnalysis.expected index e69de29bb2d..48de9172b36 100644 --- a/cpp/ql/test/library-tests/ir/sign-analysis/SignAnalysis.expected +++ b/cpp/ql/test/library-tests/ir/sign-analysis/SignAnalysis.expected @@ -0,0 +1,2 @@ +failures +testFailures diff --git a/cpp/ql/test/library-tests/ir/sign-analysis/SignAnalysis.ql b/cpp/ql/test/library-tests/ir/sign-analysis/SignAnalysis.ql index a3cfaa82ed4..fcc796577d1 100644 --- a/cpp/ql/test/library-tests/ir/sign-analysis/SignAnalysis.ql +++ b/cpp/ql/test/library-tests/ir/sign-analysis/SignAnalysis.ql @@ -11,12 +11,10 @@ import TestUtilities.InlineExpectationsTest module SignAnalysisInstantiated = SignAnalysis>; -class SignAnalysisTest extends InlineExpectationsTest { - SignAnalysisTest() { this = "SignAnalysisTest" } +module SignAnalysisTest implements TestSig { + string getARelevantTag() { result = "sign" } - override string getARelevantTag() { result = "sign" } - - override predicate hasActualResult(Location location, string element, string tag, string value) { + predicate hasActualResult(Location location, string element, string tag, string value) { exists(SemExpr e, IR::CallInstruction call | getSemanticExpr(call.getArgument(0)) = e and call.getStaticCallTarget().hasName("sign") and @@ -28,6 +26,8 @@ class SignAnalysisTest extends InlineExpectationsTest { } } +import MakeTest + private string getASignString(SemExpr e) { result = strictconcat(SignAnalysisInstantiated::semExprSign(e).toString(), "") } diff --git a/cpp/ql/test/library-tests/ir/types/irtypes.expected b/cpp/ql/test/library-tests/ir/types/irtypes.expected index e69de29bb2d..48de9172b36 100644 --- a/cpp/ql/test/library-tests/ir/types/irtypes.expected +++ b/cpp/ql/test/library-tests/ir/types/irtypes.expected @@ -0,0 +1,2 @@ +failures +testFailures diff --git a/cpp/ql/test/library-tests/ir/types/irtypes.ql b/cpp/ql/test/library-tests/ir/types/irtypes.ql index 56a7666458b..eb69111465b 100644 --- a/cpp/ql/test/library-tests/ir/types/irtypes.ql +++ b/cpp/ql/test/library-tests/ir/types/irtypes.ql @@ -2,12 +2,10 @@ private import cpp private import semmle.code.cpp.ir.implementation.raw.IR import TestUtilities.InlineExpectationsTest -class IRTypesTest extends InlineExpectationsTest { - IRTypesTest() { this = "IRTypesTest" } +module IRTypesTest implements TestSig { + string getARelevantTag() { result = "irtype" } - override string getARelevantTag() { result = "irtype" } - - override predicate hasActualResult(Location location, string element, string tag, string value) { + predicate hasActualResult(Location location, string element, string tag, string value) { exists(IRUserVariable irVar | location = irVar.getLocation() and element = irVar.toString() and @@ -16,3 +14,5 @@ class IRTypesTest extends InlineExpectationsTest { ) } } + +import MakeTest diff --git a/cpp/ql/test/library-tests/locations/constants/locations.ql b/cpp/ql/test/library-tests/locations/constants/locations.ql index 553a364d199..e6d512d2f94 100644 --- a/cpp/ql/test/library-tests/locations/constants/locations.ql +++ b/cpp/ql/test/library-tests/locations/constants/locations.ql @@ -6,7 +6,7 @@ import cpp */ class CStyleCastPlain extends CStyleCast { - override string toString() { result = "Conversion of " + getExpr().toString() } + override string toString() { result = "Conversion of " + this.getExpr().toString() } } from Expr e diff --git a/cpp/ql/test/library-tests/loops/loops.ql b/cpp/ql/test/library-tests/loops/loops.ql index b6d8f130586..bb68645d98c 100644 --- a/cpp/ql/test/library-tests/loops/loops.ql +++ b/cpp/ql/test/library-tests/loops/loops.ql @@ -1,7 +1,7 @@ import cpp class ExprStmt_ extends ExprStmt { - override string toString() { result = "ExprStmt: " + getExpr().toString() } + override string toString() { result = "ExprStmt: " + this.getExpr().toString() } } from Loop l, string s, Element e diff --git a/cpp/ql/test/library-tests/syntax-zoo/dataflow-ir-consistency.expected b/cpp/ql/test/library-tests/syntax-zoo/dataflow-ir-consistency.expected index 60aeccba797..eb1472ebfaa 100644 --- a/cpp/ql/test/library-tests/syntax-zoo/dataflow-ir-consistency.expected +++ b/cpp/ql/test/library-tests/syntax-zoo/dataflow-ir-consistency.expected @@ -54,1167 +54,3 @@ uniqueParameterNodeAtPosition uniqueParameterNodePosition uniqueContentApprox identityLocalStep -| VacuousDestructorCall.cpp:10:18:10:18 | i | Node steps to itself | -| abortingfunctions.cpp:20:9:20:9 | i | Node steps to itself | -| abortingfunctions.cpp:32:9:32:9 | i | Node steps to itself | -| aggregateinitializer.c:3:14:3:14 | a | Node steps to itself | -| aggregateinitializer.c:3:18:3:18 | b | Node steps to itself | -| aggregateinitializer.c:3:21:3:21 | c | Node steps to itself | -| aggregateinitializer.c:3:25:3:25 | d | Node steps to itself | -| allocators.cpp:3:34:3:34 | x | Node steps to itself | -| allocators.cpp:3:42:3:42 | y | Node steps to itself | -| allocators.cpp:4:18:4:20 | this | Node steps to itself | -| allocators.cpp:4:18:4:20 | this indirection | Node steps to itself | -| allocators.cpp:4:24:4:26 | this | Node steps to itself | -| assignexpr.cpp:11:8:11:8 | a | Node steps to itself | -| assignexpr.cpp:11:12:11:12 | b | Node steps to itself | -| bad_asts.cpp:10:22:10:22 | y | Node steps to itself | -| bad_asts.cpp:19:10:19:10 | (unnamed parameter 0) indirection | Node steps to itself | -| break_labels.c:4:9:4:9 | i | Node steps to itself | -| break_labels.c:5:9:5:14 | result | Node steps to itself | -| break_labels.c:6:16:6:16 | Phi | Node steps to itself | -| break_labels.c:6:16:6:16 | i | Node steps to itself | -| break_labels.c:13:12:13:17 | result | Node steps to itself | -| break_labels.c:20:16:20:16 | i | Node steps to itself | -| break_labels.c:20:24:20:24 | i | Node steps to itself | -| break_labels.c:21:13:21:13 | i | Node steps to itself | -| break_labels.c:24:13:24:13 | i | Node steps to itself | -| break_labels.c:27:9:27:9 | x | Node steps to itself | -| builtin.c:8:3:8:5 | acc | Node steps to itself | -| builtin.c:8:35:8:35 | x | Node steps to itself | -| builtin.c:8:40:8:40 | y | Node steps to itself | -| builtin.c:10:20:10:20 | x | Node steps to itself | -| builtin.c:12:3:12:5 | acc | Node steps to itself | -| builtin.c:15:54:15:56 | vec | Node steps to itself | -| builtin.c:18:33:18:35 | vec | Node steps to itself | -| builtin.c:20:3:20:5 | acc | Node steps to itself | -| builtin.c:20:33:20:33 | x | Node steps to itself | -| builtin.c:21:3:21:5 | acc | Node steps to itself | -| builtin.c:21:33:21:33 | x | Node steps to itself | -| builtin.c:21:38:21:38 | y | Node steps to itself | -| builtin.c:22:3:22:5 | acc | Node steps to itself | -| builtin.c:22:34:22:34 | x | Node steps to itself | -| builtin.c:22:39:22:39 | y | Node steps to itself | -| builtin.c:24:7:24:7 | y | Node steps to itself | -| builtin.c:28:31:28:33 | acc | Node steps to itself | -| builtin.c:29:12:29:14 | acc | Node steps to itself | -| builtin.c:34:3:34:5 | acc | Node steps to itself | -| builtin.c:34:34:34:34 | x | Node steps to itself | -| builtin.c:39:25:39:25 | x | Node steps to itself | -| builtin.c:43:26:43:26 | x | Node steps to itself | -| builtin.c:45:3:45:5 | acc | Node steps to itself | -| builtin.c:48:2:48:4 | acc | Node steps to itself | -| builtin.c:51:3:51:5 | acc | Node steps to itself | -| builtin.c:51:41:51:41 | x | Node steps to itself | -| builtin.c:51:43:51:43 | y | Node steps to itself | -| builtin.c:54:3:54:5 | acc | Node steps to itself | -| builtin.c:56:10:56:12 | acc | Node steps to itself | -| builtin.cpp:14:40:14:40 | x | Node steps to itself | -| builtin.cpp:14:44:14:44 | y | Node steps to itself | -| builtin.cpp:15:31:15:35 | * ... | Node steps to itself | -| builtin.cpp:15:31:15:35 | * ... indirection | Node steps to itself | -| builtin.cpp:15:31:15:35 | * ... indirection | Node steps to itself | -| condition_decl_int.cpp:3:9:3:21 | Phi | Node steps to itself | -| condition_decl_int.cpp:3:9:3:21 | Phi | Node steps to itself | -| condition_decl_int.cpp:3:9:3:21 | Phi | Node steps to itself | -| condition_decl_int.cpp:3:13:3:13 | k | Node steps to itself | -| condition_decl_int.cpp:3:17:3:17 | j | Node steps to itself | -| condition_decls.cpp:3:5:3:9 | this | Node steps to itself | -| condition_decls.cpp:3:5:3:9 | this indirection | Node steps to itself | -| condition_decls.cpp:3:21:3:21 | x | Node steps to itself | -| condition_decls.cpp:6:12:6:16 | this | Node steps to itself | -| condition_decls.cpp:6:12:6:16 | this indirection | Node steps to itself | -| condition_decls.cpp:9:13:9:17 | this | Node steps to itself | -| condition_decls.cpp:9:13:9:17 | this indirection | Node steps to itself | -| condition_decls.cpp:16:20:16:20 | x | Node steps to itself | -| condition_decls.cpp:26:24:26:24 | x | Node steps to itself | -| condition_decls.cpp:41:23:41:23 | x | Node steps to itself | -| condition_decls.cpp:48:24:48:24 | x | Node steps to itself | -| condition_decls.cpp:48:36:48:36 | x | Node steps to itself | -| condition_decls.cpp:48:53:48:53 | x | Node steps to itself | -| conditional_destructors.cpp:6:13:6:15 | this | Node steps to itself | -| conditional_destructors.cpp:6:13:6:15 | this indirection | Node steps to itself | -| conditional_destructors.cpp:6:19:6:19 | x | Node steps to itself | -| conditional_destructors.cpp:10:16:10:18 | this | Node steps to itself | -| conditional_destructors.cpp:10:16:10:18 | this indirection | Node steps to itself | -| conditional_destructors.cpp:10:23:10:27 | other indirection | Node steps to itself | -| conditional_destructors.cpp:18:13:18:15 | this | Node steps to itself | -| conditional_destructors.cpp:18:13:18:15 | this indirection | Node steps to itself | -| conditional_destructors.cpp:18:19:18:19 | x | Node steps to itself | -| conditional_destructors.cpp:25:16:25:18 | this | Node steps to itself | -| conditional_destructors.cpp:25:16:25:18 | this indirection | Node steps to itself | -| conditional_destructors.cpp:25:23:25:27 | other indirection | Node steps to itself | -| conditional_destructors.cpp:30:18:30:22 | call to C1 indirection | Node steps to itself | -| conditional_destructors.cpp:33:18:33:22 | call to C1 indirection | Node steps to itself | -| conditional_destructors.cpp:39:18:39:22 | call to C2 indirection | Node steps to itself | -| conditional_destructors.cpp:42:18:42:22 | call to C2 indirection | Node steps to itself | -| constmemberaccess.cpp:11:6:11:6 | c | Node steps to itself | -| constmemberaccess.cpp:11:6:11:6 | c indirection | Node steps to itself | -| constructorinitializer.cpp:10:6:10:6 | i | Node steps to itself | -| constructorinitializer.cpp:10:10:10:10 | j | Node steps to itself | -| constructorinitializer.cpp:10:13:10:13 | k | Node steps to itself | -| constructorinitializer.cpp:10:17:10:17 | l | Node steps to itself | -| cpp11.cpp:28:21:28:21 | (__range) indirection | Node steps to itself | -| cpp11.cpp:29:14:29:15 | el | Node steps to itself | -| cpp11.cpp:56:19:56:28 | global_int | Node steps to itself | -| cpp11.cpp:65:19:65:45 | [...](...){...} | Node steps to itself | -| cpp11.cpp:65:19:65:45 | x | Node steps to itself | -| cpp11.cpp:65:20:65:20 | (unnamed parameter 0) indirection | Node steps to itself | -| cpp11.cpp:77:19:77:21 | call to Val | Node steps to itself | -| cpp11.cpp:82:11:82:14 | call to Val | Node steps to itself | -| cpp11.cpp:82:17:82:17 | (unnamed parameter 0) indirection | Node steps to itself | -| cpp11.cpp:82:17:82:55 | [...](...){...} | Node steps to itself | -| cpp11.cpp:82:17:82:55 | binaryFunction | Node steps to itself | -| cpp11.cpp:82:30:82:52 | this | Node steps to itself | -| cpp11.cpp:82:45:82:48 | call to Val | Node steps to itself | -| cpp11.cpp:82:45:82:48 | this | Node steps to itself | -| cpp11.cpp:82:45:82:48 | this indirection | Node steps to itself | -| cpp11.cpp:82:51:82:51 | call to Val | Node steps to itself | -| cpp11.cpp:88:25:88:30 | call to Val | Node steps to itself | -| cpp11.cpp:88:33:88:38 | call to Val | Node steps to itself | -| cpp11.cpp:118:12:118:12 | Phi | Node steps to itself | -| cpp11.cpp:118:12:118:12 | Phi | Node steps to itself | -| cpp11.cpp:118:12:118:12 | x | Node steps to itself | -| cpp11.cpp:120:11:120:11 | x | Node steps to itself | -| cpp11.cpp:122:18:122:18 | x | Node steps to itself | -| cpp11.cpp:124:18:124:18 | x | Node steps to itself | -| cpp11.cpp:126:18:126:18 | x | Node steps to itself | -| cpp11.cpp:128:18:128:18 | x | Node steps to itself | -| cpp11.cpp:144:11:144:11 | x | Node steps to itself | -| cpp11.cpp:145:13:145:13 | x | Node steps to itself | -| cpp11.cpp:147:15:147:15 | x | Node steps to itself | -| cpp11.cpp:154:15:154:15 | x | Node steps to itself | -| cpp11.cpp:168:9:168:9 | x | Node steps to itself | -| cpp17.cpp:15:5:15:45 | new indirection | Node steps to itself | -| cpp17.cpp:15:11:15:21 | ptr indirection | Node steps to itself | -| cpp17.cpp:15:38:15:41 | (unnamed parameter 2) | Node steps to itself | -| cpp17.cpp:15:38:15:41 | args | Node steps to itself | -| cpp17.cpp:19:10:19:10 | p | Node steps to itself | -| cpp17.cpp:19:10:19:10 | p indirection | Node steps to itself | -| cpp17.cpp:19:13:19:13 | 1 indirection | Node steps to itself | -| cpp17.cpp:19:16:19:16 | 2 indirection | Node steps to itself | -| destructors.cpp:51:22:51:22 | x | Node steps to itself | -| dostmt.c:35:7:35:7 | Phi | Node steps to itself | -| dostmt.c:35:7:35:7 | i | Node steps to itself | -| dostmt.c:36:11:36:11 | i | Node steps to itself | -| duff2.c:3:14:3:14 | i | Node steps to itself | -| duff2.c:4:13:4:13 | i | Node steps to itself | -| duff2.c:13:16:13:16 | n | Node steps to itself | -| duff2.c:17:14:17:14 | i | Node steps to itself | -| duff2.c:18:13:18:13 | i | Node steps to itself | -| duff2.c:21:16:21:16 | n | Node steps to itself | -| duff.c:3:14:3:14 | i | Node steps to itself | -| duff.c:4:13:4:13 | i | Node steps to itself | -| duff.c:13:24:13:24 | n | Node steps to itself | -| ellipsisexceptionhandler.cpp:16:7:16:15 | condition | Node steps to itself | -| fieldaccess.cpp:11:6:11:6 | c | Node steps to itself | -| fieldaccess.cpp:11:6:11:6 | c indirection | Node steps to itself | -| file://:0:0:0:0 | (__begin) | Node steps to itself | -| file://:0:0:0:0 | (__begin) | Node steps to itself | -| file://:0:0:0:0 | (__begin) | Node steps to itself | -| file://:0:0:0:0 | (__begin) | Node steps to itself | -| file://:0:0:0:0 | (__end) | Node steps to itself | -| file://:0:0:0:0 | (__end) | Node steps to itself | -| file://:0:0:0:0 | (unnamed parameter 0) indirection | Node steps to itself | -| file://:0:0:0:0 | (unnamed parameter 0) indirection | Node steps to itself | -| file://:0:0:0:0 | (unnamed parameter 0) indirection | Node steps to itself | -| file://:0:0:0:0 | Phi | Node steps to itself | -| file://:0:0:0:0 | Phi | Node steps to itself | -| file://:0:0:0:0 | Phi | Node steps to itself | -| file://:0:0:0:0 | Phi | Node steps to itself | -| file://:0:0:0:0 | Phi | Node steps to itself | -| file://:0:0:0:0 | Phi | Node steps to itself | -| file://:0:0:0:0 | Phi | Node steps to itself | -| file://:0:0:0:0 | Phi | Node steps to itself | -| file://:0:0:0:0 | Phi | Node steps to itself | -| file://:0:0:0:0 | call to C | Node steps to itself | -| file://:0:0:0:0 | this | Node steps to itself | -| file://:0:0:0:0 | this indirection | Node steps to itself | -| forstmt.cpp:2:21:2:21 | Phi | Node steps to itself | -| forstmt.cpp:2:21:2:21 | i | Node steps to itself | -| forstmt.cpp:2:29:2:29 | i | Node steps to itself | -| forstmt.cpp:14:21:14:24 | Phi | Node steps to itself | -| forstmt.cpp:14:27:14:27 | i | Node steps to itself | -| forstmt.cpp:19:21:19:21 | Phi | Node steps to itself | -| forstmt.cpp:19:21:19:21 | i | Node steps to itself | -| forstmt.cpp:19:28:19:28 | i | Node steps to itself | -| ifelsestmt.c:38:6:38:6 | x | Node steps to itself | -| ifelsestmt.c:38:11:38:11 | y | Node steps to itself | -| ifstmt.c:28:6:28:6 | x | Node steps to itself | -| ifstmt.c:28:11:28:11 | y | Node steps to itself | -| initializer.c:3:10:3:10 | a | Node steps to itself | -| initializer.c:3:14:3:14 | b | Node steps to itself | -| ir.cpp:46:9:46:9 | x | Node steps to itself | -| ir.cpp:47:9:47:9 | x | Node steps to itself | -| ir.cpp:53:9:53:9 | x | Node steps to itself | -| ir.cpp:53:13:53:13 | y | Node steps to itself | -| ir.cpp:54:9:54:9 | x | Node steps to itself | -| ir.cpp:54:13:54:13 | y | Node steps to itself | -| ir.cpp:55:9:55:9 | x | Node steps to itself | -| ir.cpp:55:13:55:13 | y | Node steps to itself | -| ir.cpp:56:9:56:9 | x | Node steps to itself | -| ir.cpp:56:13:56:13 | y | Node steps to itself | -| ir.cpp:57:9:57:9 | x | Node steps to itself | -| ir.cpp:57:13:57:13 | y | Node steps to itself | -| ir.cpp:59:9:59:9 | x | Node steps to itself | -| ir.cpp:59:13:59:13 | y | Node steps to itself | -| ir.cpp:60:9:60:9 | x | Node steps to itself | -| ir.cpp:60:13:60:13 | y | Node steps to itself | -| ir.cpp:61:9:61:9 | x | Node steps to itself | -| ir.cpp:61:13:61:13 | y | Node steps to itself | -| ir.cpp:63:9:63:9 | x | Node steps to itself | -| ir.cpp:63:14:63:14 | y | Node steps to itself | -| ir.cpp:64:9:64:9 | x | Node steps to itself | -| ir.cpp:64:14:64:14 | y | Node steps to itself | -| ir.cpp:66:9:66:9 | x | Node steps to itself | -| ir.cpp:68:5:68:5 | z | Node steps to itself | -| ir.cpp:68:10:68:10 | x | Node steps to itself | -| ir.cpp:69:5:69:5 | z | Node steps to itself | -| ir.cpp:69:10:69:10 | x | Node steps to itself | -| ir.cpp:70:5:70:5 | z | Node steps to itself | -| ir.cpp:70:10:70:10 | x | Node steps to itself | -| ir.cpp:71:5:71:5 | z | Node steps to itself | -| ir.cpp:71:10:71:10 | x | Node steps to itself | -| ir.cpp:72:5:72:5 | z | Node steps to itself | -| ir.cpp:72:10:72:10 | x | Node steps to itself | -| ir.cpp:74:5:74:5 | z | Node steps to itself | -| ir.cpp:74:10:74:10 | x | Node steps to itself | -| ir.cpp:75:5:75:5 | z | Node steps to itself | -| ir.cpp:75:10:75:10 | x | Node steps to itself | -| ir.cpp:76:5:76:5 | z | Node steps to itself | -| ir.cpp:76:10:76:10 | x | Node steps to itself | -| ir.cpp:78:5:78:5 | z | Node steps to itself | -| ir.cpp:78:11:78:11 | x | Node steps to itself | -| ir.cpp:79:5:79:5 | z | Node steps to itself | -| ir.cpp:79:11:79:11 | x | Node steps to itself | -| ir.cpp:82:10:82:10 | x | Node steps to itself | -| ir.cpp:83:10:83:10 | x | Node steps to itself | -| ir.cpp:84:10:84:10 | x | Node steps to itself | -| ir.cpp:90:9:90:9 | x | Node steps to itself | -| ir.cpp:90:14:90:14 | y | Node steps to itself | -| ir.cpp:91:9:91:9 | x | Node steps to itself | -| ir.cpp:91:14:91:14 | y | Node steps to itself | -| ir.cpp:92:9:92:9 | x | Node steps to itself | -| ir.cpp:92:13:92:13 | y | Node steps to itself | -| ir.cpp:93:9:93:9 | x | Node steps to itself | -| ir.cpp:93:13:93:13 | y | Node steps to itself | -| ir.cpp:94:9:94:9 | x | Node steps to itself | -| ir.cpp:94:14:94:14 | y | Node steps to itself | -| ir.cpp:95:9:95:9 | x | Node steps to itself | -| ir.cpp:95:14:95:14 | y | Node steps to itself | -| ir.cpp:101:11:101:11 | x | Node steps to itself | -| ir.cpp:102:11:102:11 | x | Node steps to itself | -| ir.cpp:110:13:110:13 | x | Node steps to itself | -| ir.cpp:111:13:111:13 | x | Node steps to itself | -| ir.cpp:117:9:117:9 | x | Node steps to itself | -| ir.cpp:117:13:117:13 | y | Node steps to itself | -| ir.cpp:118:9:118:9 | x | Node steps to itself | -| ir.cpp:118:13:118:13 | y | Node steps to itself | -| ir.cpp:119:9:119:9 | x | Node steps to itself | -| ir.cpp:119:13:119:13 | y | Node steps to itself | -| ir.cpp:120:9:120:9 | x | Node steps to itself | -| ir.cpp:120:13:120:13 | y | Node steps to itself | -| ir.cpp:122:9:122:9 | x | Node steps to itself | -| ir.cpp:124:5:124:5 | z | Node steps to itself | -| ir.cpp:124:10:124:10 | x | Node steps to itself | -| ir.cpp:125:5:125:5 | z | Node steps to itself | -| ir.cpp:125:10:125:10 | x | Node steps to itself | -| ir.cpp:126:5:126:5 | z | Node steps to itself | -| ir.cpp:126:10:126:10 | x | Node steps to itself | -| ir.cpp:127:5:127:5 | z | Node steps to itself | -| ir.cpp:127:10:127:10 | x | Node steps to itself | -| ir.cpp:130:10:130:10 | x | Node steps to itself | -| ir.cpp:136:9:136:9 | x | Node steps to itself | -| ir.cpp:136:14:136:14 | y | Node steps to itself | -| ir.cpp:137:9:137:9 | x | Node steps to itself | -| ir.cpp:137:14:137:14 | y | Node steps to itself | -| ir.cpp:138:9:138:9 | x | Node steps to itself | -| ir.cpp:138:13:138:13 | y | Node steps to itself | -| ir.cpp:139:9:139:9 | x | Node steps to itself | -| ir.cpp:139:13:139:13 | y | Node steps to itself | -| ir.cpp:140:9:140:9 | x | Node steps to itself | -| ir.cpp:140:14:140:14 | y | Node steps to itself | -| ir.cpp:141:9:141:9 | x | Node steps to itself | -| ir.cpp:141:14:141:14 | y | Node steps to itself | -| ir.cpp:147:11:147:11 | x | Node steps to itself | -| ir.cpp:148:11:148:11 | x | Node steps to itself | -| ir.cpp:157:9:157:9 | p | Node steps to itself | -| ir.cpp:157:13:157:13 | i | Node steps to itself | -| ir.cpp:158:9:158:9 | i | Node steps to itself | -| ir.cpp:158:13:158:13 | p | Node steps to itself | -| ir.cpp:159:9:159:9 | p | Node steps to itself | -| ir.cpp:159:13:159:13 | i | Node steps to itself | -| ir.cpp:160:9:160:9 | p | Node steps to itself | -| ir.cpp:160:13:160:13 | q | Node steps to itself | -| ir.cpp:162:9:162:9 | p | Node steps to itself | -| ir.cpp:164:5:164:5 | q | Node steps to itself | -| ir.cpp:164:10:164:10 | i | Node steps to itself | -| ir.cpp:165:5:165:5 | q | Node steps to itself | -| ir.cpp:165:10:165:10 | i | Node steps to itself | -| ir.cpp:167:9:167:9 | p | Node steps to itself | -| ir.cpp:168:10:168:10 | p | Node steps to itself | -| ir.cpp:174:9:174:9 | p | Node steps to itself | -| ir.cpp:174:11:174:11 | i | Node steps to itself | -| ir.cpp:175:9:175:9 | i | Node steps to itself | -| ir.cpp:175:11:175:11 | p | Node steps to itself | -| ir.cpp:177:5:177:5 | p | Node steps to itself | -| ir.cpp:177:7:177:7 | i | Node steps to itself | -| ir.cpp:177:12:177:12 | x | Node steps to itself | -| ir.cpp:178:5:178:5 | i | Node steps to itself | -| ir.cpp:178:7:178:7 | p | Node steps to itself | -| ir.cpp:178:12:178:12 | x | Node steps to itself | -| ir.cpp:181:11:181:11 | i | Node steps to itself | -| ir.cpp:182:9:182:9 | i | Node steps to itself | -| ir.cpp:183:7:183:7 | i | Node steps to itself | -| ir.cpp:183:12:183:12 | x | Node steps to itself | -| ir.cpp:184:5:184:5 | i | Node steps to itself | -| ir.cpp:184:12:184:12 | x | Node steps to itself | -| ir.cpp:188:20:188:20 | i | Node steps to itself | -| ir.cpp:190:18:190:20 | pwc | Node steps to itself | -| ir.cpp:190:22:190:22 | i | Node steps to itself | -| ir.cpp:196:9:196:9 | p | Node steps to itself | -| ir.cpp:196:14:196:14 | q | Node steps to itself | -| ir.cpp:197:9:197:9 | p | Node steps to itself | -| ir.cpp:197:14:197:14 | q | Node steps to itself | -| ir.cpp:198:9:198:9 | p | Node steps to itself | -| ir.cpp:198:13:198:13 | q | Node steps to itself | -| ir.cpp:199:9:199:9 | p | Node steps to itself | -| ir.cpp:199:13:199:13 | q | Node steps to itself | -| ir.cpp:200:9:200:9 | p | Node steps to itself | -| ir.cpp:200:14:200:14 | q | Node steps to itself | -| ir.cpp:201:9:201:9 | p | Node steps to itself | -| ir.cpp:201:14:201:14 | q | Node steps to itself | -| ir.cpp:207:11:207:11 | p | Node steps to itself | -| ir.cpp:208:11:208:11 | p | Node steps to itself | -| ir.cpp:216:5:216:5 | x | Node steps to itself | -| ir.cpp:220:10:220:10 | x | Node steps to itself | -| ir.cpp:223:5:223:5 | y | Node steps to itself | -| ir.cpp:232:13:232:13 | x | Node steps to itself | -| ir.cpp:236:12:236:12 | x | Node steps to itself | -| ir.cpp:236:16:236:16 | y | Node steps to itself | -| ir.cpp:240:9:240:9 | b | Node steps to itself | -| ir.cpp:243:9:243:9 | b | Node steps to itself | -| ir.cpp:244:13:244:13 | y | Node steps to itself | -| ir.cpp:247:9:247:9 | x | Node steps to itself | -| ir.cpp:254:12:254:12 | Phi | Node steps to itself | -| ir.cpp:254:12:254:12 | n | Node steps to itself | -| ir.cpp:255:9:255:9 | n | Node steps to itself | -| ir.cpp:261:9:261:9 | n | Node steps to itself | -| ir.cpp:261:14:261:14 | Phi | Node steps to itself | -| ir.cpp:262:14:262:14 | n | Node steps to itself | -| ir.cpp:280:12:280:12 | Phi | Node steps to itself | -| ir.cpp:280:12:280:12 | Phi | Node steps to itself | -| ir.cpp:280:12:280:12 | i | Node steps to itself | -| ir.cpp:287:13:287:13 | i | Node steps to itself | -| ir.cpp:288:9:288:9 | Phi | Node steps to itself | -| ir.cpp:293:21:293:21 | Phi | Node steps to itself | -| ir.cpp:293:21:293:21 | Phi | Node steps to itself | -| ir.cpp:293:21:293:21 | i | Node steps to itself | -| ir.cpp:299:22:299:22 | i | Node steps to itself | -| ir.cpp:300:9:300:9 | Phi | Node steps to itself | -| ir.cpp:306:12:306:12 | Phi | Node steps to itself | -| ir.cpp:306:12:306:12 | i | Node steps to itself | -| ir.cpp:306:20:306:20 | i | Node steps to itself | -| ir.cpp:312:21:312:21 | Phi | Node steps to itself | -| ir.cpp:312:21:312:21 | i | Node steps to itself | -| ir.cpp:312:29:312:29 | i | Node steps to itself | -| ir.cpp:318:21:318:21 | Phi | Node steps to itself | -| ir.cpp:318:21:318:21 | i | Node steps to itself | -| ir.cpp:318:29:318:29 | i | Node steps to itself | -| ir.cpp:319:13:319:13 | i | Node steps to itself | -| ir.cpp:326:21:326:21 | Phi | Node steps to itself | -| ir.cpp:326:21:326:21 | i | Node steps to itself | -| ir.cpp:326:29:326:29 | i | Node steps to itself | -| ir.cpp:327:13:327:13 | i | Node steps to itself | -| ir.cpp:334:21:334:21 | Phi | Node steps to itself | -| ir.cpp:334:21:334:21 | Phi | Node steps to itself | -| ir.cpp:334:21:334:21 | i | Node steps to itself | -| ir.cpp:335:13:335:13 | i | Node steps to itself | -| ir.cpp:343:13:343:13 | p | Node steps to itself | -| ir.cpp:353:12:353:12 | Phi | Node steps to itself | -| ir.cpp:353:12:353:12 | n | Node steps to itself | -| ir.cpp:354:13:354:13 | n | Node steps to itself | -| ir.cpp:356:9:356:9 | n | Node steps to itself | -| ir.cpp:362:13:362:13 | n | Node steps to itself | -| ir.cpp:365:9:365:9 | n | Node steps to itself | -| ir.cpp:366:14:366:14 | n | Node steps to itself | -| ir.cpp:377:16:377:16 | x | Node steps to itself | -| ir.cpp:377:19:377:19 | y | Node steps to itself | -| ir.cpp:381:32:381:32 | x | Node steps to itself | -| ir.cpp:381:35:381:35 | y | Node steps to itself | -| ir.cpp:386:13:386:13 | x | Node steps to itself | -| ir.cpp:423:12:423:13 | pt | Node steps to itself | -| ir.cpp:435:9:435:9 | a | Node steps to itself | -| ir.cpp:435:14:435:14 | b | Node steps to itself | -| ir.cpp:439:9:439:9 | a | Node steps to itself | -| ir.cpp:439:14:439:14 | b | Node steps to itself | -| ir.cpp:449:9:449:9 | a | Node steps to itself | -| ir.cpp:449:14:449:14 | b | Node steps to itself | -| ir.cpp:453:9:453:9 | a | Node steps to itself | -| ir.cpp:453:14:453:14 | b | Node steps to itself | -| ir.cpp:463:10:463:10 | a | Node steps to itself | -| ir.cpp:467:11:467:11 | a | Node steps to itself | -| ir.cpp:467:16:467:16 | b | Node steps to itself | -| ir.cpp:477:9:477:9 | a | Node steps to itself | -| ir.cpp:477:9:477:14 | ... && ... | Node steps to itself | -| ir.cpp:477:14:477:14 | b | Node steps to itself | -| ir.cpp:478:9:478:9 | a | Node steps to itself | -| ir.cpp:478:9:478:14 | ... \|\| ... | Node steps to itself | -| ir.cpp:478:14:478:14 | b | Node steps to itself | -| ir.cpp:479:11:479:11 | a | Node steps to itself | -| ir.cpp:479:11:479:16 | ... \|\| ... | Node steps to itself | -| ir.cpp:479:16:479:16 | b | Node steps to itself | -| ir.cpp:483:13:483:13 | a | Node steps to itself | -| ir.cpp:483:13:483:21 | ... ? ... : ... | Node steps to itself | -| ir.cpp:483:17:483:17 | x | Node steps to itself | -| ir.cpp:483:21:483:21 | y | Node steps to itself | -| ir.cpp:489:6:489:6 | a | Node steps to itself | -| ir.cpp:493:5:493:5 | a | Node steps to itself | -| ir.cpp:504:19:504:19 | x | Node steps to itself | -| ir.cpp:505:19:505:19 | x | Node steps to itself | -| ir.cpp:514:19:514:19 | x | Node steps to itself | -| ir.cpp:515:19:515:19 | x | Node steps to itself | -| ir.cpp:515:29:515:29 | x | Node steps to itself | -| ir.cpp:516:19:516:19 | x | Node steps to itself | -| ir.cpp:516:26:516:26 | x | Node steps to itself | -| ir.cpp:521:19:521:19 | x | Node steps to itself | -| ir.cpp:522:19:522:19 | x | Node steps to itself | -| ir.cpp:536:9:536:9 | x | Node steps to itself | -| ir.cpp:536:13:536:13 | y | Node steps to itself | -| ir.cpp:540:9:540:9 | x | Node steps to itself | -| ir.cpp:544:9:544:9 | x | Node steps to itself | -| ir.cpp:544:13:544:13 | y | Node steps to itself | -| ir.cpp:545:16:545:16 | x | Node steps to itself | -| ir.cpp:548:12:548:12 | x | Node steps to itself | -| ir.cpp:548:16:548:16 | y | Node steps to itself | -| ir.cpp:552:12:552:14 | pfn | Node steps to itself | -| ir.cpp:623:5:623:5 | r indirection | Node steps to itself | -| ir.cpp:624:5:624:5 | p indirection | Node steps to itself | -| ir.cpp:632:16:632:16 | x | Node steps to itself | -| ir.cpp:636:16:636:16 | x | Node steps to itself | -| ir.cpp:640:16:640:16 | x | Node steps to itself | -| ir.cpp:644:9:644:12 | this | Node steps to itself | -| ir.cpp:646:9:646:11 | this | Node steps to itself | -| ir.cpp:648:13:648:16 | this | Node steps to itself | -| ir.cpp:650:13:650:15 | this | Node steps to itself | -| ir.cpp:650:13:650:15 | this indirection | Node steps to itself | -| ir.cpp:654:9:654:12 | this | Node steps to itself | -| ir.cpp:656:9:656:30 | this | Node steps to itself | -| ir.cpp:656:9:656:30 | this indirection | Node steps to itself | -| ir.cpp:678:12:678:12 | r | Node steps to itself | -| ir.cpp:707:10:707:24 | ... ? ... : ... | Node steps to itself | -| ir.cpp:707:11:707:11 | x | Node steps to itself | -| ir.cpp:707:15:707:15 | y | Node steps to itself | -| ir.cpp:707:20:707:20 | x | Node steps to itself | -| ir.cpp:707:24:707:24 | y | Node steps to itself | -| ir.cpp:711:14:711:14 | x | Node steps to itself | -| ir.cpp:711:17:711:17 | y | Node steps to itself | -| ir.cpp:718:12:718:14 | 0 | Node steps to itself | -| ir.cpp:729:9:729:9 | b | Node steps to itself | -| ir.cpp:732:14:732:14 | x | Node steps to itself | -| ir.cpp:738:18:738:18 | s | Node steps to itself | -| ir.cpp:747:8:747:8 | this | Node steps to itself | -| ir.cpp:756:8:756:8 | this | Node steps to itself | -| ir.cpp:762:3:762:3 | call to ~Base indirection | Node steps to itself | -| ir.cpp:765:8:765:8 | this | Node steps to itself | -| ir.cpp:771:3:771:3 | call to ~Middle indirection | Node steps to itself | -| ir.cpp:780:3:780:3 | call to ~Base indirection | Node steps to itself | -| ir.cpp:789:3:789:3 | call to ~Base indirection | Node steps to itself | -| ir.cpp:798:3:798:3 | call to ~Base indirection | Node steps to itself | -| ir.cpp:811:7:811:13 | call to Base indirection | Node steps to itself | -| ir.cpp:812:7:812:26 | call to Base indirection | Node steps to itself | -| ir.cpp:825:7:825:13 | call to Base indirection | Node steps to itself | -| ir.cpp:826:7:826:26 | call to Base indirection | Node steps to itself | -| ir.cpp:865:34:865:35 | pb | Node steps to itself | -| ir.cpp:866:47:866:48 | pd | Node steps to itself | -| ir.cpp:908:11:908:24 | ... ? ... : ... | Node steps to itself | -| ir.cpp:908:20:908:20 | x | Node steps to itself | -| ir.cpp:946:3:946:14 | new indirection | Node steps to itself | -| ir.cpp:947:3:947:27 | new indirection | Node steps to itself | -| landexpr.c:3:6:3:6 | a | Node steps to itself | -| landexpr.c:3:11:3:11 | b | Node steps to itself | -| lorexpr.c:3:6:3:6 | a | Node steps to itself | -| lorexpr.c:3:11:3:11 | b | Node steps to itself | -| ltrbinopexpr.c:5:5:5:5 | i | Node steps to itself | -| ltrbinopexpr.c:5:9:5:9 | j | Node steps to itself | -| ltrbinopexpr.c:6:5:6:5 | i | Node steps to itself | -| ltrbinopexpr.c:6:9:6:9 | j | Node steps to itself | -| ltrbinopexpr.c:7:5:7:5 | i | Node steps to itself | -| ltrbinopexpr.c:7:9:7:9 | j | Node steps to itself | -| ltrbinopexpr.c:8:5:8:5 | i | Node steps to itself | -| ltrbinopexpr.c:8:9:8:9 | j | Node steps to itself | -| ltrbinopexpr.c:9:5:9:5 | i | Node steps to itself | -| ltrbinopexpr.c:9:9:9:9 | j | Node steps to itself | -| ltrbinopexpr.c:11:5:11:5 | p | Node steps to itself | -| ltrbinopexpr.c:11:9:11:9 | i | Node steps to itself | -| ltrbinopexpr.c:12:5:12:5 | p | Node steps to itself | -| ltrbinopexpr.c:12:9:12:9 | i | Node steps to itself | -| ltrbinopexpr.c:15:5:15:5 | i | Node steps to itself | -| ltrbinopexpr.c:15:10:15:10 | j | Node steps to itself | -| ltrbinopexpr.c:16:5:16:5 | i | Node steps to itself | -| ltrbinopexpr.c:16:10:16:10 | j | Node steps to itself | -| ltrbinopexpr.c:18:5:18:5 | i | Node steps to itself | -| ltrbinopexpr.c:18:9:18:9 | j | Node steps to itself | -| ltrbinopexpr.c:19:5:19:5 | i | Node steps to itself | -| ltrbinopexpr.c:19:9:19:9 | j | Node steps to itself | -| ltrbinopexpr.c:20:5:20:5 | i | Node steps to itself | -| ltrbinopexpr.c:20:9:20:9 | j | Node steps to itself | -| ltrbinopexpr.c:21:5:21:5 | i | Node steps to itself | -| ltrbinopexpr.c:21:10:21:10 | j | Node steps to itself | -| ltrbinopexpr.c:22:5:22:5 | i | Node steps to itself | -| ltrbinopexpr.c:22:10:22:10 | j | Node steps to itself | -| ltrbinopexpr.c:23:5:23:5 | i | Node steps to itself | -| ltrbinopexpr.c:23:9:23:9 | j | Node steps to itself | -| ltrbinopexpr.c:24:5:24:5 | i | Node steps to itself | -| ltrbinopexpr.c:24:9:24:9 | j | Node steps to itself | -| ltrbinopexpr.c:25:5:25:5 | i | Node steps to itself | -| ltrbinopexpr.c:25:10:25:10 | j | Node steps to itself | -| ltrbinopexpr.c:26:5:26:5 | i | Node steps to itself | -| ltrbinopexpr.c:26:10:26:10 | j | Node steps to itself | -| ltrbinopexpr.c:28:5:28:5 | i | Node steps to itself | -| ltrbinopexpr.c:28:10:28:10 | j | Node steps to itself | -| ltrbinopexpr.c:29:5:29:5 | i | Node steps to itself | -| ltrbinopexpr.c:29:10:29:10 | j | Node steps to itself | -| ltrbinopexpr.c:30:5:30:5 | i | Node steps to itself | -| ltrbinopexpr.c:30:10:30:10 | j | Node steps to itself | -| ltrbinopexpr.c:31:5:31:5 | i | Node steps to itself | -| ltrbinopexpr.c:31:10:31:10 | j | Node steps to itself | -| ltrbinopexpr.c:32:5:32:5 | i | Node steps to itself | -| ltrbinopexpr.c:32:10:32:10 | j | Node steps to itself | -| ltrbinopexpr.c:33:5:33:5 | i | Node steps to itself | -| ltrbinopexpr.c:33:11:33:11 | j | Node steps to itself | -| ltrbinopexpr.c:34:5:34:5 | i | Node steps to itself | -| ltrbinopexpr.c:34:11:34:11 | j | Node steps to itself | -| ltrbinopexpr.c:35:5:35:5 | i | Node steps to itself | -| ltrbinopexpr.c:35:10:35:10 | j | Node steps to itself | -| ltrbinopexpr.c:36:5:36:5 | i | Node steps to itself | -| ltrbinopexpr.c:36:10:36:10 | j | Node steps to itself | -| ltrbinopexpr.c:37:5:37:5 | i | Node steps to itself | -| ltrbinopexpr.c:37:10:37:10 | j | Node steps to itself | -| ltrbinopexpr.c:39:5:39:5 | p | Node steps to itself | -| ltrbinopexpr.c:39:10:39:10 | i | Node steps to itself | -| ltrbinopexpr.c:40:5:40:5 | p | Node steps to itself | -| ltrbinopexpr.c:40:10:40:10 | i | Node steps to itself | -| membercallexpr.cpp:10:2:10:2 | c | Node steps to itself | -| membercallexpr.cpp:10:2:10:2 | c indirection | Node steps to itself | -| membercallexpr_args.cpp:12:2:12:2 | c | Node steps to itself | -| membercallexpr_args.cpp:12:2:12:2 | c indirection | Node steps to itself | -| membercallexpr_args.cpp:12:10:12:10 | i | Node steps to itself | -| membercallexpr_args.cpp:12:14:12:14 | j | Node steps to itself | -| membercallexpr_args.cpp:12:17:12:17 | k | Node steps to itself | -| membercallexpr_args.cpp:12:21:12:21 | l | Node steps to itself | -| misc.c:20:7:20:7 | i | Node steps to itself | -| misc.c:21:5:21:5 | i | Node steps to itself | -| misc.c:22:9:22:12 | argi | Node steps to itself | -| misc.c:22:17:22:20 | argj | Node steps to itself | -| misc.c:27:9:27:12 | argi | Node steps to itself | -| misc.c:27:17:27:20 | argj | Node steps to itself | -| misc.c:32:9:32:9 | i | Node steps to itself | -| misc.c:32:14:32:14 | j | Node steps to itself | -| misc.c:37:9:37:9 | i | Node steps to itself | -| misc.c:37:14:37:14 | j | Node steps to itself | -| misc.c:44:11:44:11 | Phi | Node steps to itself | -| misc.c:44:11:44:11 | Phi | Node steps to itself | -| misc.c:44:11:44:11 | Phi | Node steps to itself | -| misc.c:44:11:44:11 | i | Node steps to itself | -| misc.c:45:9:45:9 | j | Node steps to itself | -| misc.c:47:11:47:11 | Phi | Node steps to itself | -| misc.c:47:11:47:11 | Phi | Node steps to itself | -| misc.c:47:11:47:11 | Phi | Node steps to itself | -| misc.c:47:11:47:11 | i | Node steps to itself | -| misc.c:47:16:47:16 | j | Node steps to itself | -| misc.c:48:9:48:9 | j | Node steps to itself | -| misc.c:50:11:50:11 | Phi | Node steps to itself | -| misc.c:50:11:50:11 | Phi | Node steps to itself | -| misc.c:50:11:50:11 | i | Node steps to itself | -| misc.c:50:16:50:16 | j | Node steps to itself | -| misc.c:51:9:51:9 | j | Node steps to itself | -| misc.c:53:11:53:14 | Phi | Node steps to itself | -| misc.c:53:11:53:14 | Phi | Node steps to itself | -| misc.c:53:11:53:14 | Phi | Node steps to itself | -| misc.c:53:11:53:14 | argi | Node steps to itself | -| misc.c:54:9:54:9 | j | Node steps to itself | -| misc.c:57:9:57:9 | Phi | Node steps to itself | -| misc.c:57:9:57:9 | Phi | Node steps to itself | -| misc.c:57:9:57:9 | Phi | Node steps to itself | -| misc.c:57:9:57:9 | j | Node steps to itself | -| misc.c:58:13:58:13 | i | Node steps to itself | -| misc.c:60:9:60:9 | Phi | Node steps to itself | -| misc.c:60:9:60:9 | Phi | Node steps to itself | -| misc.c:60:9:60:9 | Phi | Node steps to itself | -| misc.c:60:9:60:9 | j | Node steps to itself | -| misc.c:61:13:61:16 | argi | Node steps to itself | -| misc.c:62:16:62:16 | Phi | Node steps to itself | -| misc.c:62:16:62:16 | i | Node steps to itself | -| misc.c:62:24:62:24 | i | Node steps to itself | -| misc.c:64:11:64:11 | Phi | Node steps to itself | -| misc.c:64:11:64:11 | i | Node steps to itself | -| misc.c:64:19:64:19 | i | Node steps to itself | -| misc.c:66:18:66:18 | i | Node steps to itself | -| misc.c:66:23:67:5 | Phi | Node steps to itself | -| misc.c:93:9:93:15 | ... ? ... : ... | Node steps to itself | -| misc.c:94:9:94:10 | sp | Node steps to itself | -| misc.c:94:9:94:10 | sp indirection | Node steps to itself | -| misc.c:94:9:94:19 | ... ? ... : ... | Node steps to itself | -| misc.c:94:19:94:19 | i | Node steps to itself | -| misc.c:100:13:100:13 | i | Node steps to itself | -| misc.c:105:13:105:13 | i | Node steps to itself | -| misc.c:110:13:110:13 | i | Node steps to itself | -| misc.c:115:13:115:13 | i | Node steps to itself | -| misc.c:119:13:119:13 | i | Node steps to itself | -| misc.c:123:13:123:13 | i | Node steps to itself | -| misc.c:123:17:123:17 | j | Node steps to itself | -| misc.c:124:14:124:14 | i | Node steps to itself | -| misc.c:124:18:124:18 | j | Node steps to itself | -| misc.c:124:30:124:30 | i | Node steps to itself | -| misc.c:130:11:130:11 | j | Node steps to itself | -| misc.c:131:5:131:6 | sp | Node steps to itself | -| misc.c:131:13:131:13 | j | Node steps to itself | -| misc.c:133:9:133:10 | sp | Node steps to itself | -| misc.c:135:9:135:9 | i | Node steps to itself | -| misc.c:135:13:135:13 | j | Node steps to itself | -| misc.c:136:9:136:9 | i | Node steps to itself | -| misc.c:136:13:136:13 | j | Node steps to itself | -| misc.c:137:9:137:9 | i | Node steps to itself | -| misc.c:137:13:137:13 | j | Node steps to itself | -| misc.c:139:10:139:11 | sp | Node steps to itself | -| misc.c:139:18:139:18 | j | Node steps to itself | -| misc.c:139:25:139:26 | sp | Node steps to itself | -| misc.c:139:25:139:26 | sp indirection | Node steps to itself | -| misc.c:139:33:139:33 | j | Node steps to itself | -| misc.c:140:9:140:9 | i | Node steps to itself | -| misc.c:140:14:140:14 | i | Node steps to itself | -| misc.c:140:19:140:19 | i | Node steps to itself | -| misc.c:141:9:141:9 | i | Node steps to itself | -| misc.c:141:14:141:14 | i | Node steps to itself | -| misc.c:141:19:141:19 | i | Node steps to itself | -| misc.c:147:9:147:14 | intFun | Node steps to itself | -| misc.c:147:16:147:16 | i | Node steps to itself | -| misc.c:147:19:147:19 | j | Node steps to itself | -| misc.c:149:5:149:10 | pfunvv | Node steps to itself | -| misc.c:157:18:157:18 | x | Node steps to itself | -| misc.c:158:18:158:18 | x | Node steps to itself | -| misc.c:171:15:171:15 | i | Node steps to itself | -| misc.c:188:12:188:12 | i | Node steps to itself | -| misc.c:216:10:216:25 | global_with_init | Node steps to itself | -| misc.c:220:9:223:3 | {...} | Node steps to itself | -| modeled-functions.cpp:6:10:6:16 | socket2 | Node steps to itself | -| ms_assume.cpp:16:6:16:9 | argc | Node steps to itself | -| ms_assume.cpp:19:13:19:16 | argc | Node steps to itself | -| ms_assume.cpp:28:31:28:31 | s | Node steps to itself | -| ms_assume.cpp:28:31:28:31 | s indirection | Node steps to itself | -| ms_try_mix.cpp:17:13:17:14 | b1 | Node steps to itself | -| ms_try_mix.cpp:34:13:34:14 | b2 | Node steps to itself | -| newexpr.cpp:10:2:10:20 | new indirection | Node steps to itself | -| newexpr.cpp:10:8:10:8 | a | Node steps to itself | -| newexpr.cpp:10:12:10:12 | b | Node steps to itself | -| newexpr.cpp:10:15:10:15 | c | Node steps to itself | -| newexpr.cpp:10:19:10:19 | d | Node steps to itself | -| nodefaultswitchstmt.c:2:14:2:14 | x | Node steps to itself | -| nonmemberfpcallexpr.c:3:2:3:2 | g | Node steps to itself | -| ops.cpp:21:33:21:33 | i | Node steps to itself | -| parameterinitializer.cpp:8:24:8:24 | i | Node steps to itself | -| pmcallexpr.cpp:10:3:10:3 | c | Node steps to itself | -| pmcallexpr.cpp:10:8:10:8 | d | Node steps to itself | -| pmcallexpr.cpp:10:8:10:8 | d indirection | Node steps to itself | -| pointer_to_member.cpp:26:19:26:20 | pm | Node steps to itself | -| pointer_to_member.cpp:29:12:29:14 | acc | Node steps to itself | -| pruning.c:70:9:70:9 | i | Node steps to itself | -| pruning.c:79:9:79:9 | i | Node steps to itself | -| pruning.c:88:9:88:9 | i | Node steps to itself | -| pruning.c:97:9:97:9 | i | Node steps to itself | -| pruning.c:106:9:106:9 | i | Node steps to itself | -| pruning.c:115:9:115:9 | i | Node steps to itself | -| pruning.c:124:9:124:9 | i | Node steps to itself | -| pruning.c:166:12:166:12 | i | Node steps to itself | -| pruning.c:173:12:173:12 | i | Node steps to itself | -| pruning.c:180:12:180:12 | i | Node steps to itself | -| pruning.c:187:12:187:12 | i | Node steps to itself | -| pruning.c:194:45:194:51 | faulted | Node steps to itself | -| pruning.c:195:13:195:19 | faulted | Node steps to itself | -| questionexpr.c:3:6:3:6 | a | Node steps to itself | -| questionexpr.c:3:6:3:27 | ... ? ... : ... | Node steps to itself | -| questionexpr.c:3:11:3:11 | b | Node steps to itself | -| questionexpr.c:3:15:3:15 | c | Node steps to itself | -| questionexpr.c:3:19:3:19 | b | Node steps to itself | -| questionexpr.c:3:23:3:23 | d | Node steps to itself | -| questionexpr.c:3:27:3:27 | b | Node steps to itself | -| range_analysis.c:7:10:7:10 | Phi | Node steps to itself | -| range_analysis.c:7:10:7:10 | Phi | Node steps to itself | -| range_analysis.c:7:10:7:10 | p | Node steps to itself | -| range_analysis.c:7:17:7:17 | p | Node steps to itself | -| range_analysis.c:7:17:7:17 | p indirection | Node steps to itself | -| range_analysis.c:8:13:8:17 | count | Node steps to itself | -| range_analysis.c:10:10:10:14 | count | Node steps to itself | -| range_analysis.c:15:10:15:10 | Phi | Node steps to itself | -| range_analysis.c:15:10:15:10 | Phi | Node steps to itself | -| range_analysis.c:15:10:15:10 | p | Node steps to itself | -| range_analysis.c:15:17:15:17 | p | Node steps to itself | -| range_analysis.c:15:17:15:17 | p indirection | Node steps to itself | -| range_analysis.c:16:14:16:18 | count | Node steps to itself | -| range_analysis.c:18:10:18:14 | count | Node steps to itself | -| range_analysis.c:23:10:23:10 | Phi | Node steps to itself | -| range_analysis.c:23:10:23:10 | Phi | Node steps to itself | -| range_analysis.c:23:10:23:10 | p | Node steps to itself | -| range_analysis.c:23:17:23:17 | p | Node steps to itself | -| range_analysis.c:23:17:23:17 | p indirection | Node steps to itself | -| range_analysis.c:24:5:24:9 | count | Node steps to itself | -| range_analysis.c:25:13:25:17 | count | Node steps to itself | -| range_analysis.c:27:10:27:14 | count | Node steps to itself | -| range_analysis.c:33:15:33:15 | Phi | Node steps to itself | -| range_analysis.c:33:15:33:15 | Phi | Node steps to itself | -| range_analysis.c:33:15:33:15 | i | Node steps to itself | -| range_analysis.c:33:26:33:26 | i | Node steps to itself | -| range_analysis.c:34:5:34:9 | total | Node steps to itself | -| range_analysis.c:34:14:34:14 | i | Node steps to itself | -| range_analysis.c:36:10:36:14 | total | Node steps to itself | -| range_analysis.c:36:18:36:18 | i | Node steps to itself | -| range_analysis.c:42:15:42:15 | Phi | Node steps to itself | -| range_analysis.c:42:15:42:15 | Phi | Node steps to itself | -| range_analysis.c:42:15:42:15 | i | Node steps to itself | -| range_analysis.c:42:22:42:22 | i | Node steps to itself | -| range_analysis.c:43:5:43:9 | total | Node steps to itself | -| range_analysis.c:43:14:43:14 | i | Node steps to itself | -| range_analysis.c:45:10:45:14 | total | Node steps to itself | -| range_analysis.c:45:18:45:18 | i | Node steps to itself | -| range_analysis.c:51:15:51:15 | Phi | Node steps to itself | -| range_analysis.c:51:15:51:15 | Phi | Node steps to itself | -| range_analysis.c:51:15:51:15 | i | Node steps to itself | -| range_analysis.c:51:28:51:28 | i | Node steps to itself | -| range_analysis.c:52:5:52:9 | total | Node steps to itself | -| range_analysis.c:52:14:52:14 | i | Node steps to itself | -| range_analysis.c:54:10:54:14 | total | Node steps to itself | -| range_analysis.c:54:18:54:18 | i | Node steps to itself | -| range_analysis.c:58:7:58:7 | i | Node steps to itself | -| range_analysis.c:59:9:59:9 | i | Node steps to itself | -| range_analysis.c:60:14:60:14 | i | Node steps to itself | -| range_analysis.c:67:15:67:15 | y | Node steps to itself | -| range_analysis.c:67:20:67:20 | y | Node steps to itself | -| range_analysis.c:68:9:68:9 | x | Node steps to itself | -| range_analysis.c:68:13:68:13 | y | Node steps to itself | -| range_analysis.c:69:14:69:14 | x | Node steps to itself | -| range_analysis.c:72:10:72:10 | y | Node steps to itself | -| range_analysis.c:76:7:76:7 | y | Node steps to itself | -| range_analysis.c:77:9:77:9 | x | Node steps to itself | -| range_analysis.c:81:9:81:9 | x | Node steps to itself | -| range_analysis.c:85:10:85:10 | x | Node steps to itself | -| range_analysis.c:89:7:89:7 | y | Node steps to itself | -| range_analysis.c:90:9:90:9 | x | Node steps to itself | -| range_analysis.c:90:13:90:13 | y | Node steps to itself | -| range_analysis.c:93:12:93:12 | x | Node steps to itself | -| range_analysis.c:100:8:100:8 | p | Node steps to itself | -| range_analysis.c:105:10:105:10 | p | Node steps to itself | -| range_analysis.c:124:11:124:15 | Phi | Node steps to itself | -| range_analysis.c:124:11:124:15 | Phi | Node steps to itself | -| range_analysis.c:124:11:124:15 | Start | Node steps to itself | -| range_analysis.c:127:6:127:10 | Start | Node steps to itself | -| range_analysis.c:127:15:127:20 | Length | Node steps to itself | -| range_analysis.c:137:20:137:20 | x | Node steps to itself | -| range_analysis.c:138:11:138:11 | i | Node steps to itself | -| range_analysis.c:139:23:139:23 | i | Node steps to itself | -| range_analysis.c:139:32:139:32 | x | Node steps to itself | -| range_analysis.c:139:36:139:36 | y | Node steps to itself | -| range_analysis.c:150:10:150:11 | x0 | Node steps to itself | -| range_analysis.c:150:15:150:16 | x1 | Node steps to itself | -| range_analysis.c:150:20:150:21 | x2 | Node steps to itself | -| range_analysis.c:150:25:150:26 | x3 | Node steps to itself | -| range_analysis.c:154:10:154:40 | ... ? ... : ... | Node steps to itself | -| range_analysis.c:154:11:154:11 | x | Node steps to itself | -| range_analysis.c:154:35:154:35 | x | Node steps to itself | -| range_analysis.c:161:12:161:12 | a | Node steps to itself | -| range_analysis.c:161:17:161:17 | a | Node steps to itself | -| range_analysis.c:163:14:163:14 | a | Node steps to itself | -| range_analysis.c:164:5:164:9 | total | Node steps to itself | -| range_analysis.c:164:14:164:14 | b | Node steps to itself | -| range_analysis.c:164:16:164:16 | c | Node steps to itself | -| range_analysis.c:166:12:166:12 | a | Node steps to itself | -| range_analysis.c:166:17:166:17 | a | Node steps to itself | -| range_analysis.c:168:14:168:14 | a | Node steps to itself | -| range_analysis.c:169:5:169:9 | total | Node steps to itself | -| range_analysis.c:169:14:169:14 | b | Node steps to itself | -| range_analysis.c:169:16:169:16 | c | Node steps to itself | -| range_analysis.c:171:13:171:13 | a | Node steps to itself | -| range_analysis.c:171:18:171:18 | a | Node steps to itself | -| range_analysis.c:173:14:173:14 | a | Node steps to itself | -| range_analysis.c:174:5:174:9 | total | Node steps to itself | -| range_analysis.c:174:14:174:14 | b | Node steps to itself | -| range_analysis.c:174:16:174:16 | c | Node steps to itself | -| range_analysis.c:176:13:176:13 | a | Node steps to itself | -| range_analysis.c:176:18:176:18 | a | Node steps to itself | -| range_analysis.c:178:14:178:14 | a | Node steps to itself | -| range_analysis.c:179:5:179:9 | total | Node steps to itself | -| range_analysis.c:179:14:179:14 | b | Node steps to itself | -| range_analysis.c:179:16:179:16 | c | Node steps to itself | -| range_analysis.c:181:13:181:13 | a | Node steps to itself | -| range_analysis.c:181:18:181:18 | a | Node steps to itself | -| range_analysis.c:183:14:183:14 | a | Node steps to itself | -| range_analysis.c:184:5:184:9 | total | Node steps to itself | -| range_analysis.c:184:14:184:14 | b | Node steps to itself | -| range_analysis.c:184:16:184:16 | c | Node steps to itself | -| range_analysis.c:186:13:186:13 | a | Node steps to itself | -| range_analysis.c:186:18:186:18 | a | Node steps to itself | -| range_analysis.c:188:14:188:14 | a | Node steps to itself | -| range_analysis.c:189:5:189:9 | total | Node steps to itself | -| range_analysis.c:189:14:189:14 | b | Node steps to itself | -| range_analysis.c:189:16:189:16 | c | Node steps to itself | -| range_analysis.c:192:10:192:14 | total | Node steps to itself | -| range_analysis.c:200:12:200:12 | a | Node steps to itself | -| range_analysis.c:200:17:200:17 | a | Node steps to itself | -| range_analysis.c:200:33:200:33 | b | Node steps to itself | -| range_analysis.c:200:38:200:38 | b | Node steps to itself | -| range_analysis.c:201:13:201:13 | a | Node steps to itself | -| range_analysis.c:201:15:201:15 | b | Node steps to itself | -| range_analysis.c:202:5:202:9 | total | Node steps to itself | -| range_analysis.c:202:14:202:14 | r | Node steps to itself | -| range_analysis.c:204:12:204:12 | a | Node steps to itself | -| range_analysis.c:204:17:204:17 | a | Node steps to itself | -| range_analysis.c:204:33:204:33 | b | Node steps to itself | -| range_analysis.c:204:38:204:38 | b | Node steps to itself | -| range_analysis.c:205:13:205:13 | a | Node steps to itself | -| range_analysis.c:205:15:205:15 | b | Node steps to itself | -| range_analysis.c:206:5:206:9 | total | Node steps to itself | -| range_analysis.c:206:14:206:14 | r | Node steps to itself | -| range_analysis.c:208:12:208:12 | a | Node steps to itself | -| range_analysis.c:208:17:208:17 | a | Node steps to itself | -| range_analysis.c:208:35:208:35 | b | Node steps to itself | -| range_analysis.c:208:40:208:40 | b | Node steps to itself | -| range_analysis.c:209:13:209:13 | a | Node steps to itself | -| range_analysis.c:209:15:209:15 | b | Node steps to itself | -| range_analysis.c:210:5:210:9 | total | Node steps to itself | -| range_analysis.c:210:14:210:14 | r | Node steps to itself | -| range_analysis.c:212:12:212:12 | a | Node steps to itself | -| range_analysis.c:212:17:212:17 | a | Node steps to itself | -| range_analysis.c:212:35:212:35 | b | Node steps to itself | -| range_analysis.c:212:40:212:40 | b | Node steps to itself | -| range_analysis.c:213:13:213:13 | a | Node steps to itself | -| range_analysis.c:213:15:213:15 | b | Node steps to itself | -| range_analysis.c:214:5:214:9 | total | Node steps to itself | -| range_analysis.c:214:14:214:14 | r | Node steps to itself | -| range_analysis.c:216:12:216:12 | a | Node steps to itself | -| range_analysis.c:216:17:216:17 | a | Node steps to itself | -| range_analysis.c:216:35:216:35 | b | Node steps to itself | -| range_analysis.c:216:40:216:40 | b | Node steps to itself | -| range_analysis.c:217:13:217:13 | a | Node steps to itself | -| range_analysis.c:217:15:217:15 | b | Node steps to itself | -| range_analysis.c:218:5:218:9 | total | Node steps to itself | -| range_analysis.c:218:14:218:14 | r | Node steps to itself | -| range_analysis.c:221:10:221:14 | total | Node steps to itself | -| range_analysis.c:228:12:228:12 | a | Node steps to itself | -| range_analysis.c:228:17:228:17 | a | Node steps to itself | -| range_analysis.c:228:33:228:33 | b | Node steps to itself | -| range_analysis.c:228:38:228:38 | b | Node steps to itself | -| range_analysis.c:229:13:229:13 | a | Node steps to itself | -| range_analysis.c:229:15:229:15 | b | Node steps to itself | -| range_analysis.c:230:5:230:9 | total | Node steps to itself | -| range_analysis.c:230:14:230:14 | r | Node steps to itself | -| range_analysis.c:232:12:232:12 | a | Node steps to itself | -| range_analysis.c:232:17:232:17 | a | Node steps to itself | -| range_analysis.c:232:33:232:33 | b | Node steps to itself | -| range_analysis.c:232:38:232:38 | b | Node steps to itself | -| range_analysis.c:233:13:233:13 | a | Node steps to itself | -| range_analysis.c:233:15:233:15 | b | Node steps to itself | -| range_analysis.c:234:5:234:9 | total | Node steps to itself | -| range_analysis.c:234:14:234:14 | r | Node steps to itself | -| range_analysis.c:236:12:236:12 | a | Node steps to itself | -| range_analysis.c:236:17:236:17 | a | Node steps to itself | -| range_analysis.c:236:35:236:35 | b | Node steps to itself | -| range_analysis.c:236:40:236:40 | b | Node steps to itself | -| range_analysis.c:237:13:237:13 | a | Node steps to itself | -| range_analysis.c:237:15:237:15 | b | Node steps to itself | -| range_analysis.c:238:5:238:9 | total | Node steps to itself | -| range_analysis.c:238:14:238:14 | r | Node steps to itself | -| range_analysis.c:240:12:240:12 | a | Node steps to itself | -| range_analysis.c:240:17:240:17 | a | Node steps to itself | -| range_analysis.c:240:35:240:35 | b | Node steps to itself | -| range_analysis.c:240:40:240:40 | b | Node steps to itself | -| range_analysis.c:241:13:241:13 | a | Node steps to itself | -| range_analysis.c:241:15:241:15 | b | Node steps to itself | -| range_analysis.c:242:5:242:9 | total | Node steps to itself | -| range_analysis.c:242:14:242:14 | r | Node steps to itself | -| range_analysis.c:244:12:244:12 | a | Node steps to itself | -| range_analysis.c:244:17:244:17 | a | Node steps to itself | -| range_analysis.c:244:35:244:35 | b | Node steps to itself | -| range_analysis.c:244:40:244:40 | b | Node steps to itself | -| range_analysis.c:245:13:245:13 | a | Node steps to itself | -| range_analysis.c:245:15:245:15 | b | Node steps to itself | -| range_analysis.c:246:5:246:9 | total | Node steps to itself | -| range_analysis.c:246:14:246:14 | r | Node steps to itself | -| range_analysis.c:249:10:249:14 | total | Node steps to itself | -| range_analysis.c:256:14:256:14 | a | Node steps to itself | -| range_analysis.c:256:19:256:19 | a | Node steps to itself | -| range_analysis.c:256:35:256:35 | b | Node steps to itself | -| range_analysis.c:256:40:256:40 | b | Node steps to itself | -| range_analysis.c:257:13:257:13 | a | Node steps to itself | -| range_analysis.c:257:15:257:15 | b | Node steps to itself | -| range_analysis.c:258:5:258:9 | total | Node steps to itself | -| range_analysis.c:258:14:258:14 | r | Node steps to itself | -| range_analysis.c:260:14:260:14 | a | Node steps to itself | -| range_analysis.c:260:19:260:19 | a | Node steps to itself | -| range_analysis.c:260:35:260:35 | b | Node steps to itself | -| range_analysis.c:260:40:260:40 | b | Node steps to itself | -| range_analysis.c:261:13:261:13 | a | Node steps to itself | -| range_analysis.c:261:15:261:15 | b | Node steps to itself | -| range_analysis.c:262:5:262:9 | total | Node steps to itself | -| range_analysis.c:262:14:262:14 | r | Node steps to itself | -| range_analysis.c:264:14:264:14 | a | Node steps to itself | -| range_analysis.c:264:19:264:19 | a | Node steps to itself | -| range_analysis.c:264:37:264:37 | b | Node steps to itself | -| range_analysis.c:264:42:264:42 | b | Node steps to itself | -| range_analysis.c:265:13:265:13 | a | Node steps to itself | -| range_analysis.c:265:15:265:15 | b | Node steps to itself | -| range_analysis.c:266:5:266:9 | total | Node steps to itself | -| range_analysis.c:266:14:266:14 | r | Node steps to itself | -| range_analysis.c:268:14:268:14 | a | Node steps to itself | -| range_analysis.c:268:19:268:19 | a | Node steps to itself | -| range_analysis.c:268:37:268:37 | b | Node steps to itself | -| range_analysis.c:268:42:268:42 | b | Node steps to itself | -| range_analysis.c:269:13:269:13 | a | Node steps to itself | -| range_analysis.c:269:15:269:15 | b | Node steps to itself | -| range_analysis.c:270:5:270:9 | total | Node steps to itself | -| range_analysis.c:270:14:270:14 | r | Node steps to itself | -| range_analysis.c:272:14:272:14 | a | Node steps to itself | -| range_analysis.c:272:19:272:19 | a | Node steps to itself | -| range_analysis.c:272:37:272:37 | b | Node steps to itself | -| range_analysis.c:272:42:272:42 | b | Node steps to itself | -| range_analysis.c:273:13:273:13 | a | Node steps to itself | -| range_analysis.c:273:15:273:15 | b | Node steps to itself | -| range_analysis.c:274:5:274:9 | total | Node steps to itself | -| range_analysis.c:274:14:274:14 | r | Node steps to itself | -| range_analysis.c:277:10:277:14 | total | Node steps to itself | -| range_analysis.c:284:14:284:14 | a | Node steps to itself | -| range_analysis.c:284:19:284:19 | a | Node steps to itself | -| range_analysis.c:284:34:284:34 | b | Node steps to itself | -| range_analysis.c:284:39:284:39 | b | Node steps to itself | -| range_analysis.c:285:13:285:13 | a | Node steps to itself | -| range_analysis.c:285:15:285:15 | b | Node steps to itself | -| range_analysis.c:286:5:286:9 | total | Node steps to itself | -| range_analysis.c:286:14:286:14 | r | Node steps to itself | -| range_analysis.c:288:14:288:14 | a | Node steps to itself | -| range_analysis.c:288:19:288:19 | a | Node steps to itself | -| range_analysis.c:288:34:288:34 | b | Node steps to itself | -| range_analysis.c:288:39:288:39 | b | Node steps to itself | -| range_analysis.c:289:13:289:13 | a | Node steps to itself | -| range_analysis.c:289:15:289:15 | b | Node steps to itself | -| range_analysis.c:290:5:290:9 | total | Node steps to itself | -| range_analysis.c:290:14:290:14 | r | Node steps to itself | -| range_analysis.c:292:14:292:14 | a | Node steps to itself | -| range_analysis.c:292:19:292:19 | a | Node steps to itself | -| range_analysis.c:292:36:292:36 | b | Node steps to itself | -| range_analysis.c:292:41:292:41 | b | Node steps to itself | -| range_analysis.c:293:13:293:13 | a | Node steps to itself | -| range_analysis.c:293:15:293:15 | b | Node steps to itself | -| range_analysis.c:294:5:294:9 | total | Node steps to itself | -| range_analysis.c:294:14:294:14 | r | Node steps to itself | -| range_analysis.c:296:14:296:14 | a | Node steps to itself | -| range_analysis.c:296:19:296:19 | a | Node steps to itself | -| range_analysis.c:296:36:296:36 | b | Node steps to itself | -| range_analysis.c:296:41:296:41 | b | Node steps to itself | -| range_analysis.c:297:13:297:13 | a | Node steps to itself | -| range_analysis.c:297:15:297:15 | b | Node steps to itself | -| range_analysis.c:298:5:298:9 | total | Node steps to itself | -| range_analysis.c:298:14:298:14 | r | Node steps to itself | -| range_analysis.c:300:14:300:14 | a | Node steps to itself | -| range_analysis.c:300:19:300:19 | a | Node steps to itself | -| range_analysis.c:300:36:300:36 | b | Node steps to itself | -| range_analysis.c:300:41:300:41 | b | Node steps to itself | -| range_analysis.c:301:13:301:13 | a | Node steps to itself | -| range_analysis.c:301:15:301:15 | b | Node steps to itself | -| range_analysis.c:302:5:302:9 | total | Node steps to itself | -| range_analysis.c:302:14:302:14 | r | Node steps to itself | -| range_analysis.c:305:10:305:14 | total | Node steps to itself | -| range_analysis.c:312:14:312:14 | a | Node steps to itself | -| range_analysis.c:312:19:312:19 | a | Node steps to itself | -| range_analysis.c:312:35:312:35 | b | Node steps to itself | -| range_analysis.c:312:40:312:40 | b | Node steps to itself | -| range_analysis.c:313:13:313:13 | a | Node steps to itself | -| range_analysis.c:313:15:313:15 | b | Node steps to itself | -| range_analysis.c:314:5:314:9 | total | Node steps to itself | -| range_analysis.c:314:14:314:14 | r | Node steps to itself | -| range_analysis.c:316:14:316:14 | a | Node steps to itself | -| range_analysis.c:316:19:316:19 | a | Node steps to itself | -| range_analysis.c:316:35:316:35 | b | Node steps to itself | -| range_analysis.c:316:40:316:40 | b | Node steps to itself | -| range_analysis.c:317:13:317:13 | a | Node steps to itself | -| range_analysis.c:317:15:317:15 | b | Node steps to itself | -| range_analysis.c:318:5:318:9 | total | Node steps to itself | -| range_analysis.c:318:14:318:14 | r | Node steps to itself | -| range_analysis.c:320:14:320:14 | a | Node steps to itself | -| range_analysis.c:320:19:320:19 | a | Node steps to itself | -| range_analysis.c:320:37:320:37 | b | Node steps to itself | -| range_analysis.c:320:42:320:42 | b | Node steps to itself | -| range_analysis.c:321:13:321:13 | a | Node steps to itself | -| range_analysis.c:321:15:321:15 | b | Node steps to itself | -| range_analysis.c:322:5:322:9 | total | Node steps to itself | -| range_analysis.c:322:14:322:14 | r | Node steps to itself | -| range_analysis.c:324:14:324:14 | a | Node steps to itself | -| range_analysis.c:324:19:324:19 | a | Node steps to itself | -| range_analysis.c:324:37:324:37 | b | Node steps to itself | -| range_analysis.c:324:42:324:42 | b | Node steps to itself | -| range_analysis.c:325:13:325:13 | a | Node steps to itself | -| range_analysis.c:325:15:325:15 | b | Node steps to itself | -| range_analysis.c:326:5:326:9 | total | Node steps to itself | -| range_analysis.c:326:14:326:14 | r | Node steps to itself | -| range_analysis.c:328:14:328:14 | a | Node steps to itself | -| range_analysis.c:328:19:328:19 | a | Node steps to itself | -| range_analysis.c:328:37:328:37 | b | Node steps to itself | -| range_analysis.c:328:42:328:42 | b | Node steps to itself | -| range_analysis.c:329:13:329:13 | a | Node steps to itself | -| range_analysis.c:329:15:329:15 | b | Node steps to itself | -| range_analysis.c:330:5:330:9 | total | Node steps to itself | -| range_analysis.c:330:14:330:14 | r | Node steps to itself | -| range_analysis.c:333:10:333:14 | total | Node steps to itself | -| range_analysis.c:338:7:338:7 | x | Node steps to itself | -| range_analysis.c:342:10:342:10 | Phi | Node steps to itself | -| range_analysis.c:342:10:342:10 | i | Node steps to itself | -| range_analysis.c:343:5:343:5 | i | Node steps to itself | -| range_analysis.c:345:7:345:7 | i | Node steps to itself | -| range_analysis.c:346:7:346:7 | x | Node steps to itself | -| range_analysis.c:347:9:347:9 | d | Node steps to itself | -| range_analysis.c:347:14:347:14 | x | Node steps to itself | -| range_analysis.c:357:8:357:8 | x | Node steps to itself | -| range_analysis.c:357:8:357:23 | ... ? ... : ... | Node steps to itself | -| range_analysis.c:357:18:357:18 | x | Node steps to itself | -| range_analysis.c:358:8:358:8 | x | Node steps to itself | -| range_analysis.c:358:8:358:24 | ... ? ... : ... | Node steps to itself | -| range_analysis.c:358:24:358:24 | x | Node steps to itself | -| range_analysis.c:365:7:365:7 | x | Node steps to itself | -| range_analysis.c:366:10:366:15 | ... ? ... : ... | Node steps to itself | -| range_analysis.c:367:10:367:17 | ... ? ... : ... | Node steps to itself | -| range_analysis.c:368:10:368:21 | ... ? ... : ... | Node steps to itself | -| range_analysis.c:368:11:368:11 | x | Node steps to itself | -| range_analysis.c:369:27:369:27 | x | Node steps to itself | -| range_analysis.c:370:27:370:27 | x | Node steps to itself | -| range_analysis.c:371:28:371:28 | x | Node steps to itself | -| range_analysis.c:373:10:373:11 | y1 | Node steps to itself | -| range_analysis.c:373:15:373:16 | y2 | Node steps to itself | -| range_analysis.c:373:20:373:21 | y3 | Node steps to itself | -| range_analysis.c:373:25:373:26 | y4 | Node steps to itself | -| range_analysis.c:373:30:373:31 | y5 | Node steps to itself | -| range_analysis.c:373:35:373:36 | y6 | Node steps to itself | -| range_analysis.c:373:40:373:41 | y7 | Node steps to itself | -| range_analysis.c:373:45:373:46 | y8 | Node steps to itself | -| range_analysis.c:379:8:379:8 | x | Node steps to itself | -| range_analysis.c:379:8:379:24 | ... ? ... : ... | Node steps to itself | -| range_analysis.c:379:18:379:18 | x | Node steps to itself | -| range_analysis.c:380:8:380:8 | x | Node steps to itself | -| range_analysis.c:380:8:380:25 | ... ? ... : ... | Node steps to itself | -| range_analysis.c:380:25:380:25 | x | Node steps to itself | -| range_analysis.c:384:7:384:7 | x | Node steps to itself | -| range_analysis.c:385:10:385:21 | ... ? ... : ... | Node steps to itself | -| range_analysis.c:385:11:385:11 | x | Node steps to itself | -| range_analysis.c:386:10:386:21 | ... ? ... : ... | Node steps to itself | -| range_analysis.c:386:11:386:11 | x | Node steps to itself | -| range_analysis.c:387:27:387:27 | x | Node steps to itself | -| range_analysis.c:389:10:389:11 | y1 | Node steps to itself | -| range_analysis.c:389:15:389:16 | y2 | Node steps to itself | -| range_analysis.c:389:20:389:21 | y3 | Node steps to itself | -| range_analysis.c:389:25:389:26 | y4 | Node steps to itself | -| range_analysis.c:389:30:389:31 | y5 | Node steps to itself | -| range_analysis.c:394:20:394:20 | x | Node steps to itself | -| range_analysis.c:394:20:394:36 | ... ? ... : ... | Node steps to itself | -| range_analysis.c:394:30:394:30 | x | Node steps to itself | -| range_analysis.c:397:11:397:11 | y | Node steps to itself | -| range_analysis.c:398:9:398:9 | y | Node steps to itself | -| range_analysis.c:398:14:398:14 | y | Node steps to itself | -| range_analysis.c:399:10:399:11 | y1 | Node steps to itself | -| range_analysis.c:399:15:399:16 | y2 | Node steps to itself | -| revsubscriptexpr.c:4:7:4:7 | a | Node steps to itself | -| revsubscriptexpr.c:4:11:4:11 | b | Node steps to itself | -| shortforstmt.cpp:34:8:34:8 | Phi | Node steps to itself | -| shortforstmt.cpp:34:8:34:8 | Phi | Node steps to itself | -| shortforstmt.cpp:34:8:34:8 | Phi | Node steps to itself | -| shortforstmt.cpp:34:8:34:8 | x | Node steps to itself | -| shortforstmt.cpp:34:12:34:12 | y | Node steps to itself | -| shortforstmt.cpp:35:9:35:9 | y | Node steps to itself | -| statements.cpp:14:6:14:6 | x | Node steps to itself | -| statements.cpp:23:6:23:6 | x | Node steps to itself | -| statements.cpp:32:29:32:29 | Phi | Node steps to itself | -| statements.cpp:32:29:32:29 | x | Node steps to itself | -| statements.cpp:32:39:32:39 | x | Node steps to itself | -| statements.cpp:45:6:45:6 | x | Node steps to itself | -| statements.cpp:48:22:48:22 | x | Node steps to itself | -| statements.cpp:51:8:51:8 | y | Node steps to itself | -| statements.cpp:56:5:56:5 | x | Node steps to itself | -| static_init_templates.cpp:21:2:21:4 | this | Node steps to itself | -| static_init_templates.cpp:21:2:21:4 | this indirection | Node steps to itself | -| static_init_templates.cpp:21:8:21:8 | b | Node steps to itself | -| static_init_templates.cpp:21:12:21:12 | f | Node steps to itself | -| static_init_templates.cpp:22:8:22:8 | c | Node steps to itself | -| static_init_templates.cpp:81:12:81:17 | my_ptr | Node steps to itself | -| static_init_templates.cpp:81:12:81:17 | my_ptr | Node steps to itself | -| static_init_templates.cpp:90:12:90:17 | my_ptr | Node steps to itself | -| static_init_templates.cpp:90:12:90:17 | my_ptr | Node steps to itself | -| static_init_templates.cpp:98:12:98:17 | my_ptr | Node steps to itself | -| static_init_templates.cpp:98:12:98:17 | my_ptr | Node steps to itself | -| static_init_templates.cpp:106:12:106:17 | my_ptr | Node steps to itself | -| static_init_templates.cpp:106:12:106:17 | my_ptr | Node steps to itself | -| static_init_templates.cpp:126:12:126:17 | my_ptr | Node steps to itself | -| static_init_templates.cpp:134:12:134:17 | my_ptr | Node steps to itself | -| staticlocals.cpp:18:10:18:10 | x | Node steps to itself | -| staticmembercallexpr_args.cpp:12:9:12:9 | i | Node steps to itself | -| staticmembercallexpr_args.cpp:12:13:12:13 | j | Node steps to itself | -| staticmembercallexpr_args.cpp:12:16:12:16 | k | Node steps to itself | -| staticmembercallexpr_args.cpp:12:20:12:20 | l | Node steps to itself | -| stream_it.cpp:11:16:11:16 | (__range) indirection | Node steps to itself | -| subscriptexpr.c:4:8:4:8 | a | Node steps to itself | -| subscriptexpr.c:4:12:4:12 | b | Node steps to itself | -| switchbody.c:5:11:5:11 | i | Node steps to itself | -| switchbody.c:5:11:5:24 | ... ? ... : ... | Node steps to itself | -| switchbody.c:5:20:5:20 | i | Node steps to itself | -| switchbody.c:5:24:5:24 | i | Node steps to itself | -| switchbody.c:9:12:9:12 | i | Node steps to itself | -| switchbody.c:16:11:16:11 | i | Node steps to itself | -| switchbody.c:16:11:16:24 | ... ? ... : ... | Node steps to itself | -| switchbody.c:16:20:16:20 | i | Node steps to itself | -| switchbody.c:16:24:16:24 | i | Node steps to itself | -| switchbody.c:19:12:19:12 | i | Node steps to itself | -| switchbody.c:28:11:28:11 | i | Node steps to itself | -| switchbody.c:28:11:28:24 | ... ? ... : ... | Node steps to itself | -| switchbody.c:28:20:28:20 | i | Node steps to itself | -| switchbody.c:28:24:28:24 | i | Node steps to itself | -| switchbody.c:33:16:33:16 | i | Node steps to itself | -| switchstmt.c:2:14:2:14 | x | Node steps to itself | -| test.c:3:9:3:9 | i | Node steps to itself | -| test.c:28:16:28:16 | Phi | Node steps to itself | -| test.c:28:16:28:16 | i | Node steps to itself | -| test.c:28:24:28:24 | i | Node steps to itself | -| test.c:36:16:36:16 | Phi | Node steps to itself | -| test.c:36:19:36:19 | i | Node steps to itself | -| test.c:51:11:51:11 | Phi | Node steps to itself | -| test.c:51:11:51:11 | i | Node steps to itself | -| test.c:52:9:52:9 | i | Node steps to itself | -| test.c:73:9:73:9 | Phi | Node steps to itself | -| test.c:73:9:73:9 | i | Node steps to itself | -| test.c:74:14:74:14 | i | Node steps to itself | -| test.c:93:13:93:13 | i | Node steps to itself | -| test.c:93:13:93:21 | ... ? ... : ... | Node steps to itself | -| test.c:108:12:108:12 | i | Node steps to itself | -| test.c:125:12:125:12 | i | Node steps to itself | -| test.c:204:12:204:12 | i | Node steps to itself | -| test.c:204:12:204:20 | ... ? ... : ... | Node steps to itself | -| test.c:219:7:219:7 | x | Node steps to itself | -| test.c:219:13:219:13 | y | Node steps to itself | -| test.c:220:12:220:12 | x | Node steps to itself | -| test.c:222:10:222:10 | y | Node steps to itself | -| test.c:226:9:226:9 | x | Node steps to itself | -| test.c:226:14:226:14 | y | Node steps to itself | -| test.c:227:12:227:12 | x | Node steps to itself | -| test.c:229:10:229:10 | y | Node steps to itself | -| test.c:233:7:233:7 | b | Node steps to itself | -| test.c:233:7:233:15 | ... ? ... : ... | Node steps to itself | -| test.c:233:11:233:11 | x | Node steps to itself | -| test.c:233:15:233:15 | y | Node steps to itself | -| try_catch.cpp:20:7:20:12 | select | Node steps to itself | -| unaryopexpr.c:5:6:5:6 | i | Node steps to itself | -| unaryopexpr.c:7:6:7:6 | i | Node steps to itself | -| unaryopexpr.c:8:6:8:6 | i | Node steps to itself | -| unaryopexpr.c:10:5:10:5 | i | Node steps to itself | -| unaryopexpr.c:11:5:11:5 | i | Node steps to itself | -| unaryopexpr.c:12:7:12:7 | i | Node steps to itself | -| unaryopexpr.c:13:7:13:7 | i | Node steps to itself | -| vla.c:5:27:5:30 | argv | Node steps to itself | -| whilestmt.c:10:10:10:13 | Phi | Node steps to itself | -| whilestmt.c:10:10:10:13 | done | Node steps to itself | -| whilestmt.c:41:9:41:9 | Phi | Node steps to itself | -| whilestmt.c:41:9:41:9 | i | Node steps to itself | -| whilestmt.c:42:7:42:7 | i | Node steps to itself | diff --git a/cpp/ql/test/qlpack.yml b/cpp/ql/test/qlpack.yml index 34c48f7029b..6ee37c09b64 100644 --- a/cpp/ql/test/qlpack.yml +++ b/cpp/ql/test/qlpack.yml @@ -5,3 +5,4 @@ dependencies: codeql/cpp-queries: ${workspace} extractor: cpp tests: . +warnOnImplicitThis: true diff --git a/cpp/ql/test/query-tests/Critical/MemoryFreed/UseAfterFree.expected b/cpp/ql/test/query-tests/Critical/MemoryFreed/UseAfterFree.expected index 54bad8e6cbc..16e74b982c1 100644 --- a/cpp/ql/test/query-tests/Critical/MemoryFreed/UseAfterFree.expected +++ b/cpp/ql/test/query-tests/Critical/MemoryFreed/UseAfterFree.expected @@ -23,8 +23,6 @@ edges | test_free.cpp:239:14:239:15 | * ... | test_free.cpp:241:9:241:10 | * ... | | test_free.cpp:239:14:239:15 | * ... | test_free.cpp:241:9:241:10 | * ... | | test_free.cpp:239:14:239:15 | * ... | test_free.cpp:241:9:241:10 | * ... | -| test_free.cpp:239:14:239:15 | * ... | test_free.cpp:241:10:241:10 | b | -| test_free.cpp:239:14:239:15 | * ... | test_free.cpp:241:10:241:10 | b | | test_free.cpp:245:10:245:11 | * ... | test_free.cpp:246:9:246:10 | * ... | | test_free.cpp:245:10:245:11 | * ... | test_free.cpp:246:9:246:10 | * ... | | test_free.cpp:245:10:245:11 | * ... | test_free.cpp:246:9:246:10 | * ... | @@ -61,7 +59,6 @@ nodes | test_free.cpp:239:14:239:15 | * ... | semmle.label | * ... | | test_free.cpp:241:9:241:10 | * ... | semmle.label | * ... | | test_free.cpp:241:9:241:10 | * ... | semmle.label | * ... | -| test_free.cpp:241:10:241:10 | b | semmle.label | b | | test_free.cpp:245:10:245:11 | * ... | semmle.label | * ... | | test_free.cpp:245:10:245:11 | * ... | semmle.label | * ... | | test_free.cpp:246:9:246:10 | * ... | semmle.label | * ... | @@ -92,8 +89,6 @@ subpaths | test_free.cpp:241:9:241:10 | * ... | test_free.cpp:239:14:239:15 | * ... | test_free.cpp:241:9:241:10 | * ... | Memory may have been previously freed by $@. | test_free.cpp:239:9:239:12 | call to free | call to free | | test_free.cpp:241:9:241:10 | * ... | test_free.cpp:239:14:239:15 | * ... | test_free.cpp:241:9:241:10 | * ... | Memory may have been previously freed by $@. | test_free.cpp:239:9:239:12 | call to free | call to free | | test_free.cpp:241:9:241:10 | * ... | test_free.cpp:239:14:239:15 | * ... | test_free.cpp:241:9:241:10 | * ... | Memory may have been previously freed by $@. | test_free.cpp:239:9:239:12 | call to free | call to free | -| test_free.cpp:241:10:241:10 | b | test_free.cpp:239:14:239:15 | * ... | test_free.cpp:241:10:241:10 | b | Memory may have been previously freed by $@. | test_free.cpp:239:9:239:12 | call to free | call to free | -| test_free.cpp:241:10:241:10 | b | test_free.cpp:239:14:239:15 | * ... | test_free.cpp:241:10:241:10 | b | Memory may have been previously freed by $@. | test_free.cpp:239:9:239:12 | call to free | call to free | | test_free.cpp:246:9:246:10 | * ... | test_free.cpp:245:10:245:11 | * ... | test_free.cpp:246:9:246:10 | * ... | Memory may have been previously freed by $@. | test_free.cpp:245:5:245:8 | call to free | call to free | | test_free.cpp:246:9:246:10 | * ... | test_free.cpp:245:10:245:11 | * ... | test_free.cpp:246:9:246:10 | * ... | Memory may have been previously freed by $@. | test_free.cpp:245:5:245:8 | call to free | call to free | | test_free.cpp:246:9:246:10 | * ... | test_free.cpp:245:10:245:11 | * ... | test_free.cpp:246:9:246:10 | * ... | Memory may have been previously freed by $@. | test_free.cpp:245:5:245:8 | call to free | call to free | diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-078/SAMATE/ExecTainted/ExecTainted.expected b/cpp/ql/test/query-tests/Security/CWE/CWE-078/SAMATE/ExecTainted/ExecTainted.expected index 3bcfdb6e4ae..de7089cab07 100644 --- a/cpp/ql/test/query-tests/Security/CWE/CWE-078/SAMATE/ExecTainted/ExecTainted.expected +++ b/cpp/ql/test/query-tests/Security/CWE/CWE-078/SAMATE/ExecTainted/ExecTainted.expected @@ -1,29 +1,16 @@ edges | tests.cpp:26:15:26:23 | badSource indirection | tests.cpp:51:12:51:20 | call to badSource indirection | -| tests.cpp:26:32:26:35 | data indirection | tests.cpp:26:15:26:23 | badSource indirection | -| tests.cpp:26:32:26:35 | data indirection | tests.cpp:38:25:38:36 | strncat output argument | | tests.cpp:33:34:33:39 | call to getenv indirection | tests.cpp:38:39:38:49 | environment indirection | | tests.cpp:38:25:38:36 | strncat output argument | tests.cpp:26:15:26:23 | badSource indirection | -| tests.cpp:38:25:38:36 | strncat output argument | tests.cpp:26:15:26:23 | badSource indirection | -| tests.cpp:38:25:38:36 | strncat output argument | tests.cpp:51:22:51:25 | badSource output argument | | tests.cpp:38:39:38:49 | environment indirection | tests.cpp:38:25:38:36 | strncat output argument | | tests.cpp:51:12:51:20 | call to badSource indirection | tests.cpp:53:16:53:19 | data indirection | -| tests.cpp:51:22:51:25 | badSource output argument | tests.cpp:51:22:51:25 | data indirection | -| tests.cpp:51:22:51:25 | data indirection | tests.cpp:26:32:26:35 | data indirection | -| tests.cpp:51:22:51:25 | data indirection | tests.cpp:51:12:51:20 | call to badSource indirection | nodes | tests.cpp:26:15:26:23 | badSource indirection | semmle.label | badSource indirection | -| tests.cpp:26:15:26:23 | badSource indirection | semmle.label | badSource indirection | -| tests.cpp:26:32:26:35 | data indirection | semmle.label | data indirection | | tests.cpp:33:34:33:39 | call to getenv indirection | semmle.label | call to getenv indirection | | tests.cpp:38:25:38:36 | strncat output argument | semmle.label | strncat output argument | -| tests.cpp:38:25:38:36 | strncat output argument | semmle.label | strncat output argument | | tests.cpp:38:39:38:49 | environment indirection | semmle.label | environment indirection | | tests.cpp:51:12:51:20 | call to badSource indirection | semmle.label | call to badSource indirection | -| tests.cpp:51:22:51:25 | badSource output argument | semmle.label | badSource output argument | -| tests.cpp:51:22:51:25 | data indirection | semmle.label | data indirection | | tests.cpp:53:16:53:19 | data indirection | semmle.label | data indirection | subpaths -| tests.cpp:51:22:51:25 | data indirection | tests.cpp:26:32:26:35 | data indirection | tests.cpp:26:15:26:23 | badSource indirection | tests.cpp:51:12:51:20 | call to badSource indirection | #select | tests.cpp:53:16:53:19 | data | tests.cpp:33:34:33:39 | call to getenv indirection | tests.cpp:53:16:53:19 | data indirection | This argument to an OS command is derived from $@, dangerously concatenated into $@, and then passed to system(string). | tests.cpp:33:34:33:39 | call to getenv indirection | user input (an environment variable) | tests.cpp:38:25:38:36 | strncat output argument | strncat output argument | diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-078/semmle/ExecTainted/ExecTainted.expected b/cpp/ql/test/query-tests/Security/CWE/CWE-078/semmle/ExecTainted/ExecTainted.expected index f038f287bfc..24b2320c83f 100644 --- a/cpp/ql/test/query-tests/Security/CWE/CWE-078/semmle/ExecTainted/ExecTainted.expected +++ b/cpp/ql/test/query-tests/Security/CWE/CWE-078/semmle/ExecTainted/ExecTainted.expected @@ -45,8 +45,6 @@ edges | test.cpp:186:47:186:54 | filename indirection | test.cpp:188:20:188:24 | flags indirection | | test.cpp:187:11:187:15 | strncat output argument | test.cpp:188:11:188:17 | strncat output argument | | test.cpp:187:18:187:25 | filename indirection | test.cpp:187:11:187:15 | strncat output argument | -| test.cpp:188:11:188:17 | strncat output argument | test.cpp:188:11:188:17 | strncat output argument | -| test.cpp:188:11:188:17 | strncat output argument | test.cpp:188:11:188:17 | strncat output argument | | test.cpp:188:20:188:24 | flags indirection | test.cpp:188:11:188:17 | strncat output argument | | test.cpp:194:9:194:16 | fread output argument | test.cpp:196:26:196:33 | filename indirection | | test.cpp:196:10:196:16 | concat output argument | test.cpp:198:32:198:38 | command indirection | diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-119/SAMATE/OverrunWriteProductFlow.expected b/cpp/ql/test/query-tests/Security/CWE/CWE-119/SAMATE/OverrunWriteProductFlow.expected new file mode 100644 index 00000000000..528d164b888 --- /dev/null +++ b/cpp/ql/test/query-tests/Security/CWE/CWE-119/SAMATE/OverrunWriteProductFlow.expected @@ -0,0 +1,190 @@ +edges +| test.cpp:16:11:16:21 | mk_string_t indirection [string] | test.cpp:39:21:39:31 | call to mk_string_t indirection [string] | +| test.cpp:18:5:18:30 | ... = ... | test.cpp:18:10:18:15 | str indirection [post update] [string] | +| test.cpp:18:10:18:15 | str indirection [post update] [string] | test.cpp:16:11:16:21 | mk_string_t indirection [string] | +| test.cpp:18:19:18:24 | call to malloc | test.cpp:18:5:18:30 | ... = ... | +| test.cpp:39:21:39:31 | call to mk_string_t indirection [string] | test.cpp:42:13:42:15 | str indirection [string] | +| test.cpp:39:21:39:31 | call to mk_string_t indirection [string] | test.cpp:72:17:72:19 | str indirection [string] | +| test.cpp:39:21:39:31 | call to mk_string_t indirection [string] | test.cpp:80:17:80:19 | str indirection [string] | +| test.cpp:42:13:42:15 | str indirection [string] | test.cpp:42:18:42:23 | string | +| test.cpp:42:13:42:15 | str indirection [string] | test.cpp:42:18:42:23 | string indirection | +| test.cpp:42:18:42:23 | string indirection | test.cpp:42:18:42:23 | string | +| test.cpp:72:17:72:19 | str indirection [string] | test.cpp:72:22:72:27 | string | +| test.cpp:72:17:72:19 | str indirection [string] | test.cpp:72:22:72:27 | string indirection | +| test.cpp:72:22:72:27 | string indirection | test.cpp:72:22:72:27 | string | +| test.cpp:80:17:80:19 | str indirection [string] | test.cpp:80:22:80:27 | string | +| test.cpp:80:17:80:19 | str indirection [string] | test.cpp:80:22:80:27 | string indirection | +| test.cpp:80:22:80:27 | string indirection | test.cpp:80:22:80:27 | string | +| test.cpp:88:11:88:30 | mk_string_t_plus_one indirection [string] | test.cpp:96:21:96:40 | call to mk_string_t_plus_one indirection [string] | +| test.cpp:90:5:90:34 | ... = ... | test.cpp:90:10:90:15 | str indirection [post update] [string] | +| test.cpp:90:10:90:15 | str indirection [post update] [string] | test.cpp:88:11:88:30 | mk_string_t_plus_one indirection [string] | +| test.cpp:90:19:90:24 | call to malloc | test.cpp:90:5:90:34 | ... = ... | +| test.cpp:96:21:96:40 | call to mk_string_t_plus_one indirection [string] | test.cpp:99:13:99:15 | str indirection [string] | +| test.cpp:96:21:96:40 | call to mk_string_t_plus_one indirection [string] | test.cpp:129:17:129:19 | str indirection [string] | +| test.cpp:96:21:96:40 | call to mk_string_t_plus_one indirection [string] | test.cpp:137:17:137:19 | str indirection [string] | +| test.cpp:99:13:99:15 | str indirection [string] | test.cpp:99:18:99:23 | string | +| test.cpp:99:13:99:15 | str indirection [string] | test.cpp:99:18:99:23 | string indirection | +| test.cpp:99:18:99:23 | string indirection | test.cpp:99:18:99:23 | string | +| test.cpp:129:17:129:19 | str indirection [string] | test.cpp:129:22:129:27 | string | +| test.cpp:129:17:129:19 | str indirection [string] | test.cpp:129:22:129:27 | string indirection | +| test.cpp:129:22:129:27 | string indirection | test.cpp:129:22:129:27 | string | +| test.cpp:137:17:137:19 | str indirection [string] | test.cpp:137:22:137:27 | string | +| test.cpp:137:17:137:19 | str indirection [string] | test.cpp:137:22:137:27 | string indirection | +| test.cpp:137:22:137:27 | string indirection | test.cpp:137:22:137:27 | string | +| test.cpp:147:5:147:34 | ... = ... | test.cpp:147:10:147:15 | str indirection [post update] [string] | +| test.cpp:147:10:147:15 | str indirection [post update] [string] | test.cpp:152:13:152:15 | str indirection [string] | +| test.cpp:147:10:147:15 | str indirection [post update] [string] | test.cpp:154:13:154:15 | str indirection [string] | +| test.cpp:147:10:147:15 | str indirection [post update] [string] | test.cpp:156:13:156:15 | str indirection [string] | +| test.cpp:147:10:147:15 | str indirection [post update] [string] | test.cpp:175:17:175:19 | str indirection [string] | +| test.cpp:147:10:147:15 | str indirection [post update] [string] | test.cpp:187:17:187:19 | str indirection [string] | +| test.cpp:147:10:147:15 | str indirection [post update] [string] | test.cpp:195:17:195:19 | str indirection [string] | +| test.cpp:147:10:147:15 | str indirection [post update] [string] | test.cpp:199:17:199:19 | str indirection [string] | +| test.cpp:147:10:147:15 | str indirection [post update] [string] | test.cpp:203:17:203:19 | str indirection [string] | +| test.cpp:147:10:147:15 | str indirection [post update] [string] | test.cpp:207:17:207:19 | str indirection [string] | +| test.cpp:147:19:147:24 | call to malloc | test.cpp:147:5:147:34 | ... = ... | +| test.cpp:152:13:152:15 | str indirection [string] | test.cpp:152:18:152:23 | string | +| test.cpp:152:13:152:15 | str indirection [string] | test.cpp:152:18:152:23 | string indirection | +| test.cpp:152:18:152:23 | string indirection | test.cpp:152:18:152:23 | string | +| test.cpp:154:13:154:15 | str indirection [string] | test.cpp:154:18:154:23 | string | +| test.cpp:154:13:154:15 | str indirection [string] | test.cpp:154:18:154:23 | string indirection | +| test.cpp:154:18:154:23 | string indirection | test.cpp:154:18:154:23 | string | +| test.cpp:156:13:156:15 | str indirection [string] | test.cpp:156:18:156:23 | string | +| test.cpp:156:13:156:15 | str indirection [string] | test.cpp:156:18:156:23 | string indirection | +| test.cpp:156:18:156:23 | string indirection | test.cpp:156:18:156:23 | string | +| test.cpp:175:17:175:19 | str indirection [string] | test.cpp:175:22:175:27 | string | +| test.cpp:175:17:175:19 | str indirection [string] | test.cpp:175:22:175:27 | string indirection | +| test.cpp:175:22:175:27 | string indirection | test.cpp:175:22:175:27 | string | +| test.cpp:187:17:187:19 | str indirection [string] | test.cpp:187:22:187:27 | string | +| test.cpp:187:17:187:19 | str indirection [string] | test.cpp:187:22:187:27 | string indirection | +| test.cpp:187:22:187:27 | string indirection | test.cpp:187:22:187:27 | string | +| test.cpp:195:17:195:19 | str indirection [string] | test.cpp:195:22:195:27 | string | +| test.cpp:195:17:195:19 | str indirection [string] | test.cpp:195:22:195:27 | string indirection | +| test.cpp:195:22:195:27 | string indirection | test.cpp:195:22:195:27 | string | +| test.cpp:199:17:199:19 | str indirection [string] | test.cpp:199:22:199:27 | string | +| test.cpp:199:17:199:19 | str indirection [string] | test.cpp:199:22:199:27 | string indirection | +| test.cpp:199:22:199:27 | string indirection | test.cpp:199:22:199:27 | string | +| test.cpp:203:17:203:19 | str indirection [string] | test.cpp:203:22:203:27 | string | +| test.cpp:203:17:203:19 | str indirection [string] | test.cpp:203:22:203:27 | string indirection | +| test.cpp:203:22:203:27 | string indirection | test.cpp:203:22:203:27 | string | +| test.cpp:207:17:207:19 | str indirection [string] | test.cpp:207:22:207:27 | string | +| test.cpp:207:17:207:19 | str indirection [string] | test.cpp:207:22:207:27 | string indirection | +| test.cpp:207:22:207:27 | string indirection | test.cpp:207:22:207:27 | string | +| test.cpp:214:24:214:24 | p | test.cpp:216:10:216:10 | p | +| test.cpp:220:43:220:48 | call to malloc | test.cpp:222:15:222:20 | buffer | +| test.cpp:222:15:222:20 | buffer | test.cpp:214:24:214:24 | p | +| test.cpp:228:43:228:48 | call to malloc | test.cpp:232:10:232:15 | buffer | +| test.cpp:235:40:235:45 | buffer | test.cpp:236:5:236:26 | ... = ... | +| test.cpp:236:5:236:26 | ... = ... | test.cpp:236:12:236:17 | p_str indirection [post update] [string] | +| test.cpp:241:27:241:32 | call to malloc | test.cpp:242:22:242:27 | buffer | +| test.cpp:242:16:242:19 | set_string output argument [string] | test.cpp:243:12:243:14 | str indirection [string] | +| test.cpp:242:22:242:27 | buffer | test.cpp:235:40:235:45 | buffer | +| test.cpp:242:22:242:27 | buffer | test.cpp:242:16:242:19 | set_string output argument [string] | +| test.cpp:243:12:243:14 | str indirection [string] | test.cpp:243:12:243:21 | string | +| test.cpp:243:12:243:14 | str indirection [string] | test.cpp:243:16:243:21 | string indirection | +| test.cpp:243:16:243:21 | string indirection | test.cpp:243:12:243:21 | string | +| test.cpp:249:20:249:27 | call to my_alloc | test.cpp:250:12:250:12 | p | +| test.cpp:256:17:256:22 | call to malloc | test.cpp:257:12:257:12 | p | +| test.cpp:262:22:262:27 | call to malloc | test.cpp:266:12:266:12 | p | +| test.cpp:264:20:264:25 | call to malloc | test.cpp:266:12:266:12 | p | +nodes +| test.cpp:16:11:16:21 | mk_string_t indirection [string] | semmle.label | mk_string_t indirection [string] | +| test.cpp:18:5:18:30 | ... = ... | semmle.label | ... = ... | +| test.cpp:18:10:18:15 | str indirection [post update] [string] | semmle.label | str indirection [post update] [string] | +| test.cpp:18:19:18:24 | call to malloc | semmle.label | call to malloc | +| test.cpp:39:21:39:31 | call to mk_string_t indirection [string] | semmle.label | call to mk_string_t indirection [string] | +| test.cpp:42:13:42:15 | str indirection [string] | semmle.label | str indirection [string] | +| test.cpp:42:18:42:23 | string | semmle.label | string | +| test.cpp:42:18:42:23 | string indirection | semmle.label | string indirection | +| test.cpp:72:17:72:19 | str indirection [string] | semmle.label | str indirection [string] | +| test.cpp:72:22:72:27 | string | semmle.label | string | +| test.cpp:72:22:72:27 | string indirection | semmle.label | string indirection | +| test.cpp:80:17:80:19 | str indirection [string] | semmle.label | str indirection [string] | +| test.cpp:80:22:80:27 | string | semmle.label | string | +| test.cpp:80:22:80:27 | string indirection | semmle.label | string indirection | +| test.cpp:88:11:88:30 | mk_string_t_plus_one indirection [string] | semmle.label | mk_string_t_plus_one indirection [string] | +| test.cpp:90:5:90:34 | ... = ... | semmle.label | ... = ... | +| test.cpp:90:10:90:15 | str indirection [post update] [string] | semmle.label | str indirection [post update] [string] | +| test.cpp:90:19:90:24 | call to malloc | semmle.label | call to malloc | +| test.cpp:96:21:96:40 | call to mk_string_t_plus_one indirection [string] | semmle.label | call to mk_string_t_plus_one indirection [string] | +| test.cpp:99:13:99:15 | str indirection [string] | semmle.label | str indirection [string] | +| test.cpp:99:18:99:23 | string | semmle.label | string | +| test.cpp:99:18:99:23 | string indirection | semmle.label | string indirection | +| test.cpp:129:17:129:19 | str indirection [string] | semmle.label | str indirection [string] | +| test.cpp:129:22:129:27 | string | semmle.label | string | +| test.cpp:129:22:129:27 | string indirection | semmle.label | string indirection | +| test.cpp:137:17:137:19 | str indirection [string] | semmle.label | str indirection [string] | +| test.cpp:137:22:137:27 | string | semmle.label | string | +| test.cpp:137:22:137:27 | string indirection | semmle.label | string indirection | +| test.cpp:147:5:147:34 | ... = ... | semmle.label | ... = ... | +| test.cpp:147:10:147:15 | str indirection [post update] [string] | semmle.label | str indirection [post update] [string] | +| test.cpp:147:19:147:24 | call to malloc | semmle.label | call to malloc | +| test.cpp:152:13:152:15 | str indirection [string] | semmle.label | str indirection [string] | +| test.cpp:152:18:152:23 | string | semmle.label | string | +| test.cpp:152:18:152:23 | string indirection | semmle.label | string indirection | +| test.cpp:154:13:154:15 | str indirection [string] | semmle.label | str indirection [string] | +| test.cpp:154:18:154:23 | string | semmle.label | string | +| test.cpp:154:18:154:23 | string indirection | semmle.label | string indirection | +| test.cpp:156:13:156:15 | str indirection [string] | semmle.label | str indirection [string] | +| test.cpp:156:18:156:23 | string | semmle.label | string | +| test.cpp:156:18:156:23 | string indirection | semmle.label | string indirection | +| test.cpp:175:17:175:19 | str indirection [string] | semmle.label | str indirection [string] | +| test.cpp:175:22:175:27 | string | semmle.label | string | +| test.cpp:175:22:175:27 | string indirection | semmle.label | string indirection | +| test.cpp:187:17:187:19 | str indirection [string] | semmle.label | str indirection [string] | +| test.cpp:187:22:187:27 | string | semmle.label | string | +| test.cpp:187:22:187:27 | string indirection | semmle.label | string indirection | +| test.cpp:195:17:195:19 | str indirection [string] | semmle.label | str indirection [string] | +| test.cpp:195:22:195:27 | string | semmle.label | string | +| test.cpp:195:22:195:27 | string indirection | semmle.label | string indirection | +| test.cpp:199:17:199:19 | str indirection [string] | semmle.label | str indirection [string] | +| test.cpp:199:22:199:27 | string | semmle.label | string | +| test.cpp:199:22:199:27 | string indirection | semmle.label | string indirection | +| test.cpp:203:17:203:19 | str indirection [string] | semmle.label | str indirection [string] | +| test.cpp:203:22:203:27 | string | semmle.label | string | +| test.cpp:203:22:203:27 | string indirection | semmle.label | string indirection | +| test.cpp:207:17:207:19 | str indirection [string] | semmle.label | str indirection [string] | +| test.cpp:207:22:207:27 | string | semmle.label | string | +| test.cpp:207:22:207:27 | string indirection | semmle.label | string indirection | +| test.cpp:214:24:214:24 | p | semmle.label | p | +| test.cpp:216:10:216:10 | p | semmle.label | p | +| test.cpp:220:43:220:48 | call to malloc | semmle.label | call to malloc | +| test.cpp:222:15:222:20 | buffer | semmle.label | buffer | +| test.cpp:228:43:228:48 | call to malloc | semmle.label | call to malloc | +| test.cpp:232:10:232:15 | buffer | semmle.label | buffer | +| test.cpp:235:40:235:45 | buffer | semmle.label | buffer | +| test.cpp:236:5:236:26 | ... = ... | semmle.label | ... = ... | +| test.cpp:236:12:236:17 | p_str indirection [post update] [string] | semmle.label | p_str indirection [post update] [string] | +| test.cpp:241:27:241:32 | call to malloc | semmle.label | call to malloc | +| test.cpp:242:16:242:19 | set_string output argument [string] | semmle.label | set_string output argument [string] | +| test.cpp:242:22:242:27 | buffer | semmle.label | buffer | +| test.cpp:243:12:243:14 | str indirection [string] | semmle.label | str indirection [string] | +| test.cpp:243:12:243:21 | string | semmle.label | string | +| test.cpp:243:16:243:21 | string indirection | semmle.label | string indirection | +| test.cpp:249:20:249:27 | call to my_alloc | semmle.label | call to my_alloc | +| test.cpp:250:12:250:12 | p | semmle.label | p | +| test.cpp:256:17:256:22 | call to malloc | semmle.label | call to malloc | +| test.cpp:257:12:257:12 | p | semmle.label | p | +| test.cpp:262:22:262:27 | call to malloc | semmle.label | call to malloc | +| test.cpp:264:20:264:25 | call to malloc | semmle.label | call to malloc | +| test.cpp:266:12:266:12 | p | semmle.label | p | +subpaths +| test.cpp:242:22:242:27 | buffer | test.cpp:235:40:235:45 | buffer | test.cpp:236:12:236:17 | p_str indirection [post update] [string] | test.cpp:242:16:242:19 | set_string output argument [string] | +#select +| test.cpp:42:5:42:11 | call to strncpy | test.cpp:18:19:18:24 | call to malloc | test.cpp:42:18:42:23 | string | This write may overflow $@ by 1 element. | test.cpp:42:18:42:23 | string | string | +| test.cpp:72:9:72:15 | call to strncpy | test.cpp:18:19:18:24 | call to malloc | test.cpp:72:22:72:27 | string | This write may overflow $@ by 1 element. | test.cpp:72:22:72:27 | string | string | +| test.cpp:80:9:80:15 | call to strncpy | test.cpp:18:19:18:24 | call to malloc | test.cpp:80:22:80:27 | string | This write may overflow $@ by 2 elements. | test.cpp:80:22:80:27 | string | string | +| test.cpp:99:5:99:11 | call to strncpy | test.cpp:90:19:90:24 | call to malloc | test.cpp:99:18:99:23 | string | This write may overflow $@ by 1 element. | test.cpp:99:18:99:23 | string | string | +| test.cpp:129:9:129:15 | call to strncpy | test.cpp:90:19:90:24 | call to malloc | test.cpp:129:22:129:27 | string | This write may overflow $@ by 1 element. | test.cpp:129:22:129:27 | string | string | +| test.cpp:137:9:137:15 | call to strncpy | test.cpp:90:19:90:24 | call to malloc | test.cpp:137:22:137:27 | string | This write may overflow $@ by 2 elements. | test.cpp:137:22:137:27 | string | string | +| test.cpp:152:5:152:11 | call to strncpy | test.cpp:147:19:147:24 | call to malloc | test.cpp:152:18:152:23 | string | This write may overflow $@ by 1 element. | test.cpp:152:18:152:23 | string | string | +| test.cpp:154:5:154:11 | call to strncpy | test.cpp:147:19:147:24 | call to malloc | test.cpp:154:18:154:23 | string | This write may overflow $@ by 1 element. | test.cpp:154:18:154:23 | string | string | +| test.cpp:156:5:156:11 | call to strncpy | test.cpp:147:19:147:24 | call to malloc | test.cpp:156:18:156:23 | string | This write may overflow $@ by 2 elements. | test.cpp:156:18:156:23 | string | string | +| test.cpp:175:9:175:15 | call to strncpy | test.cpp:147:19:147:24 | call to malloc | test.cpp:175:22:175:27 | string | This write may overflow $@ by 1 element. | test.cpp:175:22:175:27 | string | string | +| test.cpp:187:9:187:15 | call to strncpy | test.cpp:147:19:147:24 | call to malloc | test.cpp:187:22:187:27 | string | This write may overflow $@ by 1 element. | test.cpp:187:22:187:27 | string | string | +| test.cpp:195:9:195:15 | call to strncpy | test.cpp:147:19:147:24 | call to malloc | test.cpp:195:22:195:27 | string | This write may overflow $@ by 1 element. | test.cpp:195:22:195:27 | string | string | +| test.cpp:199:9:199:15 | call to strncpy | test.cpp:147:19:147:24 | call to malloc | test.cpp:199:22:199:27 | string | This write may overflow $@ by 2 elements. | test.cpp:199:22:199:27 | string | string | +| test.cpp:203:9:203:15 | call to strncpy | test.cpp:147:19:147:24 | call to malloc | test.cpp:203:22:203:27 | string | This write may overflow $@ by 2 elements. | test.cpp:203:22:203:27 | string | string | +| test.cpp:207:9:207:15 | call to strncpy | test.cpp:147:19:147:24 | call to malloc | test.cpp:207:22:207:27 | string | This write may overflow $@ by 3 elements. | test.cpp:207:22:207:27 | string | string | +| test.cpp:243:5:243:10 | call to memset | test.cpp:241:27:241:32 | call to malloc | test.cpp:243:12:243:21 | string | This write may overflow $@ by 1 element. | test.cpp:243:16:243:21 | string | string | +| test.cpp:250:5:250:10 | call to memset | test.cpp:249:20:249:27 | call to my_alloc | test.cpp:250:12:250:12 | p | This write may overflow $@ by 1 element. | test.cpp:250:12:250:12 | p | p | +| test.cpp:266:5:266:10 | call to memset | test.cpp:262:22:262:27 | call to malloc | test.cpp:266:12:266:12 | p | This write may overflow $@ by 1 element. | test.cpp:266:12:266:12 | p | p | diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-119/SAMATE/OverrunWriteProductFlow.qlref b/cpp/ql/test/query-tests/Security/CWE/CWE-119/SAMATE/OverrunWriteProductFlow.qlref new file mode 100644 index 00000000000..1a418e6abc6 --- /dev/null +++ b/cpp/ql/test/query-tests/Security/CWE/CWE-119/SAMATE/OverrunWriteProductFlow.qlref @@ -0,0 +1 @@ +Security/CWE/CWE-119/OverrunWriteProductFlow.ql \ No newline at end of file diff --git a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-119/test.cpp b/cpp/ql/test/query-tests/Security/CWE/CWE-119/SAMATE/test.cpp similarity index 92% rename from cpp/ql/test/experimental/query-tests/Security/CWE/CWE-119/test.cpp rename to cpp/ql/test/query-tests/Security/CWE/CWE-119/SAMATE/test.cpp index fe54fc86b2d..253ac4fe292 100644 --- a/cpp/ql/test/experimental/query-tests/Security/CWE/CWE-119/test.cpp +++ b/cpp/ql/test/query-tests/Security/CWE/CWE-119/SAMATE/test.cpp @@ -213,7 +213,7 @@ void *memset(void *, int, unsigned); void call_memset(void *p, unsigned size) { - memset(p, 0, size); // GOOD [FALSE POSITIVE] + memset(p, 0, size); // GOOD } void test_missing_call_context(unsigned char *unrelated_buffer, unsigned size) { @@ -229,7 +229,7 @@ void repeated_alerts(unsigned size, unsigned offset) { while(unknown()) { ++size; } - memset(buffer, 0, size); // BAD + memset(buffer, 0, size); // BAD [NOT DETECTED] } void set_string(string_t* p_str, char* buffer) { @@ -243,3 +243,25 @@ void test_flow_through_setter(unsigned size) { memset(str.string, 0, size + 1); // BAD } +void* my_alloc(unsigned size); + +void foo(unsigned size) { + int* p = (int*)my_alloc(size); // BAD + memset(p, 0, size + 1); +} + +void test6(unsigned long n, char *p) { + while (unknown()) { + n++; + p = (char *)malloc(n); + memset(p, 0, n); // GOOD + } +} + +void test7(unsigned n) { + char* p = (char*)malloc(n); + if(!p) { + p = (char*)malloc(++n); + } + memset(p, 0, n); // GOOD [FALSE POSITIVE] +} \ No newline at end of file diff --git a/csharp/documentation/library-coverage/coverage.csv b/csharp/documentation/library-coverage/coverage.csv index cb01c5e13ad..a4a6a534105 100644 --- a/csharp/documentation/library-coverage/coverage.csv +++ b/csharp/documentation/library-coverage/coverage.csv @@ -1,9 +1,9 @@ -package,sink,source,summary,sink:code,sink:encryption-decryptor,sink:encryption-encryptor,sink:encryption-keyprop,sink:encryption-symmetrickey,sink:html,sink:remote,sink:sql,sink:xss,source:file,source:file-write,source:local,source:remote,summary:taint,summary:value -Dapper,55,,,,,,,,,,55,,,,,,, +package,sink,source,summary,sink:code-injection,sink:encryption-decryptor,sink:encryption-encryptor,sink:encryption-keyprop,sink:encryption-symmetrickey,sink:file-content-store,sink:html-injection,sink:js-injection,sink:sql-injection,source:file,source:file-write,source:local,source:remote,summary:taint,summary:value +Dapper,55,,,,,,,,,,,55,,,,,, JsonToItemsTaskFactory,,,7,,,,,,,,,,,,,,7, -Microsoft.ApplicationBlocks.Data,28,,,,,,,,,,28,,,,,,, +Microsoft.ApplicationBlocks.Data,28,,,,,,,,,,,28,,,,,, Microsoft.CSharp,,,24,,,,,,,,,,,,,,24, -Microsoft.EntityFrameworkCore,6,,,,,,,,,,6,,,,,,, +Microsoft.EntityFrameworkCore,6,,12,,,,,,,,,6,,,,,,12 Microsoft.Extensions.Caching.Distributed,,,15,,,,,,,,,,,,,,15, Microsoft.Extensions.Caching.Memory,,,46,,,,,,,,,,,,,,45,1 Microsoft.Extensions.Configuration,,,83,,,,,,,,,,,,,,80,3 @@ -21,8 +21,8 @@ Microsoft.NET.Build.Tasks,,,1,,,,,,,,,,,,,,1, Microsoft.NETCore.Platforms.BuildTasks,,,4,,,,,,,,,,,,,,4, Microsoft.VisualBasic,,,10,,,,,,,,,,,,,,5,5 Microsoft.Win32,,,8,,,,,,,,,,,,,,8, -MySql.Data.MySqlClient,48,,,,,,,,,,48,,,,,,, +MySql.Data.MySqlClient,48,,,,,,,,,,,48,,,,,, Newtonsoft.Json,,,91,,,,,,,,,,,,,,73,18 -ServiceStack,194,,7,27,,,,,,75,92,,,,,,7, -System,65,25,12154,,8,8,9,,4,,33,3,1,17,3,4,10163,1991 +ServiceStack,194,,7,27,,,,,75,,,92,,,,,7, +System,65,25,12157,,8,8,9,,,4,3,33,1,17,3,4,10163,1994 Windows.Security.Cryptography.Core,1,,,,,,,1,,,,,,,,,, diff --git a/csharp/documentation/library-coverage/coverage.rst b/csharp/documentation/library-coverage/coverage.rst index 3837422c867..163638d895f 100644 --- a/csharp/documentation/library-coverage/coverage.rst +++ b/csharp/documentation/library-coverage/coverage.rst @@ -8,7 +8,7 @@ C# framework & library support Framework / library,Package,Flow sources,Taint & value steps,Sinks (total),`CWE-079` :sub:`Cross-site scripting` `ServiceStack `_,"``ServiceStack.*``, ``ServiceStack``",,7,194, - System,"``System.*``, ``System``",25,12154,65,7 - Others,"``Dapper``, ``JsonToItemsTaskFactory``, ``Microsoft.ApplicationBlocks.Data``, ``Microsoft.CSharp``, ``Microsoft.EntityFrameworkCore``, ``Microsoft.Extensions.Caching.Distributed``, ``Microsoft.Extensions.Caching.Memory``, ``Microsoft.Extensions.Configuration``, ``Microsoft.Extensions.DependencyInjection``, ``Microsoft.Extensions.DependencyModel``, ``Microsoft.Extensions.FileProviders``, ``Microsoft.Extensions.FileSystemGlobbing``, ``Microsoft.Extensions.Hosting``, ``Microsoft.Extensions.Http``, ``Microsoft.Extensions.Logging``, ``Microsoft.Extensions.Options``, ``Microsoft.Extensions.Primitives``, ``Microsoft.Interop``, ``Microsoft.NET.Build.Tasks``, ``Microsoft.NETCore.Platforms.BuildTasks``, ``Microsoft.VisualBasic``, ``Microsoft.Win32``, ``MySql.Data.MySqlClient``, ``Newtonsoft.Json``, ``Windows.Security.Cryptography.Core``",,556,138, - Totals,,25,12717,397,7 + System,"``System.*``, ``System``",25,12157,65,7 + Others,"``Dapper``, ``JsonToItemsTaskFactory``, ``Microsoft.ApplicationBlocks.Data``, ``Microsoft.CSharp``, ``Microsoft.EntityFrameworkCore``, ``Microsoft.Extensions.Caching.Distributed``, ``Microsoft.Extensions.Caching.Memory``, ``Microsoft.Extensions.Configuration``, ``Microsoft.Extensions.DependencyInjection``, ``Microsoft.Extensions.DependencyModel``, ``Microsoft.Extensions.FileProviders``, ``Microsoft.Extensions.FileSystemGlobbing``, ``Microsoft.Extensions.Hosting``, ``Microsoft.Extensions.Http``, ``Microsoft.Extensions.Logging``, ``Microsoft.Extensions.Options``, ``Microsoft.Extensions.Primitives``, ``Microsoft.Interop``, ``Microsoft.NET.Build.Tasks``, ``Microsoft.NETCore.Platforms.BuildTasks``, ``Microsoft.VisualBasic``, ``Microsoft.Win32``, ``MySql.Data.MySqlClient``, ``Newtonsoft.Json``, ``Windows.Security.Cryptography.Core``",,568,138, + Totals,,25,12732,397,7 diff --git a/csharp/documentation/library-coverage/cwe-sink.csv b/csharp/documentation/library-coverage/cwe-sink.csv index e71e194a2ed..70f0034ecd3 100644 --- a/csharp/documentation/library-coverage/cwe-sink.csv +++ b/csharp/documentation/library-coverage/cwe-sink.csv @@ -1,2 +1,2 @@ CWE,Sink identifier,Label -CWE-079,html xss,Cross-site scripting \ No newline at end of file +CWE-079,html-injection js-injection,Cross-site scripting diff --git a/csharp/extractor/Semmle.Extraction.CSharp.Standalone/Extractor.cs b/csharp/extractor/Semmle.Extraction.CSharp.Standalone/Extractor.cs index 97a25d200f7..a9f43af2bea 100644 --- a/csharp/extractor/Semmle.Extraction.CSharp.Standalone/Extractor.cs +++ b/csharp/extractor/Semmle.Extraction.CSharp.Standalone/Extractor.cs @@ -33,7 +33,9 @@ namespace Semmle.Extraction.CSharp.Standalone CSharp.Extractor.Analyse(stopwatch, analyser, options, references => GetResolvedReferencesStandalone(referencePaths, references), (analyser, syntaxTrees) => CSharp.Extractor.ReadSyntaxTrees(sources, analyser, null, null, syntaxTrees), - (syntaxTrees, references) => CSharpCompilation.Create("csharp.dll", syntaxTrees, references), + (syntaxTrees, references) => CSharpCompilation.Create( + "csharp.dll", syntaxTrees, references, new CSharpCompilationOptions(OutputKind.ConsoleApplication, allowUnsafe: true) + ), (compilation, options) => analyser.Initialize(compilation, options), () => { }, _ => { }, diff --git a/csharp/extractor/Semmle.Extraction.CSharp/Entities/Expression.cs b/csharp/extractor/Semmle.Extraction.CSharp/Entities/Expression.cs index 3984e7c00cf..a77c0b30095 100644 --- a/csharp/extractor/Semmle.Extraction.CSharp/Entities/Expression.cs +++ b/csharp/extractor/Semmle.Extraction.CSharp/Entities/Expression.cs @@ -211,6 +211,16 @@ namespace Semmle.Extraction.CSharp.Entities return Default.CreateGenerated(cx, parent, childIndex, location, ValueAsString(null)); } + if (type.SpecialType is SpecialType.None) + { + return ImplicitCast.CreateGenerated(cx, parent, childIndex, type, defaultValue, location); + } + + if (type.SpecialType is SpecialType.System_DateTime) + { + return DateTimeObjectCreation.CreateGenerated(cx, parent, childIndex, type, defaultValue, location); + } + // const literal: return Literal.CreateGenerated(cx, parent, childIndex, type, defaultValue, location); } diff --git a/csharp/extractor/Semmle.Extraction.CSharp/Entities/Expressions/ImplicitCast.cs b/csharp/extractor/Semmle.Extraction.CSharp/Entities/Expressions/ImplicitCast.cs index 2d617cdb1b9..ebd7379ee67 100644 --- a/csharp/extractor/Semmle.Extraction.CSharp/Entities/Expressions/ImplicitCast.cs +++ b/csharp/extractor/Semmle.Extraction.CSharp/Entities/Expressions/ImplicitCast.cs @@ -1,3 +1,4 @@ +using System.Linq; using Microsoft.CodeAnalysis; using Semmle.Extraction.Kinds; @@ -11,33 +12,73 @@ namespace Semmle.Extraction.CSharp.Entities.Expressions private set; } - public ImplicitCast(ExpressionNodeInfo info) + private ImplicitCast(ExpressionNodeInfo info) : base(new ExpressionInfo(info.Context, info.ConvertedType, info.Location, ExprKind.CAST, info.Parent, info.Child, true, info.ExprValue)) { Expr = Factory.Create(new ExpressionNodeInfo(Context, info.Node, this, 0)); } - public ImplicitCast(ExpressionNodeInfo info, IMethodSymbol method) + private ImplicitCast(ExpressionNodeInfo info, IMethodSymbol method) : base(new ExpressionInfo(info.Context, info.ConvertedType, info.Location, ExprKind.OPERATOR_INVOCATION, info.Parent, info.Child, true, info.ExprValue)) { Expr = Factory.Create(info.SetParent(this, 0)); - var target = Method.Create(Context, method); - if (target is not null) - Context.TrapWriter.Writer.expr_call(this, target); - else - Context.ModelError(info.Node, "Failed to resolve target for operator invocation"); + AddOperatorCall(method); } - /// - /// Creates a new expression, adding casts as required. - /// - /// The extraction context. - /// The expression node. - /// The parent of the expression. - /// The child number. - /// A type hint. - /// A new expression. + private ImplicitCast(ExpressionInfo info, IMethodSymbol method, object value) : base(info) + { + Expr = Literal.CreateGenerated(Context, this, 0, method.Parameters[0].Type, value, info.Location); + + AddOperatorCall(method); + } + + private void AddOperatorCall(IMethodSymbol method) + { + var target = Method.Create(Context, method); + Context.TrapWriter.Writer.expr_call(this, target); + } + + private static IMethodSymbol? GetImplicitConversionMethod(ITypeSymbol type, object value) => + type + .GetMembers() + .OfType() + .Where(method => + method.GetName() == "op_Implicit" && + method.Parameters.Length == 1 && + method.Parameters[0].Type.Name == value.GetType().Name + ) + .FirstOrDefault(); + + // Creates a new generated expression with an implicit cast added, if needed. + public static Expression CreateGenerated(Context cx, IExpressionParentEntity parent, int childIndex, ITypeSymbol type, object value, + Extraction.Entities.Location location) + { + ExpressionInfo create(ExprKind kind, string? v) => + new ExpressionInfo( + cx, + AnnotatedTypeSymbol.CreateNotAnnotated(type), + location, + kind, + parent, + childIndex, + true, + v); + + var method = GetImplicitConversionMethod(type, value); + if (method is not null) + { + var info = create(ExprKind.OPERATOR_INVOCATION, null); + return new ImplicitCast(info, method, value); + } + else + { + cx.ModelError(location, "Failed to resolve target for implicit operator invocation for a parameter default."); + return new Expression(create(ExprKind.UNKNOWN, ValueAsString(value))); + } + } + + // Creates a new expression, adding casts as required. public static Expression Create(ExpressionNodeInfo info) { var resolvedType = info.ResolvedType; diff --git a/csharp/extractor/Semmle.Extraction.CSharp/Entities/Expressions/ObjectCreation/DateTimeObjectCreation.cs b/csharp/extractor/Semmle.Extraction.CSharp/Entities/Expressions/ObjectCreation/DateTimeObjectCreation.cs new file mode 100644 index 00000000000..52fcb3629f3 --- /dev/null +++ b/csharp/extractor/Semmle.Extraction.CSharp/Entities/Expressions/ObjectCreation/DateTimeObjectCreation.cs @@ -0,0 +1,70 @@ +using Microsoft.CodeAnalysis; +using System.Linq; +using System.IO; +using Semmle.Extraction.Kinds; + +namespace Semmle.Extraction.CSharp.Entities.Expressions +{ + internal class DateTimeObjectCreation : Expression + { + private readonly IMethodSymbol constructorSymbol; + + private DateTimeObjectCreation(IMethodSymbol constructorSymbol, ExpressionInfo info) : base(info) + { + this.constructorSymbol = constructorSymbol; + } + + // Gets the value of a System.DateTime object as a string containing the ticks. + private static long ValueAsLong(object? value) => + value is System.DateTime d ? d.Ticks : 0; + + // Gets the System.DateTime(long) constructor from the `type` symbol. + private static IMethodSymbol? GetDateTimeConstructor(ITypeSymbol? type) + { + return type?.GetMembers() + .Where(m => + m is IMethodSymbol c && + c.GetName() == "ctor" && + c.Parameters.Length == 1 && + c.Parameters[0].Type.SpecialType == SpecialType.System_Int64) + .Cast() + .FirstOrDefault(); + } + + + protected void PopulateExpression(TextWriter trapFile) + { + var constructor = Constructor.Create(Context, constructorSymbol); + trapFile.expr_call(this, constructor); + } + + protected new Expression TryPopulate() + { + Context.Try(null, null, () => PopulateExpression(Context.TrapWriter.Writer)); + return this; + } + + // Gets an expression that represents a System.DateTime object creation. + // The `type` symbol must be a System.DateTime type and the value must be a System.DateTime object. + // The expression that is being created is a call to the System.DateTime(long) constructor, where + // the number of ticks from the `value` object is used as the argument to the constructor call. + public static Expression CreateGenerated(Context cx, IExpressionParentEntity parent, int childIndex, ITypeSymbol type, object? value, Extraction.Entities.Location location) + { + var constructorSymbol = GetDateTimeConstructor(type) ?? throw new InternalError("Could not find symbol for System.DateTime(long)"); + var expr = new DateTimeObjectCreation(constructorSymbol, new ExpressionInfo( + cx, + AnnotatedTypeSymbol.CreateNotAnnotated(type), + location, + ExprKind.OBJECT_CREATION, + parent, + childIndex, + true, + null)); + + var longTypeSymbol = constructorSymbol.Parameters[0].Type; + Literal.CreateGenerated(cx, expr, 0, longTypeSymbol, ValueAsLong(value), location); + + return expr.TryPopulate(); + } + } +} \ No newline at end of file diff --git a/csharp/extractor/Semmle.Extraction.CSharp/Entities/Method.cs b/csharp/extractor/Semmle.Extraction.CSharp/Entities/Method.cs index 22bf9f69670..3729a5d2528 100644 --- a/csharp/extractor/Semmle.Extraction.CSharp/Entities/Method.cs +++ b/csharp/extractor/Semmle.Extraction.CSharp/Entities/Method.cs @@ -243,7 +243,12 @@ namespace Semmle.Extraction.CSharp.Entities if (methodKind == MethodKind.ExplicitInterfaceImplementation) { // Retrieve the original method kind - methodKind = methodDecl.ExplicitInterfaceImplementations.Select(m => m.MethodKind).FirstOrDefault(); + if (methodDecl.ExplicitInterfaceImplementations.IsEmpty) + { + throw new InternalError(methodDecl, "Couldn't get the original method kind for an explicit interface implementation"); + } + + methodKind = methodDecl.ExplicitInterfaceImplementations.Select(m => m.MethodKind).First(); } switch (methodKind) diff --git a/csharp/extractor/Semmle.Extraction.CSharp/Extractor/Extractor.cs b/csharp/extractor/Semmle.Extraction.CSharp/Extractor/Extractor.cs index ec4f44c21c7..79855875d02 100644 --- a/csharp/extractor/Semmle.Extraction.CSharp/Extractor/Extractor.cs +++ b/csharp/extractor/Semmle.Extraction.CSharp/Extractor/Extractor.cs @@ -381,8 +381,17 @@ namespace Semmle.Extraction.CSharp references => ResolveReferences(compilerArguments, analyser, canonicalPathCache, references), (analyser, syntaxTrees) => { + var paths = compilerArguments.SourceFiles + .Select(src => src.Path) + .ToList(); + + if (compilerArguments.GeneratedFilesOutputDirectory is not null) + { + paths.AddRange(Directory.GetFiles(compilerArguments.GeneratedFilesOutputDirectory, "*.cs", SearchOption.AllDirectories)); + } + return ReadSyntaxTrees( - compilerArguments.SourceFiles.Select(src => canonicalPathCache.GetCanonicalPath(src.Path)), + paths.Select(canonicalPathCache.GetCanonicalPath), analyser, compilerArguments.ParseOptions, compilerArguments.Encoding, diff --git a/csharp/extractor/Semmle.Extraction.CSharp/SymbolExtensions.cs b/csharp/extractor/Semmle.Extraction.CSharp/SymbolExtensions.cs index cd182fe4640..aaef1702532 100644 --- a/csharp/extractor/Semmle.Extraction.CSharp/SymbolExtensions.cs +++ b/csharp/extractor/Semmle.Extraction.CSharp/SymbolExtensions.cs @@ -25,7 +25,7 @@ namespace Semmle.Extraction.CSharp Nullability = nullability; } - public static AnnotatedTypeSymbol? CreateNotAnnotated(ITypeSymbol symbol) => + public static AnnotatedTypeSymbol? CreateNotAnnotated(ITypeSymbol? symbol) => symbol is null ? (AnnotatedTypeSymbol?)null : new AnnotatedTypeSymbol(symbol, NullableAnnotation.None); } diff --git a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md index 56de88b8aa5..ad7a007007f 100644 --- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.5.2 + +No user-facing changes. + ## 1.5.1 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.5.2.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.5.2.md new file mode 100644 index 00000000000..384c27833f1 --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.5.2.md @@ -0,0 +1,3 @@ +## 1.5.2 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml index c5775c46013..7eb901bae56 100644 --- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.5.1 +lastReleaseVersion: 1.5.2 diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index fb0859160cc..4f2900e0b73 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-all -version: 1.5.2-dev +version: 1.5.3-dev groups: - csharp - solorigate diff --git a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md index 56de88b8aa5..ad7a007007f 100644 --- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.5.2 + +No user-facing changes. + ## 1.5.1 No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.5.2.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.5.2.md new file mode 100644 index 00000000000..384c27833f1 --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.5.2.md @@ -0,0 +1,3 @@ +## 1.5.2 + +No user-facing changes. diff --git a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml index c5775c46013..7eb901bae56 100644 --- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.5.1 +lastReleaseVersion: 1.5.2 diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index 4c9eeb60c87..2318576e19e 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-solorigate-queries -version: 1.5.2-dev +version: 1.5.3-dev groups: - csharp - solorigate diff --git a/csharp/ql/consistency-queries/DataFlowConsistency.ql b/csharp/ql/consistency-queries/DataFlowConsistency.ql index 48818a91b15..d2c83cd82cc 100644 --- a/csharp/ql/consistency-queries/DataFlowConsistency.ql +++ b/csharp/ql/consistency-queries/DataFlowConsistency.ql @@ -72,5 +72,5 @@ private class MyConsistencyConfiguration extends ConsistencyConfiguration { override predicate reverseReadExclude(Node n) { n.asExpr() = any(AwaitExpr ae).getExpr() } - override predicate identityLocalStepExclude(Node n) { this.missingLocationExclude(n) } + override predicate identityLocalStepExclude(Node n) { none() } } diff --git a/csharp/ql/integration-tests/all-platforms/cshtml/Files.expected b/csharp/ql/integration-tests/all-platforms/cshtml/Files.expected new file mode 100644 index 00000000000..86a8cd34b88 --- /dev/null +++ b/csharp/ql/integration-tests/all-platforms/cshtml/Files.expected @@ -0,0 +1,6 @@ +| Program.cs:0:0:0:0 | Program.cs | +| obj/Debug/net7.0/.NETCoreApp,Version=v7.0.AssemblyAttributes.cs:0:0:0:0 | obj/Debug/net7.0/.NETCoreApp,Version=v7.0.AssemblyAttributes.cs | +| obj/Debug/net7.0/cshtml.AssemblyInfo.cs:0:0:0:0 | obj/Debug/net7.0/cshtml.AssemblyInfo.cs | +| obj/Debug/net7.0/cshtml.GlobalUsings.g.cs:0:0:0:0 | obj/Debug/net7.0/cshtml.GlobalUsings.g.cs | +| obj/Debug/net7.0/cshtml.RazorAssemblyInfo.cs:0:0:0:0 | obj/Debug/net7.0/cshtml.RazorAssemblyInfo.cs | +| obj/Debug/net7.0/generated/Microsoft.NET.Sdk.Razor.SourceGenerators/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Views_Home_Index_cshtml.g.cs:0:0:0:0 | obj/Debug/net7.0/generated/Microsoft.NET.Sdk.Razor.SourceGenerators/Microsoft.NET.Sdk.Razor.SourceGenerators.RazorSourceGenerator/Views_Home_Index_cshtml.g.cs | diff --git a/csharp/ql/integration-tests/all-platforms/cshtml/Files.ql b/csharp/ql/integration-tests/all-platforms/cshtml/Files.ql new file mode 100644 index 00000000000..bea5557a25f --- /dev/null +++ b/csharp/ql/integration-tests/all-platforms/cshtml/Files.ql @@ -0,0 +1,5 @@ +import csharp + +from File f +where f.fromSource() +select f diff --git a/csharp/ql/integration-tests/all-platforms/cshtml/Program.cs b/csharp/ql/integration-tests/all-platforms/cshtml/Program.cs new file mode 100644 index 00000000000..47eee48cc79 --- /dev/null +++ b/csharp/ql/integration-tests/all-platforms/cshtml/Program.cs @@ -0,0 +1 @@ +var dummy = "dummy"; \ No newline at end of file diff --git a/csharp/ql/integration-tests/all-platforms/cshtml/Views/Home/Index.cshtml b/csharp/ql/integration-tests/all-platforms/cshtml/Views/Home/Index.cshtml new file mode 100644 index 00000000000..52ffe012e42 --- /dev/null +++ b/csharp/ql/integration-tests/all-platforms/cshtml/Views/Home/Index.cshtml @@ -0,0 +1,8 @@ +@{ + ViewData["Title"] = "Home Page"; +} + +
    +

    Welcome

    +

    Learn about building Web apps with ASP.NET Core.

    +
    diff --git a/csharp/ql/integration-tests/all-platforms/cshtml/cshtml.csproj b/csharp/ql/integration-tests/all-platforms/cshtml/cshtml.csproj new file mode 100644 index 00000000000..01d15e87dc4 --- /dev/null +++ b/csharp/ql/integration-tests/all-platforms/cshtml/cshtml.csproj @@ -0,0 +1,14 @@ + + + + Exe + net7.0 + enable + enable + + + + + + + diff --git a/csharp/ql/integration-tests/all-platforms/cshtml/test.py b/csharp/ql/integration-tests/all-platforms/cshtml/test.py new file mode 100644 index 00000000000..24cc83b4f2d --- /dev/null +++ b/csharp/ql/integration-tests/all-platforms/cshtml/test.py @@ -0,0 +1,3 @@ +from create_database_utils import * + +run_codeql_database_create(['dotnet build'], lang="csharp", extra_args=["--extractor-option=cil=false"]) diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md index 4ebff5c86a7..435255a997a 100644 --- a/csharp/ql/lib/CHANGELOG.md +++ b/csharp/ql/lib/CHANGELOG.md @@ -1,3 +1,10 @@ +## 0.6.2 + +### Minor Analysis Improvements + +* The `cs/log-forging`, `cs/cleartext-storage`, and `cs/exposure-of-sensitive-information` queries now correctly handle unsanitized arguments to `ILogger` extension methods. +* Updated the `neutralModel` extensible predicate to include a `kind` column. + ## 0.6.1 No user-facing changes. diff --git a/csharp/ql/lib/Linq/Helpers.qll b/csharp/ql/lib/Linq/Helpers.qll index f2368b69242..a628c717277 100644 --- a/csharp/ql/lib/Linq/Helpers.qll +++ b/csharp/ql/lib/Linq/Helpers.qll @@ -128,7 +128,7 @@ predicate missedWhereOpportunity(ForeachStmt fes, IfStmt is) { class AnyCall extends MethodCall { AnyCall() { exists(Method m | - m = getTarget().getUnboundDeclaration() and + m = this.getTarget().getUnboundDeclaration() and isEnumerableType(m.getDeclaringType()) and m.hasName("Any<>") ) @@ -139,7 +139,7 @@ class AnyCall extends MethodCall { class CountCall extends MethodCall { CountCall() { exists(Method m | - m = getTarget().getUnboundDeclaration() and + m = this.getTarget().getUnboundDeclaration() and isEnumerableType(m.getDeclaringType()) and m.hasName("Count<>") ) @@ -148,19 +148,19 @@ class CountCall extends MethodCall { /** A variable of type IEnumerable<T>, for some T. */ class IEnumerableSequence extends Variable { - IEnumerableSequence() { isIEnumerableType(getType()) } + IEnumerableSequence() { isIEnumerableType(this.getType()) } } /** A LINQ Select(...) call. */ class SelectCall extends ExtensionMethodCall { SelectCall() { exists(Method m | - m = getTarget().getUnboundDeclaration() and + m = this.getTarget().getUnboundDeclaration() and isEnumerableType(m.getDeclaringType()) and m.hasName("Select<,>") ) } /** Gets the anonymous function expression supplied as the argument to the Select (if possible). */ - AnonymousFunctionExpr getFunctionExpr() { result = getArgument(1) } + AnonymousFunctionExpr getFunctionExpr() { result = this.getArgument(1) } } diff --git a/csharp/ql/lib/change-notes/2023-04-26-neutral-model-kinds.md b/csharp/ql/lib/change-notes/2023-04-26-neutral-model-kinds.md deleted file mode 100644 index ab19597224b..00000000000 --- a/csharp/ql/lib/change-notes/2023-04-26-neutral-model-kinds.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Updated the `neutralModel` extensible predicate to include a `kind` column. \ No newline at end of file diff --git a/csharp/ql/lib/change-notes/2023-05-17-update-csharp-sink-kinds.md b/csharp/ql/lib/change-notes/2023-05-17-update-csharp-sink-kinds.md new file mode 100644 index 00000000000..ce6d618af5e --- /dev/null +++ b/csharp/ql/lib/change-notes/2023-05-17-update-csharp-sink-kinds.md @@ -0,0 +1,9 @@ +--- +category: minorAnalysis +--- +* Updated the following C# sink kind names. Any custom data extensions that use these sink kinds will need to be updated accordingly in order to continue working. + * `code` to `code-injection` + * `sql` to `sql-injection` + * `html` to `html-injection` + * `xss` to `js-injection` + * `remote` to `file-content-store` diff --git a/csharp/ql/lib/change-notes/2023-05-30-source-generators.md b/csharp/ql/lib/change-notes/2023-05-30-source-generators.md new file mode 100644 index 00000000000..5483ce6af35 --- /dev/null +++ b/csharp/ql/lib/change-notes/2023-05-30-source-generators.md @@ -0,0 +1,4 @@ +--- +category: majorAnalysis +--- +* The extractor has been changed to run after the traced compiler call. This allows inspecting compiler generated files, such as the output of source generators. With this change, `.cshtml` files and their generated `.cshtml.g.cs` counterparts are extracted on dotnet 6 and above. diff --git a/csharp/ql/lib/change-notes/2023-06-02-delete-deps.md b/csharp/ql/lib/change-notes/2023-06-02-delete-deps.md new file mode 100644 index 00000000000..13402f08147 --- /dev/null +++ b/csharp/ql/lib/change-notes/2023-06-02-delete-deps.md @@ -0,0 +1,8 @@ +--- +category: minorAnalysis +--- +* Deleted the deprecated `WebConfigXML`, `ConfigurationXMLElement`, `LocationXMLElement`, `SystemWebXMLElement`, `SystemWebServerXMLElement`, `CustomErrorsXMLElement`, and `HttpRuntimeXMLElement` classes from `WebConfig.qll`. The non-deprecated names with PascalCased Xml suffixes should be used instead. +* Deleted the deprecated `Record` class from both `Types.qll` and `Type.qll`. +* Deleted the deprecated `StructuralComparisonConfiguration` class from `StructuralComparison.qll`, use `sameGvn` instead. +* Deleted the deprecated `isParameterOf` predicate from the `ParameterNode` class. +* Deleted the deprecated `SafeExternalAPICallable`, `ExternalAPIDataNode`, `UntrustedDataToExternalAPIConfig`, `UntrustedExternalAPIDataNode`, and `ExternalAPIUsedWithUntrustedData` classes from `ExternalAPIsQuery.qll`. The non-deprecated names with PascalCased Api suffixes should be used instead. diff --git a/csharp/ql/lib/change-notes/released/0.6.2.md b/csharp/ql/lib/change-notes/released/0.6.2.md new file mode 100644 index 00000000000..c3829f2df86 --- /dev/null +++ b/csharp/ql/lib/change-notes/released/0.6.2.md @@ -0,0 +1,6 @@ +## 0.6.2 + +### Minor Analysis Improvements + +* The `cs/log-forging`, `cs/cleartext-storage`, and `cs/exposure-of-sensitive-information` queries now correctly handle unsanitized arguments to `ILogger` extension methods. +* Updated the `neutralModel` extensible predicate to include a `kind` column. diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml index 80fb0899f64..5501a2a1cc5 100644 --- a/csharp/ql/lib/codeql-pack.release.yml +++ b/csharp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.1 +lastReleaseVersion: 0.6.2 diff --git a/csharp/ql/lib/ext/Dapper.model.yml b/csharp/ql/lib/ext/Dapper.model.yml index e72f3b076a6..78e92bbf191 100644 --- a/csharp/ql/lib/ext/Dapper.model.yml +++ b/csharp/ql/lib/ext/Dapper.model.yml @@ -3,58 +3,58 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["Dapper", "SqlMapper", False, "Execute", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "ExecuteAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "ExecuteReader", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "ExecuteReaderAsync", "(System.Data.DbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "ExecuteReaderAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "ExecuteScalar", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "ExecuteScalar<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "ExecuteScalarAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "ExecuteScalarAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "Query", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Boolean,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "Query", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Boolean,System.Nullable,System.Nullable)", "", "Argument[2]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "Query<,,,,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "Query<,,,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "Query<,,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "Query<,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "Query<,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "Query<,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "Query<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Boolean,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "Query<>", "(System.Data.IDbConnection,System.String,System.Type[],System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryAsync", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Boolean,System.Nullable,System.Nullable)", "", "Argument[2]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryAsync<,,,,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryAsync<,,,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryAsync<,,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryAsync<,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryAsync<,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryAsync<,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryAsync<>", "(System.Data.IDbConnection,System.String,System.Type[],System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryFirst", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryFirst", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryFirst<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryFirstAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryFirstAsync", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryFirstAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryFirstOrDefault", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryFirstOrDefault", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryFirstOrDefault<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryFirstOrDefaultAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryFirstOrDefaultAsync", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryFirstOrDefaultAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryMultiple", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QueryMultipleAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QuerySingle", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QuerySingle", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QuerySingle<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QuerySingleAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QuerySingleAsync", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QuerySingleAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QuerySingleOrDefault", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QuerySingleOrDefault", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QuerySingleOrDefault<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QuerySingleOrDefaultAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QuerySingleOrDefaultAsync", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql", "manual"] - - ["Dapper", "SqlMapper", False, "QuerySingleOrDefaultAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql", "manual"] + - ["Dapper", "SqlMapper", False, "Execute", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "ExecuteAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "ExecuteReader", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "ExecuteReaderAsync", "(System.Data.DbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "ExecuteReaderAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "ExecuteScalar", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "ExecuteScalar<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "ExecuteScalarAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "ExecuteScalarAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "Query", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Boolean,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "Query", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Boolean,System.Nullable,System.Nullable)", "", "Argument[2]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "Query<,,,,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "Query<,,,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "Query<,,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "Query<,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "Query<,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "Query<,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "Query<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Boolean,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "Query<>", "(System.Data.IDbConnection,System.String,System.Type[],System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryAsync", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Boolean,System.Nullable,System.Nullable)", "", "Argument[2]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryAsync<,,,,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryAsync<,,,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryAsync<,,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryAsync<,,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryAsync<,,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryAsync<,,>", "(System.Data.IDbConnection,System.String,System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryAsync<>", "(System.Data.IDbConnection,System.String,System.Type[],System.Func,System.Object,System.Data.IDbTransaction,System.Boolean,System.String,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryFirst", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryFirst", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryFirst<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryFirstAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryFirstAsync", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryFirstAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryFirstOrDefault", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryFirstOrDefault", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryFirstOrDefault<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryFirstOrDefaultAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryFirstOrDefaultAsync", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryFirstOrDefaultAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryMultiple", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QueryMultipleAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QuerySingle", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QuerySingle", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QuerySingle<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QuerySingleAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QuerySingleAsync", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QuerySingleAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QuerySingleOrDefault", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QuerySingleOrDefault", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QuerySingleOrDefault<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QuerySingleOrDefaultAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QuerySingleOrDefaultAsync", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[2]", "sql-injection", "manual"] + - ["Dapper", "SqlMapper", False, "QuerySingleOrDefaultAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Data.IDbTransaction,System.Nullable,System.Nullable)", "", "Argument[1]", "sql-injection", "manual"] diff --git a/csharp/ql/lib/ext/Microsoft.ApplicationBlocks.Data.model.yml b/csharp/ql/lib/ext/Microsoft.ApplicationBlocks.Data.model.yml index 5b5e2657bfd..0bb437b5b44 100644 --- a/csharp/ql/lib/ext/Microsoft.ApplicationBlocks.Data.model.yml +++ b/csharp/ql/lib/ext/Microsoft.ApplicationBlocks.Data.model.yml @@ -3,31 +3,31 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteDataset", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteDataset", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteDataset", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteDataset", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteDataset", "(System.String,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteDataset", "(System.String,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteNonQuery", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteNonQuery", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteNonQuery", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteNonQuery", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteNonQuery", "(System.String,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteNonQuery", "(System.String,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteReader", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteReader", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteReader", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteReader", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteReader", "(System.String,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteReader", "(System.String,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteScalar", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteScalar", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteScalar", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteScalar", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteScalar", "(System.String,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteScalar", "(System.String,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteXmlReader", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteXmlReader", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteXmlReader", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String)", "", "Argument[2]", "sql", "manual"] - - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteXmlReader", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteDataset", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteDataset", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteDataset", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteDataset", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteDataset", "(System.String,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteDataset", "(System.String,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteNonQuery", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteNonQuery", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteNonQuery", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteNonQuery", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteNonQuery", "(System.String,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteNonQuery", "(System.String,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteReader", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteReader", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteReader", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteReader", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteReader", "(System.String,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteReader", "(System.String,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteScalar", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteScalar", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteScalar", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteScalar", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteScalar", "(System.String,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteScalar", "(System.String,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteXmlReader", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteXmlReader", "(System.Data.SqlClient.SqlConnection,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteXmlReader", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String)", "", "Argument[2]", "sql-injection", "manual"] + - ["Microsoft.ApplicationBlocks.Data", "SqlHelper", False, "ExecuteXmlReader", "(System.Data.SqlClient.SqlTransaction,System.Data.CommandType,System.String,System.Data.SqlClient.SqlParameter[])", "", "Argument[2]", "sql-injection", "manual"] diff --git a/csharp/ql/lib/ext/Microsoft.EntityFrameworkCore.model.yml b/csharp/ql/lib/ext/Microsoft.EntityFrameworkCore.model.yml index 3928adf0624..23fefe987a7 100644 --- a/csharp/ql/lib/ext/Microsoft.EntityFrameworkCore.model.yml +++ b/csharp/ql/lib/ext/Microsoft.EntityFrameworkCore.model.yml @@ -1,11 +1,29 @@ extensions: + - addsTo: + pack: codeql/csharp-all + extensible: summaryModel + data: + - ["Microsoft.EntityFrameworkCore", "DbSet<>", False, "Add", "(TEntity)", "", "Argument[0]", "Argument[this].Element", "value", "manual"] + - ["Microsoft.EntityFrameworkCore", "DbSet<>", False, "AddAsync", "(TEntity,System.Threading.CancellationToken)", "", "Argument[0]", "Argument[this].Element", "value", "manual"] + - ["Microsoft.EntityFrameworkCore", "DbSet<>", False, "AddRange", "(System.Collections.Generic.IEnumerable)", "", "Argument[0].WithElement", "Argument[this]", "value", "manual"] + - ["Microsoft.EntityFrameworkCore", "DbSet<>", False, "AddRange", "(TEntity[])", "", "Argument[0].WithElement", "Argument[this]", "value", "manual"] + - ["Microsoft.EntityFrameworkCore", "DbSet<>", False, "AddRangeAsync", "(System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[0].WithElement", "Argument[this]", "value", "manual"] + - ["Microsoft.EntityFrameworkCore", "DbSet<>", False, "AddRangeAsync", "(TEntity[])", "", "Argument[0].WithElement", "Argument[this]", "value", "manual"] + - ["Microsoft.EntityFrameworkCore", "DbSet<>", False, "Attach", "(TEntity)", "", "Argument[0]", "Argument[this].Element", "value", "manual"] + - ["Microsoft.EntityFrameworkCore", "DbSet<>", False, "AttachRange", "(System.Collections.Generic.IEnumerable)", "", "Argument[0].WithElement", "Argument[this]", "value", "manual"] + - ["Microsoft.EntityFrameworkCore", "DbSet<>", False, "AttachRange", "(TEntity[])", "", "Argument[0].WithElement", "Argument[this]", "value", "manual"] + - ["Microsoft.EntityFrameworkCore", "DbSet<>", False, "Update", "(TEntity)", "", "Argument[0]", "Argument[this].Element", "value", "manual"] + - ["Microsoft.EntityFrameworkCore", "DbSet<>", False, "UpdateRange", "(System.Collections.Generic.IEnumerable)", "", "Argument[0].WithElement", "Argument[this]", "value", "manual"] + - ["Microsoft.EntityFrameworkCore", "DbSet<>", False, "UpdateRange", "(TEntity[])", "", "Argument[0].WithElement", "Argument[this]", "value", "manual"] + + - addsTo: pack: codeql/csharp-all extensible: sinkModel data: - - ["Microsoft.EntityFrameworkCore", "RelationalDatabaseFacadeExtensions", False, "ExecuteSqlRaw", "(Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql", "manual"] - - ["Microsoft.EntityFrameworkCore", "RelationalDatabaseFacadeExtensions", False, "ExecuteSqlRaw", "(Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade,System.String,System.Object[])", "", "Argument[1]", "sql", "manual"] - - ["Microsoft.EntityFrameworkCore", "RelationalDatabaseFacadeExtensions", False, "ExecuteSqlRawAsync", "(Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["Microsoft.EntityFrameworkCore", "RelationalDatabaseFacadeExtensions", False, "ExecuteSqlRawAsync", "(Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade,System.String,System.Object[])", "", "Argument[1]", "sql", "manual"] - - ["Microsoft.EntityFrameworkCore", "RelationalDatabaseFacadeExtensions", False, "ExecuteSqlRawAsync", "(Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["Microsoft.EntityFrameworkCore", "RelationalQueryableExtensions", False, "FromSqlRaw<>", "(Microsoft.EntityFrameworkCore.DbSet,System.String,System.Object[])", "", "Argument[1]", "sql", "manual"] + - ["Microsoft.EntityFrameworkCore", "RelationalDatabaseFacadeExtensions", False, "ExecuteSqlRaw", "(Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql-injection", "manual"] + - ["Microsoft.EntityFrameworkCore", "RelationalDatabaseFacadeExtensions", False, "ExecuteSqlRaw", "(Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade,System.String,System.Object[])", "", "Argument[1]", "sql-injection", "manual"] + - ["Microsoft.EntityFrameworkCore", "RelationalDatabaseFacadeExtensions", False, "ExecuteSqlRawAsync", "(Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["Microsoft.EntityFrameworkCore", "RelationalDatabaseFacadeExtensions", False, "ExecuteSqlRawAsync", "(Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade,System.String,System.Object[])", "", "Argument[1]", "sql-injection", "manual"] + - ["Microsoft.EntityFrameworkCore", "RelationalDatabaseFacadeExtensions", False, "ExecuteSqlRawAsync", "(Microsoft.EntityFrameworkCore.Infrastructure.DatabaseFacade,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["Microsoft.EntityFrameworkCore", "RelationalQueryableExtensions", False, "FromSqlRaw<>", "(Microsoft.EntityFrameworkCore.DbSet,System.String,System.Object[])", "", "Argument[1]", "sql-injection", "manual"] diff --git a/csharp/ql/lib/ext/MySql.Data.MySqlClient.model.yml b/csharp/ql/lib/ext/MySql.Data.MySqlClient.model.yml index 70d849e122a..2e1c75b0873 100644 --- a/csharp/ql/lib/ext/MySql.Data.MySqlClient.model.yml +++ b/csharp/ql/lib/ext/MySql.Data.MySqlClient.model.yml @@ -3,51 +3,51 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataRow", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataRowAsync", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataRowAsync", "(System.String,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataset", "(MySql.Data.MySqlClient.MySqlConnection,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataset", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataset", "(System.String,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataset", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(System.String,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(System.String,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(System.String,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteNonQuery", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteNonQuery", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteNonQueryAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteNonQueryAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteNonQueryAsync", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteNonQueryAsync", "(System.String,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReader", "(MySql.Data.MySqlClient.MySqlConnection,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReader", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReader", "(System.String,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReader", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(System.String,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(System.String,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(System.String,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalar", "(MySql.Data.MySqlClient.MySqlConnection,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalar", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalar", "(System.String,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalar", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(System.String,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(System.String,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(System.String,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "UpdateDataset", "(System.String,System.String,System.Data.DataSet,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "UpdateDatasetAsync", "(System.String,System.String,System.Data.DataSet,System.String)", "", "Argument[1]", "sql", "manual"] - - ["MySql.Data.MySqlClient", "MySqlHelper", False, "UpdateDatasetAsync", "(System.String,System.String,System.Data.DataSet,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataRow", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataRowAsync", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataRowAsync", "(System.String,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataset", "(MySql.Data.MySqlClient.MySqlConnection,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataset", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataset", "(System.String,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDataset", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(System.String,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(System.String,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteDatasetAsync", "(System.String,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteNonQuery", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteNonQuery", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteNonQueryAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteNonQueryAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteNonQueryAsync", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteNonQueryAsync", "(System.String,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReader", "(MySql.Data.MySqlClient.MySqlConnection,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReader", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReader", "(System.String,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReader", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(System.String,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(System.String,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteReaderAsync", "(System.String,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalar", "(MySql.Data.MySqlClient.MySqlConnection,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalar", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalar", "(System.String,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalar", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(MySql.Data.MySqlClient.MySqlConnection,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(System.String,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(System.String,System.String,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(System.String,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "ExecuteScalarAsync", "(System.String,System.String,System.Threading.CancellationToken,MySql.Data.MySqlClient.MySqlParameter[])", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "UpdateDataset", "(System.String,System.String,System.Data.DataSet,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "UpdateDatasetAsync", "(System.String,System.String,System.Data.DataSet,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["MySql.Data.MySqlClient", "MySqlHelper", False, "UpdateDatasetAsync", "(System.String,System.String,System.Data.DataSet,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] diff --git a/csharp/ql/lib/ext/ServiceStack.OrmLite.model.yml b/csharp/ql/lib/ext/ServiceStack.OrmLite.model.yml index ea7634bc244..3d6148c330f 100644 --- a/csharp/ql/lib/ext/ServiceStack.OrmLite.model.yml +++ b/csharp/ql/lib/ext/ServiceStack.OrmLite.model.yml @@ -3,95 +3,95 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["ServiceStack.OrmLite", "IUntypedSqlExpression", True, "UnsafeAnd", "(System.String,System.Object[])", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "IUntypedSqlExpression", True, "UnsafeFrom", "(System.String)", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "IUntypedSqlExpression", True, "UnsafeOr", "(System.String,System.Object[])", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "IUntypedSqlExpression", True, "UnsafeSelect", "(System.String)", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "IUntypedSqlExpression", True, "UnsafeWhere", "(System.String,System.Object[])", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Column<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Column<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ColumnDistinct<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ColumnDistinct<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ColumnLazy<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ColumnLazy<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Dictionary<,>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ExecuteNonQuery", "(System.Data.IDbConnection,System.String)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ExecuteNonQuery", "(System.Data.IDbConnection,System.String,System.Action)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ExecuteNonQuery", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ExecuteNonQuery", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Exists<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "KeyValuePairs", "(System.Data.IDbConnection,System.String,System.System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Lookup<,>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Lookup<,>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Scalar<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Scalar<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Select<>", "(System.Data.IDbConnection,System.String)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Select<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Select<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Select<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Select<>", "(System.Data.IDbConnection,System.Type,System.String,System.Object)", "", "Argument[2]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SelectLazy<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SelectNonDefaults<>", "(System.Data.IDbConnection,System.String,T)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Single<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Single<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlColumn<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlColumn<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlColumn<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlList<>", "(System.Data.IDbConnection,System.String,System.Action)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlList<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlList<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlList<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlScalar<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlScalar<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlScalar<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ColumnAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ColumnAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ColumnDistinctAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ColumnDistinctAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "DictionaryAsync<,>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ExecuteNonQueryAsync", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ExecuteNonQueryAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ExecuteNonQueryAsync", "(System.Data.IDbConnection,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ExistsAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "KeyValuePairsAsync<,>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "KeyValuePairsAsync<,>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "LookupAsync<,>", "(System.Data.IDbCommand,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "LookupAsync<,>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "LookupAsync<,>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ScalarAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ScalarAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SelectAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SelectAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SelectAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SelectAsync<>", "(System.Data.IDbConnection,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SelectAsync<>", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[2]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SelectNonDefaultsAsync<>", "(System.Data.IDbConnection,System.String,T,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SingleAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SingleAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlColumnAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlColumnAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlColumnAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlListAsync<>", "(System.Data.IDbConnection,System.String,System.Action,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlListAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlListAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlListAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlScalarAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlScalarAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlScalarAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadExpressionsApi", False, "RowCount", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadExpressionsApi", False, "RowCount", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteReadExpressionsApiAsync", False, "RowCountAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteWriteApi", False, "ExecuteSql", "(System.Data.IDbConnection,System.String)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteWriteApi", False, "ExecuteSql", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteWriteApi", False, "ExecuteSql", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteWriteApiAsync", False, "ExecuteSqlAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "OrmLiteWriteApiAsync", False, "ExecuteSqlAsync", "(System.Data.IDbConnection,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql", "manual"] - - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeAnd", "(System.String,System.Object[])", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeFrom", "(System.String)", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeGroupBy", "(System.String)", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeHaving", "(System.String,System.Object[])", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeOr", "(System.String,System.Object[])", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeOrderBy", "(System.String)", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeSelect", "(System.String)", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeSelect", "(System.String,System.Boolean)", "", "Argument[0]", "sql", "manual"] - - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeWhere", "(System.String,System.Object[])", "", "Argument[0]", "sql", "manual"] + - ["ServiceStack.OrmLite", "IUntypedSqlExpression", True, "UnsafeAnd", "(System.String,System.Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "IUntypedSqlExpression", True, "UnsafeFrom", "(System.String)", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "IUntypedSqlExpression", True, "UnsafeOr", "(System.String,System.Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "IUntypedSqlExpression", True, "UnsafeSelect", "(System.String)", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "IUntypedSqlExpression", True, "UnsafeWhere", "(System.String,System.Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Column<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Column<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ColumnDistinct<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ColumnDistinct<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ColumnLazy<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ColumnLazy<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Dictionary<,>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ExecuteNonQuery", "(System.Data.IDbConnection,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ExecuteNonQuery", "(System.Data.IDbConnection,System.String,System.Action)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ExecuteNonQuery", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "ExecuteNonQuery", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Exists<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "KeyValuePairs", "(System.Data.IDbConnection,System.String,System.System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Lookup<,>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Lookup<,>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Scalar<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Scalar<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Select<>", "(System.Data.IDbConnection,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Select<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Select<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Select<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Select<>", "(System.Data.IDbConnection,System.Type,System.String,System.Object)", "", "Argument[2]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SelectLazy<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SelectNonDefaults<>", "(System.Data.IDbConnection,System.String,T)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Single<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "Single<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlColumn<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlColumn<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlColumn<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlList<>", "(System.Data.IDbConnection,System.String,System.Action)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlList<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlList<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlList<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlScalar<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlScalar<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApi", False, "SqlScalar<>", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ColumnAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ColumnAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ColumnDistinctAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ColumnDistinctAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "DictionaryAsync<,>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ExecuteNonQueryAsync", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ExecuteNonQueryAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ExecuteNonQueryAsync", "(System.Data.IDbConnection,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ExistsAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "KeyValuePairsAsync<,>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "KeyValuePairsAsync<,>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "LookupAsync<,>", "(System.Data.IDbCommand,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "LookupAsync<,>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "LookupAsync<,>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ScalarAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "ScalarAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SelectAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SelectAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SelectAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SelectAsync<>", "(System.Data.IDbConnection,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SelectAsync<>", "(System.Data.IDbConnection,System.Type,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[2]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SelectNonDefaultsAsync<>", "(System.Data.IDbConnection,System.String,T,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SingleAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SingleAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlColumnAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlColumnAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlColumnAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlListAsync<>", "(System.Data.IDbConnection,System.String,System.Action,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlListAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlListAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlListAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlScalarAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlScalarAsync<>", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadApiAsync", False, "SqlScalarAsync<>", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadExpressionsApi", False, "RowCount", "(System.Data.IDbConnection,System.String,System.Collections.Generic.IEnumerable)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadExpressionsApi", False, "RowCount", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteReadExpressionsApiAsync", False, "RowCountAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteWriteApi", False, "ExecuteSql", "(System.Data.IDbConnection,System.String)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteWriteApi", False, "ExecuteSql", "(System.Data.IDbConnection,System.String,System.Collections.Generic.Dictionary)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteWriteApi", False, "ExecuteSql", "(System.Data.IDbConnection,System.String,System.Object)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteWriteApiAsync", False, "ExecuteSqlAsync", "(System.Data.IDbConnection,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "OrmLiteWriteApiAsync", False, "ExecuteSqlAsync", "(System.Data.IDbConnection,System.String,System.Threading.CancellationToken)", "", "Argument[1]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeAnd", "(System.String,System.Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeFrom", "(System.String)", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeGroupBy", "(System.String)", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeHaving", "(System.String,System.Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeOr", "(System.String,System.Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeOrderBy", "(System.String)", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeSelect", "(System.String)", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeSelect", "(System.String,System.Boolean)", "", "Argument[0]", "sql-injection", "manual"] + - ["ServiceStack.OrmLite", "SqlExpression<>", True, "UnsafeWhere", "(System.String,System.Object[])", "", "Argument[0]", "sql-injection", "manual"] diff --git a/csharp/ql/lib/ext/ServiceStack.Redis.model.yml b/csharp/ql/lib/ext/ServiceStack.Redis.model.yml index 46415828318..9016c393077 100644 --- a/csharp/ql/lib/ext/ServiceStack.Redis.model.yml +++ b/csharp/ql/lib/ext/ServiceStack.Redis.model.yml @@ -3,30 +3,30 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["ServiceStack.Redis", "IRedisClient", True, "Custom", "(System.Object[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClient", True, "ExecCachedLua", "(System.String,System.Func)", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClient", True, "ExecLua", "(System.String,System.String[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClient", True, "ExecLua", "(System.String,System.String[],System.String[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClient", True, "ExecLuaAsInt", "(System.String,System.String[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClient", True, "ExecLuaAsInt", "(System.String,System.String[],System.String[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClient", True, "ExecLuaAsList", "(System.String,System.String[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClient", True, "ExecLuaAsList", "(System.String,System.String[],System.String[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClient", True, "ExecLuaAsString", "(System.String,System.String[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClient", True, "ExecLuaAsString", "(System.String,System.String[],System.String[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClient", True, "LoadLuaScript", "(System.String)", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "CustomAsync", "(System.Object[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "CustomAsync", "(System.Object[],System.Threading.CancellationToken)", "", "Argument[0].Element", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecCachedLuaAsync", "(System.String,System.Func>,System.Threading.CancellationToken)", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsIntAsync", "(System.String,System.String[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsIntAsync", "(System.String,System.String[],System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsIntAsync", "(System.String,System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsListAsync", "(System.String,System.String[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsListAsync", "(System.String,System.String[],System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsListAsync", "(System.String,System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsStringAsync", "(System.String,System.String[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsStringAsync", "(System.String,System.String[],System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsStringAsync", "(System.String,System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsync", "(System.String,System.String[])", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsync", "(System.String,System.String[],System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsync", "(System.String,System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code", "manual"] - - ["ServiceStack.Redis", "IRedisClientAsync", True, "LoadLuaScriptAsync", "(System.String,System.Threading.CancellationToken)", "", "Argument[0]", "code", "manual"] + - ["ServiceStack.Redis", "IRedisClient", True, "Custom", "(System.Object[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClient", True, "ExecCachedLua", "(System.String,System.Func)", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClient", True, "ExecLua", "(System.String,System.String[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClient", True, "ExecLua", "(System.String,System.String[],System.String[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClient", True, "ExecLuaAsInt", "(System.String,System.String[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClient", True, "ExecLuaAsInt", "(System.String,System.String[],System.String[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClient", True, "ExecLuaAsList", "(System.String,System.String[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClient", True, "ExecLuaAsList", "(System.String,System.String[],System.String[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClient", True, "ExecLuaAsString", "(System.String,System.String[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClient", True, "ExecLuaAsString", "(System.String,System.String[],System.String[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClient", True, "LoadLuaScript", "(System.String)", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "CustomAsync", "(System.Object[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "CustomAsync", "(System.Object[],System.Threading.CancellationToken)", "", "Argument[0].Element", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecCachedLuaAsync", "(System.String,System.Func>,System.Threading.CancellationToken)", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsIntAsync", "(System.String,System.String[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsIntAsync", "(System.String,System.String[],System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsIntAsync", "(System.String,System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsListAsync", "(System.String,System.String[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsListAsync", "(System.String,System.String[],System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsListAsync", "(System.String,System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsStringAsync", "(System.String,System.String[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsStringAsync", "(System.String,System.String[],System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsStringAsync", "(System.String,System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsync", "(System.String,System.String[])", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsync", "(System.String,System.String[],System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "ExecLuaAsync", "(System.String,System.String[],System.Threading.CancellationToken)", "", "Argument[0]", "code-injection", "manual"] + - ["ServiceStack.Redis", "IRedisClientAsync", True, "LoadLuaScriptAsync", "(System.String,System.Threading.CancellationToken)", "", "Argument[0]", "code-injection", "manual"] diff --git a/csharp/ql/lib/ext/ServiceStack.model.yml b/csharp/ql/lib/ext/ServiceStack.model.yml index 988c7f3b8f9..19188e5eeb5 100644 --- a/csharp/ql/lib/ext/ServiceStack.model.yml +++ b/csharp/ql/lib/ext/ServiceStack.model.yml @@ -3,81 +3,81 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["ServiceStack", "IOneWayClient", True, "SendAllOneWay", "(System.Collections.Generic.IEnumerable)", "", "Argument[1].Element", "remote", "manual"] - - ["ServiceStack", "IOneWayClient", True, "SendOneWay", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IOneWayClient", True, "SendOneWay", "(System.String,System.Object)", "", "Argument[1]", "remote", "manual"] - - ["ServiceStack", "IRestClient", True, "Patch<>", "(System.String,System.Object)", "", "Argument[1]", "remote", "manual"] - - ["ServiceStack", "IRestClient", True, "Post<>", "(System.String,System.Object)", "", "Argument[1]", "remote", "manual"] - - ["ServiceStack", "IRestClient", True, "Put<>", "(System.String,System.Object)", "", "Argument[1]", "remote", "manual"] - - ["ServiceStack", "IRestClient", True, "Send<>", "(System.String,System.String,System.Object)", "", "Argument[2]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "CustomMethodAsync", "(System.String,ServiceStack.IReturnVoid,System.Threading.CancellationToken)", "", "Argument[1]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "CustomMethodAsync<>", "(System.String,ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[1]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "CustomMethodAsync<>", "(System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "DeleteAsync", "(ServiceStack.IReturnVoid,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "DeleteAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "DeleteAsync<>", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "GetAsync", "(ServiceStack.IReturnVoid,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "GetAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "GetAsync<>", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "PatchAsync", "(ServiceStack.IReturnVoid,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "PatchAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "PatchAsync<>", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "PostAsync", "(ServiceStack.IReturnVoid,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "PostAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "PostAsync<>", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "PutAsync", "(ServiceStack.IReturnVoid,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "PutAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientAsync", True, "PutAsync<>", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "CustomMethod", "(System.String,ServiceStack.IReturnVoid)", "", "Argument[1]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "CustomMethod<>", "(System.String,ServiceStack.IReturn)", "", "Argument[1]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "CustomMethod<>", "(System.String,System.Object)", "", "Argument[1]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Delete", "(ServiceStack.IReturnVoid)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Delete<>", "(ServiceStack.IReturn)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Delete<>", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Get", "(ServiceStack.IReturnVoid)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Get<>", "(ServiceStack.IReturn)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Get<>", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Patch", "(ServiceStack.IReturnVoid)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Patch<>", "(ServiceStack.IReturn)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Patch<>", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Post", "(ServiceStack.IReturnVoid)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Post<>", "(ServiceStack.IReturn)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Post<>", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Put", "(ServiceStack.IReturnVoid)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Put<>", "(ServiceStack.IReturn)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestClientSync", True, "Put<>", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestGateway", True, "Delete<>", "(ServiceStack.IReturn)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestGateway", True, "Get<>", "(ServiceStack.IReturn)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestGateway", True, "Post<>", "(ServiceStack.IReturn)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestGateway", True, "Put<>", "(ServiceStack.IReturn)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestGateway", True, "Send<>", "(ServiceStack.IReturn)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestGatewayAsync", True, "DeleteAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestGatewayAsync", True, "GetAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestGatewayAsync", True, "PostAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestGatewayAsync", True, "PutAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IRestGatewayAsync", True, "SendAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IServiceGateway", True, "Publish", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IServiceGateway", True, "PublishAll", "(System.Collections.Generic.IEnumerable)", "", "Argument[0].Element", "remote", "manual"] - - ["ServiceStack", "IServiceGateway", True, "Send<>", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IServiceGateway", True, "SendAll<>", "(System.Collections.Generic.IEnumerable)", "", "Argument[0].Element", "remote", "manual"] - - ["ServiceStack", "IServiceGatewayAsync", True, "PublishAllAsync", "(System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[0].Element", "remote", "manual"] - - ["ServiceStack", "IServiceGatewayAsync", True, "PublishAsync", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "IServiceGatewayAsync", True, "SendAllAsync<>", "(System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[0].Element", "remote", "manual"] - - ["ServiceStack", "IServiceGatewayAsync", True, "SendAsync<>", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "CustomMethod", "(System.String,System.String,System.Object)", "", "Argument[2]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "CustomMethod<>", "(System.String,System.String,System.Object)", "", "Argument[2]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "CustomMethodAsync<>", "(System.String,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[2]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "Delete", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "DownloadBytes", "(System.String,System.String,System.Object)", "", "Argument[2]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "DownloadBytesAsync", "(System.String,System.String,System.Object)", "", "Argument[2]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "Get", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "Head", "(ServiceStack.IReturn)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "Head", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "Patch", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "Post", "(System.Object)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "Publish<>", "(ServiceStack.Messaging.IMessage)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "Publish<>", "(T)", "", "Argument[0]", "remote", "manual"] - - ["ServiceStack", "ServiceClientBase", True, "Put", "(System.Object)", "", "Argument[0]", "remote", "manual"] + - ["ServiceStack", "IOneWayClient", True, "SendAllOneWay", "(System.Collections.Generic.IEnumerable)", "", "Argument[1].Element", "file-content-store", "manual"] + - ["ServiceStack", "IOneWayClient", True, "SendOneWay", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IOneWayClient", True, "SendOneWay", "(System.String,System.Object)", "", "Argument[1]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClient", True, "Patch<>", "(System.String,System.Object)", "", "Argument[1]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClient", True, "Post<>", "(System.String,System.Object)", "", "Argument[1]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClient", True, "Put<>", "(System.String,System.Object)", "", "Argument[1]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClient", True, "Send<>", "(System.String,System.String,System.Object)", "", "Argument[2]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "CustomMethodAsync", "(System.String,ServiceStack.IReturnVoid,System.Threading.CancellationToken)", "", "Argument[1]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "CustomMethodAsync<>", "(System.String,ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[1]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "CustomMethodAsync<>", "(System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[1]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "DeleteAsync", "(ServiceStack.IReturnVoid,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "DeleteAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "DeleteAsync<>", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "GetAsync", "(ServiceStack.IReturnVoid,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "GetAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "GetAsync<>", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "PatchAsync", "(ServiceStack.IReturnVoid,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "PatchAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "PatchAsync<>", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "PostAsync", "(ServiceStack.IReturnVoid,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "PostAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "PostAsync<>", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "PutAsync", "(ServiceStack.IReturnVoid,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "PutAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientAsync", True, "PutAsync<>", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "CustomMethod", "(System.String,ServiceStack.IReturnVoid)", "", "Argument[1]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "CustomMethod<>", "(System.String,ServiceStack.IReturn)", "", "Argument[1]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "CustomMethod<>", "(System.String,System.Object)", "", "Argument[1]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Delete", "(ServiceStack.IReturnVoid)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Delete<>", "(ServiceStack.IReturn)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Delete<>", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Get", "(ServiceStack.IReturnVoid)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Get<>", "(ServiceStack.IReturn)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Get<>", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Patch", "(ServiceStack.IReturnVoid)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Patch<>", "(ServiceStack.IReturn)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Patch<>", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Post", "(ServiceStack.IReturnVoid)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Post<>", "(ServiceStack.IReturn)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Post<>", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Put", "(ServiceStack.IReturnVoid)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Put<>", "(ServiceStack.IReturn)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestClientSync", True, "Put<>", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestGateway", True, "Delete<>", "(ServiceStack.IReturn)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestGateway", True, "Get<>", "(ServiceStack.IReturn)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestGateway", True, "Post<>", "(ServiceStack.IReturn)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestGateway", True, "Put<>", "(ServiceStack.IReturn)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestGateway", True, "Send<>", "(ServiceStack.IReturn)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestGatewayAsync", True, "DeleteAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestGatewayAsync", True, "GetAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestGatewayAsync", True, "PostAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestGatewayAsync", True, "PutAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IRestGatewayAsync", True, "SendAsync<>", "(ServiceStack.IReturn,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IServiceGateway", True, "Publish", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IServiceGateway", True, "PublishAll", "(System.Collections.Generic.IEnumerable)", "", "Argument[0].Element", "file-content-store", "manual"] + - ["ServiceStack", "IServiceGateway", True, "Send<>", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IServiceGateway", True, "SendAll<>", "(System.Collections.Generic.IEnumerable)", "", "Argument[0].Element", "file-content-store", "manual"] + - ["ServiceStack", "IServiceGatewayAsync", True, "PublishAllAsync", "(System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[0].Element", "file-content-store", "manual"] + - ["ServiceStack", "IServiceGatewayAsync", True, "PublishAsync", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "IServiceGatewayAsync", True, "SendAllAsync<>", "(System.Collections.Generic.IEnumerable,System.Threading.CancellationToken)", "", "Argument[0].Element", "file-content-store", "manual"] + - ["ServiceStack", "IServiceGatewayAsync", True, "SendAsync<>", "(System.Object,System.Threading.CancellationToken)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "CustomMethod", "(System.String,System.String,System.Object)", "", "Argument[2]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "CustomMethod<>", "(System.String,System.String,System.Object)", "", "Argument[2]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "CustomMethodAsync<>", "(System.String,System.String,System.Object,System.Threading.CancellationToken)", "", "Argument[2]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "Delete", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "DownloadBytes", "(System.String,System.String,System.Object)", "", "Argument[2]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "DownloadBytesAsync", "(System.String,System.String,System.Object)", "", "Argument[2]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "Get", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "Head", "(ServiceStack.IReturn)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "Head", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "Patch", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "Post", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "Publish<>", "(ServiceStack.Messaging.IMessage)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "Publish<>", "(T)", "", "Argument[0]", "file-content-store", "manual"] + - ["ServiceStack", "ServiceClientBase", True, "Put", "(System.Object)", "", "Argument[0]", "file-content-store", "manual"] - addsTo: pack: codeql/csharp-all extensible: summaryModel diff --git a/csharp/ql/lib/ext/System.Data.Entity.model.yml b/csharp/ql/lib/ext/System.Data.Entity.model.yml index 36eccd9b38d..4af662ee4c4 100644 --- a/csharp/ql/lib/ext/System.Data.Entity.model.yml +++ b/csharp/ql/lib/ext/System.Data.Entity.model.yml @@ -1,14 +1,22 @@ extensions: + - addsTo: + pack: codeql/csharp-all + extensible: summaryModel + data: + - ["System.Data.Entity", "DbSet<>", False, "Add", "(TEntity)", "", "Argument[0]", "Argument[this].Element", "value", "manual"] + - ["System.Data.Entity", "DbSet<>", False, "AddRange", "(System.Collections.Generic.IEnumerable)", "", "Argument[0].WithElement", "Argument[this]", "value", "manual"] + - ["System.Data.Entity", "DbSet<>", False, "Attach", "(TEntity)", "", "Argument[0]", "Argument[this].Element", "value", "manual"] + - addsTo: pack: codeql/csharp-all extensible: sinkModel data: - - ["System.Data.Entity", "Database", False, "ExecuteSqlCommand", "(System.Data.Entity.TransactionalBehavior,System.String,System.Object[])", "", "Argument[1]", "sql", "manual"] - - ["System.Data.Entity", "Database", False, "ExecuteSqlCommand", "(System.String,System.Object[])", "", "Argument[0]", "sql", "manual"] - - ["System.Data.Entity", "Database", False, "ExecuteSqlCommandAsync", "(System.Data.Entity.TransactionalBehavior,System.String,System.Object[])", "", "Argument[1]", "sql", "manual"] - - ["System.Data.Entity", "Database", False, "ExecuteSqlCommandAsync", "(System.Data.Entity.TransactionalBehavior,System.String,System.Threading.CancellationToken,System.Object[])", "", "Argument[1]", "sql", "manual"] - - ["System.Data.Entity", "Database", False, "ExecuteSqlCommandAsync", "(System.String,System.Object[])", "", "Argument[0]", "sql", "manual"] - - ["System.Data.Entity", "Database", False, "ExecuteSqlCommandAsync", "(System.String,System.Threading.CancellationToken,System.Object[])", "", "Argument[0]", "sql", "manual"] - - ["System.Data.Entity", "Database", False, "SqlQuery", "(System.Type,System.String,System.Object[])", "", "Argument[1]", "sql", "manual"] - - ["System.Data.Entity", "Database", False, "SqlQuery<>", "(System.String,System.Object[])", "", "Argument[0]", "sql", "manual"] - - ["System.Data.Entity", "DbSet", False, "SqlQuery", "(System.String,System.Object[])", "", "Argument[0]", "sql", "manual"] + - ["System.Data.Entity", "Database", False, "ExecuteSqlCommand", "(System.Data.Entity.TransactionalBehavior,System.String,System.Object[])", "", "Argument[1]", "sql-injection", "manual"] + - ["System.Data.Entity", "Database", False, "ExecuteSqlCommand", "(System.String,System.Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.Entity", "Database", False, "ExecuteSqlCommandAsync", "(System.Data.Entity.TransactionalBehavior,System.String,System.Object[])", "", "Argument[1]", "sql-injection", "manual"] + - ["System.Data.Entity", "Database", False, "ExecuteSqlCommandAsync", "(System.Data.Entity.TransactionalBehavior,System.String,System.Threading.CancellationToken,System.Object[])", "", "Argument[1]", "sql-injection", "manual"] + - ["System.Data.Entity", "Database", False, "ExecuteSqlCommandAsync", "(System.String,System.Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.Entity", "Database", False, "ExecuteSqlCommandAsync", "(System.String,System.Threading.CancellationToken,System.Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.Entity", "Database", False, "SqlQuery", "(System.Type,System.String,System.Object[])", "", "Argument[1]", "sql-injection", "manual"] + - ["System.Data.Entity", "Database", False, "SqlQuery<>", "(System.String,System.Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.Entity", "DbSet", False, "SqlQuery", "(System.String,System.Object[])", "", "Argument[0]", "sql-injection", "manual"] diff --git a/csharp/ql/lib/ext/System.Data.EntityClient.model.yml b/csharp/ql/lib/ext/System.Data.EntityClient.model.yml index 16a24580647..39f3e35094c 100644 --- a/csharp/ql/lib/ext/System.Data.EntityClient.model.yml +++ b/csharp/ql/lib/ext/System.Data.EntityClient.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["System.Data.EntityClient", "EntityCommand", False, "EntityCommand", "(System.String)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.EntityClient", "EntityCommand", False, "EntityCommand", "(System.String,System.Data.EntityClient.EntityConnection)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.EntityClient", "EntityCommand", False, "EntityCommand", "(System.String,System.Data.EntityClient.EntityConnection,System.Data.EntityClient.EntityTransaction)", "", "Argument[0]", "sql", "manual"] + - ["System.Data.EntityClient", "EntityCommand", False, "EntityCommand", "(System.String)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.EntityClient", "EntityCommand", False, "EntityCommand", "(System.String,System.Data.EntityClient.EntityConnection)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.EntityClient", "EntityCommand", False, "EntityCommand", "(System.String,System.Data.EntityClient.EntityConnection,System.Data.EntityClient.EntityTransaction)", "", "Argument[0]", "sql-injection", "manual"] diff --git a/csharp/ql/lib/ext/System.Data.Odbc.model.yml b/csharp/ql/lib/ext/System.Data.Odbc.model.yml index d1f6a24d5fc..0648bb0bbd0 100644 --- a/csharp/ql/lib/ext/System.Data.Odbc.model.yml +++ b/csharp/ql/lib/ext/System.Data.Odbc.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["System.Data.Odbc", "OdbcCommand", False, "OdbcCommand", "(System.String)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.Odbc", "OdbcCommand", False, "OdbcCommand", "(System.String,System.Data.Odbc.OdbcConnection)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.Odbc", "OdbcCommand", False, "OdbcCommand", "(System.String,System.Data.Odbc.OdbcConnection,System.Data.Odbc.OdbcTransaction)", "", "Argument[0]", "sql", "manual"] + - ["System.Data.Odbc", "OdbcCommand", False, "OdbcCommand", "(System.String)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.Odbc", "OdbcCommand", False, "OdbcCommand", "(System.String,System.Data.Odbc.OdbcConnection)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.Odbc", "OdbcCommand", False, "OdbcCommand", "(System.String,System.Data.Odbc.OdbcConnection,System.Data.Odbc.OdbcTransaction)", "", "Argument[0]", "sql-injection", "manual"] diff --git a/csharp/ql/lib/ext/System.Data.OleDb.model.yml b/csharp/ql/lib/ext/System.Data.OleDb.model.yml index ebe3cc8b157..41e686537b8 100644 --- a/csharp/ql/lib/ext/System.Data.OleDb.model.yml +++ b/csharp/ql/lib/ext/System.Data.OleDb.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["System.Data.OleDb", "OleDbCommand", False, "OleDbCommand", "(System.String)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.OleDb", "OleDbCommand", False, "OleDbCommand", "(System.String,System.Data.OleDb.OleDbConnection)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.OleDb", "OleDbCommand", False, "OleDbCommand", "(System.String,System.Data.OleDb.OleDbConnection,System.Data.OleDb.OleDbTransaction)", "", "Argument[0]", "sql", "manual"] + - ["System.Data.OleDb", "OleDbCommand", False, "OleDbCommand", "(System.String)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.OleDb", "OleDbCommand", False, "OleDbCommand", "(System.String,System.Data.OleDb.OleDbConnection)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.OleDb", "OleDbCommand", False, "OleDbCommand", "(System.String,System.Data.OleDb.OleDbConnection,System.Data.OleDb.OleDbTransaction)", "", "Argument[0]", "sql-injection", "manual"] diff --git a/csharp/ql/lib/ext/System.Data.SQLite.model.yml b/csharp/ql/lib/ext/System.Data.SQLite.model.yml index d6d1d70e608..e1cdb6a1a84 100644 --- a/csharp/ql/lib/ext/System.Data.SQLite.model.yml +++ b/csharp/ql/lib/ext/System.Data.SQLite.model.yml @@ -3,13 +3,13 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["System.Data.SQLite", "SQLiteCommand", False, "SQLiteCommand", "(System.String)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.SQLite", "SQLiteCommand", False, "SQLiteCommand", "(System.String,System.Data.SQLite.SQLiteConnection)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.SQLite", "SQLiteCommand", False, "SQLiteCommand", "(System.String,System.Data.SQLite.SQLiteConnection,System.Data.SQLite.SQLiteTransaction)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.SQLite", "SQLiteDataAdapter", False, "SQLiteDataAdapter", "(System.Data.SQLite.SQLiteCommand)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.SQLite", "SQLiteDataAdapter", False, "SQLiteDataAdapter", "(System.String,System.Data.SQLite.SQLiteConnection)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.SQLite", "SQLiteDataAdapter", False, "SQLiteDataAdapter", "(System.String,System.String)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.SQLite", "SQLiteDataAdapter", False, "SQLiteDataAdapter", "(System.String,System.String,System.Boolean)", "", "Argument[0]", "sql", "manual"] + - ["System.Data.SQLite", "SQLiteCommand", False, "SQLiteCommand", "(System.String)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.SQLite", "SQLiteCommand", False, "SQLiteCommand", "(System.String,System.Data.SQLite.SQLiteConnection)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.SQLite", "SQLiteCommand", False, "SQLiteCommand", "(System.String,System.Data.SQLite.SQLiteConnection,System.Data.SQLite.SQLiteTransaction)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.SQLite", "SQLiteDataAdapter", False, "SQLiteDataAdapter", "(System.Data.SQLite.SQLiteCommand)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.SQLite", "SQLiteDataAdapter", False, "SQLiteDataAdapter", "(System.String,System.Data.SQLite.SQLiteConnection)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.SQLite", "SQLiteDataAdapter", False, "SQLiteDataAdapter", "(System.String,System.String)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.SQLite", "SQLiteDataAdapter", False, "SQLiteDataAdapter", "(System.String,System.String,System.Boolean)", "", "Argument[0]", "sql-injection", "manual"] - addsTo: pack: codeql/csharp-all extensible: summaryModel diff --git a/csharp/ql/lib/ext/System.Data.SqlClient.model.yml b/csharp/ql/lib/ext/System.Data.SqlClient.model.yml index 2040e0f9798..211fe1faa84 100644 --- a/csharp/ql/lib/ext/System.Data.SqlClient.model.yml +++ b/csharp/ql/lib/ext/System.Data.SqlClient.model.yml @@ -3,12 +3,12 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["System.Data.SqlClient", "SqlCommand", False, "SqlCommand", "(System.String)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.SqlClient", "SqlCommand", False, "SqlCommand", "(System.String,System.Data.SqlClient.SqlConnection)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.SqlClient", "SqlCommand", False, "SqlCommand", "(System.String,System.Data.SqlClient.SqlConnection,System.Data.SqlClient.SqlTransaction)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.SqlClient", "SqlDataAdapter", False, "SqlDataAdapter", "(System.Data.SqlClient.SqlCommand)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.SqlClient", "SqlDataAdapter", False, "SqlDataAdapter", "(System.String,System.Data.SqlClient.SqlConnection)", "", "Argument[0]", "sql", "manual"] - - ["System.Data.SqlClient", "SqlDataAdapter", False, "SqlDataAdapter", "(System.String,System.String)", "", "Argument[0]", "sql", "manual"] + - ["System.Data.SqlClient", "SqlCommand", False, "SqlCommand", "(System.String)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.SqlClient", "SqlCommand", False, "SqlCommand", "(System.String,System.Data.SqlClient.SqlConnection)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.SqlClient", "SqlCommand", False, "SqlCommand", "(System.String,System.Data.SqlClient.SqlConnection,System.Data.SqlClient.SqlTransaction)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.SqlClient", "SqlDataAdapter", False, "SqlDataAdapter", "(System.Data.SqlClient.SqlCommand)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.SqlClient", "SqlDataAdapter", False, "SqlDataAdapter", "(System.String,System.Data.SqlClient.SqlConnection)", "", "Argument[0]", "sql-injection", "manual"] + - ["System.Data.SqlClient", "SqlDataAdapter", False, "SqlDataAdapter", "(System.String,System.String)", "", "Argument[0]", "sql-injection", "manual"] - addsTo: pack: codeql/csharp-all extensible: summaryModel diff --git a/csharp/ql/lib/ext/System.Net.Http.model.yml b/csharp/ql/lib/ext/System.Net.Http.model.yml index 0eafc30988a..4b5f4d193e7 100644 --- a/csharp/ql/lib/ext/System.Net.Http.model.yml +++ b/csharp/ql/lib/ext/System.Net.Http.model.yml @@ -3,7 +3,7 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["System.Net.Http", "StringContent", False, "StringContent", "", "", "Argument[0]", "xss", "manual"] + - ["System.Net.Http", "StringContent", False, "StringContent", "", "", "Argument[0]", "js-injection", "manual"] - addsTo: pack: codeql/csharp-all extensible: summaryModel diff --git a/csharp/ql/lib/ext/System.Web.model.yml b/csharp/ql/lib/ext/System.Web.model.yml index 5cf065ec6dd..a2a7470ef8e 100644 --- a/csharp/ql/lib/ext/System.Web.model.yml +++ b/csharp/ql/lib/ext/System.Web.model.yml @@ -3,10 +3,10 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["System.Web", "HttpResponse", False, "BinaryWrite", "", "", "Argument[0]", "html", "manual"] - - ["System.Web", "HttpResponse", False, "TransmitFile", "", "", "Argument[0]", "html", "manual"] - - ["System.Web", "HttpResponse", False, "Write", "", "", "Argument[0]", "html", "manual"] - - ["System.Web", "HttpResponse", False, "WriteFile", "", "", "Argument[0]", "html", "manual"] + - ["System.Web", "HttpResponse", False, "BinaryWrite", "", "", "Argument[0]", "html-injection", "manual"] + - ["System.Web", "HttpResponse", False, "TransmitFile", "", "", "Argument[0]", "html-injection", "manual"] + - ["System.Web", "HttpResponse", False, "Write", "", "", "Argument[0]", "html-injection", "manual"] + - ["System.Web", "HttpResponse", False, "WriteFile", "", "", "Argument[0]", "html-injection", "manual"] - addsTo: pack: codeql/csharp-all extensible: summaryModel diff --git a/csharp/ql/lib/ext/generated/dotnet_runtime.model.yml b/csharp/ql/lib/ext/generated/dotnet_runtime.model.yml index 6ec7a3cb93a..a5dc7699795 100644 --- a/csharp/ql/lib/ext/generated/dotnet_runtime.model.yml +++ b/csharp/ql/lib/ext/generated/dotnet_runtime.model.yml @@ -7,10 +7,10 @@ extensions: pack: codeql/csharp-all extensible: sinkModel data: - - ["System.Data.Odbc", "OdbcDataAdapter", false, "OdbcDataAdapter", "(System.String,System.Data.Odbc.OdbcConnection)", "", "Argument[0]", "sql", "df-generated"] - - ["System.Data.Odbc", "OdbcDataAdapter", false, "OdbcDataAdapter", "(System.String,System.String)", "", "Argument[0]", "sql", "df-generated"] - - ["System.Net.Http", "StringContent", false, "StringContent", "(System.String)", "", "Argument[0]", "xss", "df-generated"] - - ["System.Net.Http", "StringContent", false, "StringContent", "(System.String,System.Text.Encoding)", "", "Argument[0]", "xss", "df-generated"] + - ["System.Data.Odbc", "OdbcDataAdapter", false, "OdbcDataAdapter", "(System.String,System.Data.Odbc.OdbcConnection)", "", "Argument[0]", "sql-injection", "df-generated"] + - ["System.Data.Odbc", "OdbcDataAdapter", false, "OdbcDataAdapter", "(System.String,System.String)", "", "Argument[0]", "sql-injection", "df-generated"] + - ["System.Net.Http", "StringContent", false, "StringContent", "(System.String)", "", "Argument[0]", "js-injection", "df-generated"] + - ["System.Net.Http", "StringContent", false, "StringContent", "(System.String,System.Text.Encoding)", "", "Argument[0]", "js-injection", "df-generated"] - ["System.Security.Cryptography", "AesCryptoServiceProvider", false, "CreateDecryptor", "(System.Byte[],System.Byte[])", "", "Argument[0]", "encryption-decryptor", "df-generated"] - ["System.Security.Cryptography", "AesCryptoServiceProvider", false, "CreateEncryptor", "(System.Byte[],System.Byte[])", "", "Argument[0]", "encryption-encryptor", "df-generated"] - ["System.Security.Cryptography", "AesCryptoServiceProvider", false, "set_Key", "(System.Byte[])", "", "Argument[0]", "encryption-keyprop", "df-generated"] @@ -34,7 +34,7 @@ extensions: - ["System.Security.Cryptography", "TripleDESCryptoServiceProvider", false, "CreateEncryptor", "(System.Byte[],System.Byte[])", "", "Argument[0]", "encryption-encryptor", "df-generated"] - ["System.Security.Cryptography", "TripleDESCryptoServiceProvider", false, "set_Key", "(System.Byte[])", "", "Argument[0]", "encryption-keyprop", "df-generated"] - + - addsTo: @@ -51946,6 +51946,3 @@ extensions: - ["System", "WeakReference<>", "TryGetTarget", "(T)", "summary", "df-generated"] - ["System", "WeakReference<>", "WeakReference", "(T)", "summary", "df-generated"] - ["System", "WeakReference<>", "WeakReference", "(T,System.Boolean)", "summary", "df-generated"] - - - \ No newline at end of file diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index 452dd3e140f..17e00fa022c 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 0.6.2-dev +version: 0.6.3-dev groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp @@ -12,3 +12,4 @@ dependencies: dataExtensions: - ext/*.model.yml - ext/generated/*.model.yml +warnOnImplicitThis: true diff --git a/csharp/ql/lib/semmle/code/asp/WebConfig.qll b/csharp/ql/lib/semmle/code/asp/WebConfig.qll index 49e42fce5c1..fdc251b4242 100644 --- a/csharp/ql/lib/semmle/code/asp/WebConfig.qll +++ b/csharp/ql/lib/semmle/code/asp/WebConfig.qll @@ -18,9 +18,6 @@ class WebConfigReleaseTransformXml extends XmlFile { WebConfigReleaseTransformXml() { this.getName().matches("%Web.Release.config") } } -/** DEPRECATED: Alias for WebConfigXml */ -deprecated class WebConfigXML = WebConfigXml; - /** A `` tag in an ASP.NET configuration file. */ class ConfigurationXmlElement extends XmlElement { ConfigurationXmlElement() { this.getName().toLowerCase() = "configuration" } @@ -31,9 +28,6 @@ class CompilationXmlElement extends XmlElement { CompilationXmlElement() { this.getName().toLowerCase() = "compilation" } } -/** DEPRECATED: Alias for ConfigurationXmlElement */ -deprecated class ConfigurationXMLElement = ConfigurationXmlElement; - /** A `` tag in an ASP.NET configuration file. */ class LocationXmlElement extends XmlElement { LocationXmlElement() { @@ -42,9 +36,6 @@ class LocationXmlElement extends XmlElement { } } -/** DEPRECATED: Alias for LocationXmlElement */ -deprecated class LocationXMLElement = LocationXmlElement; - /** A `` tag in an ASP.NET configuration file. */ class SystemWebXmlElement extends XmlElement { SystemWebXmlElement() { @@ -57,9 +48,6 @@ class SystemWebXmlElement extends XmlElement { } } -/** DEPRECATED: Alias for SystemWebXmlElement */ -deprecated class SystemWebXMLElement = SystemWebXmlElement; - /** A `` tag in an ASP.NET configuration file. */ class SystemWebServerXmlElement extends XmlElement { SystemWebServerXmlElement() { @@ -72,9 +60,6 @@ class SystemWebServerXmlElement extends XmlElement { } } -/** DEPRECATED: Alias for SystemWebServerXmlElement */ -deprecated class SystemWebServerXMLElement = SystemWebServerXmlElement; - /** A `` tag in an ASP.NET configuration file. */ class CustomErrorsXmlElement extends XmlElement { CustomErrorsXmlElement() { @@ -83,9 +68,6 @@ class CustomErrorsXmlElement extends XmlElement { } } -/** DEPRECATED: Alias for CustomErrorsXmlElement */ -deprecated class CustomErrorsXMLElement = CustomErrorsXmlElement; - /** A `` tag in an ASP.NET configuration file. */ class HttpRuntimeXmlElement extends XmlElement { HttpRuntimeXmlElement() { @@ -94,9 +76,6 @@ class HttpRuntimeXmlElement extends XmlElement { } } -/** DEPRECATED: Alias for HttpRuntimeXmlElement */ -deprecated class HttpRuntimeXMLElement = HttpRuntimeXmlElement; - /** A `` tag under `` in an ASP.NET configuration file. */ class FormsElement extends XmlElement { FormsElement() { diff --git a/csharp/ql/lib/semmle/code/cil/Handler.qll b/csharp/ql/lib/semmle/code/cil/Handler.qll index da90fe872db..f0661ccf35e 100644 --- a/csharp/ql/lib/semmle/code/cil/Handler.qll +++ b/csharp/ql/lib/semmle/code/cil/Handler.qll @@ -38,21 +38,21 @@ class Handler extends Element, EntryPoint, @cil_handler { * Holds if the instruction `i` is in the scope of this handler. */ predicate isInScope(Instruction i) { - i.getImplementation() = getImplementation() and - i.getIndex() in [getTryStart().getIndex() .. getTryEnd().getIndex()] + i.getImplementation() = this.getImplementation() and + i.getIndex() in [this.getTryStart().getIndex() .. this.getTryEnd().getIndex()] } override string toString() { none() } override Instruction getASuccessorType(FlowType t) { - result = getHandlerStart() and + result = this.getHandlerStart() and t instanceof NormalFlow } /** Gets the type of the caught exception, if any. */ Type getCaughtType() { cil_handler_type(this, result) } - override Location getLocation() { result = getTryStart().getLocation() } + override Location getLocation() { result = this.getTryStart().getLocation() } } /** A handler corresponding to a `finally` block. */ @@ -72,7 +72,7 @@ class FilterHandler extends Handler, @cil_filter_handler { /** A handler corresponding to a `catch` clause. */ class CatchHandler extends Handler, @cil_catch_handler { - override string toString() { result = "catch(" + getCaughtType().getName() + ") {...}" } + override string toString() { result = "catch(" + this.getCaughtType().getName() + ") {...}" } override int getPushCount() { result = 1 } } diff --git a/csharp/ql/lib/semmle/code/cil/Types.qll b/csharp/ql/lib/semmle/code/cil/Types.qll index 0e41fe748f4..2cfc09daf99 100644 --- a/csharp/ql/lib/semmle/code/cil/Types.qll +++ b/csharp/ql/lib/semmle/code/cil/Types.qll @@ -60,11 +60,6 @@ class Class extends ValueOrRefType { Class() { this.isClass() } } -/** A `record`. */ -deprecated class Record extends Class { - Record() { this.isRecord() } -} - /** An `interface`. */ class Interface extends ValueOrRefType { Interface() { this.isInterface() } diff --git a/csharp/ql/lib/semmle/code/csharp/Comments.qll b/csharp/ql/lib/semmle/code/csharp/Comments.qll index e4070ec48ca..101e002fe50 100644 --- a/csharp/ql/lib/semmle/code/csharp/Comments.qll +++ b/csharp/ql/lib/semmle/code/csharp/Comments.qll @@ -70,28 +70,28 @@ class XmlCommentLine extends CommentLine, @xmldoccomment { override string toString() { result = "/// ..." } private string xmlAttributeRegex() { - result = "(" + xmlIdentifierRegex() + ")(?:\\s*=\\s*[\"']([^\"']*)[\"'])" + result = "(" + this.xmlIdentifierRegex() + ")(?:\\s*=\\s*[\"']([^\"']*)[\"'])" } private string xmlIdentifierRegex() { result = "\\w+" } - private string xmlTagOpenRegex() { result = "<\\s*" + xmlIdentifierRegex() } + private string xmlTagOpenRegex() { result = "<\\s*" + this.xmlIdentifierRegex() } private string xmlTagIntroRegex() { - result = xmlTagOpenRegex() + "(?:\\s*" + xmlAttributeRegex() + ")*" + result = this.xmlTagOpenRegex() + "(?:\\s*" + this.xmlAttributeRegex() + ")*" } - private string xmlTagCloseRegex() { result = "" } + private string xmlTagCloseRegex() { result = "" } /** Gets the text inside the XML element at character offset `offset`. */ private string getElement(int offset) { - result = getText().regexpFind(xmlTagIntroRegex(), _, offset) + result = this.getText().regexpFind(this.xmlTagIntroRegex(), _, offset) } /** Gets the name of the opening tag at offset `offset`. */ string getOpenTag(int offset) { exists(int offset1, int offset2 | - result = getElement(offset1).regexpFind(xmlIdentifierRegex(), 0, offset2) and + result = this.getElement(offset1).regexpFind(this.xmlIdentifierRegex(), 0, offset2) and offset = offset1 + offset2 ) } @@ -100,9 +100,9 @@ class XmlCommentLine extends CommentLine, @xmldoccomment { string getCloseTag(int offset) { exists(int offset1, int offset2 | result = - getText() - .regexpFind(xmlTagCloseRegex(), _, offset1) - .regexpFind(xmlIdentifierRegex(), 0, offset2) and + this.getText() + .regexpFind(this.xmlTagCloseRegex(), _, offset1) + .regexpFind(this.xmlIdentifierRegex(), 0, offset2) and offset = offset1 + offset2 ) } @@ -112,14 +112,14 @@ class XmlCommentLine extends CommentLine, @xmldoccomment { exists(int offset1, int offset2 | ( result = - getText() - .regexpFind(xmlTagIntroRegex() + "\\s*/>", _, offset1) - .regexpFind(xmlIdentifierRegex(), 0, offset2) or + this.getText() + .regexpFind(this.xmlTagIntroRegex() + "\\s*/>", _, offset1) + .regexpFind(this.xmlIdentifierRegex(), 0, offset2) or result = - getText() - .regexpFind(xmlTagIntroRegex() + "\\s*>\\s*", _, - offset1) - .regexpFind(xmlIdentifierRegex(), 0, offset2) + this.getText() + .regexpFind(this.xmlTagIntroRegex() + "\\s*>\\s*", _, offset1) + .regexpFind(this.xmlIdentifierRegex(), 0, offset2) ) and offset = offset1 + offset2 ) @@ -130,18 +130,18 @@ class XmlCommentLine extends CommentLine, @xmldoccomment { * for a given XML attribute name `key` and element offset `offset`. */ string getAttribute(string element, string key, int offset) { - exists(int offset1, int offset2, string elt, string pair | elt = getElement(offset1) | - element = elt.regexpFind(xmlIdentifierRegex(), 0, offset2) and + exists(int offset1, int offset2, string elt, string pair | elt = this.getElement(offset1) | + element = elt.regexpFind(this.xmlIdentifierRegex(), 0, offset2) and offset = offset1 + offset2 and - pair = elt.regexpFind(xmlAttributeRegex(), _, _) and - key = pair.regexpCapture(xmlAttributeRegex(), 1) and - result = pair.regexpCapture(xmlAttributeRegex(), 2) + pair = elt.regexpFind(this.xmlAttributeRegex(), _, _) and + key = pair.regexpCapture(this.xmlAttributeRegex(), 1) and + result = pair.regexpCapture(this.xmlAttributeRegex(), 2) ) } /** Holds if the XML element at the given offset is not empty. */ predicate hasBody(string element, int offset) { - element = getOpenTag(offset) and not element = getEmptyTag(offset) + element = this.getOpenTag(offset) and not element = this.getEmptyTag(offset) } } @@ -156,13 +156,13 @@ class XmlCommentLine extends CommentLine, @xmldoccomment { */ class CommentBlock extends @commentblock { /** Gets a textual representation of this comment block. */ - string toString() { result = getChild(0).toString() } + string toString() { result = this.getChild(0).toString() } /** Gets the location of this comment block */ Location getLocation() { commentblock_location(this, result) } /** Gets the number of lines in this comment block. */ - int getNumLines() { result = count(getAChild()) } + int getNumLines() { result = count(this.getAChild()) } /** Gets the `c`th child of this comment block (numbered from 0). */ CommentLine getChild(int c) { commentblock_child(this, result, c) } @@ -189,23 +189,23 @@ class CommentBlock extends @commentblock { Element getAnElement() { commentblock_binding(this, result, _) } /** Gets a line of text in this comment block. */ - string getALine() { result = getAChild().getText() } + string getALine() { result = this.getAChild().getText() } /** Holds if the comment has no associated `Element`. */ - predicate isOrphan() { not exists(getElement()) } + predicate isOrphan() { not exists(this.getElement()) } /** Holds if this block consists entirely of XML comments. */ predicate isXmlCommentBlock() { - forall(CommentLine l | l = getAChild() | l instanceof XmlCommentLine) + forall(CommentLine l | l = this.getAChild() | l instanceof XmlCommentLine) } /** Gets a `CommentLine` containing text. */ - CommentLine getANonEmptyLine() { result = getAChild() and result.getText().length() != 0 } + CommentLine getANonEmptyLine() { result = this.getAChild() and result.getText().length() != 0 } /** Gets a `CommentLine` that might contain code. */ CommentLine getAProbableCodeLine() { // Logic taken verbatim from Java query CommentedCode.qll - result = getAChild() and + result = this.getAChild() and exists(string trimmed | trimmed = result.getText().regexpReplaceAll("\\s*//.*$", "") | trimmed.matches("%;") or trimmed.matches("%{") or trimmed.matches("%}") ) diff --git a/csharp/ql/lib/semmle/code/csharp/Type.qll b/csharp/ql/lib/semmle/code/csharp/Type.qll index 8bb92c8c86a..85fde20e07d 100644 --- a/csharp/ql/lib/semmle/code/csharp/Type.qll +++ b/csharp/ql/lib/semmle/code/csharp/Type.qll @@ -780,16 +780,6 @@ class Class extends RefType, @class_type { override string getAPrimaryQlClass() { result = "Class" } } -/** - * DEPRECATED: Use `RecordClass` instead. - */ -deprecated class Record extends Class { - Record() { this.isRecord() } - - /** Gets the clone method of this record. */ - RecordCloneMethod getCloneMethod() { result = this.getAMember() } -} - /** * A `record`, for example * diff --git a/csharp/ql/lib/semmle/code/csharp/commons/Compilation.qll b/csharp/ql/lib/semmle/code/csharp/commons/Compilation.qll index 6af0af0e8a9..a8eaad13b80 100644 --- a/csharp/ql/lib/semmle/code/csharp/commons/Compilation.qll +++ b/csharp/ql/lib/semmle/code/csharp/commons/Compilation.qll @@ -13,25 +13,27 @@ class Compilation extends @compilation { Assembly getOutputAssembly() { compilation_assembly(this, result) } /** Gets the folder in which this compilation was run. */ - Folder getFolder() { result.getAbsolutePath() = getDirectoryString() } + Folder getFolder() { result.getAbsolutePath() = this.getDirectoryString() } /** Gets the `i`th command line argument. */ string getArgument(int i) { compilation_args(this, i, result) } /** Gets the arguments as a concatenated string. */ - string getArguments() { result = concat(int i | exists(getArgument(i)) | getArgument(i), " ") } + string getArguments() { + result = concat(int i | exists(this.getArgument(i)) | this.getArgument(i), " ") + } /** Gets the 'i'th source file in this compilation. */ File getFileCompiled(int i) { compilation_compiling_files(this, i, result) } /** Gets a source file compiled in this compilation. */ - File getAFileCompiled() { result = getFileCompiled(_) } + File getAFileCompiled() { result = this.getFileCompiled(_) } /** Gets the `i`th reference in this compilation. */ File getReference(int i) { compilation_referencing_files(this, i, result) } /** Gets a reference in this compilation. */ - File getAReference() { result = getReference(_) } + File getAReference() { result = this.getReference(_) } /** Gets a diagnostic associated with this compilation. */ Diagnostic getADiagnostic() { result.getCompilation() = this } @@ -40,25 +42,25 @@ class Compilation extends @compilation { float getMetric(int metric) { compilation_time(this, -1, metric, result) } /** Gets the CPU time of the compilation. */ - float getFrontendCpuSeconds() { result = getMetric(0) } + float getFrontendCpuSeconds() { result = this.getMetric(0) } /** Gets the elapsed time of the compilation. */ - float getFrontendElapsedSeconds() { result = getMetric(1) } + float getFrontendElapsedSeconds() { result = this.getMetric(1) } /** Gets the CPU time of the extraction. */ - float getExtractorCpuSeconds() { result = getMetric(2) } + float getExtractorCpuSeconds() { result = this.getMetric(2) } /** Gets the elapsed time of the extraction. */ - float getExtractorElapsedSeconds() { result = getMetric(3) } + float getExtractorElapsedSeconds() { result = this.getMetric(3) } /** Gets the user CPU time of the compilation. */ - float getFrontendUserCpuSeconds() { result = getMetric(4) } + float getFrontendUserCpuSeconds() { result = this.getMetric(4) } /** Gets the user CPU time of the extraction. */ - float getExtractorUserCpuSeconds() { result = getMetric(5) } + float getExtractorUserCpuSeconds() { result = this.getMetric(5) } /** Gets the peak working set of the extractor process in MB. */ - float getPeakWorkingSetMB() { result = getMetric(6) } + float getPeakWorkingSetMB() { result = this.getMetric(6) } /** Gets the CPU seconds for the entire extractor process. */ float getCpuSeconds() { compilation_finished(this, result, _) } diff --git a/csharp/ql/lib/semmle/code/csharp/commons/StructuralComparison.qll b/csharp/ql/lib/semmle/code/csharp/commons/StructuralComparison.qll index 60d7bacf4d4..ca009448c10 100644 --- a/csharp/ql/lib/semmle/code/csharp/commons/StructuralComparison.qll +++ b/csharp/ql/lib/semmle/code/csharp/commons/StructuralComparison.qll @@ -200,43 +200,3 @@ predicate sameGvn(ControlFlowElement x, ControlFlowElement y) { pragma[only_bind_into](toGvn(pragma[only_bind_out](x))) = pragma[only_bind_into](toGvn(pragma[only_bind_out](y))) } - -/** - * DEPRECATED: Use `sameGvn` instead. - * - * A configuration for performing structural comparisons of program elements - * (expressions and statements). - * - * The predicate `candidate()` must be overridden, in order to identify the - * elements for which to perform structural comparison. - * - * Each use of the library is identified by a unique string value. - */ -abstract deprecated class StructuralComparisonConfiguration extends string { - bindingset[this] - StructuralComparisonConfiguration() { any() } - - /** - * Holds if elements `x` and `y` are candidates for testing structural - * equality. - * - * Subclasses are expected to override this predicate to identify the - * top-level elements which they want to compare. Care should be - * taken to avoid identifying too many pairs of elements, as in general - * there are very many structurally equal subtrees in a program, and - * in order to keep the computation feasible we must focus attention. - * - * Note that this relation is not expected to be symmetric -- it's - * fine to include a pair `(x, y)` but not `(y, x)`. - * In fact, not including the symmetrically implied fact will save - * half the computation time on the structural comparison. - */ - abstract predicate candidate(ControlFlowElement x, ControlFlowElement y); - - /** - * Holds if elements `x` and `y` structurally equal. `x` and `y` must be - * flagged as candidates for structural equality, that is, - * `candidate(x, y)` must hold. - */ - predicate same(ControlFlowElement x, ControlFlowElement y) { candidate(x, y) and sameGvn(x, y) } -} diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll index 8e8661f82d5..d683e03dc2d 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll @@ -335,7 +335,8 @@ module LocalFlow { exists(ControlFlow::BasicBlock bb, int i | SsaImpl::lastRefBeforeRedefExt(def, bb, i, next.getDefinitionExt()) and def.definesAt(_, bb, i, _) and - def = getSsaDefinitionExt(nodeFrom) + def = getSsaDefinitionExt(nodeFrom) and + nodeFrom != next ) } @@ -414,7 +415,8 @@ module LocalFlow { ) { exists(CIL::BasicBlock bb, int i | CilSsaImpl::lastRefBeforeRedefExt(def, bb, i, next) | def.definesAt(_, bb, i, _) and - def = nodeFrom.(CilSsaDefinitionExtNode).getDefinition() + def = nodeFrom.(CilSsaDefinitionExtNode).getDefinition() and + def != next or nodeFrom = TCilExprNode(bb.getNode(i).(CIL::ReadAccess)) ) @@ -440,7 +442,8 @@ module LocalFlow { exists(CIL::ReadAccess readFrom, CIL::ReadAccess readTo | CilSsaImpl::hasAdjacentReadsExt(def, readFrom, readTo) and nodeTo = TCilExprNode(readTo) and - nodeFrom = TCilExprNode(readFrom) + nodeFrom = TCilExprNode(readFrom) and + nodeFrom != nodeTo ) or // Flow into phi (read) node @@ -483,7 +486,8 @@ module LocalFlow { or hasNodePath(any(LocalExprStepConfiguration x), nodeFrom, nodeTo) or - ThisFlow::adjacentThisRefs(nodeFrom, nodeTo) + ThisFlow::adjacentThisRefs(nodeFrom, nodeTo) and + nodeFrom != nodeTo or ThisFlow::adjacentThisRefs(nodeFrom.(PostUpdateNode).getPreUpdateNode(), nodeTo) or @@ -541,7 +545,8 @@ predicate simpleLocalFlowStep(Node nodeFrom, Node nodeTo) { exists(SsaImpl::DefinitionExt def | LocalFlow::localSsaFlowStepUseUse(def, nodeFrom, nodeTo) and not FlowSummaryImpl::Private::Steps::prohibitsUseUseFlow(nodeFrom, _) and - not LocalFlow::usesInstanceField(def) + not LocalFlow::usesInstanceField(def) and + nodeFrom != nodeTo ) or // Flow into phi (read)/uncertain SSA definition node from read @@ -880,7 +885,8 @@ private module Cached { predicate localFlowStepImpl(Node nodeFrom, Node nodeTo) { LocalFlow::localFlowStepCommon(nodeFrom, nodeTo) or - LocalFlow::localSsaFlowStepUseUse(_, nodeFrom, nodeTo) + LocalFlow::localSsaFlowStepUseUse(_, nodeFrom, nodeTo) and + nodeFrom != nodeTo or exists(SsaImpl::DefinitionExt def | LocalFlow::localSsaFlowStep(def, nodeFrom, nodeTo) and diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPublic.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPublic.qll index b22712087f2..b3599e3404e 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPublic.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPublic.qll @@ -106,16 +106,6 @@ class ParameterNode extends Node instanceof ParameterNodeImpl { result = c.asCallable().getParameter(ppos.getPosition()) ) } - - /** - * DEPRECATED - * - * Holds if this node is the parameter of callable `c` at the specified - * (zero-based) position. - */ - deprecated predicate isParameterOf(DataFlowCallable c, int i) { - super.isParameterOf(c, any(ParameterPosition pos | i = pos.getPosition())) - } } /** A definition, viewed as a node in a data flow graph. */ diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll index 034c6101de3..e6379f6a170 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll @@ -166,28 +166,21 @@ module Public { SummaryComponentStack return(ReturnKind rk) { result = singleton(SummaryComponent::return(rk)) } } - private predicate noComponentSpecific(SummaryComponent sc) { - not exists(getComponentSpecific(sc)) - } - /** Gets a textual representation of this component used for flow summaries. */ private string getComponent(SummaryComponent sc) { result = getComponentSpecific(sc) or - noComponentSpecific(sc) and - ( - exists(ArgumentPosition pos | - sc = TParameterSummaryComponent(pos) and - result = "Parameter[" + getArgumentPosition(pos) + "]" - ) - or - exists(ParameterPosition pos | - sc = TArgumentSummaryComponent(pos) and - result = "Argument[" + getParameterPosition(pos) + "]" - ) - or - sc = TReturnSummaryComponent(getReturnValueKind()) and result = "ReturnValue" + exists(ArgumentPosition pos | + sc = TParameterSummaryComponent(pos) and + result = "Parameter[" + getArgumentPosition(pos) + "]" ) + or + exists(ParameterPosition pos | + sc = TArgumentSummaryComponent(pos) and + result = "Argument[" + getParameterPosition(pos) + "]" + ) + or + sc = TReturnSummaryComponent(getReturnValueKind()) and result = "ReturnValue" } /** Gets a textual representation of this stack used for flow summaries. */ diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImplSpecific.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImplSpecific.qll index b86601e6b54..97a27c65ef0 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImplSpecific.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImplSpecific.qll @@ -198,8 +198,8 @@ string getComponentSpecific(SummaryComponent sc) { or exists(ReturnKind rk | sc = TReturnSummaryComponent(rk) and - result = "ReturnValue[" + rk + "]" and - not rk instanceof NormalReturnKind + not rk = getReturnValueKind() and + result = "ReturnValue[" + rk + "]" ) } diff --git a/csharp/ql/lib/semmle/code/csharp/dispatch/RuntimeCallable.qll b/csharp/ql/lib/semmle/code/csharp/dispatch/RuntimeCallable.qll index bb279fcb4fb..2e62d94a4ab 100644 --- a/csharp/ql/lib/semmle/code/csharp/dispatch/RuntimeCallable.qll +++ b/csharp/ql/lib/semmle/code/csharp/dispatch/RuntimeCallable.qll @@ -16,7 +16,7 @@ class RuntimeCallable extends DotNet::Callable { RuntimeCallable() { not this.(Modifiable).isAbstract() and ( - not getDeclaringType() instanceof Interface or + not this.getDeclaringType() instanceof Interface or this.(Virtualizable).isVirtual() ) } @@ -35,7 +35,7 @@ class RuntimeMethod extends RuntimeCallable { /** A run-time instance method. */ class RuntimeInstanceMethod extends RuntimeMethod { - RuntimeInstanceMethod() { not isStatic() } + RuntimeInstanceMethod() { not this.isStatic() } } /** A run-time operator. */ @@ -46,5 +46,5 @@ class RuntimeAccessor extends Accessor, RuntimeCallable { } /** A run-time instance accessor. */ class RuntimeInstanceAccessor extends RuntimeAccessor { - RuntimeInstanceAccessor() { not isStatic() } + RuntimeInstanceAccessor() { not this.isStatic() } } diff --git a/csharp/ql/lib/semmle/code/csharp/exprs/ComparisonOperation.qll b/csharp/ql/lib/semmle/code/csharp/exprs/ComparisonOperation.qll index 8b94ef5b4d7..937b4d6e9be 100644 --- a/csharp/ql/lib/semmle/code/csharp/exprs/ComparisonOperation.qll +++ b/csharp/ql/lib/semmle/code/csharp/exprs/ComparisonOperation.qll @@ -68,9 +68,9 @@ class RelationalOperation extends ComparisonOperation, @rel_op_expr { class GTExpr extends RelationalOperation, @gt_expr { override string getOperator() { result = ">" } - override Expr getGreaterOperand() { result = getLeftOperand() } + override Expr getGreaterOperand() { result = this.getLeftOperand() } - override Expr getLesserOperand() { result = getRightOperand() } + override Expr getLesserOperand() { result = this.getRightOperand() } override string getAPrimaryQlClass() { result = "GTExpr" } } @@ -81,9 +81,9 @@ class GTExpr extends RelationalOperation, @gt_expr { class LTExpr extends RelationalOperation, @lt_expr { override string getOperator() { result = "<" } - override Expr getGreaterOperand() { result = getRightOperand() } + override Expr getGreaterOperand() { result = this.getRightOperand() } - override Expr getLesserOperand() { result = getLeftOperand() } + override Expr getLesserOperand() { result = this.getLeftOperand() } override string getAPrimaryQlClass() { result = "LTExpr" } } @@ -94,9 +94,9 @@ class LTExpr extends RelationalOperation, @lt_expr { class GEExpr extends RelationalOperation, @ge_expr { override string getOperator() { result = ">=" } - override Expr getGreaterOperand() { result = getLeftOperand() } + override Expr getGreaterOperand() { result = this.getLeftOperand() } - override Expr getLesserOperand() { result = getRightOperand() } + override Expr getLesserOperand() { result = this.getRightOperand() } override string getAPrimaryQlClass() { result = "GEExpr" } } @@ -107,9 +107,9 @@ class GEExpr extends RelationalOperation, @ge_expr { class LEExpr extends RelationalOperation, @le_expr { override string getOperator() { result = "<=" } - override Expr getGreaterOperand() { result = getRightOperand() } + override Expr getGreaterOperand() { result = this.getRightOperand() } - override Expr getLesserOperand() { result = getLeftOperand() } + override Expr getLesserOperand() { result = this.getLeftOperand() } override string getAPrimaryQlClass() { result = "LEExpr" } } diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/EntityFramework.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/EntityFramework.qll index 5f781a0407a..e0dfc0d542d 100644 --- a/csharp/ql/lib/semmle/code/csharp/frameworks/EntityFramework.qll +++ b/csharp/ql/lib/semmle/code/csharp/frameworks/EntityFramework.qll @@ -88,31 +88,6 @@ module EntityFramework { EFSummarizedCallable() { any() } } - private class DbSetAddOrUpdateRequiredSummaryComponentStack extends RequiredSummaryComponentStack { - override predicate required(SummaryComponent head, SummaryComponentStack tail) { - head = SummaryComponent::element() and - tail = SummaryComponentStack::argument([-1, 0]) - } - } - - private class DbSetAddOrUpdate extends EFSummarizedCallable { - private boolean range; - - DbSetAddOrUpdate() { this = any(DbSet c).getAnAddOrUpdateMethod(range) } - - override predicate propagatesFlow( - SummaryComponentStack input, SummaryComponentStack output, boolean preservesValue - ) { - ( - if range = true - then input = SummaryComponentStack::elementOf(SummaryComponentStack::argument(0)) - else input = SummaryComponentStack::argument(0) - ) and - output = SummaryComponentStack::elementOf(SummaryComponentStack::qualifier()) and - preservesValue = true - } - } - /** The class `Microsoft.EntityFrameworkCore.DbQuery<>` or `System.Data.Entity.DbQuery<>`. */ class DbQuery extends EFClass, UnboundGenericClass { DbQuery() { this.hasName("DbQuery<>") } diff --git a/csharp/ql/lib/semmle/code/csharp/security/cryptography/EncryptionKeyDataFlowQuery.qll b/csharp/ql/lib/semmle/code/csharp/security/cryptography/EncryptionKeyDataFlowQuery.qll index 0509066fbbc..06c46854f5b 100644 --- a/csharp/ql/lib/semmle/code/csharp/security/cryptography/EncryptionKeyDataFlowQuery.qll +++ b/csharp/ql/lib/semmle/code/csharp/security/cryptography/EncryptionKeyDataFlowQuery.qll @@ -7,7 +7,7 @@ private import semmle.code.csharp.frameworks.system.security.cryptography.Symmet /** Array of type Byte */ deprecated class ByteArray extends ArrayType { - ByteArray() { getElementType() instanceof ByteType } + ByteArray() { this.getElementType() instanceof ByteType } } /** Abstract class for all sources of keys */ @@ -31,7 +31,7 @@ abstract class KeySanitizer extends DataFlow::ExprNode { } */ class SymmetricEncryptionKeyPropertySink extends SymmetricEncryptionKeySink { SymmetricEncryptionKeyPropertySink() { - exists(SymmetricAlgorithm ag | asExpr() = ag.getKeyProperty().getAnAssignedValue()) + exists(SymmetricAlgorithm ag | this.asExpr() = ag.getKeyProperty().getAnAssignedValue()) } override string getDescription() { result = "Key property assignment" } @@ -43,7 +43,7 @@ class SymmetricEncryptionKeyPropertySink extends SymmetricEncryptionKeySink { class SymmetricEncryptionCreateEncryptorSink extends SymmetricEncryptionKeySink { SymmetricEncryptionCreateEncryptorSink() { exists(SymmetricAlgorithm ag, MethodCall mc | mc = ag.getASymmetricEncryptor() | - asExpr() = mc.getArgumentForName("rgbKey") + this.asExpr() = mc.getArgumentForName("rgbKey") ) } @@ -56,7 +56,7 @@ class SymmetricEncryptionCreateEncryptorSink extends SymmetricEncryptionKeySink class SymmetricEncryptionCreateDecryptorSink extends SymmetricEncryptionKeySink { SymmetricEncryptionCreateDecryptorSink() { exists(SymmetricAlgorithm ag, MethodCall mc | mc = ag.getASymmetricDecryptor() | - asExpr() = mc.getArgumentForName("rgbKey") + this.asExpr() = mc.getArgumentForName("rgbKey") ) } diff --git a/csharp/ql/lib/semmle/code/csharp/security/dataflow/CodeInjectionQuery.qll b/csharp/ql/lib/semmle/code/csharp/security/dataflow/CodeInjectionQuery.qll index 76a9a495637..cd035de9414 100644 --- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/CodeInjectionQuery.qll +++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/CodeInjectionQuery.qll @@ -97,5 +97,5 @@ class RoslynCSharpScriptSink extends Sink { /** Code injection sinks defined through CSV models. */ private class ExternalCodeInjectionExprSink extends Sink { - ExternalCodeInjectionExprSink() { sinkNode(this, "code") } + ExternalCodeInjectionExprSink() { sinkNode(this, "code-injection") } } diff --git a/csharp/ql/lib/semmle/code/csharp/security/dataflow/ExternalAPIsQuery.qll b/csharp/ql/lib/semmle/code/csharp/security/dataflow/ExternalAPIsQuery.qll index 235897f0742..975dae84fcb 100644 --- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/ExternalAPIsQuery.qll +++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/ExternalAPIsQuery.qll @@ -14,9 +14,6 @@ private import semmle.code.csharp.dataflow.FlowSummary */ abstract class SafeExternalApiCallable extends Callable { } -/** DEPRECATED: Alias for SafeExternalApiCallable */ -deprecated class SafeExternalAPICallable = SafeExternalApiCallable; - private class SummarizedCallableSafe extends SafeExternalApiCallable instanceof SummarizedCallable { } @@ -87,9 +84,6 @@ class ExternalApiDataNode extends DataFlow::Node { } } -/** DEPRECATED: Alias for ExternalApiDataNode */ -deprecated class ExternalAPIDataNode = ExternalApiDataNode; - /** * DEPRECATED: Use `RemoteSourceToExternalApi` instead. * @@ -113,9 +107,6 @@ private module RemoteSourceToExternalApiConfig implements DataFlow::ConfigSig { /** A module for tracking flow from `RemoteFlowSource`s to `ExternalApiDataNode`s. */ module RemoteSourceToExternalApi = TaintTracking::Global; -/** DEPRECATED: Alias for UntrustedDataToExternalApiConfig */ -deprecated class UntrustedDataToExternalAPIConfig = UntrustedDataToExternalApiConfig; - /** A node representing untrusted data being passed to an external API. */ class UntrustedExternalApiDataNode extends ExternalApiDataNode { UntrustedExternalApiDataNode() { RemoteSourceToExternalApi::flow(_, this) } @@ -124,9 +115,6 @@ class UntrustedExternalApiDataNode extends ExternalApiDataNode { DataFlow::Node getAnUntrustedSource() { RemoteSourceToExternalApi::flow(result, this) } } -/** DEPRECATED: Alias for UntrustedExternalApiDataNode */ -deprecated class UntrustedExternalAPIDataNode = UntrustedExternalApiDataNode; - /** An external API which is used with untrusted data. */ private newtype TExternalApi = /** An untrusted API method `m` where untrusted data is passed at `index`. */ @@ -161,6 +149,3 @@ class ExternalApiUsedWithUntrustedData extends TExternalApi { ) } } - -/** DEPRECATED: Alias for ExternalApiUsedWithUntrustedData */ -deprecated class ExternalAPIUsedWithUntrustedData = ExternalApiUsedWithUntrustedData; diff --git a/csharp/ql/lib/semmle/code/csharp/security/dataflow/LDAPInjectionQuery.qll b/csharp/ql/lib/semmle/code/csharp/security/dataflow/LDAPInjectionQuery.qll index 838fb2f373b..c059cb7523c 100644 --- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/LDAPInjectionQuery.qll +++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/LDAPInjectionQuery.qll @@ -155,9 +155,6 @@ class LdapEncodeSanitizer extends Sanitizer { } } -/** DEPRECATED: Alias for LdapEncodeSanitizer */ -deprecated class LDAPEncodeSanitizer = LdapEncodeSanitizer; - private class SimpleTypeSanitizer extends Sanitizer, SimpleTypeSanitizedExpr { } private class GuidSanitizer extends Sanitizer, GuidSanitizedExpr { } diff --git a/csharp/ql/lib/semmle/code/csharp/security/dataflow/SqlInjectionQuery.qll b/csharp/ql/lib/semmle/code/csharp/security/dataflow/SqlInjectionQuery.qll index 3cac542cb36..61b2491753a 100644 --- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/SqlInjectionQuery.qll +++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/SqlInjectionQuery.qll @@ -78,7 +78,7 @@ class SqlInjectionExprSink extends Sink { /** SQL sinks defined through CSV models. */ private class ExternalSqlInjectionExprSink extends Sink { - ExternalSqlInjectionExprSink() { sinkNode(this, "sql") } + ExternalSqlInjectionExprSink() { sinkNode(this, "sql-injection") } } private class SimpleTypeSanitizer extends Sanitizer, SimpleTypeSanitizedExpr { } diff --git a/csharp/ql/lib/semmle/code/csharp/security/dataflow/XSSSinks.qll b/csharp/ql/lib/semmle/code/csharp/security/dataflow/XSSSinks.qll index 0232d9462e2..65ac1687714 100644 --- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/XSSSinks.qll +++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/XSSSinks.qll @@ -24,7 +24,7 @@ abstract class Sink extends DataFlow::ExprNode, RemoteFlowSink { } private class ExternalXssSink extends Sink { - ExternalXssSink() { sinkNode(this, "xss") } + ExternalXssSink() { sinkNode(this, "js-injection") } } private class HtmlSinkSink extends Sink instanceof HtmlSink { diff --git a/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsinks/ExternalLocationSink.qll b/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsinks/ExternalLocationSink.qll index 26b75f06269..1baeff7641b 100644 --- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsinks/ExternalLocationSink.qll +++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsinks/ExternalLocationSink.qll @@ -19,14 +19,21 @@ private import semmle.code.csharp.dataflow.ExternalFlow abstract class ExternalLocationSink extends DataFlow::ExprNode { } private class ExternalModelSink extends ExternalLocationSink { - ExternalModelSink() { sinkNode(this, "remote") } + ExternalModelSink() { sinkNode(this, "file-content-store") } } /** * An argument to a call to a method on a logger class. */ class LogMessageSink extends ExternalLocationSink { - LogMessageSink() { this.getExpr() = any(LoggerType i).getAMethod().getACall().getAnArgument() } + LogMessageSink() { + this.getExpr() = any(LoggerType i).getAMethod().getACall().getAnArgument() + or + this.getExpr() = + any(ExtensionMethodCall call | + call.getTarget().(ExtensionMethod).getExtendedType() instanceof LoggerType + ).getArgument(any(int i | i > 0)) + } } /** diff --git a/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsinks/Html.qll b/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsinks/Html.qll index 8e83122e2bf..318e298ae1f 100644 --- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsinks/Html.qll +++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsinks/Html.qll @@ -23,7 +23,7 @@ private import semmle.code.asp.AspNet abstract class HtmlSink extends DataFlow::ExprNode, RemoteFlowSink { } private class ExternalHtmlSink extends HtmlSink { - ExternalHtmlSink() { sinkNode(this, "html") } + ExternalHtmlSink() { sinkNode(this, "html-injection") } } /** diff --git a/csharp/ql/src/Bad Practices/Comments/CommentedOutCode.ql b/csharp/ql/src/Bad Practices/Comments/CommentedOutCode.ql index fd2954ae4d8..c079cc16a2a 100644 --- a/csharp/ql/src/Bad Practices/Comments/CommentedOutCode.ql +++ b/csharp/ql/src/Bad Practices/Comments/CommentedOutCode.ql @@ -14,8 +14,8 @@ import csharp class CommentedOutCode extends CommentBlock { CommentedOutCode() { - not isXmlCommentBlock() and - 2 * count(getAProbableCodeLine()) > count(getANonEmptyLine()) + not this.isXmlCommentBlock() and + 2 * count(this.getAProbableCodeLine()) > count(this.getANonEmptyLine()) } } diff --git a/csharp/ql/src/Bad Practices/Implementation Hiding/ExposeRepresentation.ql b/csharp/ql/src/Bad Practices/Implementation Hiding/ExposeRepresentation.ql index e9f9b6cb8c6..3aec796daf7 100644 --- a/csharp/ql/src/Bad Practices/Implementation Hiding/ExposeRepresentation.ql +++ b/csharp/ql/src/Bad Practices/Implementation Hiding/ExposeRepresentation.ql @@ -78,4 +78,4 @@ where exposesByStore(c, f, why, whyText) select c, "'" + c.getName() + "' exposes the internal representation stored in field '" + f.getName() + - "'. The value may be modified $@.", why.getLocation(), whyText + "'. The value may be modified $@.", why, whyText diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md index fb6006fc6f9..e214ec42a03 100644 --- a/csharp/ql/src/CHANGELOG.md +++ b/csharp/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.6.2 + +No user-facing changes. + ## 0.6.1 ### Minor Analysis Improvements diff --git a/csharp/ql/src/Complexity/ComplexCondition.ql b/csharp/ql/src/Complexity/ComplexCondition.ql index 2ebbaa8a362..2813db1cda5 100644 --- a/csharp/ql/src/Complexity/ComplexCondition.ql +++ b/csharp/ql/src/Complexity/ComplexCondition.ql @@ -26,4 +26,4 @@ where operators = count(BinaryLogicalOperation op | logicalParent*(op, e) and nontrivialLogicalOperator(op)) and operators > 3 -select e.getLocation(), "Complex condition: too many logical operations in this expression." +select e, "Complex condition: too many logical operations in this expression." diff --git a/csharp/ql/src/Dead Code/DeadRefTypes.ql b/csharp/ql/src/Dead Code/DeadRefTypes.ql index d881e715f48..b504db1abe3 100644 --- a/csharp/ql/src/Dead Code/DeadRefTypes.ql +++ b/csharp/ql/src/Dead Code/DeadRefTypes.ql @@ -22,7 +22,7 @@ predicate potentiallyUsedFromXaml(RefType t) { class ExportAttribute extends Attribute { ExportAttribute() { - getType().hasQualifiedName("System.ComponentModel.Composition", "ExportAttribute") + this.getType().hasQualifiedName("System.ComponentModel.Composition", "ExportAttribute") } } diff --git a/csharp/ql/src/Language Abuse/MissedUsingOpportunity.ql b/csharp/ql/src/Language Abuse/MissedUsingOpportunity.ql index 5fdcfb64eee..1e3534dee69 100644 --- a/csharp/ql/src/Language Abuse/MissedUsingOpportunity.ql +++ b/csharp/ql/src/Language Abuse/MissedUsingOpportunity.ql @@ -14,12 +14,12 @@ import semmle.code.csharp.frameworks.System /** A call to IDisposable.Dispose or a method that overrides it. */ class DisposeCall extends MethodCall { - DisposeCall() { getTarget() instanceof DisposeMethod } + DisposeCall() { this.getTarget() instanceof DisposeMethod } /** The object being disposed by the call (provided it can be easily determined). */ Variable getDisposee() { exists(VariableAccess va | - va = getQualifier().stripCasts() and + va = this.getQualifier().stripCasts() and result = va.getTarget() ) } diff --git a/csharp/ql/src/Likely Bugs/Collections/ContainerSizeCmpZero.ql b/csharp/ql/src/Likely Bugs/Collections/ContainerSizeCmpZero.ql index f281601a554..d2a27bee90c 100644 --- a/csharp/ql/src/Likely Bugs/Collections/ContainerSizeCmpZero.ql +++ b/csharp/ql/src/Likely Bugs/Collections/ContainerSizeCmpZero.ql @@ -38,7 +38,7 @@ private predicate containerSizeAccess(PropertyAccess pa, string containerKind) { } class ZeroLiteral extends Expr { - ZeroLiteral() { getValue() = "0" } + ZeroLiteral() { this.getValue() = "0" } } /** diff --git a/csharp/ql/src/Likely Bugs/DangerousNonShortCircuitLogic.ql b/csharp/ql/src/Likely Bugs/DangerousNonShortCircuitLogic.ql index a789aeab8d7..6091b0f79a3 100644 --- a/csharp/ql/src/Likely Bugs/DangerousNonShortCircuitLogic.ql +++ b/csharp/ql/src/Likely Bugs/DangerousNonShortCircuitLogic.ql @@ -41,9 +41,9 @@ class NonShortCircuit extends BinaryBitwiseOperation { this instanceof BitwiseOrExpr ) and not exists(AssignBitwiseOperation abo | abo.getExpandedAssignment().getRValue() = this) and - getLeftOperand().getType() instanceof BoolType and - getRightOperand().getType() instanceof BoolType and - getRightOperand() instanceof DangerousExpression + this.getLeftOperand().getType() instanceof BoolType and + this.getRightOperand().getType() instanceof BoolType and + this.getRightOperand() instanceof DangerousExpression } } diff --git a/csharp/ql/src/Likely Bugs/Dynamic/BadDynamicCall.ql b/csharp/ql/src/Likely Bugs/Dynamic/BadDynamicCall.ql index 00513778cc3..6044ebbbb5e 100644 --- a/csharp/ql/src/Likely Bugs/Dynamic/BadDynamicCall.ql +++ b/csharp/ql/src/Likely Bugs/Dynamic/BadDynamicCall.ql @@ -20,7 +20,7 @@ abstract class BadDynamicCall extends DynamicExpr { abstract AssignableRead getARelevantVariableAccess(int i); Type possibleBadTypeForRelevantSource(Variable v, int i, Expr source) { - exists(Type t | t = possibleTypeForRelevantSource(v, i, source) | + exists(Type t | t = this.possibleTypeForRelevantSource(v, i, source) | // If the source can have the type of an interface or an abstract class, // then all possible sub types are, in principle, possible t instanceof Interface and result.isImplicitlyConvertibleTo(t) @@ -37,7 +37,7 @@ abstract class BadDynamicCall extends DynamicExpr { private Type possibleTypeForRelevantSource(Variable v, int i, Expr source) { exists(AssignableRead read, Ssa::Definition ssaDef, Ssa::ExplicitDefinition ultimateSsaDef | - read = getARelevantVariableAccess(i) and + read = this.getARelevantVariableAccess(i) and v = read.getTarget() and result = source.getType() and read = ssaDef.getARead() and @@ -55,28 +55,30 @@ abstract class BadDynamicCall extends DynamicExpr { } class BadDynamicMethodCall extends BadDynamicCall, DynamicMethodCall { - override AssignableRead getARelevantVariableAccess(int i) { result = getQualifier() and i = -1 } + override AssignableRead getARelevantVariableAccess(int i) { + result = this.getQualifier() and i = -1 + } override predicate isBad(Variable v, ValueOrRefType pt, Expr pts, string message, string target) { - pt = possibleBadTypeForRelevantSource(v, -1, pts) and - not exists(Method m | m = getARuntimeTarget() | + pt = this.possibleBadTypeForRelevantSource(v, -1, pts) and + not exists(Method m | m = this.getARuntimeTarget() | pt.isImplicitlyConvertibleTo(m.getDeclaringType()) ) and message = "The $@ of this dynamic method invocation can obtain (from $@) type $@, which does not have a method '" - + getLateBoundTargetName() + "' with the appropriate signature." and + + this.getLateBoundTargetName() + "' with the appropriate signature." and target = "target" } } class BadDynamicOperatorCall extends BadDynamicCall, DynamicOperatorCall { - override AssignableRead getARelevantVariableAccess(int i) { result = getRuntimeArgument(i) } + override AssignableRead getARelevantVariableAccess(int i) { result = this.getRuntimeArgument(i) } override predicate isBad(Variable v, ValueOrRefType pt, Expr pts, string message, string target) { exists(int i | - pt = possibleBadTypeForRelevantSource(v, i, pts) and + pt = this.possibleBadTypeForRelevantSource(v, i, pts) and not pt.containsTypeParameters() and - not exists(Type paramType | paramType = getADynamicParameterType(_, i) | + not exists(Type paramType | paramType = this.getADynamicParameterType(_, i) | pt.isImplicitlyConvertibleTo(paramType) or // If either the argument type or the parameter type contains type parameters, @@ -93,11 +95,11 @@ class BadDynamicOperatorCall extends BadDynamicCall, DynamicOperatorCall { ) and message = "The $@ of this dynamic operator can obtain (from $@) type $@, which does not match an operator '" - + getLateBoundTargetName() + "' with the appropriate signature." + + this.getLateBoundTargetName() + "' with the appropriate signature." } private Type getADynamicParameterType(Operator o, int i) { - o = getARuntimeTarget() and + o = this.getARuntimeTarget() and result = o.getParameter(i).getType() } } diff --git a/csharp/ql/src/Likely Bugs/ObjectComparison.ql b/csharp/ql/src/Likely Bugs/ObjectComparison.ql index e1c28c2949b..53b525b6072 100644 --- a/csharp/ql/src/Likely Bugs/ObjectComparison.ql +++ b/csharp/ql/src/Likely Bugs/ObjectComparison.ql @@ -27,26 +27,26 @@ class ReferenceEqualityTestOnObject extends EqualityOperation { // One or both of the operands has type object or interface. exists(getObjectOperand(this)) and // Neither operand is 'null'. - not getAnOperand() instanceof NullLiteral and - not exists(Type t | t = getAnOperand().stripImplicitCasts().getType() | + not this.getAnOperand() instanceof NullLiteral and + not exists(Type t | t = this.getAnOperand().stripImplicitCasts().getType() | t instanceof NullType or t instanceof ValueType ) and // Neither operand is a constant - a reference comparison may well be intended for those. - not getAnOperand().(FieldAccess).getTarget().isReadOnly() and - not getAnOperand().hasValue() and + not this.getAnOperand().(FieldAccess).getTarget().isReadOnly() and + not this.getAnOperand().hasValue() and // Not a short-cut test in a custom `Equals` method not exists(EqualsMethod m | - getEnclosingCallable() = m and - getAnOperand() instanceof ThisAccess and - getAnOperand() = m.getParameter(0).getAnAccess() + this.getEnclosingCallable() = m and + this.getAnOperand() instanceof ThisAccess and + this.getAnOperand() = m.getParameter(0).getAnAccess() ) and // Reference comparisons in Moq methods are used to define mocks not exists(MethodCall mc, Namespace n | mc.getTarget().getDeclaringType().getNamespace().getParentNamespace*() = n and n.hasName("Moq") and not exists(n.getParentNamespace()) and - mc.getAnArgument() = getEnclosingCallable() + mc.getAnArgument() = this.getEnclosingCallable() ) } @@ -54,7 +54,7 @@ class ReferenceEqualityTestOnObject extends EqualityOperation { result = getObjectOperand(this) and // Avoid duplicate results: only include left operand if both operands // have object type - (result = getRightOperand() implies not getLeftOperand() = getObjectOperand(this)) + (result = this.getRightOperand() implies not this.getLeftOperand() = getObjectOperand(this)) } } diff --git a/csharp/ql/src/Likely Bugs/PossibleLossOfPrecision.ql b/csharp/ql/src/Likely Bugs/PossibleLossOfPrecision.ql index ecd0103a5bd..1f97debc4ef 100644 --- a/csharp/ql/src/Likely Bugs/PossibleLossOfPrecision.ql +++ b/csharp/ql/src/Likely Bugs/PossibleLossOfPrecision.ql @@ -50,7 +50,7 @@ abstract class LossOfPrecision extends Expr { Type convertedType; LossOfPrecision() { - getType() instanceof IntegralType and + this.getType() instanceof IntegralType and convertedToFloatOrDecimal(this, convertedType) } diff --git a/csharp/ql/src/Likely Bugs/Statements/UseBraces.ql b/csharp/ql/src/Likely Bugs/Statements/UseBraces.ql index 4b3fa2096a7..a557200e8ea 100644 --- a/csharp/ql/src/Likely Bugs/Statements/UseBraces.ql +++ b/csharp/ql/src/Likely Bugs/Statements/UseBraces.ql @@ -26,11 +26,11 @@ Stmt getASuccessorStmt(Stmt s) { } class IfThenStmt extends IfStmt { - IfThenStmt() { not exists(getElse()) } + IfThenStmt() { not exists(this.getElse()) } } class IfThenElseStmt extends IfStmt { - IfThenElseStmt() { exists(getElse()) } + IfThenElseStmt() { exists(this.getElse()) } } Stmt getTrailingBody(Stmt s) { @@ -49,16 +49,16 @@ abstract class UnbracedControlStmt extends Stmt { abstract Stmt getSuccessorStmt(); private Stmt getACandidate() { - getSuccessorStmt() = result and + this.getSuccessorStmt() = result and getBlockStmt(this) = getBlockStmt(result) } - private Location getBodyLocation() { result = getBody().getLocation() } + private Location getBodyLocation() { result = this.getBody().getLocation() } pragma[noopt] Stmt getAConfusingTrailingStmt() { - result = getACandidate() and - exists(Location l1, Location l2 | l1 = getBodyLocation() and l2 = result.getLocation() | + result = this.getACandidate() and + exists(Location l1, Location l2 | l1 = this.getBodyLocation() and l2 = result.getLocation() | // This test is slightly unreliable // because tabs are counted as 1 column. // But it's accurate enough to be useful, and will @@ -79,7 +79,7 @@ class UnbracedIfStmt extends UnbracedControlStmt { override Stmt getBody() { result = getTrailingBody(this) } override Stmt getSuccessorStmt() { - result = getASuccessorStmt(getBody()) and + result = getASuccessorStmt(this.getBody()) and result != this } } @@ -95,7 +95,7 @@ class UnbracedLoopStmt extends UnbracedControlStmt { override Stmt getSuccessorStmt() { result = getASuccessorStmt(this) and - result != getBody() + result != this.getBody() } } diff --git a/csharp/ql/src/Security Features/CWE-352/MissingAntiForgeryTokenValidation.ql b/csharp/ql/src/Security Features/CWE-352/MissingAntiForgeryTokenValidation.ql index e50566d6ca9..3b56d3d7377 100644 --- a/csharp/ql/src/Security Features/CWE-352/MissingAntiForgeryTokenValidation.ql +++ b/csharp/ql/src/Security Features/CWE-352/MissingAntiForgeryTokenValidation.ql @@ -19,7 +19,7 @@ import semmle.code.csharp.frameworks.system.web.Mvc /** An `AuthorizationFilter` that calls the `AntiForgery.Validate` method. */ class AntiForgeryAuthorizationFilter extends AuthorizationFilter { AntiForgeryAuthorizationFilter() { - getOnAuthorizationMethod().calls*(any(AntiForgeryClass a).getValidateMethod()) + this.getOnAuthorizationMethod().calls*(any(AntiForgeryClass a).getValidateMethod()) } } diff --git a/csharp/ql/src/change-notes/released/0.6.2.md b/csharp/ql/src/change-notes/released/0.6.2.md new file mode 100644 index 00000000000..43f80640fc5 --- /dev/null +++ b/csharp/ql/src/change-notes/released/0.6.2.md @@ -0,0 +1,3 @@ +## 0.6.2 + +No user-facing changes. diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml index 80fb0899f64..5501a2a1cc5 100644 --- a/csharp/ql/src/codeql-pack.release.yml +++ b/csharp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.1 +lastReleaseVersion: 0.6.2 diff --git a/csharp/ql/src/experimental/dataflow/flowsources/AuthCookie.qll b/csharp/ql/src/experimental/dataflow/flowsources/AuthCookie.qll index 60ea37b39db..73fbc2af3fe 100644 --- a/csharp/ql/src/experimental/dataflow/flowsources/AuthCookie.qll +++ b/csharp/ql/src/experimental/dataflow/flowsources/AuthCookie.qll @@ -191,7 +191,7 @@ abstract private class OnAppendCookieTrackingConfig extends DataFlow::Configurat override predicate isSink(DataFlow::Node sink) { exists(PropertyWrite pw, Assignment a | pw.getProperty().getDeclaringType() instanceof MicrosoftAspNetCoreHttpCookieOptions and - pw.getProperty().getName() = propertyName() and + pw.getProperty().getName() = this.propertyName() and a.getLValue() = pw and exists(Expr val | DataFlow::localExprFlow(val, a.getRValue()) and diff --git a/csharp/ql/src/experimental/ir/implementation/IRType.qll b/csharp/ql/src/experimental/ir/implementation/IRType.qll index e0bccafae6b..9fbcf8c4a3b 100644 --- a/csharp/ql/src/experimental/ir/implementation/IRType.qll +++ b/csharp/ql/src/experimental/ir/implementation/IRType.qll @@ -39,7 +39,7 @@ class IRType extends TIRType { * Gets a string that uniquely identifies this `IRType`. This string is often the same as the * result of `IRType.toString()`, but for some types it may be more verbose to ensure uniqueness. */ - string getIdentityString() { result = toString() } + string getIdentityString() { result = this.toString() } /** * Gets the size of the type, in bytes, if known. @@ -206,7 +206,7 @@ class IRFloatingPointType extends IRNumericType, TIRFloatingPointType { IRFloatingPointType() { this = TIRFloatingPointType(_, base, domain) } final override string toString() { - result = getDomainPrefix() + getBaseString() + byteSize.toString() + result = this.getDomainPrefix() + this.getBaseString() + byteSize.toString() } final override Language::LanguageType getCanonicalLanguageType() { diff --git a/csharp/ql/src/experimental/ir/implementation/Opcode.qll b/csharp/ql/src/experimental/ir/implementation/Opcode.qll index 7b064340ffe..a9ecdf46984 100644 --- a/csharp/ql/src/experimental/ir/implementation/Opcode.qll +++ b/csharp/ql/src/experimental/ir/implementation/Opcode.qll @@ -135,11 +135,11 @@ class Opcode extends TOpcode { * Holds if the instruction must have an operand with the specified `OperandTag`. */ final predicate hasOperand(OperandTag tag) { - hasOperandInternal(tag) + this.hasOperandInternal(tag) or - hasAddressOperand() and tag instanceof AddressOperandTag + this.hasAddressOperand() and tag instanceof AddressOperandTag or - hasBufferSizeOperand() and tag instanceof BufferSizeOperandTag + this.hasBufferSizeOperand() and tag instanceof BufferSizeOperandTag } /** diff --git a/csharp/ql/src/experimental/ir/implementation/internal/OperandTag.qll b/csharp/ql/src/experimental/ir/implementation/internal/OperandTag.qll index 21dfedd95cd..f2e23b01a13 100644 --- a/csharp/ql/src/experimental/ir/implementation/internal/OperandTag.qll +++ b/csharp/ql/src/experimental/ir/implementation/internal/OperandTag.qll @@ -40,7 +40,9 @@ abstract class OperandTag extends TOperandTag { /** * Gets a label that will appear before the operand when the IR is printed. */ - final string getLabel() { if alwaysPrintLabel() then result = getId() + ":" else result = "" } + final string getLabel() { + if this.alwaysPrintLabel() then result = this.getId() + ":" else result = "" + } /** * Gets an identifier that uniquely identifies this operand within its instruction. diff --git a/csharp/ql/src/experimental/ir/implementation/internal/TInstruction.qll b/csharp/ql/src/experimental/ir/implementation/internal/TInstruction.qll index 169de03c2dc..bb3eb683653 100644 --- a/csharp/ql/src/experimental/ir/implementation/internal/TInstruction.qll +++ b/csharp/ql/src/experimental/ir/implementation/internal/TInstruction.qll @@ -73,9 +73,6 @@ module UnaliasedSsaInstructions { } } -/** DEPRECATED: Alias for UnaliasedSsaInstructions */ -deprecated module UnaliasedSSAInstructions = UnaliasedSsaInstructions; - /** * Provides wrappers for the constructors of each branch of `TInstruction` that is used by the * aliased SSA stage. @@ -107,6 +104,3 @@ module AliasedSsaInstructions { result = TAliasedSsaUnreachedInstruction(irFunc) } } - -/** DEPRECATED: Alias for AliasedSsaInstructions */ -deprecated module AliasedSSAInstructions = AliasedSsaInstructions; diff --git a/csharp/ql/src/experimental/ir/implementation/internal/TOperand.qll b/csharp/ql/src/experimental/ir/implementation/internal/TOperand.qll index 6327c603901..cf8a6a9b7b1 100644 --- a/csharp/ql/src/experimental/ir/implementation/internal/TOperand.qll +++ b/csharp/ql/src/experimental/ir/implementation/internal/TOperand.qll @@ -59,20 +59,12 @@ private module Shared { class TNonSsaMemoryOperand = Internal::TNonSsaMemoryOperand; - /** DEPRECATED: Alias for TNonSsaMemoryOperand */ - deprecated class TNonSSAMemoryOperand = TNonSsaMemoryOperand; - /** * Returns the non-Phi memory operand with the specified parameters. */ TNonSsaMemoryOperand nonSsaMemoryOperand(TRawInstruction useInstr, MemoryOperandTag tag) { result = Internal::TNonSsaMemoryOperand(useInstr, tag) } - - /** DEPRECATED: Alias for nonSsaMemoryOperand */ - deprecated TNonSSAMemoryOperand nonSSAMemoryOperand(TRawInstruction useInstr, MemoryOperandTag tag) { - result = nonSsaMemoryOperand(useInstr, tag) - } } /** @@ -156,6 +148,3 @@ module UnaliasedSsaOperands { */ TChiOperand chiOperand(Unaliased::Instruction useInstr, ChiOperandTag tag) { none() } } - -/** DEPRECATED: Alias for UnaliasedSsaOperands */ -deprecated module UnaliasedSSAOperands = UnaliasedSsaOperands; diff --git a/csharp/ql/src/experimental/ir/implementation/raw/IR.qll b/csharp/ql/src/experimental/ir/implementation/raw/IR.qll index c96783fe6e8..79873d8366e 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/IR.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/IR.qll @@ -77,4 +77,16 @@ class IRPropertyProvider extends TIRPropertyProvider { * Gets the value of the property named `key` for the specified operand. */ string getOperandProperty(Operand operand, string key) { none() } + + /** + * Holds if the instruction `instr` should be included when printing + * the IR instructions. + */ + predicate shouldPrintInstruction(Instruction instr) { any() } + + /** + * Holds if the operand `operand` should be included when printing the an + * instruction's operand list. + */ + predicate shouldPrintOperand(Operand operand) { any() } } diff --git a/csharp/ql/src/experimental/ir/implementation/raw/IRFunction.qll b/csharp/ql/src/experimental/ir/implementation/raw/IRFunction.qll index 5968e58f90b..354ba41e3d1 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/IRFunction.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/IRFunction.qll @@ -45,7 +45,9 @@ class IRFunction extends IRFunctionBase { * Gets the block containing the entry point of this function. */ pragma[noinline] - final IRBlock getEntryBlock() { result.getFirstInstruction() = getEnterFunctionInstruction() } + final IRBlock getEntryBlock() { + result.getFirstInstruction() = this.getEnterFunctionInstruction() + } /** * Gets all instructions in this function. diff --git a/csharp/ql/src/experimental/ir/implementation/raw/IRVariable.qll b/csharp/ql/src/experimental/ir/implementation/raw/IRVariable.qll index c92082d767d..b31c7898ba7 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/IRVariable.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/IRVariable.qll @@ -39,12 +39,12 @@ class IRVariable extends TIRVariable { /** * Gets the type of the variable. */ - final Language::Type getType() { getLanguageType().hasType(result, false) } + final Language::Type getType() { this.getLanguageType().hasType(result, false) } /** * Gets the language-neutral type of the variable. */ - final IRType getIRType() { result = getLanguageType().getIRType() } + final IRType getIRType() { result = this.getLanguageType().getIRType() } /** * Gets the type of the variable. @@ -58,7 +58,7 @@ class IRVariable extends TIRVariable { Language::AST getAst() { none() } /** DEPRECATED: Alias for getAst */ - deprecated Language::AST getAST() { result = getAst() } + deprecated Language::AST getAST() { result = this.getAst() } /** * Gets an identifier string for the variable. This identifier is unique @@ -69,7 +69,7 @@ class IRVariable extends TIRVariable { /** * Gets the source location of this variable. */ - final Language::Location getLocation() { result = getAst().getLocation() } + final Language::Location getLocation() { result = this.getAst().getLocation() } /** * Gets the IR for the function that references this variable. @@ -91,15 +91,15 @@ class IRUserVariable extends IRVariable, TIRUserVariable { IRUserVariable() { this = TIRUserVariable(var, type, func) } - final override string toString() { result = getVariable().toString() } + final override string toString() { result = this.getVariable().toString() } final override Language::AST getAst() { result = var } /** DEPRECATED: Alias for getAst */ - deprecated override Language::AST getAST() { result = getAst() } + deprecated override Language::AST getAST() { result = this.getAst() } final override string getUniqueId() { - result = getVariable().toString() + " " + getVariable().getLocation().toString() + result = this.getVariable().toString() + " " + this.getVariable().getLocation().toString() } final override Language::LanguageType getLanguageType() { result = type } @@ -166,9 +166,9 @@ class IRGeneratedVariable extends IRVariable { final override Language::AST getAst() { result = ast } /** DEPRECATED: Alias for getAst */ - deprecated override Language::AST getAST() { result = getAst() } + deprecated override Language::AST getAST() { result = this.getAst() } - override string toString() { result = getBaseString() + getLocationString() } + override string toString() { result = this.getBaseString() + this.getLocationString() } override string getUniqueId() { none() } @@ -272,7 +272,7 @@ class IRStringLiteral extends IRGeneratedVariable, TIRStringLiteral { final override predicate isReadOnly() { any() } final override string getUniqueId() { - result = "String: " + getLocationString() + "=" + Language::getStringLiteralText(literal) + result = "String: " + this.getLocationString() + "=" + Language::getStringLiteralText(literal) } final override string getBaseString() { result = "#string" } @@ -303,7 +303,8 @@ class IRDynamicInitializationFlag extends IRGeneratedVariable, TIRDynamicInitial final Language::Variable getVariable() { result = var } final override string getUniqueId() { - result = "Init: " + getVariable().toString() + " " + getVariable().getLocation().toString() + result = + "Init: " + this.getVariable().toString() + " " + this.getVariable().getLocation().toString() } final override string getBaseString() { result = "#init:" + var.toString() + ":" } @@ -332,5 +333,5 @@ class IRParameter extends IRAutomaticVariable { * An IR variable representing a positional parameter. */ class IRPositionalParameter extends IRParameter, IRAutomaticUserVariable { - final override int getIndex() { result = getVariable().(Language::Parameter).getIndex() } + final override int getIndex() { result = this.getVariable().(Language::Parameter).getIndex() } } diff --git a/csharp/ql/src/experimental/ir/implementation/raw/Instruction.qll b/csharp/ql/src/experimental/ir/implementation/raw/Instruction.qll index 0aa7c552638..1b5ea432946 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/Instruction.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/Instruction.qll @@ -210,9 +210,6 @@ class Instruction extends Construction::TStageInstruction { */ final Language::AST getAst() { result = Construction::getInstructionAst(this) } - /** DEPRECATED: Alias for getAst */ - deprecated Language::AST getAST() { result = this.getAst() } - /** * Gets the location of the source code for this instruction. */ @@ -463,9 +460,6 @@ class VariableInstruction extends Instruction { * Gets the AST variable that this instruction's IR variable refers to, if one exists. */ final Language::Variable getAstVariable() { result = var.(IRUserVariable).getVariable() } - - /** DEPRECATED: Alias for getAstVariable */ - deprecated Language::Variable getASTVariable() { result = this.getAstVariable() } } /** diff --git a/csharp/ql/src/experimental/ir/implementation/raw/PrintIR.qll b/csharp/ql/src/experimental/ir/implementation/raw/PrintIR.qll index aae12b0047a..b9106a7bfc7 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/PrintIR.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/PrintIR.qll @@ -42,6 +42,14 @@ private predicate shouldPrintFunction(Language::Declaration decl) { exists(PrintIRConfiguration config | config.shouldPrintFunction(decl)) } +private predicate shouldPrintInstruction(Instruction i) { + exists(IRPropertyProvider provider | provider.shouldPrintInstruction(i)) +} + +private predicate shouldPrintOperand(Operand operand) { + exists(IRPropertyProvider provider | provider.shouldPrintOperand(operand)) +} + private string getAdditionalInstructionProperty(Instruction instr, string key) { exists(IRPropertyProvider provider | result = provider.getInstructionProperty(instr, key)) } @@ -84,7 +92,9 @@ private string getOperandPropertyString(Operand operand) { private newtype TPrintableIRNode = TPrintableIRFunction(IRFunction irFunc) { shouldPrintFunction(irFunc.getFunction()) } or TPrintableIRBlock(IRBlock block) { shouldPrintFunction(block.getEnclosingFunction()) } or - TPrintableInstruction(Instruction instr) { shouldPrintFunction(instr.getEnclosingFunction()) } + TPrintableInstruction(Instruction instr) { + shouldPrintInstruction(instr) and shouldPrintFunction(instr.getEnclosingFunction()) + } /** * A node to be emitted in the IR graph. @@ -127,13 +137,13 @@ abstract private class PrintableIRNode extends TPrintableIRNode { * Gets the value of the node property with the specified key. */ string getProperty(string key) { - key = "semmle.label" and result = getLabel() + key = "semmle.label" and result = this.getLabel() or - key = "semmle.order" and result = getOrder().toString() + key = "semmle.order" and result = this.getOrder().toString() or - key = "semmle.graphKind" and result = getGraphKind() + key = "semmle.graphKind" and result = this.getGraphKind() or - key = "semmle.forceText" and forceText() and result = "true" + key = "semmle.forceText" and this.forceText() and result = "true" } } @@ -178,7 +188,7 @@ private class PrintableIRBlock extends PrintableIRNode, TPrintableIRBlock { PrintableIRBlock() { this = TPrintableIRBlock(block) } - override string toString() { result = getLabel() } + override string toString() { result = this.getLabel() } override Language::Location getLocation() { result = block.getLocation() } @@ -223,7 +233,7 @@ private class PrintableInstruction extends PrintableIRNode, TPrintableInstructio | resultString = instr.getResultString() and operationString = instr.getOperationString() and - operandsString = getOperandsString() and + operandsString = this.getOperandsString() and columnWidths(block, resultWidth, operationWidth) and result = resultString + getPaddingString(resultWidth - resultString.length()) + " = " + @@ -252,7 +262,8 @@ private class PrintableInstruction extends PrintableIRNode, TPrintableInstructio private string getOperandsString() { result = concat(Operand operand | - operand = instr.getAnOperand() + operand = instr.getAnOperand() and + shouldPrintOperand(operand) | operand.getDumpString() + getOperandPropertyString(operand), ", " order by diff --git a/csharp/ql/src/experimental/ir/implementation/raw/gvn/ValueNumbering.qll b/csharp/ql/src/experimental/ir/implementation/raw/gvn/ValueNumbering.qll index ca3c378cd7e..2a46e16c52f 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/gvn/ValueNumbering.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/gvn/ValueNumbering.qll @@ -7,17 +7,19 @@ private import internal.ValueNumberingImports class ValueNumber extends TValueNumber { final string toString() { result = "GVN" } - final string getDebugString() { result = strictconcat(getAnInstruction().getResultId(), ", ") } + final string getDebugString() { + result = strictconcat(this.getAnInstruction().getResultId(), ", ") + } final Language::Location getLocation() { if exists(Instruction i | - i = getAnInstruction() and not i.getLocation() instanceof Language::UnknownLocation + i = this.getAnInstruction() and not i.getLocation() instanceof Language::UnknownLocation ) then result = min(Language::Location l | - l = getAnInstruction().getLocation() and not l instanceof Language::UnknownLocation + l = this.getAnInstruction().getLocation() and not l instanceof Language::UnknownLocation | l order by @@ -40,7 +42,7 @@ class ValueNumber extends TValueNumber { final Instruction getExampleInstruction() { result = min(Instruction instr | - instr = getAnInstruction() + instr = this.getAnInstruction() | instr order by instr.getBlock().getDisplayIndex(), instr.getDisplayIndexInBlock() ) diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/IRConstruction.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/IRConstruction.qll index c75c279226d..8297fedb28e 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/IRConstruction.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/IRConstruction.qll @@ -378,12 +378,6 @@ private module Cached { result = getInstructionTranslatedElement(instruction).getAst() } - /** DEPRECATED: Alias for getInstructionAst */ - cached - deprecated Language::AST getInstructionAST(Instruction instruction) { - result = getInstructionAst(instruction) - } - cached CSharpType getInstructionResultType(Instruction instruction) { getInstructionTranslatedElement(instruction) diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedCondition.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedCondition.qll index 43db3c90065..afe98fdb410 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedCondition.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedCondition.qll @@ -17,9 +17,6 @@ abstract class TranslatedCondition extends ConditionBase { final override Language::AST getAst() { result = expr } - /** DEPRECATED: Alias for getAst */ - deprecated override Language::AST getAST() { result = this.getAst() } - final Expr getExpr() { result = expr } final override Callable getFunction() { result = expr.getEnclosingCallable() } diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedDeclaration.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedDeclaration.qll index 20d2b1e3459..23242c75c74 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedDeclaration.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedDeclaration.qll @@ -30,9 +30,6 @@ abstract class TranslatedLocalDeclaration extends TranslatedElement, TTranslated final override string toString() { result = expr.toString() } final override Language::AST getAst() { result = expr } - - /** DEPRECATED: Alias for getAst */ - deprecated override Language::AST getAST() { result = this.getAst() } } /** diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedElement.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedElement.qll index 4c5ab431dd5..c314d79e3ea 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedElement.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedElement.qll @@ -366,9 +366,6 @@ abstract class TranslatedElement extends TTranslatedElement { */ abstract Language::AST getAst(); - /** DEPRECATED: Alias for getAst */ - deprecated Language::AST getAST() { result = this.getAst() } - /** * Get the first instruction to be executed in the evaluation of this element. */ diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedExpr.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedExpr.qll index 67ebf19b766..68070261227 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedExpr.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedExpr.qll @@ -63,9 +63,6 @@ abstract class TranslatedExpr extends TranslatedExprBase { final override Language::AST getAst() { result = expr } - /** DEPRECATED: Alias for getAst */ - deprecated override Language::AST getAST() { result = this.getAst() } - final override Callable getFunction() { result = expr.getEnclosingCallable() } /** diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedFunction.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedFunction.qll index 24f340a8718..f0970984d46 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedFunction.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedFunction.qll @@ -30,9 +30,6 @@ class TranslatedFunction extends TranslatedElement, TTranslatedFunction { final override Language::AST getAst() { result = callable } - /** DEPRECATED: Alias for getAst */ - deprecated override Language::AST getAST() { result = this.getAst() } - /** * Gets the function being translated. */ @@ -287,9 +284,6 @@ class TranslatedParameter extends TranslatedElement, TTranslatedParameter { final override Language::AST getAst() { result = param } - /** DEPRECATED: Alias for getAst */ - deprecated override Language::AST getAST() { result = this.getAst() } - final override Callable getFunction() { result = param.getCallable() } final override Instruction getFirstInstruction() { diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedInitialization.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedInitialization.qll index bc127680ca4..c7cb9232d55 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedInitialization.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedInitialization.qll @@ -52,9 +52,6 @@ abstract class TranslatedInitialization extends TranslatedElement, TTranslatedIn final override Language::AST getAst() { result = expr } - /** DEPRECATED: Alias for getAst */ - deprecated override Language::AST getAST() { result = this.getAst() } - /** * Gets the expression that is doing the initialization. */ @@ -210,9 +207,6 @@ abstract class TranslatedElementInitialization extends TranslatedElement { final override Language::AST getAst() { result = initList } - /** DEPRECATED: Alias for getAst */ - deprecated override Language::AST getAST() { result = this.getAst() } - final override Callable getFunction() { result = initList.getEnclosingCallable() } final override Instruction getFirstInstruction() { @@ -319,9 +313,6 @@ abstract class TranslatedConstructorCallFromConstructor extends TranslatedElemen final override Language::AST getAst() { result = call } - /** DEPRECATED: Alias for getAst */ - deprecated override Language::AST getAST() { result = this.getAst() } - final override TranslatedElement getChild(int id) { id = 0 and result = this.getConstructorCall() } diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedStmt.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedStmt.qll index 1afc48d0409..71d8c42e170 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedStmt.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedStmt.qll @@ -26,9 +26,6 @@ abstract class TranslatedStmt extends TranslatedElement, TTranslatedStmt { final override Language::AST getAst() { result = stmt } - /** DEPRECATED: Alias for getAst */ - deprecated override Language::AST getAST() { result = this.getAst() } - final override Callable getFunction() { result = stmt.getEnclosingCallable() } } diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/common/TranslatedCallBase.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/common/TranslatedCallBase.qll index f14a420cfeb..6243663f1cc 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/common/TranslatedCallBase.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/common/TranslatedCallBase.qll @@ -21,26 +21,26 @@ abstract class TranslatedCallBase extends TranslatedElement { // though the `this` argument exists and is the result of the instruction // that allocated the new object. For those calls, `getQualifier()` should // be void. - id = -1 and result = getQualifier() + id = -1 and result = this.getQualifier() or - result = getArgument(id) + result = this.getArgument(id) } final override Instruction getFirstInstruction() { - if exists(getQualifier()) - then result = getQualifier().getFirstInstruction() - else result = getInstruction(CallTargetTag()) + if exists(this.getQualifier()) + then result = this.getQualifier().getFirstInstruction() + else result = this.getInstruction(CallTargetTag()) } override predicate hasInstruction(Opcode opcode, InstructionTag tag, CSharpType resultType) { tag = CallTag() and opcode instanceof Opcode::Call and - resultType = getTypeForPRValue(getCallResultType()) + resultType = getTypeForPRValue(this.getCallResultType()) or - hasSideEffect() and + this.hasSideEffect() and tag = CallSideEffectTag() and ( - if hasWriteSideEffect() + if this.hasWriteSideEffect() then ( opcode instanceof Opcode::CallSideEffect and resultType = getUnknownType() @@ -58,14 +58,14 @@ abstract class TranslatedCallBase extends TranslatedElement { } override Instruction getChildSuccessor(TranslatedElement child) { - child = getQualifier() and - result = getInstruction(CallTargetTag()) + child = this.getQualifier() and + result = this.getInstruction(CallTargetTag()) or exists(int argIndex | - child = getArgument(argIndex) and - if exists(getArgument(argIndex + 1)) - then result = getArgument(argIndex + 1).getFirstInstruction() - else result = getInstruction(CallTag()) + child = this.getArgument(argIndex) and + if exists(this.getArgument(argIndex + 1)) + then result = this.getArgument(argIndex + 1).getFirstInstruction() + else result = this.getInstruction(CallTag()) ) } @@ -74,18 +74,18 @@ abstract class TranslatedCallBase extends TranslatedElement { ( ( tag = CallTag() and - if hasSideEffect() - then result = getInstruction(CallSideEffectTag()) - else result = getParent().getChildSuccessor(this) + if this.hasSideEffect() + then result = this.getInstruction(CallSideEffectTag()) + else result = this.getParent().getChildSuccessor(this) ) or - hasSideEffect() and + this.hasSideEffect() and tag = CallSideEffectTag() and - result = getParent().getChildSuccessor(this) + result = this.getParent().getChildSuccessor(this) or tag = CallTargetTag() and kind instanceof GotoEdge and - result = getFirstArgumentOrCallInstruction() + result = this.getFirstArgumentOrCallInstruction() ) } @@ -93,26 +93,26 @@ abstract class TranslatedCallBase extends TranslatedElement { tag = CallTag() and ( operandTag instanceof CallTargetOperandTag and - result = getInstruction(CallTargetTag()) + result = this.getInstruction(CallTargetTag()) or operandTag instanceof ThisArgumentOperandTag and - result = getQualifierResult() + result = this.getQualifierResult() or exists(PositionalArgumentOperandTag argTag | argTag = operandTag and - result = getArgument(argTag.getArgIndex()).getResult() + result = this.getArgument(argTag.getArgIndex()).getResult() ) ) } final override CSharpType getInstructionOperandType(InstructionTag tag, TypedOperandTag operandTag) { tag = CallSideEffectTag() and - hasSideEffect() and + this.hasSideEffect() and operandTag instanceof SideEffectOperandTag and result = getUnknownType() } - Instruction getResult() { result = getInstruction(CallTag()) } + Instruction getResult() { result = this.getInstruction(CallTag()) } /** * Gets the result type of the call. @@ -122,7 +122,7 @@ abstract class TranslatedCallBase extends TranslatedElement { /** * Holds if the call has a `this` argument. */ - predicate hasQualifier() { exists(getQualifier()) } + predicate hasQualifier() { exists(this.getQualifier()) } /** * Gets the expr for the qualifier of the call. @@ -150,25 +150,25 @@ abstract class TranslatedCallBase extends TranslatedElement { * argument. Otherwise, returns the call instruction. */ final Instruction getFirstArgumentOrCallInstruction() { - if hasArguments() - then result = getArgument(0).getFirstInstruction() - else result = getInstruction(CallTag()) + if this.hasArguments() + then result = this.getArgument(0).getFirstInstruction() + else result = this.getInstruction(CallTag()) } /** * Holds if the call has any arguments, not counting the `this` argument. */ - final predicate hasArguments() { exists(getArgument(0)) } + final predicate hasArguments() { exists(this.getArgument(0)) } predicate hasReadSideEffect() { any() } predicate hasWriteSideEffect() { any() } - private predicate hasSideEffect() { hasReadSideEffect() or hasWriteSideEffect() } + private predicate hasSideEffect() { this.hasReadSideEffect() or this.hasWriteSideEffect() } override Instruction getPrimaryInstructionForSideEffect(InstructionTag tag) { - hasSideEffect() and + this.hasSideEffect() and tag = CallSideEffectTag() and - result = getResult() + result = this.getResult() } } diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/common/TranslatedConditionBase.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/common/TranslatedConditionBase.qll index 6f8e2df02ee..ec12b31f986 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/common/TranslatedConditionBase.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/common/TranslatedConditionBase.qll @@ -27,7 +27,7 @@ abstract class ConditionContext extends TranslatedElement { * and the compiler generated ones (captures the common patterns). */ abstract class ConditionBase extends TranslatedElement { - final ConditionContext getConditionContext() { result = getParent() } + final ConditionContext getConditionContext() { result = this.getParent() } } /** @@ -35,9 +35,9 @@ abstract class ConditionBase extends TranslatedElement { * and the compiler generated ones (captures the common patterns). */ abstract class ValueConditionBase extends ConditionBase { - override TranslatedElement getChild(int id) { id = 0 and result = getValueExpr() } + override TranslatedElement getChild(int id) { id = 0 and result = this.getValueExpr() } - override Instruction getFirstInstruction() { result = getValueExpr().getFirstInstruction() } + override Instruction getFirstInstruction() { result = this.getValueExpr().getFirstInstruction() } override predicate hasInstruction(Opcode opcode, InstructionTag tag, CSharpType resultType) { tag = ValueConditionConditionalBranchTag() and @@ -46,25 +46,25 @@ abstract class ValueConditionBase extends ConditionBase { } override Instruction getChildSuccessor(TranslatedElement child) { - child = getValueExpr() and - result = getInstruction(ValueConditionConditionalBranchTag()) + child = this.getValueExpr() and + result = this.getInstruction(ValueConditionConditionalBranchTag()) } override Instruction getInstructionSuccessor(InstructionTag tag, EdgeKind kind) { tag = ValueConditionConditionalBranchTag() and ( kind instanceof TrueEdge and - result = getConditionContext().getChildTrueSuccessor(this) + result = this.getConditionContext().getChildTrueSuccessor(this) or kind instanceof FalseEdge and - result = getConditionContext().getChildFalseSuccessor(this) + result = this.getConditionContext().getChildFalseSuccessor(this) ) } override Instruction getInstructionOperand(InstructionTag tag, OperandTag operandTag) { tag = ValueConditionConditionalBranchTag() and operandTag instanceof ConditionOperandTag and - result = valueExprResult() + result = this.valueExprResult() } /** diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/common/TranslatedDeclarationBase.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/common/TranslatedDeclarationBase.qll index 9fd47de9060..a4e6501d0e4 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/common/TranslatedDeclarationBase.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/common/TranslatedDeclarationBase.qll @@ -15,49 +15,49 @@ private import experimental.ir.internal.CSharpType private import experimental.ir.internal.IRCSharpLanguage as Language abstract class LocalVariableDeclarationBase extends TranslatedElement { - override TranslatedElement getChild(int id) { id = 0 and result = getInitialization() } + override TranslatedElement getChild(int id) { id = 0 and result = this.getInitialization() } - override Instruction getFirstInstruction() { result = getVarAddress() } + override Instruction getFirstInstruction() { result = this.getVarAddress() } override predicate hasInstruction(Opcode opcode, InstructionTag tag, CSharpType resultType) { tag = InitializerVariableAddressTag() and opcode instanceof Opcode::VariableAddress and - resultType = getTypeForGLValue(getVarType()) + resultType = getTypeForGLValue(this.getVarType()) or - hasUninitializedInstruction() and + this.hasUninitializedInstruction() and tag = InitializerStoreTag() and opcode instanceof Opcode::Uninitialized and - resultType = getTypeForPRValue(getVarType()) + resultType = getTypeForPRValue(this.getVarType()) } override Instruction getInstructionSuccessor(InstructionTag tag, EdgeKind kind) { ( tag = InitializerVariableAddressTag() and kind instanceof GotoEdge and - if hasUninitializedInstruction() - then result = getInstruction(InitializerStoreTag()) - else result = getInitialization().getFirstInstruction() + if this.hasUninitializedInstruction() + then result = this.getInstruction(InitializerStoreTag()) + else result = this.getInitialization().getFirstInstruction() ) or - hasUninitializedInstruction() and + this.hasUninitializedInstruction() and kind instanceof GotoEdge and tag = InitializerStoreTag() and ( - result = getInitialization().getFirstInstruction() + result = this.getInitialization().getFirstInstruction() or - not exists(getInitialization()) and result = getParent().getChildSuccessor(this) + not exists(this.getInitialization()) and result = this.getParent().getChildSuccessor(this) ) } override Instruction getChildSuccessor(TranslatedElement child) { - child = getInitialization() and result = getParent().getChildSuccessor(this) + child = this.getInitialization() and result = this.getParent().getChildSuccessor(this) } override Instruction getInstructionOperand(InstructionTag tag, OperandTag operandTag) { - hasUninitializedInstruction() and + this.hasUninitializedInstruction() and tag = InitializerStoreTag() and operandTag instanceof AddressOperandTag and - result = getVarAddress() + result = this.getVarAddress() } /** @@ -67,11 +67,11 @@ abstract class LocalVariableDeclarationBase extends TranslatedElement { * desugaring process. */ predicate hasUninitializedInstruction() { - not exists(getInitialization()) or - getInitialization() instanceof TranslatedListInitialization + not exists(this.getInitialization()) or + this.getInitialization() instanceof TranslatedListInitialization } - Instruction getVarAddress() { result = getInstruction(InitializerVariableAddressTag()) } + Instruction getVarAddress() { result = this.getInstruction(InitializerVariableAddressTag()) } /** * Gets the declared variable. For compiler generated elements, this diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/Common.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/Common.qll index dbc76ec3954..d9c7910be4c 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/Common.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/Common.qll @@ -38,21 +38,21 @@ abstract class TranslatedCompilerGeneratedTry extends TranslatedCompilerGenerate override Instruction getInstructionSuccessor(InstructionTag tag, EdgeKind kind) { none() } override TranslatedElement getChild(int id) { - id = 0 and result = getBody() + id = 0 and result = this.getBody() or - id = 1 and result = getFinally() + id = 1 and result = this.getFinally() } - override Instruction getFirstInstruction() { result = getBody().getFirstInstruction() } + override Instruction getFirstInstruction() { result = this.getBody().getFirstInstruction() } override Instruction getChildSuccessor(TranslatedElement child) { - child = getBody() and result = getFinally().getFirstInstruction() + child = this.getBody() and result = this.getFinally().getFirstInstruction() or - child = getFinally() and result = getParent().getChildSuccessor(this) + child = this.getFinally() and result = this.getParent().getChildSuccessor(this) } override Instruction getExceptionSuccessorInstruction() { - result = getParent().getExceptionSuccessorInstruction() + result = this.getParent().getExceptionSuccessorInstruction() } /** @@ -74,16 +74,16 @@ abstract class TranslatedCompilerGeneratedConstant extends TranslatedCompilerGen override predicate hasInstruction(Opcode opcode, InstructionTag tag, CSharpType resultType) { opcode instanceof Opcode::Constant and tag = OnlyInstructionTag() and - resultType = getTypeForPRValue(getResultType()) + resultType = getTypeForPRValue(this.getResultType()) } override Instruction getInstructionSuccessor(InstructionTag tag, EdgeKind kind) { tag = OnlyInstructionTag() and kind instanceof GotoEdge and - result = getParent().getChildSuccessor(this) + result = this.getParent().getChildSuccessor(this) } - override Instruction getFirstInstruction() { result = getInstruction(OnlyInstructionTag()) } + override Instruction getFirstInstruction() { result = this.getInstruction(OnlyInstructionTag()) } override TranslatedElement getChild(int id) { none() } @@ -96,20 +96,20 @@ abstract class TranslatedCompilerGeneratedConstant extends TranslatedCompilerGen * compose the block. */ abstract class TranslatedCompilerGeneratedBlock extends TranslatedCompilerGeneratedStmt { - override TranslatedElement getChild(int id) { result = getStmt(id) } + override TranslatedElement getChild(int id) { result = this.getStmt(id) } - override Instruction getFirstInstruction() { result = getStmt(0).getFirstInstruction() } + override Instruction getFirstInstruction() { result = this.getStmt(0).getFirstInstruction() } abstract TranslatedElement getStmt(int index); - private int getStmtCount() { result = count(getStmt(_)) } + private int getStmtCount() { result = count(this.getStmt(_)) } override Instruction getChildSuccessor(TranslatedElement child) { exists(int index | - child = getStmt(index) and - if index = (getStmtCount() - 1) - then result = getParent().getChildSuccessor(this) - else result = getStmt(index + 1).getFirstInstruction() + child = this.getStmt(index) and + if index = (this.getStmtCount() - 1) + then result = this.getParent().getChildSuccessor(this) + else result = this.getStmt(index + 1).getFirstInstruction() ) } @@ -128,14 +128,14 @@ abstract class TranslatedCompilerGeneratedBlock extends TranslatedCompilerGenera abstract class TranslatedCompilerGeneratedIfStmt extends TranslatedCompilerGeneratedStmt, ConditionContext { - override Instruction getFirstInstruction() { result = getCondition().getFirstInstruction() } + override Instruction getFirstInstruction() { result = this.getCondition().getFirstInstruction() } override TranslatedElement getChild(int id) { - id = 0 and result = getCondition() + id = 0 and result = this.getCondition() or - id = 1 and result = getThen() + id = 1 and result = this.getThen() or - id = 2 and result = getElse() + id = 2 and result = this.getElse() } abstract TranslatedCompilerGeneratedValueCondition getCondition(); @@ -144,25 +144,25 @@ abstract class TranslatedCompilerGeneratedIfStmt extends TranslatedCompilerGener abstract TranslatedCompilerGeneratedElement getElse(); - private predicate hasElse() { exists(getElse()) } + private predicate hasElse() { exists(this.getElse()) } override Instruction getInstructionSuccessor(InstructionTag tag, EdgeKind kind) { none() } override Instruction getChildTrueSuccessor(ConditionBase child) { - child = getCondition() and - result = getThen().getFirstInstruction() + child = this.getCondition() and + result = this.getThen().getFirstInstruction() } override Instruction getChildFalseSuccessor(ConditionBase child) { - child = getCondition() and - if hasElse() - then result = getElse().getFirstInstruction() - else result = getParent().getChildSuccessor(this) + child = this.getCondition() and + if this.hasElse() + then result = this.getElse().getFirstInstruction() + else result = this.getParent().getChildSuccessor(this) } override Instruction getChildSuccessor(TranslatedElement child) { - (child = getThen() or child = getElse()) and - result = getParent().getChildSuccessor(this) + (child = this.getThen() or child = this.getElse()) and + result = this.getParent().getChildSuccessor(this) } override predicate hasInstruction(Opcode opcode, InstructionTag tag, CSharpType resultType) { @@ -177,7 +177,7 @@ abstract class TranslatedCompilerGeneratedIfStmt extends TranslatedCompilerGener * access needs a `Load` instruction or not (eg. `ref` params do not) */ abstract class TranslatedCompilerGeneratedVariableAccess extends TranslatedCompilerGeneratedExpr { - override Instruction getFirstInstruction() { result = getInstruction(AddressTag()) } + override Instruction getFirstInstruction() { result = this.getInstruction(AddressTag()) } override TranslatedElement getChild(int id) { none() } @@ -187,45 +187,45 @@ abstract class TranslatedCompilerGeneratedVariableAccess extends TranslatedCompi * Returns the type of the accessed variable. Can be overridden when the return * type is different than the type of the underlying variable. */ - Type getVariableType() { result = getResultType() } + Type getVariableType() { result = this.getResultType() } override predicate hasInstruction(Opcode opcode, InstructionTag tag, CSharpType resultType) { tag = AddressTag() and opcode instanceof Opcode::VariableAddress and - resultType = getTypeForGLValue(getVariableType()) + resultType = getTypeForGLValue(this.getVariableType()) or - needsLoad() and + this.needsLoad() and tag = LoadTag() and opcode instanceof Opcode::Load and - resultType = getTypeForPRValue(getVariableType()) + resultType = getTypeForPRValue(this.getVariableType()) } override Instruction getInstructionSuccessor(InstructionTag tag, EdgeKind kind) { - needsLoad() and + this.needsLoad() and tag = LoadTag() and - result = getParent().getChildSuccessor(this) and + result = this.getParent().getChildSuccessor(this) and kind instanceof GotoEdge or ( tag = AddressTag() and kind instanceof GotoEdge and - if needsLoad() - then result = getInstruction(LoadTag()) - else result = getParent().getChildSuccessor(this) + if this.needsLoad() + then result = this.getInstruction(LoadTag()) + else result = this.getParent().getChildSuccessor(this) ) } override Instruction getResult() { - if needsLoad() - then result = getInstruction(LoadTag()) - else result = getInstruction(AddressTag()) + if this.needsLoad() + then result = this.getInstruction(LoadTag()) + else result = this.getInstruction(AddressTag()) } override Instruction getInstructionOperand(InstructionTag tag, OperandTag operandTag) { - needsLoad() and + this.needsLoad() and tag = LoadTag() and operandTag instanceof AddressOperandTag and - result = getInstruction(AddressTag()) + result = this.getInstruction(AddressTag()) } /** diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/Delegate.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/Delegate.qll index 4ce965aa1f0..3f1a1dec646 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/Delegate.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/Delegate.qll @@ -61,7 +61,7 @@ private class TranslatedDelegateConstructorCall extends TranslatedCompilerGenera override Instruction getQualifierResult() { exists(ConstructorCallContext context | - context = getParent() and + context = this.getParent() and result = context.getReceiver() ) } @@ -101,7 +101,7 @@ private class TranslatedDelegateInvokeCall extends TranslatedCompilerGeneratedCa override TranslatedExprBase getQualifier() { result = getTranslatedExpr(generatedBy.getExpr()) } - override Instruction getQualifierResult() { result = getQualifier().getResult() } + override Instruction getQualifierResult() { result = this.getQualifier().getResult() } override TranslatedExpr getArgument(int index) { result = getTranslatedExpr(generatedBy.getArgument(index)) diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/Foreach.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/Foreach.qll index 9be3c45d418..e49f579ecdf 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/Foreach.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/Foreach.qll @@ -122,28 +122,28 @@ class TranslatedForeachWhile extends TranslatedCompilerGeneratedStmt, ConditionC override Instruction getInstructionSuccessor(InstructionTag tag, EdgeKind kind) { none() } - override Instruction getFirstInstruction() { result = getCondition().getFirstInstruction() } + override Instruction getFirstInstruction() { result = this.getCondition().getFirstInstruction() } override Instruction getChildSuccessor(TranslatedElement child) { - child = getInit() and result = getBody().getFirstInstruction() + child = this.getInit() and result = this.getBody().getFirstInstruction() or - child = getBody() and result = getCondition().getFirstInstruction() + child = this.getBody() and result = this.getCondition().getFirstInstruction() } override TranslatedElement getChild(int id) { - id = 0 and result = getCondition() + id = 0 and result = this.getCondition() or - id = 1 and result = getInit() + id = 1 and result = this.getInit() or - id = 2 and result = getBody() + id = 2 and result = this.getBody() } final override Instruction getChildTrueSuccessor(ConditionBase child) { - child = getCondition() and result = getInit().getFirstInstruction() + child = this.getCondition() and result = this.getInit().getFirstInstruction() } final override Instruction getChildFalseSuccessor(ConditionBase child) { - child = getCondition() and result = getParent().getChildSuccessor(this) + child = this.getCondition() and result = this.getParent().getChildSuccessor(this) } TranslatedStmt getBody() { result = getTranslatedStmt(generatedBy.getBody()) } @@ -189,7 +189,7 @@ private class TranslatedForeachMoveNext extends TranslatedCompilerGeneratedCall, ) } - override Instruction getQualifierResult() { result = getQualifier().getResult() } + override Instruction getQualifierResult() { result = this.getQualifier().getResult() } } /** @@ -203,7 +203,7 @@ private class TranslatedForeachGetEnumerator extends TranslatedCompilerGenerated TranslatedForeachGetEnumerator() { this = TTranslatedCompilerGeneratedElement(generatedBy, 4) } final override Type getCallResultType() { - result = getInstructionFunction(CallTargetTag()).getReturnType() + result = this.getInstructionFunction(CallTargetTag()).getReturnType() } override Callable getInstructionFunction(InstructionTag tag) { @@ -217,7 +217,7 @@ private class TranslatedForeachGetEnumerator extends TranslatedCompilerGenerated result = getTranslatedExpr(generatedBy.getIterableExpr()) } - override Instruction getQualifierResult() { result = getQualifier().getResult() } + override Instruction getQualifierResult() { result = this.getQualifier().getResult() } } /** @@ -241,7 +241,7 @@ private class TranslatedForeachCurrent extends TranslatedCompilerGeneratedCall, ) } - override Instruction getQualifierResult() { result = getQualifier().getResult() } + override Instruction getQualifierResult() { result = this.getQualifier().getResult() } override Callable getInstructionFunction(InstructionTag tag) { tag = CallTargetTag() and @@ -275,7 +275,7 @@ private class TranslatedForeachDispose extends TranslatedCompilerGeneratedCall, ) } - override Instruction getQualifierResult() { result = getQualifier().getResult() } + override Instruction getQualifierResult() { result = this.getQualifier().getResult() } } /** @@ -295,7 +295,7 @@ private class TranslatedForeachWhileCondition extends TranslatedCompilerGenerate ) } - override Instruction valueExprResult() { result = getValueExpr().getResult() } + override Instruction valueExprResult() { result = this.getValueExpr().getResult() } } /** @@ -311,7 +311,7 @@ private class TranslatedForeachEnumerator extends TranslatedCompilerGeneratedDec override predicate hasTempVariable(TempVariableTag tag, CSharpType type) { tag = ForeachEnumTempVar() and - type = getTypeForPRValue(getInitialization().getCallResultType()) + type = getTypeForPRValue(this.getInitialization().getCallResultType()) } override IRTempVariable getIRVariable() { @@ -325,7 +325,7 @@ private class TranslatedForeachEnumerator extends TranslatedCompilerGeneratedDec ) } - override Instruction getInitializationResult() { result = getInitialization().getResult() } + override Instruction getInitializationResult() { result = this.getInitialization().getResult() } } /** @@ -340,11 +340,11 @@ private class TranslatedForeachIterVar extends TranslatedCompilerGeneratedDeclar override IRVariable getInstructionVariable(InstructionTag tag) { tag = InitializerVariableAddressTag() and - result = getIRVariable() + result = this.getIRVariable() } override IRVariable getIRVariable() { - result = getIRUserVariable(getFunction(), generatedBy.getAVariable()) + result = getIRUserVariable(this.getFunction(), generatedBy.getAVariable()) } override TranslatedCompilerGeneratedCall getInitialization() { @@ -354,7 +354,7 @@ private class TranslatedForeachIterVar extends TranslatedCompilerGeneratedDeclar ) } - override Instruction getInitializationResult() { result = getInitialization().getResult() } + override Instruction getInitializationResult() { result = this.getInitialization().getResult() } } /** @@ -379,12 +379,12 @@ private class TranslatedMoveNextEnumAcc extends TTranslatedCompilerGeneratedElem override predicate hasTempVariable(TempVariableTag tag, CSharpType type) { tag = ForeachEnumTempVar() and - type = getTypeForPRValue(getVariableType()) + type = getTypeForPRValue(this.getVariableType()) } override IRVariable getInstructionVariable(InstructionTag tag) { tag = AddressTag() and - result = getTempVariable(ForeachEnumTempVar()) + result = this.getTempVariable(ForeachEnumTempVar()) } override predicate needsLoad() { any() } @@ -412,12 +412,12 @@ private class TranslatedForeachCurrentEnumAcc extends TTranslatedCompilerGenerat override predicate hasTempVariable(TempVariableTag tag, CSharpType type) { tag = ForeachEnumTempVar() and - type = getTypeForPRValue(getVariableType()) + type = getTypeForPRValue(this.getVariableType()) } override IRVariable getInstructionVariable(InstructionTag tag) { tag = AddressTag() and - result = getTempVariable(ForeachEnumTempVar()) + result = this.getTempVariable(ForeachEnumTempVar()) } override predicate needsLoad() { any() } @@ -445,12 +445,12 @@ private class TranslatedForeachDisposeEnumAcc extends TTranslatedCompilerGenerat override predicate hasTempVariable(TempVariableTag tag, CSharpType type) { tag = ForeachEnumTempVar() and - type = getTypeForPRValue(getVariableType()) + type = getTypeForPRValue(this.getVariableType()) } override IRVariable getInstructionVariable(InstructionTag tag) { tag = AddressTag() and - result = getTempVariable(ForeachEnumTempVar()) + result = this.getTempVariable(ForeachEnumTempVar()) } override predicate needsLoad() { any() } diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/Lock.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/Lock.qll index 484d11205cd..d0d522718a6 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/Lock.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/Lock.qll @@ -208,7 +208,7 @@ private class TranslatedIfCondition extends TranslatedCompilerGeneratedValueCond ) } - override Instruction valueExprResult() { result = getValueExpr().getResult() } + override Instruction valueExprResult() { result = this.getValueExpr().getResult() } } /** @@ -254,7 +254,7 @@ private class TranslatedWasTakenConst extends TranslatedCompilerGeneratedConstan result = "false" } - override Instruction getResult() { result = getInstruction(OnlyInstructionTag()) } + override Instruction getResult() { result = this.getInstruction(OnlyInstructionTag()) } override Type getResultType() { result instanceof BoolType } } @@ -285,9 +285,9 @@ private class TranslatedLockWasTakenDecl extends TranslatedCompilerGeneratedDecl ) } - override Type getVarType() { result = getInitialization().getResultType() } + override Type getVarType() { result = this.getInitialization().getResultType() } - override Instruction getInitializationResult() { result = getInitialization().getResult() } + override Instruction getInitializationResult() { result = this.getInitialization().getResult() } } /** @@ -316,7 +316,7 @@ private class TranslatedLockedVarDecl extends TranslatedCompilerGeneratedDeclara override Type getVarType() { result = generatedBy.getExpr().getType() } - override Instruction getInitializationResult() { result = getInitialization().getResult() } + override Instruction getInitializationResult() { result = this.getInitialization().getResult() } } /** @@ -335,12 +335,12 @@ private class TranslatedMonitorEnterVarAcc extends TTranslatedCompilerGeneratedE override predicate hasTempVariable(TempVariableTag tag, CSharpType type) { tag = LockedVarTemp() and - type = getTypeForPRValue(getResultType()) + type = getTypeForPRValue(this.getResultType()) } override IRVariable getInstructionVariable(InstructionTag tag) { tag = AddressTag() and - result = getTempVariable(LockedVarTemp()) + result = this.getTempVariable(LockedVarTemp()) } override predicate needsLoad() { any() } @@ -362,12 +362,12 @@ private class TranslatedMonitorExitVarAcc extends TTranslatedCompilerGeneratedEl override IRVariable getInstructionVariable(InstructionTag tag) { tag = AddressTag() and - result = getTempVariable(LockedVarTemp()) + result = this.getTempVariable(LockedVarTemp()) } override predicate hasTempVariable(TempVariableTag tag, CSharpType type) { tag = LockedVarTemp() and - type = getTypeForPRValue(getResultType()) + type = getTypeForPRValue(this.getResultType()) } override predicate needsLoad() { any() } @@ -388,12 +388,12 @@ private class TranslatedLockWasTakenCondVarAcc extends TTranslatedCompilerGenera override predicate hasTempVariable(TempVariableTag tag, CSharpType type) { tag = LockWasTakenTemp() and - type = getTypeForPRValue(getResultType()) + type = getTypeForPRValue(this.getResultType()) } override IRVariable getInstructionVariable(InstructionTag tag) { tag = AddressTag() and - result = getTempVariable(LockWasTakenTemp()) + result = this.getTempVariable(LockWasTakenTemp()) } override predicate needsLoad() { any() } @@ -414,12 +414,12 @@ private class TranslatedLockWasTakenRefArg extends TTranslatedCompilerGeneratedE override predicate hasTempVariable(TempVariableTag tag, CSharpType type) { tag = LockWasTakenTemp() and - type = getTypeForPRValue(getResultType()) + type = getTypeForPRValue(this.getResultType()) } override IRVariable getInstructionVariable(InstructionTag tag) { tag = AddressTag() and - result = getTempVariable(LockWasTakenTemp()) + result = this.getTempVariable(LockWasTakenTemp()) } override predicate needsLoad() { none() } diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/internal/TranslatedCompilerGeneratedDeclaration.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/internal/TranslatedCompilerGeneratedDeclaration.qll index ead9a38fc5e..2a3ace143c8 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/internal/TranslatedCompilerGeneratedDeclaration.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/internal/TranslatedCompilerGeneratedDeclaration.qll @@ -23,7 +23,7 @@ abstract class TranslatedCompilerGeneratedDeclaration extends LocalVariableDecla } override Instruction getChildSuccessor(TranslatedElement child) { - child = getInitialization() and result = getInstruction(InitializerStoreTag()) + child = this.getInitialization() and result = this.getInstruction(InitializerStoreTag()) } override predicate hasInstruction(Opcode opcode, InstructionTag tag, CSharpType resultType) { @@ -34,14 +34,14 @@ abstract class TranslatedCompilerGeneratedDeclaration extends LocalVariableDecla // do not have the `Uninitialized` instruction tag = InitializerStoreTag() and opcode instanceof Opcode::Store and - resultType = getTypeForPRValue(getVarType()) + resultType = getTypeForPRValue(this.getVarType()) } override Instruction getInstructionSuccessor(InstructionTag tag, EdgeKind kind) { result = LocalVariableDeclarationBase.super.getInstructionSuccessor(tag, kind) or tag = InitializerStoreTag() and - result = getParent().getChildSuccessor(this) and + result = this.getParent().getChildSuccessor(this) and kind instanceof GotoEdge } @@ -51,23 +51,23 @@ abstract class TranslatedCompilerGeneratedDeclaration extends LocalVariableDecla tag = InitializerStoreTag() and ( operandTag instanceof AddressOperandTag and - result = getInstruction(InitializerVariableAddressTag()) + result = this.getInstruction(InitializerVariableAddressTag()) or operandTag instanceof StoreValueOperandTag and - result = getInitializationResult() + result = this.getInitializationResult() ) } override IRVariable getInstructionVariable(InstructionTag tag) { tag = InitializerVariableAddressTag() and - result = getIRVariable() + result = this.getIRVariable() } // A compiler generated declaration does not have an associated `LocalVariable` // element override LocalVariable getDeclVar() { none() } - override Type getVarType() { result = getIRVariable().getType() } + override Type getVarType() { result = this.getIRVariable().getType() } /** * Gets the IR variable that corresponds to the declaration. diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/internal/TranslatedCompilerGeneratedElement.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/internal/TranslatedCompilerGeneratedElement.qll index 7008187520c..2e5908b8194 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/internal/TranslatedCompilerGeneratedElement.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/internal/TranslatedCompilerGeneratedElement.qll @@ -20,7 +20,4 @@ abstract class TranslatedCompilerGeneratedElement extends TranslatedElement, final override Callable getFunction() { result = generatedBy.getEnclosingCallable() } final override Language::AST getAst() { result = generatedBy } - - /** DEPRECATED: Alias for getAst */ - deprecated override Language::AST getAST() { result = getAst() } } diff --git a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/IR.qll b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/IR.qll index c96783fe6e8..79873d8366e 100644 --- a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/IR.qll +++ b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/IR.qll @@ -77,4 +77,16 @@ class IRPropertyProvider extends TIRPropertyProvider { * Gets the value of the property named `key` for the specified operand. */ string getOperandProperty(Operand operand, string key) { none() } + + /** + * Holds if the instruction `instr` should be included when printing + * the IR instructions. + */ + predicate shouldPrintInstruction(Instruction instr) { any() } + + /** + * Holds if the operand `operand` should be included when printing the an + * instruction's operand list. + */ + predicate shouldPrintOperand(Operand operand) { any() } } diff --git a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/IRFunction.qll b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/IRFunction.qll index 5968e58f90b..354ba41e3d1 100644 --- a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/IRFunction.qll +++ b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/IRFunction.qll @@ -45,7 +45,9 @@ class IRFunction extends IRFunctionBase { * Gets the block containing the entry point of this function. */ pragma[noinline] - final IRBlock getEntryBlock() { result.getFirstInstruction() = getEnterFunctionInstruction() } + final IRBlock getEntryBlock() { + result.getFirstInstruction() = this.getEnterFunctionInstruction() + } /** * Gets all instructions in this function. diff --git a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/IRVariable.qll b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/IRVariable.qll index c92082d767d..b31c7898ba7 100644 --- a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/IRVariable.qll +++ b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/IRVariable.qll @@ -39,12 +39,12 @@ class IRVariable extends TIRVariable { /** * Gets the type of the variable. */ - final Language::Type getType() { getLanguageType().hasType(result, false) } + final Language::Type getType() { this.getLanguageType().hasType(result, false) } /** * Gets the language-neutral type of the variable. */ - final IRType getIRType() { result = getLanguageType().getIRType() } + final IRType getIRType() { result = this.getLanguageType().getIRType() } /** * Gets the type of the variable. @@ -58,7 +58,7 @@ class IRVariable extends TIRVariable { Language::AST getAst() { none() } /** DEPRECATED: Alias for getAst */ - deprecated Language::AST getAST() { result = getAst() } + deprecated Language::AST getAST() { result = this.getAst() } /** * Gets an identifier string for the variable. This identifier is unique @@ -69,7 +69,7 @@ class IRVariable extends TIRVariable { /** * Gets the source location of this variable. */ - final Language::Location getLocation() { result = getAst().getLocation() } + final Language::Location getLocation() { result = this.getAst().getLocation() } /** * Gets the IR for the function that references this variable. @@ -91,15 +91,15 @@ class IRUserVariable extends IRVariable, TIRUserVariable { IRUserVariable() { this = TIRUserVariable(var, type, func) } - final override string toString() { result = getVariable().toString() } + final override string toString() { result = this.getVariable().toString() } final override Language::AST getAst() { result = var } /** DEPRECATED: Alias for getAst */ - deprecated override Language::AST getAST() { result = getAst() } + deprecated override Language::AST getAST() { result = this.getAst() } final override string getUniqueId() { - result = getVariable().toString() + " " + getVariable().getLocation().toString() + result = this.getVariable().toString() + " " + this.getVariable().getLocation().toString() } final override Language::LanguageType getLanguageType() { result = type } @@ -166,9 +166,9 @@ class IRGeneratedVariable extends IRVariable { final override Language::AST getAst() { result = ast } /** DEPRECATED: Alias for getAst */ - deprecated override Language::AST getAST() { result = getAst() } + deprecated override Language::AST getAST() { result = this.getAst() } - override string toString() { result = getBaseString() + getLocationString() } + override string toString() { result = this.getBaseString() + this.getLocationString() } override string getUniqueId() { none() } @@ -272,7 +272,7 @@ class IRStringLiteral extends IRGeneratedVariable, TIRStringLiteral { final override predicate isReadOnly() { any() } final override string getUniqueId() { - result = "String: " + getLocationString() + "=" + Language::getStringLiteralText(literal) + result = "String: " + this.getLocationString() + "=" + Language::getStringLiteralText(literal) } final override string getBaseString() { result = "#string" } @@ -303,7 +303,8 @@ class IRDynamicInitializationFlag extends IRGeneratedVariable, TIRDynamicInitial final Language::Variable getVariable() { result = var } final override string getUniqueId() { - result = "Init: " + getVariable().toString() + " " + getVariable().getLocation().toString() + result = + "Init: " + this.getVariable().toString() + " " + this.getVariable().getLocation().toString() } final override string getBaseString() { result = "#init:" + var.toString() + ":" } @@ -332,5 +333,5 @@ class IRParameter extends IRAutomaticVariable { * An IR variable representing a positional parameter. */ class IRPositionalParameter extends IRParameter, IRAutomaticUserVariable { - final override int getIndex() { result = getVariable().(Language::Parameter).getIndex() } + final override int getIndex() { result = this.getVariable().(Language::Parameter).getIndex() } } diff --git a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/Instruction.qll b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/Instruction.qll index 0aa7c552638..1b5ea432946 100644 --- a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/Instruction.qll +++ b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/Instruction.qll @@ -210,9 +210,6 @@ class Instruction extends Construction::TStageInstruction { */ final Language::AST getAst() { result = Construction::getInstructionAst(this) } - /** DEPRECATED: Alias for getAst */ - deprecated Language::AST getAST() { result = this.getAst() } - /** * Gets the location of the source code for this instruction. */ @@ -463,9 +460,6 @@ class VariableInstruction extends Instruction { * Gets the AST variable that this instruction's IR variable refers to, if one exists. */ final Language::Variable getAstVariable() { result = var.(IRUserVariable).getVariable() } - - /** DEPRECATED: Alias for getAstVariable */ - deprecated Language::Variable getASTVariable() { result = this.getAstVariable() } } /** diff --git a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/PrintIR.qll b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/PrintIR.qll index aae12b0047a..b9106a7bfc7 100644 --- a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/PrintIR.qll +++ b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/PrintIR.qll @@ -42,6 +42,14 @@ private predicate shouldPrintFunction(Language::Declaration decl) { exists(PrintIRConfiguration config | config.shouldPrintFunction(decl)) } +private predicate shouldPrintInstruction(Instruction i) { + exists(IRPropertyProvider provider | provider.shouldPrintInstruction(i)) +} + +private predicate shouldPrintOperand(Operand operand) { + exists(IRPropertyProvider provider | provider.shouldPrintOperand(operand)) +} + private string getAdditionalInstructionProperty(Instruction instr, string key) { exists(IRPropertyProvider provider | result = provider.getInstructionProperty(instr, key)) } @@ -84,7 +92,9 @@ private string getOperandPropertyString(Operand operand) { private newtype TPrintableIRNode = TPrintableIRFunction(IRFunction irFunc) { shouldPrintFunction(irFunc.getFunction()) } or TPrintableIRBlock(IRBlock block) { shouldPrintFunction(block.getEnclosingFunction()) } or - TPrintableInstruction(Instruction instr) { shouldPrintFunction(instr.getEnclosingFunction()) } + TPrintableInstruction(Instruction instr) { + shouldPrintInstruction(instr) and shouldPrintFunction(instr.getEnclosingFunction()) + } /** * A node to be emitted in the IR graph. @@ -127,13 +137,13 @@ abstract private class PrintableIRNode extends TPrintableIRNode { * Gets the value of the node property with the specified key. */ string getProperty(string key) { - key = "semmle.label" and result = getLabel() + key = "semmle.label" and result = this.getLabel() or - key = "semmle.order" and result = getOrder().toString() + key = "semmle.order" and result = this.getOrder().toString() or - key = "semmle.graphKind" and result = getGraphKind() + key = "semmle.graphKind" and result = this.getGraphKind() or - key = "semmle.forceText" and forceText() and result = "true" + key = "semmle.forceText" and this.forceText() and result = "true" } } @@ -178,7 +188,7 @@ private class PrintableIRBlock extends PrintableIRNode, TPrintableIRBlock { PrintableIRBlock() { this = TPrintableIRBlock(block) } - override string toString() { result = getLabel() } + override string toString() { result = this.getLabel() } override Language::Location getLocation() { result = block.getLocation() } @@ -223,7 +233,7 @@ private class PrintableInstruction extends PrintableIRNode, TPrintableInstructio | resultString = instr.getResultString() and operationString = instr.getOperationString() and - operandsString = getOperandsString() and + operandsString = this.getOperandsString() and columnWidths(block, resultWidth, operationWidth) and result = resultString + getPaddingString(resultWidth - resultString.length()) + " = " + @@ -252,7 +262,8 @@ private class PrintableInstruction extends PrintableIRNode, TPrintableInstructio private string getOperandsString() { result = concat(Operand operand | - operand = instr.getAnOperand() + operand = instr.getAnOperand() and + shouldPrintOperand(operand) | operand.getDumpString() + getOperandPropertyString(operand), ", " order by diff --git a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/gvn/ValueNumbering.qll b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/gvn/ValueNumbering.qll index ca3c378cd7e..2a46e16c52f 100644 --- a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/gvn/ValueNumbering.qll +++ b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/gvn/ValueNumbering.qll @@ -7,17 +7,19 @@ private import internal.ValueNumberingImports class ValueNumber extends TValueNumber { final string toString() { result = "GVN" } - final string getDebugString() { result = strictconcat(getAnInstruction().getResultId(), ", ") } + final string getDebugString() { + result = strictconcat(this.getAnInstruction().getResultId(), ", ") + } final Language::Location getLocation() { if exists(Instruction i | - i = getAnInstruction() and not i.getLocation() instanceof Language::UnknownLocation + i = this.getAnInstruction() and not i.getLocation() instanceof Language::UnknownLocation ) then result = min(Language::Location l | - l = getAnInstruction().getLocation() and not l instanceof Language::UnknownLocation + l = this.getAnInstruction().getLocation() and not l instanceof Language::UnknownLocation | l order by @@ -40,7 +42,7 @@ class ValueNumber extends TValueNumber { final Instruction getExampleInstruction() { result = min(Instruction instr | - instr = getAnInstruction() + instr = this.getAnInstruction() | instr order by instr.getBlock().getDisplayIndex(), instr.getDisplayIndexInBlock() ) diff --git a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/AliasConfiguration.qll b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/AliasConfiguration.qll index dbdd3c14c85..110e673e1d2 100644 --- a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/AliasConfiguration.qll +++ b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/AliasConfiguration.qll @@ -7,7 +7,7 @@ private import AliasConfigurationImports class Allocation extends IRAutomaticVariable { VariableAddressInstruction getABaseInstruction() { result.getIRVariable() = this } - final string getAllocationString() { result = toString() } + final string getAllocationString() { result = this.toString() } predicate alwaysEscapes() { // An automatic variable only escapes if its address is taken and escapes. diff --git a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/SSAConstruction.qll b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/SSAConstruction.qll index dc785f3e0b1..63dc4142a13 100644 --- a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/SSAConstruction.qll +++ b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/SSAConstruction.qll @@ -422,12 +422,6 @@ private module Cached { ) } - /** DEPRECATED: Alias for getInstructionAst */ - cached - deprecated Language::AST getInstructionAST(Instruction instr) { - result = getInstructionAst(instr) - } - cached Language::LanguageType getInstructionResultType(Instruction instr) { result = instr.(RawIR::Instruction).getResultLanguageType() @@ -993,9 +987,6 @@ predicate canReuseSsaForMemoryResult(Instruction instruction) { // We don't support reusing SSA for any location that could create a `Chi` instruction. } -/** DEPRECATED: Alias for canReuseSsaForMemoryResult */ -deprecated predicate canReuseSSAForMemoryResult = canReuseSsaForMemoryResult/1; - /** * Expose some of the internal predicates to PrintSSA.qll. We do this by publicly importing those modules in the * `DebugSsa` module, which is then imported by PrintSSA. @@ -1005,9 +996,6 @@ module DebugSsa { import DefUse } -/** DEPRECATED: Alias for DebugSsa */ -deprecated module DebugSSA = DebugSsa; - import CachedForDebugging cached diff --git a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/SimpleSSA.qll b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/SimpleSSA.qll index ec2e6f5ef34..5c33ecf5f99 100644 --- a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/SimpleSSA.qll +++ b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/internal/SimpleSSA.qll @@ -46,9 +46,6 @@ predicate canReuseSsaForVariable(IRAutomaticVariable var) { not allocationEscapes(var) } -/** DEPRECATED: Alias for canReuseSsaForVariable */ -deprecated predicate canReuseSSAForVariable = canReuseSsaForVariable/1; - private newtype TMemoryLocation = MkMemoryLocation(Allocation var) { isVariableModeled(var) } private MemoryLocation getMemoryLocation(Allocation var) { result.getAllocation() = var } @@ -75,14 +72,11 @@ class MemoryLocation extends TMemoryLocation { final predicate canReuseSsa() { canReuseSsaForVariable(var) } /** DEPRECATED: Alias for canReuseSsa */ - deprecated predicate canReuseSSA() { canReuseSsa() } + deprecated predicate canReuseSSA() { this.canReuseSsa() } } predicate canReuseSsaForOldResult(Instruction instr) { none() } -/** DEPRECATED: Alias for canReuseSsaForOldResult */ -deprecated predicate canReuseSSAForOldResult = canReuseSsaForOldResult/1; - /** * Represents a set of `MemoryLocation`s that cannot overlap with * `MemoryLocation`s outside of the set. The `VirtualVariable` will be diff --git a/csharp/ql/src/experimental/ir/internal/CSharpType.qll b/csharp/ql/src/experimental/ir/internal/CSharpType.qll index d87596ae643..a8b9af957a9 100644 --- a/csharp/ql/src/experimental/ir/internal/CSharpType.qll +++ b/csharp/ql/src/experimental/ir/internal/CSharpType.qll @@ -150,10 +150,10 @@ class CSharpType extends TCSharpType { abstract string toString(); /** Gets a string used in IR dumps */ - string getDumpString() { result = toString() } + string getDumpString() { result = this.toString() } /** Gets the size of the type in bytes, if known. */ - final int getByteSize() { result = getIRType().getByteSize() } + final int getByteSize() { result = this.getIRType().getByteSize() } /** * Gets the `IRType` that represents this `CSharpType`. Many different `CSharpType`s can map to a @@ -168,7 +168,7 @@ class CSharpType extends TCSharpType { */ abstract predicate hasType(Type type, boolean isGLValue); - final predicate hasUnspecifiedType(Type type, boolean isGLValue) { hasType(type, isGLValue) } + final predicate hasUnspecifiedType(Type type, boolean isGLValue) { this.hasType(type, isGLValue) } } /** diff --git a/csharp/ql/src/experimental/ir/rangeanalysis/Bound.qll b/csharp/ql/src/experimental/ir/rangeanalysis/Bound.qll index c79c199832b..295c76a025d 100644 --- a/csharp/ql/src/experimental/ir/rangeanalysis/Bound.qll +++ b/csharp/ql/src/experimental/ir/rangeanalysis/Bound.qll @@ -41,7 +41,7 @@ abstract class Bound extends TBound { abstract Instruction getInstruction(int delta); /** Gets an expression that equals this bound. */ - Instruction getInstruction() { result = getInstruction(0) } + Instruction getInstruction() { result = this.getInstruction(0) } abstract Location getLocation(); } diff --git a/csharp/ql/src/experimental/ir/rangeanalysis/RangeAnalysis.qll b/csharp/ql/src/experimental/ir/rangeanalysis/RangeAnalysis.qll index a53b9a2426b..1febf611652 100644 --- a/csharp/ql/src/experimental/ir/rangeanalysis/RangeAnalysis.qll +++ b/csharp/ql/src/experimental/ir/rangeanalysis/RangeAnalysis.qll @@ -194,7 +194,7 @@ class NoReason extends Reason, TNoReason { class CondReason extends Reason, TCondReason { IRGuardCondition getCond() { this = TCondReason(result) } - override string toString() { result = getCond().toString() } + override string toString() { result = this.getCond().toString() } } /** @@ -222,10 +222,10 @@ private predicate safeCast(IntegralType fromtyp, IntegralType totyp) { private class SafeCastInstruction extends ConvertInstruction { SafeCastInstruction() { - safeCast(getResultType(), getUnary().getResultType()) + safeCast(this.getResultType(), this.getUnary().getResultType()) or - getResultType() instanceof PointerType and - getUnary().getResultType() instanceof PointerType + this.getResultType() instanceof PointerType and + this.getUnary().getResultType() instanceof PointerType } } @@ -260,14 +260,14 @@ private predicate typeBound(IntegralType typ, int lowerbound, int upperbound) { private class NarrowingCastInstruction extends ConvertInstruction { NarrowingCastInstruction() { not this instanceof SafeCastInstruction and - typeBound(getResultType(), _, _) + typeBound(this.getResultType(), _, _) } /** Gets the lower bound of the resulting type. */ - int getLowerBound() { typeBound(getResultType(), result, _) } + int getLowerBound() { typeBound(this.getResultType(), result, _) } /** Gets the upper bound of the resulting type. */ - int getUpperBound() { typeBound(getResultType(), _, result) } + int getUpperBound() { typeBound(this.getResultType(), _, result) } } /** diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index f8bb75d0f49..95506e0f254 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 0.6.2-dev +version: 0.6.3-dev groups: - csharp - queries @@ -10,3 +10,4 @@ dependencies: codeql/csharp-all: ${workspace} codeql/suite-helpers: ${workspace} codeql/util: ${workspace} +warnOnImplicitThis: true diff --git a/csharp/ql/test/TestUtilities/InlineFlowTest.qll b/csharp/ql/test/TestUtilities/InlineFlowTest.qll index f69b81caf64..a31d531e1b6 100644 --- a/csharp/ql/test/TestUtilities/InlineFlowTest.qll +++ b/csharp/ql/test/TestUtilities/InlineFlowTest.qll @@ -13,7 +13,7 @@ * * ``` * - * To declare expecations, you can use the $hasTaintFlow or $hasValueFlow comments within the test source files. + * To declare expectations, you can use the $hasTaintFlow or $hasValueFlow comments within the test source files. * Example of the corresponding test file, e.g. Test.cs * ```csharp * public class Test diff --git a/csharp/ql/test/experimental/ir/offbyone/CONSISTENCY/DataFlowConsistency.expected b/csharp/ql/test/experimental/ir/offbyone/CONSISTENCY/DataFlowConsistency.expected deleted file mode 100644 index 71bfae520bc..00000000000 --- a/csharp/ql/test/experimental/ir/offbyone/CONSISTENCY/DataFlowConsistency.expected +++ /dev/null @@ -1,7 +0,0 @@ -identityLocalStep -| test.cs:17:41:17:44 | this access | Node steps to itself | -| test.cs:34:41:34:44 | this access | Node steps to itself | -| test.cs:52:41:52:44 | this access | Node steps to itself | -| test.cs:67:41:67:44 | this access | Node steps to itself | -| test.cs:77:22:77:24 | this access | Node steps to itself | -| test.cs:90:41:90:44 | this access | Node steps to itself | diff --git a/csharp/ql/test/library-tests/assemblies/assemblies.ql b/csharp/ql/test/library-tests/assemblies/assemblies.ql index 70d9c419d5a..7af7e066160 100644 --- a/csharp/ql/test/library-tests/assemblies/assemblies.ql +++ b/csharp/ql/test/library-tests/assemblies/assemblies.ql @@ -5,7 +5,7 @@ private class KnownType extends Type { } class TypeRef extends @typeref { - string toString() { hasName(result) } + string toString() { this.hasName(result) } predicate hasName(string name) { typerefs(this, name) } @@ -13,7 +13,7 @@ class TypeRef extends @typeref { } class MissingType extends TypeRef { - MissingType() { not exists(getType()) } + MissingType() { not exists(this.getType()) } } from diff --git a/csharp/ql/test/library-tests/cil/attributes/CONSISTENCY/DataFlowConsistency.expected b/csharp/ql/test/library-tests/cil/attributes/CONSISTENCY/DataFlowConsistency.expected deleted file mode 100644 index 293dce08987..00000000000 --- a/csharp/ql/test/library-tests/cil/attributes/CONSISTENCY/DataFlowConsistency.expected +++ /dev/null @@ -1,263 +0,0 @@ -identityLocalStep -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi read(Local variable 5 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 6 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 7 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 7 of method Write) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ContinueTryEnter) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method CreateParentsAndDirectory) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method DisposeOnShutdown) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonAsciiByte_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonAsciiChar_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonLatin1Char_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetSources) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetTimeZoneIds) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateInterfaces) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method SpinUntil) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64D) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method Clone) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetCaseInsensitiveObjectInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetSessions) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetSessions) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method OnStop) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method RemoveLeadingInQuoteSpaces) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TranscodeToUtf8) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryDequeue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryPeek) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method DispatchEventsToEventListeners) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method SymmetricExceptWithUniqueHashSet) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method TryDecodeFromUtf16) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method WaitAllCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method GetDatePart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method IntersectWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method TryDecodeFromUtf16) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GetBytesWithFallback) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GetCharsWithFallback) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetDelegatesFromContinuationObject) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 7 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 7 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 9 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 11 of method MatchPattern) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 12 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 13 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 13 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 14 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 15 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of AddExceptionsFromChildren) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of EnsureDescriptorsInitialized) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetNextToken) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of RemoveReferencesToListenerInEventSources) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of RoundNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of Append) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ContainsValue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ContinueTryEnter) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of GetObject) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of GetString) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ReadXdgDirectory) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of SearchForChildByTag) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of ContinueTryEnterWithThreadTracking) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Replace) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of ReplaceAllInChunk) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of SplitInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Trim) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Wait) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of FormatScientific) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 5 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 5 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method Equals) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetDefaultValueInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetHashCode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method InitializeConfigAndDetermineUsePortableThreadPool) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method InsertAtCurrentHashNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method RemoveAll) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method RemoveDirectoryRecursive) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method TryParseInt64D) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ExecuteCallbackHandlers) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method FromBase64_ComputeResultLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method FromBase64_ComputeResultLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ToLower) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ToUpper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryEnterReadLockCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ToLower) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ToUpper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method FormCompoundType) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method MatchPattern) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method OnStop) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method FormCompoundType) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method GetNextToken) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 10 of method EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 15 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 15 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 17 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 33 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 1 of FindSection) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of ScaleResult) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of GetChars) | Node steps to itself | diff --git a/csharp/ql/test/library-tests/cil/consistency/CONSISTENCY/DataFlowConsistency.expected b/csharp/ql/test/library-tests/cil/consistency/CONSISTENCY/DataFlowConsistency.expected deleted file mode 100644 index 293dce08987..00000000000 --- a/csharp/ql/test/library-tests/cil/consistency/CONSISTENCY/DataFlowConsistency.expected +++ /dev/null @@ -1,263 +0,0 @@ -identityLocalStep -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi read(Local variable 5 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 6 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 7 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 7 of method Write) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ContinueTryEnter) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method CreateParentsAndDirectory) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method DisposeOnShutdown) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonAsciiByte_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonAsciiChar_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonLatin1Char_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetSources) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetTimeZoneIds) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateInterfaces) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method SpinUntil) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64D) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method Clone) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetCaseInsensitiveObjectInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetSessions) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetSessions) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method OnStop) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method RemoveLeadingInQuoteSpaces) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TranscodeToUtf8) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryDequeue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryPeek) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method DispatchEventsToEventListeners) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method SymmetricExceptWithUniqueHashSet) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method TryDecodeFromUtf16) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method WaitAllCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method GetDatePart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method IntersectWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method TryDecodeFromUtf16) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GetBytesWithFallback) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GetCharsWithFallback) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetDelegatesFromContinuationObject) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 7 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 7 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 9 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 11 of method MatchPattern) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 12 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 13 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 13 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 14 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 15 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of AddExceptionsFromChildren) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of EnsureDescriptorsInitialized) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetNextToken) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of RemoveReferencesToListenerInEventSources) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of RoundNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of Append) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ContainsValue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ContinueTryEnter) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of GetObject) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of GetString) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ReadXdgDirectory) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of SearchForChildByTag) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of ContinueTryEnterWithThreadTracking) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Replace) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of ReplaceAllInChunk) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of SplitInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Trim) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Wait) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of FormatScientific) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 5 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 5 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method Equals) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetDefaultValueInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetHashCode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method InitializeConfigAndDetermineUsePortableThreadPool) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method InsertAtCurrentHashNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method RemoveAll) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method RemoveDirectoryRecursive) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method TryParseInt64D) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ExecuteCallbackHandlers) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method FromBase64_ComputeResultLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method FromBase64_ComputeResultLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ToLower) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ToUpper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryEnterReadLockCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ToLower) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ToUpper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method FormCompoundType) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method MatchPattern) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method OnStop) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method FormCompoundType) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method GetNextToken) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 10 of method EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 15 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 15 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 17 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 33 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 1 of FindSection) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of ScaleResult) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of GetChars) | Node steps to itself | diff --git a/csharp/ql/test/library-tests/cil/dataflow/CONSISTENCY/DataFlowConsistency.expected b/csharp/ql/test/library-tests/cil/dataflow/CONSISTENCY/DataFlowConsistency.expected deleted file mode 100644 index 293dce08987..00000000000 --- a/csharp/ql/test/library-tests/cil/dataflow/CONSISTENCY/DataFlowConsistency.expected +++ /dev/null @@ -1,263 +0,0 @@ -identityLocalStep -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi read(Local variable 5 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 6 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 7 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 7 of method Write) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ContinueTryEnter) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method CreateParentsAndDirectory) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method DisposeOnShutdown) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonAsciiByte_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonAsciiChar_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonLatin1Char_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetSources) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetTimeZoneIds) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateInterfaces) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method SpinUntil) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64D) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method Clone) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetCaseInsensitiveObjectInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetSessions) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetSessions) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method OnStop) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method RemoveLeadingInQuoteSpaces) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TranscodeToUtf8) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryDequeue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryPeek) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method DispatchEventsToEventListeners) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method SymmetricExceptWithUniqueHashSet) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method TryDecodeFromUtf16) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method WaitAllCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method GetDatePart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method IntersectWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method TryDecodeFromUtf16) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GetBytesWithFallback) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GetCharsWithFallback) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetDelegatesFromContinuationObject) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 7 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 7 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 9 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 11 of method MatchPattern) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 12 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 13 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 13 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 14 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 15 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of AddExceptionsFromChildren) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of EnsureDescriptorsInitialized) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetNextToken) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of RemoveReferencesToListenerInEventSources) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of RoundNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of Append) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ContainsValue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ContinueTryEnter) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of GetObject) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of GetString) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ReadXdgDirectory) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of SearchForChildByTag) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of ContinueTryEnterWithThreadTracking) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Replace) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of ReplaceAllInChunk) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of SplitInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Trim) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Wait) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of FormatScientific) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 5 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 5 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method Equals) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetDefaultValueInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetHashCode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method InitializeConfigAndDetermineUsePortableThreadPool) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method InsertAtCurrentHashNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method RemoveAll) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method RemoveDirectoryRecursive) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method TryParseInt64D) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ExecuteCallbackHandlers) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method FromBase64_ComputeResultLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method FromBase64_ComputeResultLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ToLower) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ToUpper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryEnterReadLockCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ToLower) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ToUpper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method FormCompoundType) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method MatchPattern) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method OnStop) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method FormCompoundType) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method GetNextToken) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 10 of method EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 15 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 15 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 17 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 33 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 1 of FindSection) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of ScaleResult) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of GetChars) | Node steps to itself | diff --git a/csharp/ql/test/library-tests/cil/enums/CONSISTENCY/DataFlowConsistency.expected b/csharp/ql/test/library-tests/cil/enums/CONSISTENCY/DataFlowConsistency.expected deleted file mode 100644 index 293dce08987..00000000000 --- a/csharp/ql/test/library-tests/cil/enums/CONSISTENCY/DataFlowConsistency.expected +++ /dev/null @@ -1,263 +0,0 @@ -identityLocalStep -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi read(Local variable 5 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 6 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 7 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 7 of method Write) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ContinueTryEnter) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method CreateParentsAndDirectory) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method DisposeOnShutdown) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonAsciiByte_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonAsciiChar_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonLatin1Char_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetSources) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetTimeZoneIds) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateInterfaces) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method SpinUntil) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64D) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method Clone) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetCaseInsensitiveObjectInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetSessions) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetSessions) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method OnStop) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method RemoveLeadingInQuoteSpaces) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TranscodeToUtf8) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryDequeue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryPeek) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method DispatchEventsToEventListeners) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method SymmetricExceptWithUniqueHashSet) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method TryDecodeFromUtf16) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method WaitAllCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method GetDatePart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method IntersectWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method TryDecodeFromUtf16) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GetBytesWithFallback) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GetCharsWithFallback) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetDelegatesFromContinuationObject) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 7 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 7 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 9 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 11 of method MatchPattern) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 12 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 13 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 13 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 14 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 15 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of AddExceptionsFromChildren) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of EnsureDescriptorsInitialized) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetNextToken) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of RemoveReferencesToListenerInEventSources) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of RoundNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of Append) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ContainsValue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ContinueTryEnter) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of GetObject) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of GetString) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ReadXdgDirectory) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of SearchForChildByTag) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of ContinueTryEnterWithThreadTracking) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Replace) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of ReplaceAllInChunk) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of SplitInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Trim) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Wait) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of FormatScientific) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 5 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 5 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method Equals) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetDefaultValueInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetHashCode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method InitializeConfigAndDetermineUsePortableThreadPool) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method InsertAtCurrentHashNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method RemoveAll) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method RemoveDirectoryRecursive) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method TryParseInt64D) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ExecuteCallbackHandlers) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method FromBase64_ComputeResultLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method FromBase64_ComputeResultLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ToLower) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ToUpper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryEnterReadLockCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ToLower) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ToUpper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method FormCompoundType) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method MatchPattern) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method OnStop) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method FormCompoundType) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method GetNextToken) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 10 of method EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 15 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 15 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 17 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 33 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 1 of FindSection) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of ScaleResult) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of GetChars) | Node steps to itself | diff --git a/csharp/ql/test/library-tests/cil/functionPointers/CONSISTENCY/DataFlowConsistency.expected b/csharp/ql/test/library-tests/cil/functionPointers/CONSISTENCY/DataFlowConsistency.expected deleted file mode 100644 index 293dce08987..00000000000 --- a/csharp/ql/test/library-tests/cil/functionPointers/CONSISTENCY/DataFlowConsistency.expected +++ /dev/null @@ -1,263 +0,0 @@ -identityLocalStep -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi read(Local variable 5 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 6 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 7 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 7 of method Write) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ContinueTryEnter) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method CreateParentsAndDirectory) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method DisposeOnShutdown) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonAsciiByte_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonAsciiChar_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonLatin1Char_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetSources) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetTimeZoneIds) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateInterfaces) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method SpinUntil) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64D) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method Clone) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetCaseInsensitiveObjectInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetSessions) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetSessions) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method OnStop) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method RemoveLeadingInQuoteSpaces) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TranscodeToUtf8) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryDequeue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryPeek) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method DispatchEventsToEventListeners) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method SymmetricExceptWithUniqueHashSet) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method TryDecodeFromUtf16) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method WaitAllCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method GetDatePart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method IntersectWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method TryDecodeFromUtf16) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GetBytesWithFallback) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GetCharsWithFallback) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetDelegatesFromContinuationObject) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 7 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 7 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 9 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 11 of method MatchPattern) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 12 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 13 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 13 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 14 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 15 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of AddExceptionsFromChildren) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of EnsureDescriptorsInitialized) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetNextToken) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of RemoveReferencesToListenerInEventSources) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of RoundNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of Append) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ContainsValue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ContinueTryEnter) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of GetObject) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of GetString) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ReadXdgDirectory) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of SearchForChildByTag) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of ContinueTryEnterWithThreadTracking) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Replace) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of ReplaceAllInChunk) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of SplitInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Trim) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Wait) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of FormatScientific) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 5 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 5 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method Equals) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetDefaultValueInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetHashCode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method InitializeConfigAndDetermineUsePortableThreadPool) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method InsertAtCurrentHashNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method RemoveAll) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method RemoveDirectoryRecursive) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method TryParseInt64D) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ExecuteCallbackHandlers) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method FromBase64_ComputeResultLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method FromBase64_ComputeResultLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ToLower) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ToUpper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryEnterReadLockCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ToLower) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ToUpper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method FormCompoundType) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method MatchPattern) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method OnStop) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method FormCompoundType) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method GetNextToken) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 10 of method EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 15 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 15 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 17 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 33 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 1 of FindSection) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of ScaleResult) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of GetChars) | Node steps to itself | diff --git a/csharp/ql/test/library-tests/cil/init-only-prop/CONSISTENCY/DataFlowConsistency.expected b/csharp/ql/test/library-tests/cil/init-only-prop/CONSISTENCY/DataFlowConsistency.expected deleted file mode 100644 index 293dce08987..00000000000 --- a/csharp/ql/test/library-tests/cil/init-only-prop/CONSISTENCY/DataFlowConsistency.expected +++ /dev/null @@ -1,263 +0,0 @@ -identityLocalStep -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi read(Local variable 5 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 6 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 7 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 7 of method Write) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ContinueTryEnter) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method CreateParentsAndDirectory) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method DisposeOnShutdown) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonAsciiByte_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonAsciiChar_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonLatin1Char_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetSources) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetTimeZoneIds) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateInterfaces) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method SpinUntil) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64D) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method Clone) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetCaseInsensitiveObjectInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetSessions) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetSessions) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method OnStop) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method RemoveLeadingInQuoteSpaces) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TranscodeToUtf8) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryDequeue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryPeek) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method DispatchEventsToEventListeners) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method SymmetricExceptWithUniqueHashSet) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method TryDecodeFromUtf16) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method WaitAllCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method GetDatePart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method IntersectWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method TryDecodeFromUtf16) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GetBytesWithFallback) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GetCharsWithFallback) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetDelegatesFromContinuationObject) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 7 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 7 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 9 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 11 of method MatchPattern) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 12 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 13 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 13 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 14 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 15 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of AddExceptionsFromChildren) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of EnsureDescriptorsInitialized) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetNextToken) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of RemoveReferencesToListenerInEventSources) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of RoundNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of Append) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ContainsValue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ContinueTryEnter) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of GetObject) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of GetString) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ReadXdgDirectory) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of SearchForChildByTag) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of ContinueTryEnterWithThreadTracking) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Replace) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of ReplaceAllInChunk) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of SplitInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Trim) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Wait) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of FormatScientific) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 5 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 5 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method Equals) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetDefaultValueInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetHashCode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method InitializeConfigAndDetermineUsePortableThreadPool) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method InsertAtCurrentHashNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method RemoveAll) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method RemoveDirectoryRecursive) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method TryParseInt64D) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ExecuteCallbackHandlers) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method FromBase64_ComputeResultLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method FromBase64_ComputeResultLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ToLower) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ToUpper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryEnterReadLockCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ToLower) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ToUpper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method FormCompoundType) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method MatchPattern) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method OnStop) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method FormCompoundType) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method GetNextToken) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 10 of method EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 15 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 15 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 17 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 33 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 1 of FindSection) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of ScaleResult) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of GetChars) | Node steps to itself | diff --git a/csharp/ql/test/library-tests/cil/pdbs/CONSISTENCY/DataFlowConsistency.expected b/csharp/ql/test/library-tests/cil/pdbs/CONSISTENCY/DataFlowConsistency.expected deleted file mode 100644 index 293dce08987..00000000000 --- a/csharp/ql/test/library-tests/cil/pdbs/CONSISTENCY/DataFlowConsistency.expected +++ /dev/null @@ -1,263 +0,0 @@ -identityLocalStep -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi read(Local variable 5 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 6 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 7 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 7 of method Write) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ContinueTryEnter) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method CreateParentsAndDirectory) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method DisposeOnShutdown) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonAsciiByte_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonAsciiChar_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonLatin1Char_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetSources) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetTimeZoneIds) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateInterfaces) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method SpinUntil) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64D) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method Clone) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetCaseInsensitiveObjectInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetSessions) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetSessions) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method OnStop) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method RemoveLeadingInQuoteSpaces) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TranscodeToUtf8) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryDequeue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryPeek) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method DispatchEventsToEventListeners) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method SymmetricExceptWithUniqueHashSet) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method TryDecodeFromUtf16) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method WaitAllCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method GetDatePart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method IntersectWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method TryDecodeFromUtf16) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GetBytesWithFallback) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GetCharsWithFallback) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetDelegatesFromContinuationObject) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 7 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 7 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 9 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 11 of method MatchPattern) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 12 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 13 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 13 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 14 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 15 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of AddExceptionsFromChildren) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of EnsureDescriptorsInitialized) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetNextToken) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of RemoveReferencesToListenerInEventSources) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of RoundNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of Append) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ContainsValue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ContinueTryEnter) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of GetObject) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of GetString) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ReadXdgDirectory) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of SearchForChildByTag) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of ContinueTryEnterWithThreadTracking) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Replace) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of ReplaceAllInChunk) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of SplitInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Trim) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Wait) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of FormatScientific) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 5 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 5 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method Equals) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetDefaultValueInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetHashCode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method InitializeConfigAndDetermineUsePortableThreadPool) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method InsertAtCurrentHashNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method RemoveAll) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method RemoveDirectoryRecursive) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method TryParseInt64D) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ExecuteCallbackHandlers) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method FromBase64_ComputeResultLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method FromBase64_ComputeResultLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ToLower) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ToUpper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryEnterReadLockCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ToLower) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ToUpper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method FormCompoundType) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method MatchPattern) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method OnStop) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method FormCompoundType) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method GetNextToken) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 10 of method EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 15 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 15 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 17 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 33 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 1 of FindSection) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of ScaleResult) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of GetChars) | Node steps to itself | diff --git a/csharp/ql/test/library-tests/cil/regressions/CONSISTENCY/DataFlowConsistency.expected b/csharp/ql/test/library-tests/cil/regressions/CONSISTENCY/DataFlowConsistency.expected deleted file mode 100644 index 293dce08987..00000000000 --- a/csharp/ql/test/library-tests/cil/regressions/CONSISTENCY/DataFlowConsistency.expected +++ /dev/null @@ -1,263 +0,0 @@ -identityLocalStep -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi read(Local variable 5 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 6 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 7 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 7 of method Write) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ContinueTryEnter) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method CreateParentsAndDirectory) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method DisposeOnShutdown) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonAsciiByte_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonAsciiChar_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonLatin1Char_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetSources) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetTimeZoneIds) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateInterfaces) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method SpinUntil) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64D) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method Clone) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetCaseInsensitiveObjectInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetSessions) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetSessions) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method OnStop) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method RemoveLeadingInQuoteSpaces) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TranscodeToUtf8) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryDequeue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryPeek) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method DispatchEventsToEventListeners) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method SymmetricExceptWithUniqueHashSet) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method TryDecodeFromUtf16) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method WaitAllCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method GetDatePart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method IntersectWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method TryDecodeFromUtf16) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GetBytesWithFallback) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GetCharsWithFallback) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetDelegatesFromContinuationObject) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 7 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 7 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 9 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 11 of method MatchPattern) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 12 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 13 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 13 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 14 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 15 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of AddExceptionsFromChildren) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of EnsureDescriptorsInitialized) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetNextToken) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of RemoveReferencesToListenerInEventSources) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of RoundNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of Append) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ContainsValue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ContinueTryEnter) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of GetObject) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of GetString) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ReadXdgDirectory) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of SearchForChildByTag) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of ContinueTryEnterWithThreadTracking) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Replace) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of ReplaceAllInChunk) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of SplitInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Trim) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Wait) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of FormatScientific) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 5 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 5 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method Equals) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetDefaultValueInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetHashCode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method InitializeConfigAndDetermineUsePortableThreadPool) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method InsertAtCurrentHashNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method RemoveAll) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method RemoveDirectoryRecursive) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method TryParseInt64D) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ExecuteCallbackHandlers) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method FromBase64_ComputeResultLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method FromBase64_ComputeResultLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ToLower) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ToUpper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryEnterReadLockCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ToLower) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ToUpper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method FormCompoundType) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method MatchPattern) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method OnStop) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method FormCompoundType) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method GetNextToken) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 10 of method EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 15 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 15 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 17 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 33 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 1 of FindSection) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of ScaleResult) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of GetChars) | Node steps to itself | diff --git a/csharp/ql/test/library-tests/cil/typeAnnotations/CONSISTENCY/DataFlowConsistency.expected b/csharp/ql/test/library-tests/cil/typeAnnotations/CONSISTENCY/DataFlowConsistency.expected deleted file mode 100644 index 293dce08987..00000000000 --- a/csharp/ql/test/library-tests/cil/typeAnnotations/CONSISTENCY/DataFlowConsistency.expected +++ /dev/null @@ -1,263 +0,0 @@ -identityLocalStep -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi read(Local variable 5 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 6 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 7 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 7 of method Write) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ContinueTryEnter) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method CreateParentsAndDirectory) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method DisposeOnShutdown) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonAsciiByte_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonAsciiChar_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonLatin1Char_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetSources) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetTimeZoneIds) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateInterfaces) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method SpinUntil) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64D) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method Clone) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetCaseInsensitiveObjectInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetSessions) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetSessions) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method OnStop) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method RemoveLeadingInQuoteSpaces) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TranscodeToUtf8) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryDequeue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryPeek) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method DispatchEventsToEventListeners) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method SymmetricExceptWithUniqueHashSet) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method TryDecodeFromUtf16) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method WaitAllCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method GetDatePart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method IntersectWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method TryDecodeFromUtf16) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GetBytesWithFallback) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GetCharsWithFallback) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetDelegatesFromContinuationObject) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 7 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 7 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 9 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 11 of method MatchPattern) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 12 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 13 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 13 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 14 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 15 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of AddExceptionsFromChildren) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of EnsureDescriptorsInitialized) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetNextToken) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of RemoveReferencesToListenerInEventSources) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of RoundNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of Append) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ContainsValue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ContinueTryEnter) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of GetObject) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of GetString) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ReadXdgDirectory) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of SearchForChildByTag) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of ContinueTryEnterWithThreadTracking) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Replace) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of ReplaceAllInChunk) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of SplitInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Trim) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Wait) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of FormatScientific) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 5 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 5 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method Equals) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetDefaultValueInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetHashCode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method InitializeConfigAndDetermineUsePortableThreadPool) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method InsertAtCurrentHashNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method RemoveAll) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method RemoveDirectoryRecursive) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method TryParseInt64D) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ExecuteCallbackHandlers) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method FromBase64_ComputeResultLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method FromBase64_ComputeResultLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ToLower) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ToUpper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryEnterReadLockCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ToLower) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ToUpper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method FormCompoundType) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method MatchPattern) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method OnStop) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method FormCompoundType) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method GetNextToken) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 10 of method EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 15 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 15 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 17 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 33 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 1 of FindSection) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of ScaleResult) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of GetChars) | Node steps to itself | diff --git a/csharp/ql/test/library-tests/commons/Disposal/CONSISTENCY/DataFlowConsistency.expected b/csharp/ql/test/library-tests/commons/Disposal/CONSISTENCY/DataFlowConsistency.expected deleted file mode 100644 index 843def6eaca..00000000000 --- a/csharp/ql/test/library-tests/commons/Disposal/CONSISTENCY/DataFlowConsistency.expected +++ /dev/null @@ -1,749 +0,0 @@ -identityLocalStep -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi read(Local variable 5 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 6 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 7 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 7 of method Write) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi read(Local variable 0 of method OnServerGoAway) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi read(Local variable 1 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi read(Local variable 1 of method ParseHeaderNameValue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi read(Local variable 1 of method Read) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi read(Local variable 2 of method ParseAndAddValue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi read(Local variable 2 of method RemoveStalePools) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi read(Local variable 2 of method TryParseAndAddRawHeaderValue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi read(Local variable 3 of method ContainsParsedValue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi read(Local variable 3 of method ProcessGoAwayFrame) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi read(Local variable 3 of method RemoveParsedValue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi read(Local variable 4 of method b__104_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetParsedValueLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi read(Local variable 12 of method MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetEligibleClientCertificate) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi read(Parameter 0 of HandleAltSvc) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi read(Parameter 0 of ProcessKeepAliveHeader) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi read(Parameter 0 of ProcessSettingsFrame) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi read(Parameter 0 of RemoveStalePools) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyTo) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi read(Parameter 2 of ContainsParsedValue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi read(Parameter 2 of GetExpressionLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi read(Parameter 2 of HandleAltSvc) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi read(Parameter 2 of RemoveParsedValue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi read(Parameter 2 of TryGetPooledHttp11Connection) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi read(Parameter 2 of TrySkipFirstBlob) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi read(Parameter 3 of GetExpressionLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi read(Parameter 4 of GetExpressionLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi read(Parameter 5 of GetExpressionLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi(Local variable 0 of method g__ScavengeConnectionList\|118_1) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi(Local variable 0 of method HandleAltSvc) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi(Local variable 0 of method TrySkipFirstBlob) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi(Local variable 1 of method HandleAltSvc) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi(Local variable 1 of method ProcessSettingsFrame) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetNumberLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi(Local variable 2 of method HandleAltSvc) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi(Local variable 3 of method GetExpressionLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi(Local variable 3 of method ProcessKeepAliveHeader) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi(Local variable 4 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi(Local variable 7 of method GetParsedValueLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi(Local variable 11 of method GetParsedValueLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi(Local variable 12 of method GetParsedValueLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi(Local variable 12 of method HandleAltSvc) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi(Local variable 13 of method GetParsedValueLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi(Local variable 14 of method GetParsedValueLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi(Local variable 15 of method GetParsedValueLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Net.Http.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyTo) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ContinueTryEnter) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method CreateParentsAndDirectory) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method DisposeOnShutdown) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonAsciiByte_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonAsciiChar_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonLatin1Char_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetSources) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetTimeZoneIds) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateInterfaces) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method SpinUntil) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64D) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method Clone) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetCaseInsensitiveObjectInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetSessions) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetSessions) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method OnStop) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method RemoveLeadingInQuoteSpaces) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TranscodeToUtf8) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryDequeue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryPeek) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method DispatchEventsToEventListeners) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method SymmetricExceptWithUniqueHashSet) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method TryDecodeFromUtf16) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method WaitAllCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method GetDatePart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method IntersectWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method TryDecodeFromUtf16) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GetBytesWithFallback) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GetCharsWithFallback) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetDelegatesFromContinuationObject) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 7 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 7 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 9 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 11 of method MatchPattern) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 12 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 13 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 13 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 14 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 15 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of AddExceptionsFromChildren) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of EnsureDescriptorsInitialized) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetNextToken) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of RemoveReferencesToListenerInEventSources) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of RoundNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of Append) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ContainsValue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ContinueTryEnter) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of GetObject) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of GetString) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ReadXdgDirectory) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of SearchForChildByTag) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of ContinueTryEnterWithThreadTracking) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Replace) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of ReplaceAllInChunk) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of SplitInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Trim) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Wait) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of FormatScientific) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 5 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 5 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method Equals) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetDefaultValueInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetHashCode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method InitializeConfigAndDetermineUsePortableThreadPool) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method InsertAtCurrentHashNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method RemoveAll) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method RemoveDirectoryRecursive) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method TryParseInt64D) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ExecuteCallbackHandlers) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method FromBase64_ComputeResultLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method FromBase64_ComputeResultLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ToLower) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ToUpper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryEnterReadLockCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ToLower) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ToUpper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method FormCompoundType) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method MatchPattern) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method OnStop) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method FormCompoundType) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method GetNextToken) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 10 of method EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 15 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 15 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 17 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 33 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 1 of FindSection) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of ScaleResult) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method AddDefaultAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method CheckAttributeGroupRestriction) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method CheckForDuplicateType) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method CompileLiteralElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method CompileLocalAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method CompileLocalAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method CompileSorts) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method DblToRgbFast) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method Evaluate) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ExpectedParticles) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method Find) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GenerateInitCallbacksMethod) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetDefaultAttribute) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetNamespaceListSymbols) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetNamespaceListSymbols) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetNamespaceOfPrefixStrict) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetNamespaces) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetNamespacesInScope) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetNamespacesInScope) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetPrefixOfNamespaceStrict) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetPreviousContentSibling) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method Intersection) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ListAsString) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ListUsedPrefixes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method LoadEntityReferenceNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method LookupNamespace) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ParseDocumentContent) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method Prepare) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method RawText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method RawText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ResolveQNameDynamic) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ScanLiteral) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method WriteAttributeTextBlock) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method WriteAttributeTextBlock) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method WriteElementTextBlock) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method WriteElementTextBlock) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method WriteHtmlAttributeText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method WriteHtmlAttributeText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method WriteRawWithCharChecking) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method WriteRawWithCharChecking) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method WriteStartElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method WriteUriAttributeText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method WriteUriAttributeText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method get_NamespaceList) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method Add) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method DblToRgbFast) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method Document) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetExpectedAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetNamespaceOfPrefixStrict) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetNamespacesInScope) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method ImplReadXmlText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method ImportDerivedTypes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method MoveToPrevious) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method Prepare) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method RawTextNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method RawTextNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method ScanLiteral) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method Write) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method WriteAttributeTextBlockNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method WriteAttributeTextBlockNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method WriteElementTextBlockNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method WriteElementTextBlockNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method WriteElementTo) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method WriteRawWithCharCheckingNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method WriteRawWithCharCheckingNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 2 of method Add) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 2 of method CheckUseAttrubuteSetInList) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 2 of method Compile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 2 of method DblToRgbFast) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 2 of method InferElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 2 of method ParseAttributeValueSlow) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 2 of method ParseElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 2 of method ParseElementAsync) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 2 of method ParseFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 2 of method ScanLiteral) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 2 of method VisitCallTemplate) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 2 of method WriteCDataSection) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 2 of method WriteCDataSection) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 2 of method WriteCommentOrPi) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 2 of method WriteCommentOrPi) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 3 of method CompileLocalAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 3 of method CompileLocalAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 3 of method DblToRgbFast) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 3 of method LoadElementNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 3 of method Refactor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 3 of method RemoveSchemaFromCaches) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 3 of method VisitApplyTemplates) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 3 of method WriteCDataSectionNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 3 of method WriteCDataSectionNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 3 of method WriteCommentOrPiNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 3 of method WriteCommentOrPiNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 4 of method CheckText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 4 of method CompileLiteralElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 4 of method ExportSpecialMapping) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GenerateLiteralMembersElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 4 of method ParseAttributeValueSlow) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 4 of method Refactor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 5 of method ConvertToDecimal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 5 of method ParseAttributeValueSlow) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 5 of method Refactor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetContext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 6 of method InferElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 6 of method MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 6 of method ReadByteArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 7 of method GenerateEncodedMembersElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 7 of method ParseAttributeValueSlow) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 8 of method GenerateEncodedMembersElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of AddDefaultAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of AddImportDependencies) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of AnalyzeAvt) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CheckAttributeGroupRestriction) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CheckAttributeGroupRestriction) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CheckAttributeSets_RecurceInContainer) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CheckAttributeSets_RecurceInList) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CheckParticleDerivation) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CheckUseAttrubuteSetInList) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of Compile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of Compile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of Compile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of Compile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of Compile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of Compile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of Compile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of Compile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of Compile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of Compile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of Compile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of Compile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CompileAndSortMatches) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CompileAttributeGroup) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CompileAttributeGroup) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CompileComplexType) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CompileLiteralElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CompileLocalAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CompileLocalAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CompileLocalAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CompileLocalAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CompileLocalAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CompileLocalAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CompileLocalAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CompileLocalAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CompileProtoTemplate) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CompileSorts) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyFromCompiledSet) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyFromCompiledSet) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyFromCompiledSet) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyFromCompiledSet) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CreateIdTables) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of DepthFirstSearch) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of DepthFirstSearch) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of DepthFirstSearch) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of DepthFirstSearch) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of EatWhitespaces) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of EndElementIdentityConstraints) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of EndElementIdentityConstraints) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of Evaluate) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of Execute) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ExpectedElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ExpectedParticles) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ExportRootIfNecessary) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ExportSpecialMapping) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ExportSpecialMapping) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of Find) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of FindCaseInsensitiveString) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of FindSchemaType) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of GenerateBegin) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of GenerateBegin) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of GenerateBegin) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of GenerateBegin) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of GenerateBegin) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of GenerateBegin) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of GenerateInitCallbacksMethod) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of GenerateInitCallbacksMethod) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetNamespaceListSymbols) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetNamespacesInScope) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetNamespacesInScope) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ImportDerivedTypes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of InferSchema1) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of InitCallbacks) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of InitCallbacks) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ListAsString) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of LoadDocumentType) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of LoadElementNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of LookupPrefix) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of Merge) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of MoveToFirstNamespace) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of MoveToFollowing) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ParseAttributeValueChunk) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ParseAttributeValueSlow) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ParseAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ParseCDataOrComment) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ParseElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ParseElementAsync) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ParseEndElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ParseEndElementAsync_CheckEndTag) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ParsePIValue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ParseQName) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ParseText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ParseTextAsync) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of Prepare) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ProcessSubstitutionGroups) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of PropagateFlag) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of PropagateSideEffectsFlag) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of PropagateSideEffectsFlag) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of RawText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of RawText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of RawTextNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of RawTextNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ResolveQNameDynamic) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of SkipUntil) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of StartParsing) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ValidateElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of VisitCallTemplate) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of Write) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteAttributeTextBlock) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteAttributeTextBlock) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteAttributeTextBlockNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteAttributeTextBlockNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteCDataSection) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteCDataSection) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteCDataSectionNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteCDataSectionNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteCommentOrPi) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteCommentOrPi) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteCommentOrPiNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteCommentOrPiNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteElementTextBlock) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteElementTextBlock) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteElementTextBlockNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteElementTextBlockNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteEnumAndArrayTypes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteEnumAndArrayTypes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteEnumAndArrayTypes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteEnumAndArrayTypes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteHtmlAttributeText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteHtmlAttributeText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteRawWithCharChecking) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteRawWithCharChecking) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteRawWithCharCheckingNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteRawWithCharCheckingNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteReflectionInit) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteStartElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteUriAttributeText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteUriAttributeText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of Add) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of AddDefaultAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of AddImport) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of CheckAttributeGroupRestriction) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of CheckAttributeSets_RecurceInContainer) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of CheckDuplicateParams) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of CompileAndSortMatches) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of CompileComplexType) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyTo) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of EatWhitespaces) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of FillModeFlags) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of FindAttribute) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of FindAttributeRef) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of FindImport) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of GetElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of GetNamespaceListSymbols) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of GetNamespacesInScope) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of GetPrefixOfNamespaceStrict) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of HasParticleRef) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of ImportDerivedTypes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of ImportDerivedTypes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of InferElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of ListUsedPrefixes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of LookupPrefix) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of Merge) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of MoveToFollowing) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of MoveToFollowing) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of MoveToNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of ParseCDataOrComment) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of ParseEndElementAsync_Finish) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of ParsePI) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of ParseQName) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of PropagateFlag) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of ReadToDescendant) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of ReadToDescendant) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of ReadToFollowing) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of ReadToFollowing) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of ReplaceNamespaceAlias) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of ScanLiteral) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of ScanQName) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of ScanQName) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of ShouldStripSpace) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of TryLookupPrefix) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of VisitApplyTemplates) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of VisitCallTemplate) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of WriteNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of CheckAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of CheckDuplicateElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of CheckWithParam) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of CompileAvt) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of CompileLocalAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of CompileLocalAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of CompileSorts) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of CompileXPath) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of DepthFirstSearch) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of ExpectedElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of ExpectedParticles) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of ExportSpecialMapping) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of ExportSpecialMapping) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of FindAttributeRef) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of GetDefaultAttribute) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of InferElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of ListAsString) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of MoveToFollowing) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of MoveToFollowing) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of MoveToNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of MoveToPrevious) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of ParseAttributeValueSlow) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of ParseEndElementAsync_Finish) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of ReadToDescendant) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of ReadToFollowing) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of ShouldStripSpace) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of SkipUntil) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of Write) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of WriteAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of WriteNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 3 of ExpectedParticles) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 3 of Find) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 3 of GetContentFollowing) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 3 of GetDefaultAttribute) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 3 of GetElementFollowing) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 3 of GetTextFollowing) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 3 of InferElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 3 of ParseAttributeValueSlow) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 3 of ParseEndElementAsync_Finish) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 3 of WriteAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 3 of WriteEnumAndArrayTypes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 4 of ConvertToDecimal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 4 of GetDefaultAttribute) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 4 of WriteAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 4 of WriteEnumAndArrayTypes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 5 of GetElementFollowing) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method AnalyzeAvt) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method CompileComplexType) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method ContainsIdAttribute) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method Evaluate) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method ExpectedElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method FindCaseInsensitiveString) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method FindStylesheetElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetContext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method IncrementalRead) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method LoadDeclarationNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method LoadDocumentTypeNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method ParseQName) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method ParseQName) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method PopulateMemberInfos) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method Read) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method ReadXmlNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method ScanCondSection3) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method ScanQName) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method SkipUntil) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method WriteAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 1 of method EatWhitespaces) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 1 of method Evaluate) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 1 of method GenerateInitCallbacksMethod) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetContext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetDefaultAttributePrefix) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetDefaultPrefix) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 1 of method InferElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 1 of method LoadDeclarationNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 1 of method LoadDocumentTypeNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 1 of method NonCDataNormalize) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 1 of method ReadTextNodes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 1 of method ScanAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 1 of method SkipUntil) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 1 of method VisitStrConcat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 2 of method CDataNormalize) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 2 of method Decode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 2 of method IncrementalRead) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 2 of method LoadDeclarationNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 2 of method NonCDataNormalize) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 2 of method ParseCDataOrComment) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 2 of method ParsePIValue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 2 of method ParseText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 2 of method ParseXmlDeclaration) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 2 of method ReadTextNodes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 2 of method ScanAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 2 of method SkipUntil) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 3 of method CDataNormalize) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 3 of method Compile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 3 of method Decode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 3 of method ParseAttributeValueSlow) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 3 of method ParseCDataOrComment) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 3 of method ParseFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 3 of method ParsePIValue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 3 of method ParseText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 3 of method SkipUntil) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 4 of method InferElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 4 of method ParseText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 4 of method ReadByteArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 4 of method VisitApplyTemplates) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 6 of method MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 6 of method ParseDocumentContent) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 6 of method get_Value) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 7 of method GetContext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 7 of method InferElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 7 of method MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 7 of method MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 7 of method ParseText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 8 of method MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 8 of method MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 8 of method ParseAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 8 of method ParseText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 9 of method FillModeFlags) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 11 of method ExportSpecialMapping) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 14 of method IncrementalRead) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 15 of method DblToRgbFast) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 16 of method DblToRgbFast) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyTo) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Parameter 4 of ParseTextAsync) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Parameter 5 of ParseTextAsync) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Parameter 6 of ParseTextAsync) | Node steps to itself | diff --git a/csharp/ql/test/library-tests/controlflow/graph/CONSISTENCY/DataFlowConsistency.expected b/csharp/ql/test/library-tests/controlflow/graph/CONSISTENCY/DataFlowConsistency.expected deleted file mode 100644 index 4bcd7a82ef6..00000000000 --- a/csharp/ql/test/library-tests/controlflow/graph/CONSISTENCY/DataFlowConsistency.expected +++ /dev/null @@ -1,2 +0,0 @@ -identityLocalStep -| Conditions.cs:133:17:133:22 | [Field1 (line 129): false] this access | Node steps to itself | diff --git a/csharp/ql/test/library-tests/controlflow/guards/CONSISTENCY/DataFlowConsistency.expected b/csharp/ql/test/library-tests/controlflow/guards/CONSISTENCY/DataFlowConsistency.expected deleted file mode 100644 index 144414d6a64..00000000000 --- a/csharp/ql/test/library-tests/controlflow/guards/CONSISTENCY/DataFlowConsistency.expected +++ /dev/null @@ -1,348 +0,0 @@ -identityLocalStep -| Splitting.cs:133:21:133:29 | [b (line 123): false] this access | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Collections.dll:0:0:0:0 | SSA phi read(Local variable 0 of method InOrderTreeWalk) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Collections.dll:0:0:0:0 | SSA phi read(Local variable 0 of method InOrderTreeWalk) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Collections.dll:0:0:0:0 | SSA phi read(Local variable 0 of method IntersectWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Collections.dll:0:0:0:0 | SSA phi read(Local variable 1 of method RemoveAllElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Collections.dll:0:0:0:0 | SSA phi read(Local variable 2 of method ExceptWith) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Collections.dll:0:0:0:0 | SSA phi read(Local variable 2 of method IntersectWith) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Collections.dll:0:0:0:0 | SSA phi read(Local variable 4 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Collections.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetHashCode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Collections.dll:0:0:0:0 | SSA phi read(Parameter 2 of CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Collections.dll:0:0:0:0 | SSA phi read(Parameter 2 of FindRange) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Collections.dll:0:0:0:0 | SSA phi read(Parameter 4 of FindRange) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Collections.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetHashCode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Collections.dll:0:0:0:0 | SSA phi(Local variable 1 of method get_MaxInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Collections.dll:0:0:0:0 | SSA phi(Local variable 1 of method get_MinInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Collections.dll:0:0:0:0 | SSA phi(Local variable 3 of method IntersectWith) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Collections.dll:0:0:0:0 | SSA phi(Local variable 4 of method MoveDownDefaultComparer) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Collections.dll:0:0:0:0 | SSA phi(Local variable 5 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Collections.dll:0:0:0:0 | SSA phi(Local variable 5 of method MoveDownCustomComparer) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Collections.dll:0:0:0:0 | SSA phi(Local variable 6 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi read(Local variable 5 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 6 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 7 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 7 of method Write) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi read(Local variable 0 of method CreateForJoin) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PartialQuickSort) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ToArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ToArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ToList) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ToList) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryGetLast) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi read(Local variable 1 of method QuickSelect) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi read(Local variable 1 of method ToArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi read(Local variable 2 of method Max) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi read(Local variable 2 of method Min) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi read(Parameter 1 of Max) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi read(Parameter 1 of Min) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi read(Parameter 2 of MaxBy) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi read(Parameter 2 of MinBy) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 0 of method Count) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 0 of method LongCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 0 of method Max) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 0 of method Max) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 0 of method Max) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 0 of method Max) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 0 of method MaxFloat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 0 of method MaxFloat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 0 of method MaxFloat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 0 of method MaxFloat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 0 of method MaxInteger) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 0 of method MaxInteger) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 0 of method MaxInteger) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 0 of method MaxInteger) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 0 of method Min) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 0 of method Min) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 0 of method Min) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 0 of method Min) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 0 of method MinFloat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 0 of method MinFloat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 0 of method MinInteger) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 0 of method MinInteger) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 0 of method Sum) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 0 of method Sum) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 1 of method MaxBy) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 1 of method MaxBy) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 1 of method MaxBy) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 1 of method MinBy) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 1 of method MinBy) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 1 of method MinBy) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 1 of method PartialQuickSort) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 2 of method Average) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 2 of method Average) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 2 of method Max) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 2 of method Max) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 2 of method MaxBy) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 2 of method Min) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 2 of method Min) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 2 of method MinBy) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 2 of method MinFloat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 2 of method MinFloat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 2 of method QuickSelect) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryGetFirst) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryGetLast) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryGetLast) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 3 of method Average) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 3 of method Average) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Linq.dll:0:0:0:0 | SSA phi(Local variable 5 of method TryGetLast) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ContinueTryEnter) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method CreateParentsAndDirectory) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method DisposeOnShutdown) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonAsciiByte_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonAsciiChar_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonLatin1Char_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetSources) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetTimeZoneIds) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateInterfaces) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method SpinUntil) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64D) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method Clone) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetCaseInsensitiveObjectInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetSessions) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetSessions) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method OnStop) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method RemoveLeadingInQuoteSpaces) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TranscodeToUtf8) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryDequeue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryPeek) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method DispatchEventsToEventListeners) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method SymmetricExceptWithUniqueHashSet) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method TryDecodeFromUtf16) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method WaitAllCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method GetDatePart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method IntersectWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method TryDecodeFromUtf16) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GetBytesWithFallback) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GetCharsWithFallback) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetDelegatesFromContinuationObject) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 7 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 7 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 9 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 11 of method MatchPattern) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 12 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 13 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 13 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 14 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 15 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of AddExceptionsFromChildren) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of EnsureDescriptorsInitialized) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetNextToken) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of RemoveReferencesToListenerInEventSources) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of RoundNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of Append) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ContainsValue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ContinueTryEnter) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of GetObject) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of GetString) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ReadXdgDirectory) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of SearchForChildByTag) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of ContinueTryEnterWithThreadTracking) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Replace) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of ReplaceAllInChunk) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of SplitInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Trim) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Wait) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of FormatScientific) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 5 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 5 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method Equals) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetDefaultValueInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetHashCode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method InitializeConfigAndDetermineUsePortableThreadPool) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method InsertAtCurrentHashNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method RemoveAll) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method RemoveDirectoryRecursive) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method TryParseInt64D) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ExecuteCallbackHandlers) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method FromBase64_ComputeResultLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method FromBase64_ComputeResultLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ToLower) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ToUpper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryEnterReadLockCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ToLower) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ToUpper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method FormCompoundType) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method MatchPattern) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method OnStop) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method FormCompoundType) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method GetNextToken) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 10 of method EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 15 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 15 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 17 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 33 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 1 of FindSection) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of ScaleResult) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of GetChars) | Node steps to itself | diff --git a/csharp/ql/test/library-tests/controlflow/splits/CONSISTENCY/DataFlowConsistency.expected b/csharp/ql/test/library-tests/controlflow/splits/CONSISTENCY/DataFlowConsistency.expected deleted file mode 100644 index dee61bfe398..00000000000 --- a/csharp/ql/test/library-tests/controlflow/splits/CONSISTENCY/DataFlowConsistency.expected +++ /dev/null @@ -1,7 +0,0 @@ -identityLocalStep -| SplittingStressTest.cs:172:16:172:16 | SSA phi read(b29) | Node steps to itself | -| SplittingStressTest.cs:179:13:183:13 | [b1 (line 170): false] SSA phi read(b1) | Node steps to itself | -| SplittingStressTest.cs:184:13:188:13 | [b2 (line 170): false] SSA phi read(b2) | Node steps to itself | -| SplittingStressTest.cs:189:13:193:13 | [b3 (line 170): false] SSA phi read(b3) | Node steps to itself | -| SplittingStressTest.cs:194:13:198:13 | [b4 (line 170): false] SSA phi read(b4) | Node steps to itself | -| SplittingStressTest.cs:199:13:203:13 | [b5 (line 170): false] SSA phi read(b5) | Node steps to itself | diff --git a/csharp/ql/test/library-tests/csharp11/cil/CONSISTENCY/DataFlowConsistency.expected b/csharp/ql/test/library-tests/csharp11/cil/CONSISTENCY/DataFlowConsistency.expected deleted file mode 100644 index 293dce08987..00000000000 --- a/csharp/ql/test/library-tests/csharp11/cil/CONSISTENCY/DataFlowConsistency.expected +++ /dev/null @@ -1,263 +0,0 @@ -identityLocalStep -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi read(Local variable 5 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 6 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 7 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 7 of method Write) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ContinueTryEnter) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method CreateParentsAndDirectory) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method DisposeOnShutdown) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonAsciiByte_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonAsciiChar_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonLatin1Char_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetSources) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetTimeZoneIds) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateInterfaces) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method SpinUntil) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64D) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method Clone) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetCaseInsensitiveObjectInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetSessions) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetSessions) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method OnStop) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method RemoveLeadingInQuoteSpaces) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TranscodeToUtf8) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryDequeue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryPeek) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method DispatchEventsToEventListeners) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method SymmetricExceptWithUniqueHashSet) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method TryDecodeFromUtf16) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method WaitAllCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method GetDatePart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method IntersectWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method TryDecodeFromUtf16) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GetBytesWithFallback) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GetCharsWithFallback) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetDelegatesFromContinuationObject) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 7 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 7 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 9 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 11 of method MatchPattern) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 12 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 13 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 13 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 14 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 15 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of AddExceptionsFromChildren) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of EnsureDescriptorsInitialized) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetNextToken) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of RemoveReferencesToListenerInEventSources) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of RoundNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of Append) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ContainsValue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ContinueTryEnter) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of GetObject) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of GetString) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ReadXdgDirectory) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of SearchForChildByTag) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of ContinueTryEnterWithThreadTracking) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Replace) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of ReplaceAllInChunk) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of SplitInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Trim) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Wait) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of FormatScientific) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 5 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 5 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method Equals) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetDefaultValueInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetHashCode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method InitializeConfigAndDetermineUsePortableThreadPool) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method InsertAtCurrentHashNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method RemoveAll) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method RemoveDirectoryRecursive) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method TryParseInt64D) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ExecuteCallbackHandlers) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method FromBase64_ComputeResultLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method FromBase64_ComputeResultLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ToLower) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ToUpper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryEnterReadLockCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ToLower) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ToUpper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method FormCompoundType) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method MatchPattern) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method OnStop) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method FormCompoundType) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method GetNextToken) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 10 of method EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 15 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 15 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 17 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 33 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 1 of FindSection) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of ScaleResult) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of GetChars) | Node steps to itself | diff --git a/csharp/ql/test/library-tests/dataflow/defuse/CONSISTENCY/DataFlowConsistency.expected b/csharp/ql/test/library-tests/dataflow/defuse/CONSISTENCY/DataFlowConsistency.expected deleted file mode 100644 index 1104445ed2f..00000000000 --- a/csharp/ql/test/library-tests/dataflow/defuse/CONSISTENCY/DataFlowConsistency.expected +++ /dev/null @@ -1,2 +0,0 @@ -identityLocalStep -| Test.cs:80:37:80:42 | this access | Node steps to itself | diff --git a/csharp/ql/test/library-tests/dataflow/external-models/ExternalFlow.cs b/csharp/ql/test/library-tests/dataflow/external-models/ExternalFlow.cs index 7f307e390ea..05772dfb29a 100644 --- a/csharp/ql/test/library-tests/dataflow/external-models/ExternalFlow.cs +++ b/csharp/ql/test/library-tests/dataflow/external-models/ExternalFlow.cs @@ -214,4 +214,25 @@ namespace My.Qltest static void Sink(object o) { } } + + public interface HI { } + + public class HC : HI { } + + public static class HE + { + public static object ExtensionMethod(this HI h) => throw null; + } + + public class H + { + void M1() + { + var h = new HC(); + var o = h.ExtensionMethod(); + Sink(o); + } + + static void Sink(object o) { } + } } \ No newline at end of file diff --git a/csharp/ql/test/library-tests/dataflow/external-models/ExternalFlow.expected b/csharp/ql/test/library-tests/dataflow/external-models/ExternalFlow.expected index 25267c71e87..09ce9945cdf 100644 --- a/csharp/ql/test/library-tests/dataflow/external-models/ExternalFlow.expected +++ b/csharp/ql/test/library-tests/dataflow/external-models/ExternalFlow.expected @@ -70,6 +70,9 @@ edges | ExternalFlow.cs:197:42:197:43 | access to local variable o2 : Object | ExternalFlow.cs:197:18:197:44 | call to method GeneratedFlowArgs | | ExternalFlow.cs:205:22:205:33 | object creation of type Object : Object | ExternalFlow.cs:206:38:206:39 | access to local variable o2 : Object | | ExternalFlow.cs:206:38:206:39 | access to local variable o2 : Object | ExternalFlow.cs:206:18:206:40 | call to method MixedFlowArgs | +| ExternalFlow.cs:231:21:231:28 | object creation of type HC : HC | ExternalFlow.cs:232:21:232:21 | access to local variable h : HC | +| ExternalFlow.cs:232:21:232:21 | access to local variable h : HC | ExternalFlow.cs:232:21:232:39 | call to method ExtensionMethod : HC | +| ExternalFlow.cs:232:21:232:39 | call to method ExtensionMethod : HC | ExternalFlow.cs:233:18:233:18 | access to local variable o | nodes | ExternalFlow.cs:9:27:9:38 | object creation of type Object : Object | semmle.label | object creation of type Object : Object | | ExternalFlow.cs:10:18:10:33 | call to method StepArgRes | semmle.label | call to method StepArgRes | @@ -162,6 +165,10 @@ nodes | ExternalFlow.cs:205:22:205:33 | object creation of type Object : Object | semmle.label | object creation of type Object : Object | | ExternalFlow.cs:206:18:206:40 | call to method MixedFlowArgs | semmle.label | call to method MixedFlowArgs | | ExternalFlow.cs:206:38:206:39 | access to local variable o2 : Object | semmle.label | access to local variable o2 : Object | +| ExternalFlow.cs:231:21:231:28 | object creation of type HC : HC | semmle.label | object creation of type HC : HC | +| ExternalFlow.cs:232:21:232:21 | access to local variable h : HC | semmle.label | access to local variable h : HC | +| ExternalFlow.cs:232:21:232:39 | call to method ExtensionMethod : HC | semmle.label | call to method ExtensionMethod : HC | +| ExternalFlow.cs:233:18:233:18 | access to local variable o | semmle.label | access to local variable o | subpaths #select | ExternalFlow.cs:10:18:10:33 | call to method StepArgRes | ExternalFlow.cs:9:27:9:38 | object creation of type Object : Object | ExternalFlow.cs:10:18:10:33 | call to method StepArgRes | $@ | ExternalFlow.cs:9:27:9:38 | object creation of type Object : Object | object creation of type Object : Object | @@ -188,3 +195,4 @@ subpaths | ExternalFlow.cs:194:18:194:44 | call to method GeneratedFlowArgs | ExternalFlow.cs:193:22:193:33 | object creation of type Object : Object | ExternalFlow.cs:194:18:194:44 | call to method GeneratedFlowArgs | $@ | ExternalFlow.cs:193:22:193:33 | object creation of type Object : Object | object creation of type Object : Object | | ExternalFlow.cs:197:18:197:44 | call to method GeneratedFlowArgs | ExternalFlow.cs:196:22:196:33 | object creation of type Object : Object | ExternalFlow.cs:197:18:197:44 | call to method GeneratedFlowArgs | $@ | ExternalFlow.cs:196:22:196:33 | object creation of type Object : Object | object creation of type Object : Object | | ExternalFlow.cs:206:18:206:40 | call to method MixedFlowArgs | ExternalFlow.cs:205:22:205:33 | object creation of type Object : Object | ExternalFlow.cs:206:18:206:40 | call to method MixedFlowArgs | $@ | ExternalFlow.cs:205:22:205:33 | object creation of type Object : Object | object creation of type Object : Object | +| ExternalFlow.cs:233:18:233:18 | access to local variable o | ExternalFlow.cs:231:21:231:28 | object creation of type HC : HC | ExternalFlow.cs:233:18:233:18 | access to local variable o | $@ | ExternalFlow.cs:231:21:231:28 | object creation of type HC : HC | object creation of type HC : HC | diff --git a/csharp/ql/test/library-tests/dataflow/external-models/ExternalFlow.ext.yml b/csharp/ql/test/library-tests/dataflow/external-models/ExternalFlow.ext.yml index 99d387e5ebe..f626949e6f4 100644 --- a/csharp/ql/test/library-tests/dataflow/external-models/ExternalFlow.ext.yml +++ b/csharp/ql/test/library-tests/dataflow/external-models/ExternalFlow.ext.yml @@ -29,3 +29,4 @@ extensions: - ["My.Qltest", "G", false, "GeneratedFlowArgs", "(System.Object,System.Object)", "", "Argument[1]", "ReturnValue", "value", "df-generated"] - ["My.Qltest", "G", false, "MixedFlowArgs", "(System.Object,System.Object)", "", "Argument[0]", "ReturnValue", "value", "df-generated"] - ["My.Qltest", "G", false, "MixedFlowArgs", "(System.Object,System.Object)", "", "Argument[1]", "ReturnValue", "value", "manual"] + - ["My.Qltest", "HE", false, "ExtensionMethod", "(My.Qltest.HI)", "", "Argument[0]", "ReturnValue", "value", "manual"] diff --git a/csharp/ql/test/library-tests/dataflow/external-models/sinks.expected b/csharp/ql/test/library-tests/dataflow/external-models/sinks.expected index c9b9406a10a..3a4489dcb91 100644 --- a/csharp/ql/test/library-tests/dataflow/external-models/sinks.expected +++ b/csharp/ql/test/library-tests/dataflow/external-models/sinks.expected @@ -1,8 +1,8 @@ invalidModelRow #select -| Sinks.cs:8:19:8:22 | access to local variable arg1 | code | -| Sinks.cs:11:13:11:41 | this access | remote | -| Sinks.cs:11:30:11:40 | access to local variable argToTagged | remote | -| Sinks.cs:14:27:14:36 | access to local variable fieldWrite | sql | -| Sinks.cs:20:20:20:22 | access to local variable res | xss | -| Sinks.cs:27:20:27:25 | access to local variable resTag | html | +| Sinks.cs:8:19:8:22 | access to local variable arg1 | code-injection | +| Sinks.cs:11:13:11:41 | this access | file-content-store | +| Sinks.cs:11:30:11:40 | access to local variable argToTagged | file-content-store | +| Sinks.cs:14:27:14:36 | access to local variable fieldWrite | sql-injection | +| Sinks.cs:20:20:20:22 | access to local variable res | js-injection | +| Sinks.cs:27:20:27:25 | access to local variable resTag | html-injection | diff --git a/csharp/ql/test/library-tests/dataflow/external-models/sinks.ext.yml b/csharp/ql/test/library-tests/dataflow/external-models/sinks.ext.yml index 3198057f42c..c44c1b4fd36 100644 --- a/csharp/ql/test/library-tests/dataflow/external-models/sinks.ext.yml +++ b/csharp/ql/test/library-tests/dataflow/external-models/sinks.ext.yml @@ -4,8 +4,8 @@ extensions: extensible: sinkModel data: # "namespace", "type", "overrides", "name", "signature", "ext", "spec", "kind", "provenance" - - ["My.Qltest", "B", false, "Sink1", "(System.Object)", "", "Argument[0]", "code", "manual"] - - ["My.Qltest", "B", false, "SinkMethod", "()", "", "ReturnValue", "xss", "manual"] - - ["My.Qltest", "SinkAttribute", false, "", "", "Attribute", "ReturnValue", "html", "manual"] - - ["My.Qltest", "SinkAttribute", false, "", "", "Attribute", "Argument", "remote", "manual"] - - ["My.Qltest", "SinkAttribute", false, "", "", "Attribute", "", "sql", "manual"] + - ["My.Qltest", "B", false, "Sink1", "(System.Object)", "", "Argument[0]", "code-injection", "manual"] + - ["My.Qltest", "B", false, "SinkMethod", "()", "", "ReturnValue", "js-injection", "manual"] + - ["My.Qltest", "SinkAttribute", false, "", "", "Attribute", "ReturnValue", "html-injection", "manual"] + - ["My.Qltest", "SinkAttribute", false, "", "", "Attribute", "Argument", "file-content-store", "manual"] + - ["My.Qltest", "SinkAttribute", false, "", "", "Attribute", "", "sql-injection", "manual"] diff --git a/csharp/ql/test/library-tests/dataflow/global/CONSISTENCY/DataFlowConsistency.expected b/csharp/ql/test/library-tests/dataflow/global/CONSISTENCY/DataFlowConsistency.expected deleted file mode 100644 index e755d1c4bd7..00000000000 --- a/csharp/ql/test/library-tests/dataflow/global/CONSISTENCY/DataFlowConsistency.expected +++ /dev/null @@ -1,2 +0,0 @@ -identityLocalStep -| GlobalDataFlow.cs:573:9:576:9 | SSA phi read(f) | Node steps to itself | diff --git a/csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected b/csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected index 18a0db6fe43..46defadf531 100644 --- a/csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected +++ b/csharp/ql/test/library-tests/dataflow/library/FlowSummaries.expected @@ -209,6 +209,20 @@ summary | Microsoft.CSharp.RuntimeBinder;Binder;false;SetMember;(Microsoft.CSharp.RuntimeBinder.CSharpBinderFlags,System.String,System.Type,System.Collections.Generic.IEnumerable);;Argument[3].Element;ReturnValue;taint;df-generated | | Microsoft.CSharp.RuntimeBinder;Binder;false;UnaryOperation;(Microsoft.CSharp.RuntimeBinder.CSharpBinderFlags,System.Linq.Expressions.ExpressionType,System.Type,System.Collections.Generic.IEnumerable);;Argument[2];ReturnValue;taint;df-generated | | Microsoft.CSharp.RuntimeBinder;Binder;false;UnaryOperation;(Microsoft.CSharp.RuntimeBinder.CSharpBinderFlags,System.Linq.Expressions.ExpressionType,System.Type,System.Collections.Generic.IEnumerable);;Argument[3].Element;ReturnValue;taint;df-generated | +| Microsoft.EntityFrameworkCore;DbSet<>;false;Add;(TEntity);;Argument[0];Argument[this].Element;value;manual | +| Microsoft.EntityFrameworkCore;DbSet<>;false;AddAsync;(TEntity,System.Threading.CancellationToken);;Argument[0];Argument[this].Element;value;manual | +| Microsoft.EntityFrameworkCore;DbSet<>;false;AddRange;(System.Collections.Generic.IEnumerable);;Argument[0].WithElement;Argument[this];value;manual | +| Microsoft.EntityFrameworkCore;DbSet<>;false;AddRange;(TEntity[]);;Argument[0].WithElement;Argument[this];value;manual | +| Microsoft.EntityFrameworkCore;DbSet<>;false;AddRangeAsync;(System.Collections.Generic.IEnumerable,System.Threading.CancellationToken);;Argument[0].WithElement;Argument[this];value;manual | +| Microsoft.EntityFrameworkCore;DbSet<>;false;AddRangeAsync;(TEntity[]);;Argument[0].WithElement;Argument[this];value;manual | +| Microsoft.EntityFrameworkCore;DbSet<>;false;Attach;(TEntity);;Argument[0];Argument[this].Element;value;manual | +| Microsoft.EntityFrameworkCore;DbSet<>;false;AttachRange;(System.Collections.Generic.IEnumerable);;Argument[0].WithElement;Argument[this];value;manual | +| Microsoft.EntityFrameworkCore;DbSet<>;false;AttachRange;(TEntity[]);;Argument[0].WithElement;Argument[this];value;manual | +| Microsoft.EntityFrameworkCore;DbSet<>;false;GetEnumerator;();;Argument[this].Element;ReturnValue.Property[System.Collections.Generic.IEnumerator<>.Current];value;manual | +| Microsoft.EntityFrameworkCore;DbSet<>;false;GetEnumerator;();;Argument[this].Element;ReturnValue.Property[System.Collections.IEnumerator.Current];value;manual | +| Microsoft.EntityFrameworkCore;DbSet<>;false;Update;(TEntity);;Argument[0];Argument[this].Element;value;manual | +| Microsoft.EntityFrameworkCore;DbSet<>;false;UpdateRange;(System.Collections.Generic.IEnumerable);;Argument[0].WithElement;Argument[this];value;manual | +| Microsoft.EntityFrameworkCore;DbSet<>;false;UpdateRange;(TEntity[]);;Argument[0].WithElement;Argument[this];value;manual | | Microsoft.Extensions.Caching.Distributed;DistributedCacheEntryExtensions;false;SetAbsoluteExpiration;(Microsoft.Extensions.Caching.Distributed.DistributedCacheEntryOptions,System.DateTimeOffset);;Argument[0];ReturnValue;taint;df-generated | | Microsoft.Extensions.Caching.Distributed;DistributedCacheEntryExtensions;false;SetAbsoluteExpiration;(Microsoft.Extensions.Caching.Distributed.DistributedCacheEntryOptions,System.DateTimeOffset);;Argument[1];Argument[0];taint;df-generated | | Microsoft.Extensions.Caching.Distributed;DistributedCacheEntryExtensions;false;SetAbsoluteExpiration;(Microsoft.Extensions.Caching.Distributed.DistributedCacheEntryOptions,System.DateTimeOffset);;Argument[1];ReturnValue;taint;df-generated | @@ -2671,6 +2685,13 @@ summary | System.Data.Common;RowUpdatingEventArgs;false;set_BaseCommand;(System.Data.IDbCommand);;Argument[0];Argument[this];taint;df-generated | | System.Data.Common;RowUpdatingEventArgs;false;set_Command;(System.Data.IDbCommand);;Argument[0];Argument[this];taint;df-generated | | System.Data.Common;RowUpdatingEventArgs;false;set_Errors;(System.Exception);;Argument[0];Argument[this];taint;df-generated | +| System.Data.Entity.Infrastructure;DbRawSqlQuery<>;false;GetEnumerator;();;Argument[this].Element;ReturnValue.Property[System.Collections.Generic.IEnumerator<>.Current];value;manual | +| System.Data.Entity.Infrastructure;DbRawSqlQuery<>;false;GetEnumerator;();;Argument[this].Element;ReturnValue.Property[System.Collections.IEnumerator.Current];value;manual | +| System.Data.Entity;DbSet<>;false;Add;(TEntity);;Argument[0];Argument[this].Element;value;manual | +| System.Data.Entity;DbSet<>;false;AddRange;(System.Collections.Generic.IEnumerable);;Argument[0].WithElement;Argument[this];value;manual | +| System.Data.Entity;DbSet<>;false;Attach;(TEntity);;Argument[0];Argument[this].Element;value;manual | +| System.Data.Entity;DbSet<>;false;GetEnumerator;();;Argument[this].Element;ReturnValue.Property[System.Collections.Generic.IEnumerator<>.Current];value;manual | +| System.Data.Entity;DbSet<>;false;GetEnumerator;();;Argument[this].Element;ReturnValue.Property[System.Collections.IEnumerator.Current];value;manual | | System.Data.SqlTypes;SqlBinary;false;Add;(System.Data.SqlTypes.SqlBinary,System.Data.SqlTypes.SqlBinary);;Argument[0];ReturnValue;taint;df-generated | | System.Data.SqlTypes;SqlBinary;false;Add;(System.Data.SqlTypes.SqlBinary,System.Data.SqlTypes.SqlBinary);;Argument[1];ReturnValue;taint;df-generated | | System.Data.SqlTypes;SqlBinary;false;Concat;(System.Data.SqlTypes.SqlBinary,System.Data.SqlTypes.SqlBinary);;Argument[0];ReturnValue;taint;df-generated | diff --git a/csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected b/csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected index 6f3c8e933d5..4ae26655169 100644 --- a/csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected +++ b/csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.expected @@ -18,6 +18,18 @@ summary | Microsoft.CSharp.RuntimeBinder;Binder;false;SetMember;(Microsoft.CSharp.RuntimeBinder.CSharpBinderFlags,System.String,System.Type,System.Collections.Generic.IEnumerable);;Argument[3].Element;ReturnValue;taint;df-generated | | Microsoft.CSharp.RuntimeBinder;Binder;false;UnaryOperation;(Microsoft.CSharp.RuntimeBinder.CSharpBinderFlags,System.Linq.Expressions.ExpressionType,System.Type,System.Collections.Generic.IEnumerable);;Argument[2];ReturnValue;taint;df-generated | | Microsoft.CSharp.RuntimeBinder;Binder;false;UnaryOperation;(Microsoft.CSharp.RuntimeBinder.CSharpBinderFlags,System.Linq.Expressions.ExpressionType,System.Type,System.Collections.Generic.IEnumerable);;Argument[3].Element;ReturnValue;taint;df-generated | +| Microsoft.EntityFrameworkCore;DbSet<>;false;Add;(TEntity);;Argument[0];Argument[this].Element;value;manual | +| Microsoft.EntityFrameworkCore;DbSet<>;false;AddAsync;(TEntity,System.Threading.CancellationToken);;Argument[0];Argument[this].Element;value;manual | +| Microsoft.EntityFrameworkCore;DbSet<>;false;AddRange;(System.Collections.Generic.IEnumerable);;Argument[0].WithElement;Argument[this];value;manual | +| Microsoft.EntityFrameworkCore;DbSet<>;false;AddRange;(TEntity[]);;Argument[0].WithElement;Argument[this];value;manual | +| Microsoft.EntityFrameworkCore;DbSet<>;false;AddRangeAsync;(System.Collections.Generic.IEnumerable,System.Threading.CancellationToken);;Argument[0].WithElement;Argument[this];value;manual | +| Microsoft.EntityFrameworkCore;DbSet<>;false;AddRangeAsync;(TEntity[]);;Argument[0].WithElement;Argument[this];value;manual | +| Microsoft.EntityFrameworkCore;DbSet<>;false;Attach;(TEntity);;Argument[0];Argument[this].Element;value;manual | +| Microsoft.EntityFrameworkCore;DbSet<>;false;AttachRange;(System.Collections.Generic.IEnumerable);;Argument[0].WithElement;Argument[this];value;manual | +| Microsoft.EntityFrameworkCore;DbSet<>;false;AttachRange;(TEntity[]);;Argument[0].WithElement;Argument[this];value;manual | +| Microsoft.EntityFrameworkCore;DbSet<>;false;Update;(TEntity);;Argument[0];Argument[this].Element;value;manual | +| Microsoft.EntityFrameworkCore;DbSet<>;false;UpdateRange;(System.Collections.Generic.IEnumerable);;Argument[0].WithElement;Argument[this];value;manual | +| Microsoft.EntityFrameworkCore;DbSet<>;false;UpdateRange;(TEntity[]);;Argument[0].WithElement;Argument[this];value;manual | | Microsoft.Extensions.Caching.Distributed;DistributedCacheEntryExtensions;false;SetAbsoluteExpiration;(Microsoft.Extensions.Caching.Distributed.DistributedCacheEntryOptions,System.DateTimeOffset);;Argument[0];ReturnValue;taint;df-generated | | Microsoft.Extensions.Caching.Distributed;DistributedCacheEntryExtensions;false;SetAbsoluteExpiration;(Microsoft.Extensions.Caching.Distributed.DistributedCacheEntryOptions,System.DateTimeOffset);;Argument[1];Argument[0];taint;df-generated | | Microsoft.Extensions.Caching.Distributed;DistributedCacheEntryExtensions;false;SetAbsoluteExpiration;(Microsoft.Extensions.Caching.Distributed.DistributedCacheEntryOptions,System.DateTimeOffset);;Argument[1];ReturnValue;taint;df-generated | @@ -1858,6 +1870,9 @@ summary | System.Data.Common;RowUpdatingEventArgs;false;set_BaseCommand;(System.Data.IDbCommand);;Argument[0];Argument[this];taint;df-generated | | System.Data.Common;RowUpdatingEventArgs;false;set_Command;(System.Data.IDbCommand);;Argument[0];Argument[this];taint;df-generated | | System.Data.Common;RowUpdatingEventArgs;false;set_Errors;(System.Exception);;Argument[0];Argument[this];taint;df-generated | +| System.Data.Entity;DbSet<>;false;Add;(TEntity);;Argument[0];Argument[this].Element;value;manual | +| System.Data.Entity;DbSet<>;false;AddRange;(System.Collections.Generic.IEnumerable);;Argument[0].WithElement;Argument[this];value;manual | +| System.Data.Entity;DbSet<>;false;Attach;(TEntity);;Argument[0];Argument[this].Element;value;manual | | System.Data.SqlTypes;SqlBinary;false;Add;(System.Data.SqlTypes.SqlBinary,System.Data.SqlTypes.SqlBinary);;Argument[0];ReturnValue;taint;df-generated | | System.Data.SqlTypes;SqlBinary;false;Add;(System.Data.SqlTypes.SqlBinary,System.Data.SqlTypes.SqlBinary);;Argument[1];ReturnValue;taint;df-generated | | System.Data.SqlTypes;SqlBinary;false;Concat;(System.Data.SqlTypes.SqlBinary,System.Data.SqlTypes.SqlBinary);;Argument[0];ReturnValue;taint;df-generated | diff --git a/csharp/ql/test/library-tests/dataflow/library/options b/csharp/ql/test/library-tests/dataflow/library/options index c5ce92614ab..db937e0e642 100644 --- a/csharp/ql/test/library-tests/dataflow/library/options +++ b/csharp/ql/test/library-tests/dataflow/library/options @@ -2,3 +2,4 @@ semmle-extractor-options: /nostdlib /noconfig semmle-extractor-options: --load-sources-from-project:${testdir}/../../../resources/stubs/Newtonsoft.Json/13.0.1/Newtonsoft.Json.csproj semmle-extractor-options: --load-sources-from-project:../../../resources/stubs/_frameworks/Microsoft.AspNetCore.App/Microsoft.AspNetCore.App.csproj semmle-extractor-options: ${testdir}/../../../resources/stubs/System.Web.cs +semmle-extractor-options: ${testdir}/../../../resources/stubs/EntityFramework.cs diff --git a/csharp/ql/test/library-tests/dataflow/ssa/CONSISTENCY/DataFlowConsistency.expected b/csharp/ql/test/library-tests/dataflow/ssa/CONSISTENCY/DataFlowConsistency.expected deleted file mode 100644 index 5de33a0fe4c..00000000000 --- a/csharp/ql/test/library-tests/dataflow/ssa/CONSISTENCY/DataFlowConsistency.expected +++ /dev/null @@ -1,3 +0,0 @@ -identityLocalStep -| DefUse.cs:80:37:80:42 | this access | Node steps to itself | -| Properties.cs:65:24:65:31 | this access | Node steps to itself | diff --git a/csharp/ql/test/library-tests/frameworks/EntityFramework/FlowSummaries.expected b/csharp/ql/test/library-tests/frameworks/EntityFramework/FlowSummaries.expected index 2d5a35839fb..4698be24b8c 100644 --- a/csharp/ql/test/library-tests/frameworks/EntityFramework/FlowSummaries.expected +++ b/csharp/ql/test/library-tests/frameworks/EntityFramework/FlowSummaries.expected @@ -57,14 +57,6 @@ summary | Microsoft.EntityFrameworkCore;DbContext;false;SaveChangesAsync;();;Argument[this].Property[EFCoreTests.MyContext.Persons].Element.Property[EFCoreTests.Person.Id];ReturnValue[jump to get_Persons].Element.Property[EFCoreTests.Person.Id];value;manual | | Microsoft.EntityFrameworkCore;DbContext;false;SaveChangesAsync;();;Argument[this].Property[EFCoreTests.MyContext.Persons].Element.Property[EFCoreTests.Person.Name];ReturnValue[jump to get_PersonAddresses].Element.Property[EFCoreTests.PersonAddressMap.Person].Property[EFCoreTests.Person.Name];value;manual | | Microsoft.EntityFrameworkCore;DbContext;false;SaveChangesAsync;();;Argument[this].Property[EFCoreTests.MyContext.Persons].Element.Property[EFCoreTests.Person.Name];ReturnValue[jump to get_Persons].Element.Property[EFCoreTests.Person.Name];value;manual | -| Microsoft.EntityFrameworkCore;DbSet<>;false;Add;(T);;Argument[0];Argument[this].Element;value;manual | -| Microsoft.EntityFrameworkCore;DbSet<>;false;AddAsync;(T);;Argument[0];Argument[this].Element;value;manual | -| Microsoft.EntityFrameworkCore;DbSet<>;false;AddRange;(System.Collections.Generic.IEnumerable);;Argument[0].Element;Argument[this].Element;value;manual | -| Microsoft.EntityFrameworkCore;DbSet<>;false;AddRangeAsync;(System.Collections.Generic.IEnumerable);;Argument[0].Element;Argument[this].Element;value;manual | -| Microsoft.EntityFrameworkCore;DbSet<>;false;Attach;(T);;Argument[0];Argument[this].Element;value;manual | -| Microsoft.EntityFrameworkCore;DbSet<>;false;AttachRange;(System.Collections.Generic.IEnumerable);;Argument[0].Element;Argument[this].Element;value;manual | -| Microsoft.EntityFrameworkCore;DbSet<>;false;Update;(T);;Argument[0];Argument[this].Element;value;manual | -| Microsoft.EntityFrameworkCore;DbSet<>;false;UpdateRange;(System.Collections.Generic.IEnumerable);;Argument[0].Element;Argument[this].Element;value;manual | | System.Data.Entity;DbContext;false;SaveChanges;();;Argument[this].Property[EFTests.MyContext.Addresses].Element.Property[EFTests.Address.Id];ReturnValue[jump to get_Addresses].Element.Property[EFTests.Address.Id];value;manual | | System.Data.Entity;DbContext;false;SaveChanges;();;Argument[this].Property[EFTests.MyContext.Addresses].Element.Property[EFTests.Address.Id];ReturnValue[jump to get_PersonAddresses].Element.Property[EFTests.PersonAddressMap.Address].Property[EFTests.Address.Id];value;manual | | System.Data.Entity;DbContext;false;SaveChanges;();;Argument[this].Property[EFTests.MyContext.Addresses].Element.Property[EFTests.Address.Id];ReturnValue[jump to get_Persons].Element.Property[EFTests.Person.Addresses].Element.Property[EFTests.Address.Id];value;manual | @@ -123,20 +115,12 @@ summary | System.Data.Entity;DbContext;false;SaveChangesAsync;();;Argument[this].Property[EFTests.MyContext.Persons].Element.Property[EFTests.Person.Id];ReturnValue[jump to get_Persons].Element.Property[EFTests.Person.Id];value;manual | | System.Data.Entity;DbContext;false;SaveChangesAsync;();;Argument[this].Property[EFTests.MyContext.Persons].Element.Property[EFTests.Person.Name];ReturnValue[jump to get_PersonAddresses].Element.Property[EFTests.PersonAddressMap.Person].Property[EFTests.Person.Name];value;manual | | System.Data.Entity;DbContext;false;SaveChangesAsync;();;Argument[this].Property[EFTests.MyContext.Persons].Element.Property[EFTests.Person.Name];ReturnValue[jump to get_Persons].Element.Property[EFTests.Person.Name];value;manual | -| System.Data.Entity;DbSet<>;false;Add;(T);;Argument[0];Argument[this].Element;value;manual | -| System.Data.Entity;DbSet<>;false;AddAsync;(T);;Argument[0];Argument[this].Element;value;manual | -| System.Data.Entity;DbSet<>;false;AddRange;(System.Collections.Generic.IEnumerable);;Argument[0].Element;Argument[this].Element;value;manual | -| System.Data.Entity;DbSet<>;false;AddRangeAsync;(System.Collections.Generic.IEnumerable);;Argument[0].Element;Argument[this].Element;value;manual | -| System.Data.Entity;DbSet<>;false;Attach;(T);;Argument[0];Argument[this].Element;value;manual | -| System.Data.Entity;DbSet<>;false;AttachRange;(System.Collections.Generic.IEnumerable);;Argument[0].Element;Argument[this].Element;value;manual | -| System.Data.Entity;DbSet<>;false;Update;(T);;Argument[0];Argument[this].Element;value;manual | -| System.Data.Entity;DbSet<>;false;UpdateRange;(System.Collections.Generic.IEnumerable);;Argument[0].Element;Argument[this].Element;value;manual | neutral sourceNode sinkNode -| EntityFrameworkCore.cs:72:36:72:40 | "sql" | sql | -| EntityFrameworkCore.cs:73:40:73:44 | "sql" | sql | -| EntityFrameworkCore.cs:74:40:74:44 | "sql" | sql | -| EntityFrameworkCore.cs:75:51:75:55 | "sql" | sql | -| EntityFrameworkCore.cs:76:51:76:55 | "sql" | sql | -| EntityFrameworkCore.cs:77:51:77:55 | "sql" | sql | +| EntityFrameworkCore.cs:72:36:72:40 | "sql" | sql-injection | +| EntityFrameworkCore.cs:73:40:73:44 | "sql" | sql-injection | +| EntityFrameworkCore.cs:74:40:74:44 | "sql" | sql-injection | +| EntityFrameworkCore.cs:75:51:75:55 | "sql" | sql-injection | +| EntityFrameworkCore.cs:76:51:76:55 | "sql" | sql-injection | +| EntityFrameworkCore.cs:77:51:77:55 | "sql" | sql-injection | diff --git a/csharp/ql/test/library-tests/frameworks/sql/Sql1.ql b/csharp/ql/test/library-tests/frameworks/sql/Sql1.ql index 9f25014662f..944d4180992 100644 --- a/csharp/ql/test/library-tests/frameworks/sql/Sql1.ql +++ b/csharp/ql/test/library-tests/frameworks/sql/Sql1.ql @@ -7,7 +7,7 @@ query predicate sqlExpressions(SqlExpr se, Expr e) { se.getSql() = e } query predicate sqlCsvSinks(Element p, Expr e) { p = e.getParent() and exists(Node n | - sinkNode(n, "sql") and + sinkNode(n, "sql-injection") and n.asExpr() = e ) } diff --git a/csharp/ql/test/library-tests/parameters/Parameters.cs b/csharp/ql/test/library-tests/parameters/Parameters.cs index b7cc3b001a9..ee62454b404 100644 --- a/csharp/ql/test/library-tests/parameters/Parameters.cs +++ b/csharp/ql/test/library-tests/parameters/Parameters.cs @@ -1,3 +1,7 @@ +using System; +using System.Runtime.InteropServices; +using System.Runtime.CompilerServices; + public class Parameters { public void M1(int a, object b, string c) => throw null; @@ -12,6 +16,23 @@ public class Parameters public void M9(T t = default) where T : struct => throw null; public void M10(T t = default) where T : class => throw null; - public struct MyStruct { } + public void M11(int arg1 = 3) => throw null; + public void M12(DateTime arg2 = default) => throw null; + public void M13(DateTime? arg3 = null) => throw null; + public void M14([Optional, DateTimeConstant(14L)] DateTime arg4) => throw null; + public void M15([Optional, DateTimeConstant(10001L)] DateTime? arg5) => throw null; + public void M16([Optional, DefaultParameterValue(6L)] long arg6) => throw null; + public void M17([Optional, DefaultParameterValue(null)] object arg7) => throw null; + public void M18([Optional, DefaultParameterValue(3)] int? arg8) => throw null; + public void M19([Optional, DecimalConstant(1, 0, 0, 0, 103)] decimal arg9) => throw null; + public void M20([Optional, DefaultParameterValue(7)] MyStruct arg10) => throw null; + public void M21([Optional, DefaultParameterValue("mystring")] MyStruct arg10) => throw null; + + public struct MyStruct + { + public static implicit operator MyStruct(int i) => new MyStruct(); + public static implicit operator MyStruct(string s) => new MyStruct(); + + } public enum MyEnum { A = 1, B = 2 } } \ No newline at end of file diff --git a/csharp/ql/test/library-tests/parameters/Parameters.cs_ b/csharp/ql/test/library-tests/parameters/Parameters.cs_ index 062c4b98b18..136e7262b98 100644 --- a/csharp/ql/test/library-tests/parameters/Parameters.cs_ +++ b/csharp/ql/test/library-tests/parameters/Parameters.cs_ @@ -1,3 +1,7 @@ +using System; +using System.Runtime.InteropServices; +using System.Runtime.CompilerServices; + public class ParametersDll { public void M1(int a, object b, string c) => throw null; @@ -12,6 +16,23 @@ public class ParametersDll public void M9(T t = default) where T : struct => throw null; public void M10(T t = default) where T : class => throw null; - public struct MyStruct { } + public void M11(int arg1 = 3) => throw null; + public void M12(DateTime arg2 = default) => throw null; + public void M13(DateTime? arg3 = null) => throw null; + public void M14([Optional, DateTimeConstant(14L)] DateTime arg4) => throw null; + public void M15([Optional, DateTimeConstant(10001L)] DateTime? arg5) => throw null; + public void M16([Optional, DefaultParameterValue(6L)] long arg6) => throw null; + public void M17([Optional, DefaultParameterValue(null)] object arg7) => throw null; + public void M18([Optional, DefaultParameterValue(3)] int? arg8) => throw null; + public void M19([Optional, DecimalConstant(1, 0, 0, 0, 103)] decimal arg9) => throw null; + public void M20([Optional, DefaultParameterValue(7)] MyStruct arg10) => throw null; + public void M21([Optional, DefaultParameterValue("mystring")] MyStruct arg10) => throw null; + + public struct MyStruct + { + public static implicit operator MyStruct(int i) => new MyStruct(); + public static implicit operator MyStruct(string s) => new MyStruct(); + + } public enum MyEnum { A = 1, B = 2 } } \ No newline at end of file diff --git a/csharp/ql/test/library-tests/parameters/Parameters.dll b/csharp/ql/test/library-tests/parameters/Parameters.dll index cd48ebef015..3358306fc89 100644 Binary files a/csharp/ql/test/library-tests/parameters/Parameters.dll and b/csharp/ql/test/library-tests/parameters/Parameters.dll differ diff --git a/csharp/ql/test/library-tests/parameters/Parameters.expected b/csharp/ql/test/library-tests/parameters/Parameters.expected index 0ffc1feb4a7..820ec37b9ab 100644 --- a/csharp/ql/test/library-tests/parameters/Parameters.expected +++ b/csharp/ql/test/library-tests/parameters/Parameters.expected @@ -1,35 +1,50 @@ noDefaultValue -| Parameters.cs:3:17:3:18 | M1 | Parameters.cs:3:24:3:24 | a | 0 | -| Parameters.cs:3:17:3:18 | M1 | Parameters.cs:3:34:3:34 | b | 1 | -| Parameters.cs:3:17:3:18 | M1 | Parameters.cs:3:44:3:44 | c | 2 | -| Parameters.cs:4:17:4:18 | M2 | Parameters.cs:4:24:4:24 | a | 0 | -| Parameters.cs:8:17:8:18 | M6 | Parameters.cs:8:29:8:30 | s1 | 0 | -| Parameters.cs:9:17:9:18 | M7 | Parameters.cs:9:27:9:28 | e1 | 0 | +| Parameters.cs:7:17:7:18 | M1 | Parameters.cs:7:24:7:24 | a | 0 | +| Parameters.cs:7:17:7:18 | M1 | Parameters.cs:7:34:7:34 | b | 1 | +| Parameters.cs:7:17:7:18 | M1 | Parameters.cs:7:44:7:44 | c | 2 | +| Parameters.cs:8:17:8:18 | M2 | Parameters.cs:8:24:8:24 | a | 0 | +| Parameters.cs:12:17:12:18 | M6 | Parameters.cs:12:29:12:30 | s1 | 0 | +| Parameters.cs:13:17:13:18 | M7 | Parameters.cs:13:27:13:28 | e1 | 0 | +| Parameters.cs:33:32:33:39 | implicit conversion | Parameters.cs:33:54:33:54 | i | 0 | +| Parameters.cs:34:32:34:39 | implicit conversion | Parameters.cs:34:57:34:57 | s | 0 | | Parameters.dll:0:0:0:0 | M1 | Parameters.dll:0:0:0:0 | a | 0 | | Parameters.dll:0:0:0:0 | M1 | Parameters.dll:0:0:0:0 | b | 1 | | Parameters.dll:0:0:0:0 | M1 | Parameters.dll:0:0:0:0 | c | 2 | | Parameters.dll:0:0:0:0 | M2 | Parameters.dll:0:0:0:0 | a | 0 | | Parameters.dll:0:0:0:0 | M6 | Parameters.dll:0:0:0:0 | s1 | 0 | | Parameters.dll:0:0:0:0 | M7 | Parameters.dll:0:0:0:0 | e1 | 0 | +| Parameters.dll:0:0:0:0 | implicit conversion | Parameters.dll:0:0:0:0 | i | 0 | +| Parameters.dll:0:0:0:0 | implicit conversion | Parameters.dll:0:0:0:0 | s | 0 | withDefaultValue -| Parameters.cs:4:17:4:18 | M2 | Parameters.cs:4:34:4:34 | b | 1 | Parameters.cs:4:38:4:41 | null | null | -| Parameters.cs:4:17:4:18 | M2 | Parameters.cs:4:51:4:51 | c | 2 | Parameters.cs:4:55:4:70 | "default string" | default string | -| Parameters.cs:5:17:5:18 | M3 | Parameters.cs:5:24:5:24 | a | 0 | Parameters.cs:5:28:5:28 | 1 | 1 | -| Parameters.cs:5:17:5:18 | M3 | Parameters.cs:5:38:5:38 | b | 1 | Parameters.cs:5:42:5:45 | null | null | -| Parameters.cs:5:17:5:18 | M3 | Parameters.cs:5:55:5:55 | c | 2 | Parameters.cs:5:59:5:64 | "null" | null | -| Parameters.cs:6:17:6:18 | M4 | Parameters.cs:6:24:6:24 | a | 0 | Parameters.cs:6:28:6:34 | (...) ... | 0 | -| Parameters.cs:6:17:6:18 | M4 | Parameters.cs:6:44:6:44 | b | 1 | Parameters.cs:6:48:6:54 | default | null | -| Parameters.cs:7:17:7:18 | M5 | Parameters.cs:7:24:7:24 | a | 0 | Parameters.cs:7:28:7:36 | object creation of type Int32 | 0 | -| Parameters.cs:7:17:7:18 | M5 | Parameters.cs:7:46:7:46 | b | 1 | Parameters.cs:7:50:7:56 | default | null | -| Parameters.cs:8:17:8:18 | M6 | Parameters.cs:8:42:8:43 | s2 | 1 | Parameters.cs:8:47:8:63 | default(...) | - | -| Parameters.cs:8:17:8:18 | M6 | Parameters.cs:8:75:8:76 | s3 | 2 | Parameters.cs:8:80:8:93 | object creation of type MyStruct | - | -| Parameters.cs:9:17:9:18 | M7 | Parameters.cs:9:38:9:39 | e2 | 1 | Parameters.cs:9:43:9:57 | default(...) | 0 | -| Parameters.cs:9:17:9:18 | M7 | Parameters.cs:9:67:9:68 | e3 | 2 | Parameters.cs:9:72:9:83 | object creation of type MyEnum | 0 | -| Parameters.cs:9:17:9:18 | M7 | Parameters.cs:9:93:9:94 | e4 | 3 | Parameters.cs:9:98:9:105 | access to constant A | 1 | -| Parameters.cs:9:17:9:18 | M7 | Parameters.cs:9:115:9:116 | e5 | 4 | Parameters.cs:9:120:9:128 | (...) ... | 5 | -| Parameters.cs:11:17:11:21 | M8<> | Parameters.cs:11:25:11:25 | t | 0 | Parameters.cs:11:29:11:35 | (...) ... | - | -| Parameters.cs:12:17:12:21 | M9<> | Parameters.cs:12:25:12:25 | t | 0 | Parameters.cs:12:29:12:35 | (...) ... | - | -| Parameters.cs:13:17:13:22 | M10<> | Parameters.cs:13:26:13:26 | t | 0 | Parameters.cs:13:30:13:36 | (...) ... | null | +| Parameters.cs:8:17:8:18 | M2 | Parameters.cs:8:34:8:34 | b | 1 | Parameters.cs:8:38:8:41 | null | null | +| Parameters.cs:8:17:8:18 | M2 | Parameters.cs:8:51:8:51 | c | 2 | Parameters.cs:8:55:8:70 | "default string" | default string | +| Parameters.cs:9:17:9:18 | M3 | Parameters.cs:9:24:9:24 | a | 0 | Parameters.cs:9:28:9:28 | 1 | 1 | +| Parameters.cs:9:17:9:18 | M3 | Parameters.cs:9:38:9:38 | b | 1 | Parameters.cs:9:42:9:45 | null | null | +| Parameters.cs:9:17:9:18 | M3 | Parameters.cs:9:55:9:55 | c | 2 | Parameters.cs:9:59:9:64 | "null" | null | +| Parameters.cs:10:17:10:18 | M4 | Parameters.cs:10:24:10:24 | a | 0 | Parameters.cs:10:28:10:34 | (...) ... | 0 | +| Parameters.cs:10:17:10:18 | M4 | Parameters.cs:10:44:10:44 | b | 1 | Parameters.cs:10:48:10:54 | default | null | +| Parameters.cs:11:17:11:18 | M5 | Parameters.cs:11:24:11:24 | a | 0 | Parameters.cs:11:28:11:36 | object creation of type Int32 | 0 | +| Parameters.cs:11:17:11:18 | M5 | Parameters.cs:11:46:11:46 | b | 1 | Parameters.cs:11:50:11:56 | default | null | +| Parameters.cs:12:17:12:18 | M6 | Parameters.cs:12:42:12:43 | s2 | 1 | Parameters.cs:12:47:12:63 | default(...) | - | +| Parameters.cs:12:17:12:18 | M6 | Parameters.cs:12:75:12:76 | s3 | 2 | Parameters.cs:12:80:12:93 | object creation of type MyStruct | - | +| Parameters.cs:13:17:13:18 | M7 | Parameters.cs:13:38:13:39 | e2 | 1 | Parameters.cs:13:43:13:57 | default(...) | 0 | +| Parameters.cs:13:17:13:18 | M7 | Parameters.cs:13:67:13:68 | e3 | 2 | Parameters.cs:13:72:13:83 | object creation of type MyEnum | 0 | +| Parameters.cs:13:17:13:18 | M7 | Parameters.cs:13:93:13:94 | e4 | 3 | Parameters.cs:13:98:13:105 | access to constant A | 1 | +| Parameters.cs:13:17:13:18 | M7 | Parameters.cs:13:115:13:116 | e5 | 4 | Parameters.cs:13:120:13:128 | (...) ... | 5 | +| Parameters.cs:15:17:15:21 | M8<> | Parameters.cs:15:25:15:25 | t | 0 | Parameters.cs:15:29:15:35 | (...) ... | - | +| Parameters.cs:16:17:16:21 | M9<> | Parameters.cs:16:25:16:25 | t | 0 | Parameters.cs:16:29:16:35 | (...) ... | - | +| Parameters.cs:17:17:17:22 | M10<> | Parameters.cs:17:26:17:26 | t | 0 | Parameters.cs:17:30:17:36 | (...) ... | null | +| Parameters.cs:19:17:19:19 | M11 | Parameters.cs:19:25:19:28 | arg1 | 0 | Parameters.cs:19:32:19:32 | 3 | 3 | +| Parameters.cs:20:17:20:19 | M12 | Parameters.cs:20:30:20:33 | arg2 | 0 | Parameters.cs:20:37:20:43 | (...) ... | - | +| Parameters.cs:21:17:21:19 | M13 | Parameters.cs:21:31:21:34 | arg3 | 0 | Parameters.cs:21:38:21:41 | null | null | +| Parameters.cs:22:17:22:19 | M14 | Parameters.cs:22:64:22:67 | arg4 | 0 | Parameters.cs:22:21:22:67 | object creation of type DateTime | - | +| Parameters.cs:23:17:23:19 | M15 | Parameters.cs:23:68:23:71 | arg5 | 0 | Parameters.cs:23:21:23:71 | object creation of type DateTime | - | +| Parameters.cs:24:17:24:19 | M16 | Parameters.cs:24:64:24:67 | arg6 | 0 | Parameters.cs:24:21:24:67 | 6 | 6 | +| Parameters.cs:25:17:25:19 | M17 | Parameters.cs:25:68:25:71 | arg7 | 0 | Parameters.cs:25:21:25:71 | default | null | +| Parameters.cs:26:17:26:19 | M18 | Parameters.cs:26:63:26:66 | arg8 | 0 | Parameters.cs:26:21:26:66 | 3 | 3 | +| Parameters.cs:27:17:27:19 | M19 | Parameters.cs:27:74:27:77 | arg9 | 0 | Parameters.cs:27:21:27:77 | 10.3 | 10.3 | +| Parameters.cs:28:17:28:19 | M20 | Parameters.cs:28:67:28:71 | arg10 | 0 | Parameters.cs:28:21:28:71 | call to operator implicit conversion | - | +| Parameters.cs:29:17:29:19 | M21 | Parameters.cs:29:76:29:80 | arg10 | 0 | Parameters.cs:29:21:29:80 | call to operator implicit conversion | - | | Parameters.dll:0:0:0:0 | M2 | Parameters.dll:0:0:0:0 | b | 1 | Parameters.dll:0:0:0:0 | default | null | | Parameters.dll:0:0:0:0 | M2 | Parameters.dll:0:0:0:0 | c | 2 | Parameters.dll:0:0:0:0 | "default string" | default string | | Parameters.dll:0:0:0:0 | M3 | Parameters.dll:0:0:0:0 | a | 0 | Parameters.dll:0:0:0:0 | 1 | 1 | @@ -48,3 +63,24 @@ withDefaultValue | Parameters.dll:0:0:0:0 | M8<> | Parameters.dll:0:0:0:0 | t | 0 | Parameters.dll:0:0:0:0 | default | - | | Parameters.dll:0:0:0:0 | M9<> | Parameters.dll:0:0:0:0 | t | 0 | Parameters.dll:0:0:0:0 | default | - | | Parameters.dll:0:0:0:0 | M10<> | Parameters.dll:0:0:0:0 | t | 0 | Parameters.dll:0:0:0:0 | default | null | +| Parameters.dll:0:0:0:0 | M11 | Parameters.dll:0:0:0:0 | arg1 | 0 | Parameters.dll:0:0:0:0 | 3 | 3 | +| Parameters.dll:0:0:0:0 | M12 | Parameters.dll:0:0:0:0 | arg2 | 0 | Parameters.dll:0:0:0:0 | default | - | +| Parameters.dll:0:0:0:0 | M13 | Parameters.dll:0:0:0:0 | arg3 | 0 | Parameters.dll:0:0:0:0 | default | - | +| Parameters.dll:0:0:0:0 | M14 | Parameters.dll:0:0:0:0 | arg4 | 0 | Parameters.dll:0:0:0:0 | object creation of type DateTime | - | +| Parameters.dll:0:0:0:0 | M15 | Parameters.dll:0:0:0:0 | arg5 | 0 | Parameters.dll:0:0:0:0 | object creation of type DateTime | - | +| Parameters.dll:0:0:0:0 | M16 | Parameters.dll:0:0:0:0 | arg6 | 0 | Parameters.dll:0:0:0:0 | 6 | 6 | +| Parameters.dll:0:0:0:0 | M17 | Parameters.dll:0:0:0:0 | arg7 | 0 | Parameters.dll:0:0:0:0 | default | null | +| Parameters.dll:0:0:0:0 | M18 | Parameters.dll:0:0:0:0 | arg8 | 0 | Parameters.dll:0:0:0:0 | 3 | 3 | +| Parameters.dll:0:0:0:0 | M19 | Parameters.dll:0:0:0:0 | arg9 | 0 | Parameters.dll:0:0:0:0 | 10.3 | 10.3 | +| Parameters.dll:0:0:0:0 | M20 | Parameters.dll:0:0:0:0 | arg10 | 0 | Parameters.dll:0:0:0:0 | call to operator implicit conversion | - | +| Parameters.dll:0:0:0:0 | M21 | Parameters.dll:0:0:0:0 | arg10 | 0 | Parameters.dll:0:0:0:0 | call to operator implicit conversion | - | +dateTimeDefaults +| Parameters.cs:22:17:22:19 | M14 | Parameters.cs:22:64:22:67 | arg4 | Parameters.cs:22:21:22:67 | object creation of type DateTime | DateTime(long) | 14 | +| Parameters.cs:23:17:23:19 | M15 | Parameters.cs:23:68:23:71 | arg5 | Parameters.cs:23:21:23:71 | object creation of type DateTime | DateTime(long) | 10001 | +| Parameters.dll:0:0:0:0 | M14 | Parameters.dll:0:0:0:0 | arg4 | Parameters.dll:0:0:0:0 | object creation of type DateTime | DateTime(long) | 14 | +| Parameters.dll:0:0:0:0 | M15 | Parameters.dll:0:0:0:0 | arg5 | Parameters.dll:0:0:0:0 | object creation of type DateTime | DateTime(long) | 10001 | +implicitConversionDefaults +| Parameters.cs:28:17:28:19 | M20 | Parameters.cs:28:67:28:71 | arg10 | Parameters.cs:28:21:28:71 | call to operator implicit conversion | Parameters.cs:28:21:28:71 | 7 | Int32 | 7 | +| Parameters.cs:29:17:29:19 | M21 | Parameters.cs:29:76:29:80 | arg10 | Parameters.cs:29:21:29:80 | call to operator implicit conversion | Parameters.cs:29:21:29:80 | "mystring" | String | mystring | +| Parameters.dll:0:0:0:0 | M20 | Parameters.dll:0:0:0:0 | arg10 | Parameters.dll:0:0:0:0 | call to operator implicit conversion | Parameters.dll:0:0:0:0 | 7 | Int32 | 7 | +| Parameters.dll:0:0:0:0 | M21 | Parameters.dll:0:0:0:0 | arg10 | Parameters.dll:0:0:0:0 | call to operator implicit conversion | Parameters.dll:0:0:0:0 | "mystring" | String | mystring | diff --git a/csharp/ql/test/library-tests/parameters/Parameters.ql b/csharp/ql/test/library-tests/parameters/Parameters.ql index dca5c2d9006..209cdc12577 100644 --- a/csharp/ql/test/library-tests/parameters/Parameters.ql +++ b/csharp/ql/test/library-tests/parameters/Parameters.ql @@ -4,16 +4,45 @@ private predicate fromTestLocation(Element e) { e.fromSource() or e.getFile().getStem() = "Parameters" } +private predicate compilerGeneratedAttribute(Parameterizable container) { + container.getDeclaringType().getAnAttribute().getType().toStringWithTypes() = + "CompilerGeneratedAttribute" +} + query predicate noDefaultValue(Parameterizable container, Parameter p, int i) { fromTestLocation(container) and not p.hasDefaultValue() and - container.getParameter(i) = p + container.getParameter(i) = p and + not compilerGeneratedAttribute(container) } -query predicate withDefaultValue(Parameterizable container, Parameter p, int i, Expr e, string value) { +private predicate defaultValue(Parameterizable container, Parameter p, int i, Expr e) { fromTestLocation(container) and p.hasDefaultValue() and container.getParameter(i) = p and - p.getDefaultValue() = e and - if exists(e.getValue()) then value = e.getValue() else value = "-" + p.getDefaultValue() = e +} + +query predicate withDefaultValue(Parameterizable container, Parameter p, int i, Expr e, string value) { + defaultValue(container, p, i, e) and + (if exists(e.getValue()) then value = e.getValue() else value = "-") and + not compilerGeneratedAttribute(container) +} + +query predicate dateTimeDefaults( + Parameterizable container, Parameter p, ObjectCreation o, string constructor, string value +) { + defaultValue(container, p, _, o) and + o.getTarget().toStringWithTypes() = constructor and + o.getAnArgument().getValue() = value and + not compilerGeneratedAttribute(container) +} + +query predicate implicitConversionDefaults( + Parameterizable container, Parameter p, OperatorCall o, Expr e, string type, string value +) { + defaultValue(container, p, _, o) and + o.getAnArgument() = e and + type = e.getType().toString() and + value = e.getValue() } diff --git a/csharp/ql/test/qlpack.yml b/csharp/ql/test/qlpack.yml index b0ce8ef1920..c5b275b64e3 100644 --- a/csharp/ql/test/qlpack.yml +++ b/csharp/ql/test/qlpack.yml @@ -5,3 +5,4 @@ dependencies: codeql/csharp-queries: ${workspace} extractor: csharp tests: . +warnOnImplicitThis: true diff --git a/csharp/ql/test/query-tests/API Abuse/NoDisposeCallOnLocalIDisposable/CONSISTENCY/DataFlowConsistency.expected b/csharp/ql/test/query-tests/API Abuse/NoDisposeCallOnLocalIDisposable/CONSISTENCY/DataFlowConsistency.expected deleted file mode 100644 index e82ad8a3eae..00000000000 --- a/csharp/ql/test/query-tests/API Abuse/NoDisposeCallOnLocalIDisposable/CONSISTENCY/DataFlowConsistency.expected +++ /dev/null @@ -1,715 +0,0 @@ -identityLocalStep -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.ComponentModel.Primitives.dll:0:0:0:0 | SSA phi read(Parameter 1 of get_Item) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi read(Local variable 5 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 6 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 7 of method ReadLineCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Console.dll:0:0:0:0 | SSA phi(Local variable 7 of method Write) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.IO.Compression.dll:0:0:0:0 | SSA phi read(Local variable 0 of method RemoveZip64Blocks) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.IO.Compression.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetAndRemoveZip64Block) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.IO.Compression.dll:0:0:0:0 | SSA phi read(Local variable 2 of method WriteFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.IO.Compression.dll:0:0:0:0 | SSA phi read(Parameter 0 of MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.IO.Compression.dll:0:0:0:0 | SSA phi read(Parameter 0 of MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.IO.Compression.dll:0:0:0:0 | SSA phi read(Parameter 0 of MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.IO.Compression.dll:0:0:0:0 | SSA phi read(Parameter 1 of GetAndRemoveZip64Block) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.IO.Compression.dll:0:0:0:0 | SSA phi read(Parameter 2 of GetAndRemoveZip64Block) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.IO.Compression.dll:0:0:0:0 | SSA phi read(Parameter 3 of GetAndRemoveZip64Block) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.IO.Compression.dll:0:0:0:0 | SSA phi read(Parameter 4 of GetAndRemoveZip64Block) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.IO.Compression.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetAndRemoveZip64Block) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.IO.Compression.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetAndRemoveZip64Block) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ContinueTryEnter) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method CreateParentsAndDirectory) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method DisposeOnShutdown) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonAsciiByte_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonAsciiChar_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetIndexOfFirstNonLatin1Char_Default) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetSources) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetTimeZoneIds) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateInterfaces) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method SpinUntil) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64D) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 0 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method Clone) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetCaseInsensitiveObjectInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetSessions) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetSessions) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method OnStop) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method RemoveLeadingInQuoteSpaces) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TranscodeToUtf8) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryDequeue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 1 of method TryPeek) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method DispatchEventsToEventListeners) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method SymmetricExceptWithUniqueHashSet) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method TryDecodeFromUtf16) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 2 of method WaitAllCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method GetDatePart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method IntersectWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 3 of method TryDecodeFromUtf16) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GateThreadStart) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GetBytesWithFallback) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GetCharsWithFallback) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 5 of method SymmetricExceptWithEnumerable) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetDelegatesFromContinuationObject) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 7 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 7 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 9 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 11 of method MatchPattern) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 12 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 13 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 13 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 14 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Local variable 15 of method PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of AddExceptionsFromChildren) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of EnsureDescriptorsInitialized) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetNextToken) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateConstructors) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of PopulateMethods) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of RemoveReferencesToListenerInEventSources) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of RoundNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 0 of TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of Append) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ContainsValue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ContinueTryEnter) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of GetObject) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of GetString) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of ReadXdgDirectory) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 1 of SearchForChildByTag) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of ContinueTryEnterWithThreadTracking) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Replace) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of ReplaceAllInChunk) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of SplitInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Trim) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 2 of Wait) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of FormatScientific) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 3 of GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 5 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi read(Parameter 5 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method Equals) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetDefaultValueInternal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetHashCode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method InitializeConfigAndDetermineUsePortableThreadPool) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method InsertAtCurrentHashNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method RemoveAll) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method RemoveDirectoryRecursive) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 0 of method TryParseInt64D) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method CheckNullabilityAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ExecuteCallbackHandlers) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method FromBase64_ComputeResultLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetPointerToFirstInvalidByte) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ToKeyValuePairsArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method TranslateToManifestConvention) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 1 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method FromBase64_ComputeResultLength) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ToLower) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method ToUpper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryEnterReadLockCore) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 2 of method TryParseUInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method g__LogDataStore\|23_0) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ScanDateWord) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ToLower) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method ToUpper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt16N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt32N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseInt64N) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 3 of method TryParseSByteN) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method FormCompoundType) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method GetByteCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method MatchPattern) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 4 of method OnStop) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method CheckUniqueAndUnfoundElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method FormCompoundType) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method GetNextToken) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method OnDeserialization) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method PickPivotAndPartition) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 5 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method GetCharCount) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method Set) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 6 of method VarDecCmpSub) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method ToTitleCase) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 7 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseNumber) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 8 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method TryFromBase64Chars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 9 of method TryParseStatusFile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 10 of method EnumerateFilesRecursively) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 15 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 15 of method AppendFormatHelper) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 17 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Local variable 33 of method NumberToStringFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 1 of FindSection) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyEntries) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyKeys) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyValues) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 2 of ScaleResult) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of AddDateWords) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of GetBytes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.CoreLib.dll:0:0:0:0 | SSA phi(Parameter 3 of GetChars) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method AddDefaultAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method CheckAttributeGroupRestriction) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method CheckForDuplicateType) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method CompileLiteralElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method CompileLocalAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method CompileLocalAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method CompileSorts) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method DblToRgbFast) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method Evaluate) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ExpectedParticles) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method Find) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GenerateInitCallbacksMethod) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetDefaultAttribute) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetNamespaceListSymbols) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetNamespaceListSymbols) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetNamespaceOfPrefixStrict) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetNamespaces) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetNamespacesInScope) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetNamespacesInScope) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetPrefixOfNamespaceStrict) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method GetPreviousContentSibling) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method Intersection) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ListAsString) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ListUsedPrefixes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method LoadEntityReferenceNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method LookupNamespace) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ParseDocumentContent) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method Prepare) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method RawText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method RawText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ResolveQNameDynamic) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method ScanLiteral) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method WriteAttributeTextBlock) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method WriteAttributeTextBlock) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method WriteElementTextBlock) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method WriteElementTextBlock) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method WriteHtmlAttributeText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method WriteHtmlAttributeText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method WriteRawWithCharChecking) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method WriteRawWithCharChecking) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method WriteStartElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method WriteUriAttributeText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method WriteUriAttributeText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 0 of method get_NamespaceList) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method Add) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method DblToRgbFast) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method Document) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetExpectedAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetNamespaceOfPrefixStrict) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method GetNamespacesInScope) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method ImplReadXmlText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method ImportDerivedTypes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method MoveToPrevious) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method Prepare) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method RawTextNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method RawTextNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method ScanLiteral) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method Write) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method WriteAttributeTextBlockNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method WriteAttributeTextBlockNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method WriteElementTextBlockNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method WriteElementTextBlockNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method WriteElementTo) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method WriteRawWithCharCheckingNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 1 of method WriteRawWithCharCheckingNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 2 of method Add) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 2 of method CheckUseAttrubuteSetInList) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 2 of method Compile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 2 of method DblToRgbFast) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 2 of method InferElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 2 of method ParseAttributeValueSlow) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 2 of method ParseElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 2 of method ParseElementAsync) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 2 of method ParseFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 2 of method ScanLiteral) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 2 of method VisitCallTemplate) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 2 of method WriteCDataSection) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 2 of method WriteCDataSection) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 2 of method WriteCommentOrPi) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 2 of method WriteCommentOrPi) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 3 of method CompileLocalAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 3 of method CompileLocalAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 3 of method DblToRgbFast) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 3 of method LoadElementNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 3 of method Refactor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 3 of method RemoveSchemaFromCaches) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 3 of method VisitApplyTemplates) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 3 of method WriteCDataSectionNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 3 of method WriteCDataSectionNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 3 of method WriteCommentOrPiNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 3 of method WriteCommentOrPiNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 4 of method CheckText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 4 of method CompileLiteralElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 4 of method ExportSpecialMapping) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 4 of method GenerateLiteralMembersElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 4 of method ParseAttributeValueSlow) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 4 of method Refactor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 5 of method ConvertToDecimal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 5 of method ParseAttributeValueSlow) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 5 of method Refactor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 6 of method GetContext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 6 of method InferElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 6 of method MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 6 of method ReadByteArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 7 of method GenerateEncodedMembersElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 7 of method ParseAttributeValueSlow) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Local variable 8 of method GenerateEncodedMembersElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of AddDefaultAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of AddImportDependencies) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of AnalyzeAvt) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CheckAttributeGroupRestriction) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CheckAttributeGroupRestriction) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CheckAttributeSets_RecurceInContainer) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CheckAttributeSets_RecurceInList) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CheckParticleDerivation) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CheckUseAttrubuteSetInList) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of Compile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of Compile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of Compile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of Compile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of Compile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of Compile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of Compile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of Compile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of Compile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of Compile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of Compile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of Compile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CompileAndSortMatches) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CompileAttributeGroup) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CompileAttributeGroup) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CompileComplexType) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CompileLiteralElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CompileLocalAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CompileLocalAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CompileLocalAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CompileLocalAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CompileLocalAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CompileLocalAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CompileLocalAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CompileLocalAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CompileProtoTemplate) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CompileSorts) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyFromCompiledSet) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyFromCompiledSet) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyFromCompiledSet) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyFromCompiledSet) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CopyNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of CreateIdTables) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of DepthFirstSearch) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of DepthFirstSearch) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of DepthFirstSearch) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of DepthFirstSearch) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of EatWhitespaces) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of EndElementIdentityConstraints) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of EndElementIdentityConstraints) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of Evaluate) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of Execute) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ExpectedElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ExpectedParticles) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ExportRootIfNecessary) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ExportSpecialMapping) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ExportSpecialMapping) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of Find) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of FindCaseInsensitiveString) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of FindSchemaType) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of GenerateBegin) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of GenerateBegin) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of GenerateBegin) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of GenerateBegin) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of GenerateBegin) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of GenerateBegin) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of GenerateInitCallbacksMethod) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of GenerateInitCallbacksMethod) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetNamespaceListSymbols) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetNamespacesInScope) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of GetNamespacesInScope) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ImportDerivedTypes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of InferSchema1) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of InitCallbacks) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of InitCallbacks) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ListAsString) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of LoadDocumentType) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of LoadElementNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of LookupPrefix) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of Merge) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of MoveToFirstNamespace) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of MoveToFollowing) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ParseAttributeValueChunk) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ParseAttributeValueSlow) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ParseAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ParseCDataOrComment) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ParseElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ParseElementAsync) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ParseEndElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ParseEndElementAsync_CheckEndTag) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ParsePIValue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ParseQName) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ParseText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ParseTextAsync) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of Prepare) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ProcessSubstitutionGroups) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of PropagateFlag) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of PropagateSideEffectsFlag) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of PropagateSideEffectsFlag) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of RawText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of RawText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of RawTextNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of RawTextNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ResolveQNameDynamic) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of SkipUntil) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of StartParsing) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of ValidateElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of VisitCallTemplate) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of Write) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteAttributeTextBlock) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteAttributeTextBlock) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteAttributeTextBlockNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteAttributeTextBlockNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteCDataSection) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteCDataSection) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteCDataSectionNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteCDataSectionNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteCommentOrPi) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteCommentOrPi) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteCommentOrPiNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteCommentOrPiNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteElementTextBlock) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteElementTextBlock) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteElementTextBlockNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteElementTextBlockNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteEnumAndArrayTypes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteEnumAndArrayTypes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteEnumAndArrayTypes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteEnumAndArrayTypes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteHtmlAttributeText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteHtmlAttributeText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteRawWithCharChecking) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteRawWithCharChecking) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteRawWithCharCheckingNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteRawWithCharCheckingNoFlush) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteReflectionInit) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteStartElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteUriAttributeText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 0 of WriteUriAttributeText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of Add) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of AddDefaultAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of AddImport) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of CheckAttributeGroupRestriction) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of CheckAttributeSets_RecurceInContainer) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of CheckDuplicateParams) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of CompileAndSortMatches) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of CompileComplexType) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of CopyTo) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of EatWhitespaces) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of FillModeFlags) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of FindAttribute) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of FindAttributeRef) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of FindImport) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of GetElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of GetNamespaceListSymbols) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of GetNamespacesInScope) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of GetPrefixOfNamespaceStrict) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of HasParticleRef) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of ImportDerivedTypes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of ImportDerivedTypes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of InferElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of ListUsedPrefixes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of LookupPrefix) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of Merge) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of MoveToFollowing) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of MoveToFollowing) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of MoveToNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of ParseCDataOrComment) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of ParseEndElementAsync_Finish) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of ParsePI) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of ParseQName) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of PropagateFlag) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of ReadToDescendant) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of ReadToDescendant) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of ReadToFollowing) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of ReadToFollowing) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of ReplaceNamespaceAlias) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of ScanLiteral) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of ScanQName) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of ScanQName) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of ShouldStripSpace) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of TryLookupPrefix) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of VisitApplyTemplates) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of VisitCallTemplate) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 1 of WriteNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of CheckAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of CheckDuplicateElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of CheckWithParam) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of CompileAvt) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of CompileLocalAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of CompileLocalAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of CompileSorts) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of CompileXPath) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of DepthFirstSearch) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of ExpectedElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of ExpectedParticles) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of ExportSpecialMapping) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of ExportSpecialMapping) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of FindAttributeRef) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of GetDefaultAttribute) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of InferElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of ListAsString) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of MoveToFollowing) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of MoveToFollowing) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of MoveToNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of MoveToPrevious) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of ParseAttributeValueSlow) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of ParseEndElementAsync_Finish) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of ReadToDescendant) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of ReadToFollowing) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of ShouldStripSpace) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of SkipUntil) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of Write) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of WriteAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 2 of WriteNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 3 of ExpectedParticles) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 3 of Find) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 3 of GetContentFollowing) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 3 of GetDefaultAttribute) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 3 of GetElementFollowing) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 3 of GetTextFollowing) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 3 of InferElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 3 of ParseAttributeValueSlow) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 3 of ParseEndElementAsync_Finish) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 3 of WriteAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 3 of WriteEnumAndArrayTypes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 4 of ConvertToDecimal) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 4 of GetDefaultAttribute) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 4 of WriteAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 4 of WriteEnumAndArrayTypes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi read(Parameter 5 of GetElementFollowing) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method .ctor) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method AnalyzeAvt) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method CompileComplexType) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method ContainsIdAttribute) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method Evaluate) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method ExpectedElements) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method FindCaseInsensitiveString) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method FindStylesheetElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method GetContext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method IncrementalRead) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method LoadDeclarationNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method LoadDocumentTypeNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method ParseQName) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method ParseQName) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method PopulateMemberInfos) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method Read) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method ReadXmlNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method ScanCondSection3) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method ScanQName) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method SkipUntil) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 0 of method WriteAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 1 of method EatWhitespaces) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 1 of method Evaluate) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 1 of method GenerateInitCallbacksMethod) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetContext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetDefaultAttributePrefix) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 1 of method GetDefaultPrefix) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 1 of method InferElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 1 of method LoadDeclarationNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 1 of method LoadDocumentTypeNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 1 of method NonCDataNormalize) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 1 of method ReadTextNodes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 1 of method ScanAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 1 of method SkipUntil) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 1 of method VisitStrConcat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 2 of method CDataNormalize) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 2 of method Decode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 2 of method IncrementalRead) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 2 of method LoadDeclarationNode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 2 of method NonCDataNormalize) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 2 of method ParseCDataOrComment) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 2 of method ParsePIValue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 2 of method ParseText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 2 of method ParseXmlDeclaration) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 2 of method ReadTextNodes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 2 of method ScanAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 2 of method SkipUntil) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 3 of method CDataNormalize) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 3 of method Compile) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 3 of method Decode) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 3 of method ParseAttributeValueSlow) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 3 of method ParseCDataOrComment) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 3 of method ParseFormat) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 3 of method ParsePIValue) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 3 of method ParseText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 3 of method SkipUntil) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 4 of method InferElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 4 of method ParseText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 4 of method ReadByteArray) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 4 of method VisitApplyTemplates) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 6 of method MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 6 of method ParseDocumentContent) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 6 of method get_Value) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 7 of method GetContext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 7 of method InferElement) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 7 of method MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 7 of method MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 7 of method ParseText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 8 of method MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 8 of method MoveNext) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 8 of method ParseAttributes) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 8 of method ParseText) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 9 of method FillModeFlags) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 11 of method ExportSpecialMapping) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 14 of method IncrementalRead) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 15 of method DblToRgbFast) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Local variable 16 of method DblToRgbFast) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Parameter 2 of CopyTo) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Parameter 4 of ParseTextAsync) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Parameter 5 of ParseTextAsync) | Node steps to itself | -| file:///home/runner/work/codeql/codeql/csharp/extractor-pack/tools/linux64/System.Private.Xml.dll:0:0:0:0 | SSA phi(Parameter 6 of ParseTextAsync) | Node steps to itself | diff --git a/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/ExposeRepresentation/ExposeRepresentation.expected b/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/ExposeRepresentation/ExposeRepresentation.expected index 92f7365adeb..f4b2fcbf837 100644 --- a/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/ExposeRepresentation/ExposeRepresentation.expected +++ b/csharp/ql/test/query-tests/Bad Practices/Implementation Hiding/ExposeRepresentation/ExposeRepresentation.expected @@ -1,2 +1,2 @@ -| ExposeRepresentation.cs:8:21:8:23 | Set | 'Set' exposes the internal representation stored in field 'rarray'. The value may be modified $@. | ExposeRepresentation.cs:16:9:16:9 | ExposeRepresentation.cs:16:9:16:9 | through the variable a | -| ExposeRepresentationBad.cs:18:22:18:24 | Get | 'Get' exposes the internal representation stored in field 'rarray'. The value may be modified $@. | ExposeRepresentationBad.cs:24:23:24:29 | ExposeRepresentationBad.cs:24:23:24:29 | after this call to Get | +| ExposeRepresentation.cs:8:21:8:23 | Set | 'Set' exposes the internal representation stored in field 'rarray'. The value may be modified $@. | ExposeRepresentation.cs:16:9:16:9 | access to local variable a | through the variable a | +| ExposeRepresentationBad.cs:18:22:18:24 | Get | 'Get' exposes the internal representation stored in field 'rarray'. The value may be modified $@. | ExposeRepresentationBad.cs:24:23:24:29 | call to method Get | after this call to Get | diff --git a/csharp/ql/test/query-tests/Nullness/CONSISTENCY/DataFlowConsistency.expected b/csharp/ql/test/query-tests/Nullness/CONSISTENCY/DataFlowConsistency.expected deleted file mode 100644 index cb035c61bd6..00000000000 --- a/csharp/ql/test/query-tests/Nullness/CONSISTENCY/DataFlowConsistency.expected +++ /dev/null @@ -1,4 +0,0 @@ -identityLocalStep -| D.cs:320:17:320:25 | this access | Node steps to itself | -| E.cs:123:21:123:24 | SSA phi read(x) | Node steps to itself | -| E.cs:123:21:123:24 | SSA phi(i) | Node steps to itself | diff --git a/csharp/ql/test/query-tests/Security Features/CWE-022/ZipSlip/CONSISTENCY/DataFlowConsistency.expected b/csharp/ql/test/query-tests/Security Features/CWE-022/ZipSlip/CONSISTENCY/DataFlowConsistency.expected deleted file mode 100644 index 437c6183574..00000000000 --- a/csharp/ql/test/query-tests/Security Features/CWE-022/ZipSlip/CONSISTENCY/DataFlowConsistency.expected +++ /dev/null @@ -1,2 +0,0 @@ -identityLocalStep -| ZipSlip.cs:13:13:45:13 | SSA phi read(destDirectory) | Node steps to itself | diff --git a/csharp/ql/test/query-tests/Security Features/CWE-117/LogForging.cs b/csharp/ql/test/query-tests/Security Features/CWE-117/LogForging.cs index aac9ce65523..d3253f4a440 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-117/LogForging.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-117/LogForging.cs @@ -3,6 +3,7 @@ using System.Diagnostics; using System.IO; using System.Net; using System.Web; +using Microsoft.Extensions.Logging; class ILogger { @@ -24,6 +25,10 @@ public class LogForgingHandler : IHttpHandler logger.Warn(WebUtility.HtmlEncode(username) + " logged in"); // BAD: Logged as-is to TraceSource new TraceSource("Test").TraceInformation(username + " logged in"); + + Microsoft.Extensions.Logging.ILogger logger2 = null; + // BAD: Logged as-is + logger2.LogError(username); } public bool IsReusable diff --git a/csharp/ql/test/query-tests/Security Features/CWE-117/LogForging.expected b/csharp/ql/test/query-tests/Security Features/CWE-117/LogForging.expected index cfae0ac589e..5724f73d55b 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-117/LogForging.expected +++ b/csharp/ql/test/query-tests/Security Features/CWE-117/LogForging.expected @@ -1,19 +1,23 @@ edges -| LogForging.cs:17:27:17:49 | access to property QueryString : NameValueCollection | LogForging.cs:17:27:17:61 | access to indexer : String | -| LogForging.cs:17:27:17:49 | access to property QueryString : NameValueCollection | LogForging.cs:20:21:20:43 | ... + ... | -| LogForging.cs:17:27:17:49 | access to property QueryString : NameValueCollection | LogForging.cs:26:50:26:72 | ... + ... | -| LogForging.cs:17:27:17:61 | access to indexer : String | LogForging.cs:20:21:20:43 | ... + ... | -| LogForging.cs:17:27:17:61 | access to indexer : String | LogForging.cs:26:50:26:72 | ... + ... | +| LogForging.cs:18:27:18:49 | access to property QueryString : NameValueCollection | LogForging.cs:18:27:18:61 | access to indexer : String | +| LogForging.cs:18:27:18:49 | access to property QueryString : NameValueCollection | LogForging.cs:21:21:21:43 | ... + ... | +| LogForging.cs:18:27:18:49 | access to property QueryString : NameValueCollection | LogForging.cs:27:50:27:72 | ... + ... | +| LogForging.cs:18:27:18:49 | access to property QueryString : NameValueCollection | LogForging.cs:31:26:31:33 | access to local variable username | +| LogForging.cs:18:27:18:61 | access to indexer : String | LogForging.cs:21:21:21:43 | ... + ... | +| LogForging.cs:18:27:18:61 | access to indexer : String | LogForging.cs:27:50:27:72 | ... + ... | +| LogForging.cs:18:27:18:61 | access to indexer : String | LogForging.cs:31:26:31:33 | access to local variable username | | LogForgingAsp.cs:8:32:8:39 | username : String | LogForgingAsp.cs:12:21:12:43 | ... + ... | nodes -| LogForging.cs:17:27:17:49 | access to property QueryString : NameValueCollection | semmle.label | access to property QueryString : NameValueCollection | -| LogForging.cs:17:27:17:61 | access to indexer : String | semmle.label | access to indexer : String | -| LogForging.cs:20:21:20:43 | ... + ... | semmle.label | ... + ... | -| LogForging.cs:26:50:26:72 | ... + ... | semmle.label | ... + ... | +| LogForging.cs:18:27:18:49 | access to property QueryString : NameValueCollection | semmle.label | access to property QueryString : NameValueCollection | +| LogForging.cs:18:27:18:61 | access to indexer : String | semmle.label | access to indexer : String | +| LogForging.cs:21:21:21:43 | ... + ... | semmle.label | ... + ... | +| LogForging.cs:27:50:27:72 | ... + ... | semmle.label | ... + ... | +| LogForging.cs:31:26:31:33 | access to local variable username | semmle.label | access to local variable username | | LogForgingAsp.cs:8:32:8:39 | username : String | semmle.label | username : String | | LogForgingAsp.cs:12:21:12:43 | ... + ... | semmle.label | ... + ... | subpaths #select -| LogForging.cs:20:21:20:43 | ... + ... | LogForging.cs:17:27:17:49 | access to property QueryString : NameValueCollection | LogForging.cs:20:21:20:43 | ... + ... | This log entry depends on a $@. | LogForging.cs:17:27:17:49 | access to property QueryString | user-provided value | -| LogForging.cs:26:50:26:72 | ... + ... | LogForging.cs:17:27:17:49 | access to property QueryString : NameValueCollection | LogForging.cs:26:50:26:72 | ... + ... | This log entry depends on a $@. | LogForging.cs:17:27:17:49 | access to property QueryString | user-provided value | +| LogForging.cs:21:21:21:43 | ... + ... | LogForging.cs:18:27:18:49 | access to property QueryString : NameValueCollection | LogForging.cs:21:21:21:43 | ... + ... | This log entry depends on a $@. | LogForging.cs:18:27:18:49 | access to property QueryString | user-provided value | +| LogForging.cs:27:50:27:72 | ... + ... | LogForging.cs:18:27:18:49 | access to property QueryString : NameValueCollection | LogForging.cs:27:50:27:72 | ... + ... | This log entry depends on a $@. | LogForging.cs:18:27:18:49 | access to property QueryString | user-provided value | +| LogForging.cs:31:26:31:33 | access to local variable username | LogForging.cs:18:27:18:49 | access to property QueryString : NameValueCollection | LogForging.cs:31:26:31:33 | access to local variable username | This log entry depends on a $@. | LogForging.cs:18:27:18:49 | access to property QueryString | user-provided value | | LogForgingAsp.cs:12:21:12:43 | ... + ... | LogForgingAsp.cs:8:32:8:39 | username : String | LogForgingAsp.cs:12:21:12:43 | ... + ... | This log entry depends on a $@. | LogForgingAsp.cs:8:32:8:39 | username | user-provided value | diff --git a/csharp/ql/test/resources/stubs/EntityFramework.cs b/csharp/ql/test/resources/stubs/EntityFramework.cs index 4612349a923..dca9c1685cb 100644 --- a/csharp/ql/test/resources/stubs/EntityFramework.cs +++ b/csharp/ql/test/resources/stubs/EntityFramework.cs @@ -10,17 +10,12 @@ namespace System.Data.Entity { } - public class DbSet : IEnumerable + public class DbSet : IEnumerable { - public void Add(T t) { } - public System.Threading.Tasks.Task AddAsync(T t) => null; - public void AddRange(IEnumerable t) { } - public System.Threading.Tasks.Task AddRangeAsync(IEnumerable t) => null; - public void Attach(T t) { } - public void AttachRange(IEnumerable t) { } - public void Update(T t) { } - public void UpdateRange(IEnumerable t) { } - IEnumerator IEnumerable.GetEnumerator() => null; + public void Add(TEntity t) { } + public void AddRange(IEnumerable t) { } + public void Attach(TEntity t) { } + IEnumerator IEnumerable.GetEnumerator() => null; IEnumerator IEnumerable.GetEnumerator() => null; } @@ -59,17 +54,22 @@ namespace System.Data.Entity.Infrastructure namespace Microsoft.EntityFrameworkCore { - public class DbSet : IEnumerable + public class DbSet : IEnumerable { - public void Add(T t) { } - public System.Threading.Tasks.Task AddAsync(T t) => null; - public void AddRange(IEnumerable t) { } - public System.Threading.Tasks.Task AddRangeAsync(IEnumerable t) => null; - public void Attach(T t) { } - public void AttachRange(IEnumerable t) { } - public void Update(T t) { } - public void UpdateRange(IEnumerable t) { } - IEnumerator IEnumerable.GetEnumerator() => null; + public void Add(TEntity t) { } + public System.Threading.Tasks.Task AddAsync(TEntity t, System.Threading.CancellationToken ct = default) => null; + public void AddRange(IEnumerable t) { } + public void AddRange(TEntity[] t) { } + public System.Threading.Tasks.Task AddRangeAsync(IEnumerable t, System.Threading.CancellationToken ct = default) => null; + public System.Threading.Tasks.Task AddRangeAsync(TEntity[] t) => null; + public void Attach(TEntity t) { } + public void AttachRange(IEnumerable t) { } + public void AttachRange(TEntity[] t) { } + public void Update(TEntity t) { } + public void UpdateRange(IEnumerable t) { } + public void UpdateRange(TEntity[] t) { } + + IEnumerator IEnumerable.GetEnumerator() => null; IEnumerator IEnumerable.GetEnumerator() => null; } diff --git a/csharp/ql/test/utils/modelgenerator/dataflow/CaptureSinkModels.expected b/csharp/ql/test/utils/modelgenerator/dataflow/CaptureSinkModels.expected index e65a2ae7d4a..4a11cff39af 100644 --- a/csharp/ql/test/utils/modelgenerator/dataflow/CaptureSinkModels.expected +++ b/csharp/ql/test/utils/modelgenerator/dataflow/CaptureSinkModels.expected @@ -1,4 +1,4 @@ -| Sinks;NewSinks;false;WrapFieldResponseWriteFile;();;Argument[this];html;df-generated | -| Sinks;NewSinks;false;WrapPropResponseWriteFile;();;Argument[this];html;df-generated | -| Sinks;NewSinks;false;WrapResponseWrite;(System.Object);;Argument[0];html;df-generated | -| Sinks;NewSinks;false;WrapResponseWriteFile;(System.String);;Argument[0];html;df-generated | +| Sinks;NewSinks;false;WrapFieldResponseWriteFile;();;Argument[this];html-injection;df-generated | +| Sinks;NewSinks;false;WrapPropResponseWriteFile;();;Argument[this];html-injection;df-generated | +| Sinks;NewSinks;false;WrapResponseWrite;(System.Object);;Argument[0];html-injection;df-generated | +| Sinks;NewSinks;false;WrapResponseWriteFile;(System.String);;Argument[0];html-injection;df-generated | diff --git a/csharp/tools/tracing-config.lua b/csharp/tools/tracing-config.lua index 2db04d83524..79b2ea2ca1c 100644 --- a/csharp/tools/tracing-config.lua +++ b/csharp/tools/tracing-config.lua @@ -63,7 +63,7 @@ function RegisterExtractorPack(id) end end if match then - local injections = { '-p:UseSharedCompilation=false' } + local injections = { '-p:UseSharedCompilation=false', '-p:EmitCompilerGeneratedFiles=true' } if dotnetRunNeedsSeparator then table.insert(injections, '--') end @@ -118,7 +118,8 @@ function RegisterExtractorPack(id) compilerArguments, nil, { '/p:UseSharedCompilation=false', - '/p:MvcBuildViews=true' + '/p:MvcBuildViews=true', + '/p:EmitCompilerGeneratedFiles=true', }) } @@ -154,7 +155,7 @@ function RegisterExtractorPack(id) if seenCompilerCall then return { - order = ORDER_BEFORE, + order = ORDER_AFTER, invocation = { path = AbsolutifyExtractorPath(id, extractor), arguments = { @@ -194,7 +195,7 @@ function RegisterExtractorPack(id) if seenCompilerCall then return { - order = ORDER_BEFORE, + order = ORDER_AFTER, invocation = { path = AbsolutifyExtractorPath(id, extractor), arguments = { diff --git a/docs/codeql/codeql-for-visual-studio-code/running-codeql-queries-at-scale-with-mrva.rst b/docs/codeql/codeql-for-visual-studio-code/running-codeql-queries-at-scale-with-mrva.rst index 656aec444de..83dc32edf76 100644 --- a/docs/codeql/codeql-for-visual-studio-code/running-codeql-queries-at-scale-with-mrva.rst +++ b/docs/codeql/codeql-for-visual-studio-code/running-codeql-queries-at-scale-with-mrva.rst @@ -23,7 +23,7 @@ If you want to run variant analysis on your repositories, you need to enable cod Setting a controller repository for variant analysis ---------------------------------------------------- -When you run variant analysis, the analysis is run entirely using GitHub Actions. You don't need to create any workflows, but you must specify which GitHub repository the CodeQL extension should use as the "controller repository." Controller repositories can be empty, but they must have at least one commit. The ``GITHUB_TOKEN`` must also have "Read and write permissions" to run workflows in that repository. For more information, see "`Managing GitHub Actions settings for a repository `__." +When you run variant analysis, the analysis is run entirely using GitHub Actions. You don't need to create any workflows, but you must specify which GitHub repository the CodeQL extension should use as the "controller repository." Controller repositories can be empty, but they must have at least one commit. .. pull-quote:: diff --git a/docs/codeql/codeql-language-guides/analyzing-data-flow-in-swift.rst b/docs/codeql/codeql-language-guides/analyzing-data-flow-in-swift.rst new file mode 100644 index 00000000000..9de7d620abf --- /dev/null +++ b/docs/codeql/codeql-language-guides/analyzing-data-flow-in-swift.rst @@ -0,0 +1,291 @@ +.. _analyzing-data-flow-in-swift: + +Analyzing data flow in Swift +============================ + +You can use CodeQL to track the flow of data through a Swift program to places where the data is used. + +.. include:: ../reusables/swift-beta-note.rst + +About this article +------------------ + +This article describes how data flow analysis is implemented in the CodeQL libraries for Swift and includes examples to help you write your own data flow queries. +The following sections describe how to use the libraries for local data flow, global data flow, and taint tracking. +For a more general introduction to modeling data flow, see ":ref:`About data flow analysis `." + +Local data flow +--------------- + +Local data flow tracks the flow of data within a single function. Local data flow is easier, faster, and more precise than global data flow. Before looking at more complex tracking, you should always consider local tracking because it is sufficient for many queries. + +Using local data flow +~~~~~~~~~~~~~~~~~~~~~ + +You can use the local data flow library by importing the ``DataFlow`` module. The library uses the class ``Node`` to represent any element through which data can flow. +The ``Node`` class has a number of useful subclasses, such as ``ExprNode`` for expressions and ``ParameterNode`` for parameters. You can map between data flow nodes and expressions/control-flow nodes using the member predicates ``asExpr`` and ``getCfgNode``: + +.. code-block:: ql + + class Node { + /** + * Gets the expression that corresponds to this node, if any. + */ + Expr asExpr() { ... } + + /** + * Gets the control flow node that corresponds to this data flow node. + */ + ControlFlowNode getCfgNode() { ... } + + ... + } + +You can use the predicates ``exprNode`` and ``parameterNode`` to map from expressions and parameters to their data-flow node: + +.. code-block:: ql + + /** + * Gets a node corresponding to expression `e`. + */ + ExprNode exprNode(DataFlowExpr e) { result.asExpr() = e } + + /** + * Gets the node corresponding to the value of parameter `p` at function entry. + */ + ParameterNode parameterNode(DataFlowParameter p) { result.getParameter() = p } + +There can be multiple data-flow nodes associated with a single expression node in the AST. + +The predicate ``localFlowStep(Node nodeFrom, Node nodeTo)`` holds if there is an immediate data flow edge from the node ``nodeFrom`` to the node ``nodeTo``. +You can apply the predicate recursively, by using the ``+`` and ``*`` operators, or you can use the predefined recursive predicate ``localFlow``. + +For example, you can find flow from an expression ``source`` to an expression ``sink`` in zero or more local steps: + +.. code-block:: ql + + DataFlow::localFlow(DataFlow::exprNode(source), DataFlow::exprNode(sink)) + +Using local taint tracking +~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Local taint tracking extends local data flow to include flow steps where values are not preserved, such as string manipulation. +For example: + +.. code-block:: swift + + temp = x + y = temp + ", " + temp + +If ``x`` is a tainted string then ``y`` is also tainted. + +The local taint tracking library is in the module ``TaintTracking``. +Like local data flow, a predicate ``localTaintStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo)`` holds if there is an immediate taint propagation edge from the node ``nodeFrom`` to the node ``nodeTo``. +You can apply the predicate recursively, by using the ``+`` and ``*`` operators, or you can use the predefined recursive predicate ``localTaint``. + +For example, you can find taint propagation from an expression ``source`` to an expression ``sink`` in zero or more local steps: + +.. code-block:: ql + + TaintTracking::localTaint(DataFlow::exprNode(source), DataFlow::exprNode(sink)) + +Examples of local data flow +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +This query finds the ``format`` argument passed into each call to ``String.init(format:_:)``: + +.. code-block:: ql + + import swift + + from CallExpr call, Method method + where + call.getStaticTarget() = method and + method.hasQualifiedName("String", "init(format:_:)") + select call.getArgument(0).getExpr() + +Unfortunately this will only give the expression in the argument, not the values which could be passed to it. +So we use local data flow to find all expressions that flow into the argument: + +.. code-block:: ql + + import swift + import codeql.swift.dataflow.DataFlow + + from CallExpr call, Method method, Expr sourceExpr, Expr sinkExpr + where + call.getStaticTarget() = method and + method.hasQualifiedName("String", "init(format:_:)") and + sinkExpr = call.getArgument(0).getExpr() and + DataFlow::localFlow(DataFlow::exprNode(sourceExpr), DataFlow::exprNode(sinkExpr)) + select sourceExpr, sinkExpr + +We can vary the source, for example, making the source the parameter of a function rather than an expression. The following query finds where a parameter is used for the format: + +.. code-block:: ql + + import swift + import codeql.swift.dataflow.DataFlow + + from CallExpr call, Method method, ParamDecl sourceParam, Expr sinkExpr + where + call.getStaticTarget() = method and + method.hasQualifiedName("String", "init(format:_:)") and + sinkExpr = call.getArgument(0).getExpr() and + DataFlow::localFlow(DataFlow::parameterNode(sourceParam), DataFlow::exprNode(sinkExpr)) + select sourceParam, sinkExpr + +The following example finds calls to ``String.init(format:_:)`` where the format string is not a hard-coded string literal: + +.. code-block:: ql + + import swift + import codeql.swift.dataflow.DataFlow + + from CallExpr call, Method method, DataFlow::Node sinkNode + where + call.getStaticTarget() = method and + method.hasQualifiedName("String", "init(format:_:)") and + sinkNode.asExpr() = call.getArgument(0).getExpr() and + not exists(StringLiteralExpr sourceLiteral | + DataFlow::localFlow(DataFlow::exprNode(sourceLiteral), sinkNode) + ) + select call, "Format argument to " + method.getName() + " isn't hard-coded." + +Global data flow +---------------- + +Global data flow tracks data flow throughout the entire program, and is therefore more powerful than local data flow. +However, global data flow is less precise than local data flow, and the analysis typically requires significantly more time and memory to perform. + +.. pull-quote:: Note + + .. include:: ../reusables/path-problem.rst + +Using global data flow +~~~~~~~~~~~~~~~~~~~~~~ + +You can use the global data flow library by implementing the module ``DataFlow::ConfigSig``: + +.. code-block:: ql + + import codeql.swift.dataflow.DataFlow + + module MyDataFlowConfiguration implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { + ... + } + + predicate isSink(DataFlow::Node sink) { + ... + } + } + + module MyDataFlow = DataFlow::Global; + +These predicates are defined in the configuration: + +- ``isSource`` - defines where data may flow from. +- ``isSink`` - defines where data may flow to. +- ``isBarrier`` - optionally, restricts the data flow. +- ``isAdditionalFlowStep`` - optionally, adds additional flow steps. + +The last line (``module MyDataFlow = ...``) instantiates the parameterized module for data flow analysis by passing the configuration to the parameterized module. Data flow analysis can then be performed using ``MyDataFlow::flow(DataFlow::Node source, DataFlow::Node sink)``: + +.. code-block:: ql + + from DataFlow::Node source, DataFlow::Node sink + where MyDataFlow::flow(source, sink) + select source, "Dataflow to $@.", sink, sink.toString() + +Using global taint tracking +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Global taint tracking is to global data flow what local taint tracking is to local data flow. +That is, global taint tracking extends global data flow with additional non-value-preserving steps. +The global taint tracking library uses the same configuration module as the global data flow library. You can perform taint flow analysis using ``TaintTracking::Global``: + +.. code-block:: ql + + module MyTaintFlow = TaintTracking::Global; + + from DataFlow::Node source, DataFlow::Node sink + where MyTaintFlow::flow(source, sink) + select source, "Taint flow to $@.", sink, sink.toString() + +Predefined sources +~~~~~~~~~~~~~~~~~~ + +The data flow library module ``codeql.swift.dataflow.FlowSources`` contains a number of predefined sources that you can use to write security queries to track data flow and taint flow. + +- The class ``RemoteFlowSource`` represents data flow from remote network inputs and from other applications. +- The class ``LocalFlowSource`` represents data flow from local user input. +- The class ``FlowSource`` includes both of the above. + +Examples of global data flow +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The following global taint-tracking query finds places where a string literal is used in a function call argument named "password". + - Since this is a taint-tracking query, the ``TaintTracking::Global`` module is used. + - The ``isSource`` predicate defines sources as any ``StringLiteralExpr``. + - The ``isSink`` predicate defines sinks as arguments to a ``CallExpr`` called "password". + - The sources and sinks may need tuning to a particular use, for example, if passwords are represented by a type other than ``String`` or passed in arguments of a different name than "password". + +.. code-block:: ql + + import swift + import codeql.swift.dataflow.DataFlow + import codeql.swift.dataflow.TaintTracking + + module ConstantPasswordConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node node) { node.asExpr() instanceof StringLiteralExpr } + + predicate isSink(DataFlow::Node node) { + // any argument called `password` + exists(CallExpr call | call.getArgumentWithLabel("password").getExpr() = node.asExpr()) + } + + module ConstantPasswordFlow = TaintTracking::Global; + + from DataFlow::Node sourceNode, DataFlow::Node sinkNode + where ConstantPasswordFlow::flow(sourceNode, sinkNode) + select sinkNode, "The value $@ is used as a constant password.", sourceNode, sourceNode.toString() + + +The following global taint-tracking query finds places where a value from a remote or local user input is used as an argument to the SQLite ``Connection.execute(_:)`` function. + - Since this is a taint-tracking query, the ``TaintTracking::Global`` module is used. + - The ``isSource`` predicate defines sources as a ``FlowSource`` (remote or local user input). + - The ``isSink`` predicate defines sinks as the first argument in any call to ``Connection.execute(_:)``. + +.. code-block:: ql + + import swift + import codeql.swift.dataflow.DataFlow + import codeql.swift.dataflow.TaintTracking + import codeql.swift.dataflow.FlowSources + + module SqlInjectionConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node node) { node instanceof FlowSource } + + predicate isSink(DataFlow::Node node) { + exists(CallExpr call | + call.getStaticTarget().(Method).hasQualifiedName("Connection", "execute(_:)") and + call.getArgument(0).getExpr() = node.asExpr() + ) + } + } + + module SqlInjectionFlow = TaintTracking::Global; + + from DataFlow::Node sourceNode, DataFlow::Node sinkNode + where SqlInjectionFlow::flow(sourceNode, sinkNode) + select sinkNode, "This query depends on a $@.", sourceNode, "user-provided value" + +Further reading +--------------- + +- ":ref:`Exploring data flow with path queries `" + + +.. include:: ../reusables/swift-further-reading.rst +.. include:: ../reusables/codeql-ref-tools-further-reading.rst diff --git a/docs/codeql/codeql-language-guides/basic-query-for-swift-code.rst b/docs/codeql/codeql-language-guides/basic-query-for-swift-code.rst new file mode 100644 index 00000000000..fdaa1ec6290 --- /dev/null +++ b/docs/codeql/codeql-language-guides/basic-query-for-swift-code.rst @@ -0,0 +1,131 @@ +.. _basic-query-for-swift-code: + +Basic query for Swift code +========================== + +Learn to write and run a simple CodeQL query using Visual Studio Code with the CodeQL extension. + +.. include:: ../reusables/swift-beta-note.rst +.. include:: ../reusables/vs-code-basic-instructions/setup-to-run-queries.rst + +About the query +--------------- + +The query we're going to run performs a basic search of the code for ``if`` expressions that are redundant, in the sense that they have an empty ``then`` branch. For example, code such as: + +.. code-block:: swift + + if error { + // we should handle the error + } + +.. include:: ../reusables/vs-code-basic-instructions/find-database.rst + +Running a quick query +--------------------- + +.. include:: ../reusables/vs-code-basic-instructions/run-quick-query-1.rst + +#. In the quick query tab, delete the content and paste in the following query. + + .. code-block:: ql + + import swift + + from IfStmt ifStmt + where ifStmt.getThen().(BraceStmt).getNumberOfElements() = 0 + select ifStmt, "This 'if' statement is redundant." + +.. include:: ../reusables/vs-code-basic-instructions/run-quick-query-2.rst + +.. image:: ../images/codeql-for-visual-studio-code/basic-swift-query-results-1.png + :align: center + +If any matching code is found, click a link in the ``ifStmt`` column to open the file and highlight the matching ``if`` statement. + +.. image:: ../images/codeql-for-visual-studio-code/basic-swift-query-results-2.png + :align: center + +.. include:: ../reusables/vs-code-basic-instructions/note-store-quick-query.rst + +About the query structure +~~~~~~~~~~~~~~~~~~~~~~~~~ + +After the initial ``import`` statement, this simple query comprises three parts that serve similar purposes to the FROM, WHERE, and SELECT parts of an SQL query. + ++------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------+ +| Query part | Purpose | Details | ++==================================================================+===================================================================================================================+=================================================================================================+ +| ``import swift`` | Imports the standard CodeQL AST libraries for Swift. | Every query begins with one or more ``import`` statements. | ++------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------+ +| ``from IfStmt ifStmt`` | Defines the variables for the query. | We use: an ``IfStmt`` variable for ``if`` statements. | +| | Declarations are of the form: | | +| | `` `` | | ++------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------+ +| ``where ifStmt.getThen().(BraceStmt).getNumberOfElements() = 0`` | Defines a condition on the variables. | ``ifStmt.getThen()``: gets the ``then`` branch of the ``if`` expression. | +| | | ``.(BraceStmt)``: requires that the ``then`` branch is a brace statement (``{ }``). | +| | | ``.getNumberOfElements() = 0``: requires that the brace statement contains no child statements. | ++------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------+ +| ``select ifStmt, "This 'if' statement is redundant."`` | Defines what to report for each match. | Reports the resulting ``if`` statement with a string that explains the problem. | +| | | | +| | ``select`` statements for queries that are used to find instances of poor coding practice are always in the form: | | +| | ``select , ""`` | | ++------------------------------------------------------------------+-------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------+ + +Extend the query +---------------- + +Query writing is an inherently iterative process. You write a simple query and then, when you run it, you discover examples that you had not previously considered, or opportunities for improvement. + +Remove false positive results +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Browsing the results of our basic query shows that it could be improved. Among the results you are likely to find examples of ``if`` statements with an ``else`` branch, where an empty ``then`` branch does serve a purpose. For example: + +.. code-block:: swift + + if (option == "-verbose") { + // nothing to do - handled earlier + } else { + handleError("unrecognized option") + } + +In this case, identifying the ``if`` statement with the empty ``then`` branch as redundant is a false positive. One solution to this is to modify the query to select ``if`` statements where both the ``then`` and ``else`` branches are missing. + +To exclude ``if`` statements that have an ``else`` branch: + +#. Add the following to the where clause: + + .. code-block:: ql + + and not exists(ifStmt.getElse()) + + The ``where`` clause is now: + + .. code-block:: ql + + where + ifStmt.getThen().(BraceStmt).getNumberOfElements() = 0 and + not exists(ifStmt.getElse()) + +#. Re-run the query. + + There are now fewer results because ``if`` expressions with an ``else`` branch are no longer included. + +Further reading +--------------- + +.. include:: ../reusables/swift-further-reading.rst +.. include:: ../reusables/codeql-ref-tools-further-reading.rst + +.. Article-specific substitutions for the reusables used in docs/codeql/reusables/vs-code-basic-instructions + +.. |language-text| replace:: Swift + +.. |language-code| replace:: ``swift`` + +.. |example-url| replace:: https://github.com/alamofire/alamofire + +.. |image-quick-query| image:: ../images/codeql-for-visual-studio-code/quick-query-tab-swift.png + +.. |result-col-1| replace:: The first column corresponds to the expression ``ifStmt`` and is linked to the location in the source code of the project where ``ifStmt`` occurs. diff --git a/docs/codeql/codeql-language-guides/codeql-for-swift.rst b/docs/codeql/codeql-language-guides/codeql-for-swift.rst new file mode 100644 index 00000000000..132ab004d6f --- /dev/null +++ b/docs/codeql/codeql-language-guides/codeql-for-swift.rst @@ -0,0 +1,18 @@ +.. _codeql-for-swift: + +CodeQL for Swift +================ + +Experiment and learn how to write effective and efficient queries for CodeQL databases generated from Swift codebases. + +.. include:: ../reusables/swift-beta-note.rst + +.. toctree:: + :hidden: + + basic-query-for-swift-code + analyzing-data-flow-in-swift + +- :doc:`Basic query for Swift code `: Learn to write and run a simple CodeQL query. + +- :doc:`Analyzing data flow in Swift `: You can use CodeQL to track the flow of data through a Swift program to places where the data is used. diff --git a/docs/codeql/codeql-language-guides/codeql-library-for-javascript.rst b/docs/codeql/codeql-language-guides/codeql-library-for-javascript.rst index 8c9c6d8cffa..6742dfa8e76 100644 --- a/docs/codeql/codeql-language-guides/codeql-library-for-javascript.rst +++ b/docs/codeql/codeql-language-guides/codeql-library-for-javascript.rst @@ -193,7 +193,7 @@ The class `ASTNode `__, the standard Node.js ``http`` and ``https`` modules, `Connect `__, `Koa `__, `Hapi `__ and `Restify `__. diff --git a/docs/codeql/codeql-language-guides/customizing-library-models-for-java.rst b/docs/codeql/codeql-language-guides/customizing-library-models-for-java.rst index baa93e8eb0a..950fdc7bf24 100644 --- a/docs/codeql/codeql-language-guides/customizing-library-models-for-java.rst +++ b/docs/codeql/codeql-language-guides/customizing-library-models-for-java.rst @@ -315,7 +315,7 @@ The following source kinds are supported: Below is an enumeration of the remaining source kinds, but they are out of scope for this documentation: -- **contentprovider**, **android-widget**, **android-external-storage-dir**. +- **contentprovider**, **android-external-storage-dir**. sinkModel(package, type, subtypes, name, signature, ext, input, kind, provenance) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -327,18 +327,31 @@ Taint sink. As opposed to source kinds, there are many different kinds of sinks The following sink kinds are supported: -- **sql**: A SQL injection vulnerability sink. -- **xss**: A cross-site scripting vulnerability sink. -- **logging**: A log output sink. - -Below is an enumeration of the remaining sinks, but they are out of scope for this documentation: - -- **open-url**, **jndi-injection**, **ldap**, **jdbc-url** -- **mvel**, **xpath**, **groovy**, **ognl-injection** -- **intent-start**, **pending-intent-sent**, **url-redirect** -- **create-file**, **read-file**, **write-file**, **set-hostname-verifier** -- **header-splitting**, **information-leak**, **xslt**, **jexl** -- **bean-validation**, **ssti**, **fragment-injection**, **regex-use[**\ `arg`\ **]** +- **bean-validation**: A sink that can be used for insecure bean validation, such as in calls to **ConstraintValidatorContext.buildConstraintViolationWithTemplate**. +- **command-injection**: A sink that can be used to inject shell commands, such as in calls to **Runtime.exec**. +- **file-content-store**: A sink that can be used to control the contents of a file, such as in a **Files.write** call. +- **fragment-injection**: A sink that can be used for Android fragment injection, such as in a **FragmentTransaction.replace** call. +- **groovy-injection**: A sink that can be used for Groovy injection, such as in a **GroovyShell.evaluate** call. +- **hostname-verification**: A sink that can be used for unsafe hostname verification, such as in calls to **HttpsURLConnection.setHostnameVerifier**. +- **html-injection**: A sink that can be used for XSS via HTML injection, such as in a **ResponseStream.write** call. +- **information-leak**: A sink that can be used to leak information to an HTTP response, such as in calls to **HttpServletResponse.sendError**. +- **intent-redirection**: A sink that can be used for Android intent redirection, such as in a **Context.startActivity** call. +- **jexl-injection**: A sink that can be used for JEXL expression injection, such as in a **JexlExpression.evaluate** call. +- **jndi-injection**: A sink that can be used for JNDI injection, such as in a **Context.lookup** call. +- **js-injection**: A sink that can be used for XSS via JavaScript injection, such as in a **Webview.evaluateJavaScript** call. +- **ldap-injection**: A sink that can be used for LDAP injection, such as in a **DirContext.search** call. +- **log-injection**: A sink that can be used for log injection, such as in a **Logger.warn** call. +- **mvel-injection**: A sink that can be used for MVEL expression injection, such as in a **MVEL.eval** call. +- **ognl-injection**: A sink that can be used for OGNL injection, such as in an **Ognl.getValue** call. +- **path-injection**: A sink that can be used for path injection in a file system access, such as in calls to **new FileReader**. +- **pending-intents**: A sink that can be used to send an implicit and mutable `PendingIntent` to a third party, such as in an **Activity.setResult** call. +- **request-forgery**: A sink that controls the URL of a request, such as in an **HttpRequest.newBuilder** call. +- **response-splitting**: A sink that can be used for HTTP response splitting, such as in calls to **HttpServletResponse.setHeader**. +- **sql-injection**: A sink that can be used for SQL injection, such as in a **Statement.executeQuery** call. +- **template-injection**: A sink that can be used for server side template injection, such as in a **Velocity.evaluate** call. +- **url-redirection**: A sink that can be used to redirect the user to a malicious URL, such as in a **Response.temporaryRedirect** call. +- **xpath-injection**: A sink that can be used for XPath injection, such as in a **XPath.evaluate** call. +- **xslt-injection**: A sink that can be used for XSLT injection, such as in a **Transformer.transform** call. summaryModel(package, type, subtypes, name, signature, ext, input, output, kind, provenance) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/docs/codeql/codeql-language-guides/customizing-library-models-for-javascript.rst b/docs/codeql/codeql-language-guides/customizing-library-models-for-javascript.rst index d8a9e15faf5..d5cf4e0338e 100644 --- a/docs/codeql/codeql-language-guides/customizing-library-models-for-javascript.rst +++ b/docs/codeql/codeql-language-guides/customizing-library-models-for-javascript.rst @@ -53,7 +53,7 @@ Note that this sink is already recognized by the CodeQL JS analysis, but for thi pack: codeql/javascript-all extensible: sinkModel data: - - ["execa", "Member[shell].Argument[0]", "command-line-injection"] + - ["execa", "Member[shell].Argument[0]", "command-injection"] - Since we're adding a new sink, we add a tuple to the **sinkModel** extensible predicate. @@ -64,7 +64,7 @@ Note that this sink is already recognized by the CodeQL JS analysis, but for thi - **Member[shell]** selects accesses to the **shell** member of the **execa** package. - **Argument[0]** selects the first argument to calls to that member. -- **command-line-injection** indicates that this is considered a sink for the command injection query. +- **command-injection** indicates that this is considered a sink for the command injection query. Example: Taint sources from window 'message' events --------------------------------------------------- @@ -463,7 +463,7 @@ Sink kinds Unlike sources, sinks tend to be highly query-specific, rarely affecting more than one or two queries. Not every query supports customizable sinks. If the following sinks are not suitable for your use case, you should add a new query. - **code-injection**: A sink that can be used to inject code, such as in calls to **eval**. -- **command-line-injection**: A sink that can be used to inject shell commands, such as in calls to **child_process.spawn**. +- **command-injection**: A sink that can be used to inject shell commands, such as in calls to **child_process.spawn**. - **path-injection**: A sink that can be used for path injection in a file system access, such as in calls to **fs.readFile**. - **sql-injection**: A sink that can be used for SQL injection, such as in a MySQL **query** call. - **nosql-injection**: A sink that can be used for NoSQL injection, such as in a MongoDB **findOne** call. diff --git a/docs/codeql/codeql-language-guides/index.rst b/docs/codeql/codeql-language-guides/index.rst index 79f3f79ac54..2b4fabc01a7 100644 --- a/docs/codeql/codeql-language-guides/index.rst +++ b/docs/codeql/codeql-language-guides/index.rst @@ -14,3 +14,4 @@ Experiment and learn how to write effective and efficient queries for CodeQL dat codeql-for-javascript codeql-for-python codeql-for-ruby + codeql-for-swift diff --git a/docs/codeql/codeql-language-guides/using-flow-labels-for-precise-data-flow-analysis.rst b/docs/codeql/codeql-language-guides/using-flow-labels-for-precise-data-flow-analysis.rst index 597ce491463..8625d637366 100644 --- a/docs/codeql/codeql-language-guides/using-flow-labels-for-precise-data-flow-analysis.rst +++ b/docs/codeql/codeql-language-guides/using-flow-labels-for-precise-data-flow-analysis.rst @@ -70,18 +70,22 @@ For example, we would like to flag this code: .. code-block:: javascript - var data = JSON.parse(str); - if (data.length > 0) { // problematic: `data` may be `null` - ... + function test(str) { + var data = JSON.parse(str); + if (data.length > 0) { // problematic: `data` may be `null` + ... + } } This code, on the other hand, should not be flagged: .. code-block:: javascript - var data = JSON.parse(str); - if (data && data.length > 0) { // unproblematic: `data` is first checked for nullness - ... + function test(str) { + var data = JSON.parse(str); + if (data && data.length > 0) { // unproblematic: `data` is first checked for nullness + ... + } } We will first try to write a query to find this kind of problem without flow labels, and use the @@ -168,11 +172,13 @@ checked for null-guardedness: .. code-block:: javascript - var root = JSON.parse(str); - if (root) { - var payload = root.data; // unproblematic: `root` cannot be `null` here - if (payload.length > 0) { // problematic: `payload` may be `null` here - ... + function test(str) { + var root = JSON.parse(str); + if (root) { + var payload = root.data; // unproblematic: `root` cannot be `null` here + if (payload.length > 0) { // problematic: `payload` may be `null` here + ... + } } } diff --git a/docs/codeql/images/codeql-for-visual-studio-code/basic-swift-query-results-1.png b/docs/codeql/images/codeql-for-visual-studio-code/basic-swift-query-results-1.png new file mode 100644 index 00000000000..3ab9607442d Binary files /dev/null and b/docs/codeql/images/codeql-for-visual-studio-code/basic-swift-query-results-1.png differ diff --git a/docs/codeql/images/codeql-for-visual-studio-code/basic-swift-query-results-2.png b/docs/codeql/images/codeql-for-visual-studio-code/basic-swift-query-results-2.png new file mode 100644 index 00000000000..b3e42e7a954 Binary files /dev/null and b/docs/codeql/images/codeql-for-visual-studio-code/basic-swift-query-results-2.png differ diff --git a/docs/codeql/images/codeql-for-visual-studio-code/quick-query-tab-swift.png b/docs/codeql/images/codeql-for-visual-studio-code/quick-query-tab-swift.png new file mode 100644 index 00000000000..e7caf3dd438 Binary files /dev/null and b/docs/codeql/images/codeql-for-visual-studio-code/quick-query-tab-swift.png differ diff --git a/docs/codeql/ql-language-reference/annotations.rst b/docs/codeql/ql-language-reference/annotations.rst index 7b860e39719..70e4321667f 100644 --- a/docs/codeql/ql-language-reference/annotations.rst +++ b/docs/codeql/ql-language-reference/annotations.rst @@ -292,7 +292,7 @@ at the places where it is called. ``pragma[inline_late]`` ----------------------- -**Available for**: |non-member predicates| +**Available for**: |characteristic predicates|, |member predicates|, |non-member predicates| The ``pragma[inline_late]`` annotation must be used in conjunction with a ``bindingset[...]`` pragma. Together, they tell the QL optimiser to use the diff --git a/docs/codeql/ql-language-reference/ql-language-specification.rst b/docs/codeql/ql-language-reference/ql-language-specification.rst index ac60ea55c1b..71dcbdce571 100644 --- a/docs/codeql/ql-language-reference/ql-language-specification.rst +++ b/docs/codeql/ql-language-reference/ql-language-specification.rst @@ -176,27 +176,31 @@ A QL module definition has the following syntax: :: - module ::= annotation* "module" modulename "{" moduleBody "}" + module ::= annotation* "module" modulename parameters? implements? "{" moduleBody "}" - moduleBody ::= (import | predicate | class | module | alias | select)* + parameters ::= "<" signatureExpr parameterName ("," signatureExpr parameterName)* ">" + + implements ::= "implements" moduleSignatureExpr ("," moduleSignatureExpr)* + + moduleBody ::= (import | predicate | class | module | signature | alias | select)* A module definition extends the current module's declared module environment with a mapping from the module name to the module definition. -QL files consist of simply a module body without a name and surrounding braces: +QL files and QLL files consist of simply a module body without a name and surrounding braces: :: ql ::= moduleBody -QL files define a module corresponding to the file, whose name is the same as the filename. +QL files and QLL files define a module corresponding to the file, whose name is the same as the filename. Kinds of modules ~~~~~~~~~~~~~~~~ A module may be: -- A *file module*, if it is defined implicitly by a QL file. -- A *query module*, if it is defined by a QL file. +- A *file module*, if it is defined implicitly by a QL file or a QLL file. +- A *query module*, if it is defined implicitly by a QL file. - A *library module*, if it is not a query module. A query module must contain one or more queries. @@ -208,12 +212,15 @@ An import directive refers to a module identifier: :: - import ::= annotations "import" importModuleId ("as" modulename)? + import ::= annotations "import" importModuleExpr ("as" modulename)? qualId ::= simpleId | qualId "." simpleId - importModuleId ::= qualId - | importModuleId "::" simpleId + importModuleExpr ::= qualId | importModuleExpr "::" modulename arguments? + + arguments ::= "<" argument ("," argument)* ">" + + argument ::= moduleExpr | type | predicateRef "/" int An import directive may optionally name the imported module using an ``as`` declaration. If a name is defined, then the import directive adds to the declared module environment of the current module a mapping from the name to the declaration of the imported module. Otherwise, the current module *directly imports* the imported module. @@ -280,9 +287,9 @@ With the exception of class domain types and character types (which cannot be re :: - type ::= (moduleId "::")? classname | dbasetype | "boolean" | "date" | "float" | "int" | "string" + type ::= (moduleExpr "::")? classname | dbasetype | "boolean" | "date" | "float" | "int" | "string" - moduleId ::= simpleId | moduleId "::" simpleId + moduleExpr ::= modulename arguments? | moduleExpr "::" modulename arguments? A type reference is resolved to a type as follows: @@ -587,20 +594,21 @@ There are several kinds of identifiers: - ``atLowerId``: an identifier that starts with an "@" sign and then a lower-case letter. -- ``atUpperId``: an identifier that starts with an "@" sign and then an upper-case letter. - Identifiers are used in following syntactic constructs: :: - simpleId ::= lowerId | upperId - modulename ::= simpleId - classname ::= upperId - dbasetype ::= atLowerId - predicateRef ::= (moduleId "::")? literalId - predicateName ::= lowerId - varname ::= lowerId - literalId ::= lowerId | atLowerId + simpleId ::= lowerId | upperId + modulename ::= simpleId + moduleSignatureName ::= upperId + classname ::= upperId + dbasetype ::= atLowerId + predicateRef ::= (moduleExpr "::")? literalId + signatureExpr ::= (moduleExpr "::")? simpleId ("/" Integer | arguments)?; + predicateName ::= lowerId + parameterName ::= simpleId + varname ::= lowerId + literalId ::= lowerId | atLowerId Integer literals (int) ~~~~~~~~~~~~~~~~~~~~~~ @@ -662,12 +670,14 @@ Various kinds of syntax can have *annotations* applied to them. Annotations are simpleAnnotation ::= "abstract" | "cached" | "external" + | "extensible" | "final" | "transient" | "library" | "private" | "deprecated" | "override" + | "additional" | "query" argsAnnotation ::= "pragma" "[" ("inline" | "inline_late" | "noinline" | "nomagic" | "noopt" | "assume_small_delta") "]" @@ -683,31 +693,36 @@ Simple annotations The following table summarizes the syntactic constructs which can be marked with each annotation in a valid program; for example, an ``abstract`` annotation preceding a character is invalid. -+----------------+---------+------------+-------------------+-----------------------+---------+--------+---------+---------+ -| Annotation | Classes | Characters | Member predicates | Non-member predicates | Imports | Fields | Modules | Aliases | -+================+=========+============+===================+=======================+=========+========+=========+=========+ -| ``abstract`` | yes | | yes | | | | | | -+----------------+---------+------------+-------------------+-----------------------+---------+--------+---------+---------+ -| ``cached`` | yes | yes | yes | yes | | | yes | | -+----------------+---------+------------+-------------------+-----------------------+---------+--------+---------+---------+ -| ``external`` | | | | yes | | | | | -+----------------+---------+------------+-------------------+-----------------------+---------+--------+---------+---------+ -| ``final`` | yes | | yes | | | yes | | yes | -+----------------+---------+------------+-------------------+-----------------------+---------+--------+---------+---------+ -| ``transient`` | | | | yes | | | | | -+----------------+---------+------------+-------------------+-----------------------+---------+--------+---------+---------+ -| ``library`` | yes | | | | | | | | -+----------------+---------+------------+-------------------+-----------------------+---------+--------+---------+---------+ -| ``private`` | yes | | yes | yes | yes | yes | yes | yes | -+----------------+---------+------------+-------------------+-----------------------+---------+--------+---------+---------+ -| ``deprecated`` | yes | | yes | yes | | yes | yes | yes | -+----------------+---------+------------+-------------------+-----------------------+---------+--------+---------+---------+ -| ``override`` | | | yes | | | yes | | | -+----------------+---------+------------+-------------------+-----------------------+---------+--------+---------+---------+ -| ``query`` | | | | yes | | | | yes | -+----------------+---------+------------+-------------------+-----------------------+---------+--------+---------+---------+ ++----------------+---------+------------+-------------------+-----------------------+---------+--------+---------+---------+------------+ +| Annotation | Classes | Characters | Member predicates | Non-member predicates | Imports | Fields | Modules | Aliases | Signatures | ++================+=========+============+===================+=======================+=========+========+=========+=========+============+ +| ``abstract`` | yes | | yes | | | | | | | ++----------------+---------+------------+-------------------+-----------------------+---------+--------+---------+---------+------------+ +| ``cached`` | yes | yes | yes | yes | | | yes | | | ++----------------+---------+------------+-------------------+-----------------------+---------+--------+---------+---------+------------+ +| ``external`` | | | | yes | | | | | | ++----------------+---------+------------+-------------------+-----------------------+---------+--------+---------+---------+------------+ +| ``extensible`` | | | | yes | | | | | | ++----------------+---------+------------+-------------------+-----------------------+---------+--------+---------+---------+------------+ +| ``final`` | yes | | yes | | | yes | | (yes) | | ++----------------+---------+------------+-------------------+-----------------------+---------+--------+---------+---------+------------+ +| ``transient`` | | | | yes | | | | | | ++----------------+---------+------------+-------------------+-----------------------+---------+--------+---------+---------+------------+ +| ``library`` | (yes) | | | | | | | | | ++----------------+---------+------------+-------------------+-----------------------+---------+--------+---------+---------+------------+ +| ``private`` | yes | | yes | yes | yes | yes | yes | yes | yes | ++----------------+---------+------------+-------------------+-----------------------+---------+--------+---------+---------+------------+ +| ``deprecated`` | yes | | yes | yes | | yes | yes | yes | yes | ++----------------+---------+------------+-------------------+-----------------------+---------+--------+---------+---------+------------+ +| ``override`` | | | yes | | | yes | | | | ++----------------+---------+------------+-------------------+-----------------------+---------+--------+---------+---------+------------+ +| ``additional`` | yes | | | yes | | | yes | yes | yes | ++----------------+---------+------------+-------------------+-----------------------+---------+--------+---------+---------+------------+ +| ``query`` | | | | yes | | | | yes | | ++----------------+---------+------------+-------------------+-----------------------+---------+--------+---------+---------+------------+ The ``library`` annotation is only usable within a QLL file, not a QL file. +The ``final`` annotation is usable on type aliases, but not on module aliases and predicate aliases. Annotations on aliases apply to the name introduced by the alias. An alias may, for example, have different privacy to the name it aliases. @@ -723,7 +738,7 @@ The parameterized annotation ``pragma`` supplies compiler pragmas, and may be ap +===========================+=========+============+===================+=======================+=========+========+=========+=========+ | ``inline`` | | yes | yes | yes | | | | | +---------------------------+---------+------------+-------------------+-----------------------+---------+--------+---------+---------+ -| ``inline_late`` | | | | yes | | | | | +| ``inline_late`` | | yes | yes | yes | | | | | +---------------------------+---------+------------+-------------------+-----------------------+---------+--------+---------+---------+ | ``noinline`` | | yes | yes | yes | | | | | +---------------------------+---------+------------+-------------------+-----------------------+---------+--------+---------+---------+ @@ -757,11 +772,13 @@ Binding sets are checked by the QL compiler in the following way: A predicate may have several different binding sets, which can be stated by using multiple ``bindingset`` annotations on the same predicate. -+----------------+---------+------------+-------------------+-----------------------+---------+--------+---------+---------+ -| Pragma | Classes | Characters | Member predicates | Non-member predicates | Imports | Fields | Modules | Aliases | -+================+=========+============+===================+=======================+=========+========+=========+=========+ -| ``bindingset`` | | yes | yes | yes | | | | | -+----------------+---------+------------+-------------------+-----------------------+---------+--------+---------+---------+ ++----------------+---------+------------+-------------------+-----------------------+---------+--------+---------+---------+------------+ +| Annotation | Classes | Characters | Member predicates | Non-member predicates | Imports | Fields | Modules | Aliases | Signatures | ++================+=========+============+===================+=======================+=========+========+=========+=========+============+ +| ``bindingset`` | | yes | yes | yes | | | | | (yes) | ++----------------+---------+------------+-------------------+-----------------------+---------+--------+---------+---------+------------+ + +The ``bindingset`` pragma is usable with type signatures and predicate signatures, but not with module signatures. QLDoc ----- @@ -808,7 +825,7 @@ If the query file starts with whitespace followed by a QLDoc comment, then the t Top-level entities ------------------ -Modules include five kinds of top-level entity: predicates, classes, modules, aliases, and select clauses. +Modules include five kinds of top-level entity: predicates, classes, modules, aliases, signatures, and select clauses. Non-member predicates ~~~~~~~~~~~~~~~~~~~~~ @@ -962,6 +979,37 @@ A valid field must override another field if it is annotated ``override``. When field ``f`` overrides field ``g`` the type of ``f`` must be a subtype of the type of ``g``. ``f`` may not be a final field. + +Signatures +~~~~~~~~~~ + +A signature definition has the following syntax: + +:: + + signature ::= predicateSignature | typeSignature | moduleSignature + + predicateSignature ::= qldoc? annotations "signature" head ";" + + typeSignature ::= qldoc? annotations "signature" "class" classname ("extends" type ("," type)*)? (";" | "{" signaturePredicate* "}") + + moduleSignature ::= qldoc? annotation* "signature" "module" moduleSignatureName parameters? "{" moduleSignatureBody "}" + + moduleSignatureBody ::= (signaturePredicate | defaultPredicate | signatureType)* + + signaturePredicate ::= qldoc? annotations head ";" + + defaultPredicate ::= qldoc? annotations "default" head "{" formula "}" + + signatureType ::= qldoc? annotations "class" classname ("extends" type ("," type)*)? "{" signaturePredicate* "}" + + +A predicate signature definition extends the current module's declared predicate signature environment with a mapping from the predicate signature name and arity to the predicate signature definition. + +A type signature definition extends the current module's declared type signature environment with a mapping from the type signature name to the type signature definition. + +A module signature definition extends the current module's declared module signature environment with a mapping from the module signature name to the module signature definition. + Select clauses ~~~~~~~~~~~~~~ @@ -1615,7 +1663,7 @@ Aliases define new names for existing QL entities. alias ::= qldoc? annotations "predicate" literalId "=" predicateRef "/" int ";" | qldoc? annotations "class" classname "=" type ";" - | qldoc? annotations "module" modulename "=" moduleId ";" + | qldoc? annotations "module" modulename "=" moduleExpr ";" An alias introduces a binding from the new name to the entity referred to by the right-hand side in the current module's declared predicate, type, or module environment respectively. @@ -2064,16 +2112,39 @@ The complete grammar for QL is as follows: ql ::= qldoc? moduleBody - module ::= annotation* "module" modulename "{" moduleBody "}" + module ::= annotation* "module" modulename parameters? implements? "{" moduleBody "}" + + parameters ::= "<" signatureExpr parameterName ("," signatureExpr parameterName)* ">" + + implements ::= "implements" moduleSignatureExpr ("," moduleSignatureExpr)* moduleBody ::= (import | predicate | class | module | alias | select)* - import ::= annotations "import" importModuleId ("as" modulename)? + import ::= annotations "import" importModuleExpr ("as" modulename)? qualId ::= simpleId | qualId "." simpleId - importModuleId ::= qualId - | importModuleId "::" simpleId + importModuleExpr ::= qualId | importModuleExpr "::" modulename arguments? + + arguments ::= "<" argument ("," argument)* ">" + + argument ::= moduleExpr | type | predicateRef "/" int + + signature ::= predicateSignature | typeSignature | moduleSignature + + predicateSignature ::= qldoc? annotations "signature" head ";" + + typeSignature ::= qldoc? annotations "signature" "class" classname ("extends" type ("," type)*)? (";" | "{" signaturePredicate* "}") + + moduleSignature ::= qldoc? annotation* "signature" "module" moduleSignatureName parameters? "{" moduleSignatureBody "}" + + moduleSignatureBody ::= (signaturePredicate | defaultPredicate | signatureType)* + + signaturePredicate ::= qldoc? annotations head ";" + + defaultPredicate ::= qldoc? annotations "default" head "{" formula "}" + + signatureType ::= qldoc? annotations "class" classname ("extends" type ("," type)*)? "{" signaturePredicate* "}" select ::= ("from" var_decls)? ("where" formula)? "select" as_exprs ("order" "by" orderbys)? @@ -2094,12 +2165,14 @@ The complete grammar for QL is as follows: simpleAnnotation ::= "abstract" | "cached" | "external" + | "extensible" | "final" | "transient" | "library" | "private" | "deprecated" | "override" + | "additional" | "query" argsAnnotation ::= "pragma" "[" ("inline" | "inline_late" | "noinline" | "nomagic" | "noopt" | "assume_small_delta") "]" @@ -2120,15 +2193,19 @@ The complete grammar for QL is as follows: field ::= qldoc? annotations var_decl ";" - moduleId ::= simpleId | moduleId "::" simpleId + moduleExpr ::= modulename arguments? | moduleExpr "::" modulename arguments? - type ::= (moduleId "::")? classname | dbasetype | "boolean" | "date" | "float" | "int" | "string" + moduleSignatureExpr ::= (moduleExpr "::")? moduleSignatureName arguments? + + signatureExpr : (moduleExpr "::")? simpleId ("/" Integer | arguments)?; + + type ::= (moduleExpr "::")? classname | dbasetype | "boolean" | "date" | "float" | "int" | "string" exprs ::= expr ("," expr)* alias ::= qldoc? annotations "predicate" literalId "=" predicateRef "/" int ";" | qldoc? annotations "class" classname "=" type ";" - | qldoc? annotations "module" modulename "=" moduleId ";" + | qldoc? annotations "module" modulename "=" moduleExpr ";" var_decls ::= (var_decl ("," var_decl)*)? @@ -2245,14 +2322,18 @@ The complete grammar for QL is as follows: modulename ::= simpleId + moduleSignatureName ::= upperId + classname ::= upperId dbasetype ::= atLowerId - predicateRef ::= (moduleId "::")? literalId + predicateRef ::= (moduleExpr "::")? literalId predicateName ::= lowerId + parameterName ::= simpleId + varname ::= lowerId literalId ::= lowerId | atLowerId | "any" | "none" diff --git a/docs/codeql/query-help/codeql-cwe-coverage.rst b/docs/codeql/query-help/codeql-cwe-coverage.rst index 680f41b1056..54219ea8f3b 100644 --- a/docs/codeql/query-help/codeql-cwe-coverage.rst +++ b/docs/codeql/query-help/codeql-cwe-coverage.rst @@ -4,6 +4,7 @@ CodeQL CWE coverage You can view the full coverage of MITRE's Common Weakness Enumeration (CWE) or coverage by language for the latest release of CodeQL. .. include:: ../reusables/kotlin-beta-note.rst +.. include:: ../reusables/swift-beta-note.rst About CWEs ########## @@ -36,4 +37,5 @@ Note that the CWE coverage includes both "`supported queries ` - :doc:`CodeQL query help for Go ` - :doc:`CodeQL query help for Java and Kotlin ` -- :doc:`CodeQL query help for JavaScript ` +- :doc:`CodeQL query help for JavaScript and TypeScript ` - :doc:`CodeQL query help for Python ` - :doc:`CodeQL query help for Ruby ` +- :doc:`CodeQL query help for Swift ` .. include:: ../reusables/kotlin-beta-note.rst +.. include:: ../reusables/swift-beta-note.rst .. pull-quote:: Information @@ -36,4 +38,5 @@ For a full list of the CWEs covered by these queries, see ":doc:`CodeQL CWE cove javascript python ruby + swift codeql-cwe-coverage diff --git a/docs/codeql/query-help/swift-cwe.md b/docs/codeql/query-help/swift-cwe.md new file mode 100644 index 00000000000..2dde42f0583 --- /dev/null +++ b/docs/codeql/query-help/swift-cwe.md @@ -0,0 +1,8 @@ +# CWE coverage for Swift + +An overview of CWE coverage for Swift in the latest release of CodeQL. + +## Overview + + + diff --git a/docs/codeql/query-help/swift.rst b/docs/codeql/query-help/swift.rst new file mode 100644 index 00000000000..8f14dcde284 --- /dev/null +++ b/docs/codeql/query-help/swift.rst @@ -0,0 +1,10 @@ +CodeQL query help for Swift +=========================== + +.. include:: ../reusables/query-help-overview.rst + +These queries are published in the CodeQL query pack ``codeql/swift-queries`` (`changelog `__, `source `__). + +For shorter queries that you can use as building blocks when writing your own queries, see the `example queries in the CodeQL repository `__. + +.. include:: toc-swift.rst diff --git a/docs/codeql/reusables/extractors.rst b/docs/codeql/reusables/extractors.rst index 606c57d0208..bfcd7571cb7 100644 --- a/docs/codeql/reusables/extractors.rst +++ b/docs/codeql/reusables/extractors.rst @@ -17,4 +17,6 @@ * - Python - ``python`` * - Ruby - - ``ruby`` \ No newline at end of file + - ``ruby`` + * - Swift + - ``swift`` \ No newline at end of file diff --git a/docs/codeql/reusables/supported-frameworks.rst b/docs/codeql/reusables/supported-frameworks.rst index cd1112a6e0c..520969d51c8 100644 --- a/docs/codeql/reusables/supported-frameworks.rst +++ b/docs/codeql/reusables/supported-frameworks.rst @@ -278,3 +278,34 @@ and the CodeQL library pack ``codeql/ruby-all`` (`changelog `__, `source `__) +and the CodeQL library pack ``codeql/swift-all`` (`changelog `__, `source `__). + +.. csv-table:: + :header-rows: 1 + :class: fullWidthTable + :widths: auto + + Name, Category + `AEXML `__, XML processing library + `Alamofire `__, Network communicator + `Core Data `__, Database + `CryptoKit `__, Cryptography library + `CryptoSwift `__, Cryptography library + `Foundation `__, Utility library + `GRDB `__, Database + `JavaScriptCore `__, Scripting library + `Libxml2 `__, XML processing library + `Network `__, Network communicator + `Realm Swift `__, Database + `RNCryptor `__, Cryptography library + `SQLite3 `__, Database + `SQLite.swift `__, Database + `WebKit `__, User interface library diff --git a/docs/codeql/reusables/supported-versions-compilers.rst b/docs/codeql/reusables/supported-versions-compilers.rst index 04bc890c707..0d38f92a8c8 100644 --- a/docs/codeql/reusables/supported-versions-compilers.rst +++ b/docs/codeql/reusables/supported-versions-compilers.rst @@ -4,7 +4,7 @@ :stub-columns: 1 Language,Variants,Compilers,Extensions - C/C++,"C89, C99, C11, C18, C++98, C++03, C++11, C++14, C++17, C++20 [1]_","Clang (and clang-cl [2]_) extensions (up to Clang 12.0), + C/C++,"C89, C99, C11, C17, C++98, C++03, C++11, C++14, C++17, C++20 [1]_","Clang (and clang-cl [2]_) extensions (up to Clang 12.0), GNU extensions (up to GCC 11.1), @@ -20,11 +20,12 @@ Java,"Java 7 to 20 [4]_","javac (OpenJDK and Oracle JDK), Eclipse compiler for Java (ECJ) [5]_",``.java`` - Kotlin [6]_,"Kotlin 1.5.0 to 1.8.20","kotlinc",``.kt`` + Kotlin [6]_,"Kotlin 1.5.0 to 1.9.0","kotlinc",``.kt`` JavaScript,ECMAScript 2022 or lower,Not applicable,"``.js``, ``.jsx``, ``.mjs``, ``.es``, ``.es6``, ``.htm``, ``.html``, ``.xhtm``, ``.xhtml``, ``.vue``, ``.hbs``, ``.ejs``, ``.njk``, ``.json``, ``.yaml``, ``.yml``, ``.raml``, ``.xml`` [7]_" Python [8]_,"2.7, 3.5, 3.6, 3.7, 3.8, 3.9, 3.10, 3.11",Not applicable,``.py`` Ruby [9]_,"up to 3.2",Not applicable,"``.rb``, ``.erb``, ``.gemspec``, ``Gemfile``" - TypeScript [10]_,"2.6-5.0",Standard TypeScript compiler,"``.ts``, ``.tsx``, ``.mts``, ``.cts``" + Swift [10]_,"Swift 5.4-5.7","Swift compiler","``.swift``" + TypeScript [11]_,"2.6-5.1",Standard TypeScript compiler,"``.ts``, ``.tsx``, ``.mts``, ``.cts``" .. container:: footnote-group @@ -37,4 +38,5 @@ .. [7] JSX and Flow code, YAML, JSON, HTML, and XML files may also be analyzed with JavaScript files. .. [8] The extractor requires Python 3 to run. To analyze Python 2.7 you should install both versions of Python. .. [9] Requires glibc 2.17. - .. [10] TypeScript analysis is performed by running the JavaScript extractor with TypeScript enabled. This is the default. + .. [10] Swift support is currently in beta. Support for the analysis of Swift 5.4-5.7 requires macOS. Swift 5.7.3 can also be analyzed using Linux. + .. [11] TypeScript analysis is performed by running the JavaScript extractor with TypeScript enabled. This is the default. diff --git a/docs/codeql/reusables/swift-beta-note.rst b/docs/codeql/reusables/swift-beta-note.rst new file mode 100644 index 00000000000..27336683340 --- /dev/null +++ b/docs/codeql/reusables/swift-beta-note.rst @@ -0,0 +1,4 @@ + .. pull-quote:: Note + + CodeQL analysis for Swift is currently in beta. During the beta, analysis of Swift code, + and the accompanying documentation, will not be as comprehensive as for other languages. \ No newline at end of file diff --git a/docs/codeql/reusables/swift-further-reading.rst b/docs/codeql/reusables/swift-further-reading.rst new file mode 100644 index 00000000000..306bc0fa0c0 --- /dev/null +++ b/docs/codeql/reusables/swift-further-reading.rst @@ -0,0 +1,4 @@ +- `CodeQL queries for Swift `__ +- `Example queries for Swift `__ +- `CodeQL library reference for Swift `__ + diff --git a/docs/codeql/writing-codeql-queries/creating-path-queries.rst b/docs/codeql/writing-codeql-queries/creating-path-queries.rst index e2325ee696c..fc3b18a9b95 100644 --- a/docs/codeql/writing-codeql-queries/creating-path-queries.rst +++ b/docs/codeql/writing-codeql-queries/creating-path-queries.rst @@ -30,7 +30,7 @@ For more language-specific information on analyzing data flow, see: - ":ref:`Analyzing data flow in JavaScript/TypeScript `" - ":ref:`Analyzing data flow in Python `" - ":ref:`Analyzing data flow in Ruby `" - +- ":ref:`Analyzing data flow in Swift `" Path query examples ******************* @@ -56,8 +56,8 @@ You should use the following template: */ import - // For some languages (Java/C++/Python) you need to explicitly import the data flow library, such as - // import semmle.code.java.dataflow.DataFlow + // For some languages (Java/C++/Python/Swift) you need to explicitly import the data flow library, such as + // import semmle.code.java.dataflow.DataFlow or import codeql.swift.dataflow.DataFlow import DataFlow::PathGraph ... diff --git a/go/Makefile b/go/Makefile index 8950bac6a21..8f28079f008 100644 --- a/go/Makefile +++ b/go/Makefile @@ -14,7 +14,7 @@ CODEQL_PLATFORM = osx64 endif endif -CODEQL_TOOLS = $(addprefix codeql-tools/,autobuild.cmd autobuild.sh pre-finalize.cmd pre-finalize.sh index.cmd index.sh tracing-config.lua) +CODEQL_TOOLS = $(addprefix codeql-tools/,autobuild.cmd autobuild.sh pre-finalize.cmd pre-finalize.sh index.cmd index.sh identify-environment.cmd identify-environment.sh tracing-config.lua) EXTRACTOR_PACK_OUT = build/codeql-extractor-go @@ -113,9 +113,9 @@ ql/lib/go.dbscheme.stats: ql/lib/go.dbscheme build/stats/src.stamp extractor test: all build/testdb/check-upgrade-path codeql test run -j0 ql/test --search-path build/codeql-extractor-go --consistency-queries ql/test/consistency --compilation-cache=$(cache) - # use GOOS=linux because GOOS=darwin GOARCH=386 is no longer supported +# use GOOS=linux because GOOS=darwin GOARCH=386 is no longer supported env GOOS=linux GOARCH=386 codeql$(EXE) test run -j0 ql/test/query-tests/Security/CWE-681 --search-path build/codeql-extractor-go --consistency-queries ql/test/consistency --compilation-cache=$(cache) - cd extractor; go test -mod=vendor ./... | grep -vF "[no test files]" + cd extractor; go test -mod=vendor ./... bash extractor-smoke-test/test.sh || (echo "Extractor smoke test FAILED"; exit 1) .PHONY: build/testdb/check-upgrade-path diff --git a/go/codeql-tools/identify-environment.cmd b/go/codeql-tools/identify-environment.cmd new file mode 100644 index 00000000000..1843805e3c7 --- /dev/null +++ b/go/codeql-tools/identify-environment.cmd @@ -0,0 +1,8 @@ +@echo off +SETLOCAL EnableDelayedExpansion + +type NUL && "%CODEQL_EXTRACTOR_GO_ROOT%/tools/%CODEQL_PLATFORM%/go-autobuilder.exe" --identify-environment + +exit /b %ERRORLEVEL% + +ENDLOCAL diff --git a/go/codeql-tools/identify-environment.sh b/go/codeql-tools/identify-environment.sh new file mode 100755 index 00000000000..27d48329065 --- /dev/null +++ b/go/codeql-tools/identify-environment.sh @@ -0,0 +1,10 @@ +#!/bin/sh + +set -eu + +if [ "$CODEQL_PLATFORM" != "linux64" ] && [ "$CODEQL_PLATFORM" != "osx64" ] ; then + echo "Automatic build detection for $CODEQL_PLATFORM is not implemented." + exit 1 +fi + +"$CODEQL_EXTRACTOR_GO_ROOT/tools/$CODEQL_PLATFORM/go-autobuilder" --identify-environment diff --git a/go/extractor/cli/go-autobuilder/go-autobuilder.go b/go/extractor/cli/go-autobuilder/go-autobuilder.go index bddae0afdf7..fc56d4b8715 100644 --- a/go/extractor/cli/go-autobuilder/go-autobuilder.go +++ b/go/extractor/cli/go-autobuilder/go-autobuilder.go @@ -25,10 +25,8 @@ func usage() { Options: --identify-environment - Produce an environment file specifying which Go version should be installed in the environment - so that autobuilding will be successful. The location of this file is controlled by the - environment variable CODEQL_EXTRACTOR_ENVIRONMENT_JSON, or defaults to 'environment.json' if - that is not set. + Output some json on stdout specifying which Go version should be installed in the environment + so that autobuilding will be successful. Build behavior: @@ -46,7 +44,7 @@ Build behavior: to 'false' disables the GOPATH set-up, CODEQL_EXTRACTOR_GO_BUILD_COMMAND (or alternatively LGTM_INDEX_BUILD_COMMAND), can be set to a newline-separated list of commands to run in order to install dependencies, and LGTM_INDEX_IMPORT_PATH can be used to override the package import path, - which is otherwise inferred from the SEMMLE_REPO_URL or GITHUB_REPOSITORY environment variables. + which is otherwise inferred from the SEMMLE_REPO_URL or GITHUB_REPOSITORY environment variables. In resource-constrained environments, the environment variable CODEQL_EXTRACTOR_GO_MAX_GOROUTINES (or its legacy alias SEMMLE_MAX_GOROUTINES) can be used to limit the number of parallel goroutines @@ -719,82 +717,192 @@ func installDependenciesAndBuild() { const minGoVersion = "1.11" const maxGoVersion = "1.20" +// Check if `version` is lower than `minGoVersion`. Note that for this comparison we ignore the +// patch part of the version, so 1.20.1 and 1.20 are considered equal. +func belowSupportedRange(version string) bool { + return semver.Compare(semver.MajorMinor("v"+version), "v"+minGoVersion) < 0 +} + +// Check if `version` is higher than `maxGoVersion`. Note that for this comparison we ignore the +// patch part of the version, so 1.20.1 and 1.20 are considered equal. +func aboveSupportedRange(version string) bool { + return semver.Compare(semver.MajorMinor("v"+version), "v"+maxGoVersion) > 0 +} + // Check if `version` is lower than `minGoVersion` or higher than `maxGoVersion`. Note that for // this comparison we ignore the patch part of the version, so 1.20.1 and 1.20 are considered // equal. func outsideSupportedRange(version string) bool { - short := semver.MajorMinor("v" + version) - return semver.Compare(short, "v"+minGoVersion) < 0 || semver.Compare(short, "v"+maxGoVersion) > 0 + return belowSupportedRange(version) || aboveSupportedRange(version) } -// Check if `v.goModVersion` or `v.goEnvVersion` are outside of the supported range. If so, emit -// a diagnostic and return an empty version to indicate that we should not attempt to install a -// different version of Go. -func checkForUnsupportedVersions(v versionInfo) (msg, version string) { - if v.goModVersionFound && outsideSupportedRange(v.goModVersion) { - msg = "The version of Go found in the `go.mod` file (" + v.goModVersion + - ") is outside of the supported range (" + minGoVersion + "-" + maxGoVersion + - "). Writing an environment file not specifying any version of Go." - version = "" - diagnostics.EmitUnsupportedVersionGoMod(msg) - } else if v.goEnvVersionFound && outsideSupportedRange(v.goEnvVersion) { - msg = "The version of Go installed in the environment (" + v.goEnvVersion + - ") is outside of the supported range (" + minGoVersion + "-" + maxGoVersion + - "). Writing an environment file not specifying any version of Go." - version = "" - diagnostics.EmitUnsupportedVersionEnvironment(msg) - } - - return msg, version -} - -// Check if either `v.goEnvVersionFound` or `v.goModVersionFound` are false. If so, emit -// a diagnostic and return the version to install, or the empty string if we should not attempt to -// install a version of Go. We assume that `checkForUnsupportedVersions` has already been -// called, so any versions that are found are within the supported range. -func checkForVersionsNotFound(v versionInfo) (msg, version string) { - if !v.goEnvVersionFound && !v.goModVersionFound { - msg = "No version of Go installed and no `go.mod` file found. Writing an environment " + - "file specifying the maximum supported version of Go (" + maxGoVersion + ")." +// Assuming `v.goModVersionFound` is false, emit a diagnostic and return the version to install, +// or the empty string if we should not attempt to install a version of Go. +func getVersionWhenGoModVersionNotFound(v versionInfo) (msg, version string) { + if !v.goEnvVersionFound { + // There is no Go version installed in the environment. We have no indication which version + // was intended to be used to build this project. Go versions are generally backwards + // compatible, so we install the maximum supported version. + msg = "No version of Go installed and no `go.mod` file found. Requesting the maximum " + + "supported version of Go (" + maxGoVersion + ")." version = maxGoVersion diagnostics.EmitNoGoModAndNoGoEnv(msg) - } - - if !v.goEnvVersionFound && v.goModVersionFound { - msg = "No version of Go installed. Writing an environment file specifying the version " + - "of Go found in the `go.mod` file (" + v.goModVersion + ")." - version = v.goModVersion - diagnostics.EmitNoGoEnv(msg) - } - - if v.goEnvVersionFound && !v.goModVersionFound { + } else if outsideSupportedRange(v.goEnvVersion) { + // The Go version installed in the environment is not supported. We have no indication + // which version was intended to be used to build this project. Go versions are generally + // backwards compatible, so we install the maximum supported version. + msg = "No `go.mod` file found. The version of Go installed in the environment (" + + v.goEnvVersion + ") is outside of the supported range (" + minGoVersion + "-" + + maxGoVersion + "). Requesting the maximum supported version of Go (" + maxGoVersion + + ")." + version = maxGoVersion + diagnostics.EmitNoGoModAndGoEnvUnsupported(msg) + } else { + // The version of Go that is installed is supported. We have no indication which version + // was intended to be used to build this project. We assume that the installed version is + // suitable and do not install a version of Go. msg = "No `go.mod` file found. Version " + v.goEnvVersion + " installed in the " + - "environment. Writing an environment file not specifying any version of Go." + "environment is supported. Not requesting any version of Go." version = "" - diagnostics.EmitNoGoMod(msg) + diagnostics.EmitNoGoModAndGoEnvSupported(msg) } return msg, version } -// Compare `v.goModVersion` and `v.goEnvVersion`. emit a diagnostic and return the version to -// install, or the empty string if we should not attempt to install a version of Go. We assume that -// `checkForUnsupportedVersions` and `checkForVersionsNotFound` have already been called, so both -// versions are found and are within the supported range. -func compareVersions(v versionInfo) (msg, version string) { - if semver.Compare("v"+v.goModVersion, "v"+v.goEnvVersion) > 0 { +// Assuming `v.goModVersion` is above the supported range, emit a diagnostic and return the +// version to install, or the empty string if we should not attempt to install a version of Go. +func getVersionWhenGoModVersionTooHigh(v versionInfo) (msg, version string) { + if !v.goEnvVersionFound { + // The version in the `go.mod` file is above the supported range. There is no Go version + // installed. We install the maximum supported version as a best effort. + msg = "The version of Go found in the `go.mod` file (" + v.goModVersion + + ") is above the supported range (" + minGoVersion + "-" + maxGoVersion + + "). No version of Go installed. Requesting the maximum supported version of Go (" + + maxGoVersion + ")." + version = maxGoVersion + diagnostics.EmitGoModVersionTooHighAndNoGoEnv(msg) + } else if aboveSupportedRange(v.goEnvVersion) { + // The version in the `go.mod` file is above the supported range. The version of Go that + // is installed is above the supported range. We do not install a version of Go. + msg = "The version of Go found in the `go.mod` file (" + v.goModVersion + + ") is above the supported range (" + minGoVersion + "-" + maxGoVersion + + "). The version of Go installed in the environment (" + v.goEnvVersion + + ") is above the supported range (" + minGoVersion + "-" + maxGoVersion + + "). Not requesting any version of Go." + version = "" + diagnostics.EmitGoModVersionTooHighAndEnvVersionTooHigh(msg) + } else if belowSupportedRange(v.goEnvVersion) { + // The version in the `go.mod` file is above the supported range. The version of Go that + // is installed is below the supported range. We install the maximum supported version as + // a best effort. + msg = "The version of Go found in the `go.mod` file (" + v.goModVersion + + ") is above the supported range (" + minGoVersion + "-" + maxGoVersion + + "). The version of Go installed in the environment (" + v.goEnvVersion + + ") is below the supported range (" + minGoVersion + "-" + maxGoVersion + + "). Requesting the maximum supported version of Go (" + maxGoVersion + ")." + version = maxGoVersion + diagnostics.EmitGoModVersionTooHighAndEnvVersionTooLow(msg) + } else if semver.Compare("v"+maxGoVersion, "v"+v.goEnvVersion) > 0 { + // The version in the `go.mod` file is above the supported range. The version of Go that + // is installed is supported and below the maximum supported version. We install the + // maximum supported version as a best effort. + msg = "The version of Go found in the `go.mod` file (" + v.goModVersion + + ") is above the supported range (" + minGoVersion + "-" + maxGoVersion + + "). The version of Go installed in the environment (" + v.goEnvVersion + + ") is below the maximum supported version (" + maxGoVersion + + "). Requesting the maximum supported version of Go (" + maxGoVersion + ")." + version = maxGoVersion + diagnostics.EmitGoModVersionTooHighAndEnvVersionBelowMax(msg) + } else { + // The version in the `go.mod` file is above the supported range. The version of Go that + // is installed is the maximum supported version. We do not install a version of Go. + msg = "The version of Go found in the `go.mod` file (" + v.goModVersion + + ") is above the supported range (" + minGoVersion + "-" + maxGoVersion + + "). The version of Go installed in the environment (" + v.goEnvVersion + + ") is the maximum supported version (" + maxGoVersion + + "). Not requesting any version of Go." + version = "" + diagnostics.EmitGoModVersionTooHighAndEnvVersionMax(msg) + } + + return msg, version +} + +// Assuming `v.goModVersion` is below the supported range, emit a diagnostic and return the +// version to install, or the empty string if we should not attempt to install a version of Go. +func getVersionWhenGoModVersionTooLow(v versionInfo) (msg, version string) { + if !v.goEnvVersionFound { + // There is no Go version installed. The version in the `go.mod` file is below the + // supported range. Go versions are generally backwards compatible, so we install the + // minimum supported version. + msg = "The version of Go found in the `go.mod` file (" + v.goModVersion + + ") is below the supported range (" + minGoVersion + "-" + maxGoVersion + + "). No version of Go installed. Requesting the minimum supported version of Go (" + + minGoVersion + ")." + version = minGoVersion + diagnostics.EmitGoModVersionTooLowAndNoGoEnv(msg) + } else if outsideSupportedRange(v.goEnvVersion) { + // The version of Go that is installed is outside of the supported range. The version + // in the `go.mod` file is below the supported range. Go versions are generally + // backwards compatible, so we install the minimum supported version. + msg = "The version of Go found in the `go.mod` file (" + v.goModVersion + + ") is below the supported range (" + minGoVersion + "-" + maxGoVersion + + "). The version of Go installed in the environment (" + v.goEnvVersion + + ") is outside of the supported range (" + minGoVersion + "-" + maxGoVersion + "). " + + "Requesting the minimum supported version of Go (" + minGoVersion + ")." + version = minGoVersion + diagnostics.EmitGoModVersionTooLowAndEnvVersionUnsupported(msg) + } else { + // The version of Go that is installed is supported. The version in the `go.mod` file is + // below the supported range. We do not install a version of Go. msg = "The version of Go installed in the environment (" + v.goEnvVersion + - ") is lower than the version found in the `go.mod` file (" + v.goModVersion + - "). Writing an environment file specifying the version of Go from the `go.mod` " + + ") is supported and is high enough for the version found in the `go.mod` file (" + + v.goModVersion + "). Not requesting any version of Go." + version = "" + diagnostics.EmitGoModVersionTooLowAndEnvVersionSupported(msg) + } + + return msg, version +} + +// Assuming `v.goModVersion` is in the supported range, emit a diagnostic and return the version +// to install, or the empty string if we should not attempt to install a version of Go. +func getVersionWhenGoModVersionSupported(v versionInfo) (msg, version string) { + if !v.goEnvVersionFound { + // There is no Go version installed. The version in the `go.mod` file is supported. + // We install the version from the `go.mod` file. + msg = "No version of Go installed. Requesting the version of Go found in the `go.mod` " + "file (" + v.goModVersion + ")." version = v.goModVersion - diagnostics.EmitVersionGoModHigherVersionEnvironment(msg) - } else { + diagnostics.EmitGoModVersionSupportedAndNoGoEnv(msg) + } else if outsideSupportedRange(v.goEnvVersion) { + // The version of Go that is installed is outside of the supported range. The version in + // the `go.mod` file is supported. We install the version from the `go.mod` file. msg = "The version of Go installed in the environment (" + v.goEnvVersion + - ") is high enough for the version found in the `go.mod` file (" + v.goModVersion + - "). Writing an environment file not specifying any version of Go." + ") is outside of the supported range (" + minGoVersion + "-" + maxGoVersion + "). " + + "Requesting the version of Go from the `go.mod` file (" + + v.goModVersion + ")." + version = v.goModVersion + diagnostics.EmitGoModVersionSupportedAndGoEnvUnsupported(msg) + } else if semver.Compare("v"+v.goModVersion, "v"+v.goEnvVersion) > 0 { + // The version of Go that is installed is supported. The version in the `go.mod` file is + // supported and is higher than the version that is installed. We install the version from + // the `go.mod` file. + msg = "The version of Go installed in the environment (" + v.goEnvVersion + + ") is lower than the version found in the `go.mod` file (" + v.goModVersion + + "). Requesting the version of Go from the `go.mod` file (" + v.goModVersion + ")." + version = v.goModVersion + diagnostics.EmitGoModVersionSupportedHigherGoEnv(msg) + } else { + // The version of Go that is installed is supported. The version in the `go.mod` file is + // supported and is lower than or equal to the version that is installed. We do not install + // a version of Go. + msg = "The version of Go installed in the environment (" + v.goEnvVersion + + ") is supported and is high enough for the version found in the `go.mod` file (" + + v.goModVersion + "). Not requesting any version of Go." version = "" - diagnostics.EmitVersionGoModNotHigherVersionEnvironment(msg) + diagnostics.EmitGoModVersionSupportedLowerEqualGoEnv(msg) } return msg, version @@ -802,54 +910,46 @@ func compareVersions(v versionInfo) (msg, version string) { // Check the versions of Go found in the environment and in the `go.mod` file, and return a // version to install. If the version is the empty string then no installation is required. +// We never return a version of Go that is outside of the supported range. +// +// +-----------------------+-----------------------+-----------------------+-----------------------------------------------------+------------------------------------------------+ +// | Found in go.mod > | *None* | *Below min supported* | *In supported range* | *Above max supported | +// | Installed \/ | | | | | +// |-----------------------|-----------------------|-----------------------|-----------------------------------------------------|------------------------------------------------| +// | *None* | Install max supported | Install min supported | Install version from go.mod | Install max supported | +// | *Below min supported* | Install max supported | Install min supported | Install version from go.mod | Install max supported | +// | *In supported range* | No action | No action | Install version from go.mod if newer than installed | Install max supported if newer than installed | +// | *Above max supported* | Install max supported | Install min supported | Install version from go.mod | No action | +// +-----------------------+-----------------------+-----------------------+-----------------------------------------------------+------------------------------------------------+ func getVersionToInstall(v versionInfo) (msg, version string) { - msg, version = checkForUnsupportedVersions(v) - if msg != "" { - return msg, version + if !v.goModVersionFound { + return getVersionWhenGoModVersionNotFound(v) } - msg, version = checkForVersionsNotFound(v) - if msg != "" { - return msg, version + if aboveSupportedRange(v.goModVersion) { + return getVersionWhenGoModVersionTooHigh(v) } - msg, version = compareVersions(v) - return msg, version + if belowSupportedRange(v.goModVersion) { + return getVersionWhenGoModVersionTooLow(v) + } + + return getVersionWhenGoModVersionSupported(v) } -// Write an environment file to the current directory. If `version` is the empty string then -// write an empty environment file, otherwise write an environment file specifying the version -// of Go to install. The path to the environment file is specified by the -// CODEQL_EXTRACTOR_ENVIRONMENT_JSON environment variable, or defaults to `environment.json`. -func writeEnvironmentFile(version string) { +// Output some JSON to stdout specifying the version of Go to install, unless `version` is the +// empty string. +func outputEnvironmentJson(version string) { var content string if version == "" { - content = `{ "include": [] }` + content = `{ "go": {} }` } else { - content = `{ "include": [ { "go": { "version": "` + version + `" } } ] }` + content = `{ "go": { "version": "` + version + `" } }` } + _, err := fmt.Fprint(os.Stdout, content) - filename, ok := os.LookupEnv("CODEQL_EXTRACTOR_ENVIRONMENT_JSON") - if !ok { - filename = "environment.json" - } - - targetFile, err := os.Create(filename) if err != nil { - log.Println("Failed to create environment file " + filename + ": ") - log.Println(err) - return - } - defer func() { - if err := targetFile.Close(); err != nil { - log.Println("Failed to close environment file " + filename + ":") - log.Println(err) - } - }() - - _, err = targetFile.WriteString(content) - if err != nil { - log.Println("Failed to write to environment file " + filename + ": ") + log.Println("Failed to write environment json to stdout: ") log.Println(err) } } @@ -873,7 +973,7 @@ func isGoInstalled() bool { return err == nil } -// Get the version of Go to install and write it to an environment file. +// Get the version of Go to install and output it to stdout as json. func identifyEnvironment() { var v versionInfo depMode := getDepMode() @@ -887,7 +987,7 @@ func identifyEnvironment() { msg, versionToInstall := getVersionToInstall(v) log.Println(msg) - writeEnvironmentFile(versionToInstall) + outputEnvironmentJson(versionToInstall) } func main() { diff --git a/go/extractor/cli/go-autobuilder/go-autobuilder_test.go b/go/extractor/cli/go-autobuilder/go-autobuilder_test.go index 3cf5e645371..8cb97be17ec 100644 --- a/go/extractor/cli/go-autobuilder/go-autobuilder_test.go +++ b/go/extractor/cli/go-autobuilder/go-autobuilder_test.go @@ -36,45 +36,37 @@ func TestParseGoVersion(t *testing.T) { func TestGetVersionToInstall(t *testing.T) { tests := map[versionInfo]string{ - // checkForUnsupportedVersions() + // getVersionWhenGoModVersionNotFound() + {"", false, "", false}: maxGoVersion, + {"", false, "1.2.2", true}: maxGoVersion, + {"", false, "9999.0.1", true}: maxGoVersion, + {"", false, "1.11.13", true}: "", + {"", false, "1.20.3", true}: "", - // go.mod version below minGoVersion + // getVersionWhenGoModVersionTooHigh() + {"9999.0", true, "", false}: maxGoVersion, + {"9999.0", true, "9999.0.1", true}: "", + {"9999.0", true, "1.1", true}: maxGoVersion, + {"9999.0", true, minGoVersion, false}: maxGoVersion, + {"9999.0", true, maxGoVersion, true}: "", + + // getVersionWhenGoModVersionTooLow() + {"0.0", true, "", false}: minGoVersion, + {"0.0", true, "9999.0", true}: minGoVersion, + {"0.0", true, "1.2.2", true}: minGoVersion, {"0.0", true, "1.20.3", true}: "", - {"0.0", true, "9999.0", true}: "", - {"0.0", true, "1.2.2", true}: "", - {"0.0", true, "", false}: "", - // go.mod version above maxGoVersion - {"9999.0", true, "1.20.3", true}: "", - {"9999.0", true, "9999.0.1", true}: "", - {"9999.0", true, "1.1", true}: "", - {"9999.0", true, "", false}: "", - // Go installation found with version below minGoVersion - {"1.20", true, "1.2.2", true}: "", - {"1.11", true, "1.2.2", true}: "", - {"", false, "1.2.2", true}: "", - // Go installation found with version above maxGoVersion - {"1.20", true, "9999.0.1", true}: "", - {"1.11", true, "9999.0.1", true}: "", - {"", false, "9999.0.1", true}: "", - // checkForVersionsNotFound() - - // Go installation not found, go.mod version in supported range - {"1.20", true, "", false}: "1.20", - {"1.11", true, "", false}: "1.11", - // Go installation not found, go.mod not found - {"", false, "", false}: maxGoVersion, - // Go installation found with version in supported range, go.mod not found - {"", false, "1.11.13", true}: "", - {"", false, "1.20.3", true}: "", - - // compareVersions() - - // Go installation found with version in supported range, go.mod version in supported range and go.mod version > go installation version + // getVersionWhenGoModVersionSupported() + {"1.20", true, "", false}: "1.20", + {"1.11", true, "", false}: "1.11", + {"1.20", true, "1.2.2", true}: "1.20", + {"1.11", true, "1.2.2", true}: "1.11", + {"1.20", true, "9999.0.1", true}: "1.20", + {"1.11", true, "9999.0.1", true}: "1.11", + // go.mod version > go installation version {"1.20", true, "1.11.13", true}: "1.20", {"1.20", true, "1.12", true}: "1.20", - // Go installation found with version in supported range, go.mod version in supported range and go.mod version <= go installation version - // (Note comparisons ignore the patch version) + // go.mod version <= go installation version (Note comparisons ignore the patch version) {"1.11", true, "1.20", true}: "", {"1.11", true, "1.20.3", true}: "", {"1.20", true, "1.20.3", true}: "", diff --git a/go/extractor/diagnostics/diagnostics.go b/go/extractor/diagnostics/diagnostics.go index 9fd4fc6ff59..e92599417a5 100644 --- a/go/extractor/diagnostics/diagnostics.go +++ b/go/extractor/diagnostics/diagnostics.go @@ -154,8 +154,8 @@ func EmitCannotFindPackages(pkgPaths []string) { emitDiagnostic( "go/autobuilder/package-not-found", "Some packages could not be found", - fmt.Sprintf("%d package%s could not be found.\n\n%s.\n\nCheck that the paths are correct and make sure any private packages can be accessed. If any of the packages are present in the repository then you may need a [custom build command](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages).", numPkgPaths, ending, secondLine), - severityError, + fmt.Sprintf("%d package%s could not be found:\n\n%s.\n\nDefinitions in those packages may not be recognized by CodeQL, and files that use them may only be partially analyzed.\n\nCheck that the paths are correct and make sure any private packages can be accessed. If any of the packages are present in the repository then you may need a [custom build command](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages).", numPkgPaths, ending, secondLine), + severityWarning, fullVisibility, noLocation, ) @@ -194,31 +194,9 @@ func EmitRelativeImportPaths() { ) } -func EmitUnsupportedVersionGoMod(msg string) { - emitDiagnostic( - "go/autobuilder/env-unsupported-version-in-go-mod", - "Unsupported Go version in `go.mod` file", - msg, - severityNote, - telemetryOnly, - noLocation, - ) -} - -func EmitUnsupportedVersionEnvironment(msg string) { - emitDiagnostic( - "go/autobuilder/env-unsupported-version-in-environment", - "Unsupported Go version in environment", - msg, - severityNote, - telemetryOnly, - noLocation, - ) -} - func EmitNoGoModAndNoGoEnv(msg string) { emitDiagnostic( - "go/autobuilder/env-no-go-mod-and-no-go-env", + "go/autobuilder/env-no-go-mod-no-go-env", "No `go.mod` file found and no Go version in environment", msg, severityNote, @@ -227,10 +205,10 @@ func EmitNoGoModAndNoGoEnv(msg string) { ) } -func EmitNoGoEnv(msg string) { +func EmitNoGoModAndGoEnvUnsupported(msg string) { emitDiagnostic( - "go/autobuilder/env-no-go-env", - "No Go version in environment", + "go/autobuilder/env-no-go-mod-go-env-unsupported", + "No `go.mod` file found and Go version in environment is unsupported", msg, severityNote, telemetryOnly, @@ -238,10 +216,10 @@ func EmitNoGoEnv(msg string) { ) } -func EmitNoGoMod(msg string) { +func EmitNoGoModAndGoEnvSupported(msg string) { emitDiagnostic( - "go/autobuilder/env-no-go-mod", - "No `go.mod` file found", + "go/autobuilder/env-no-go-mod-go-env-supported", + "No `go.mod` file found and Go version in environment is supported", msg, severityNote, telemetryOnly, @@ -249,10 +227,10 @@ func EmitNoGoMod(msg string) { ) } -func EmitVersionGoModHigherVersionEnvironment(msg string) { +func EmitGoModVersionTooHighAndNoGoEnv(msg string) { emitDiagnostic( - "go/autobuilder/env-version-go-mod-higher-than-go-env", - "The Go version in `go.mod` file is higher than the Go version in environment", + "go/autobuilder/env-go-mod-version-too-high-no-go-env", + "Go version in `go.mod` file above supported range and no Go version in environment", msg, severityNote, telemetryOnly, @@ -260,10 +238,120 @@ func EmitVersionGoModHigherVersionEnvironment(msg string) { ) } -func EmitVersionGoModNotHigherVersionEnvironment(msg string) { +func EmitGoModVersionTooHighAndEnvVersionTooHigh(msg string) { emitDiagnostic( - "go/autobuilder/env-version-go-mod-lower-than-or-equal-to-go-env", - "The Go version in `go.mod` file is lower than or equal to the Go version in environment", + "go/autobuilder/env-go-mod-version-too-high-go-env-too-high", + "Go version in `go.mod` file above supported range and Go version in environment above supported range", + msg, + severityNote, + telemetryOnly, + noLocation, + ) +} + +func EmitGoModVersionTooHighAndEnvVersionTooLow(msg string) { + emitDiagnostic( + "go/autobuilder/env-go-mod-version-too-high-go-env-too-low", + "Go version in `go.mod` file above supported range and Go version in environment below supported range", + msg, + severityNote, + telemetryOnly, + noLocation, + ) +} + +func EmitGoModVersionTooHighAndEnvVersionBelowMax(msg string) { + emitDiagnostic( + "go/autobuilder/env-go-mod-version-too-high-go-env-below-max", + "Go version in `go.mod` file above supported range and Go version in environment is supported and below the maximum supported version", + msg, + severityNote, + telemetryOnly, + noLocation, + ) +} + +func EmitGoModVersionTooHighAndEnvVersionMax(msg string) { + emitDiagnostic( + "go/autobuilder/env-go-mod-version-too-high-go-env-max", + "Go version in `go.mod` file above supported range and Go version in environment is the maximum supported version", + msg, + severityNote, + telemetryOnly, + noLocation, + ) +} + +func EmitGoModVersionTooLowAndNoGoEnv(msg string) { + emitDiagnostic( + "go/autobuilder/env-go-mod-version-too-low-no-go-env", + "Go version in `go.mod` file below supported range and no Go version in environment", + msg, + severityNote, + telemetryOnly, + noLocation, + ) +} + +func EmitGoModVersionTooLowAndEnvVersionUnsupported(msg string) { + emitDiagnostic( + "go/autobuilder/env-go-mod-version-too-low-go-env-unsupported", + "Go version in `go.mod` file below supported range and Go version in environment unsupported", + msg, + severityNote, + telemetryOnly, + noLocation, + ) +} + +func EmitGoModVersionTooLowAndEnvVersionSupported(msg string) { + emitDiagnostic( + "go/autobuilder/env-go-mod-version-too-low-go-env-supported", + "Go version in `go.mod` file below supported range and Go version in environment supported", + msg, + severityNote, + telemetryOnly, + noLocation, + ) +} + +func EmitGoModVersionSupportedAndNoGoEnv(msg string) { + emitDiagnostic( + "go/autobuilder/env-go-mod-version-supported-no-go-env", + "Go version in `go.mod` file in supported range and no Go version in environment", + msg, + severityNote, + telemetryOnly, + noLocation, + ) +} + +func EmitGoModVersionSupportedAndGoEnvUnsupported(msg string) { + emitDiagnostic( + "go/autobuilder/env-go-mod-version-supported-go-env-unsupported", + "Go version in `go.mod` file in supported range and Go version in environment unsupported", + msg, + severityNote, + telemetryOnly, + noLocation, + ) +} + +func EmitGoModVersionSupportedHigherGoEnv(msg string) { + emitDiagnostic( + "go/autobuilder/env-go-mod-version-supported-higher-than-go-env", + "The Go version in `go.mod` file is supported and higher than the Go version in environment", + msg, + severityNote, + telemetryOnly, + noLocation, + ) +} + +func EmitGoModVersionSupportedLowerEqualGoEnv(msg string) { + emitDiagnostic( + "go/autobuilder/env-go-mod-version-supported-lower-than-or-equal-to-go-env", + "The Go version in `go.mod` file is supported and lower than or equal to the Go version in environment", msg, severityNote, telemetryOnly, diff --git a/go/ql/integration-tests/all-platforms/go/diagnostics/package-not-found-with-go-mod/diagnostics.expected b/go/ql/integration-tests/all-platforms/go/diagnostics/package-not-found-with-go-mod/diagnostics.expected index a24d8121da7..dff5dc5bb92 100644 --- a/go/ql/integration-tests/all-platforms/go/diagnostics/package-not-found-with-go-mod/diagnostics.expected +++ b/go/ql/integration-tests/all-platforms/go/diagnostics/package-not-found-with-go-mod/diagnostics.expected @@ -1,6 +1,6 @@ { - "markdownMessage": "110 packages could not be found.\n\n`github.com/nosuchorg/nosuchrepo000`, `github.com/nosuchorg/nosuchrepo001`, `github.com/nosuchorg/nosuchrepo002`, `github.com/nosuchorg/nosuchrepo003`, `github.com/nosuchorg/nosuchrepo004` and 105 more.\n\nCheck that the paths are correct and make sure any private packages can be accessed. If any of the packages are present in the repository then you may need a [custom build command](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages).", - "severity": "error", + "markdownMessage": "110 packages could not be found:\n\n`github.com/nosuchorg/nosuchrepo000`, `github.com/nosuchorg/nosuchrepo001`, `github.com/nosuchorg/nosuchrepo002`, `github.com/nosuchorg/nosuchrepo003`, `github.com/nosuchorg/nosuchrepo004` and 105 more.\n\nDefinitions in those packages may not be recognized by CodeQL, and files that use them may only be partially analyzed.\n\nCheck that the paths are correct and make sure any private packages can be accessed. If any of the packages are present in the repository then you may need a [custom build command](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages).", + "severity": "warning", "source": { "extractorName": "go", "id": "go/autobuilder/package-not-found", diff --git a/go/ql/integration-tests/all-platforms/go/diagnostics/package-not-found-without-go-mod/diagnostics.expected b/go/ql/integration-tests/all-platforms/go/diagnostics/package-not-found-without-go-mod/diagnostics.expected index d5c515a076b..4f3f4e64343 100644 --- a/go/ql/integration-tests/all-platforms/go/diagnostics/package-not-found-without-go-mod/diagnostics.expected +++ b/go/ql/integration-tests/all-platforms/go/diagnostics/package-not-found-without-go-mod/diagnostics.expected @@ -1,6 +1,6 @@ { - "markdownMessage": "1 package could not be found.\n\n`github.com/linode/linode-docs-theme`.\n\nCheck that the paths are correct and make sure any private packages can be accessed. If any of the packages are present in the repository then you may need a [custom build command](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages).", - "severity": "error", + "markdownMessage": "1 package could not be found:\n\n`github.com/linode/linode-docs-theme`.\n\nDefinitions in those packages may not be recognized by CodeQL, and files that use them may only be partially analyzed.\n\nCheck that the paths are correct and make sure any private packages can be accessed. If any of the packages are present in the repository then you may need a [custom build command](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages).", + "severity": "warning", "source": { "extractorName": "go", "id": "go/autobuilder/package-not-found", diff --git a/go/ql/lib/CHANGELOG.md b/go/ql/lib/CHANGELOG.md index e144655e159..5f09272c19b 100644 --- a/go/ql/lib/CHANGELOG.md +++ b/go/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.5.2 + +### Minor Analysis Improvements + +* Fixed data flow through variadic function parameters. The arguments corresponding to a variadic parameter are no longer returned by `CallNode.getArgument(int i)` and `CallNode.getAnArgument()`, and hence aren't `ArgumentNode`s. They now have one result, which is an `ImplicitVarargsSlice` node. For example, a call `f(a, b, c)` to a function `f(T...)` is treated like `f([]T{a, b, c})`. The old behaviour is preserved by `CallNode.getSyntacticArgument(int i)` and `CallNode.getASyntacticArgument()`. `CallExpr.getArgument(int i)` and `CallExpr.getAnArgument()` are unchanged, and will still have three results in the example given. + ## 0.5.1 ### Minor Analysis Improvements diff --git a/go/ql/lib/change-notes/released/0.5.2.md b/go/ql/lib/change-notes/released/0.5.2.md new file mode 100644 index 00000000000..ad1dea14924 --- /dev/null +++ b/go/ql/lib/change-notes/released/0.5.2.md @@ -0,0 +1,5 @@ +## 0.5.2 + +### Minor Analysis Improvements + +* Fixed data flow through variadic function parameters. The arguments corresponding to a variadic parameter are no longer returned by `CallNode.getArgument(int i)` and `CallNode.getAnArgument()`, and hence aren't `ArgumentNode`s. They now have one result, which is an `ImplicitVarargsSlice` node. For example, a call `f(a, b, c)` to a function `f(T...)` is treated like `f([]T{a, b, c})`. The old behaviour is preserved by `CallNode.getSyntacticArgument(int i)` and `CallNode.getASyntacticArgument()`. `CallExpr.getArgument(int i)` and `CallExpr.getAnArgument()` are unchanged, and will still have three results in the example given. diff --git a/go/ql/lib/codeql-pack.release.yml b/go/ql/lib/codeql-pack.release.yml index 0bf7024c337..2d9d3f587f8 100644 --- a/go/ql/lib/codeql-pack.release.yml +++ b/go/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.5.1 +lastReleaseVersion: 0.5.2 diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index 346dc087db4..287c27187e3 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-all -version: 0.5.2-dev +version: 0.5.3-dev groups: go dbscheme: go.dbscheme extractor: go diff --git a/go/ql/lib/semmle/go/Expr.qll b/go/ql/lib/semmle/go/Expr.qll index 439c19036e3..90f838c2174 100644 --- a/go/ql/lib/semmle/go/Expr.qll +++ b/go/ql/lib/semmle/go/Expr.qll @@ -857,6 +857,24 @@ class CallExpr extends CallOrConversionExpr { /** Gets the number of argument expressions of this call. */ int getNumArgument() { result = count(this.getAnArgument()) } + /** Holds if this call has implicit variadic arguments. */ + predicate hasImplicitVarargs() { + this.getCalleeType().isVariadic() and + not this.hasEllipsis() + } + + /** + * Gets an argument with an ellipsis after it which is passed to a varargs + * parameter, as in `f(x...)`. + * + * Note that if the varargs parameter is `...T` then the type of the argument + * must be assignable to the slice type `[]T`. + */ + Expr getExplicitVarargsArgument() { + this.hasEllipsis() and + result = this.getArgument(this.getNumArgument() - 1) + } + /** * Gets the name of the invoked function, method or variable if it can be * determined syntactically. @@ -873,6 +891,15 @@ class CallExpr extends CallOrConversionExpr { ) } + /** + * Gets the signature type of the invoked function. + * + * Note that it avoids calling `getTarget()` so that it works even when that + * predicate isn't defined, for example when calling a variable with function + * type. + */ + SignatureType getCalleeType() { result = this.getCalleeExpr().getType() } + /** Gets the declared target of this call. */ Function getTarget() { this.getCalleeExpr() = result.getAReference() } diff --git a/go/ql/lib/semmle/go/StringOps.qll b/go/ql/lib/semmle/go/StringOps.qll index db86f3864f7..66e65a646ac 100644 --- a/go/ql/lib/semmle/go/StringOps.qll +++ b/go/ql/lib/semmle/go/StringOps.qll @@ -219,7 +219,7 @@ module StringOps { * replaced. */ DataFlow::Node getAReplacedArgument() { - exists(int n | n % 2 = 0 and result = this.getArgument(n)) + exists(int n | n % 2 = 0 and result = this.getSyntacticArgument(n)) } } @@ -304,11 +304,6 @@ module StringOps { * Gets the parameter index of the format string. */ abstract int getFormatStringIndex(); - - /** - * Gets the parameter index of the first parameter to be formatted. - */ - abstract int getFirstFormattedParameterIndex(); } /** @@ -336,7 +331,7 @@ module StringOps { formatDirective = this.getComponent(n) and formatDirective.charAt(0) = "%" and formatDirective.charAt(1) != "%" and - result = this.getArgument((n / 2) + f.getFirstFormattedParameterIndex()) + result = this.getImplicitVarargsArgument(n / 2) } } } diff --git a/go/ql/lib/semmle/go/dataflow/FunctionInputsAndOutputs.qll b/go/ql/lib/semmle/go/dataflow/FunctionInputsAndOutputs.qll index 0f389e97291..89d3c297fed 100644 --- a/go/ql/lib/semmle/go/dataflow/FunctionInputsAndOutputs.qll +++ b/go/ql/lib/semmle/go/dataflow/FunctionInputsAndOutputs.qll @@ -74,7 +74,9 @@ private class ParameterInput extends FunctionInput, TInParameter { override predicate isParameter(int i) { i = index } - override DataFlow::Node getEntryNode(DataFlow::CallNode c) { result = c.getArgument(index) } + override DataFlow::Node getEntryNode(DataFlow::CallNode c) { + result = c.getSyntacticArgument(index) + } override DataFlow::Node getExitNode(FuncDef f) { result = DataFlow::parameterNode(f.getParameter(index)) @@ -280,7 +282,7 @@ private class OutReceiver extends FunctionOutput, TOutReceiver { /** * A parameter of a function, viewed as an output. * - * Note that slices passed to varargs parameters using `...` are not included, since in this + * Note that slices passed to variadic parameters using `...` are not included, since in this * case it is ambiguous whether the output should be the slice itself or one of its elements. */ private class OutParameter extends FunctionOutput, TOutParameter { @@ -298,9 +300,12 @@ private class OutParameter extends FunctionOutput, TOutParameter { override DataFlow::Node getExitNode(DataFlow::CallNode c) { exists(DataFlow::Node arg | - arg = getArgument(c, index) and - // exclude slices passed to varargs parameters using `...` calls + arg = c.getSyntacticArgument(index) and + // exclude slices followed by `...` passed to variadic parameters not (c.hasEllipsis() and index = c.getNumArgument() - 1) + or + arg = c.(DataFlow::MethodCallNode).getReceiver() and + index = -1 | result.(DataFlow::PostUpdateNode).getPreUpdateNode() = arg ) diff --git a/go/ql/lib/semmle/go/dataflow/internal/ContainerFlow.qll b/go/ql/lib/semmle/go/dataflow/internal/ContainerFlow.qll index b6c1005daac..ae352ec71bd 100644 --- a/go/ql/lib/semmle/go/dataflow/internal/ContainerFlow.qll +++ b/go/ql/lib/semmle/go/dataflow/internal/ContainerFlow.qll @@ -10,7 +10,7 @@ private import semmle.go.dataflow.ExternalFlow * Holds if the step from `node1` to `node2` stores a value in an array, a * slice, a collection or a map. Thus, `node2` references an object with a * content `c` that contains the value of `node1`. This covers array - * assignments and initializers as well as implicit array creations for + * assignments and initializers as well as implicit slice creations for * varargs. */ predicate containerStoreStep(Node node1, Node node2, Content c) { @@ -20,7 +20,11 @@ predicate containerStoreStep(Node node1, Node node2, Content c) { node2.getType() instanceof ArrayType or node2.getType() instanceof SliceType ) and - exists(Write w | w.writesElement(node2, _, node1)) + ( + exists(Write w | w.writesElement(node2, _, node1)) + or + node1 = node2.(ImplicitVarargsSlice).getCallNode().getAnImplicitVarargsArgument() + ) ) or c instanceof CollectionContent and diff --git a/go/ql/lib/semmle/go/dataflow/internal/DataFlowNodes.qll b/go/ql/lib/semmle/go/dataflow/internal/DataFlowNodes.qll index 86c3651b0d3..e78404ca626 100644 --- a/go/ql/lib/semmle/go/dataflow/internal/DataFlowNodes.qll +++ b/go/ql/lib/semmle/go/dataflow/internal/DataFlowNodes.qll @@ -10,6 +10,7 @@ private newtype TNode = MkInstructionNode(IR::Instruction insn) or MkSsaNode(SsaDefinition ssa) or MkGlobalFunctionNode(Function f) or + MkImplicitVarargsSlice(CallExpr c) { c.hasImplicitVarargs() } or MkSummarizedParameterNode(SummarizedCallable c, int i) { FlowSummaryImpl::Private::summaryParameterNodeRange(c, i) } or @@ -426,6 +427,41 @@ module Public { override ResultNode getAResult() { result.getRoot() = this.getExpr() } } + /** + * An implicit varargs slice creation expression. + * + * A variadic function like `f(t1 T1, ..., Tm tm, A... x)` actually sees the + * varargs parameter as a slice `[]A`. A call `f(t1, ..., tm, x1, ..., xn)` + * desugars to `f(t1, ..., tm, []A{x1, ..., xn})`, and this node corresponds + * to this implicit slice creation. + */ + class ImplicitVarargsSlice extends Node, MkImplicitVarargsSlice { + CallNode call; + + ImplicitVarargsSlice() { this = MkImplicitVarargsSlice(call.getCall()) } + + override ControlFlow::Root getRoot() { result = call.getRoot() } + + /** Gets the call containing this varargs slice creation argument. */ + CallNode getCallNode() { result = call } + + override Type getType() { + exists(Function f | f = call.getTarget() | + result = f.getParameterType(f.getNumParameter() - 1) + ) + } + + override string getNodeKind() { result = "implicit varargs slice" } + + override string toString() { result = "[]type{args}" } + + override predicate hasLocationInfo( + string filepath, int startline, int startcolumn, int endline, int endcolumn + ) { + call.hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) + } + } + /** * Gets a possible target of call `cn`.class * @@ -498,16 +534,11 @@ module Public { CallExpr getCall() { result = this.getExpr() } /** - * Gets the data flow node corresponding to the `i`th argument of this call. - * - * Note that the first argument in calls to the built-in function `make` is a type, which is - * not a data-flow node. It is skipped for the purposes of this predicate, so the (syntactically) - * second argument becomes the first argument in terms of data flow. - * - * For calls of the form `f(g())` where `g` has multiple results, the arguments of the call to - * `i` are the (implicit) element extraction nodes for the call to `g`. + * Gets the `i`th argument of this call, where tuple extraction has been + * done but arguments corresponding to a variadic parameter are still + * considered separate. */ - Node getArgument(int i) { + Node getSyntacticArgument(int i) { if expr.getArgument(0).getType() instanceof TupleType then result = DataFlow::extractTupleElement(DataFlow::exprNode(expr.getArgument(0)), i) else @@ -519,12 +550,60 @@ module Public { ) } + /** + * Gets a data flow node corresponding to an argument of this call, where + * tuple extraction has been done but arguments corresponding to a variadic + * parameter are still considered separate. + */ + Node getASyntacticArgument() { result = this.getSyntacticArgument(_) } + + /** + * Gets the data flow node corresponding to the `i`th argument of this call. + * + * Note that the first argument in calls to the built-in function `make` is a type, which is + * not a data-flow node. It is skipped for the purposes of this predicate, so the (syntactically) + * second argument becomes the first argument in terms of data flow. + * + * For calls of the form `f(g())` where `g` has multiple results, the arguments of the call to + * `i` are the (implicit) element extraction nodes for the call to `g`. + * + * Returns a single `Node` corresponding to a variadic parameter. If there is no corresponding + * argument with an ellipsis (`...`), then it is a `ImplicitVarargsSlice`. This is in contrast + * to `getArgument` on `CallExpr`, which gets the syntactic arguments. Use + * `getSyntacticArgument` to get that behavior. + */ + Node getArgument(int i) { + result = this.getSyntacticArgument(i) and + not (expr.hasImplicitVarargs() and i >= expr.getCalleeType().getNumParameter() - 1) + or + i = expr.getCalleeType().getNumParameter() - 1 and + result.(ImplicitVarargsSlice).getCallNode() = this + } + /** Gets the data flow node corresponding to an argument of this call. */ Node getAnArgument() { result = this.getArgument(_) } /** Gets the number of arguments of this call, if it can be determined. */ int getNumArgument() { result = count(this.getAnArgument()) } + /** + * Gets the 'i'th argument without an ellipsis after it which is passed to + * the varargs parameter of the target of this call (if there is one). + */ + Node getImplicitVarargsArgument(int i) { + i >= 0 and + expr.hasImplicitVarargs() and + exists(int lastParamIndex | lastParamIndex = expr.getCalleeType().getNumParameter() - 1 | + result = this.getSyntacticArgument(lastParamIndex + i) + ) + } + + /** + * Gets an argument without an ellipsis after it which is passed to + * the varargs parameter of the target of this call (if there is one). + */ + Node getAnImplicitVarargsArgument() { result = this.getImplicitVarargsArgument(_) } + /** Gets a function passed as the `i`th argument of this call. */ FunctionNode getCallback(int i) { result.getASuccessor*() = this.getArgument(i) } @@ -696,7 +775,11 @@ module Public { or preupd = getAWrittenNode() or - preupd instanceof ArgumentNode and + ( + preupd instanceof ArgumentNode and not preupd instanceof ImplicitVarargsSlice + or + preupd = any(CallNode c).getAnImplicitVarargsArgument() + ) and mutableType(preupd.getType()) ) and ( diff --git a/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll b/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll index 034c6101de3..e6379f6a170 100644 --- a/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll +++ b/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll @@ -166,28 +166,21 @@ module Public { SummaryComponentStack return(ReturnKind rk) { result = singleton(SummaryComponent::return(rk)) } } - private predicate noComponentSpecific(SummaryComponent sc) { - not exists(getComponentSpecific(sc)) - } - /** Gets a textual representation of this component used for flow summaries. */ private string getComponent(SummaryComponent sc) { result = getComponentSpecific(sc) or - noComponentSpecific(sc) and - ( - exists(ArgumentPosition pos | - sc = TParameterSummaryComponent(pos) and - result = "Parameter[" + getArgumentPosition(pos) + "]" - ) - or - exists(ParameterPosition pos | - sc = TArgumentSummaryComponent(pos) and - result = "Argument[" + getParameterPosition(pos) + "]" - ) - or - sc = TReturnSummaryComponent(getReturnValueKind()) and result = "ReturnValue" + exists(ArgumentPosition pos | + sc = TParameterSummaryComponent(pos) and + result = "Parameter[" + getArgumentPosition(pos) + "]" ) + or + exists(ParameterPosition pos | + sc = TArgumentSummaryComponent(pos) and + result = "Argument[" + getParameterPosition(pos) + "]" + ) + or + sc = TReturnSummaryComponent(getReturnValueKind()) and result = "ReturnValue" } /** Gets a textual representation of this stack used for flow summaries. */ diff --git a/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImplSpecific.qll b/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImplSpecific.qll index acaa34f943e..7afdb314929 100644 --- a/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImplSpecific.qll +++ b/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImplSpecific.qll @@ -111,10 +111,10 @@ private string getContentSpecific(Content c) { string getComponentSpecific(SummaryComponent sc) { exists(Content c | sc = TContentSummaryComponent(c) and result = getContentSpecific(c)) or - exists(ReturnKind rk, int n | n = rk.getIndex() | + exists(ReturnKind rk | sc = TReturnSummaryComponent(rk) and - result = "ReturnValue[" + n + "]" and - n != 0 + not rk = getReturnValueKind() and + result = "ReturnValue[" + rk.getIndex() + "]" ) } diff --git a/go/ql/lib/semmle/go/frameworks/Beego.qll b/go/ql/lib/semmle/go/frameworks/Beego.qll index edd622ab75a..0446cb2bbbf 100644 --- a/go/ql/lib/semmle/go/frameworks/Beego.qll +++ b/go/ql/lib/semmle/go/frameworks/Beego.qll @@ -253,7 +253,7 @@ module Beego { this.getTarget().hasQualifiedName([packagePath(), logsPackagePath()], getALogFunctionName()) } - override DataFlow::Node getAMessageComponent() { result = this.getAnArgument() } + override DataFlow::Node getAMessageComponent() { result = this.getASyntacticArgument() } } private class BeegoLoggerMethods extends LoggerCall::Range, DataFlow::MethodCallNode { @@ -261,13 +261,13 @@ module Beego { this.getTarget().hasQualifiedName(logsPackagePath(), "BeeLogger", getALogFunctionName()) } - override DataFlow::Node getAMessageComponent() { result = this.getAnArgument() } + override DataFlow::Node getAMessageComponent() { result = this.getASyntacticArgument() } } private class UtilLoggers extends LoggerCall::Range, DataFlow::CallNode { UtilLoggers() { this.getTarget().hasQualifiedName(utilsPackagePath(), "Display") } - override DataFlow::Node getAMessageComponent() { result = this.getAnArgument() } + override DataFlow::Node getAMessageComponent() { result = this.getASyntacticArgument() } } private class HtmlQuoteSanitizer extends SharedXss::Sanitizer { diff --git a/go/ql/lib/semmle/go/frameworks/BeegoOrm.qll b/go/ql/lib/semmle/go/frameworks/BeegoOrm.qll index f83556c307f..ca5f7718082 100644 --- a/go/ql/lib/semmle/go/frameworks/BeegoOrm.qll +++ b/go/ql/lib/semmle/go/frameworks/BeegoOrm.qll @@ -33,7 +33,7 @@ module BeegoOrm { // Note this class doesn't do any escaping, unlike the true ORM part of the package QueryBuilderSink() { exists(Method impl | impl.implements(packagePath(), "QueryBuilder", _) | - this = impl.getACall().getAnArgument() + this = impl.getACall().getASyntacticArgument() ) and this.getType().getUnderlyingType() instanceof StringType } diff --git a/go/ql/lib/semmle/go/frameworks/ElazarlGoproxy.qll b/go/ql/lib/semmle/go/frameworks/ElazarlGoproxy.qll index fbbbccb4e05..0cc5fe9505a 100644 --- a/go/ql/lib/semmle/go/frameworks/ElazarlGoproxy.qll +++ b/go/ql/lib/semmle/go/frameworks/ElazarlGoproxy.qll @@ -90,7 +90,7 @@ module ElazarlGoproxy { onreqcall.getTarget().hasQualifiedName(packagePath(), "ProxyHttpServer", "OnRequest") | handlerReg.getReceiver() = onreqcall.getASuccessor*() and - check = onreqcall.getArgument(0) + check = onreqcall.getSyntacticArgument(0) ) } } @@ -112,13 +112,11 @@ module ElazarlGoproxy { ProxyLogFunction() { this.hasQualifiedName(packagePath(), "ProxyCtx", ["Logf", "Warnf"]) } override int getFormatStringIndex() { result = 0 } - - override int getFirstFormattedParameterIndex() { result = 1 } } private class ProxyLog extends LoggerCall::Range, DataFlow::MethodCallNode { ProxyLog() { this.getTarget() instanceof ProxyLogFunction } - override DataFlow::Node getAMessageComponent() { result = this.getAnArgument() } + override DataFlow::Node getAMessageComponent() { result = this.getASyntacticArgument() } } } diff --git a/go/ql/lib/semmle/go/frameworks/Email.qll b/go/ql/lib/semmle/go/frameworks/Email.qll index 3580aa8d7ae..a1d43d3c397 100644 --- a/go/ql/lib/semmle/go/frameworks/Email.qll +++ b/go/ql/lib/semmle/go/frameworks/Email.qll @@ -56,13 +56,13 @@ module EmailData { // func NewV3MailInit(from *Email, subject string, to *Email, content ...*Content) *SGMailV3 exists(Function newv3MailInit | newv3MailInit.hasQualifiedName(sendgridMail(), "NewV3MailInit") and - this = newv3MailInit.getACall().getArgument(any(int i | i = 1 or i >= 3)) + this = newv3MailInit.getACall().getSyntacticArgument(any(int i | i = 1 or i >= 3)) ) or // func (s *SGMailV3) AddContent(c ...*Content) *SGMailV3 exists(Method addContent | addContent.hasQualifiedName(sendgridMail(), "SGMailV3", "AddContent") and - this = addContent.getACall().getAnArgument() + this = addContent.getACall().getASyntacticArgument() ) } } diff --git a/go/ql/lib/semmle/go/frameworks/Glog.qll b/go/ql/lib/semmle/go/frameworks/Glog.qll index 48558a73f7e..f9f5c9e3f11 100644 --- a/go/ql/lib/semmle/go/frameworks/Glog.qll +++ b/go/ql/lib/semmle/go/frameworks/Glog.qll @@ -39,8 +39,6 @@ module Glog { StringFormatter() { this.getName().matches("%f") } override int getFormatStringIndex() { result = super.getFirstPrintedArg() } - - override int getFirstFormattedParameterIndex() { result = super.getFirstPrintedArg() + 1 } } private class GlogCall extends LoggerCall::Range, DataFlow::CallNode { @@ -49,7 +47,7 @@ module Glog { GlogCall() { this = callee.getACall() } override DataFlow::Node getAMessageComponent() { - result = this.getArgument(any(int i | i >= callee.getFirstPrintedArg())) + result = this.getSyntacticArgument(any(int i | i >= callee.getFirstPrintedArg())) } } } diff --git a/go/ql/lib/semmle/go/frameworks/Logrus.qll b/go/ql/lib/semmle/go/frameworks/Logrus.qll index 40cdfe393ef..9b93049acfb 100644 --- a/go/ql/lib/semmle/go/frameworks/Logrus.qll +++ b/go/ql/lib/semmle/go/frameworks/Logrus.qll @@ -31,7 +31,7 @@ module Logrus { private class LogCall extends LoggerCall::Range, DataFlow::CallNode { LogCall() { this = any(LogFunction f).getACall() } - override DataFlow::Node getAMessageComponent() { result = this.getAnArgument() } + override DataFlow::Node getAMessageComponent() { result = this.getASyntacticArgument() } } private class StringFormatters extends StringOps::Formatting::Range instanceof LogFunction { @@ -43,7 +43,5 @@ module Logrus { } override int getFormatStringIndex() { result = argOffset } - - override int getFirstFormattedParameterIndex() { result = argOffset + 1 } } } diff --git a/go/ql/lib/semmle/go/frameworks/Revel.qll b/go/ql/lib/semmle/go/frameworks/Revel.qll index ea873a3972a..c67c4b340ee 100644 --- a/go/ql/lib/semmle/go/frameworks/Revel.qll +++ b/go/ql/lib/semmle/go/frameworks/Revel.qll @@ -124,7 +124,7 @@ module Revel { or methodName = "RenderText" and contentType = "text/plain" and - this = methodCall.getAnArgument() + this = methodCall.getASyntacticArgument() ) } @@ -201,7 +201,7 @@ module Revel { ) or // a revel controller.Render(arg) will set controller.ViewArgs["arg"] = arg - exists(Variable arg | arg.getARead() = render.(ControllerRender).getAnArgument() | + exists(Variable arg | arg.getARead() = render.(ControllerRender).getASyntacticArgument() | var.getBaseVariable() = arg and var.getQualifiedName() = read.getFieldName() ) diff --git a/go/ql/lib/semmle/go/frameworks/SQL.qll b/go/ql/lib/semmle/go/frameworks/SQL.qll index 9e9e48550fc..185f0b3f2bf 100644 --- a/go/ql/lib/semmle/go/frameworks/SQL.qll +++ b/go/ql/lib/semmle/go/frameworks/SQL.qll @@ -225,7 +225,7 @@ module SQL { GormSink() { exists(Method meth, string package, string name | meth.hasQualifiedName(package, "DB", name) and - this = meth.getACall().getArgument(0) and + this = meth.getACall().getSyntacticArgument(0) and package = Gorm::packagePath() and name in [ "Where", "Raw", "Order", "Not", "Or", "Select", "Table", "Group", "Having", "Joins", @@ -272,7 +272,7 @@ module Xorm { XormSink() { exists(Method meth, string type, string name, int n | meth.hasQualifiedName(Xorm::packagePath(), type, name) and - this = meth.getACall().getArgument(n) and + this = meth.getACall().getSyntacticArgument(n) and type = ["Engine", "Session"] | name = diff --git a/go/ql/lib/semmle/go/frameworks/Spew.qll b/go/ql/lib/semmle/go/frameworks/Spew.qll index 7c4133dfd04..b12bd0fed81 100644 --- a/go/ql/lib/semmle/go/frameworks/Spew.qll +++ b/go/ql/lib/semmle/go/frameworks/Spew.qll @@ -31,8 +31,6 @@ module Spew { StringFormatter() { this.getName().matches("%f") } override int getFormatStringIndex() { result = super.getFirstPrintedArg() } - - override int getFirstFormattedParameterIndex() { result = super.getFirstPrintedArg() + 1 } } private class SpewCall extends LoggerCall::Range, DataFlow::CallNode { @@ -41,7 +39,7 @@ module Spew { SpewCall() { this = target.getACall() } override DataFlow::Node getAMessageComponent() { - result = this.getArgument(any(int i | i >= target.getFirstPrintedArg())) + result = this.getSyntacticArgument(any(int i | i >= target.getFirstPrintedArg())) } } diff --git a/go/ql/lib/semmle/go/frameworks/SystemCommandExecutors.qll b/go/ql/lib/semmle/go/frameworks/SystemCommandExecutors.qll index 1e4b7637581..3728a6bee3c 100644 --- a/go/ql/lib/semmle/go/frameworks/SystemCommandExecutors.qll +++ b/go/ql/lib/semmle/go/frameworks/SystemCommandExecutors.qll @@ -14,11 +14,12 @@ private class ShellOrSudoExecution extends SystemCommandExecution::Range, DataFl ShellOrSudoExecution() { this instanceof SystemCommandExecution and - shellCommand = this.getAnArgument().getAPredecessor*() and - not hasSafeSubcommand(shellCommand.getStringValue(), this.getAnArgument().getStringValue()) + shellCommand = this.getASyntacticArgument().getAPredecessor*() and + not hasSafeSubcommand(shellCommand.getStringValue(), + this.getASyntacticArgument().getStringValue()) } - override DataFlow::Node getCommandName() { result = this.getAnArgument() } + override DataFlow::Node getCommandName() { result = this.getASyntacticArgument() } override predicate doubleDashIsSanitizing() { shellCommand.getStringValue().matches("%" + ["git", "rsync"]) @@ -49,7 +50,7 @@ private class SystemCommandExecutors extends SystemCommandExecution::Range, Data ) } - override DataFlow::Node getCommandName() { result = this.getArgument(cmdArg) } + override DataFlow::Node getCommandName() { result = this.getSyntacticArgument(cmdArg) } } /** @@ -76,7 +77,7 @@ private class GoShCommandExecution extends SystemCommandExecution::Range, DataFl ) } - override DataFlow::Node getCommandName() { result = this.getArgument(0) } + override DataFlow::Node getCommandName() { result = this.getSyntacticArgument(0) } } /** @@ -102,7 +103,7 @@ module CryptoSsh { ) } - override DataFlow::Node getCommandName() { result = this.getArgument(0) } + override DataFlow::Node getCommandName() { result = this.getSyntacticArgument(0) } } } diff --git a/go/ql/lib/semmle/go/frameworks/Zap.qll b/go/ql/lib/semmle/go/frameworks/Zap.qll index 7041c45a3c6..359f9aba410 100644 --- a/go/ql/lib/semmle/go/frameworks/Zap.qll +++ b/go/ql/lib/semmle/go/frameworks/Zap.qll @@ -32,8 +32,6 @@ module Zap { ZapFormatter() { this.getName().matches("%f") } override int getFormatStringIndex() { result = 0 } - - override int getFirstFormattedParameterIndex() { result = 1 } } /** @@ -45,7 +43,7 @@ module Zap { private class ZapCall extends LoggerCall::Range, DataFlow::MethodCallNode { ZapCall() { this = any(ZapFunction f).getACall() } - override DataFlow::Node getAMessageComponent() { result = this.getAnArgument() } + override DataFlow::Node getAMessageComponent() { result = this.getASyntacticArgument() } } // These are expressed using TaintTracking::FunctionModel because varargs functions don't work with Models-as-Data sumamries yet. diff --git a/go/ql/lib/semmle/go/frameworks/stdlib/Fmt.qll b/go/ql/lib/semmle/go/frameworks/stdlib/Fmt.qll index dd65aee23a4..725692754a9 100644 --- a/go/ql/lib/semmle/go/frameworks/stdlib/Fmt.qll +++ b/go/ql/lib/semmle/go/frameworks/stdlib/Fmt.qll @@ -30,7 +30,7 @@ module Fmt { private class PrintCall extends LoggerCall::Range, DataFlow::CallNode { PrintCall() { this.getTarget() instanceof Printer } - override DataFlow::Node getAMessageComponent() { result = this.getAnArgument() } + override DataFlow::Node getAMessageComponent() { result = this.getASyntacticArgument() } } /** The `Fprint` function or one of its variants. */ @@ -66,8 +66,6 @@ module Fmt { } override int getFormatStringIndex() { result = argOffset } - - override int getFirstFormattedParameterIndex() { result = argOffset + 1 } } /** The `Sscan` function or one of its variants. */ diff --git a/go/ql/lib/semmle/go/frameworks/stdlib/Log.qll b/go/ql/lib/semmle/go/frameworks/stdlib/Log.qll index f465009a255..90db1067ece 100644 --- a/go/ql/lib/semmle/go/frameworks/stdlib/Log.qll +++ b/go/ql/lib/semmle/go/frameworks/stdlib/Log.qll @@ -20,14 +20,12 @@ module Log { LogFormatter() { this.getName().matches("%f") } override int getFormatStringIndex() { result = 0 } - - override int getFirstFormattedParameterIndex() { result = 1 } } private class LogCall extends LoggerCall::Range, DataFlow::CallNode { LogCall() { this = any(LogFunction f).getACall() } - override DataFlow::Node getAMessageComponent() { result = this.getAnArgument() } + override DataFlow::Node getAMessageComponent() { result = this.getASyntacticArgument() } } /** A fatal log function, which calls `os.Exit`. */ diff --git a/go/ql/lib/semmle/go/frameworks/stdlib/NetHttp.qll b/go/ql/lib/semmle/go/frameworks/stdlib/NetHttp.qll index 51db02a5cbe..b3f1d075c86 100644 --- a/go/ql/lib/semmle/go/frameworks/stdlib/NetHttp.qll +++ b/go/ql/lib/semmle/go/frameworks/stdlib/NetHttp.qll @@ -134,7 +134,7 @@ module NetHttp { result = call.getReceiver() } - private class ResponseBody extends Http::ResponseBody::Range, DataFlow::ArgumentNode { + private class ResponseBody extends Http::ResponseBody::Range { DataFlow::Node responseWriter; ResponseBody() { @@ -148,6 +148,7 @@ module NetHttp { exists(TaintTracking::FunctionModel model | // A modeled function conveying taint from some input to the response writer, // e.g. `io.Copy(responseWriter, someTaintedReader)` + this = model.getACall().getASyntacticArgument() and model.taintStep(this, responseWriter) and responseWriter.getType().implements("net/http", "ResponseWriter") ) @@ -156,7 +157,9 @@ module NetHttp { SummarizedCallable callable, DataFlow::CallNode call, SummaryComponentStack input, SummaryComponentStack output | - callable = call.getACalleeIncludingExternals() and callable.propagatesFlow(input, output, _) + this = call.getASyntacticArgument() and + callable = call.getACalleeIncludingExternals() and + callable.propagatesFlow(input, output, _) | // A modeled function conveying taint from some input to the response writer, // e.g. `io.Copy(responseWriter, someTaintedReader)` diff --git a/go/ql/lib/semmle/go/security/CommandInjection.qll b/go/ql/lib/semmle/go/security/CommandInjection.qll index a3bc2747e7a..2b68b5563c6 100644 --- a/go/ql/lib/semmle/go/security/CommandInjection.qll +++ b/go/ql/lib/semmle/go/security/CommandInjection.qll @@ -47,7 +47,7 @@ module CommandInjection { exists(DataFlow::CallNode c | this = c and (c = Builtin::append().getACall() or c = any(SystemCommandExecution sce)) and - c.getArgument(doubleDashIndex).getStringValue() = "--" + c.getSyntacticArgument(doubleDashIndex).getStringValue() = "--" ) or // array/slice literal containing a "--" @@ -63,7 +63,7 @@ module CommandInjection { alreadyHasDoubleDash.getType() instanceof SliceType ) and this = userCall and - DataFlow::localFlow(alreadyHasDoubleDash, userCall.getArgument(doubleDashIndex)) + DataFlow::localFlow(alreadyHasDoubleDash, userCall.getSyntacticArgument(doubleDashIndex)) ) } @@ -71,7 +71,7 @@ module CommandInjection { exists(int sanitizedIndex | sanitizedIndex > doubleDashIndex and ( - result = this.(DataFlow::CallNode).getArgument(sanitizedIndex) or + result = this.(DataFlow::CallNode).getSyntacticArgument(sanitizedIndex) or result = DataFlow::exprNode(this.asExpr().(ArrayOrSliceLit).getElement(sanitizedIndex)) ) ) diff --git a/go/ql/lib/semmle/go/security/SensitiveActions.qll b/go/ql/lib/semmle/go/security/SensitiveActions.qll index fdd9661ead6..748d7fb1458 100644 --- a/go/ql/lib/semmle/go/security/SensitiveActions.qll +++ b/go/ql/lib/semmle/go/security/SensitiveActions.qll @@ -35,7 +35,7 @@ module HeuristicNames { */ string maybePassword() { result = "(?is).*pass(wd|word|code|phrase)(?!.*question).*" or - result = "(?is).*(auth(entication|ori[sz]ation)?)key.*" + result = "(?is).*(auth(entication|ori[sz]ation)?|api)key.*" } /** diff --git a/go/ql/lib/semmle/go/security/Xss.qll b/go/ql/lib/semmle/go/security/Xss.qll index 4c4c20e8a61..9003b766416 100644 --- a/go/ql/lib/semmle/go/security/Xss.qll +++ b/go/ql/lib/semmle/go/security/Xss.qll @@ -73,12 +73,12 @@ module SharedXss { exists(body.getAContentTypeNode()) or exists(DataFlow::CallNode call | call.getTarget().hasQualifiedName("fmt", "Fprintf") | - body = call.getAnArgument() and + body = call.getASyntacticArgument() and // checks that the format value does not start with (ignoring whitespace as defined by // https://mimesniff.spec.whatwg.org/#whitespace-byte): // - '<', which could lead to an HTML content type being detected, or // - '%', which could be a format string. - call.getArgument(1).getStringValue().regexpMatch("(?s)[\\t\\n\\x0c\\r ]*+[^<%].*") + call.getSyntacticArgument(1).getStringValue().regexpMatch("(?s)[\\t\\n\\x0c\\r ]*+[^<%].*") ) or exists(DataFlow::Node pred | body = pred.getASuccessor*() | diff --git a/go/ql/src/CHANGELOG.md b/go/ql/src/CHANGELOG.md index 81ce4f00d02..8a1b8bcfebc 100644 --- a/go/ql/src/CHANGELOG.md +++ b/go/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.5.2 + +No user-facing changes. + ## 0.5.1 No user-facing changes. diff --git a/go/ql/src/RedundantCode/DeadStoreOfField.ql b/go/ql/src/RedundantCode/DeadStoreOfField.ql index 2060ac1f734..edc1d62cb00 100644 --- a/go/ql/src/RedundantCode/DeadStoreOfField.ql +++ b/go/ql/src/RedundantCode/DeadStoreOfField.ql @@ -36,7 +36,10 @@ predicate escapes(DataFlow::Node nd) { exists(SendStmt s | nd.asExpr() = s.getValue()) or // if `nd` is passed to a function, then it escapes - nd instanceof DataFlow::ArgumentNode + nd = any(DataFlow::CallNode c).getASyntacticArgument() + or + // if `nd` is the receiver of a function, then it escapes + nd = any(DataFlow::MethodCallNode c).getReceiver() or // if `nd` has its address taken, then it escapes exists(AddressExpr ae | nd.asExpr() = ae.getOperand()) diff --git a/go/ql/src/Security/CWE-352/ConstantOauth2State.ql b/go/ql/src/Security/CWE-352/ConstantOauth2State.ql index 9a5cb10b84f..abe982f7fe5 100644 --- a/go/ql/src/Security/CWE-352/ConstantOauth2State.ql +++ b/go/ql/src/Security/CWE-352/ConstantOauth2State.ql @@ -109,7 +109,7 @@ class PrivateUrlFlowsToAuthCodeUrlCall extends DataFlow::Configuration { exists(DataFlow::CallNode cn | cn.getACalleeIncludingExternals().asFunction() instanceof Fmt::AppenderOrSprinter | - pred = cn.getAnArgument() and succ = cn.getResult() + pred = cn.getASyntacticArgument() and succ = cn.getResult() ) } diff --git a/go/ql/src/Security/CWE-601/BadRedirectCheck.ql b/go/ql/src/Security/CWE-601/BadRedirectCheck.ql index 9beb2fe160b..a04f197abab 100644 --- a/go/ql/src/Security/CWE-601/BadRedirectCheck.ql +++ b/go/ql/src/Security/CWE-601/BadRedirectCheck.ql @@ -121,7 +121,7 @@ class Configuration extends TaintTracking::Configuration { ) or exists(DataFlow::CallNode call, int i | call.getTarget().hasQualifiedName("path", "Join") | - i > 0 and node = call.getArgument(i) + i > 0 and node = call.getSyntacticArgument(i) ) } diff --git a/go/ql/src/change-notes/released/0.5.2.md b/go/ql/src/change-notes/released/0.5.2.md new file mode 100644 index 00000000000..e94d1f4ad5b --- /dev/null +++ b/go/ql/src/change-notes/released/0.5.2.md @@ -0,0 +1,3 @@ +## 0.5.2 + +No user-facing changes. diff --git a/go/ql/src/codeql-pack.release.yml b/go/ql/src/codeql-pack.release.yml index 0bf7024c337..2d9d3f587f8 100644 --- a/go/ql/src/codeql-pack.release.yml +++ b/go/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.5.1 +lastReleaseVersion: 0.5.2 diff --git a/go/ql/src/experimental/CWE-134/DsnBad.go b/go/ql/src/experimental/CWE-134/DsnBad.go new file mode 100644 index 00000000000..f0b2e3c4592 --- /dev/null +++ b/go/ql/src/experimental/CWE-134/DsnBad.go @@ -0,0 +1,8 @@ + +func bad() interface{} { + name := os.Args[1:] + // This is bad. `name` can be something like `test?allowAllFiles=true&` which will allow an attacker to access local files. + dbDSN := fmt.Sprintf("%s:%s@tcp(%s:%d)/%s?charset=utf8", "username", "password", "127.0.0.1", 3306, name) + db, _ := sql.Open("mysql", dbDSN) + return db +} diff --git a/go/ql/src/experimental/CWE-134/DsnGood.go b/go/ql/src/experimental/CWE-134/DsnGood.go new file mode 100644 index 00000000000..0922d3ea1ff --- /dev/null +++ b/go/ql/src/experimental/CWE-134/DsnGood.go @@ -0,0 +1,12 @@ +func good() (interface{}, error) { + name := os.Args[1] + hasBadChar, _ := regexp.MatchString(".*[?].*", name) + + if hasBadChar { + return nil, errors.New("Bad input") + } + + dbDSN := fmt.Sprintf("%s:%s@tcp(%s:%d)/%s?charset=utf8", "username", "password", "127.0.0.1", 3306, name) + db, _ := sql.Open("mysql", dbDSN) + return db, nil +} diff --git a/go/ql/src/experimental/CWE-134/DsnInjection.qhelp b/go/ql/src/experimental/CWE-134/DsnInjection.qhelp new file mode 100644 index 00000000000..0745de946f2 --- /dev/null +++ b/go/ql/src/experimental/CWE-134/DsnInjection.qhelp @@ -0,0 +1,38 @@ + + + + +

    If a Data-Source Name (DSN) is built using untrusted user input without proper sanitization, + the system may be vulnerable to DSN injection vulnerabilities.

    +     + + +

    If user input must be included in a DSN, additional steps should be taken to sanitize + untrusted data, such as checking for special characters included in user input.

    +     + + +

    In the following examples, the code accepts the db name from the user, + which it then uses to build a DSN string.

    + +

    The following example uses the unsanitized user input directly + in the process of constructing a DSN name. + A malicious user could provide special characters to change the meaning of this string, and + carry out unexpected database operations.

    + + + +

    In the following example, the input provided by the user is sanitized before it is included + in the DSN string. + This ensures the meaning of the DSN string cannot be changed by a malicious user.

    + + +     + + +
  • + CVE-2022-3023: Data Source Name Injection in pingcap/tidb. +
    • + +     +     \ No newline at end of file diff --git a/go/ql/src/experimental/CWE-134/DsnInjection.ql b/go/ql/src/experimental/CWE-134/DsnInjection.ql new file mode 100644 index 00000000000..89bb83f9284 --- /dev/null +++ b/go/ql/src/experimental/CWE-134/DsnInjection.ql @@ -0,0 +1,22 @@ +/** + * @name SQL Data-source URI built from user-controlled sources + * @description Building an SQL data-source URI from untrusted sources can allow attacker to compromise security + * @kind path-problem + * @problem.severity error + * @id go/dsn-injection + * @tags security + * experimental + * external/cwe/cwe-134 + */ + +import go +import DataFlow::PathGraph +import DsnInjectionCustomizations + +/** An untrusted flow source taken as a source for the `DsnInjection` taint-flow configuration. */ +private class UntrustedFlowAsSource extends Source instanceof UntrustedFlowSource { } + +from DsnInjection cfg, DataFlow::PathNode source, DataFlow::PathNode sink +where cfg.hasFlowPath(source, sink) +select sink.getNode(), source, sink, "This query depends on a $@.", source.getNode(), + "user-provided value" diff --git a/go/ql/src/experimental/CWE-134/DsnInjectionCustomizations.qll b/go/ql/src/experimental/CWE-134/DsnInjectionCustomizations.qll new file mode 100644 index 00000000000..de547b8a07d --- /dev/null +++ b/go/ql/src/experimental/CWE-134/DsnInjectionCustomizations.qll @@ -0,0 +1,46 @@ +/** Provides a taint-tracking model to reason about Data-Source name injection vulnerabilities. */ + +import go +import DataFlow::PathGraph +import semmle.go.dataflow.barrierguardutil.RegexpCheck + +/** A source for `DsnInjection` taint-flow configuration. */ +abstract class Source extends DataFlow::Node { } + +/** A taint-tracking configuration to reason about Data Source Name injection vulnerabilities. */ +class DsnInjection extends TaintTracking::Configuration { + DsnInjection() { this = "DsnInjection" } + + override predicate isSource(DataFlow::Node node) { node instanceof Source } + + override predicate isSink(DataFlow::Node node) { + exists(Function f | f.hasQualifiedName("database/sql", "Open") | + node = f.getACall().getArgument(1) + ) + } + + override predicate isSanitizer(DataFlow::Node node) { node instanceof RegexpCheckBarrier } +} + +/** A model of a function which decodes or unmarshals a tainted input, propagating taint from any argument to either the method receiver or return value. */ +private class DecodeFunctionModel extends TaintTracking::FunctionModel { + DecodeFunctionModel() { + // This matches any function with a name like `Decode`,`Unmarshal` or `Parse`. + // This is done to allow taints stored in encoded forms, such as in toml or json to flow freely. + this.getName().regexpMatch("(?i).*(parse|decode|unmarshal).*") + } + + override predicate hasTaintFlow(FunctionInput input, FunctionOutput output) { + input.isParameter(_) and + (output.isResult(0) or output.isReceiver()) + } +} + +/** A model of `flag.Parse`, propagating tainted input passed via CLI flags to `Parse`'s result. */ +private class FlagSetFunctionModel extends TaintTracking::FunctionModel { + FlagSetFunctionModel() { this.hasQualifiedName("flag", "Parse") } + + override predicate hasTaintFlow(FunctionInput input, FunctionOutput output) { + input.isParameter(0) and output.isResult() + } +} diff --git a/go/ql/src/experimental/CWE-134/DsnInjectionLocal.ql b/go/ql/src/experimental/CWE-134/DsnInjectionLocal.ql new file mode 100644 index 00000000000..7ecd3b1cc8a --- /dev/null +++ b/go/ql/src/experimental/CWE-134/DsnInjectionLocal.ql @@ -0,0 +1,24 @@ +/** + * @name SQL Data-source URI built from local user-controlled sources + * @description Building an SQL data-source URI from untrusted sources can allow attacker to compromise security + * @kind path-problem + * @problem.severity error + * @id go/dsn-injection-local + * @tags security + * experimental + * external/cwe/cwe-134 + */ + +import go +import DataFlow::PathGraph +import DsnInjectionCustomizations + +/** An argument passed via the command line taken as a source for the `DsnInjection` taint-flow configuration. */ +private class OsArgsSource extends Source { + OsArgsSource() { this = any(Variable c | c.hasQualifiedName("os", "Args")).getARead() } +} + +from DsnInjection cfg, DataFlow::PathNode source, DataFlow::PathNode sink +where cfg.hasFlowPath(source, sink) +select sink.getNode(), source, sink, "This query depends on a $@.", source.getNode(), + "user-provided value" diff --git a/go/ql/src/experimental/CWE-203/Timing.qhelp b/go/ql/src/experimental/CWE-203/Timing.qhelp new file mode 100644 index 00000000000..5fe189d66b5 --- /dev/null +++ b/go/ql/src/experimental/CWE-203/Timing.qhelp @@ -0,0 +1,36 @@ + + + +

    + Using a non-constant time comparision to compare sensitive information can lead to auth + vulnerabilities. +

    +     + + +

    Use of a constant time comparision function such as crypto/subtle package's + ConstantTimeCompare function can prevent this vulnerability.

    +     + + +

    In the following examples, the code accepts a secret via a HTTP header in variable + secretHeader and a secret from the user in the headerSecret variable, which + are then compared with a system stored secret to perform authentication.

    + + + + +

    In the following example, the input provided by the user is compared using the + ConstantTimeComapre function. This ensures that timing attacks are not possible in this + case.

    + + +     + + +
  • National Vulnerability Database: + CVE-2022-24912.
    • +
  • Verbose Logging: A + timing attack in action
    • +     +     \ No newline at end of file diff --git a/go/ql/src/experimental/CWE-203/Timing.ql b/go/ql/src/experimental/CWE-203/Timing.ql new file mode 100644 index 00000000000..a22fd8727cd --- /dev/null +++ b/go/ql/src/experimental/CWE-203/Timing.ql @@ -0,0 +1,72 @@ +/** + * @name Timing attacks due to comparison of sensitive secrets + * @description using a non-constant time comparison method to compare secrets can lead to authoriztion vulnerabilities + * @kind path-problem + * @problem.severity warning + * @id go/timing-attack + * @tags security + * experimental + * external/cwe/cwe-203 + */ + +import go +import DataFlow::PathGraph +import semmle.go.security.SensitiveActions + +private predicate isBadResult(DataFlow::Node e) { + exists(string path | path = e.asExpr().getFile().getAbsolutePath().toLowerCase() | + path.matches(["%fake%", "%dummy%", "%test%", "%example%"]) and not path.matches("%ql/test%") + ) +} + +/** + * A data flow sink for timing attack vulnerabilities. + */ +abstract class Sink extends DataFlow::Node { } + +/** A taint-tracking sink which models comparisons of sensitive variables. */ +private class SensitiveCompareSink extends Sink { + ComparisonExpr c; + + SensitiveCompareSink() { + // We select a comparison where a secret or password is tested. + exists(SensitiveVariableAccess op1, Expr op2 | + op1.getClassification() = [SensitiveExpr::secret(), SensitiveExpr::password()] and + // exclude grant to avoid FP from OAuth + not op1.getClassification().matches("%grant%") and + op1 = c.getAnOperand() and + op2 = c.getAnOperand() and + not op1 = op2 and + not ( + // Comparisons with `nil` should be excluded. + op2 = Builtin::nil().getAReference() + or + // Comparisons with empty string should also be excluded. + op2.getStringValue().length() = 0 + ) + | + // It is important to note that the name of both the operands need not be + // `sensitive`. Even if one of the operands appears to be sensitive, we consider it a potential sink. + c.getAnOperand() = this.asExpr() + ) + } + + DataFlow::Node getOtherOperand() { result.asExpr() = c.getAnOperand() and not result = this } +} + +class SecretTracking extends TaintTracking::Configuration { + SecretTracking() { this = "SecretTracking" } + + override predicate isSource(DataFlow::Node source) { + source instanceof UntrustedFlowSource and not isBadResult(source) + } + + override predicate isSink(DataFlow::Node sink) { sink instanceof Sink and not isBadResult(sink) } +} + +from SecretTracking cfg, DataFlow::PathNode source, DataFlow::PathNode sink +where + cfg.hasFlowPath(source, sink) and + not cfg.hasFlowTo(sink.getNode().(SensitiveCompareSink).getOtherOperand()) +select sink.getNode(), source, sink, "$@ may be vulnerable to timing attacks.", source.getNode(), + "Hardcoded String" diff --git a/go/ql/src/experimental/CWE-203/timingBad.go b/go/ql/src/experimental/CWE-203/timingBad.go new file mode 100644 index 00000000000..7bb25c4ec64 --- /dev/null +++ b/go/ql/src/experimental/CWE-203/timingBad.go @@ -0,0 +1,11 @@ +func bad(w http.ResponseWriter, req *http.Request, []byte secret) (interface{}, error) { + + secretHeader := "X-Secret" + + headerSecret := req.Header.Get(secretHeader) + secretStr := string(secret) + if len(secret) != 0 && headerSecret != secretStr { + return nil, fmt.Errorf("header %s=%s did not match expected secret", secretHeader, headerSecret) + } + return nil, nil +} \ No newline at end of file diff --git a/go/ql/src/experimental/CWE-203/timingGood.go b/go/ql/src/experimental/CWE-203/timingGood.go new file mode 100644 index 00000000000..7de6eca3f8a --- /dev/null +++ b/go/ql/src/experimental/CWE-203/timingGood.go @@ -0,0 +1,10 @@ +func good(w http.ResponseWriter, req *http.Request, []byte secret) (interface{}, error) { + + secretHeader := "X-Secret" + + headerSecret := req.Header.Get(secretHeader) + if len(secret) != 0 && subtle.ConstantTimeCompare(secret, []byte(headerSecret)) != 1 { + return nil, fmt.Errorf("header %s=%s did not match expected secret", secretHeader, headerSecret) + } + return nil, nil +} \ No newline at end of file diff --git a/go/ql/src/experimental/frameworks/CleverGo.qll b/go/ql/src/experimental/frameworks/CleverGo.qll index 4b39ea005fd..2433ba4997a 100644 --- a/go/ql/src/experimental/frameworks/CleverGo.qll +++ b/go/ql/src/experimental/frameworks/CleverGo.qll @@ -278,7 +278,7 @@ private module CleverGo { or // signature: func (*Context) Stringf(code int, format string, a ...interface{}) error methodName = "Stringf" and - bodyNode = bodySetterCall.getArgument([1, any(int i | i >= 2)]) and + bodyNode = bodySetterCall.getSyntacticArgument([1, any(int i | i >= 2)]) and contentTypeString = "text/plain" or // signature: func (*Context) XML(code int, data interface{}) error diff --git a/go/ql/src/experimental/frameworks/Fiber.qll b/go/ql/src/experimental/frameworks/Fiber.qll index cfc65afdc1c..27bb9bbcd10 100644 --- a/go/ql/src/experimental/frameworks/Fiber.qll +++ b/go/ql/src/experimental/frameworks/Fiber.qll @@ -183,7 +183,7 @@ private module Fiber { // signature: func (*Ctx) Append(field string, values ...string) methodName = "Append" and headerNameNode = headerSetterCall.getArgument(0) and - headerValueNode = headerSetterCall.getArgument(any(int i | i >= 1)) + headerValueNode = headerSetterCall.getSyntacticArgument(any(int i | i >= 1)) or // signature: func (*Ctx) Set(key string, val string) methodName = "Set" and @@ -270,7 +270,7 @@ private module Fiber { or // signature: func (*Ctx) Send(bodies ...interface{}) methodName = "Send" and - bodyNode = bodySetterCall.getArgument(_) + bodyNode = bodySetterCall.getASyntacticArgument() or // signature: func (*Ctx) SendBytes(body []byte) methodName = "SendBytes" and @@ -286,7 +286,7 @@ private module Fiber { or // signature: func (*Ctx) Write(bodies ...interface{}) methodName = "Write" and - bodyNode = bodySetterCall.getArgument(_) + bodyNode = bodySetterCall.getASyntacticArgument() ) ) ) diff --git a/go/ql/src/qlpack.yml b/go/ql/src/qlpack.yml index 64be9928c63..75963a0708e 100644 --- a/go/ql/src/qlpack.yml +++ b/go/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/go-queries -version: 0.5.2-dev +version: 0.5.3-dev groups: - go - queries diff --git a/go/ql/test/TestUtilities/InlineFlowTest.qll b/go/ql/test/TestUtilities/InlineFlowTest.qll index 13db1f9ccbb..0726265699f 100644 --- a/go/ql/test/TestUtilities/InlineFlowTest.qll +++ b/go/ql/test/TestUtilities/InlineFlowTest.qll @@ -7,7 +7,7 @@ * import TestUtilities.InlineFlowTest * ``` * - * To declare expecations, you can use the $hasTaintFlow or $hasValueFlow comments within the test source files. + * To declare expectations, you can use the $hasTaintFlow or $hasValueFlow comments within the test source files. * Example of the corresponding test file, e.g. Test.java * ```go * public class Test { @@ -78,7 +78,7 @@ class InlineFlowTest extends InlineExpectationsTest { override predicate hasActualResult(Location location, string element, string tag, string value) { tag = "hasValueFlow" and - exists(DataFlow::Node sink | getValueFlowConfig().hasFlowTo(sink) | + exists(DataFlow::Node sink | this.getValueFlowConfig().hasFlowTo(sink) | sink.hasLocationInfo(location.getFile().getAbsolutePath(), location.getStartLine(), location.getStartColumn(), location.getEndLine(), location.getEndColumn()) and element = sink.toString() and @@ -87,7 +87,8 @@ class InlineFlowTest extends InlineExpectationsTest { or tag = "hasTaintFlow" and exists(DataFlow::Node src, DataFlow::Node sink | - getTaintFlowConfig().hasFlow(src, sink) and not getValueFlowConfig().hasFlow(src, sink) + this.getTaintFlowConfig().hasFlow(src, sink) and + not this.getValueFlowConfig().hasFlow(src, sink) | sink.hasLocationInfo(location.getFile().getAbsolutePath(), location.getStartLine(), location.getStartColumn(), location.getEndLine(), location.getEndColumn()) and diff --git a/go/ql/test/experimental/CWE-134/Dsn.go b/go/ql/test/experimental/CWE-134/Dsn.go new file mode 100644 index 00000000000..3cdabc7cb3f --- /dev/null +++ b/go/ql/test/experimental/CWE-134/Dsn.go @@ -0,0 +1,77 @@ +package main + +import ( + "database/sql" + "errors" + "fmt" + "net/http" + "os" + "regexp" +) + +func good() (interface{}, error) { + name := os.Args[1] + hasBadChar, _ := regexp.MatchString(".*[?].*", name) + + if hasBadChar { + return nil, errors.New("bad input") + } + + dbDSN := fmt.Sprintf("%s:%s@tcp(%s:%d)/%s?charset=utf8", "username", "password", "127.0.0.1", 3306, name) + db, _ := sql.Open("mysql", dbDSN) + return db, nil +} + +func bad() interface{} { + name2 := os.Args[1:] + // This is bad. `name` can be something like `test?allowAllFiles=true&` which will allow an attacker to access local files. + dbDSN := fmt.Sprintf("%s:%s@tcp(%s:%d)/%s?charset=utf8", "username", "password", "127.0.0.1", 3306, name2[0]) + db, _ := sql.Open("mysql", dbDSN) + return db +} + +func good2(w http.ResponseWriter, req *http.Request) (interface{}, error) { + name := req.FormValue("name") + hasBadChar, _ := regexp.MatchString(".*[?].*", name) + + if hasBadChar { + return nil, errors.New("bad input") + } + + dbDSN := fmt.Sprintf("%s:%s@tcp(%s:%d)/%s?charset=utf8", "username", "password", "127.0.0.1", 3306, name) + db, _ := sql.Open("mysql", dbDSN) + return db, nil +} + +func bad2(w http.ResponseWriter, req *http.Request) interface{} { + name := req.FormValue("name") + // This is bad. `name` can be something like `test?allowAllFiles=true&` which will allow an attacker to access local files. + dbDSN := fmt.Sprintf("%s:%s@tcp(%s:%d)/%s?charset=utf8", "username", "password", "127.0.0.1", 3306, name) + db, _ := sql.Open("mysql", dbDSN) + return db +} + +type Config struct { + dsn string +} + +func NewConfig() *Config { return &Config{dsn: ""} } +func (Config) Parse([]string) error { return nil } + +func RegexFuncModelTest(w http.ResponseWriter, req *http.Request) (interface{}, error) { + cfg := NewConfig() + err := cfg.Parse(os.Args[1:]) // This is bad. `name` can be something like `test?allowAllFiles=true&` which will allow an attacker to access local files. + if err != nil { + return nil, err + } + dbDSN := fmt.Sprintf("%s:%s@tcp(%s:%d)/%s?charset=utf8", "username", "password", "127.0.0.1", 3306, cfg.dsn) + db, _ := sql.Open("mysql", dbDSN) + return db, nil +} + +func main() { + bad2(nil, nil) + good() + bad() + good2(nil, nil) +} diff --git a/go/ql/test/experimental/CWE-134/DsnInjection.expected b/go/ql/test/experimental/CWE-134/DsnInjection.expected new file mode 100644 index 00000000000..de054067a01 --- /dev/null +++ b/go/ql/test/experimental/CWE-134/DsnInjection.expected @@ -0,0 +1,8 @@ +edges +| Dsn.go:47:10:47:30 | call to FormValue | Dsn.go:50:29:50:33 | dbDSN | +nodes +| Dsn.go:47:10:47:30 | call to FormValue | semmle.label | call to FormValue | +| Dsn.go:50:29:50:33 | dbDSN | semmle.label | dbDSN | +subpaths +#select +| Dsn.go:50:29:50:33 | dbDSN | Dsn.go:47:10:47:30 | call to FormValue | Dsn.go:50:29:50:33 | dbDSN | This query depends on a $@. | Dsn.go:47:10:47:30 | call to FormValue | user-provided value | diff --git a/go/ql/test/experimental/CWE-134/DsnInjection.qlref b/go/ql/test/experimental/CWE-134/DsnInjection.qlref new file mode 100644 index 00000000000..c2308280884 --- /dev/null +++ b/go/ql/test/experimental/CWE-134/DsnInjection.qlref @@ -0,0 +1 @@ +experimental/CWE-134/DsnInjection.ql \ No newline at end of file diff --git a/go/ql/test/experimental/CWE-134/DsnInjectionLocal.expected b/go/ql/test/experimental/CWE-134/DsnInjectionLocal.expected new file mode 100644 index 00000000000..de5e959d43f --- /dev/null +++ b/go/ql/test/experimental/CWE-134/DsnInjectionLocal.expected @@ -0,0 +1,27 @@ +edges +| Dsn.go:26:11:26:17 | selection of Args | Dsn.go:29:29:29:33 | dbDSN | +| Dsn.go:62:2:62:4 | definition of cfg [pointer] | Dsn.go:63:9:63:11 | cfg [pointer] | +| Dsn.go:62:2:62:4 | definition of cfg [pointer] | Dsn.go:67:102:67:104 | cfg [pointer] | +| Dsn.go:63:9:63:11 | cfg [pointer] | Dsn.go:63:9:63:11 | implicit dereference | +| Dsn.go:63:9:63:11 | implicit dereference | Dsn.go:62:2:62:4 | definition of cfg [pointer] | +| Dsn.go:63:9:63:11 | implicit dereference | Dsn.go:63:9:63:11 | implicit dereference | +| Dsn.go:63:9:63:11 | implicit dereference | Dsn.go:68:29:68:33 | dbDSN | +| Dsn.go:63:19:63:25 | selection of Args | Dsn.go:63:9:63:11 | implicit dereference | +| Dsn.go:63:19:63:25 | selection of Args | Dsn.go:68:29:68:33 | dbDSN | +| Dsn.go:67:102:67:104 | cfg [pointer] | Dsn.go:67:102:67:104 | implicit dereference | +| Dsn.go:67:102:67:104 | implicit dereference | Dsn.go:63:9:63:11 | implicit dereference | +| Dsn.go:67:102:67:104 | implicit dereference | Dsn.go:68:29:68:33 | dbDSN | +nodes +| Dsn.go:26:11:26:17 | selection of Args | semmle.label | selection of Args | +| Dsn.go:29:29:29:33 | dbDSN | semmle.label | dbDSN | +| Dsn.go:62:2:62:4 | definition of cfg [pointer] | semmle.label | definition of cfg [pointer] | +| Dsn.go:63:9:63:11 | cfg [pointer] | semmle.label | cfg [pointer] | +| Dsn.go:63:9:63:11 | implicit dereference | semmle.label | implicit dereference | +| Dsn.go:63:19:63:25 | selection of Args | semmle.label | selection of Args | +| Dsn.go:67:102:67:104 | cfg [pointer] | semmle.label | cfg [pointer] | +| Dsn.go:67:102:67:104 | implicit dereference | semmle.label | implicit dereference | +| Dsn.go:68:29:68:33 | dbDSN | semmle.label | dbDSN | +subpaths +#select +| Dsn.go:29:29:29:33 | dbDSN | Dsn.go:26:11:26:17 | selection of Args | Dsn.go:29:29:29:33 | dbDSN | This query depends on a $@. | Dsn.go:26:11:26:17 | selection of Args | user-provided value | +| Dsn.go:68:29:68:33 | dbDSN | Dsn.go:63:19:63:25 | selection of Args | Dsn.go:68:29:68:33 | dbDSN | This query depends on a $@. | Dsn.go:63:19:63:25 | selection of Args | user-provided value | diff --git a/go/ql/test/experimental/CWE-134/DsnInjectionLocal.qlref b/go/ql/test/experimental/CWE-134/DsnInjectionLocal.qlref new file mode 100644 index 00000000000..b7b7e2bdbdd --- /dev/null +++ b/go/ql/test/experimental/CWE-134/DsnInjectionLocal.qlref @@ -0,0 +1 @@ +experimental/CWE-134/DsnInjectionLocal.ql \ No newline at end of file diff --git a/go/ql/test/experimental/CWE-203/Timing.expected b/go/ql/test/experimental/CWE-203/Timing.expected new file mode 100644 index 00000000000..a94866cda5a --- /dev/null +++ b/go/ql/test/experimental/CWE-203/Timing.expected @@ -0,0 +1,10 @@ +edges +| timing.go:14:18:14:27 | selection of Header | timing.go:14:18:14:45 | call to Get | +| timing.go:14:18:14:45 | call to Get | timing.go:16:25:16:36 | headerSecret | +nodes +| timing.go:14:18:14:27 | selection of Header | semmle.label | selection of Header | +| timing.go:14:18:14:45 | call to Get | semmle.label | call to Get | +| timing.go:16:25:16:36 | headerSecret | semmle.label | headerSecret | +subpaths +#select +| timing.go:16:25:16:36 | headerSecret | timing.go:14:18:14:27 | selection of Header | timing.go:16:25:16:36 | headerSecret | $@ may be vulnerable to timing attacks. | timing.go:14:18:14:27 | selection of Header | Hardcoded String | diff --git a/go/ql/test/experimental/CWE-203/Timing.qlref b/go/ql/test/experimental/CWE-203/Timing.qlref new file mode 100644 index 00000000000..6a51fa3db08 --- /dev/null +++ b/go/ql/test/experimental/CWE-203/Timing.qlref @@ -0,0 +1 @@ +experimental/CWE-203/Timing.ql \ No newline at end of file diff --git a/go/ql/test/experimental/CWE-203/timing.go b/go/ql/test/experimental/CWE-203/timing.go new file mode 100644 index 00000000000..627d1a59a36 --- /dev/null +++ b/go/ql/test/experimental/CWE-203/timing.go @@ -0,0 +1,37 @@ +package main + +import ( + "crypto/subtle" + "fmt" + "net/http" +) + +func bad(w http.ResponseWriter, req *http.Request) (interface{}, error) { + + secret := "MySuperSecretPasscode" + secretHeader := "X-Secret" + + headerSecret := req.Header.Get(secretHeader) + secretStr := string(secret) + if len(secret) != 0 && headerSecret != secretStr { + return nil, fmt.Errorf("header %s=%s did not match expected secret", secretHeader, headerSecret) + } + return nil, nil +} + +func good(w http.ResponseWriter, req *http.Request) (interface{}, error) { + + secret := []byte("MySuperSecretPasscode") + secretHeader := "X-Secret" + + headerSecret := req.Header.Get(secretHeader) + if len(secret) != 0 && subtle.ConstantTimeCompare(secret, []byte(headerSecret)) != 1 { + return nil, fmt.Errorf("header %s=%s did not match expected secret", secretHeader, headerSecret) + } + return nil, nil +} + +func main() { + bad(nil, nil) + good(nil, nil) +} diff --git a/go/ql/test/experimental/frameworks/CleverGo/UntrustedSources.go b/go/ql/test/experimental/frameworks/CleverGo/UntrustedSources.go index 4df9ddabd89..53451c2a315 100644 --- a/go/ql/test/experimental/frameworks/CleverGo/UntrustedSources.go +++ b/go/ql/test/experimental/frameworks/CleverGo/UntrustedSources.go @@ -14,10 +14,8 @@ func UntrustedSources_ClevergoTechClevergoV052() { { var receiverContext656 clevergo.Context resultUsername414, resultPassword518, _ := receiverContext656.BasicAuth() - sink( - resultUsername414, // $ untrustedFlowSource - resultPassword518, // $ untrustedFlowSource - ) + sink(resultUsername414) // $ untrustedFlowSource + sink(resultPassword518) // $ untrustedFlowSource } // func (*Context).Decode(v interface{}) (err error) { @@ -102,10 +100,8 @@ func UntrustedSources_ClevergoTechClevergoV052() { // Untrusted flow sources from clevergo.tech/clevergo.Param struct fields. { structParam246 := new(clevergo.Param) - sink( - structParam246.Key, // $ untrustedFlowSource - structParam246.Value, // $ untrustedFlowSource - ) + sink(structParam246.Key) // $ untrustedFlowSource + sink(structParam246.Value) // $ untrustedFlowSource } } // Untrusted flow sources from types. diff --git a/go/ql/test/experimental/frameworks/CleverGo/stubs.go b/go/ql/test/experimental/frameworks/CleverGo/stubs.go index d435852dedb..27806846860 100644 --- a/go/ql/test/experimental/frameworks/CleverGo/stubs.go +++ b/go/ql/test/experimental/frameworks/CleverGo/stubs.go @@ -7,6 +7,6 @@ func source() interface{} { return nil } -func sink(v ...interface{}) {} +func sink(v interface{}) {} func link(from interface{}, into interface{}) {} diff --git a/go/ql/test/experimental/frameworks/Fiber/UntrustedFlowSources.go b/go/ql/test/experimental/frameworks/Fiber/UntrustedFlowSources.go index 3e09a633694..f3178dbaca4 100644 --- a/go/ql/test/experimental/frameworks/Fiber/UntrustedFlowSources.go +++ b/go/ql/test/experimental/frameworks/Fiber/UntrustedFlowSources.go @@ -121,13 +121,11 @@ func UntrustedFlowSources_GithubComGofiberFiberV1146() { // Untrusted flow sources from github.com/gofiber/fiber.Cookie struct fields. { structCookie322 := new(fiber.Cookie) - sink( - structCookie322.Domain, // $ untrustedFlowSource - structCookie322.Name, // $ untrustedFlowSource - structCookie322.Path, // $ untrustedFlowSource - structCookie322.SameSite, // $ untrustedFlowSource - structCookie322.Value, // $ untrustedFlowSource - ) + sink(structCookie322.Domain) // $ untrustedFlowSource + sink(structCookie322.Name) // $ untrustedFlowSource + sink(structCookie322.Path) // $ untrustedFlowSource + sink(structCookie322.SameSite) // $ untrustedFlowSource + sink(structCookie322.Value) // $ untrustedFlowSource } // Untrusted flow sources from github.com/gofiber/fiber.Error struct fields. { diff --git a/go/ql/test/experimental/frameworks/Fiber/stubs.go b/go/ql/test/experimental/frameworks/Fiber/stubs.go index d435852dedb..27806846860 100644 --- a/go/ql/test/experimental/frameworks/Fiber/stubs.go +++ b/go/ql/test/experimental/frameworks/Fiber/stubs.go @@ -7,6 +7,6 @@ func source() interface{} { return nil } -func sink(v ...interface{}) {} +func sink(v interface{}) {} func link(from interface{}, into interface{}) {} diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlowVarArgs/main.go b/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlowVarArgs/main.go index 40c2d31149b..79043e3f7bb 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlowVarArgs/main.go +++ b/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlowVarArgs/main.go @@ -24,7 +24,7 @@ func main() { sink(test.FunctionWithParameter(sSlice[1])) // $ taintflow dataflow sink(test.FunctionWithSliceParameter(sSlice)) // $ taintflow dataflow sink(test.FunctionWithVarArgsParameter(sSlice...)) // $ taintflow dataflow - sink(test.FunctionWithVarArgsParameter(s0, s1)) // $ MISSING: taintflow dataflow + sink(test.FunctionWithVarArgsParameter(s0, s1)) // $ taintflow dataflow sliceOfStructs := []test.A{{Field: source()}} sink(sliceOfStructs[0].Field) // $ taintflow dataflow @@ -34,5 +34,5 @@ func main() { aSlice := []test.A{a0, a1} sink(test.FunctionWithSliceOfStructsParameter(aSlice)) // $ taintflow dataflow sink(test.FunctionWithVarArgsOfStructsParameter(aSlice...)) // $ taintflow dataflow - sink(test.FunctionWithVarArgsOfStructsParameter(a0, a1)) // $ MISSING: taintflow dataflow + sink(test.FunctionWithVarArgsOfStructsParameter(a0, a1)) // $ taintflow dataflow } diff --git a/go/ql/test/library-tests/semmle/go/dataflow/Nodes/CallNode_getArgument.expected b/go/ql/test/library-tests/semmle/go/dataflow/Nodes/CallNode_getArgument.expected index fc391bafcff..2cc2fe8d3ee 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/Nodes/CallNode_getArgument.expected +++ b/go/ql/test/library-tests/semmle/go/dataflow/Nodes/CallNode_getArgument.expected @@ -1,6 +1,4 @@ -| main.go:7:2:7:25 | call to Println | 0 | main.go:7:14:7:24 | ...+... | -| main.go:10:2:10:19 | call to Println | 0 | main.go:10:14:10:18 | ...+... | +| main.go:7:2:7:25 | call to Println | 0 | main.go:7:2:7:25 | []type{args} | +| main.go:10:2:10:19 | call to Println | 0 | main.go:10:2:10:19 | []type{args} | | main.go:14:8:14:24 | call to make | 0 | main.go:14:23:14:23 | 1 | -| main.go:16:2:16:26 | call to Println | 0 | main.go:16:14:16:15 | ss | -| main.go:16:2:16:26 | call to Println | 1 | main.go:16:18:16:18 | 0 | -| main.go:16:2:16:26 | call to Println | 2 | main.go:16:21:16:25 | index expression | +| main.go:16:2:16:26 | call to Println | 0 | main.go:16:2:16:26 | []type{args} | diff --git a/go/ql/test/library-tests/semmle/go/dataflow/VarArgs/main.go b/go/ql/test/library-tests/semmle/go/dataflow/VarArgs/main.go index a2b60745eb5..3c3d80f7342 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/VarArgs/main.go +++ b/go/ql/test/library-tests/semmle/go/dataflow/VarArgs/main.go @@ -36,7 +36,7 @@ func main() { sSlice := []string{s0, s1} sink(functionWithSliceParameter(sSlice)) // $ taintflow dataflow sink(functionWithVarArgsParameter(sSlice...)) // $ taintflow dataflow - sink(functionWithVarArgsParameter(s0, s1)) // $ MISSING: taintflow dataflow + sink(functionWithVarArgsParameter(s0, s1)) // $ taintflow dataflow sliceOfStructs := []A{{f: source()}} sink(sliceOfStructs[0].f) // $ taintflow dataflow @@ -46,5 +46,5 @@ func main() { aSlice := []A{a0, a1} sink(functionWithSliceOfStructsParameter(aSlice)) // $ taintflow dataflow sink(functionWithVarArgsOfStructsParameter(aSlice...)) // $ taintflow dataflow - sink(functionWithVarArgsOfStructsParameter(a0, a1)) // $ MISSING: taintflow dataflow + sink(functionWithVarArgsOfStructsParameter(a0, a1)) // $ taintflow dataflow } diff --git a/go/ql/test/library-tests/semmle/go/frameworks/SQL/Gorm/gorm.ql b/go/ql/test/library-tests/semmle/go/frameworks/SQL/Gorm/gorm.ql index 47a9e0bbc8d..e08b506deaf 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/SQL/Gorm/gorm.ql +++ b/go/ql/test/library-tests/semmle/go/frameworks/SQL/Gorm/gorm.ql @@ -1,5 +1,5 @@ import go from SQL::QueryString qs, Method meth, string a, string b, string c -where meth.hasQualifiedName(a, b, c) and qs = meth.getACall().getArgument(0) +where meth.hasQualifiedName(a, b, c) and qs = meth.getACall().getSyntacticArgument(0) select qs, a, b, c diff --git a/java/documentation/library-coverage/coverage.csv b/java/documentation/library-coverage/coverage.csv index 4ff5999f00a..93c93f8ef46 100644 --- a/java/documentation/library-coverage/coverage.csv +++ b/java/documentation/library-coverage/coverage.csv @@ -1,162 +1,174 @@ -package,sink,source,summary,sink:bean-validation,sink:create-file,sink:fragment-injection,sink:groovy,sink:header-splitting,sink:information-leak,sink:intent-start,sink:jdbc-url,sink:jexl,sink:jndi-injection,sink:ldap,sink:logging,sink:mvel,sink:ognl-injection,sink:open-url,sink:pending-intent-sent,sink:read-file,sink:regex-use,sink:regex-use[-1],sink:regex-use[0],sink:regex-use[],sink:regex-use[f-1],sink:regex-use[f1],sink:regex-use[f],sink:set-hostname-verifier,sink:sql,sink:ssti,sink:url-redirect,sink:write-file,sink:xpath,sink:xslt,sink:xss,source:android-external-storage-dir,source:android-widget,source:contentprovider,source:remote,summary:taint,summary:value -android.app,35,,103,,,11,,,,7,,,,,,,,,17,,,,,,,,,,,,,,,,,,,,,18,85 -android.content,24,31,154,,,,,,,16,,,,,,,,,,,,,,,,,,,8,,,,,,,4,,27,,63,91 -android.database,59,,41,,,,,,,,,,,,,,,,,,,,,,,,,,59,,,,,,,,,,,41, -android.net,,,60,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,45,15 -android.os,,2,122,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,2,,,,41,81 -android.support.v4.app,11,,,,,11,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, -android.util,6,16,,,,,,,,,,,,,6,,,,,,,,,,,,,,,,,,,,,,,,16,, -android.webkit,3,2,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,3,,,,2,, -android.widget,,1,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,1, -androidx.core.app,6,,95,,,,,,,,,,,,,,,,6,,,,,,,,,,,,,,,,,,,,,12,83 -androidx.fragment.app,11,,,,,11,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, -androidx.slice,2,5,88,,,,,,,,,,,,,,,,2,,,,,,,,,,,,,,,,,,,5,,27,61 -cn.hutool.core.codec,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1, -com.esotericsoftware.kryo.io,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1, -com.esotericsoftware.kryo5.io,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1, -com.fasterxml.jackson.core,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1, -com.fasterxml.jackson.databind,,,6,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,6, -com.google.common.base,4,,87,,,,,,,,,,,,,,,,,,,,3,1,,,,,,,,,,,,,,,,63,24 -com.google.common.cache,,,17,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,17 -com.google.common.collect,,,553,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,2,551 -com.google.common.flogger,29,,,,,,,,,,,,,,29,,,,,,,,,,,,,,,,,,,,,,,,,, -com.google.common.io,8,,73,,2,,,,,,,,,,,,,,,5,,,,,,,,,,,,1,,,,,,,,72,1 -com.hubspot.jinjava,2,,,,,,,,,,,,,,,,,,,,,,,,,,,,,2,,,,,,,,,,, -com.mitchellbosecke.pebble,2,,,,,,,,,,,,,,,,,,,,,,,,,,,,,2,,,,,,,,,,, -com.opensymphony.xwork2.ognl,3,,,,,,,,,,,,,,,,3,,,,,,,,,,,,,,,,,,,,,,,, -com.rabbitmq.client,,21,7,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,21,7, -com.thoughtworks.xstream,1,,,,,,,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,, -com.unboundid.ldap.sdk,17,,,,,,,,,,,,,17,,,,,,,,,,,,,,,,,,,,,,,,,,, -com.zaxxer.hikari,2,,,,,,,,,,2,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, -flexjson,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1 -freemarker.cache,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,,,,,,,,, -freemarker.template,7,,,,,,,,,,,,,,,,,,,,,,,,,,,,,7,,,,,,,,,,, -groovy.lang,26,,,,,,26,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, -groovy.util,5,,,,,,5,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, -hudson,44,,16,,19,,,,,,,,,,,,,6,,17,,,,,,,,,,,,2,,,,,,,,16, -io.jsonwebtoken,,2,4,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,2,4, -io.netty.bootstrap,3,,,,,,,,,,,,,,,,,3,,,,,,,,,,,,,,,,,,,,,,, -io.netty.buffer,,,207,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,130,77 -io.netty.channel,9,2,,,,,,,,,,,,,,,,9,,,,,,,,,,,,,,,,,,,,,2,, -io.netty.handler.codec,4,13,259,,,,,,,,,,,,,,,3,,1,,,,,,,,,,,,,,,,,,,13,143,116 -io.netty.handler.ssl,2,,,,,,,,,,,,,,,,,,,2,,,,,,,,,,,,,,,,,,,,, -io.netty.handler.stream,1,,,,,,,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,, -io.netty.resolver,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1, -io.netty.util,2,,23,,1,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,,21,2 -jakarta.faces.context,2,7,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,2,,,,7,, -jakarta.json,,,123,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,100,23 -jakarta.ws.rs.client,1,,,,,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,,, -jakarta.ws.rs.container,,9,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,9,, -jakarta.ws.rs.core,2,,149,,,,,,,,,,,,,,,,,,,,,,,,,,,,2,,,,,,,,,94,55 -java.awt,,,3,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,3 -java.beans,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1, -java.io,44,,45,,18,,,,,,,,,,,,,,,4,,,,,,,,,,,,22,,,,,,,,43,2 -java.lang,18,,92,,,,,,,,,,,,8,,,,,5,,4,,,1,,,,,,,,,,,,,,,56,36 -java.net,13,3,20,,,,,,,,,,,,,,,13,,,,,,,,,,,,,,,,,,,,,3,20, -java.nio,36,,31,,21,,,,,,,,,,,,,,,12,,,,,,,,,,,,3,,,,,,,,31, -java.sql,13,,3,,,,,,,,4,,,,,,,,,,,,,,,,,,9,,,,,,,,,,,2,1 -java.util,44,,484,,,,,,,,,,,,34,,,,,,,,5,2,,1,2,,,,,,,,,,,,,44,440 -javafx.scene.web,1,,,,,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,,, -javax.faces.context,2,7,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,2,,,,7,, -javax.imageio.stream,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1, -javax.jms,,9,57,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,9,57, -javax.json,,,123,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,100,23 -javax.management.remote,2,,,,,,,,,,,,2,,,,,,,,,,,,,,,,,,,,,,,,,,,, -javax.naming,7,,1,,,,,,,,,,6,1,,,,,,,,,,,,,,,,,,,,,,,,,,1, -javax.net.ssl,2,,,,,,,,,,,,,,,,,,,,,,,,,,,2,,,,,,,,,,,,, -javax.script,1,,,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,,,,, -javax.servlet,5,21,2,,,,,3,1,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,21,2, -javax.validation,1,1,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,, -javax.ws.rs.client,1,,,,,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,,, -javax.ws.rs.container,,9,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,9,, -javax.ws.rs.core,3,,149,,,,,1,,,,,,,,,,,,,,,,,,,,,,,2,,,,,,,,,94,55 -javax.xml.transform,2,,6,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,,,,6, -javax.xml.xpath,3,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,3,,,,,,,, -jodd.json,,,10,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,10 -kotlin,16,,1843,,11,,,,,,,,,,,,,2,,3,,,,,,,,,,,,,,,,,,,,1836,7 -net.sf.saxon.s9api,5,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,5,,,,,,, -ognl,6,,,,,,,,,,,,,,,,6,,,,,,,,,,,,,,,,,,,,,,,, -okhttp3,2,,47,,,,,,,,,,,,,,,2,,,,,,,,,,,,,,,,,,,,,,22,25 -org.apache.commons.codec,,,6,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,6, -org.apache.commons.collections,,,800,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,17,783 -org.apache.commons.collections4,,,800,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,17,783 -org.apache.commons.compress.archivers.tar,,,4,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,4, -org.apache.commons.httpclient.util,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1, -org.apache.commons.io,111,,560,,93,,,,,,,,,,,,,15,,1,,,,,,,,,,,,2,,,,,,,,546,14 -org.apache.commons.jelly,6,,,,,,,,,,,,,,,,,6,,,,,,,,,,,,,,,,,,,,,,, -org.apache.commons.jexl2,15,,,,,,,,,,,15,,,,,,,,,,,,,,,,,,,,,,,,,,,,, -org.apache.commons.jexl3,15,,,,,,,,,,,15,,,,,,,,,,,,,,,,,,,,,,,,,,,,, -org.apache.commons.lang3,6,,424,,,,,,,,,,,,,,,,,,6,,,,,,,,,,,,,,,,,,,293,131 -org.apache.commons.logging,6,,,,,,,,,,,,,,6,,,,,,,,,,,,,,,,,,,,,,,,,, -org.apache.commons.ognl,6,,,,,,,,,,,,,,,,6,,,,,,,,,,,,,,,,,,,,,,,, -org.apache.commons.text,,,272,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,220,52 -org.apache.directory.ldap.client.api,1,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,, -org.apache.hadoop.hive.metastore,3,,,,,,,,,,,,,,,,,,,,,,,,,,,,3,,,,,,,,,,,, -org.apache.hc.client5.http.async.methods,84,,,,,,,,,,,,,,,,,84,,,,,,,,,,,,,,,,,,,,,,, -org.apache.hc.client5.http.classic.methods,37,,,,,,,,,,,,,,,,,37,,,,,,,,,,,,,,,,,,,,,,, -org.apache.hc.client5.http.fluent,19,,,,,,,,,,,,,,,,,19,,,,,,,,,,,,,,,,,,,,,,, -org.apache.hc.core5.benchmark,1,,,,,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,,, -org.apache.hc.core5.function,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1, -org.apache.hc.core5.http,73,2,45,,,,,,,,,,,,,,,72,,,,,,,,,,,,,,,,,1,,,,2,45, -org.apache.hc.core5.net,,,18,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,18, -org.apache.hc.core5.util,,,24,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,18,6 -org.apache.hive.hcatalog.templeton,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,,,,,,,,,, -org.apache.http,48,3,94,,,,,,,,,,,,,,,46,,,,,,,,,,,,,,,,,2,,,,3,86,8 -org.apache.ibatis.jdbc,6,,57,,,,,,,,,,,,,,,,,,,,,,,,,,6,,,,,,,,,,,57, -org.apache.log4j,11,,,,,,,,,,,,,,11,,,,,,,,,,,,,,,,,,,,,,,,,, -org.apache.logging.log4j,359,,8,,,,,,,,,,,,359,,,,,,,,,,,,,,,,,,,,,,,,,4,4 -org.apache.shiro.codec,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1, -org.apache.shiro.jndi,1,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,, -org.apache.tools.ant,11,,,,3,,,,,,,,,,,,,,,8,,,,,,,,,,,,,,,,,,,,, -org.apache.tools.zip,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1, -org.apache.velocity.app,4,,,,,,,,,,,,,,,,,,,,,,,,,,,,,4,,,,,,,,,,, -org.apache.velocity.runtime,4,,,,,,,,,,,,,,,,,,,,,,,,,,,,,4,,,,,,,,,,, -org.codehaus.cargo.container.installer,3,,,,2,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,,, -org.codehaus.groovy.control,1,,,,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, -org.dom4j,20,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,20,,,,,,,, -org.eclipse.jetty.client,1,,,,,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,,, -org.geogebra.web.full.main,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,,,,,,,, -org.hibernate,7,,,,,,,,,,,,,,,,,,,,,,,,,,,,7,,,,,,,,,,,, -org.jboss.logging,324,,,,,,,,,,,,,,324,,,,,,,,,,,,,,,,,,,,,,,,,, -org.jdbi.v3.core,6,,,,,,,,,,6,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, -org.jooq,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,,,,,,,,,, -org.json,,,236,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,198,38 -org.kohsuke.stapler,3,,1,,,,,,,,,,,,,,,1,,1,,,,,,,,,,,1,,,,,,,,,1, -org.mvel2,16,,,,,,,,,,,,,,,16,,,,,,,,,,,,,,,,,,,,,,,,, -org.openjdk.jmh.runner.options,1,,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, -org.scijava.log,13,,,,,,,,,,,,,,13,,,,,,,,,,,,,,,,,,,,,,,,,, -org.slf4j,55,,6,,,,,,,,,,,,55,,,,,,,,,,,,,,,,,,,,,,,,,2,4 -org.springframework.beans,,,30,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,30 -org.springframework.boot.jdbc,1,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, -org.springframework.cache,,,13,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,13 -org.springframework.context,,,3,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,3, -org.springframework.data.repository,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1 -org.springframework.http,14,,71,,,,,,,,,,,,,,,14,,,,,,,,,,,,,,,,,,,,,,61,10 -org.springframework.jdbc.core,10,,,,,,,,,,,,,,,,,,,,,,,,,,,,10,,,,,,,,,,,, -org.springframework.jdbc.datasource,4,,,,,,,,,,4,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, -org.springframework.jdbc.object,9,,,,,,,,,,,,,,,,,,,,,,,,,,,,9,,,,,,,,,,,, -org.springframework.jndi,1,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,, -org.springframework.ldap,47,,,,,,,,,,,,33,14,,,,,,,,,,,,,,,,,,,,,,,,,,, -org.springframework.security.web.savedrequest,,6,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,6,, -org.springframework.ui,,,32,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,32 -org.springframework.util,3,,142,,2,,,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,90,52 -org.springframework.validation,,,13,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,13, -org.springframework.web.client,13,3,,,,,,,,,,,,,,,,13,,,,,,,,,,,,,,,,,,,,,3,, -org.springframework.web.context.request,,8,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,8,, -org.springframework.web.multipart,,12,13,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,12,13, -org.springframework.web.reactive.function.client,2,,,,,,,,,,,,,,,,,2,,,,,,,,,,,,,,,,,,,,,,, -org.springframework.web.util,,,165,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,140,25 -org.thymeleaf,2,,2,,,,,,,,,,,,,,,,,,,,,,,,,,,2,,,,,,,,,,2, -org.xml.sax,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1, -org.xmlpull.v1,,3,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,3,, -play.mvc,,4,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,4,, -ratpack.core.form,,,3,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,3, -ratpack.core.handling,,6,4,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,6,4, -ratpack.core.http,,10,10,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,10,10, -ratpack.exec,,,48,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,48 -ratpack.form,,,3,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,3, -ratpack.func,,,35,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,35 -ratpack.handling,,6,4,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,6,4, -ratpack.http,,10,10,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,10,10, -ratpack.util,,,35,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,35 -retrofit2,1,,,,,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,,, +package,sink,source,summary,sink:bean-validation,sink:file-content-store,sink:fragment-injection,sink:groovy-injection,sink:hostname-verification,sink:html-injection,sink:information-leak,sink:intent-redirection,sink:jexl-injection,sink:jndi-injection,sink:js-injection,sink:ldap-injection,sink:log-injection,sink:mvel-injection,sink:ognl-injection,sink:path-injection,sink:pending-intents,sink:regex-use,sink:regex-use[-1],sink:regex-use[0],sink:regex-use[],sink:regex-use[f-1],sink:regex-use[f1],sink:regex-use[f],sink:request-forgery,sink:response-splitting,sink:sql-injection,sink:template-injection,sink:url-redirection,sink:xpath-injection,sink:xslt-injection,source:android-external-storage-dir,source:contentprovider,source:remote,summary:taint,summary:value +android.app,35,,103,,,11,,,,,7,,,,,,,,,17,,,,,,,,,,,,,,,,,,18,85 +android.content,24,31,154,,,,,,,,16,,,,,,,,,,,,,,,,,,,8,,,,,4,27,,63,91 +android.database,59,,41,,,,,,,,,,,,,,,,,,,,,,,,,,,59,,,,,,,,41, +android.net,,,60,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,45,15 +android.os,,2,122,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,2,,,41,81 +android.support.v4.app,11,,,,,11,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, +android.util,6,16,,,,,,,,,,,,,,6,,,,,,,,,,,,,,,,,,,,,16,, +android.webkit,3,2,,,,,,,2,,,,,1,,,,,,,,,,,,,,,,,,,,,,,2,, +android.widget,,1,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,1, +androidx.core.app,6,,95,,,,,,,,,,,,,,,,,6,,,,,,,,,,,,,,,,,,12,83 +androidx.fragment.app,11,,,,,11,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, +androidx.slice,2,5,88,,,,,,,,,,,,,,,,,2,,,,,,,,,,,,,,,,5,,27,61 +cn.hutool.core.codec,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1, +com.alibaba.druid.sql,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1, +com.esotericsoftware.kryo.io,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1, +com.esotericsoftware.kryo5.io,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1, +com.fasterxml.jackson.core,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1, +com.fasterxml.jackson.databind,2,,6,,,,,,,,,,,,,,,,2,,,,,,,,,,,,,,,,,,,6, +com.google.common.base,4,,87,,,,,,,,,,,,,,,,,,,,3,1,,,,,,,,,,,,,,63,24 +com.google.common.cache,,,17,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,17 +com.google.common.collect,,,553,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,2,551 +com.google.common.flogger,29,,,,,,,,,,,,,,,29,,,,,,,,,,,,,,,,,,,,,,, +com.google.common.io,8,,73,,1,,,,,,,,,,,,,,7,,,,,,,,,,,,,,,,,,,72,1 +com.google.gson,,,39,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,25,14 +com.hubspot.jinjava,2,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,2,,,,,,,, +com.jcraft.jsch,1,,1,,,,,,,,,,,,,,,,,,,,,,,,,1,,,,,,,,,,1, +com.mitchellbosecke.pebble,2,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,2,,,,,,,, +com.opensymphony.xwork2.ognl,3,,,,,,,,,,,,,,,,,3,,,,,,,,,,,,,,,,,,,,, +com.rabbitmq.client,,21,7,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,21,7, +com.thoughtworks.xstream,1,,,,,,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,, +com.unboundid.ldap.sdk,17,,,,,,,,,,,,,,17,,,,,,,,,,,,,,,,,,,,,,,, +com.zaxxer.hikari,2,,,,,,,,,,,,,,,,,,,,,,,,,,,2,,,,,,,,,,, +flexjson,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1 +freemarker.cache,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,,,,,, +freemarker.template,7,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,7,,,,,,,, +groovy.lang,26,,,,,,26,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, +groovy.text,1,,,,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, +groovy.util,5,,,,,,5,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, +hudson,44,,16,,2,,,,,,,,,,,,,,36,,,,,,,,,6,,,,,,,,,,16, +io.jsonwebtoken,,2,4,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,2,4, +io.netty.bootstrap,3,,,,,,,,,,,,,,,,,,,,,,,,,,,3,,,,,,,,,,, +io.netty.buffer,,,207,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,130,77 +io.netty.channel,9,2,,,,,,,,,,,,,,,,,,,,,,,,,,9,,,,,,,,,2,, +io.netty.handler.codec,4,13,259,,,,,,,,,,,,,,,,1,,,,,,,,,3,,,,,,,,,13,143,116 +io.netty.handler.ssl,4,,,,,,,,,,,,,,,,,,4,,,,,,,,,,,,,,,,,,,, +io.netty.handler.stream,1,,,,,,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,, +io.netty.resolver,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1, +io.netty.util,2,,23,,,,,,,,,,,,,,,,1,,,,,,,,,1,,,,,,,,,,21,2 +jakarta.faces.context,2,7,,,,,,,2,,,,,,,,,,,,,,,,,,,,,,,,,,,,7,, +jakarta.json,,,123,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,100,23 +jakarta.ws.rs.client,1,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,,,,,,,,, +jakarta.ws.rs.container,,9,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,9,, +jakarta.ws.rs.core,2,,149,,,,,,,,,,,,,,,,,,,,,,,,,,,,,2,,,,,,94,55 +java.awt,,,3,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,3 +java.beans,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1, +java.io,49,,45,,22,,,,,,,,,,,,,,27,,,,,,,,,,,,,,,,,,,43,2 +java.lang,18,,92,,,,,,,,,,,,,8,,,5,,,4,,,1,,,,,,,,,,,,,56,36 +java.net,13,3,20,,,,,,,,,,,,,,,,,,,,,,,,,13,,,,,,,,,3,20, +java.nio,47,,35,,3,,,,,,,,,,,,,,44,,,,,,,,,,,,,,,,,,,35, +java.sql,13,,3,,,,,,,,,,,,,,,,,,,,,,,,,4,,9,,,,,,,,2,1 +java.util,44,,484,,,,,,,,,,,,,34,,,,,,,5,2,,1,2,,,,,,,,,,,44,440 +javafx.scene.web,1,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,,,,,,,,, +javax.faces.context,2,7,,,,,,,2,,,,,,,,,,,,,,,,,,,,,,,,,,,,7,, +javax.imageio.stream,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1, +javax.jms,,9,57,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,9,57, +javax.json,,,123,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,100,23 +javax.management.remote,2,,,,,,,,,,,,2,,,,,,,,,,,,,,,,,,,,,,,,,, +javax.naming,7,,1,,,,,,,,,,6,,1,,,,,,,,,,,,,,,,,,,,,,,1, +javax.net.ssl,2,,,,,,,2,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, +javax.script,1,,,,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,, +javax.servlet,5,21,2,,,,,,,1,,,,,,,,,1,,,,,,,,,,3,,,,,,,,21,2, +javax.validation,1,1,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,, +javax.ws.rs.client,1,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,,,,,,,,, +javax.ws.rs.container,,9,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,9,, +javax.ws.rs.core,3,,149,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,2,,,,,,94,55 +javax.xml.transform,2,,6,,,,,,,,,,,,,,,,1,,,,,,,,,,,,,,,1,,,,6, +javax.xml.xpath,3,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,3,,,,,, +jodd.json,,,10,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,10 +kotlin,16,,1847,,,,,,,,,,,,,,,,14,,,,,,,,,2,,,,,,,,,,1836,11 +net.sf.saxon.s9api,5,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,5,,,,, +ognl,6,,,,,,,,,,,,,,,,,6,,,,,,,,,,,,,,,,,,,,, +okhttp3,4,,48,,,,,,,,,,,,,,,,,,,,,,,,,4,,,,,,,,,,23,25 +org.antlr.runtime,1,,,,,,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,, +org.apache.commons.codec,,,6,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,6, +org.apache.commons.collections,,,800,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,17,783 +org.apache.commons.collections4,,,800,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,17,783 +org.apache.commons.compress.archivers.tar,,,4,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,4, +org.apache.commons.httpclient.util,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1, +org.apache.commons.io,111,,560,,2,,,,,,,,,,,,,,94,,,,,,,,,15,,,,,,,,,,546,14 +org.apache.commons.jelly,6,,,,,,,,,,,,,,,,,,,,,,,,,,,6,,,,,,,,,,, +org.apache.commons.jexl2,15,,,,,,,,,,,15,,,,,,,,,,,,,,,,,,,,,,,,,,, +org.apache.commons.jexl3,15,,,,,,,,,,,15,,,,,,,,,,,,,,,,,,,,,,,,,,, +org.apache.commons.lang3,6,,424,,,,,,,,,,,,,,,,,,6,,,,,,,,,,,,,,,,,293,131 +org.apache.commons.logging,6,,,,,,,,,,,,,,,6,,,,,,,,,,,,,,,,,,,,,,, +org.apache.commons.net,9,12,,,,,,,,,,,,,,,,,3,,,,,,,,,6,,,,,,,,,12,, +org.apache.commons.ognl,6,,,,,,,,,,,,,,,,,6,,,,,,,,,,,,,,,,,,,,, +org.apache.commons.text,,,272,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,220,52 +org.apache.directory.ldap.client.api,1,,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,,,, +org.apache.hadoop.fs,,,10,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,10, +org.apache.hadoop.hive.metastore,3,,,,,,,,,,,,,,,,,,,,,,,,,,,,,3,,,,,,,,, +org.apache.hc.client5.http.async.methods,84,,,,,,,,,,,,,,,,,,,,,,,,,,,84,,,,,,,,,,, +org.apache.hc.client5.http.classic.methods,37,,,,,,,,,,,,,,,,,,,,,,,,,,,37,,,,,,,,,,, +org.apache.hc.client5.http.fluent,19,,,,,,,,,,,,,,,,,,,,,,,,,,,19,,,,,,,,,,, +org.apache.hc.core5.benchmark,1,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,,,,,,,,, +org.apache.hc.core5.function,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1, +org.apache.hc.core5.http,73,2,45,,,,,,1,,,,,,,,,,,,,,,,,,,72,,,,,,,,,2,45, +org.apache.hc.core5.net,,,18,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,18, +org.apache.hc.core5.util,,,24,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,18,6 +org.apache.hive.hcatalog.templeton,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,,,,,,, +org.apache.http,48,3,94,,,,,,2,,,,,,,,,,,,,,,,,,,46,,,,,,,,,3,86,8 +org.apache.ibatis.jdbc,6,,57,,,,,,,,,,,,,,,,,,,,,,,,,,,6,,,,,,,,57, +org.apache.log4j,11,,,,,,,,,,,,,,,11,,,,,,,,,,,,,,,,,,,,,,, +org.apache.logging.log4j,359,,8,,,,,,,,,,,,,359,,,,,,,,,,,,,,,,,,,,,,4,4 +org.apache.shiro.codec,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1, +org.apache.shiro.jndi,1,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,,,,,, +org.apache.tools.ant,11,,,,,,,,,,,,,,,,,,11,,,,,,,,,,,,,,,,,,,, +org.apache.tools.zip,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1, +org.apache.velocity.app,4,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,4,,,,,,,, +org.apache.velocity.runtime,4,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,4,,,,,,,, +org.codehaus.cargo.container.installer,3,,,,,,,,,,,,,,,,,,2,,,,,,,,,1,,,,,,,,,,, +org.codehaus.groovy.control,1,,,,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, +org.dom4j,20,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,20,,,,,, +org.eclipse.jetty.client,1,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,,,,,,,,, +org.fusesource.leveldbjni,1,,,,,,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,, +org.geogebra.web.full.main,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,,,,, +org.hibernate,7,,,,,,,,,,,,,,,,,,,,,,,,,,,,,7,,,,,,,,, +org.influxdb,1,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,,,,,,,,, +org.jboss.logging,324,,,,,,,,,,,,,,,324,,,,,,,,,,,,,,,,,,,,,,, +org.jdbi.v3.core,6,,,,,,,,,,,,,,,,,,,,,,,,,,,6,,,,,,,,,,, +org.jooq,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,,,,,,, +org.json,,,236,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,198,38 +org.kohsuke.stapler,3,,1,,,,,,,,,,,,,,,,1,,,,,,,,,1,,,,1,,,,,,1, +org.mvel2,16,,,,,,,,,,,,,,,,16,,,,,,,,,,,,,,,,,,,,,, +org.openjdk.jmh.runner.options,1,,,,,,,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,, +org.scijava.log,13,,,,,,,,,,,,,,,13,,,,,,,,,,,,,,,,,,,,,,, +org.slf4j,55,,6,,,,,,,,,,,,,55,,,,,,,,,,,,,,,,,,,,,,2,4 +org.springframework.beans,,,30,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,30 +org.springframework.boot.jdbc,1,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,,,,,,,,, +org.springframework.cache,,,13,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,13 +org.springframework.context,,,3,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,3, +org.springframework.core.io,2,,,,,,,,,,,,,,,,,,1,,,,,,,,,1,,,,,,,,,,, +org.springframework.data.repository,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1 +org.springframework.http,14,,71,,,,,,,,,,,,,,,,,,,,,,,,,14,,,,,,,,,,61,10 +org.springframework.jdbc.core,19,,,,,,,,,,,,,,,,,,,,,,,,,,,,,19,,,,,,,,, +org.springframework.jdbc.datasource,4,,,,,,,,,,,,,,,,,,,,,,,,,,,4,,,,,,,,,,, +org.springframework.jdbc.object,9,,,,,,,,,,,,,,,,,,,,,,,,,,,,,9,,,,,,,,, +org.springframework.jndi,1,,,,,,,,,,,,1,,,,,,,,,,,,,,,,,,,,,,,,,, +org.springframework.ldap,47,,,,,,,,,,,,33,,14,,,,,,,,,,,,,,,,,,,,,,,, +org.springframework.security.web.savedrequest,,6,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,6,, +org.springframework.ui,,,32,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,32 +org.springframework.util,3,,142,,,,,,,,,,,,,,,,3,,,,,,,,,,,,,,,,,,,90,52 +org.springframework.validation,,,13,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,13, +org.springframework.web.client,13,3,,,,,,,,,,,,,,,,,,,,,,,,,,13,,,,,,,,,3,, +org.springframework.web.context.request,,8,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,8,, +org.springframework.web.multipart,,12,13,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,12,13, +org.springframework.web.reactive.function.client,2,,,,,,,,,,,,,,,,,,,,,,,,,,,2,,,,,,,,,,, +org.springframework.web.util,,,165,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,140,25 +org.thymeleaf,2,,2,,,,,,,,,,,,,,,,,,,,,,,,,,,,2,,,,,,,2, +org.xml.sax,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1, +org.xmlpull.v1,,3,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,3,, +org.yaml.snakeyaml,,,1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,1, +play.libs.ws,2,,,,,,,,,,,,,,,,,,,,,,,,,,,2,,,,,,,,,,, +play.mvc,,13,24,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,13,24, +ratpack.core.form,,,3,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,3, +ratpack.core.handling,,6,4,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,6,4, +ratpack.core.http,,10,10,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,10,10, +ratpack.exec,,,48,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,48 +ratpack.form,,,3,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,3, +ratpack.func,,,35,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,35 +ratpack.handling,,6,4,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,6,4, +ratpack.http,,10,10,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,10,10, +ratpack.util,,,35,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,35 +retrofit2,1,,,,,,,,,,,,,,,,,,,,,,,,,,,1,,,,,,,,,,, diff --git a/java/documentation/library-coverage/coverage.rst b/java/documentation/library-coverage/coverage.rst index f880c81f642..ffd3ce0ed91 100644 --- a/java/documentation/library-coverage/coverage.rst +++ b/java/documentation/library-coverage/coverage.rst @@ -6,22 +6,22 @@ Java framework & library support :class: fullWidthTable :widths: auto - Framework / library,Package,Flow sources,Taint & value steps,Sinks (total),`CWE‑022` :sub:`Path injection`,`CWE‑079` :sub:`Cross-site scripting`,`CWE‑089` :sub:`SQL injection`,`CWE‑090` :sub:`LDAP injection`,`CWE‑094` :sub:`Code injection`,`CWE‑319` :sub:`Cleartext transmission` + Framework / library,Package,Flow sources,Taint & value steps,Sinks (total),`CWE‑022` :sub:`Path injection`,`CWE‑079` :sub:`Cross-site scripting`,`CWE‑089` :sub:`SQL injection`,`CWE‑090` :sub:`LDAP injection`,`CWE‑094` :sub:`Code injection`,`CWE‑918` :sub:`Request Forgery` Android,``android.*``,52,481,138,,3,67,,, Android extensions,``androidx.*``,5,183,19,,,,,, `Apache Commons Collections `_,"``org.apache.commons.collections``, ``org.apache.commons.collections4``",,1600,,,,,,, - `Apache Commons IO `_,``org.apache.commons.io``,,560,111,93,,,,,15 + `Apache Commons IO `_,``org.apache.commons.io``,,560,111,94,,,,,15 `Apache Commons Lang `_,``org.apache.commons.lang3``,,424,6,,,,,, `Apache Commons Text `_,``org.apache.commons.text``,,272,,,,,,, `Apache HttpComponents `_,"``org.apache.hc.core5.*``, ``org.apache.http``",5,182,122,,3,,,,119 `Apache Log4j 2 `_,``org.apache.logging.log4j``,,8,359,,,,,, - `Google Guava `_,``com.google.common.*``,,730,41,2,,,,, + `Google Guava `_,``com.google.common.*``,,730,41,7,,,,, JBoss Logging,``org.jboss.logging``,,,324,,,,,, `JSON-java `_,``org.json``,,236,,,,,,, - Java Standard Library,``java.*``,3,679,168,39,,9,,,13 - Java extensions,"``javax.*``, ``jakarta.*``",63,611,34,1,4,,1,1,2 - Kotlin Standard Library,``kotlin*``,,1843,16,11,,,,,2 - `Spring `_,``org.springframework.*``,29,483,104,2,,19,14,,29 - Others,"``cn.hutool.core.codec``, ``com.esotericsoftware.kryo.io``, ``com.esotericsoftware.kryo5.io``, ``com.fasterxml.jackson.core``, ``com.fasterxml.jackson.databind``, ``com.hubspot.jinjava``, ``com.mitchellbosecke.pebble``, ``com.opensymphony.xwork2.ognl``, ``com.rabbitmq.client``, ``com.thoughtworks.xstream``, ``com.unboundid.ldap.sdk``, ``com.zaxxer.hikari``, ``flexjson``, ``freemarker.cache``, ``freemarker.template``, ``groovy.lang``, ``groovy.util``, ``hudson``, ``io.jsonwebtoken``, ``io.netty.bootstrap``, ``io.netty.buffer``, ``io.netty.channel``, ``io.netty.handler.codec``, ``io.netty.handler.ssl``, ``io.netty.handler.stream``, ``io.netty.resolver``, ``io.netty.util``, ``javafx.scene.web``, ``jodd.json``, ``net.sf.saxon.s9api``, ``ognl``, ``okhttp3``, ``org.apache.commons.codec``, ``org.apache.commons.compress.archivers.tar``, ``org.apache.commons.httpclient.util``, ``org.apache.commons.jelly``, ``org.apache.commons.jexl2``, ``org.apache.commons.jexl3``, ``org.apache.commons.logging``, ``org.apache.commons.ognl``, ``org.apache.directory.ldap.client.api``, ``org.apache.hadoop.hive.metastore``, ``org.apache.hc.client5.http.async.methods``, ``org.apache.hc.client5.http.classic.methods``, ``org.apache.hc.client5.http.fluent``, ``org.apache.hive.hcatalog.templeton``, ``org.apache.ibatis.jdbc``, ``org.apache.log4j``, ``org.apache.shiro.codec``, ``org.apache.shiro.jndi``, ``org.apache.tools.ant``, ``org.apache.tools.zip``, ``org.apache.velocity.app``, ``org.apache.velocity.runtime``, ``org.codehaus.cargo.container.installer``, ``org.codehaus.groovy.control``, ``org.dom4j``, ``org.eclipse.jetty.client``, ``org.geogebra.web.full.main``, ``org.hibernate``, ``org.jdbi.v3.core``, ``org.jooq``, ``org.kohsuke.stapler``, ``org.mvel2``, ``org.openjdk.jmh.runner.options``, ``org.scijava.log``, ``org.slf4j``, ``org.thymeleaf``, ``org.xml.sax``, ``org.xmlpull.v1``, ``play.mvc``, ``ratpack.core.form``, ``ratpack.core.handling``, ``ratpack.core.http``, ``ratpack.exec``, ``ratpack.form``, ``ratpack.func``, ``ratpack.handling``, ``ratpack.http``, ``ratpack.util``, ``retrofit2``",77,817,506,26,,18,18,,175 - Totals,,234,9109,1948,174,10,113,33,1,355 + Java Standard Library,``java.*``,3,683,184,76,,9,,,17 + Java extensions,"``javax.*``, ``jakarta.*``",63,611,34,2,4,,1,1,2 + Kotlin Standard Library,``kotlin*``,,1847,16,14,,,,,2 + `Spring `_,``org.springframework.*``,29,483,115,4,,28,14,,35 + Others,"``cn.hutool.core.codec``, ``com.alibaba.druid.sql``, ``com.esotericsoftware.kryo.io``, ``com.esotericsoftware.kryo5.io``, ``com.fasterxml.jackson.core``, ``com.fasterxml.jackson.databind``, ``com.google.gson``, ``com.hubspot.jinjava``, ``com.jcraft.jsch``, ``com.mitchellbosecke.pebble``, ``com.opensymphony.xwork2.ognl``, ``com.rabbitmq.client``, ``com.thoughtworks.xstream``, ``com.unboundid.ldap.sdk``, ``com.zaxxer.hikari``, ``flexjson``, ``freemarker.cache``, ``freemarker.template``, ``groovy.lang``, ``groovy.text``, ``groovy.util``, ``hudson``, ``io.jsonwebtoken``, ``io.netty.bootstrap``, ``io.netty.buffer``, ``io.netty.channel``, ``io.netty.handler.codec``, ``io.netty.handler.ssl``, ``io.netty.handler.stream``, ``io.netty.resolver``, ``io.netty.util``, ``javafx.scene.web``, ``jodd.json``, ``net.sf.saxon.s9api``, ``ognl``, ``okhttp3``, ``org.antlr.runtime``, ``org.apache.commons.codec``, ``org.apache.commons.compress.archivers.tar``, ``org.apache.commons.httpclient.util``, ``org.apache.commons.jelly``, ``org.apache.commons.jexl2``, ``org.apache.commons.jexl3``, ``org.apache.commons.logging``, ``org.apache.commons.net``, ``org.apache.commons.ognl``, ``org.apache.directory.ldap.client.api``, ``org.apache.hadoop.fs``, ``org.apache.hadoop.hive.metastore``, ``org.apache.hc.client5.http.async.methods``, ``org.apache.hc.client5.http.classic.methods``, ``org.apache.hc.client5.http.fluent``, ``org.apache.hive.hcatalog.templeton``, ``org.apache.ibatis.jdbc``, ``org.apache.log4j``, ``org.apache.shiro.codec``, ``org.apache.shiro.jndi``, ``org.apache.tools.ant``, ``org.apache.tools.zip``, ``org.apache.velocity.app``, ``org.apache.velocity.runtime``, ``org.codehaus.cargo.container.installer``, ``org.codehaus.groovy.control``, ``org.dom4j``, ``org.eclipse.jetty.client``, ``org.fusesource.leveldbjni``, ``org.geogebra.web.full.main``, ``org.hibernate``, ``org.influxdb``, ``org.jdbi.v3.core``, ``org.jooq``, ``org.kohsuke.stapler``, ``org.mvel2``, ``org.openjdk.jmh.runner.options``, ``org.scijava.log``, ``org.slf4j``, ``org.thymeleaf``, ``org.xml.sax``, ``org.xmlpull.v1``, ``org.yaml.snakeyaml``, ``play.libs.ws``, ``play.mvc``, ``ratpack.core.form``, ``ratpack.core.handling``, ``ratpack.core.http``, ``ratpack.exec``, ``ratpack.form``, ``ratpack.func``, ``ratpack.handling``, ``ratpack.http``, ``ratpack.util``, ``retrofit2``",98,894,528,66,,18,18,,195 + Totals,,255,9194,1997,263,10,122,33,1,385 diff --git a/java/documentation/library-coverage/cwe-sink.csv b/java/documentation/library-coverage/cwe-sink.csv index a4e2f5b9af9..16fff1e653b 100644 --- a/java/documentation/library-coverage/cwe-sink.csv +++ b/java/documentation/library-coverage/cwe-sink.csv @@ -1,7 +1,7 @@ CWE,Sink identifier,Label -CWE‑089,sql,SQL injection -CWE‑022,create-file,Path injection +CWE‑089,sql-injection,SQL injection +CWE‑022,path-injection,Path injection CWE‑094,bean-validation,Code injection -CWE‑319,open-url,Cleartext transmission -CWE‑079,xss,Cross-site scripting -CWE‑090,ldap,LDAP injection +CWE‑918,request-forgery,Request Forgery +CWE‑079,html-injection js-injection,Cross-site scripting +CWE‑090,ldap-injection,LDAP injection diff --git a/java/kotlin-explorer/.gitignore b/java/kotlin-explorer/.gitignore deleted file mode 100644 index 9c076360bbb..00000000000 --- a/java/kotlin-explorer/.gitignore +++ /dev/null @@ -1,10 +0,0 @@ -.classpath -.gradle -.idea -.project -.settings -bin/ -build/ -gradle/ -gradlew -gradlew.bat diff --git a/java/kotlin-explorer/README b/java/kotlin-explorer/README deleted file mode 100644 index 0f500d7c25b..00000000000 --- a/java/kotlin-explorer/README +++ /dev/null @@ -1,9 +0,0 @@ - -This shows what is encoded in the kotlin.Metadata section shown in the -output of `javap -v SomeKotlinClass`. - -It is not currently able to extract the information from .class files -itself; the values are hard coded in src/main/kotlin/Explorer.kt - -Run `gradle run` in this directory to run it. - diff --git a/java/kotlin-explorer/build.gradle b/java/kotlin-explorer/build.gradle deleted file mode 100644 index b122d811d4f..00000000000 --- a/java/kotlin-explorer/build.gradle +++ /dev/null @@ -1,28 +0,0 @@ -plugins { - id 'org.jetbrains.kotlin.jvm' version "${kotlinVersion}" - id 'org.jetbrains.dokka' version '1.4.32' - id "com.vanniktech.maven.publish" version '0.15.1' - id 'application' -} - -group 'com.github.codeql' -version '0.0.1' - -dependencies { - implementation "org.jetbrains.kotlin:kotlin-stdlib" - implementation "org.jetbrains.kotlinx:kotlinx-metadata-jvm:0.3.0" -} - -repositories { - mavenCentral() -} - -tasks.withType(org.jetbrains.kotlin.gradle.tasks.KotlinCompile).configureEach { - kotlinOptions { - jvmTarget = "1.8" - } -} - -application { - mainClass = 'com.github.codeql.ExplorerKt' -} diff --git a/java/kotlin-explorer/gradle.properties b/java/kotlin-explorer/gradle.properties deleted file mode 100644 index 0854241bcda..00000000000 --- a/java/kotlin-explorer/gradle.properties +++ /dev/null @@ -1,7 +0,0 @@ -kotlin.code.style=official -kotlinVersion=1.5.21 - -GROUP=com.github.codeql -VERSION_NAME=0.0.1 -POM_DESCRIPTION=CodeQL Kotlin explorer - diff --git a/java/kotlin-explorer/settings.gradle b/java/kotlin-explorer/settings.gradle deleted file mode 100644 index 18f679f7b75..00000000000 --- a/java/kotlin-explorer/settings.gradle +++ /dev/null @@ -1,8 +0,0 @@ -pluginManagement { - repositories { - mavenCentral() - gradlePluginPortal() - } -} - -rootProject.name = 'codeql-kotlin-explorer' diff --git a/java/kotlin-explorer/src/main/kotlin/Explorer.kt b/java/kotlin-explorer/src/main/kotlin/Explorer.kt deleted file mode 100644 index 31c3eb18dcb..00000000000 --- a/java/kotlin-explorer/src/main/kotlin/Explorer.kt +++ /dev/null @@ -1,217 +0,0 @@ -package com.github.codeql -import kotlinx.metadata.internal.metadata.jvm.deserialization.JvmMetadataVersion -import kotlinx.metadata.jvm.* -import kotlinx.metadata.* - -fun main(args : Array) { - /* - Values from `javap -v` on TestKt.class from: - - class MyClass {} - - class MyParamClass {} - - fun f(x: MyClass, y: MyClass?, - l1: MyParamClass, - l2: MyParamClass, - l3: MyParamClass?, - l4: MyParamClass?) { - } - */ - val kind = 2 - val metadataVersion = intArrayOf(1, 5, 1) - val data1 = arrayOf("\u0000\u0018\n\u0000\n\u0002\u0010\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0003\u001aX\u0010\u0000\u001a\u00020\u00012\u0006\u0010\u0002\u001a\u00020\u00032\b\u0010\u0004\u001a\u0004\u0018\u00010\u00032\u000c\u0010\u0005\u001a\b\u0012\u0004\u0012\u00020\u00030\u00062\u000e\u0010\u0007\u001a\n\u0012\u0006\u0012\u0004\u0018\u00010\u00030\u00062\u000e\u0010\b\u001a\n\u0012\u0004\u0012\u00020\u0003\u0018\u00010\u00062\u0010\u0010\t\u001a\u000c\u0012\u0006\u0012\u0004\u0018\u00010\u0003\u0018\u00010\u0006") - val data2 = arrayOf("f","","x","LMyClass;","y","l1","LMyParamClass;","l2","l3","l4") - val extraString = null - val packageName = null - val extraInt = 48 - val kch = KotlinClassHeader(kind, metadataVersion, data1, data2, extraString, packageName, extraInt) - - val md = KotlinClassMetadata.read(kch) - when (md) { - is KotlinClassMetadata.Class -> println("Metadata for Class not yet supported") - is KotlinClassMetadata.FileFacade -> { - println("Metadata for FileFacade:") - val kmp = md.toKmPackage() - kmp.accept(MyPackageVisitor(0)) - } - is KotlinClassMetadata.SyntheticClass -> println("Metadata for SyntheticClass not yet supported") - is KotlinClassMetadata.MultiFileClassFacade -> println("Metadata for MultiFileClassFacade not yet supported") - is KotlinClassMetadata.MultiFileClassPart -> println("Metadata for MultiFileClassPart not yet supported") - is KotlinClassMetadata.Unknown -> println("Unknown kind") - else -> println("Unexpected kind") - } -} - -fun pr(indent: Int, s: String) { - println(" ".repeat(indent) + s) -} - -class MyPackageVisitor(val indent: Int): KmPackageVisitor() { - override fun visitFunction(flags: Flags, name: String): KmFunctionVisitor? { - pr(indent, "=> Function; flags:$flags, name:$name") - return MyFunctionVisitor(indent + 1) - } - - override fun visitProperty(flags: Flags, name: String, getterFlags: Flags, setterFlags: Flags): KmPropertyVisitor? { - pr(indent, "=> Properties not yet handled") - return null - } - - override fun visitTypeAlias(flags: Flags, name: String): KmTypeAliasVisitor? { - pr(indent, "=> Type aliases not yet handled") - return null - } - - override fun visitExtensions(type: KmExtensionType): KmPackageExtensionVisitor? { - pr(indent, "=> Package extensions; type:$type") - when (type) { - JvmPackageExtensionVisitor.TYPE -> return MyJvmPackageExtensionVisitor(indent + 1) - else -> { - pr(indent, "- Not yet handled") - return null - } - } - } -} - -class MyFunctionVisitor(val indent: Int): KmFunctionVisitor() { - override fun visitTypeParameter(flags: Flags, name: String, id: Int, variance: KmVariance): KmTypeParameterVisitor? { - pr(indent, "=> Type parameter; flags:$flags, name:$name, id:$id, variance:$variance") - pr(indent, " -> Not yet handled") - return null - } - override fun visitReceiverParameterType(flags: Flags): KmTypeVisitor? { - pr(indent, "=> Receiver parameter type; flags:$flags") - pr(indent, " -> Not yet handled") - return null - } - - override fun visitValueParameter(flags: Flags, name: String): KmValueParameterVisitor? { - pr(indent, "=> Value parameter; flags:$flags, name:$name") - return MyValueParameterVisitor(indent + 1) - } - - override fun visitReturnType(flags: Flags): KmTypeVisitor? { - pr(indent, "=> Return type; flags:$flags") - return MyTypeVisitor(indent + 1) - } - - override fun visitVersionRequirement(): KmVersionRequirementVisitor? { - pr(indent, "=> VersionRequirement not yet handled") - return null - } - - override fun visitContract(): KmContractVisitor? { - pr(indent, "=> Contract not yet handled") - return null - } - - override fun visitExtensions(type: KmExtensionType): KmFunctionExtensionVisitor? { - pr(indent, "=> Function extensions; type:$type") - when (type) { - JvmFunctionExtensionVisitor.TYPE -> return MyJvmFunctionExtensionVisitor(indent + 1) - else -> { - pr(indent, "- Not yet handled") - return null - } - } - } -} - -class MyValueParameterVisitor(val indent: Int): KmValueParameterVisitor() { - override fun visitType(flags: Flags): KmTypeVisitor? { - pr(indent, "=> Type; flags:$flags") - return MyTypeVisitor(indent + 1) - } - - override fun visitVarargElementType(flags: Flags): KmTypeVisitor? { - pr(indent, "=> VarargElementType not yet handled") - return null - } - - override fun visitExtensions(type: KmExtensionType): KmValueParameterExtensionVisitor? { - pr(indent, "=> Value parameter extensions; type:$type; not yet handled") - return null - } -} - -class MyTypeVisitor(val indent: Int): KmTypeVisitor() { - override fun visitClass(name: ClassName) { - pr(indent, "=> Class; name:$name") - } - - override fun visitTypeAlias(name: ClassName) { - pr(indent, "=> Type alias; name:$name") - } - - override fun visitTypeParameter(id: Int) { - pr(indent, "=> Type parameter; id:$id") - } - - override fun visitArgument(flags: Flags, variance: KmVariance): KmTypeVisitor? { - pr(indent, "=> Argument; flags:$flags, variance:$variance") - return MyTypeVisitor(indent + 1) - } - - override fun visitStarProjection() { - pr(indent, "=> Star projection") - } - - override fun visitAbbreviatedType(flags: Flags): KmTypeVisitor? { - pr(indent, "=> AbbreviatedType not yet handled") - return null - } - - override fun visitOuterType(flags: Flags): KmTypeVisitor? { - pr(indent, "=> OuterType not yet handled") - return null - } - - override fun visitFlexibleTypeUpperBound(flags: Flags, typeFlexibilityId: String?): KmTypeVisitor? { - pr(indent, "=> FlexibleTypeUpperBound not yet handled") - return null - } - - override fun visitExtensions(type: KmExtensionType): KmTypeExtensionVisitor? { - pr(indent, "=> Type extensions; type:$type") - when (type) { - JvmTypeExtensionVisitor.TYPE -> return MyJvmTypeExtensionVisitor(indent + 1) - else -> { - pr(indent, "- Not yet handled") - return null - } - } - } -} - -class MyJvmTypeExtensionVisitor(val indent: Int): JvmTypeExtensionVisitor() { - override fun visit(isRaw: Boolean) { - pr(indent, "=> isRaw:$isRaw") - } - - override fun visitAnnotation(annotation: KmAnnotation) { - pr(indent, "=> Annotation; annotation:$annotation") - } -} - -class MyJvmPackageExtensionVisitor(val indent: Int): JvmPackageExtensionVisitor() { - override fun visitLocalDelegatedProperty(flags: Flags, name: String, getterFlags: Flags, setterFlags: Flags): KmPropertyVisitor? { - pr(indent, "=> Local delegate not yet handled") - return null - } - - override fun visitModuleName(name: String) { - pr(indent, "=> Module name; name:$name") - } -} - -class MyJvmFunctionExtensionVisitor(val indent: Int): JvmFunctionExtensionVisitor() { - override fun visit(signature: JvmMethodSignature?) { - pr(indent, "=> signature:$signature") - } - - override fun visitLambdaClassOriginName(internalName: String) { - pr(indent, "=> LambdaClassOriginName; internalName:$internalName") - } -} diff --git a/java/kotlin-extractor/build.py b/java/kotlin-extractor/build.py index b52ff05b00e..2735f6af1c1 100755 --- a/java/kotlin-extractor/build.py +++ b/java/kotlin-extractor/build.py @@ -80,25 +80,37 @@ def run_process(cmd, capture_output=False): errors='replace'), file=sys.stderr) raise e +def write_arg_file(arg_file, args): + with open(arg_file, 'w') as f: + for arg in args: + if "'" in arg: + raise Exception('Single quote in argument: ' + arg) + f.write("'" + arg.replace('\\', '/') + "'\n") -def compile_to_dir(srcs, classpath, java_classpath, output): +def compile_to_dir(build_dir, srcs, classpath, java_classpath, output): # Use kotlinc to compile .kt files: + kotlin_arg_file = build_dir + '/kotlin.args' + kotlin_args = ['-Werror', + '-opt-in=kotlin.RequiresOptIn', + '-d', output, + '-module-name', 'codeql-kotlin-extractor', + '-no-reflect', '-no-stdlib', + '-jvm-target', '1.8', + '-classpath', classpath] + srcs + write_arg_file(kotlin_arg_file, kotlin_args) run_process([kotlinc, - # kotlinc can default to 256M, which isn't enough when we are extracting the build - '-J-Xmx2G', - '-Werror', - '-opt-in=kotlin.RequiresOptIn', - '-d', output, - '-module-name', 'codeql-kotlin-extractor', - '-no-reflect', '-no-stdlib', - '-jvm-target', '1.8', - '-classpath', classpath] + srcs) + # kotlinc can default to 256M, which isn't enough when we are extracting the build + '-J-Xmx2G', + '@' + kotlin_arg_file]) # Use javac to compile .java files, referencing the Kotlin class files: - run_process([javac, - '-d', output, + java_arg_file = build_dir + '/java.args' + java_args = ['-d', output, '-source', '8', '-target', '8', - '-classpath', os.path.pathsep.join([output, classpath, java_classpath])] + [s for s in srcs if s.endswith(".java")]) + '-classpath', os.path.pathsep.join([output, classpath, java_classpath])] \ + + [s for s in srcs if s.endswith(".java")] + write_arg_file(java_arg_file, java_args) + run_process([javac, '@' + java_arg_file]) def compile_to_jar(build_dir, tmp_src_dir, srcs, classpath, java_classpath, output): @@ -108,7 +120,7 @@ def compile_to_jar(build_dir, tmp_src_dir, srcs, classpath, java_classpath, outp shutil.rmtree(class_dir) os.makedirs(class_dir) - compile_to_dir(srcs, classpath, java_classpath, class_dir) + compile_to_dir(build_dir, srcs, classpath, java_classpath, class_dir) run_process(['jar', 'cf', output, '-C', class_dir, '.', diff --git a/java/kotlin-extractor/kotlin_plugin_versions.py b/java/kotlin-extractor/kotlin_plugin_versions.py index 4583551e12d..bf1c211073a 100755 --- a/java/kotlin-extractor/kotlin_plugin_versions.py +++ b/java/kotlin-extractor/kotlin_plugin_versions.py @@ -24,8 +24,7 @@ def version_string_to_tuple(version): # Version number used by CI. ci_version = '1.8.10' -# Version numbers in the list need to be in semantically increasing order -many_versions = [ '1.4.32', '1.5.0', '1.5.10', '1.5.20', '1.5.30', '1.6.0', '1.6.20', '1.7.0', '1.7.20', '1.8.0' ] +many_versions = [ '1.4.32', '1.5.0', '1.5.10', '1.5.20', '1.5.30', '1.6.0', '1.6.20', '1.7.0', '1.7.20', '1.8.0', '1.9.0-Beta' ] many_versions_tuples = [version_string_to_tuple(v) for v in many_versions] @@ -42,18 +41,13 @@ def get_single_version(fakeVersionOutput = None): if m is None: raise Exception('Cannot detect version of kotlinc (got ' + str(versionOutput) + ')') current_version = version_string_to_tuple(m.group(1)) - matching_minor_versions = [ version for version in many_versions_tuples if version[0:2] == current_version[0:2] ] - if len(matching_minor_versions) == 0: - raise Exception(f'Cannot find a matching minor version for kotlinc version {current_version} (got {versionOutput}; know about {str(many_versions)})') - matching_minor_versions.sort(reverse = True) + many_versions_tuples.sort(reverse = True) - for version in matching_minor_versions: + for version in many_versions_tuples: if version[0:3] <= current_version[0:3]: return version_tuple_to_string(version) - return version_tuple_to_string(matching_minor_versions[-1]) - raise Exception(f'No suitable kotlinc version found for {current_version} (got {versionOutput}; know about {str(many_versions)})') def get_latest_url(): diff --git a/java/kotlin-extractor/src/main/java/com/semmle/extractor/java/OdasaOutput.java b/java/kotlin-extractor/src/main/java/com/semmle/extractor/java/OdasaOutput.java index bd667f79a99..a1cc667dd43 100644 --- a/java/kotlin-extractor/src/main/java/com/semmle/extractor/java/OdasaOutput.java +++ b/java/kotlin-extractor/src/main/java/com/semmle/extractor/java/OdasaOutput.java @@ -50,13 +50,9 @@ import com.semmle.util.trap.dependencies.TrapSet; import com.semmle.util.trap.pathtransformers.PathTransformer; public class OdasaOutput { - // either these are set ... private final File trapFolder; private final File sourceArchiveFolder; - // ... or this one is set - private final PopulationSpecFile specFile; - private File currentSourceFile; private TrapSet trapsCreated; private TrapDependencies trapDependenciesForSource; @@ -72,29 +68,21 @@ public class OdasaOutput { OdasaOutput(File outputRoot, Logger log) { this.trapFolder = new File(outputRoot, "trap"); this.sourceArchiveFolder = new File(outputRoot, "src_archive"); - this.specFile = null; this.trackClassOrigins = false; this.log = log; } public OdasaOutput(boolean trackClassOrigins, Logger log) { String trapFolderVar = Env.systemEnv().getFirstNonEmpty("CODEQL_EXTRACTOR_JAVA_TRAP_DIR", Var.TRAP_FOLDER.name()); - if (trapFolderVar != null) { - String sourceArchiveVar = Env.systemEnv().getFirstNonEmpty("CODEQL_EXTRACTOR_JAVA_SOURCE_ARCHIVE_DIR", Var.SOURCE_ARCHIVE.name()); - if (sourceArchiveVar == null) - throw new ResourceError(Var.TRAP_FOLDER + " was set to '" + trapFolderVar + "', but " - + Var.SOURCE_ARCHIVE + " was not set"); - this.trapFolder = new File(trapFolderVar); - this.sourceArchiveFolder = new File(sourceArchiveVar); - this.specFile = null; - } else { - this.trapFolder = null; - this.sourceArchiveFolder = null; - String specFileVar = Env.systemEnv().get(Var.ODASA_JAVA_LAYOUT); - if (specFileVar == null) - throw new ResourceError("Neither " + Var.TRAP_FOLDER + " nor " + Var.ODASA_JAVA_LAYOUT + " was set"); - this.specFile = new PopulationSpecFile(new File(specFileVar)); + if (trapFolderVar == null) { + throw new ResourceError("CODEQL_EXTRACTOR_JAVA_TRAP_DIR was not set"); } + String sourceArchiveVar = Env.systemEnv().getFirstNonEmpty("CODEQL_EXTRACTOR_JAVA_SOURCE_ARCHIVE_DIR", Var.SOURCE_ARCHIVE.name()); + if (sourceArchiveVar == null) { + throw new ResourceError("CODEQL_EXTRACTOR_JAVA_SOURCE_ARCHIVE_DIR was not set"); + } + this.trapFolder = new File(trapFolderVar); + this.sourceArchiveFolder = new File(sourceArchiveVar); this.trackClassOrigins = trackClassOrigins; this.log = log; } @@ -123,11 +111,8 @@ public class OdasaOutput { /** The output paths for that file, or null if it shouldn't be included */ private SpecFileEntry entryFor() { - if (specFile != null) - return specFile.getEntryFor(currentSourceFile); - else - return new SpecFileEntry(trapFolder, sourceArchiveFolder, - Arrays.asList(PathTransformer.std().fileAsDatabaseString(currentSourceFile))); + return new SpecFileEntry(trapFolder, sourceArchiveFolder, + Arrays.asList(PathTransformer.std().fileAsDatabaseString(currentSourceFile))); } /* diff --git a/java/kotlin-extractor/src/main/kotlin/KotlinFileExtractor.kt b/java/kotlin-extractor/src/main/kotlin/KotlinFileExtractor.kt index b93bfa369f5..a3bc20d9eda 100644 --- a/java/kotlin-extractor/src/main/kotlin/KotlinFileExtractor.kt +++ b/java/kotlin-extractor/src/main/kotlin/KotlinFileExtractor.kt @@ -366,7 +366,10 @@ open class KotlinFileExtractor( val typeArgs = removeOuterClassTypeArgs(c, argsIncludingOuterClasses) if (typeArgs != null) { - for ((idx, arg) in typeArgs.withIndex()) { + // From 1.9, the list might change when we call erase, + // so we make a copy that it is safe to iterate over. + val typeArgsCopy = typeArgs.toList() + for ((idx, arg) in typeArgsCopy.withIndex()) { val argId = getTypeArgumentLabel(arg).id tw.writeTypeArgs(argId, idx, id) } @@ -5531,7 +5534,7 @@ open class KotlinFileExtractor( return } - val typeOwner = e.typeOperandClassifier.owner + val typeOwner = e.typeOperand.classifierOrFail.owner if (typeOwner !is IrClass) { logger.errorElement("Expected to find SAM conversion to IrClass. Found '${typeOwner.javaClass}' instead. Can't implement SAM interface.", e) return diff --git a/java/kotlin-extractor/src/main/kotlin/KotlinUsesExtractor.kt b/java/kotlin-extractor/src/main/kotlin/KotlinUsesExtractor.kt index c72f094808b..9c552233158 100644 --- a/java/kotlin-extractor/src/main/kotlin/KotlinUsesExtractor.kt +++ b/java/kotlin-extractor/src/main/kotlin/KotlinUsesExtractor.kt @@ -239,8 +239,6 @@ open class KotlinUsesExtractor( return UseClassInstanceResult(classTypeResult, extractClass) } - private fun isArray(t: IrSimpleType) = t.isBoxedArray || t.isPrimitiveArray() - private fun extractClassLaterIfExternal(c: IrClass) { if (isExternalDeclaration(c)) { extractExternalClassLater(c) @@ -551,6 +549,22 @@ open class KotlinUsesExtractor( ) } + /* + Kotlin arrays can be broken down as: + + isArray(t) + |- t.isBoxedArray + | |- t.isArray() e.g. Array, Array + | |- t.isNullableArray() e.g. Array?, Array? + |- t.isPrimitiveArray() e.g. BooleanArray + + For the corresponding Java types: + Boxed arrays are represented as e.g. java.lang.Boolean[]. + Primitive arrays are represented as e.g. boolean[]. + */ + + private fun isArray(t: IrType) = t.isBoxedArray || t.isPrimitiveArray() + data class ArrayInfo(val elementTypeResults: TypeResults, val componentTypeResults: TypeResults, val dimensions: Int) @@ -565,7 +579,7 @@ open class KotlinUsesExtractor( */ private fun useArrayType(t: IrType, isPrimitiveArray: Boolean): ArrayInfo { - if (!t.isBoxedArray && !t.isPrimitiveArray()) { + if (!isArray(t)) { val nullableT = if (t.isPrimitiveType() && !isPrimitiveArray) t.makeNullable() else t val typeResults = useType(nullableT) return ArrayInfo(typeResults, typeResults, 0) @@ -1141,13 +1155,13 @@ open class KotlinUsesExtractor( } } else { t.classOrNull?.let { tCls -> - if (t.isArray() || t.isNullableArray()) { + if (t.isBoxedArray) { (t.arguments.singleOrNull() as? IrTypeProjection)?.let { elementTypeArg -> val elementType = elementTypeArg.type val replacedElementType = kClassToJavaClass(elementType) if (replacedElementType !== elementType) { val newArg = makeTypeProjection(replacedElementType, elementTypeArg.variance) - return tCls.typeWithArguments(listOf(newArg)).codeQlWithHasQuestionMark(t.isNullableArray()) + return tCls.typeWithArguments(listOf(newArg)).codeQlWithHasQuestionMark(t.isNullable()) } } } @@ -1365,7 +1379,7 @@ open class KotlinUsesExtractor( val boundResults = useType(arg.type, TypeContext.GENERIC_ARGUMENT) val boundLabel = boundResults.javaResult.id.cast() - return if(arg.variance == Variance.INVARIANT) + if(arg.variance == Variance.INVARIANT) boundResults.javaResult.cast().forgetSignature() else { val keyPrefix = if (arg.variance == Variance.IN_VARIANCE) "super" else "extends" @@ -1379,7 +1393,7 @@ open class KotlinUsesExtractor( } else -> { logger.error("Unexpected type argument.") - return extractJavaErrorType().forgetSignature() + extractJavaErrorType().forgetSignature() } } } @@ -1450,21 +1464,21 @@ open class KotlinUsesExtractor( fun getTypeParameterParentLabel(param: IrTypeParameter) = param.parent.let { - (it as? IrFunction)?.let { fn -> - if (this is KotlinFileExtractor) - this.declarationStack.findOverriddenAttributes(fn)?.takeUnless { - // When extracting the `static fun f$default(...)` that accompanies `fun f(val x: T? = defaultExpr, ...)`, - // `f$default` has no type parameters, and so there is no `f$default::T` to refer to. - // We have no good way to extract references to `T` in `defaultExpr`, so we just fall back on describing it - // in terms of `f::T`, even though that type variable ought to be out of scope here. - attribs -> attribs.typeParameters?.isEmpty() == true - }?.id - else - null - } ?: when (it) { is IrClass -> useClassSource(it) - is IrFunction -> useFunction(it, noReplace = true) + is IrFunction -> + (if (this is KotlinFileExtractor) + this.declarationStack.findOverriddenAttributes(it)?.takeUnless { + // When extracting the `static fun f$default(...)` that accompanies `fun f(val x: T? = defaultExpr, ...)`, + // `f$default` has no type parameters, and so there is no `f$default::T` to refer to. + // We have no good way to extract references to `T` in `defaultExpr`, so we just fall back on describing it + // in terms of `f::T`, even though that type variable ought to be out of scope here. + attribs -> attribs.typeParameters?.isEmpty() == true + }?.id + else + null + ) ?: + useFunction(it, noReplace = true) else -> { logger.error("Unexpected type parameter parent $it"); null } } } @@ -1578,7 +1592,7 @@ open class KotlinUsesExtractor( } if (owner is IrClass) { - if (t.isArray() || t.isNullableArray()) { + if (t.isBoxedArray) { val elementType = t.getArrayElementType(pluginContext.irBuiltIns) val erasedElementType = erase(elementType) return owner.typeWith(erasedElementType).codeQlWithHasQuestionMark(t.isNullable()) diff --git a/java/ql/integration-tests/all-platforms/java/diagnostics/java-version-too-old/test.py b/java/ql/integration-tests/all-platforms/java/diagnostics/java-version-too-old/test.py index 9def03947b3..1cb00f89f55 100644 --- a/java/ql/integration-tests/all-platforms/java/diagnostics/java-version-too-old/test.py +++ b/java/ql/integration-tests/all-platforms/java/diagnostics/java-version-too-old/test.py @@ -8,6 +8,17 @@ if "JAVA_HOME_8_X64" in os.environ: sep = ";" if platform.system() == "Windows" else ":" os.environ["PATH"] = "".join([os.path.join(os.environ["JAVA_HOME"], "bin"), sep, os.environ["PATH"]]) -run_codeql_database_create([], lang="java", runFunction = runUnsuccessfully, db = None) +# Ensure the autobuilder *doesn't* see Java 11 or 17, which it could switch to in order to build the project: +for k in ["JAVA_HOME_11_X64", "JAVA_HOME_17_X64"]: + if k in os.environ: + del os.environ[k] + +# Use a custom, empty toolchains.xml file so the autobuilder doesn't see any Java versions that may be +# in a system-level toolchains file +toolchains_path = os.path.join(os.getcwd(), 'toolchains.xml') + +run_codeql_database_create([], lang="java", runFunction = runUnsuccessfully, db = None, extra_env={ + 'LGTM_INDEX_MAVEN_TOOLCHAINS_FILE': toolchains_path +}) check_diagnostics() diff --git a/java/ql/integration-tests/all-platforms/java/diagnostics/java-version-too-old/toolchains.xml b/java/ql/integration-tests/all-platforms/java/diagnostics/java-version-too-old/toolchains.xml new file mode 100644 index 00000000000..51f20003fa9 --- /dev/null +++ b/java/ql/integration-tests/all-platforms/java/diagnostics/java-version-too-old/toolchains.xml @@ -0,0 +1,5 @@ + + + diff --git a/java/ql/integration-tests/all-platforms/kotlin/diagnostics/kotlin-version-too-new/diagnostics.expected b/java/ql/integration-tests/all-platforms/kotlin/diagnostics/kotlin-version-too-new/diagnostics.expected index 3397ea1bdef..36f7d9d0718 100644 --- a/java/ql/integration-tests/all-platforms/kotlin/diagnostics/kotlin-version-too-new/diagnostics.expected +++ b/java/ql/integration-tests/all-platforms/kotlin/diagnostics/kotlin-version-too-new/diagnostics.expected @@ -1,5 +1,5 @@ { - "markdownMessage": "The Kotlin version installed (`999.999.999`) is too recent for this version of CodeQL. Install a version lower than 1.8.30.", + "markdownMessage": "The Kotlin version installed (`999.999.999`) is too recent for this version of CodeQL. Install a version lower than 1.9.10.", "severity": "error", "source": { "extractorName": "java", diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md index 03907f74b89..53fb1470bb9 100644 --- a/java/ql/lib/CHANGELOG.md +++ b/java/ql/lib/CHANGELOG.md @@ -1,3 +1,44 @@ +## 0.6.2 + +### Minor Analysis Improvements + +* Added SQL injection sinks for Spring JDBC's `NamedParameterJdbcOperations`. +* Added models for the following packages: + + * org.apache.hadoop.fs +* Added the `ArithmeticCommon.qll` library to provide predicates for reasoning about arithmetic operations. +* Added the `ArithmeticTaintedLocalQuery.qll` library to provide the `ArithmeticTaintedLocalOverflowFlow` and `ArithmeticTaintedLocalUnderflowFlow` taint-tracking modules to reason about arithmetic with unvalidated user input. +* Added the `ArithmeticTaintedQuery.qll` library to provide the `RemoteUserInputOverflow` and `RemoteUserInputUnderflow` taint-tracking modules to reason about arithmetic with unvalidated user input. +* Added the `ArithmeticUncontrolledQuery.qll` library to provide the `ArithmeticUncontrolledOverflowFlow` and `ArithmeticUncontrolledUnderflowFlow` taint-tracking modules to reason about arithmetic with uncontrolled user input. +* Added the `ArithmeticWithExtremeValuesQuery.qll` library to provide the `MaxValueFlow` and `MinValueFlow` dataflow modules to reason about arithmetic with extreme values. +* Added the `BrokenCryptoAlgorithmQuery.qll` library to provide the `InsecureCryptoFlow` taint-tracking module to reason about broken cryptographic algorithm vulnerabilities. +* Added the `ExecTaintedLocalQuery.qll` library to provide the `LocalUserInputToArgumentToExecFlow` taint-tracking module to reason about command injection vulnerabilities caused by local data flow. +* Added the `ExternallyControlledFormatStringLocalQuery.qll` library to provide the `ExternallyControlledFormatStringLocalFlow` taint-tracking module to reason about format string vulnerabilities caused by local data flow. +* Added the `ImproperValidationOfArrayConstructionCodeSpecifiedQuery.qll` library to provide the `BoundedFlowSourceFlow` dataflow module to reason about improper validation of code-specified sizes used for array construction. +* Added the `ImproperValidationOfArrayConstructionLocalQuery.qll` library to provide the `ImproperValidationOfArrayConstructionLocalFlow` taint-tracking module to reason about improper validation of local user-provided sizes used for array construction caused by local data flow. +* Added the `ImproperValidationOfArrayConstructionQuery.qll` library to provide the `ImproperValidationOfArrayConstructionFlow` taint-tracking module to reason about improper validation of user-provided size used for array construction. +* Added the `ImproperValidationOfArrayIndexCodeSpecifiedQuery.qll` library to provide the `BoundedFlowSourceFlow` data flow module to reason about about improper validation of code-specified array index. +* Added the `ImproperValidationOfArrayIndexLocalQuery.qll` library to provide the `ImproperValidationOfArrayIndexLocalFlow` taint-tracking module to reason about improper validation of a local user-provided array index. +* Added the `ImproperValidationOfArrayIndexQuery.qll` library to provide the `ImproperValidationOfArrayIndexFlow` taint-tracking module to reason about improper validation of user-provided array index. +* Added the `InsecureCookieQuery.qll` library to provide the `SecureCookieFlow` taint-tracking module to reason about insecure cookie vulnerabilities. +* Added the `MaybeBrokenCryptoAlgorithmQuery.qll` library to provide the `InsecureCryptoFlow` taint-tracking module to reason about broken cryptographic algorithm vulnerabilities. +* Added the `NumericCastTaintedQuery.qll` library to provide the `NumericCastTaintedFlow` taint-tracking module to reason about numeric cast vulnerabilities. +* Added the `ResponseSplittingLocalQuery.qll` library to provide the `ResponseSplittingLocalFlow` taint-tracking module to reason about response splitting vulnerabilities caused by local data flow. +* Added the `SqlConcatenatedQuery.qll` library to provide the `UncontrolledStringBuilderSourceFlow` taint-tracking module to reason about SQL injection vulnerabilities caused by concatenating untrusted strings. +* Added the `SqlTaintedLocalQuery.qll` library to provide the `LocalUserInputToArgumentToSqlFlow` taint-tracking module to reason about SQL injection vulnerabilities caused by local data flow. +* Added the `StackTraceExposureQuery.qll` library to provide the `printsStackExternally`, `stringifiedStackFlowsExternally`, and `getMessageFlowsExternally` predicates to reason about stack trace exposure vulnerabilities. +* Added the `TaintedPermissionQuery.qll` library to provide the `TaintedPermissionFlow` taint-tracking module to reason about tainted permission vulnerabilities. +* Added the `TempDirLocalInformationDisclosureQuery.qll` library to provide the `TempDirSystemGetPropertyToCreate` taint-tracking module to reason about local information disclosure vulnerabilities caused by local data flow. +* Added the `UnsafeHostnameVerificationQuery.qll` library to provide the `TrustAllHostnameVerifierFlow` taint-tracking module to reason about insecure hostname verification vulnerabilities. +* Added the `UrlRedirectLocalQuery.qll` library to provide the `UrlRedirectLocalFlow` taint-tracking module to reason about URL redirection vulnerabilities caused by local data flow. +* Added the `UrlRedirectQuery.qll` library to provide the `UrlRedirectFlow` taint-tracking module to reason about URL redirection vulnerabilities. +* Added the `XPathInjectionQuery.qll` library to provide the `XPathInjectionFlow` taint-tracking module to reason about XPath injection vulnerabilities. +* Added the `XssLocalQuery.qll` library to provide the `XssLocalFlow` taint-tracking module to reason about XSS vulnerabilities caused by local data flow. +* Moved the `url-open-stream` sink models to experimental and removed `url-open-stream` as a sink option from the [Customizing Library Models for Java](https://github.com/github/codeql/blob/733a00039efdb39c3dd76ddffad5e6d6c85e6774/docs/codeql/codeql-language-guides/customizing-library-models-for-java.rst#customizing-library-models-for-java) documentation. +* Added models for the Apache Commons Net library. +* Updated the `neutralModel` extensible predicate to include a `kind` column. +* Added models for the `io.jsonwebtoken` library. + ## 0.6.1 ### Deprecated APIs diff --git a/java/ql/lib/change-notes/2023-04-26-neutral-model-kinds.md b/java/ql/lib/change-notes/2023-04-26-neutral-model-kinds.md deleted file mode 100644 index ab19597224b..00000000000 --- a/java/ql/lib/change-notes/2023-04-26-neutral-model-kinds.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Updated the `neutralModel` extensible predicate to include a `kind` column. \ No newline at end of file diff --git a/java/ql/lib/change-notes/2023-05-03-url-open-stream-as-experimental.md b/java/ql/lib/change-notes/2023-05-03-url-open-stream-as-experimental.md deleted file mode 100644 index 1d57d64973c..00000000000 --- a/java/ql/lib/change-notes/2023-05-03-url-open-stream-as-experimental.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Moved the `url-open-stream` sink models to experimental and removed `url-open-stream` as a sink option from the [Customizing Library Models for Java](https://github.com/github/codeql/blob/733a00039efdb39c3dd76ddffad5e6d6c85e6774/docs/codeql/codeql-language-guides/customizing-library-models-for-java.rst#customizing-library-models-for-java) documentation. diff --git a/java/ql/lib/change-notes/2023-05-05-java-sink-kind-revamp.md b/java/ql/lib/change-notes/2023-05-05-java-sink-kind-revamp.md new file mode 100644 index 00000000000..ef54f491051 --- /dev/null +++ b/java/ql/lib/change-notes/2023-05-05-java-sink-kind-revamp.md @@ -0,0 +1,22 @@ +--- +category: minorAnalysis +--- +* Updated the following Java sink kind names. Any custom data extensions will need to be updated accordingly in order to continue working. + * `sql` to `sql-injection` + * `url-redirect` to `url-redirection` + * `xpath` to `xpath-injection` + * `ssti` to `template-injection` + * `logging` to `log-injection` + * `groovy` to `groovy-injection` + * `jexl` to `jexl-injection` + * `mvel` to `mvel-injection` + * `xslt` to `xslt-injection` + * `ldap` to `ldap-injection` + * `pending-intent-sent` to `pending-intents` + * `intent-start` to `intent-redirection` + * `set-hostname-verifier` to `hostname-verification` + * `header-splitting` to `response-splitting` + * `xss` to `html-injection` and `js-injection` + * `write-file` to `file-system-store` + * `create-file` and `read-file` to `path-injection` + * `open-url` and `jdbc-url` to `request-forgery` diff --git a/java/ql/lib/change-notes/2023-05-12-androidwidget-source-kind-to-remote.md b/java/ql/lib/change-notes/2023-05-12-androidwidget-source-kind-to-remote.md new file mode 100644 index 00000000000..7a2714a6527 --- /dev/null +++ b/java/ql/lib/change-notes/2023-05-12-androidwidget-source-kind-to-remote.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Changed the `android-widget` Java source kind to `remote`. Any custom data extensions that use the `android-widget` source kind will need to be updated accordingly in order to continue working. diff --git a/java/ql/lib/change-notes/2023-05-17-change-hostnamesanitizingprefix-regex.md b/java/ql/lib/change-notes/2023-05-17-change-hostnamesanitizingprefix-regex.md new file mode 100644 index 00000000000..8d81c97d9e3 --- /dev/null +++ b/java/ql/lib/change-notes/2023-05-17-change-hostnamesanitizingprefix-regex.md @@ -0,0 +1,5 @@ +--- +category: minorAnalysis +--- +* Updated the regular expression in the `HostnameSanitizer` sanitizer in the `semmle.code.java.security.RequestForgery` library to better detect strings prefixed with a hostname. + diff --git a/java/ql/lib/change-notes/2023-05-19-path-injection-sinks-mad.md b/java/ql/lib/change-notes/2023-05-19-path-injection-sinks-mad.md new file mode 100644 index 00000000000..ae5cd306c2b --- /dev/null +++ b/java/ql/lib/change-notes/2023-05-19-path-injection-sinks-mad.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Path creation sinks modeled in `PathCreation.qll` have been added to the models-as-data sink kind `path-injection`. diff --git a/java/ql/lib/change-notes/2023-05-22-inputstreamwrapper-transitive.md b/java/ql/lib/change-notes/2023-05-22-inputstreamwrapper-transitive.md new file mode 100644 index 00000000000..bba77d98d89 --- /dev/null +++ b/java/ql/lib/change-notes/2023-05-22-inputstreamwrapper-transitive.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Dataflow analysis has a new flow step through constructors of transitive subtypes of `java.io.InputStream` that wrap an underlying data source. Previously, the step only existed for direct subtypes of `java.io.InputStream`. diff --git a/java/ql/lib/change-notes/2023-05-23-java-nio-file-files-copy-models-tweak.md b/java/ql/lib/change-notes/2023-05-23-java-nio-file-files-copy-models-tweak.md new file mode 100644 index 00000000000..85fc9b89197 --- /dev/null +++ b/java/ql/lib/change-notes/2023-05-23-java-nio-file-files-copy-models-tweak.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +Modified the models related to `java.nio.file.Files.copy` so that generic `[Input|Output]Stream` arguments are not considered file-related sinks. diff --git a/java/ql/lib/change-notes/2023-05-24-kotlin-1.9.0.md b/java/ql/lib/change-notes/2023-05-24-kotlin-1.9.0.md new file mode 100644 index 00000000000..f3647cc5488 --- /dev/null +++ b/java/ql/lib/change-notes/2023-05-24-kotlin-1.9.0.md @@ -0,0 +1,4 @@ +--- +category: feature +--- +* Kotlin versions up to 1.9.0 are now supported. diff --git a/java/ql/lib/change-notes/2023-05-26-play-framework-models.md b/java/ql/lib/change-notes/2023-05-26-play-framework-models.md new file mode 100644 index 00000000000..69db10413eb --- /dev/null +++ b/java/ql/lib/change-notes/2023-05-26-play-framework-models.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Added more dataflow models for the Play Framework. diff --git a/java/ql/lib/change-notes/2023-05-30-gson-models.md b/java/ql/lib/change-notes/2023-05-30-gson-models.md new file mode 100644 index 00000000000..306d797ff1a --- /dev/null +++ b/java/ql/lib/change-notes/2023-05-30-gson-models.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Added dataflow models for the Gson deserialization library. diff --git a/java/ql/lib/change-notes/2023-05-30-new-models.md b/java/ql/lib/change-notes/2023-05-30-new-models.md new file mode 100644 index 00000000000..24e7563d727 --- /dev/null +++ b/java/ql/lib/change-notes/2023-05-30-new-models.md @@ -0,0 +1,6 @@ +--- +category: minorAnalysis +--- +* Added models for the following packages: + + * okhttp3 diff --git a/java/ql/lib/change-notes/2023-06-01-new-models.md b/java/ql/lib/change-notes/2023-06-01-new-models.md new file mode 100644 index 00000000000..d05b3d4d59d --- /dev/null +++ b/java/ql/lib/change-notes/2023-06-01-new-models.md @@ -0,0 +1,7 @@ +--- +category: minorAnalysis +--- +* Added models for the following packages: + + * java.lang + * java.nio.file diff --git a/java/ql/lib/change-notes/2023-06-02-delete-deps.md b/java/ql/lib/change-notes/2023-06-02-delete-deps.md new file mode 100644 index 00000000000..01b2fd5a457 --- /dev/null +++ b/java/ql/lib/change-notes/2023-06-02-delete-deps.md @@ -0,0 +1,6 @@ +--- +category: minorAnalysis +--- +* Deleted the deprecated `getRHS` predicate from the `LValue` class, use `getRhs` instead. +* Deleted the deprecated `getCFGNode` predicate from the `SsaVariable` class, use `getCfgNode` instead. +* Deleted many deprecated predicates and classes with uppercase `XML`, `JSON`, `URL`, `API`, etc. in their names. Use the PascalCased versions instead. \ No newline at end of file diff --git a/java/ql/lib/change-notes/2023-06-06-kotlin-use-with-flow.md b/java/ql/lib/change-notes/2023-06-06-kotlin-use-with-flow.md new file mode 100644 index 00000000000..b21f31aae5f --- /dev/null +++ b/java/ql/lib/change-notes/2023-06-06-kotlin-use-with-flow.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Added flow through the block arguments of `kotlin.io.use` and `kotlin.with`. diff --git a/java/ql/lib/change-notes/2023-06-06-new-models.md b/java/ql/lib/change-notes/2023-06-06-new-models.md new file mode 100644 index 00000000000..cbb80968749 --- /dev/null +++ b/java/ql/lib/change-notes/2023-06-06-new-models.md @@ -0,0 +1,15 @@ +--- +category: minorAnalysis +--- +* Added models for the following packages: + + * com.alibaba.druid.sql + * com.fasterxml.jackson.databind + * com.jcraft.jsch + * io.netty.handler.ssl + * okhttp3 + * org.antlr.runtime + * org.fusesource.leveldbjni + * org.influxdb + * org.springframework.core.io + * org.yaml.snakeyaml diff --git a/java/ql/lib/change-notes/2023-05-04-add-libraries-for-query-configurations.md b/java/ql/lib/change-notes/released/0.6.2.md similarity index 87% rename from java/ql/lib/change-notes/2023-05-04-add-libraries-for-query-configurations.md rename to java/ql/lib/change-notes/released/0.6.2.md index ead324ee5fb..f0bf9441a47 100644 --- a/java/ql/lib/change-notes/2023-05-04-add-libraries-for-query-configurations.md +++ b/java/ql/lib/change-notes/released/0.6.2.md @@ -1,6 +1,11 @@ ---- -category: minorAnalysis ---- +## 0.6.2 + +### Minor Analysis Improvements + +* Added SQL injection sinks for Spring JDBC's `NamedParameterJdbcOperations`. +* Added models for the following packages: + + * org.apache.hadoop.fs * Added the `ArithmeticCommon.qll` library to provide predicates for reasoning about arithmetic operations. * Added the `ArithmeticTaintedLocalQuery.qll` library to provide the `ArithmeticTaintedLocalOverflowFlow` and `ArithmeticTaintedLocalUnderflowFlow` taint-tracking modules to reason about arithmetic with unvalidated user input. * Added the `ArithmeticTaintedQuery.qll` library to provide the `RemoteUserInputOverflow` and `RemoteUserInputUnderflow` taint-tracking modules to reason about arithmetic with unvalidated user input. @@ -28,4 +33,8 @@ category: minorAnalysis * Added the `UrlRedirectLocalQuery.qll` library to provide the `UrlRedirectLocalFlow` taint-tracking module to reason about URL redirection vulnerabilities caused by local data flow. * Added the `UrlRedirectQuery.qll` library to provide the `UrlRedirectFlow` taint-tracking module to reason about URL redirection vulnerabilities. * Added the `XPathInjectionQuery.qll` library to provide the `XPathInjectionFlow` taint-tracking module to reason about XPath injection vulnerabilities. -* Added the `XssLocalQuery.qll` library to provide the `XssLocalFlow` taint-tracking module to reason about XSS vulnerabilities caused by local data flow. \ No newline at end of file +* Added the `XssLocalQuery.qll` library to provide the `XssLocalFlow` taint-tracking module to reason about XSS vulnerabilities caused by local data flow. +* Moved the `url-open-stream` sink models to experimental and removed `url-open-stream` as a sink option from the [Customizing Library Models for Java](https://github.com/github/codeql/blob/733a00039efdb39c3dd76ddffad5e6d6c85e6774/docs/codeql/codeql-language-guides/customizing-library-models-for-java.rst#customizing-library-models-for-java) documentation. +* Added models for the Apache Commons Net library. +* Updated the `neutralModel` extensible predicate to include a `kind` column. +* Added models for the `io.jsonwebtoken` library. diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml index 80fb0899f64..5501a2a1cc5 100644 --- a/java/ql/lib/codeql-pack.release.yml +++ b/java/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.1 +lastReleaseVersion: 0.6.2 diff --git a/java/ql/lib/ext/android.app.model.yml b/java/ql/lib/ext/android.app.model.yml index 861867d344c..72591773436 100644 --- a/java/ql/lib/ext/android.app.model.yml +++ b/java/ql/lib/ext/android.app.model.yml @@ -3,22 +3,22 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["android.app", "Activity", True, "bindService", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.app", "Activity", True, "bindServiceAsUser", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.app", "Activity", True, "setResult", "(int,Intent)", "", "Argument[1]", "pending-intent-sent", "manual"] - - ["android.app", "Activity", True, "startActivityAsCaller", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.app", "Activity", True, "startActivityForResult", "(Intent,int)", "", "Argument[0]", "intent-start", "manual"] - - ["android.app", "Activity", True, "startActivityForResult", "(Intent,int,Bundle)", "", "Argument[0]", "intent-start", "manual"] - - ["android.app", "Activity", True, "startActivityForResult", "(String,Intent,int,Bundle)", "", "Argument[1]", "intent-start", "manual"] - - ["android.app", "Activity", True, "startActivityForResultAsUser", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.app", "AlarmManager", True, "set", "(int,long,PendingIntent)", "", "Argument[2]", "pending-intent-sent", "manual"] - - ["android.app", "AlarmManager", True, "setAlarmClock", "", "", "Argument[1]", "pending-intent-sent", "manual"] - - ["android.app", "AlarmManager", True, "setAndAllowWhileIdle", "", "", "Argument[2]", "pending-intent-sent", "manual"] - - ["android.app", "AlarmManager", True, "setExact", "(int,long,PendingIntent)", "", "Argument[2]", "pending-intent-sent", "manual"] - - ["android.app", "AlarmManager", True, "setExactAndAllowWhileIdle", "", "", "Argument[2]", "pending-intent-sent", "manual"] - - ["android.app", "AlarmManager", True, "setInexactRepeating", "", "", "Argument[3]", "pending-intent-sent", "manual"] - - ["android.app", "AlarmManager", True, "setRepeating", "", "", "Argument[3]", "pending-intent-sent", "manual"] - - ["android.app", "AlarmManager", True, "setWindow", "(int,long,long,PendingIntent)", "", "Argument[3]", "pending-intent-sent", "manual"] + - ["android.app", "Activity", True, "bindService", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.app", "Activity", True, "bindServiceAsUser", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.app", "Activity", True, "setResult", "(int,Intent)", "", "Argument[1]", "pending-intents", "manual"] + - ["android.app", "Activity", True, "startActivityAsCaller", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.app", "Activity", True, "startActivityForResult", "(Intent,int)", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.app", "Activity", True, "startActivityForResult", "(Intent,int,Bundle)", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.app", "Activity", True, "startActivityForResult", "(String,Intent,int,Bundle)", "", "Argument[1]", "intent-redirection", "manual"] + - ["android.app", "Activity", True, "startActivityForResultAsUser", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.app", "AlarmManager", True, "set", "(int,long,PendingIntent)", "", "Argument[2]", "pending-intents", "manual"] + - ["android.app", "AlarmManager", True, "setAlarmClock", "", "", "Argument[1]", "pending-intents", "manual"] + - ["android.app", "AlarmManager", True, "setAndAllowWhileIdle", "", "", "Argument[2]", "pending-intents", "manual"] + - ["android.app", "AlarmManager", True, "setExact", "(int,long,PendingIntent)", "", "Argument[2]", "pending-intents", "manual"] + - ["android.app", "AlarmManager", True, "setExactAndAllowWhileIdle", "", "", "Argument[2]", "pending-intents", "manual"] + - ["android.app", "AlarmManager", True, "setInexactRepeating", "", "", "Argument[3]", "pending-intents", "manual"] + - ["android.app", "AlarmManager", True, "setRepeating", "", "", "Argument[3]", "pending-intents", "manual"] + - ["android.app", "AlarmManager", True, "setWindow", "(int,long,long,PendingIntent)", "", "Argument[3]", "pending-intents", "manual"] - ["android.app", "FragmentTransaction", True, "add", "(Class,Bundle,String)", "", "Argument[0]", "fragment-injection", "manual"] - ["android.app", "FragmentTransaction", True, "add", "(Fragment,String)", "", "Argument[0]", "fragment-injection", "manual"] - ["android.app", "FragmentTransaction", True, "add", "(int,Class,Bundle)", "", "Argument[1]", "fragment-injection", "manual"] @@ -30,14 +30,14 @@ extensions: - ["android.app", "FragmentTransaction", True, "replace", "(int,Class,Bundle,String)", "", "Argument[1]", "fragment-injection", "manual"] - ["android.app", "FragmentTransaction", True, "replace", "(int,Fragment)", "", "Argument[1]", "fragment-injection", "manual"] - ["android.app", "FragmentTransaction", True, "replace", "(int,Fragment,String)", "", "Argument[1]", "fragment-injection", "manual"] - - ["android.app", "NotificationManager", True, "notify", "(String,int,Notification)", "", "Argument[2]", "pending-intent-sent", "manual"] - - ["android.app", "NotificationManager", True, "notify", "(int,Notification)", "", "Argument[1]", "pending-intent-sent", "manual"] - - ["android.app", "NotificationManager", True, "notifyAsPackage", "(String,String,int,Notification)", "", "Argument[3]", "pending-intent-sent", "manual"] - - ["android.app", "NotificationManager", True, "notifyAsUser", "(String,int,Notification,UserHandle)", "", "Argument[2]", "pending-intent-sent", "manual"] - - ["android.app", "PendingIntent", False, "send", "(Context,int,Intent)", "", "Argument[2]", "pending-intent-sent", "manual"] - - ["android.app", "PendingIntent", False, "send", "(Context,int,Intent,OnFinished,Handler)", "", "Argument[2]", "pending-intent-sent", "manual"] - - ["android.app", "PendingIntent", False, "send", "(Context,int,Intent,OnFinished,Handler,String)", "", "Argument[2]", "pending-intent-sent", "manual"] - - ["android.app", "PendingIntent", False, "send", "(Context,int,Intent,OnFinished,Handler,String,Bundle)", "", "Argument[2]", "pending-intent-sent", "manual"] + - ["android.app", "NotificationManager", True, "notify", "(String,int,Notification)", "", "Argument[2]", "pending-intents", "manual"] + - ["android.app", "NotificationManager", True, "notify", "(int,Notification)", "", "Argument[1]", "pending-intents", "manual"] + - ["android.app", "NotificationManager", True, "notifyAsPackage", "(String,String,int,Notification)", "", "Argument[3]", "pending-intents", "manual"] + - ["android.app", "NotificationManager", True, "notifyAsUser", "(String,int,Notification,UserHandle)", "", "Argument[2]", "pending-intents", "manual"] + - ["android.app", "PendingIntent", False, "send", "(Context,int,Intent)", "", "Argument[2]", "pending-intents", "manual"] + - ["android.app", "PendingIntent", False, "send", "(Context,int,Intent,OnFinished,Handler)", "", "Argument[2]", "pending-intents", "manual"] + - ["android.app", "PendingIntent", False, "send", "(Context,int,Intent,OnFinished,Handler,String)", "", "Argument[2]", "pending-intents", "manual"] + - ["android.app", "PendingIntent", False, "send", "(Context,int,Intent,OnFinished,Handler,String,Bundle)", "", "Argument[2]", "pending-intents", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/android.content.model.yml b/java/ql/lib/ext/android.content.model.yml index 89368acc04e..c42578c08cd 100644 --- a/java/ql/lib/ext/android.content.model.yml +++ b/java/ql/lib/ext/android.content.model.yml @@ -39,30 +39,30 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["android.content", "ContentProvider", True, "delete", "(Uri,String,String[])", "", "Argument[1]", "sql", "manual"] - - ["android.content", "ContentProvider", True, "query", "(Uri,String[],String,String[],String)", "", "Argument[2]", "sql", "manual"] - - ["android.content", "ContentProvider", True, "query", "(Uri,String[],String,String[],String,CancellationSignal)", "", "Argument[2]", "sql", "manual"] - - ["android.content", "ContentProvider", True, "update", "(Uri,ContentValues,String,String[])", "", "Argument[2]", "sql", "manual"] - - ["android.content", "ContentResolver", True, "delete", "(Uri,String,String[])", "", "Argument[1]", "sql", "manual"] - - ["android.content", "ContentResolver", True, "query", "(Uri,String[],String,String[],String)", "", "Argument[2]", "sql", "manual"] - - ["android.content", "ContentResolver", True, "query", "(Uri,String[],String,String[],String,CancellationSignal)", "", "Argument[2]", "sql", "manual"] - - ["android.content", "ContentResolver", True, "update", "(Uri,ContentValues,String,String[])", "", "Argument[2]", "sql", "manual"] - - ["android.content", "Context", True, "sendBroadcast", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "sendBroadcastAsUser", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "sendBroadcastWithMultiplePermissions", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "sendStickyBroadcast", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "sendStickyBroadcastAsUser", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "sendStickyOrderedBroadcast", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "sendStickyOrderedBroadcastAsUser", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "startActivities", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "startActivity", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "startActivityAsUser", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "startActivityFromChild", "", "", "Argument[1]", "intent-start", "manual"] - - ["android.content", "Context", True, "startActivityFromFragment", "", "", "Argument[1]", "intent-start", "manual"] - - ["android.content", "Context", True, "startActivityIfNeeded", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "startForegroundService", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "startService", "", "", "Argument[0]", "intent-start", "manual"] - - ["android.content", "Context", True, "startServiceAsUser", "", "", "Argument[0]", "intent-start", "manual"] + - ["android.content", "ContentProvider", True, "delete", "(Uri,String,String[])", "", "Argument[1]", "sql-injection", "manual"] + - ["android.content", "ContentProvider", True, "query", "(Uri,String[],String,String[],String)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.content", "ContentProvider", True, "query", "(Uri,String[],String,String[],String,CancellationSignal)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.content", "ContentProvider", True, "update", "(Uri,ContentValues,String,String[])", "", "Argument[2]", "sql-injection", "manual"] + - ["android.content", "ContentResolver", True, "delete", "(Uri,String,String[])", "", "Argument[1]", "sql-injection", "manual"] + - ["android.content", "ContentResolver", True, "query", "(Uri,String[],String,String[],String)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.content", "ContentResolver", True, "query", "(Uri,String[],String,String[],String,CancellationSignal)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.content", "ContentResolver", True, "update", "(Uri,ContentValues,String,String[])", "", "Argument[2]", "sql-injection", "manual"] + - ["android.content", "Context", True, "sendBroadcast", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "sendBroadcastAsUser", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "sendBroadcastWithMultiplePermissions", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "sendStickyBroadcast", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "sendStickyBroadcastAsUser", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "sendStickyOrderedBroadcast", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "sendStickyOrderedBroadcastAsUser", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "startActivities", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "startActivity", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "startActivityAsUser", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "startActivityFromChild", "", "", "Argument[1]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "startActivityFromFragment", "", "", "Argument[1]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "startActivityIfNeeded", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "startForegroundService", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "startService", "", "", "Argument[0]", "intent-redirection", "manual"] + - ["android.content", "Context", True, "startServiceAsUser", "", "", "Argument[0]", "intent-redirection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/android.database.model.yml b/java/ql/lib/ext/android.database.model.yml index 22157da6755..c0ff4dd5f39 100644 --- a/java/ql/lib/ext/android.database.model.yml +++ b/java/ql/lib/ext/android.database.model.yml @@ -3,13 +3,13 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["android.database", "DatabaseUtils", False, "blobFileDescriptorForQuery", "(SQLiteDatabase,String,String[])", "", "Argument[1]", "sql", "manual"] - - ["android.database", "DatabaseUtils", False, "createDbFromSqlStatements", "(Context,String,int,String)", "", "Argument[3]", "sql", "manual"] - - ["android.database", "DatabaseUtils", False, "longForQuery", "(SQLiteDatabase,String,String[])", "", "Argument[1]", "sql", "manual"] - - ["android.database", "DatabaseUtils", False, "queryNumEntries", "(SQLiteDatabase,String)", "", "Argument[1]", "sql", "manual"] - - ["android.database", "DatabaseUtils", False, "queryNumEntries", "(SQLiteDatabase,String,String)", "", "Argument[1..2]", "sql", "manual"] - - ["android.database", "DatabaseUtils", False, "queryNumEntries", "(SQLiteDatabase,String,String,String[])", "", "Argument[1..2]", "sql", "manual"] - - ["android.database", "DatabaseUtils", False, "stringForQuery", "(SQLiteDatabase,String,String[])", "", "Argument[1]", "sql", "manual"] + - ["android.database", "DatabaseUtils", False, "blobFileDescriptorForQuery", "(SQLiteDatabase,String,String[])", "", "Argument[1]", "sql-injection", "manual"] + - ["android.database", "DatabaseUtils", False, "createDbFromSqlStatements", "(Context,String,int,String)", "", "Argument[3]", "sql-injection", "manual"] + - ["android.database", "DatabaseUtils", False, "longForQuery", "(SQLiteDatabase,String,String[])", "", "Argument[1]", "sql-injection", "manual"] + - ["android.database", "DatabaseUtils", False, "queryNumEntries", "(SQLiteDatabase,String)", "", "Argument[1]", "sql-injection", "manual"] + - ["android.database", "DatabaseUtils", False, "queryNumEntries", "(SQLiteDatabase,String,String)", "", "Argument[1..2]", "sql-injection", "manual"] + - ["android.database", "DatabaseUtils", False, "queryNumEntries", "(SQLiteDatabase,String,String,String[])", "", "Argument[1..2]", "sql-injection", "manual"] + - ["android.database", "DatabaseUtils", False, "stringForQuery", "(SQLiteDatabase,String,String[])", "", "Argument[1]", "sql-injection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/android.database.sqlite.model.yml b/java/ql/lib/ext/android.database.sqlite.model.yml index 169c7870da4..d40ae8c1ee3 100644 --- a/java/ql/lib/ext/android.database.sqlite.model.yml +++ b/java/ql/lib/ext/android.database.sqlite.model.yml @@ -3,58 +3,58 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["android.database.sqlite", "SQLiteDatabase", False, "compileStatement", "(String)", "", "Argument[0]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "delete", "(String,String,String[])", "", "Argument[0..1]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "execPerConnectionSQL", "(String,Object[])", "", "Argument[0]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "execSQL", "(String)", "", "Argument[0]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "execSQL", "(String,Object[])", "", "Argument[0]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(String,String[],String,String[],String,String,String)", "", "Argument[0..2]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(String,String[],String,String[],String,String,String)", "", "Argument[4..6]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(String,String[],String,String[],String,String,String,String)", "", "Argument[0]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(String,String[],String,String[],String,String,String,String)", "", "Argument[1]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(String,String[],String,String[],String,String,String,String)", "", "Argument[2]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(String,String[],String,String[],String,String,String,String)", "", "Argument[4..7]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[1]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[2]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[3]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[5..8]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[1]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[2]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[3]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[5..8]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[2]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[3]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[4]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[6..9]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[2]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[3]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[4]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[6..9]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "rawQuery", "(String,String[])", "", "Argument[0]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "rawQuery", "(String,String[],CancellationSignal)", "", "Argument[0]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "rawQueryWithFactory", "(CursorFactory,String,String[],String)", "", "Argument[1]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "rawQueryWithFactory", "(CursorFactory,String,String[],String,CancellationSignal)", "", "Argument[1]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "update", "(String,ContentValues,String,String[])", "", "Argument[0]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "update", "(String,ContentValues,String,String[])", "", "Argument[2]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "updateWithOnConflict", "(String,ContentValues,String,String[],int)", "", "Argument[0]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteDatabase", False, "updateWithOnConflict", "(String,ContentValues,String,String[],int)", "", "Argument[2]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "delete", "(SQLiteDatabase,String,String[])", "", "Argument[this]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "delete", "(SQLiteDatabase,String,String[])", "", "Argument[1]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "insert", "(SQLiteDatabase,ContentValues)", "", "Argument[this]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String)", "", "Argument[this]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String)", "", "Argument[1]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String)", "", "Argument[2]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String)", "", "Argument[4..6]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String)", "", "Argument[this]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String)", "", "Argument[1]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String)", "", "Argument[2]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String)", "", "Argument[4..7]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[this]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[1]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[2]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[4..7]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "update", "(SQLiteDatabase,ContentValues,String,String[])", "", "Argument[this]", "sql", "manual"] - - ["android.database.sqlite", "SQLiteQueryBuilder", True, "update", "(SQLiteDatabase,ContentValues,String,String[])", "", "Argument[2]", "sql", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "compileStatement", "(String)", "", "Argument[0]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "delete", "(String,String,String[])", "", "Argument[0..1]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "execPerConnectionSQL", "(String,Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "execSQL", "(String)", "", "Argument[0]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "execSQL", "(String,Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(String,String[],String,String[],String,String,String)", "", "Argument[0..2]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(String,String[],String,String[],String,String,String)", "", "Argument[4..6]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(String,String[],String,String[],String,String,String,String)", "", "Argument[0]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(String,String[],String,String[],String,String,String,String)", "", "Argument[1]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(String,String[],String,String[],String,String,String,String)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(String,String[],String,String[],String,String,String,String)", "", "Argument[4..7]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[1]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[3]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[5..8]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[1]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[3]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "query", "(boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[5..8]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[3]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[4]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String)", "", "Argument[6..9]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[3]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[4]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "queryWithFactory", "(CursorFactory,boolean,String,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[6..9]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "rawQuery", "(String,String[])", "", "Argument[0]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "rawQuery", "(String,String[],CancellationSignal)", "", "Argument[0]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "rawQueryWithFactory", "(CursorFactory,String,String[],String)", "", "Argument[1]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "rawQueryWithFactory", "(CursorFactory,String,String[],String,CancellationSignal)", "", "Argument[1]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "update", "(String,ContentValues,String,String[])", "", "Argument[0]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "update", "(String,ContentValues,String,String[])", "", "Argument[2]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "updateWithOnConflict", "(String,ContentValues,String,String[],int)", "", "Argument[0]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteDatabase", False, "updateWithOnConflict", "(String,ContentValues,String,String[],int)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "delete", "(SQLiteDatabase,String,String[])", "", "Argument[this]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "delete", "(SQLiteDatabase,String,String[])", "", "Argument[1]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "insert", "(SQLiteDatabase,ContentValues)", "", "Argument[this]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String)", "", "Argument[this]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String)", "", "Argument[1]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String)", "", "Argument[4..6]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String)", "", "Argument[this]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String)", "", "Argument[1]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String)", "", "Argument[4..7]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[this]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[1]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[2]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "query", "(SQLiteDatabase,String[],String,String[],String,String,String,String,CancellationSignal)", "", "Argument[4..7]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "update", "(SQLiteDatabase,ContentValues,String,String[])", "", "Argument[this]", "sql-injection", "manual"] + - ["android.database.sqlite", "SQLiteQueryBuilder", True, "update", "(SQLiteDatabase,ContentValues,String,String[])", "", "Argument[2]", "sql-injection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/android.util.model.yml b/java/ql/lib/ext/android.util.model.yml index b57ff4819a7..eaf9d142f54 100644 --- a/java/ql/lib/ext/android.util.model.yml +++ b/java/ql/lib/ext/android.util.model.yml @@ -23,9 +23,9 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["android.util", "Log", True, "d", "", "", "Argument[1]", "logging", "manual"] - - ["android.util", "Log", True, "e", "", "", "Argument[1]", "logging", "manual"] - - ["android.util", "Log", True, "i", "", "", "Argument[1]", "logging", "manual"] - - ["android.util", "Log", True, "v", "", "", "Argument[1]", "logging", "manual"] - - ["android.util", "Log", True, "w", "", "", "Argument[1]", "logging", "manual"] - - ["android.util", "Log", True, "wtf", "", "", "Argument[1]", "logging", "manual"] + - ["android.util", "Log", True, "d", "", "", "Argument[1]", "log-injection", "manual"] + - ["android.util", "Log", True, "e", "", "", "Argument[1]", "log-injection", "manual"] + - ["android.util", "Log", True, "i", "", "", "Argument[1]", "log-injection", "manual"] + - ["android.util", "Log", True, "v", "", "", "Argument[1]", "log-injection", "manual"] + - ["android.util", "Log", True, "w", "", "", "Argument[1]", "log-injection", "manual"] + - ["android.util", "Log", True, "wtf", "", "", "Argument[1]", "log-injection", "manual"] diff --git a/java/ql/lib/ext/android.webkit.model.yml b/java/ql/lib/ext/android.webkit.model.yml index 05058493fe1..d88199c04cb 100644 --- a/java/ql/lib/ext/android.webkit.model.yml +++ b/java/ql/lib/ext/android.webkit.model.yml @@ -10,6 +10,6 @@ extensions: extensible: sinkModel data: # Models representing methods susceptible to XSS attacks. - - ["android.webkit", "WebView", False, "evaluateJavascript", "", "", "Argument[0]", "xss", "manual"] - - ["android.webkit", "WebView", False, "loadData", "", "", "Argument[0]", "xss", "manual"] - - ["android.webkit", "WebView", False, "loadDataWithBaseURL", "", "", "Argument[1]", "xss", "manual"] + - ["android.webkit", "WebView", False, "evaluateJavascript", "", "", "Argument[0]", "js-injection", "manual"] + - ["android.webkit", "WebView", False, "loadData", "", "", "Argument[0]", "html-injection", "manual"] + - ["android.webkit", "WebView", False, "loadDataWithBaseURL", "", "", "Argument[1]", "html-injection", "manual"] diff --git a/java/ql/lib/ext/android.widget.model.yml b/java/ql/lib/ext/android.widget.model.yml index ef4b015700a..aa6222c77d2 100644 --- a/java/ql/lib/ext/android.widget.model.yml +++ b/java/ql/lib/ext/android.widget.model.yml @@ -3,7 +3,7 @@ extensions: pack: codeql/java-all extensible: sourceModel data: - - ["android.widget", "EditText", True, "getText", "", "", "ReturnValue", "android-widget", "manual"] + - ["android.widget", "EditText", True, "getText", "", "", "ReturnValue", "remote", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/androidx.core.app.model.yml b/java/ql/lib/ext/androidx.core.app.model.yml index 2bb58605436..f24a67dbbe6 100644 --- a/java/ql/lib/ext/androidx.core.app.model.yml +++ b/java/ql/lib/ext/androidx.core.app.model.yml @@ -3,12 +3,12 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["androidx.core.app", "AlarmManagerCompat", True, "setAlarmClock", "", "", "Argument[2..3]", "pending-intent-sent", "manual"] - - ["androidx.core.app", "AlarmManagerCompat", True, "setAndAllowWhileIdle", "", "", "Argument[3]", "pending-intent-sent", "manual"] - - ["androidx.core.app", "AlarmManagerCompat", True, "setExact", "", "", "Argument[3]", "pending-intent-sent", "manual"] - - ["androidx.core.app", "AlarmManagerCompat", True, "setExactAndAllowWhileIdle", "", "", "Argument[3]", "pending-intent-sent", "manual"] - - ["androidx.core.app", "NotificationManagerCompat", True, "notify", "(String,int,Notification)", "", "Argument[2]", "pending-intent-sent", "manual"] - - ["androidx.core.app", "NotificationManagerCompat", True, "notify", "(int,Notification)", "", "Argument[1]", "pending-intent-sent", "manual"] + - ["androidx.core.app", "AlarmManagerCompat", True, "setAlarmClock", "", "", "Argument[2..3]", "pending-intents", "manual"] + - ["androidx.core.app", "AlarmManagerCompat", True, "setAndAllowWhileIdle", "", "", "Argument[3]", "pending-intents", "manual"] + - ["androidx.core.app", "AlarmManagerCompat", True, "setExact", "", "", "Argument[3]", "pending-intents", "manual"] + - ["androidx.core.app", "AlarmManagerCompat", True, "setExactAndAllowWhileIdle", "", "", "Argument[3]", "pending-intents", "manual"] + - ["androidx.core.app", "NotificationManagerCompat", True, "notify", "(String,int,Notification)", "", "Argument[2]", "pending-intents", "manual"] + - ["androidx.core.app", "NotificationManagerCompat", True, "notify", "(int,Notification)", "", "Argument[1]", "pending-intents", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/androidx.slice.model.yml b/java/ql/lib/ext/androidx.slice.model.yml index 97481e886e5..1e4176e5d9a 100644 --- a/java/ql/lib/ext/androidx.slice.model.yml +++ b/java/ql/lib/ext/androidx.slice.model.yml @@ -12,5 +12,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["androidx.slice", "SliceProvider", True, "onBindSlice", "", "", "ReturnValue", "pending-intent-sent", "manual"] - - ["androidx.slice", "SliceProvider", True, "onCreatePermissionRequest", "", "", "ReturnValue", "pending-intent-sent", "manual"] + - ["androidx.slice", "SliceProvider", True, "onBindSlice", "", "", "ReturnValue", "pending-intents", "manual"] + - ["androidx.slice", "SliceProvider", True, "onCreatePermissionRequest", "", "", "ReturnValue", "pending-intents", "manual"] diff --git a/java/ql/lib/ext/com.alibaba.druid.sql.model.yml b/java/ql/lib/ext/com.alibaba.druid.sql.model.yml new file mode 100644 index 00000000000..952cd6e8f1b --- /dev/null +++ b/java/ql/lib/ext/com.alibaba.druid.sql.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: codeql/java-all + extensible: summaryModel + data: + - ["com.alibaba.druid.sql", "SQLUtils", False, "toMySqlString", "(SQLObject)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"] diff --git a/java/ql/lib/ext/com.fasterxml.jackson.databind.model.yml b/java/ql/lib/ext/com.fasterxml.jackson.databind.model.yml index 3768007ebe7..988820e84dd 100644 --- a/java/ql/lib/ext/com.fasterxml.jackson.databind.model.yml +++ b/java/ql/lib/ext/com.fasterxml.jackson.databind.model.yml @@ -9,3 +9,9 @@ extensions: - ["com.fasterxml.jackson.databind", "ObjectMapper", True, "valueToTree", "", "", "Argument[0].MapValue", "ReturnValue", "taint", "manual"] - ["com.fasterxml.jackson.databind", "ObjectMapper", True, "valueToTree", "", "", "Argument[0].MapValue.Element", "ReturnValue", "taint", "manual"] - ["com.fasterxml.jackson.databind", "ObjectReader", False, "createParser", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - addsTo: + pack: codeql/java-all + extensible: sinkModel + data: + - ["com.fasterxml.jackson.databind", "ObjectMapper", True, "readValue", "(File,Class)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["com.fasterxml.jackson.databind", "ObjectMapper", True, "writeValue", "(File,Object)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/com.google.common.flogger.model.yml b/java/ql/lib/ext/com.google.common.flogger.model.yml index b9a800b6210..23ae9236fd7 100644 --- a/java/ql/lib/ext/com.google.common.flogger.model.yml +++ b/java/ql/lib/ext/com.google.common.flogger.model.yml @@ -3,32 +3,32 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["com.google.common.flogger", "LoggingApi", True, "log", "", "", "Argument[0]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object)", "", "Argument[1]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object[])", "", "Argument[1..11]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,boolean)", "", "Argument[1]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,byte)", "", "Argument[1]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,char)", "", "Argument[1]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,double)", "", "Argument[1]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,float)", "", "Argument[1]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,int)", "", "Argument[1]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,long)", "", "Argument[1]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,short)", "", "Argument[1]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,boolean,Object)", "", "Argument[2]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,byte,Object)", "", "Argument[2]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,char,Object)", "", "Argument[2]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,double,Object)", "", "Argument[2]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,float,Object)", "", "Argument[2]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,int,Object)", "", "Argument[2]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,long,Object)", "", "Argument[2]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,short,Object)", "", "Argument[2]", "logging", "manual"] - - ["com.google.common.flogger", "LoggingApi", True, "logVarargs", "", "", "Argument[0..1]", "logging", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "", "", "Argument[0]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object[])", "", "Argument[1..11]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,boolean)", "", "Argument[1]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,byte)", "", "Argument[1]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,char)", "", "Argument[1]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,double)", "", "Argument[1]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,float)", "", "Argument[1]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,int)", "", "Argument[1]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,long)", "", "Argument[1]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,Object,short)", "", "Argument[1]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,boolean,Object)", "", "Argument[2]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,byte,Object)", "", "Argument[2]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,char,Object)", "", "Argument[2]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,double,Object)", "", "Argument[2]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,float,Object)", "", "Argument[2]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,int,Object)", "", "Argument[2]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,long,Object)", "", "Argument[2]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "log", "(String,short,Object)", "", "Argument[2]", "log-injection", "manual"] + - ["com.google.common.flogger", "LoggingApi", True, "logVarargs", "", "", "Argument[0..1]", "log-injection", "manual"] diff --git a/java/ql/lib/ext/com.google.common.io.model.yml b/java/ql/lib/ext/com.google.common.io.model.yml index 230b596ad29..9f3f3307462 100644 --- a/java/ql/lib/ext/com.google.common.io.model.yml +++ b/java/ql/lib/ext/com.google.common.io.model.yml @@ -3,14 +3,14 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["com.google.common.io", "Files", False, "asCharSink", "(File,Charset,FileWriteMode[])", "", "Argument[0]", "create-file", "ai-manual"] - - ["com.google.common.io", "Files", False, "asCharSource", "(File,Charset)", "", "Argument[0]", "read-file", "ai-manual"] - - ["com.google.common.io", "Files", False, "copy", "(File,OutputStream)", "", "Argument[0]", "read-file", "ai-manual"] - - ["com.google.common.io", "Files", False, "readLines", "(File,Charset)", "", "Argument[0]", "read-file", "ai-manual"] - - ["com.google.common.io", "Files", False, "toByteArray", "(File)", "", "Argument[0]", "read-file", "ai-manual"] - - ["com.google.common.io", "Files", False, "toString", "(File,Charset)", "", "Argument[0]", "read-file", "ai-manual"] - - ["com.google.common.io", "Files", False, "write", "(byte[],File)", "", "Argument[0]", "write-file", "ai-manual"] - - ["com.google.common.io", "Files", False, "write", "(byte[],File)", "", "Argument[1]", "create-file", "manual"] + - ["com.google.common.io", "Files", False, "asCharSink", "(File,Charset,FileWriteMode[])", "", "Argument[0]", "path-injection", "ai-manual"] + - ["com.google.common.io", "Files", False, "asCharSource", "(File,Charset)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["com.google.common.io", "Files", False, "copy", "(File,OutputStream)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["com.google.common.io", "Files", False, "readLines", "(File,Charset)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["com.google.common.io", "Files", False, "toByteArray", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["com.google.common.io", "Files", False, "toString", "(File,Charset)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["com.google.common.io", "Files", False, "write", "(byte[],File)", "", "Argument[0]", "file-content-store", "ai-manual"] + - ["com.google.common.io", "Files", False, "write", "(byte[],File)", "", "Argument[1]", "path-injection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/com.google.gson.model.yml b/java/ql/lib/ext/com.google.gson.model.yml new file mode 100644 index 00000000000..7b41b57083a --- /dev/null +++ b/java/ql/lib/ext/com.google.gson.model.yml @@ -0,0 +1,49 @@ +extensions: + - addsTo: + pack: codeql/java-all + extensible: summaryModel + data: + - ["com.google.gson", "Gson", False, "fromJson", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "Gson", False, "toJson", "(JsonElement)", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "Gson", False, "toJson", "(JsonElement,JsonWriter)", "", "Argument[0]", "Argument[1]", "taint", "manual"] + - ["com.google.gson", "Gson", False, "toJson", "(JsonElement,Appendable)", "", "Argument[0]", "Argument[1]", "taint", "manual"] + - ["com.google.gson", "Gson", False, "toJson", "(Object)", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "Gson", False, "toJson", "(Object,Appendable)", "", "Argument[0]", "Argument[1]", "taint", "manual"] + - ["com.google.gson", "Gson", False, "toJson", "(Object,Type)", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "Gson", False, "toJson", "(Object,Type,Appendable)", "", "Argument[0]", "Argument[2]", "taint", "manual"] + - ["com.google.gson", "Gson", False, "toJson", "(Object,Type,JsonWriter)", "", "Argument[0]", "Argument[2]", "taint", "manual"] + - ["com.google.gson", "Gson", False, "toJsonTree", "(Object)", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "Gson", False, "toJsonTree", "(Object,Type)", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "Gson", False, "toString", "()", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "Gson", False, "newJsonReader", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "Gson", False, "newJsonWriter", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["com.google.gson.stream", "JsonReader", False, "nextName", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["com.google.gson.stream", "JsonReader", False, "nextString", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "JsonElement", True, "getAsByte", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "JsonElement", True, "getAsCharacter", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "JsonElement", True, "getAsJsonArray", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "JsonElement", True, "getAsJsonObject", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "JsonElement", True, "getAsJsonPrimitive", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "JsonElement", True, "getAsString", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "JsonElement", True, "toString", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["com.google.gson", "JsonArray", True, "add", "(Boolean)", "", "Argument[0]", "Argument[this].Element", "taint", "manual"] + - ["com.google.gson", "JsonArray", True, "add", "(Character)", "", "Argument[0]", "Argument[this].Element", "taint", "manual"] + - ["com.google.gson", "JsonArray", True, "add", "(JsonElement)", "", "Argument[0]", "Argument[this].Element", "value", "manual"] + - ["com.google.gson", "JsonArray", True, "add", "(Number)", "", "Argument[0]", "Argument[this].Element", "taint", "manual"] + - ["com.google.gson", "JsonArray", True, "add", "(String)", "", "Argument[0]", "Argument[this].Element", "taint", "manual"] + - ["com.google.gson", "JsonArray", True, "addAll", "(JsonArray)", "", "Argument[0].Element", "Argument[this].Element", "value", "manual"] + - ["com.google.gson", "JsonArray", True, "asList", "", "", "Argument[this].Element", "ReturnValue.Element", "value", "manual"] + - ["com.google.gson", "JsonArray", True, "get", "", "", "Argument[this].Element", "ReturnValue", "value", "manual"] + - ["com.google.gson", "JsonArray", True, "set", "", "", "Argument[1]", "Argument[this].Element", "value", "manual"] + - ["com.google.gson", "JsonObject", True, "add", "", "", "Argument[0]", "Argument[this].MapKey", "value", "manual"] + - ["com.google.gson", "JsonObject", True, "add", "", "", "Argument[1]", "Argument[this].MapValue", "value", "manual"] + - ["com.google.gson", "JsonObject", True, "addProperty", "(String,String)", "", "Argument[0]", "Argument[this].MapKey", "value", "manual"] + - ["com.google.gson", "JsonObject", True, "addProperty", "(String,String)", "", "Argument[1]", "Argument[this].MapValue", "value", "manual"] + - ["com.google.gson", "JsonObject", True, "asMap", "", "", "Argument[this].MapKey", "ReturnValue.MapKey", "value", "manual"] + - ["com.google.gson", "JsonObject", True, "asMap", "", "", "Argument[this].MapValue", "ReturnValue.MapValue", "value", "manual"] + - ["com.google.gson", "JsonObject", True, "entrySet", "", "", "Argument[this].MapKey", "ReturnValue.Element.MapKey", "value", "manual"] + - ["com.google.gson", "JsonObject", True, "entrySet", "", "", "Argument[this].MapKey", "ReturnValue.Element.MapValue", "value", "manual"] + - ["com.google.gson", "JsonObject", True, "get", "", "", "Argument[this].MapValue", "ReturnValue", "value", "manual"] + - ["com.google.gson", "JsonObject", True, "keySet", "", "", "Argument[this].MapKey", "ReturnValue.Element", "value", "manual"] + - ["com.google.gson", "JsonPrimitive", True, "JsonPrimitive", "(Character)", "", "Argument[0]", "Argument[this]", "taint", "manual"] + - ["com.google.gson", "JsonPrimitive", True, "JsonPrimitive", "(String)", "", "Argument[0]", "Argument[this]", "taint", "manual"] diff --git a/java/ql/lib/ext/com.hubspot.jinjava.model.yml b/java/ql/lib/ext/com.hubspot.jinjava.model.yml index 2172da483f8..9c8866c9c14 100644 --- a/java/ql/lib/ext/com.hubspot.jinjava.model.yml +++ b/java/ql/lib/ext/com.hubspot.jinjava.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["com.hubspot.jinjava", "Jinjava", True, "render", "", "", "Argument[0]", "ssti", "manual"] - - ["com.hubspot.jinjava", "Jinjava", True, "renderForResult", "", "", "Argument[0]", "ssti", "manual"] + - ["com.hubspot.jinjava", "Jinjava", True, "render", "", "", "Argument[0]", "template-injection", "manual"] + - ["com.hubspot.jinjava", "Jinjava", True, "renderForResult", "", "", "Argument[0]", "template-injection", "manual"] diff --git a/java/ql/lib/ext/com.jcraft.jsch.model.yml b/java/ql/lib/ext/com.jcraft.jsch.model.yml new file mode 100644 index 00000000000..3d658630d56 --- /dev/null +++ b/java/ql/lib/ext/com.jcraft.jsch.model.yml @@ -0,0 +1,11 @@ +extensions: + - addsTo: + pack: codeql/java-all + extensible: sinkModel + data: + - ["com.jcraft.jsch", "JSch", True, "getSession", "(String,String,int)", "", "Argument[1]", "request-forgery", "ai-manual"] + - addsTo: + pack: codeql/java-all + extensible: summaryModel + data: + - ["com.jcraft.jsch", "ChannelSftp", True, "realpath", "(String)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"] diff --git a/java/ql/lib/ext/com.mitchellbosecke.pebble.model.yml b/java/ql/lib/ext/com.mitchellbosecke.pebble.model.yml index 74b227da1dd..72c466af08c 100644 --- a/java/ql/lib/ext/com.mitchellbosecke.pebble.model.yml +++ b/java/ql/lib/ext/com.mitchellbosecke.pebble.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["com.mitchellbosecke.pebble", "PebbleEngine", True, "getLiteralTemplate", "", "", "Argument[0]", "ssti", "manual"] - - ["com.mitchellbosecke.pebble", "PebbleEngine", True, "getTemplate", "", "", "Argument[0]", "ssti", "manual"] + - ["com.mitchellbosecke.pebble", "PebbleEngine", True, "getLiteralTemplate", "", "", "Argument[0]", "template-injection", "manual"] + - ["com.mitchellbosecke.pebble", "PebbleEngine", True, "getTemplate", "", "", "Argument[0]", "template-injection", "manual"] diff --git a/java/ql/lib/ext/com.thoughtworks.xstream.model.yml b/java/ql/lib/ext/com.thoughtworks.xstream.model.yml index d73cc27e729..c34bb91d42c 100644 --- a/java/ql/lib/ext/com.thoughtworks.xstream.model.yml +++ b/java/ql/lib/ext/com.thoughtworks.xstream.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["com.thoughtworks.xstream", "XStream", True, "fromXML", "(File)", "", "Argument[0]", "read-file", "ai-manual"] + - ["com.thoughtworks.xstream", "XStream", True, "fromXML", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/com.unboundid.ldap.sdk.model.yml b/java/ql/lib/ext/com.unboundid.ldap.sdk.model.yml index 57753bc31d0..d483d6d97e4 100644 --- a/java/ql/lib/ext/com.unboundid.ldap.sdk.model.yml +++ b/java/ql/lib/ext/com.unboundid.ldap.sdk.model.yml @@ -3,20 +3,20 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "asyncSearch", "", "", "Argument[0]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(ReadOnlySearchRequest)", "", "Argument[0]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(SearchRequest)", "", "Argument[0]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(SearchResultListener,String,SearchScope,DereferencePolicy,int,int,boolean,Filter,String[])", "", "Argument[0..7]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(SearchResultListener,String,SearchScope,DereferencePolicy,int,int,boolean,String,String[])", "", "Argument[0..7]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(SearchResultListener,String,SearchScope,Filter,String[])", "", "Argument[0..3]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(SearchResultListener,String,SearchScope,String,String[])", "", "Argument[0..3]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(String,SearchScope,DereferencePolicy,int,int,boolean,Filter,String[])", "", "Argument[0..6]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(String,SearchScope,DereferencePolicy,int,int,boolean,String,String[])", "", "Argument[0..6]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(String,SearchScope,Filter,String[])", "", "Argument[0..2]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(String,SearchScope,String,String[])", "", "Argument[0..2]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "searchForEntry", "(ReadOnlySearchRequest)", "", "Argument[0]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "searchForEntry", "(SearchRequest)", "", "Argument[0]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "searchForEntry", "(String,SearchScope,DereferencePolicy,int,boolean,Filter,String[])", "", "Argument[0..5]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "searchForEntry", "(String,SearchScope,DereferencePolicy,int,boolean,String,String[])", "", "Argument[0..5]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "searchForEntry", "(String,SearchScope,Filter,String[])", "", "Argument[0..2]", "ldap", "manual"] - - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "searchForEntry", "(String,SearchScope,String,String[])", "", "Argument[0..2]", "ldap", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "asyncSearch", "", "", "Argument[0]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(ReadOnlySearchRequest)", "", "Argument[0]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(SearchRequest)", "", "Argument[0]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(SearchResultListener,String,SearchScope,DereferencePolicy,int,int,boolean,Filter,String[])", "", "Argument[0..7]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(SearchResultListener,String,SearchScope,DereferencePolicy,int,int,boolean,String,String[])", "", "Argument[0..7]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(SearchResultListener,String,SearchScope,Filter,String[])", "", "Argument[0..3]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(SearchResultListener,String,SearchScope,String,String[])", "", "Argument[0..3]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(String,SearchScope,DereferencePolicy,int,int,boolean,Filter,String[])", "", "Argument[0..6]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(String,SearchScope,DereferencePolicy,int,int,boolean,String,String[])", "", "Argument[0..6]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(String,SearchScope,Filter,String[])", "", "Argument[0..2]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "search", "(String,SearchScope,String,String[])", "", "Argument[0..2]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "searchForEntry", "(ReadOnlySearchRequest)", "", "Argument[0]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "searchForEntry", "(SearchRequest)", "", "Argument[0]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "searchForEntry", "(String,SearchScope,DereferencePolicy,int,boolean,Filter,String[])", "", "Argument[0..5]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "searchForEntry", "(String,SearchScope,DereferencePolicy,int,boolean,String,String[])", "", "Argument[0..5]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "searchForEntry", "(String,SearchScope,Filter,String[])", "", "Argument[0..2]", "ldap-injection", "manual"] + - ["com.unboundid.ldap.sdk", "LDAPConnection", False, "searchForEntry", "(String,SearchScope,String,String[])", "", "Argument[0..2]", "ldap-injection", "manual"] diff --git a/java/ql/lib/ext/com.zaxxer.hikari.model.yml b/java/ql/lib/ext/com.zaxxer.hikari.model.yml index 5fcab32cc7e..5c048e7c3c0 100644 --- a/java/ql/lib/ext/com.zaxxer.hikari.model.yml +++ b/java/ql/lib/ext/com.zaxxer.hikari.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["com.zaxxer.hikari", "HikariConfig", False, "HikariConfig", "(Properties)", "", "Argument[0]", "jdbc-url", "manual"] - - ["com.zaxxer.hikari", "HikariConfig", False, "setJdbcUrl", "(String)", "", "Argument[0]", "jdbc-url", "manual"] + - ["com.zaxxer.hikari", "HikariConfig", False, "HikariConfig", "(Properties)", "", "Argument[0]", "request-forgery", "manual"] + - ["com.zaxxer.hikari", "HikariConfig", False, "setJdbcUrl", "(String)", "", "Argument[0]", "request-forgery", "manual"] diff --git a/java/ql/lib/ext/freemarker.cache.model.yml b/java/ql/lib/ext/freemarker.cache.model.yml index b65e6386ad6..b09961f0686 100644 --- a/java/ql/lib/ext/freemarker.cache.model.yml +++ b/java/ql/lib/ext/freemarker.cache.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["freemarker.cache", "StringTemplateLoader", True, "putTemplate", "", "", "Argument[1]", "ssti", "manual"] + - ["freemarker.cache", "StringTemplateLoader", True, "putTemplate", "", "", "Argument[1]", "template-injection", "manual"] diff --git a/java/ql/lib/ext/freemarker.template.model.yml b/java/ql/lib/ext/freemarker.template.model.yml index 96087a2b9ba..afc9579719d 100644 --- a/java/ql/lib/ext/freemarker.template.model.yml +++ b/java/ql/lib/ext/freemarker.template.model.yml @@ -3,10 +3,10 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["freemarker.template", "Template", True, "Template", "(String,Reader)", "", "Argument[1]", "ssti", "manual"] - - ["freemarker.template", "Template", True, "Template", "(String,Reader,Configuration)", "", "Argument[1]", "ssti", "manual"] - - ["freemarker.template", "Template", True, "Template", "(String,Reader,Configuration,String)", "", "Argument[1]", "ssti", "manual"] - - ["freemarker.template", "Template", True, "Template", "(String,String,Configuration)", "", "Argument[1]", "ssti", "manual"] - - ["freemarker.template", "Template", True, "Template", "(String,String,Reader,Configuration)", "", "Argument[2]", "ssti", "manual"] - - ["freemarker.template", "Template", True, "Template", "(String,String,Reader,Configuration,ParserConfiguration,String)", "", "Argument[2]", "ssti", "manual"] - - ["freemarker.template", "Template", True, "Template", "(String,String,Reader,Configuration,String)", "", "Argument[2]", "ssti", "manual"] + - ["freemarker.template", "Template", True, "Template", "(String,Reader)", "", "Argument[1]", "template-injection", "manual"] + - ["freemarker.template", "Template", True, "Template", "(String,Reader,Configuration)", "", "Argument[1]", "template-injection", "manual"] + - ["freemarker.template", "Template", True, "Template", "(String,Reader,Configuration,String)", "", "Argument[1]", "template-injection", "manual"] + - ["freemarker.template", "Template", True, "Template", "(String,String,Configuration)", "", "Argument[1]", "template-injection", "manual"] + - ["freemarker.template", "Template", True, "Template", "(String,String,Reader,Configuration)", "", "Argument[2]", "template-injection", "manual"] + - ["freemarker.template", "Template", True, "Template", "(String,String,Reader,Configuration,ParserConfiguration,String)", "", "Argument[2]", "template-injection", "manual"] + - ["freemarker.template", "Template", True, "Template", "(String,String,Reader,Configuration,String)", "", "Argument[2]", "template-injection", "manual"] diff --git a/java/ql/lib/ext/generated/kotlinstdlib.model.yml b/java/ql/lib/ext/generated/kotlinstdlib.model.yml index bc296146214..a4f310b20b9 100644 --- a/java/ql/lib/ext/generated/kotlinstdlib.model.yml +++ b/java/ql/lib/ext/generated/kotlinstdlib.model.yml @@ -6,18 +6,18 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["kotlin.io", "FilesKt", false, "appendBytes", "(File,byte[])", "", "Argument[0]", "create-file", "df-generated"] - - ["kotlin.io", "FilesKt", false, "appendText", "(File,String,Charset)", "", "Argument[0]", "create-file", "df-generated"] - - ["kotlin.io", "FilesKt", false, "bufferedWriter", "(File,Charset,int)", "", "Argument[0]", "create-file", "df-generated"] - - ["kotlin.io", "FilesKt", false, "copyRecursively", "(File,File,boolean,Function2)", "", "Argument[1]", "create-file", "df-generated"] - - ["kotlin.io", "FilesKt", false, "copyTo", "(File,File,boolean,int)", "", "Argument[1]", "create-file", "df-generated"] - - ["kotlin.io", "FilesKt", false, "outputStream", "(File)", "", "Argument[0]", "create-file", "df-generated"] - - ["kotlin.io", "FilesKt", false, "printWriter", "(File,Charset)", "", "Argument[0]", "create-file", "df-generated"] - - ["kotlin.io", "FilesKt", false, "writeBytes", "(File,byte[])", "", "Argument[0]", "create-file", "df-generated"] - - ["kotlin.io", "FilesKt", false, "writeText", "(File,String,Charset)", "", "Argument[0]", "create-file", "df-generated"] - - ["kotlin.io", "FilesKt", false, "writer", "(File,Charset)", "", "Argument[0]", "create-file", "df-generated"] - - ["kotlin.io", "TextStreamsKt", false, "readBytes", "(URL)", "", "Argument[0]", "open-url", "df-generated"] - - ["kotlin.io", "TextStreamsKt", false, "readText", "(URL,Charset)", "", "Argument[0]", "open-url", "df-generated"] + - ["kotlin.io", "FilesKt", false, "appendBytes", "(File,byte[])", "", "Argument[0]", "path-injection", "df-generated"] + - ["kotlin.io", "FilesKt", false, "appendText", "(File,String,Charset)", "", "Argument[0]", "path-injection", "df-generated"] + - ["kotlin.io", "FilesKt", false, "bufferedWriter", "(File,Charset,int)", "", "Argument[0]", "path-injection", "df-generated"] + - ["kotlin.io", "FilesKt", false, "copyRecursively", "(File,File,boolean,Function2)", "", "Argument[1]", "path-injection", "df-generated"] + - ["kotlin.io", "FilesKt", false, "copyTo", "(File,File,boolean,int)", "", "Argument[1]", "path-injection", "df-generated"] + - ["kotlin.io", "FilesKt", false, "outputStream", "(File)", "", "Argument[0]", "path-injection", "df-generated"] + - ["kotlin.io", "FilesKt", false, "printWriter", "(File,Charset)", "", "Argument[0]", "path-injection", "df-generated"] + - ["kotlin.io", "FilesKt", false, "writeBytes", "(File,byte[])", "", "Argument[0]", "path-injection", "df-generated"] + - ["kotlin.io", "FilesKt", false, "writeText", "(File,String,Charset)", "", "Argument[0]", "path-injection", "df-generated"] + - ["kotlin.io", "FilesKt", false, "writer", "(File,Charset)", "", "Argument[0]", "path-injection", "df-generated"] + - ["kotlin.io", "TextStreamsKt", false, "readBytes", "(URL)", "", "Argument[0]", "request-forgery", "df-generated"] + - ["kotlin.io", "TextStreamsKt", false, "readText", "(URL,Charset)", "", "Argument[0]", "request-forgery", "df-generated"] - addsTo: diff --git a/java/ql/lib/ext/generated/org.apache.commons.io.model.yml b/java/ql/lib/ext/generated/org.apache.commons.io.model.yml index 3a40daa82ec..c220b8c82eb 100644 --- a/java/ql/lib/ext/generated/org.apache.commons.io.model.yml +++ b/java/ql/lib/ext/generated/org.apache.commons.io.model.yml @@ -6,112 +6,112 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.commons.io.file", "PathFilter", true, "accept", "(Path,BasicFileAttributes)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.file", "PathUtils", false, "copyFile", "(URL,Path,CopyOption[])", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io.file", "PathUtils", false, "copyFile", "(URL,Path,CopyOption[])", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io.file", "PathUtils", false, "copyFileToDirectory", "(Path,Path,CopyOption[])", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io.file", "PathUtils", false, "copyFileToDirectory", "(URL,Path,CopyOption[])", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io.file", "PathUtils", false, "copyFileToDirectory", "(URL,Path,CopyOption[])", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io.file", "PathUtils", false, "newOutputStream", "(Path,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.file", "PathUtils", false, "writeString", "(Path,CharSequence,Charset,OpenOption[])", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.filefilter", "FileFilterUtils", true, "filter", "(IOFileFilter,File[])", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io.filefilter", "FileFilterUtils", true, "filterList", "(IOFileFilter,File[])", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io.filefilter", "FileFilterUtils", true, "filterSet", "(IOFileFilter,File[])", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io.input", "Tailer$Tailable", true, "getRandomAccess", "(String)", "", "Argument[this]", "create-file", "df-generated"] - - ["org.apache.commons.io.input", "XmlStreamReader", true, "XmlStreamReader", "(URL)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io.output", "DeferredFileOutputStream", true, "writeTo", "(OutputStream)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(File,Charset)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(File,Charset,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(File,CharsetEncoder)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(File,CharsetEncoder,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(File,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(File,String,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(String,Charset)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(String,Charset,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(String,CharsetEncoder)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(String,CharsetEncoder,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(String,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(String,String,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File,Charset)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File,Charset,boolean,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File,String,boolean,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File,boolean,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(String,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(String,boolean,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "XmlStreamWriter", true, "XmlStreamWriter", "(File)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io.output", "XmlStreamWriter", true, "XmlStreamWriter", "(File,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyDirectory", "(File,File)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyDirectory", "(File,File,FileFilter)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyDirectory", "(File,File,FileFilter,boolean)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyDirectory", "(File,File,FileFilter,boolean,CopyOption[])", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyDirectory", "(File,File,boolean)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyDirectoryToDirectory", "(File,File)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyFile", "(File,File)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyFile", "(File,File,CopyOption[])", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyFile", "(File,File,boolean)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyFile", "(File,File,boolean,CopyOption[])", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyFileToDirectory", "(File,File)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyFileToDirectory", "(File,File,boolean)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyInputStreamToFile", "(InputStream,File)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyToDirectory", "(File,File)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyToDirectory", "(Iterable,File)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyToFile", "(InputStream,File)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyURLToFile", "(URL,File)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyURLToFile", "(URL,File)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyURLToFile", "(URL,File,int,int)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "copyURLToFile", "(URL,File,int,int)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "moveDirectory", "(File,File)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "moveDirectoryToDirectory", "(File,File,boolean)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "moveFile", "(File,File)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "moveFile", "(File,File,CopyOption[])", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "moveFileToDirectory", "(File,File,boolean)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "moveToDirectory", "(File,File,boolean)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "newOutputStream", "(File,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "openOutputStream", "(File)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "openOutputStream", "(File,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "touch", "(File)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "write", "(File,CharSequence)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "write", "(File,CharSequence,Charset)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "write", "(File,CharSequence,Charset,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "write", "(File,CharSequence,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "write", "(File,CharSequence,String,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "write", "(File,CharSequence,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeByteArrayToFile", "(File,byte[])", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeByteArrayToFile", "(File,byte[],boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeByteArrayToFile", "(File,byte[],int,int)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeByteArrayToFile", "(File,byte[],int,int,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,Collection)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,Collection,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,Collection,String,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,Collection,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,String,Collection)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,String,Collection,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,String,Collection,String,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,String,Collection,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String,Charset)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String,Charset,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String,String)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String,String,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String,boolean)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "IOUtils", true, "copy", "(URL,File)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io", "IOUtils", true, "copy", "(URL,File)", "", "Argument[1]", "create-file", "df-generated"] - - ["org.apache.commons.io", "IOUtils", true, "copy", "(URL,OutputStream)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io", "IOUtils", true, "toByteArray", "(URI)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io", "IOUtils", true, "toByteArray", "(URL)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io", "IOUtils", true, "toString", "(URI)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io", "IOUtils", true, "toString", "(URI,Charset)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io", "IOUtils", true, "toString", "(URI,String)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io", "IOUtils", true, "toString", "(URL)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io", "IOUtils", true, "toString", "(URL,Charset)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io", "IOUtils", true, "toString", "(URL,String)", "", "Argument[0]", "open-url", "df-generated"] - - ["org.apache.commons.io", "RandomAccessFileMode", false, "create", "(File)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "RandomAccessFileMode", false, "create", "(Path)", "", "Argument[0]", "create-file", "df-generated"] - - ["org.apache.commons.io", "RandomAccessFileMode", false, "create", "(String)", "", "Argument[0]", "create-file", "df-generated"] + - ["org.apache.commons.io.file", "PathFilter", true, "accept", "(Path,BasicFileAttributes)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.file", "PathUtils", false, "copyFile", "(URL,Path,CopyOption[])", "", "Argument[0]", "request-forgery", "df-generated"] + - ["org.apache.commons.io.file", "PathUtils", false, "copyFile", "(URL,Path,CopyOption[])", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io.file", "PathUtils", false, "copyFileToDirectory", "(Path,Path,CopyOption[])", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io.file", "PathUtils", false, "copyFileToDirectory", "(URL,Path,CopyOption[])", "", "Argument[0]", "request-forgery", "df-generated"] + - ["org.apache.commons.io.file", "PathUtils", false, "copyFileToDirectory", "(URL,Path,CopyOption[])", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io.file", "PathUtils", false, "newOutputStream", "(Path,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.file", "PathUtils", false, "writeString", "(Path,CharSequence,Charset,OpenOption[])", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.filefilter", "FileFilterUtils", true, "filter", "(IOFileFilter,File[])", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io.filefilter", "FileFilterUtils", true, "filterList", "(IOFileFilter,File[])", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io.filefilter", "FileFilterUtils", true, "filterSet", "(IOFileFilter,File[])", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io.input", "Tailer$Tailable", true, "getRandomAccess", "(String)", "", "Argument[this]", "path-injection", "df-generated"] + - ["org.apache.commons.io.input", "XmlStreamReader", true, "XmlStreamReader", "(URL)", "", "Argument[0]", "request-forgery", "df-generated"] + - ["org.apache.commons.io.output", "DeferredFileOutputStream", true, "writeTo", "(OutputStream)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(File,Charset)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(File,Charset,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(File,CharsetEncoder)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(File,CharsetEncoder,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(File,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(File,String,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(String,Charset)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(String,Charset,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(String,CharsetEncoder)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(String,CharsetEncoder,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(String,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "FileWriterWithEncoding", true, "FileWriterWithEncoding", "(String,String,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File,Charset)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File,Charset,boolean,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File,String,boolean,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(File,boolean,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(String,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "LockableFileWriter", true, "LockableFileWriter", "(String,boolean,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "XmlStreamWriter", true, "XmlStreamWriter", "(File)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io.output", "XmlStreamWriter", true, "XmlStreamWriter", "(File,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyDirectory", "(File,File)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyDirectory", "(File,File,FileFilter)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyDirectory", "(File,File,FileFilter,boolean)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyDirectory", "(File,File,FileFilter,boolean,CopyOption[])", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyDirectory", "(File,File,boolean)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyDirectoryToDirectory", "(File,File)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyFile", "(File,File)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyFile", "(File,File,CopyOption[])", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyFile", "(File,File,boolean)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyFile", "(File,File,boolean,CopyOption[])", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyFileToDirectory", "(File,File)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyFileToDirectory", "(File,File,boolean)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyInputStreamToFile", "(InputStream,File)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyToDirectory", "(File,File)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyToDirectory", "(Iterable,File)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyToFile", "(InputStream,File)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyURLToFile", "(URL,File)", "", "Argument[0]", "request-forgery", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyURLToFile", "(URL,File)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyURLToFile", "(URL,File,int,int)", "", "Argument[0]", "request-forgery", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "copyURLToFile", "(URL,File,int,int)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "moveDirectory", "(File,File)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "moveDirectoryToDirectory", "(File,File,boolean)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "moveFile", "(File,File)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "moveFile", "(File,File,CopyOption[])", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "moveFileToDirectory", "(File,File,boolean)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "moveToDirectory", "(File,File,boolean)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "newOutputStream", "(File,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "openOutputStream", "(File)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "openOutputStream", "(File,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "touch", "(File)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "write", "(File,CharSequence)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "write", "(File,CharSequence,Charset)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "write", "(File,CharSequence,Charset,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "write", "(File,CharSequence,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "write", "(File,CharSequence,String,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "write", "(File,CharSequence,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeByteArrayToFile", "(File,byte[])", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeByteArrayToFile", "(File,byte[],boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeByteArrayToFile", "(File,byte[],int,int)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeByteArrayToFile", "(File,byte[],int,int,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,Collection)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,Collection,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,Collection,String,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,Collection,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,String,Collection)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,String,Collection,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,String,Collection,String,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeLines", "(File,String,Collection,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String,Charset)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String,Charset,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String,String)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String,String,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "FileUtils", true, "writeStringToFile", "(File,String,boolean)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "IOUtils", true, "copy", "(URL,File)", "", "Argument[0]", "request-forgery", "df-generated"] + - ["org.apache.commons.io", "IOUtils", true, "copy", "(URL,File)", "", "Argument[1]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "IOUtils", true, "copy", "(URL,OutputStream)", "", "Argument[0]", "request-forgery", "df-generated"] + - ["org.apache.commons.io", "IOUtils", true, "toByteArray", "(URI)", "", "Argument[0]", "request-forgery", "df-generated"] + - ["org.apache.commons.io", "IOUtils", true, "toByteArray", "(URL)", "", "Argument[0]", "request-forgery", "df-generated"] + - ["org.apache.commons.io", "IOUtils", true, "toString", "(URI)", "", "Argument[0]", "request-forgery", "df-generated"] + - ["org.apache.commons.io", "IOUtils", true, "toString", "(URI,Charset)", "", "Argument[0]", "request-forgery", "df-generated"] + - ["org.apache.commons.io", "IOUtils", true, "toString", "(URI,String)", "", "Argument[0]", "request-forgery", "df-generated"] + - ["org.apache.commons.io", "IOUtils", true, "toString", "(URL)", "", "Argument[0]", "request-forgery", "df-generated"] + - ["org.apache.commons.io", "IOUtils", true, "toString", "(URL,Charset)", "", "Argument[0]", "request-forgery", "df-generated"] + - ["org.apache.commons.io", "IOUtils", true, "toString", "(URL,String)", "", "Argument[0]", "request-forgery", "df-generated"] + - ["org.apache.commons.io", "RandomAccessFileMode", false, "create", "(File)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "RandomAccessFileMode", false, "create", "(Path)", "", "Argument[0]", "path-injection", "df-generated"] + - ["org.apache.commons.io", "RandomAccessFileMode", false, "create", "(String)", "", "Argument[0]", "path-injection", "df-generated"] - addsTo: @@ -1428,5 +1428,3 @@ extensions: - ["org.apache.commons.io", "UncheckedIOExceptions", "UncheckedIOExceptions", "()", "summary", "df-generated"] - ["org.apache.commons.io", "UncheckedIOExceptions", "create", "(Object)", "summary", "df-generated"] - ["org.apache.commons.io", "UncheckedIOExceptions", "wrap", "(IOException,Object)", "summary", "df-generated"] - - \ No newline at end of file diff --git a/java/ql/lib/ext/groovy.lang.model.yml b/java/ql/lib/ext/groovy.lang.model.yml index 1c775bdd2e5..7c6ac81d1ab 100644 --- a/java/ql/lib/ext/groovy.lang.model.yml +++ b/java/ql/lib/ext/groovy.lang.model.yml @@ -3,29 +3,30 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["groovy.lang", "GroovyClassLoader", False, "parseClass", "(GroovyCodeSource)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyClassLoader", False, "parseClass", "(GroovyCodeSource,boolean)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyClassLoader", False, "parseClass", "(InputStream,String)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyClassLoader", False, "parseClass", "(Reader,String)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyClassLoader", False, "parseClass", "(String)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyClassLoader", False, "parseClass", "(String,String)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "evaluate", "(GroovyCodeSource)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "evaluate", "(Reader)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "evaluate", "(Reader,String)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "evaluate", "(String)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "evaluate", "(String,String)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "evaluate", "(String,String,String)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "evaluate", "(URI)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "parse", "(Reader)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "parse", "(Reader,String)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "parse", "(String)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "parse", "(String,String)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "parse", "(URI)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "run", "(GroovyCodeSource,List)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "run", "(GroovyCodeSource,String[])", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "run", "(Reader,String,List)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "run", "(Reader,String,String[])", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "run", "(String,String,List)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "run", "(String,String,String[])", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "run", "(URI,List)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.lang", "GroovyShell", False, "run", "(URI,String[])", "", "Argument[0]", "groovy", "manual"] + - ["groovy.lang", "GroovyClassLoader", False, "parseClass", "(GroovyCodeSource)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyClassLoader", False, "parseClass", "(GroovyCodeSource,boolean)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyClassLoader", False, "parseClass", "(InputStream,String)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyClassLoader", False, "parseClass", "(Reader,String)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyClassLoader", False, "parseClass", "(String)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyClassLoader", False, "parseClass", "(String,String)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "evaluate", "(GroovyCodeSource)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "evaluate", "(Reader)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "evaluate", "(Reader,String)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "evaluate", "(String)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "evaluate", "(String,String)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "evaluate", "(String,String,String)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "evaluate", "(URI)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "parse", "(Reader)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "parse", "(Reader,String)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "parse", "(String)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "parse", "(String,String)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "parse", "(URI)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "run", "(GroovyCodeSource,List)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "run", "(GroovyCodeSource,String[])", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "run", "(Reader,String,List)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "run", "(Reader,String,String[])", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "run", "(String,String,List)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "run", "(String,String,String[])", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "run", "(URI,List)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.lang", "GroovyShell", False, "run", "(URI,String[])", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.text", "TemplateEngine", True, "createTemplate", "", "", "Argument[0]", "groovy-injection", "manual"] diff --git a/java/ql/lib/ext/groovy.util.model.yml b/java/ql/lib/ext/groovy.util.model.yml index 61d1dbb6a05..f0a979e2ce8 100644 --- a/java/ql/lib/ext/groovy.util.model.yml +++ b/java/ql/lib/ext/groovy.util.model.yml @@ -3,8 +3,8 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["groovy.util", "Eval", False, "me", "(String)", "", "Argument[0]", "groovy", "manual"] - - ["groovy.util", "Eval", False, "me", "(String,Object,String)", "", "Argument[2]", "groovy", "manual"] - - ["groovy.util", "Eval", False, "x", "(Object,String)", "", "Argument[1]", "groovy", "manual"] - - ["groovy.util", "Eval", False, "xy", "(Object,Object,String)", "", "Argument[2]", "groovy", "manual"] - - ["groovy.util", "Eval", False, "xyz", "(Object,Object,Object,String)", "", "Argument[3]", "groovy", "manual"] + - ["groovy.util", "Eval", False, "me", "(String)", "", "Argument[0]", "groovy-injection", "manual"] + - ["groovy.util", "Eval", False, "me", "(String,Object,String)", "", "Argument[2]", "groovy-injection", "manual"] + - ["groovy.util", "Eval", False, "x", "(Object,String)", "", "Argument[1]", "groovy-injection", "manual"] + - ["groovy.util", "Eval", False, "xy", "(Object,Object,String)", "", "Argument[2]", "groovy-injection", "manual"] + - ["groovy.util", "Eval", False, "xyz", "(Object,Object,Object,String)", "", "Argument[3]", "groovy-injection", "manual"] diff --git a/java/ql/lib/ext/hudson.cli.model.yml b/java/ql/lib/ext/hudson.cli.model.yml index b0d3d3a19ff..6b962143625 100644 --- a/java/ql/lib/ext/hudson.cli.model.yml +++ b/java/ql/lib/ext/hudson.cli.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["hudson.cli", "FullDuplexHttpStream", True, "FullDuplexHttpStream", "(URL,String,String)", "", "Argument[0]", "open-url", "ai-manual"] - - ["hudson.cli", "FullDuplexHttpStream", True, "FullDuplexHttpStream", "(URL,String,String)", "", "Argument[1]", "open-url", "manual"] + - ["hudson.cli", "FullDuplexHttpStream", True, "FullDuplexHttpStream", "(URL,String,String)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["hudson.cli", "FullDuplexHttpStream", True, "FullDuplexHttpStream", "(URL,String,String)", "", "Argument[1]", "request-forgery", "manual"] diff --git a/java/ql/lib/ext/hudson.lifecycle.model.yml b/java/ql/lib/ext/hudson.lifecycle.model.yml index be8c5fe843a..fde691fe175 100644 --- a/java/ql/lib/ext/hudson.lifecycle.model.yml +++ b/java/ql/lib/ext/hudson.lifecycle.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["hudson.lifecycle", "Lifecycle", True, "rewriteHudsonWar", "(File)", "", "Argument[0]", "create-file", "ai-manual"] + - ["hudson.lifecycle", "Lifecycle", True, "rewriteHudsonWar", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/hudson.model.model.yml b/java/ql/lib/ext/hudson.model.model.yml index 04701194c06..023265b2c3d 100644 --- a/java/ql/lib/ext/hudson.model.model.yml +++ b/java/ql/lib/ext/hudson.model.model.yml @@ -3,13 +3,13 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["hudson.model", "DownloadService", True, "loadJSON", "(URL)", "", "Argument[0]", "open-url", "ai-manual"] - - ["hudson.model", "DownloadService", True, "loadJSONHTML", "(URL)", "", "Argument[0]", "open-url", "ai-manual"] - - ["hudson.model", "DirectoryBrowserSupport", False, "DirectoryBrowserSupport", "(ModelObject,FilePath,String,String,boolean)", "", "Argument[1]", "read-file", "ai-manual"] - - ["hudson.model", "Items", True, "load", "(ItemGroup,File)", "", "Argument[1]", "read-file", "ai-manual"] - - ["hudson.model", "UpdateCenter$UpdateCenterConfiguration", True, "download", "(DownloadJob,URL)", "", "Argument[1]", "open-url", "ai-manual"] - - ["hudson.model", "UpdateCenter$UpdateCenterConfiguration", True, "install", "(DownloadJob,File,File)", "", "Argument[1]", "create-file", "ai-manual"] # should be delete-file - - ["hudson.model", "UpdateCenter$UpdateCenterConfiguration", True, "install", "(DownloadJob,File,File)", "", "Argument[2]", "create-file", "ai-manual"] + - ["hudson.model", "DownloadService", True, "loadJSON", "(URL)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["hudson.model", "DownloadService", True, "loadJSONHTML", "(URL)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["hudson.model", "DirectoryBrowserSupport", False, "DirectoryBrowserSupport", "(ModelObject,FilePath,String,String,boolean)", "", "Argument[1]", "path-injection", "ai-manual"] + - ["hudson.model", "Items", True, "load", "(ItemGroup,File)", "", "Argument[1]", "path-injection", "ai-manual"] + - ["hudson.model", "UpdateCenter$UpdateCenterConfiguration", True, "download", "(DownloadJob,URL)", "", "Argument[1]", "request-forgery", "ai-manual"] + - ["hudson.model", "UpdateCenter$UpdateCenterConfiguration", True, "install", "(DownloadJob,File,File)", "", "Argument[1]", "path-injection", "ai-manual"] + - ["hudson.model", "UpdateCenter$UpdateCenterConfiguration", True, "install", "(DownloadJob,File,File)", "", "Argument[2]", "path-injection", "ai-manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/hudson.model.yml b/java/ql/lib/ext/hudson.model.yml index 8fa6a8c0653..5ba20fce0c6 100644 --- a/java/ql/lib/ext/hudson.model.yml +++ b/java/ql/lib/ext/hudson.model.yml @@ -3,17 +3,17 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["hudson", "FilePath", False, "copyFrom", "(FilePath)", "", "Argument[0]", "read-file", "manual"] - - ["hudson", "FilePath", False, "copyFrom", "(URL)", "", "Argument[0]", "read-file", "manual"] - - ["hudson", "FilePath", False, "copyFrom", "(FileItem)", "", "Argument[0]", "read-file", "ai-manual"] - - ["hudson", "FilePath", False, "copyRecursiveTo", "(DirScanner,FilePath,String,TarCompression)", "", "Argument[1]", "create-file", "ai-manual"] - - ["hudson", "FilePath", False, "copyRecursiveTo", "(DirScanner,FilePath,String)", "", "Argument[1]", "write-file", "ai-manual"] - - ["hudson", "FilePath", False, "copyRecursiveTo", "(String,FilePath)", "", "Argument[1]", "create-file", "ai-manual"] - - ["hudson", "FilePath", False, "copyRecursiveTo", "(String,String,FilePath)", "", "Argument[0]", "read-file", "ai-manual"] - - ["hudson", "FilePath", False, "copyRecursiveTo", "(String,String,FilePath)", "", "Argument[2]", "create-file", "ai-manual"] - - ["hudson", "FilePath", False, "copyTo", "(FilePath)", "", "Argument[0]", "create-file", "ai-manual"] - - ["hudson", "FilePath", False, "installIfNecessaryFrom", "(URL,TaskListener,String)", "", "Argument[0]", "open-url", "ai-manual"] - - ["hudson", "FilePath", False, "newInputStreamDenyingSymlinkAsNeeded", "(File,String,boolean)", "", "Argument[0]", "read-file", "ai-manual"] + - ["hudson", "FilePath", False, "copyFrom", "(FilePath)", "", "Argument[0]", "path-injection", "manual"] + - ["hudson", "FilePath", False, "copyFrom", "(URL)", "", "Argument[0]", "path-injection", "manual"] + - ["hudson", "FilePath", False, "copyFrom", "(FileItem)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["hudson", "FilePath", False, "copyRecursiveTo", "(DirScanner,FilePath,String,TarCompression)", "", "Argument[1]", "path-injection", "ai-manual"] + - ["hudson", "FilePath", False, "copyRecursiveTo", "(DirScanner,FilePath,String)", "", "Argument[1]", "file-content-store", "ai-manual"] + - ["hudson", "FilePath", False, "copyRecursiveTo", "(String,FilePath)", "", "Argument[1]", "path-injection", "ai-manual"] + - ["hudson", "FilePath", False, "copyRecursiveTo", "(String,String,FilePath)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["hudson", "FilePath", False, "copyRecursiveTo", "(String,String,FilePath)", "", "Argument[2]", "path-injection", "ai-manual"] + - ["hudson", "FilePath", False, "copyTo", "(FilePath)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["hudson", "FilePath", False, "installIfNecessaryFrom", "(URL,TaskListener,String)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["hudson", "FilePath", False, "newInputStreamDenyingSymlinkAsNeeded", "(File,String,boolean)", "", "Argument[0]", "path-injection", "ai-manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/hudson.scm.model.yml b/java/ql/lib/ext/hudson.scm.model.yml index f37c3442532..dc6e0bfa5bb 100644 --- a/java/ql/lib/ext/hudson.scm.model.yml +++ b/java/ql/lib/ext/hudson.scm.model.yml @@ -3,11 +3,11 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["hudson.scm", "ChangeLogParser", True, "parse", "(AbstractBuild,File)", "", "Argument[1]", "read-file", "ai-manual"] - - ["hudson.scm", "ChangeLogParser", True, "parse", "(Run,RepositoryBrowser,File)", "", "Argument[2]", "read-file", "ai-manual"] - - ["hudson.scm", "SCM", True, "checkout", "(AbstractBuild,Launcher,FilePath,BuildListener,File)", "", "Argument[2]", "create-file", "ai-manual"] - - ["hudson.scm", "SCM", True, "checkout", "(Run,Launcher,FilePath,TaskListener,File,SCMRevisionState)", "", "Argument[2]", "create-file", "ai-manual"] - - ["hudson.scm", "SCM", True, "compareRemoteRevisionWith", "(Job,Launcher,FilePath,TaskListener,SCMRevisionState)", "", "Argument[2]", "read-file", "ai-manual"] + - ["hudson.scm", "ChangeLogParser", True, "parse", "(AbstractBuild,File)", "", "Argument[1]", "path-injection", "ai-manual"] + - ["hudson.scm", "ChangeLogParser", True, "parse", "(Run,RepositoryBrowser,File)", "", "Argument[2]", "path-injection", "ai-manual"] + - ["hudson.scm", "SCM", True, "checkout", "(AbstractBuild,Launcher,FilePath,BuildListener,File)", "", "Argument[2]", "path-injection", "ai-manual"] + - ["hudson.scm", "SCM", True, "checkout", "(Run,Launcher,FilePath,TaskListener,File,SCMRevisionState)", "", "Argument[2]", "path-injection", "ai-manual"] + - ["hudson.scm", "SCM", True, "compareRemoteRevisionWith", "(Job,Launcher,FilePath,TaskListener,SCMRevisionState)", "", "Argument[2]", "path-injection", "ai-manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/hudson.util.io.model.yml b/java/ql/lib/ext/hudson.util.io.model.yml index 65e0f3efb27..3d29b93e20c 100644 --- a/java/ql/lib/ext/hudson.util.io.model.yml +++ b/java/ql/lib/ext/hudson.util.io.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["hudson.util.io", "ReopenableFileOutputStream", True, "ReopenableFileOutputStream", "(File)", "", "Argument[0]", "create-file", "ai-manual"] - - ["hudson.util.io", "RewindableFileOutputStream", True, "RewindableFileOutputStream", "(File)", "", "Argument[0]", "create-file", "ai-manual"] + - ["hudson.util.io", "ReopenableFileOutputStream", True, "ReopenableFileOutputStream", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["hudson.util.io", "RewindableFileOutputStream", True, "RewindableFileOutputStream", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/hudson.util.jna.model.yml b/java/ql/lib/ext/hudson.util.jna.model.yml index c67d645f950..c840d0f4725 100644 --- a/java/ql/lib/ext/hudson.util.jna.model.yml +++ b/java/ql/lib/ext/hudson.util.jna.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["hudson.util.jna", "GNUCLibrary", True, "open", "(String,int)", "", "Argument[0]", "read-file", "ai-manual"] - - ["hudson.util.jna", "Kernel32", True, "MoveFileExA", "(String,String,int)", "", "Argument[0]", "create-file", "ai-manual"] # should be delete-file - - ["hudson.util.jna", "Kernel32", True, "MoveFileExA", "(String,String,int)", "", "Argument[1]", "create-file", "ai-manual"] + - ["hudson.util.jna", "GNUCLibrary", True, "open", "(String,int)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["hudson.util.jna", "Kernel32", True, "MoveFileExA", "(String,String,int)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["hudson.util.jna", "Kernel32", True, "MoveFileExA", "(String,String,int)", "", "Argument[1]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/hudson.util.model.yml b/java/ql/lib/ext/hudson.util.model.yml index 0e34233e735..39c5b55f349 100644 --- a/java/ql/lib/ext/hudson.util.model.yml +++ b/java/ql/lib/ext/hudson.util.model.yml @@ -3,23 +3,22 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["hudson.util", "AtomicFileWriter", True, "AtomicFileWriter", "(File)", "", "Argument[0]", "create-file", "ai-manual"] - - ["hudson.util", "AtomicFileWriter", True, "AtomicFileWriter", "(Path,Charset,boolean,boolean)", "", "Argument[0]", "create-file", "ai-manual"] - - ["hudson.util", "AtomicFileWriter", True, "AtomicFileWriter", "(Path,Charset)", "", "Argument[0]", "create-file", "ai-manual"] - - ["hudson.util", "ClasspathBuilder", True, "add", "(FilePath)", "", "Argument[0]", "read-file", "ai-manual"] - - ["hudson.util", "IOUtils", True, "mkdirs", "(File)", "", "Argument[0]", "create-file", "ai-manual"] - - ["hudson.util", "StreamTaskListener", True, "StreamTaskListener", "(File,boolean,Charset)", "", "Argument[0]", "create-file", "ai-manual"] - - ["hudson.util", "TextFile", True, "delete", "()", "", "Argument[this]", "create-file", "manual"] - - ["hudson.util", "TextFile", True, "fastTail", "", "", "Argument[this]", "read-file", "manual"] - - ["hudson.util", "TextFile", True, "head", "", "", "Argument[this]", "read-file", "manual"] - - ["hudson.util", "TextFile", True, "lines", "()", "", "Argument[this]", "read-file", "manual"] - - ["hudson.util", "TextFile", True, "read", "()", "", "Argument[this]", "read-file", "manual"] - - ["hudson.util", "TextFile", True, "readTrim", "()", "", "Argument[this]", "read-file", "manual"] - - ["hudson.util", "TextFile", True, "write", "(String)", "", "Argument[0]", "write-file", "manual"] + - ["hudson.util", "AtomicFileWriter", True, "AtomicFileWriter", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["hudson.util", "AtomicFileWriter", True, "AtomicFileWriter", "(Path,Charset,boolean,boolean)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["hudson.util", "AtomicFileWriter", True, "AtomicFileWriter", "(Path,Charset)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["hudson.util", "ClasspathBuilder", True, "add", "(FilePath)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["hudson.util", "IOUtils", True, "mkdirs", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["hudson.util", "StreamTaskListener", True, "StreamTaskListener", "(File,boolean,Charset)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["hudson.util", "TextFile", True, "delete", "()", "", "Argument[this]", "path-injection", "manual"] + - ["hudson.util", "TextFile", True, "fastTail", "", "", "Argument[this]", "path-injection", "manual"] + - ["hudson.util", "TextFile", True, "head", "", "", "Argument[this]", "path-injection", "manual"] + - ["hudson.util", "TextFile", True, "lines", "()", "", "Argument[this]", "path-injection", "manual"] + - ["hudson.util", "TextFile", True, "read", "()", "", "Argument[this]", "path-injection", "manual"] + - ["hudson.util", "TextFile", True, "readTrim", "()", "", "Argument[this]", "path-injection", "manual"] + - ["hudson.util", "TextFile", True, "write", "(String)", "", "Argument[0]", "file-content-store", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel data: - ["hudson.util", "QuotedStringTokenizer", True, "tokenize", "(String)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"] - ["hudson.util", "TextFile", True, "TextFile", "(File)", "", "Argument[0]", "Argument[this]", "taint", "ai-manual"] - diff --git a/java/ql/lib/ext/io.netty.bootstrap.model.yml b/java/ql/lib/ext/io.netty.bootstrap.model.yml index f38329a8bad..e07853583f7 100644 --- a/java/ql/lib/ext/io.netty.bootstrap.model.yml +++ b/java/ql/lib/ext/io.netty.bootstrap.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["io.netty.bootstrap", "Bootstrap", True, "connect", "(InetAddress,int)", "", "Argument[0]", "open-url", "ai-manual"] - - ["io.netty.bootstrap", "Bootstrap", True, "connect", "(SocketAddress)", "", "Argument[0]", "open-url", "ai-manual"] - - ["io.netty.bootstrap", "Bootstrap", True, "connect", "(String,int)", "", "Argument[0]", "open-url", "ai-manual"] + - ["io.netty.bootstrap", "Bootstrap", True, "connect", "(InetAddress,int)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["io.netty.bootstrap", "Bootstrap", True, "connect", "(SocketAddress)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["io.netty.bootstrap", "Bootstrap", True, "connect", "(String,int)", "", "Argument[0]", "request-forgery", "ai-manual"] diff --git a/java/ql/lib/ext/io.netty.channel.model.yml b/java/ql/lib/ext/io.netty.channel.model.yml index e06a3e0a582..38bdb84786a 100644 --- a/java/ql/lib/ext/io.netty.channel.model.yml +++ b/java/ql/lib/ext/io.netty.channel.model.yml @@ -3,15 +3,15 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["io.netty.channel", "Channel$Unsafe", True, "connect", "(SocketAddress,SocketAddress,ChannelPromise)", "", "Argument[0]", "open-url", "ai-manual"] - - ["io.netty.channel", "ChannelDuplexHandler", True, "connect", "(ChannelHandlerContext,SocketAddress,SocketAddress,ChannelPromise)", "", "Argument[1]", "open-url", "ai-manual"] - - ["io.netty.channel", "ChannelOutboundHandlerAdapter", True, "connect", "(ChannelHandlerContext,SocketAddress,SocketAddress,ChannelPromise)", "", "Argument[1]", "open-url", "ai-manual"] - - ["io.netty.channel", "ChannelOutboundInvoker", True, "connect", "(SocketAddress,ChannelPromise)", "", "Argument[0]", "open-url", "ai-manual"] - - ["io.netty.channel", "ChannelOutboundInvoker", True, "connect", "(SocketAddress,SocketAddress,ChannelPromise)", "", "Argument[0]", "open-url", "ai-manual"] - - ["io.netty.channel", "ChannelOutboundInvoker", True, "connect", "(SocketAddress)", "", "Argument[0]", "open-url", "ai-manual"] - - ["io.netty.channel", "DefaultChannelPipeline", False, "connect", "(SocketAddress,ChannelPromise)", "", "Argument[0]", "open-url", "ai-manual"] - - ["io.netty.channel", "DefaultChannelPipeline", False, "connect", "(SocketAddress,SocketAddress,ChannelPromise)", "", "Argument[0]", "open-url", "ai-manual"] - - ["io.netty.channel", "DefaultChannelPipeline", False, "connect", "(SocketAddress,SocketAddress)", "", "Argument[0]", "open-url", "ai-manual"] + - ["io.netty.channel", "Channel$Unsafe", True, "connect", "(SocketAddress,SocketAddress,ChannelPromise)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["io.netty.channel", "ChannelDuplexHandler", True, "connect", "(ChannelHandlerContext,SocketAddress,SocketAddress,ChannelPromise)", "", "Argument[1]", "request-forgery", "ai-manual"] + - ["io.netty.channel", "ChannelOutboundHandlerAdapter", True, "connect", "(ChannelHandlerContext,SocketAddress,SocketAddress,ChannelPromise)", "", "Argument[1]", "request-forgery", "ai-manual"] + - ["io.netty.channel", "ChannelOutboundInvoker", True, "connect", "(SocketAddress,ChannelPromise)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["io.netty.channel", "ChannelOutboundInvoker", True, "connect", "(SocketAddress,SocketAddress,ChannelPromise)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["io.netty.channel", "ChannelOutboundInvoker", True, "connect", "(SocketAddress)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["io.netty.channel", "DefaultChannelPipeline", False, "connect", "(SocketAddress,ChannelPromise)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["io.netty.channel", "DefaultChannelPipeline", False, "connect", "(SocketAddress,SocketAddress,ChannelPromise)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["io.netty.channel", "DefaultChannelPipeline", False, "connect", "(SocketAddress,SocketAddress)", "", "Argument[0]", "request-forgery", "ai-manual"] - addsTo: pack: codeql/java-all extensible: sourceModel diff --git a/java/ql/lib/ext/io.netty.handler.codec.http.model.yml b/java/ql/lib/ext/io.netty.handler.codec.http.model.yml index 2912bdce85a..f9ec6702ff9 100644 --- a/java/ql/lib/ext/io.netty.handler.codec.http.model.yml +++ b/java/ql/lib/ext/io.netty.handler.codec.http.model.yml @@ -3,9 +3,9 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["io.netty.handler.codec.http", "DefaultFullHttpRequest", True, "DefaultFullHttpRequest", "(HttpVersion,HttpMethod,String,ByteBuf)", "", "Argument[2]", "open-url", "ai-manual"] - - ["io.netty.handler.codec.http", "DefaultHttpRequest", True, "DefaultHttpRequest", "(HttpVersion,HttpMethod,String)", "", "Argument[2]", "open-url", "ai-manual"] - - ["io.netty.handler.codec.http", "HttpRequest", True, "setUri", "", "", "Argument[0]", "open-url", "manual"] + - ["io.netty.handler.codec.http", "DefaultFullHttpRequest", True, "DefaultFullHttpRequest", "(HttpVersion,HttpMethod,String,ByteBuf)", "", "Argument[2]", "request-forgery", "ai-manual"] + - ["io.netty.handler.codec.http", "DefaultHttpRequest", True, "DefaultHttpRequest", "(HttpVersion,HttpMethod,String)", "", "Argument[2]", "request-forgery", "ai-manual"] + - ["io.netty.handler.codec.http", "HttpRequest", True, "setUri", "", "", "Argument[0]", "request-forgery", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/io.netty.handler.codec.http.multipart.model.yml b/java/ql/lib/ext/io.netty.handler.codec.http.multipart.model.yml index 4090f6356bf..a44a2c6c400 100644 --- a/java/ql/lib/ext/io.netty.handler.codec.http.multipart.model.yml +++ b/java/ql/lib/ext/io.netty.handler.codec.http.multipart.model.yml @@ -3,7 +3,7 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["io.netty.handler.codec.http.multipart", "HttpPostRequestEncoder", True, "addBodyFileUpload", "(String,File,String,boolean)", "", "Argument[1]", "read-file", "ai-manual"] + - ["io.netty.handler.codec.http.multipart", "HttpPostRequestEncoder", True, "addBodyFileUpload", "(String,File,String,boolean)", "", "Argument[1]", "path-injection", "ai-manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/io.netty.handler.ssl.model.yml b/java/ql/lib/ext/io.netty.handler.ssl.model.yml index 63628323f49..f63a7a3906f 100644 --- a/java/ql/lib/ext/io.netty.handler.ssl.model.yml +++ b/java/ql/lib/ext/io.netty.handler.ssl.model.yml @@ -3,5 +3,7 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["io.netty.handler.ssl", "OpenSslServerContext", False, "OpenSslServerContext", "(File,File)", "", "Argument[0]", "read-file", "ai-manual"] - - ["io.netty.handler.ssl", "SslContextBuilder", False, "forServer", "(File,File)", "", "Argument[0]", "read-file", "ai-manual"] + - ["io.netty.handler.ssl", "OpenSslServerContext", False, "OpenSslServerContext", "(File,File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["io.netty.handler.ssl", "SslContextBuilder", False, "forServer", "(File,File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["io.netty.handler.ssl", "SslContextBuilder", False, "trustManager", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["io.netty.handler.ssl", "SslContextBuilder", False, "trustManager", "(InputStream)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/io.netty.handler.stream.model.yml b/java/ql/lib/ext/io.netty.handler.stream.model.yml index 1d305863f6c..f4e635f4437 100644 --- a/java/ql/lib/ext/io.netty.handler.stream.model.yml +++ b/java/ql/lib/ext/io.netty.handler.stream.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["io.netty.handler.stream", "ChunkedFile", True, "ChunkedFile", "(RandomAccessFile,long,long,int)", "", "Argument[0]", "read-file", "ai-manual"] + - ["io.netty.handler.stream", "ChunkedFile", True, "ChunkedFile", "(RandomAccessFile,long,long,int)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/io.netty.util.internal.model.yml b/java/ql/lib/ext/io.netty.util.internal.model.yml index 477b8e88858..7852b8b9e32 100644 --- a/java/ql/lib/ext/io.netty.util.internal.model.yml +++ b/java/ql/lib/ext/io.netty.util.internal.model.yml @@ -3,8 +3,8 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["io.netty.util.internal", "PlatformDependent", False, "createTempFile", "(String,String,File)", "", "Argument[2]", "create-file", "ai-manual"] - - ["io.netty.util.internal", "SocketUtils", False, "connect", "(Socket,SocketAddress,int)", "", "Argument[1]", "open-url", "ai-manual"] + - ["io.netty.util.internal", "PlatformDependent", False, "createTempFile", "(String,String,File)", "", "Argument[2]", "path-injection", "ai-manual"] + - ["io.netty.util.internal", "SocketUtils", False, "connect", "(Socket,SocketAddress,int)", "", "Argument[1]", "request-forgery", "ai-manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/jakarta.faces.context.model.yml b/java/ql/lib/ext/jakarta.faces.context.model.yml index 84a0fd22710..468ef036c1a 100644 --- a/java/ql/lib/ext/jakarta.faces.context.model.yml +++ b/java/ql/lib/ext/jakarta.faces.context.model.yml @@ -14,5 +14,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["jakarta.faces.context", "ResponseStream", True, "write", "", "", "Argument[0]", "xss", "manual"] - - ["jakarta.faces.context", "ResponseWriter", True, "write", "", "", "Argument[0]", "xss", "manual"] + - ["jakarta.faces.context", "ResponseStream", True, "write", "", "", "Argument[0]", "html-injection", "manual"] + - ["jakarta.faces.context", "ResponseWriter", True, "write", "", "", "Argument[0]", "html-injection", "manual"] diff --git a/java/ql/lib/ext/jakarta.ws.rs.client.model.yml b/java/ql/lib/ext/jakarta.ws.rs.client.model.yml index 821ea0ad640..0460c09dc3c 100644 --- a/java/ql/lib/ext/jakarta.ws.rs.client.model.yml +++ b/java/ql/lib/ext/jakarta.ws.rs.client.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["jakarta.ws.rs.client", "Client", True, "target", "", "", "Argument[0]", "open-url", "manual"] + - ["jakarta.ws.rs.client", "Client", True, "target", "", "", "Argument[0]", "request-forgery", "manual"] diff --git a/java/ql/lib/ext/jakarta.ws.rs.core.model.yml b/java/ql/lib/ext/jakarta.ws.rs.core.model.yml index a13bb2189d1..739f61df8b8 100644 --- a/java/ql/lib/ext/jakarta.ws.rs.core.model.yml +++ b/java/ql/lib/ext/jakarta.ws.rs.core.model.yml @@ -3,8 +3,8 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["jakarta.ws.rs.core", "Response", True, "seeOther", "", "", "Argument[0]", "url-redirect", "manual"] - - ["jakarta.ws.rs.core", "Response", True, "temporaryRedirect", "", "", "Argument[0]", "url-redirect", "manual"] + - ["jakarta.ws.rs.core", "Response", True, "seeOther", "", "", "Argument[0]", "url-redirection", "manual"] + - ["jakarta.ws.rs.core", "Response", True, "temporaryRedirect", "", "", "Argument[0]", "url-redirection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/java.io.model.yml b/java/ql/lib/ext/java.io.model.yml index 2db99b7027e..83e57a68c74 100644 --- a/java/ql/lib/ext/java.io.model.yml +++ b/java/ql/lib/ext/java.io.model.yml @@ -3,50 +3,55 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["java.io", "File", True, "createTempFile", "(String,String,File)", "", "Argument[2]", "create-file", "ai-manual"] - - ["java.io", "File", True, "renameTo", "(File)", "", "Argument[0]", "create-file", "ai-manual"] - - ["java.io", "FileInputStream", True, "FileInputStream", "(File)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.io", "FileInputStream", True, "FileInputStream", "(String)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.io", "FileOutputStream", False, "FileOutputStream", "", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "FileOutputStream", False, "write", "", "", "Argument[0]", "write-file", "manual"] - - ["java.io", "FileReader", True, "FileReader", "(File)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.io", "FileReader", True, "FileReader", "(String)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.io", "FileSystem", True, "createDirectory", "(File)", "", "Argument[0]", "create-file", "ai-manual"] - - ["java.io", "FileWriter", False, "FileWriter", "", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintStream", False, "PrintStream", "(File)", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintStream", False, "PrintStream", "(File,Charset)", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintStream", False, "PrintStream", "(File,String)", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintStream", False, "PrintStream", "(String)", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintStream", False, "PrintStream", "(String,Charset)", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintStream", False, "PrintStream", "(String,String)", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintStream", True, "append", "", "", "Argument[0]", "write-file", "manual"] - - ["java.io", "PrintStream", True, "format", "(Locale,String,Object[])", "", "Argument[1..2]", "write-file", "manual"] - - ["java.io", "PrintStream", True, "format", "(String,Object[])", "", "Argument[0..1]", "write-file", "manual"] - - ["java.io", "PrintStream", True, "print", "", "", "Argument[0]", "write-file", "manual"] - - ["java.io", "PrintStream", True, "printf", "(Locale,String,Object[])", "", "Argument[1..2]", "write-file", "manual"] - - ["java.io", "PrintStream", True, "printf", "(String,Object[])", "", "Argument[0..1]", "write-file", "manual"] - - ["java.io", "PrintStream", True, "println", "", "", "Argument[0]", "write-file", "manual"] - - ["java.io", "PrintStream", True, "write", "", "", "Argument[0]", "write-file", "manual"] - - ["java.io", "PrintStream", True, "writeBytes", "", "", "Argument[0]", "write-file", "manual"] - - ["java.io", "PrintWriter", False, "PrintWriter", "(File)", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintWriter", False, "PrintWriter", "(File,Charset)", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintWriter", False, "PrintWriter", "(File,String)", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintWriter", False, "PrintWriter", "(String)", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintWriter", False, "PrintWriter", "(String,Charset)", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintWriter", False, "PrintWriter", "(String,String)", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "PrintWriter", False, "format", "(Locale,String,Object[])", "", "Argument[1..2]", "write-file", "manual"] - - ["java.io", "PrintWriter", False, "format", "(String,Object[])", "", "Argument[0..1]", "write-file", "manual"] - - ["java.io", "PrintWriter", False, "print", "", "", "Argument[0]", "write-file", "manual"] - - ["java.io", "PrintWriter", False, "printf", "(Locale,String,Object[])", "", "Argument[1..2]", "write-file", "manual"] - - ["java.io", "PrintWriter", False, "printf", "(String,Object[])", "", "Argument[0..1]", "write-file", "manual"] - - ["java.io", "PrintWriter", False, "println", "", "", "Argument[0]", "write-file", "manual"] - - ["java.io", "RandomAccessFile", False, "RandomAccessFile", "", "", "Argument[0]", "create-file", "manual"] - - ["java.io", "RandomAccessFile", False, "write", "", "", "Argument[0]", "write-file", "manual"] - - ["java.io", "RandomAccessFile", False, "writeBytes", "", "", "Argument[0]", "write-file", "manual"] - - ["java.io", "RandomAccessFile", False, "writeChars", "", "", "Argument[0]", "write-file", "manual"] - - ["java.io", "RandomAccessFile", False, "writeUTF", "", "", "Argument[0]", "write-file", "manual"] - - ["java.io", "Writer", True, "append", "", "", "Argument[0]", "write-file", "manual"] - - ["java.io", "Writer", True, "write", "", "", "Argument[0]", "write-file", "manual"] + - ["java.io", "File", False, "File", "(File,String)", "", "Argument[1]", "path-injection", "manual"] # old PathCreation + - ["java.io", "File", False, "File", "(String)", "", "Argument[0]", "path-injection", "manual"] # old PathCreation + - ["java.io", "File", False, "File", "(String,String)", "", "Argument[0..1]", "path-injection", "manual"] # old PathCreation + - ["java.io", "File", False, "File", "(URI)", "", "Argument[0]", "path-injection", "manual"] # old PathCreation + - ["java.io", "File", True, "createTempFile", "(String,String,File)", "", "Argument[2]", "path-injection", "ai-manual"] + - ["java.io", "File", True, "renameTo", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.io", "FileInputStream", True, "FileInputStream", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.io", "FileInputStream", True, "FileInputStream", "(String)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.io", "FileOutputStream", False, "FileOutputStream", "", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "FileOutputStream", False, "write", "", "", "Argument[0]", "file-content-store", "manual"] + - ["java.io", "FileReader", True, "FileReader", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.io", "FileReader", True, "FileReader", "(String)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.io", "FileReader", True, "FileReader", "(String,Charset)", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "FileSystem", True, "createDirectory", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.io", "FileWriter", False, "FileWriter", "", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "PrintStream", False, "PrintStream", "(File)", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "PrintStream", False, "PrintStream", "(File,Charset)", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "PrintStream", False, "PrintStream", "(File,String)", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "PrintStream", False, "PrintStream", "(String)", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "PrintStream", False, "PrintStream", "(String,Charset)", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "PrintStream", False, "PrintStream", "(String,String)", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "PrintStream", True, "append", "", "", "Argument[0]", "file-content-store", "manual"] + - ["java.io", "PrintStream", True, "format", "(Locale,String,Object[])", "", "Argument[1..2]", "file-content-store", "manual"] + - ["java.io", "PrintStream", True, "format", "(String,Object[])", "", "Argument[0..1]", "file-content-store", "manual"] + - ["java.io", "PrintStream", True, "print", "", "", "Argument[0]", "file-content-store", "manual"] + - ["java.io", "PrintStream", True, "printf", "(Locale,String,Object[])", "", "Argument[1..2]", "file-content-store", "manual"] + - ["java.io", "PrintStream", True, "printf", "(String,Object[])", "", "Argument[0..1]", "file-content-store", "manual"] + - ["java.io", "PrintStream", True, "println", "", "", "Argument[0]", "file-content-store", "manual"] + - ["java.io", "PrintStream", True, "write", "", "", "Argument[0]", "file-content-store", "manual"] + - ["java.io", "PrintStream", True, "writeBytes", "", "", "Argument[0]", "file-content-store", "manual"] + - ["java.io", "PrintWriter", False, "PrintWriter", "(File)", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "PrintWriter", False, "PrintWriter", "(File,Charset)", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "PrintWriter", False, "PrintWriter", "(File,String)", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "PrintWriter", False, "PrintWriter", "(String)", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "PrintWriter", False, "PrintWriter", "(String,Charset)", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "PrintWriter", False, "PrintWriter", "(String,String)", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "PrintWriter", False, "format", "(Locale,String,Object[])", "", "Argument[1..2]", "file-content-store", "manual"] + - ["java.io", "PrintWriter", False, "format", "(String,Object[])", "", "Argument[0..1]", "file-content-store", "manual"] + - ["java.io", "PrintWriter", False, "print", "", "", "Argument[0]", "file-content-store", "manual"] + - ["java.io", "PrintWriter", False, "printf", "(Locale,String,Object[])", "", "Argument[1..2]", "file-content-store", "manual"] + - ["java.io", "PrintWriter", False, "printf", "(String,Object[])", "", "Argument[0..1]", "file-content-store", "manual"] + - ["java.io", "PrintWriter", False, "println", "", "", "Argument[0]", "file-content-store", "manual"] + - ["java.io", "RandomAccessFile", False, "RandomAccessFile", "", "", "Argument[0]", "path-injection", "manual"] + - ["java.io", "RandomAccessFile", False, "write", "", "", "Argument[0]", "file-content-store", "manual"] + - ["java.io", "RandomAccessFile", False, "writeBytes", "", "", "Argument[0]", "file-content-store", "manual"] + - ["java.io", "RandomAccessFile", False, "writeChars", "", "", "Argument[0]", "file-content-store", "manual"] + - ["java.io", "RandomAccessFile", False, "writeUTF", "", "", "Argument[0]", "file-content-store", "manual"] + - ["java.io", "Writer", True, "append", "", "", "Argument[0]", "file-content-store", "manual"] + - ["java.io", "Writer", True, "write", "", "", "Argument[0]", "file-content-store", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel @@ -100,6 +105,7 @@ extensions: pack: codeql/java-all extensible: neutralModel data: + # summary neutrals - ["java.io", "Closeable", "close", "()", "summary", "manual"] - ["java.io", "DataOutput", "writeBoolean", "(boolean)", "summary", "manual"] - ["java.io", "File", "delete", "()", "summary", "manual"] @@ -117,3 +123,7 @@ extensions: - ["java.io", "DataInput", "readLong", "()", "summary", "manual"] # taint-numeric - ["java.io", "DataOutput", "writeInt", "(int)", "summary", "manual"] # taint-numeric - ["java.io", "DataOutput", "writeLong", "(long)", "summary", "manual"] # taint-numeric + + # sink neutrals + - ["java.io", "File", "compareTo", "", "sink", "hq-manual"] + - ["java.io", "File", "exists", "()", "sink", "hq-manual"] diff --git a/java/ql/lib/ext/java.lang.model.yml b/java/ql/lib/ext/java.lang.model.yml index bbb269b3d55..8625a68caa0 100644 --- a/java/ql/lib/ext/java.lang.model.yml +++ b/java/ql/lib/ext/java.lang.model.yml @@ -3,11 +3,14 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["java.lang", "Class", False, "getResource", "(String)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.lang", "Class", False, "getResourceAsStream", "(String)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.lang", "ClassLoader", True, "getSystemResource", "(String)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.lang", "ClassLoader", True, "getSystemResourceAsStream", "(String)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.lang", "Module", True, "getResourceAsStream", "(String)", "", "Argument[0]", "read-file", "ai-manual"] + - ["java.lang", "Class", False, "getResource", "(String)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.lang", "Class", False, "getResourceAsStream", "(String)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.lang", "ClassLoader", True, "getSystemResource", "(String)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.lang", "ClassLoader", True, "getSystemResourceAsStream", "(String)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.lang", "Module", True, "getResourceAsStream", "(String)", "", "Argument[0]", "path-injection", "ai-manual"] + # These are potential vulnerabilities, but not for command-injection. No query for this kind of vulnerability currently exists. + # - ["java.lang", "Runtime", False, "load", "(String)", "", "Argument[0]", "command-injection", "ai-manual"] + # - ["java.lang", "Runtime", False, "loadLibrary", "(String)", "", "Argument[0]", "command-injection", "ai-manual"] # These are modeled in plain CodeQL. TODO: migrate them. # - ["java.lang", "ProcessBuilder", False, "command", "(String[])", "", "Argument[0]", "command-injection", "ai-manual"] # - ["java.lang", "ProcessBuilder", False, "directory", "(File)", "", "Argument[0]", "command-injection", "ai-manual"] @@ -29,14 +32,14 @@ extensions: # These are modeled in plain CodeQL. TODO: migrate them. # - ["java.lang", "System", False, "load", "(String)", "", "Argument[0]", "command-injection", "ai-manual"] # This is actually injecting a library. # - ["java.lang", "System", False, "loadLibrary", "(String)", "", "Argument[0]", "command-injection", "ai-manual"] # This is actually injecting a library. - - ["java.lang", "System$Logger", True, "log", "(Level,Object)", "", "Argument[1]", "logging", "manual"] - - ["java.lang", "System$Logger", True, "log", "(Level,ResourceBundle,String,Object[])", "", "Argument[2..3]", "logging", "manual"] - - ["java.lang", "System$Logger", True, "log", "(Level,ResourceBundle,String,Throwable)", "", "Argument[2]", "logging", "manual"] - - ["java.lang", "System$Logger", True, "log", "(Level,String)", "", "Argument[1]", "logging", "manual"] - - ["java.lang", "System$Logger", True, "log", "(Level,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["java.lang", "System$Logger", True, "log", "(Level,String,Supplier)", "", "Argument[1..2]", "logging", "manual"] - - ["java.lang", "System$Logger", True, "log", "(Level,String,Supplier,Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["java.lang", "System$Logger", True, "log", "(Level,String,Throwable)", "", "Argument[1]", "logging", "manual"] + - ["java.lang", "System$Logger", True, "log", "(Level,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["java.lang", "System$Logger", True, "log", "(Level,ResourceBundle,String,Object[])", "", "Argument[2..3]", "log-injection", "manual"] + - ["java.lang", "System$Logger", True, "log", "(Level,ResourceBundle,String,Throwable)", "", "Argument[2]", "log-injection", "manual"] + - ["java.lang", "System$Logger", True, "log", "(Level,String)", "", "Argument[1]", "log-injection", "manual"] + - ["java.lang", "System$Logger", True, "log", "(Level,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["java.lang", "System$Logger", True, "log", "(Level,String,Supplier)", "", "Argument[1..2]", "log-injection", "manual"] + - ["java.lang", "System$Logger", True, "log", "(Level,String,Supplier,Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["java.lang", "System$Logger", True, "log", "(Level,String,Throwable)", "", "Argument[1]", "log-injection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/java.net.http.model.yml b/java/ql/lib/ext/java.net.http.model.yml index d967f46494b..9fc18d2eaab 100644 --- a/java/ql/lib/ext/java.net.http.model.yml +++ b/java/ql/lib/ext/java.net.http.model.yml @@ -8,5 +8,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["java.net.http", "HttpRequest", False, "newBuilder", "", "", "Argument[0]", "open-url", "manual"] - - ["java.net.http", "HttpRequest$Builder", False, "uri", "", "", "Argument[0]", "open-url", "manual"] + - ["java.net.http", "HttpRequest", False, "newBuilder", "", "", "Argument[0]", "request-forgery", "manual"] + - ["java.net.http", "HttpRequest$Builder", False, "uri", "", "", "Argument[0]", "request-forgery", "manual"] diff --git a/java/ql/lib/ext/java.net.model.yml b/java/ql/lib/ext/java.net.model.yml index 9ab8c663506..39a4c484112 100644 --- a/java/ql/lib/ext/java.net.model.yml +++ b/java/ql/lib/ext/java.net.model.yml @@ -9,22 +9,22 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["java.net", "DatagramSocket", True, "connect", "(SocketAddress)", "", "Argument[0]", "open-url", "ai-manual"] - - ["java.net", "Socket", True, "Socket", "(String,int)", "", "Argument[0]", "open-url", "ai-manual"] - - ["java.net", "URL", False, "openConnection", "", "", "Argument[this]", "open-url", "manual"] - - ["java.net", "URL", False, "openConnection", "(Proxy)", "", "Argument[0]", "open-url", "ai-manual"] - - ["java.net", "URL", False, "openStream", "", "", "Argument[this]", "open-url", "manual"] - - ["java.net", "URLClassLoader", False, "URLClassLoader", "(String,URL[],ClassLoader)", "", "Argument[1]", "open-url", "manual"] - - ["java.net", "URLClassLoader", False, "URLClassLoader", "(String,URL[],ClassLoader,URLStreamHandlerFactory)", "", "Argument[1]", "open-url", "manual"] - - ["java.net", "URLClassLoader", False, "URLClassLoader", "(URL[])", "", "Argument[0]", "open-url", "manual"] - - ["java.net", "URLClassLoader", False, "URLClassLoader", "(URL[],ClassLoader)", "", "Argument[0]", "open-url", "manual"] - - ["java.net", "URLClassLoader", False, "URLClassLoader", "(URL[],ClassLoader,URLStreamHandlerFactory)", "", "Argument[0]", "open-url", "manual"] - - ["java.net", "URLClassLoader", False, "newInstance", "", "", "Argument[0]", "open-url", "manual"] - - ["java.net", "URLClassLoader", False, "URLClassLoader", "(String,URL[],ClassLoader,URLStreamHandlerFactory)", "", "Argument[1]", "open-url", "manual"] - - ["java.net", "URLClassLoader", False, "URLClassLoader", "(String,URL[],ClassLoader)", "", "Argument[1]", "open-url", "manual"] - - ["java.net", "URLClassLoader", False, "URLClassLoader", "(URL[],ClassLoader,URLStreamHandlerFactory)", "", "Argument[0]", "open-url", "manual"] - - ["java.net", "URLClassLoader", False, "URLClassLoader", "(URL[],ClassLoader)", "", "Argument[0]", "open-url", "manual"] - - ["java.net", "URLClassLoader", False, "URLClassLoader", "(URL[])", "", "Argument[0]", "open-url", "manual"] + - ["java.net", "DatagramSocket", True, "connect", "(SocketAddress)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["java.net", "Socket", True, "Socket", "(String,int)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["java.net", "URL", False, "openConnection", "", "", "Argument[this]", "request-forgery", "manual"] + - ["java.net", "URL", False, "openConnection", "(Proxy)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["java.net", "URL", False, "openStream", "", "", "Argument[this]", "request-forgery", "manual"] + - ["java.net", "URLClassLoader", False, "URLClassLoader", "(String,URL[],ClassLoader)", "", "Argument[1]", "request-forgery", "manual"] + - ["java.net", "URLClassLoader", False, "URLClassLoader", "(String,URL[],ClassLoader,URLStreamHandlerFactory)", "", "Argument[1]", "request-forgery", "manual"] + - ["java.net", "URLClassLoader", False, "URLClassLoader", "(URL[])", "", "Argument[0]", "request-forgery", "manual"] + - ["java.net", "URLClassLoader", False, "URLClassLoader", "(URL[],ClassLoader)", "", "Argument[0]", "request-forgery", "manual"] + - ["java.net", "URLClassLoader", False, "URLClassLoader", "(URL[],ClassLoader,URLStreamHandlerFactory)", "", "Argument[0]", "request-forgery", "manual"] + - ["java.net", "URLClassLoader", False, "newInstance", "", "", "Argument[0]", "request-forgery", "manual"] + - ["java.net", "URLClassLoader", False, "URLClassLoader", "(String,URL[],ClassLoader,URLStreamHandlerFactory)", "", "Argument[1]", "request-forgery", "manual"] + - ["java.net", "URLClassLoader", False, "URLClassLoader", "(String,URL[],ClassLoader)", "", "Argument[1]", "request-forgery", "manual"] + - ["java.net", "URLClassLoader", False, "URLClassLoader", "(URL[],ClassLoader,URLStreamHandlerFactory)", "", "Argument[0]", "request-forgery", "manual"] + - ["java.net", "URLClassLoader", False, "URLClassLoader", "(URL[],ClassLoader)", "", "Argument[0]", "request-forgery", "manual"] + - ["java.net", "URLClassLoader", False, "URLClassLoader", "(URL[])", "", "Argument[0]", "request-forgery", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/java.nio.file.model.yml b/java/ql/lib/ext/java.nio.file.model.yml index ae792106180..5e3f32b5e6f 100644 --- a/java/ql/lib/ext/java.nio.file.model.yml +++ b/java/ql/lib/ext/java.nio.file.model.yml @@ -3,47 +3,62 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["java.nio.file", "Files", False, "copy", "", "", "Argument[0]", "read-file", "manual"] - - ["java.nio.file", "Files", False, "copy", "(InputStream,Path,CopyOption[])", "", "Argument[0]", "write-file", "manual"] - - ["java.nio.file", "Files", False, "copy", "", "", "Argument[1]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "createDirectories", "", "", "Argument[0]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "createDirectory", "", "", "Argument[0]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "createFile", "", "", "Argument[0]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "createLink", "", "", "Argument[0]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "createSymbolicLink", "", "", "Argument[0]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "createTempDirectory", "(Path,String,FileAttribute[])", "", "Argument[0]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "createTempFile", "(Path,String,String,FileAttribute[])", "", "Argument[0]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "delete", "(Path)", "", "Argument[0]", "create-file", "ai-manual"] # should be delete-file - - ["java.nio.file", "Files", False, "deleteIfExists", "(Path)", "", "Argument[0]", "create-file", "ai-manual"] # should be delete-file - - ["java.nio.file", "Files", False, "deleteIfExists", "(Path)", "", "Argument[0]", "create-file", "ai-manual"] # should be delete-file - - ["java.nio.file", "Files", False, "lines", "(Path,Charset)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.nio.file", "Files", False, "lines", "(Path)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.nio.file", "Files", False, "move", "", "", "Argument[1]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "newBufferedReader", "(Path,Charset)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.nio.file", "Files", False, "newBufferedReader", "(Path)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.nio.file", "Files", False, "newBufferedWriter", "", "", "Argument[0]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "newInputStream", "(Path,OpenOption[])", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.nio.file", "Files", False, "newOutputStream", "", "", "Argument[0]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "readAllBytes", "(Path)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.nio.file", "Files", False, "readAllLines", "(Path,Charset)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.nio.file", "Files", False, "readAllLines", "(Path)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.nio.file", "Files", False, "readString", "(Path,Charset)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.nio.file", "Files", False, "readString", "(Path)", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.nio.file", "Files", False, "write", "", "", "Argument[0]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "write", "", "", "Argument[1]", "write-file", "manual"] - - ["java.nio.file", "Files", False, "writeString", "", "", "Argument[0]", "create-file", "manual"] - - ["java.nio.file", "Files", False, "writeString", "", "", "Argument[1]", "write-file", "manual"] - - ["java.nio.file", "Files", True, "move", "(Path,Path,CopyOption[])", "", "Argument[1]", "create-file", "ai-manual"] - - ["java.nio.file", "Files", True, "move", "(Path,Path,CopyOption[])", "", "Argument[0]", "create-file", "ai-manual"] # should be delete-file - - ["java.nio.file", "Files", True, "delete", "(Path)", "", "Argument[0]", "create-file", "ai-manual"] # should be delete-file - - ["java.nio.file", "Files", True, "newInputStream", "(Path,OpenOption[])", "", "Argument[0]", "read-file", "ai-manual"] - - ["java.nio.file", "Files", True, "newOutputStream", "(Path,OpenOption[])", "", "Argument[0]", "create-file", "ai-manual"] - - ["java.nio.file", "SecureDirectoryStream", True, "deleteDirectory", "(Path)", "", "Argument[0]", "create-file", "ai-manual"] # should be delete-file - - ["java.nio.file", "SecureDirectoryStream", True, "deleteFile", "(Path)", "", "Argument[0]", "create-file", "ai-manual"] # should be delete-file + - ["java.nio.file", "Files", False, "copy", "(Path,OutputStream)", "", "Argument[0]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "copy", "(Path,Path,CopyOption[])", "", "Argument[0]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "copy", "(Path,Path,CopyOption[])", "", "Argument[1]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "copy", "(InputStream,Path,CopyOption[])", "", "Argument[0]", "file-content-store", "manual"] + - ["java.nio.file", "Files", False, "copy", "(InputStream,Path,CopyOption[])", "", "Argument[1]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "createDirectories", "", "", "Argument[0]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "createDirectory", "", "", "Argument[0]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "createFile", "", "", "Argument[0]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "createLink", "", "", "Argument[0]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "createSymbolicLink", "", "", "Argument[0]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "createTempDirectory", "(Path,String,FileAttribute[])", "", "Argument[0]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "createTempFile", "(Path,String,String,FileAttribute[])", "", "Argument[0]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "delete", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "deleteIfExists", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "deleteIfExists", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "getFileStore", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"] # the FileStore class is unlikely to be used for later sanitization + - ["java.nio.file", "Files", False, "lines", "(Path,Charset)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "lines", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "move", "", "", "Argument[1]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "newBufferedReader", "(Path,Charset)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "newBufferedReader", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "newBufferedWriter", "", "", "Argument[0]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "newInputStream", "(Path,OpenOption[])", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "newOutputStream", "", "", "Argument[0]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "probeContentType", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"] # accesses the file based on user input, but only reads its content type from it + - ["java.nio.file", "Files", False, "readAllBytes", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "readAllLines", "(Path,Charset)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "readAllLines", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "readString", "(Path,Charset)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "readString", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", False, "write", "", "", "Argument[0]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "write", "", "", "Argument[1]", "file-content-store", "manual"] + - ["java.nio.file", "Files", False, "writeString", "", "", "Argument[0]", "path-injection", "manual"] + - ["java.nio.file", "Files", False, "writeString", "", "", "Argument[1]", "file-content-store", "manual"] + - ["java.nio.file", "Files", True, "move", "(Path,Path,CopyOption[])", "", "Argument[1]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", True, "move", "(Path,Path,CopyOption[])", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", True, "delete", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", True, "newInputStream", "(Path,OpenOption[])", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "Files", True, "newOutputStream", "(Path,OpenOption[])", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "FileSystem", False, "getPath", "", "", "Argument[0..1]", "path-injection", "manual"] # old PathCreation + - ["java.nio.file", "Path", False, "of", "(String,String[])", "", "Argument[0..1]", "path-injection", "manual"] # old PathCreation + - ["java.nio.file", "Path", False, "of", "(URI)", "", "Argument[0]", "path-injection", "manual"] # old PathCreation + - ["java.nio.file", "Path", False, "resolve", "(String)", "", "Argument[0]", "path-injection", "manual"] # old PathCreation + - ["java.nio.file", "Path", False, "resolveSibling", "(String)", "", "Argument[0]", "path-injection", "manual"] # old PathCreation + - ["java.nio.file", "Paths", False, "get", "(String,String[])", "", "Argument[0..1]", "path-injection", "manual"] # old PathCreation + - ["java.nio.file", "Paths", False, "get", "(URI)", "", "Argument[0]", "path-injection", "manual"] # old PathCreation + - ["java.nio.file", "SecureDirectoryStream", True, "deleteDirectory", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["java.nio.file", "SecureDirectoryStream", True, "deleteFile", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"] - addsTo: pack: codeql/java-all extensible: summaryModel data: + - ["java.nio.file", "Files", False, "find", "(Path,int,BiPredicate,FileVisitOption[])", "", "Argument[0]", "ReturnValue.Element", "taint", "ai-manual"] + - ["java.nio.file", "Files", False, "find", "(Path,int,BiPredicate,FileVisitOption[])", "", "Argument[2]", "ReturnValue.Element", "taint", "ai-manual"] + - ["java.nio.file", "Files", False, "list", "(Path)", "", "Argument[0]", "ReturnValue.Element", "taint", "ai-manual"] + - ["java.nio.file", "Files", False, "readSymbolicLink", "(Path)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"] # this can be used to enumerate a file system - ["java.nio.file", "Files", True, "newBufferedReader", "(Path,Charset)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"] - ["java.nio.file", "Files", True, "newBufferedReader", "(Path)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"] - ["java.nio.file", "Files", True, "newByteChannel", "(Path,OpenOption[])", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"] @@ -79,4 +94,22 @@ extensions: pack: codeql/java-all extensible: neutralModel data: + # summary neutrals - ["java.nio.file", "Files", "exists", "(Path,LinkOption[])", "summary", "manual"] + + # sink neutrals + - ["java.nio.file", "Files", "exists", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "getLastModifiedTime", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "getOwner", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "getPosixFilePermissions", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "isDirectory", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "isExecutable", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "isHidden", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "isReadable", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "isRegularFile", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "isSameFile", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "isSymbolicLink", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "isWritable", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "notExists", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "setLastModifiedTime", "", "sink", "hq-manual"] + - ["java.nio.file", "Files", "size", "", "sink", "hq-manual"] diff --git a/java/ql/lib/ext/java.nio.file.spi.model.yml b/java/ql/lib/ext/java.nio.file.spi.model.yml new file mode 100644 index 00000000000..91e465af105 --- /dev/null +++ b/java/ql/lib/ext/java.nio.file.spi.model.yml @@ -0,0 +1,8 @@ +extensions: + - addsTo: + pack: codeql/java-all + extensible: neutralModel + data: + # sink neutrals + - ["java.nio.file.spi", "FileSystemProvider", "isHidden", "", "sink", "hq-manual"] + - ["java.nio.file.spi", "FileSystemProvider", "isSameFile", "", "sink", "hq-manual"] diff --git a/java/ql/lib/ext/java.sql.model.yml b/java/ql/lib/ext/java.sql.model.yml index 87e0fca7f9b..c93a89cfd2c 100644 --- a/java/ql/lib/ext/java.sql.model.yml +++ b/java/ql/lib/ext/java.sql.model.yml @@ -3,19 +3,19 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["java.sql", "Connection", True, "prepareCall", "", "", "Argument[0]", "sql", "manual"] - - ["java.sql", "Connection", True, "prepareStatement", "", "", "Argument[0]", "sql", "manual"] - - ["java.sql", "DatabaseMetaData", True, "getColumns", "(String,String,String,String)", "", "Argument[2]", "sql", "ai-manual"] - - ["java.sql", "DatabaseMetaData", True, "getPrimaryKeys", "(String,String,String)", "", "Argument[2]", "sql", "ai-manual"] - - ["java.sql", "Driver", False, "connect", "(String,Properties)", "", "Argument[0]", "jdbc-url", "manual"] - - ["java.sql", "DriverManager", False, "getConnection", "(String)", "", "Argument[0]", "jdbc-url", "manual"] - - ["java.sql", "DriverManager", False, "getConnection", "(String,Properties)", "", "Argument[0]", "jdbc-url", "manual"] - - ["java.sql", "DriverManager", False, "getConnection", "(String,String,String)", "", "Argument[0]", "jdbc-url", "manual"] - - ["java.sql", "Statement", True, "addBatch", "", "", "Argument[0]", "sql", "manual"] - - ["java.sql", "Statement", True, "execute", "", "", "Argument[0]", "sql", "manual"] - - ["java.sql", "Statement", True, "executeLargeUpdate", "", "", "Argument[0]", "sql", "manual"] - - ["java.sql", "Statement", True, "executeQuery", "", "", "Argument[0]", "sql", "manual"] - - ["java.sql", "Statement", True, "executeUpdate", "", "", "Argument[0]", "sql", "manual"] + - ["java.sql", "Connection", True, "prepareCall", "", "", "Argument[0]", "sql-injection", "manual"] + - ["java.sql", "Connection", True, "prepareStatement", "", "", "Argument[0]", "sql-injection", "manual"] + - ["java.sql", "DatabaseMetaData", True, "getColumns", "(String,String,String,String)", "", "Argument[2]", "sql-injection", "ai-manual"] + - ["java.sql", "DatabaseMetaData", True, "getPrimaryKeys", "(String,String,String)", "", "Argument[2]", "sql-injection", "ai-manual"] + - ["java.sql", "Driver", False, "connect", "(String,Properties)", "", "Argument[0]", "request-forgery", "manual"] + - ["java.sql", "DriverManager", False, "getConnection", "(String)", "", "Argument[0]", "request-forgery", "manual"] + - ["java.sql", "DriverManager", False, "getConnection", "(String,Properties)", "", "Argument[0]", "request-forgery", "manual"] + - ["java.sql", "DriverManager", False, "getConnection", "(String,String,String)", "", "Argument[0]", "request-forgery", "manual"] + - ["java.sql", "Statement", True, "addBatch", "", "", "Argument[0]", "sql-injection", "manual"] + - ["java.sql", "Statement", True, "execute", "", "", "Argument[0]", "sql-injection", "manual"] + - ["java.sql", "Statement", True, "executeLargeUpdate", "", "", "Argument[0]", "sql-injection", "manual"] + - ["java.sql", "Statement", True, "executeQuery", "", "", "Argument[0]", "sql-injection", "manual"] + - ["java.sql", "Statement", True, "executeUpdate", "", "", "Argument[0]", "sql-injection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/java.text.model.yml b/java/ql/lib/ext/java.text.model.yml index 728ed4fa6b4..5b315e9986d 100644 --- a/java/ql/lib/ext/java.text.model.yml +++ b/java/ql/lib/ext/java.text.model.yml @@ -3,8 +3,14 @@ extensions: pack: codeql/java-all extensible: neutralModel data: + # summary neutrals # The below APIs have numeric flow and are currently being stored as neutral models. # These may be changed to summary models with kinds "value-numeric" and "taint-numeric" (or similar) in the future. - ["java.text", "DateFormat", "format", "(Date)", "summary", "manual"] # taint-numeric - ["java.text", "DateFormat", "parse", "(String)", "summary", "manual"] # taint-numeric - ["java.text", "SimpleDateFormat", "SimpleDateFormat", "(String)", "summary", "manual"] # taint-numeric + + # sink neutrals + - ["java.text", "Collator", "compare", "", "sink", "hq-manual"] + - ["java.text", "Collator", "equals", "", "sink", "hq-manual"] + - ["java.text", "RuleBasedCollator", "compare", "", "sink", "hq-manual"] diff --git a/java/ql/lib/ext/java.util.logging.model.yml b/java/ql/lib/ext/java.util.logging.model.yml index 05d7aa62a70..330a2d469a8 100644 --- a/java/ql/lib/ext/java.util.logging.model.yml +++ b/java/ql/lib/ext/java.util.logging.model.yml @@ -3,40 +3,40 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["java.util.logging", "Logger", True, "config", "", "", "Argument[0]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "entering", "(String,String)", "", "Argument[0..1]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "entering", "(String,String,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "entering", "(String,String,Object[])", "", "Argument[0..2]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "exiting", "(String,String)", "", "Argument[0..1]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "exiting", "(String,String,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "fine", "", "", "Argument[0]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "finer", "", "", "Argument[0]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "finest", "", "", "Argument[0]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "info", "", "", "Argument[0]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "log", "(Level,String)", "", "Argument[1]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "log", "(Level,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "log", "(Level,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "log", "(Level,String,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "log", "(Level,Supplier)", "", "Argument[1]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "log", "(Level,Throwable,Supplier)", "", "Argument[2]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "log", "(LogRecord)", "", "Argument[0]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,String)", "", "Argument[1..3]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,String,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,String,Object[])", "", "Argument[1..4]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,String,Throwable)", "", "Argument[1..3]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,Supplier)", "", "Argument[1..3]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,Throwable,Supplier)", "", "Argument[1..2]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,Throwable,Supplier)", "", "Argument[4]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,ResourceBundle,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,ResourceBundle,String,Object[])", "", "Argument[4..5]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,ResourceBundle,String,Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,ResourceBundle,String,Throwable)", "", "Argument[4]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,String,String)", "", "Argument[1..4]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,String,String,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,String,String,Object[])", "", "Argument[1..5]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,String,String,Throwable)", "", "Argument[1..4]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "severe", "", "", "Argument[0]", "logging", "manual"] - - ["java.util.logging", "Logger", True, "warning", "", "", "Argument[0]", "logging", "manual"] + - ["java.util.logging", "Logger", True, "config", "", "", "Argument[0]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "entering", "(String,String)", "", "Argument[0..1]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "entering", "(String,String,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "entering", "(String,String,Object[])", "", "Argument[0..2]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "exiting", "(String,String)", "", "Argument[0..1]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "exiting", "(String,String,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "fine", "", "", "Argument[0]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "finer", "", "", "Argument[0]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "finest", "", "", "Argument[0]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "info", "", "", "Argument[0]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "log", "(Level,String)", "", "Argument[1]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "log", "(Level,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "log", "(Level,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "log", "(Level,String,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "log", "(Level,Supplier)", "", "Argument[1]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "log", "(Level,Throwable,Supplier)", "", "Argument[2]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "log", "(LogRecord)", "", "Argument[0]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,String)", "", "Argument[1..3]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,String,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,String,Object[])", "", "Argument[1..4]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,String,Throwable)", "", "Argument[1..3]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,Supplier)", "", "Argument[1..3]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,Throwable,Supplier)", "", "Argument[1..2]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logp", "(Level,String,String,Throwable,Supplier)", "", "Argument[4]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,ResourceBundle,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,ResourceBundle,String,Object[])", "", "Argument[4..5]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,ResourceBundle,String,Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,ResourceBundle,String,Throwable)", "", "Argument[4]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,String,String)", "", "Argument[1..4]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,String,String,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,String,String,Object[])", "", "Argument[1..5]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "logrb", "(Level,String,String,String,String,Throwable)", "", "Argument[1..4]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "severe", "", "", "Argument[0]", "log-injection", "manual"] + - ["java.util.logging", "Logger", True, "warning", "", "", "Argument[0]", "log-injection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/java.util.prefs.model.yml b/java/ql/lib/ext/java.util.prefs.model.yml new file mode 100644 index 00000000000..a2a7c16bc5d --- /dev/null +++ b/java/ql/lib/ext/java.util.prefs.model.yml @@ -0,0 +1,8 @@ +extensions: + - addsTo: + pack: codeql/java-all + extensible: neutralModel + data: + # sink neutrals + - ["java.util.prefs", "AbstractPreferences", "nodeExists", "", "sink", "hq-manual"] + - ["java.util.prefs", "Preferences", "nodeExists", "", "sink", "hq-manual"] diff --git a/java/ql/lib/ext/javafx.scene.web.model.yml b/java/ql/lib/ext/javafx.scene.web.model.yml index 64f8eea916b..78d1a00dfde 100644 --- a/java/ql/lib/ext/javafx.scene.web.model.yml +++ b/java/ql/lib/ext/javafx.scene.web.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["javafx.scene.web", "WebEngine", False, "load", "(String)", "", "Argument[0]", "open-url", "ai-manual"] + - ["javafx.scene.web", "WebEngine", False, "load", "(String)", "", "Argument[0]", "request-forgery", "ai-manual"] diff --git a/java/ql/lib/ext/javax.faces.context.model.yml b/java/ql/lib/ext/javax.faces.context.model.yml index ad33971c2c3..98f3e64ec6c 100644 --- a/java/ql/lib/ext/javax.faces.context.model.yml +++ b/java/ql/lib/ext/javax.faces.context.model.yml @@ -14,5 +14,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["javax.faces.context", "ResponseStream", True, "write", "", "", "Argument[0]", "xss", "manual"] - - ["javax.faces.context", "ResponseWriter", True, "write", "", "", "Argument[0]", "xss", "manual"] + - ["javax.faces.context", "ResponseStream", True, "write", "", "", "Argument[0]", "html-injection", "manual"] + - ["javax.faces.context", "ResponseWriter", True, "write", "", "", "Argument[0]", "html-injection", "manual"] diff --git a/java/ql/lib/ext/javax.naming.directory.model.yml b/java/ql/lib/ext/javax.naming.directory.model.yml index bb350a084cb..6f60e7cf20d 100644 --- a/java/ql/lib/ext/javax.naming.directory.model.yml +++ b/java/ql/lib/ext/javax.naming.directory.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["javax.naming.directory", "DirContext", True, "search", "", "", "Argument[0..1]", "ldap", "manual"] + - ["javax.naming.directory", "DirContext", True, "search", "", "", "Argument[0..1]", "ldap-injection", "manual"] diff --git a/java/ql/lib/ext/javax.net.ssl.model.yml b/java/ql/lib/ext/javax.net.ssl.model.yml index 7cbed92c184..59085b8d120 100644 --- a/java/ql/lib/ext/javax.net.ssl.model.yml +++ b/java/ql/lib/ext/javax.net.ssl.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["javax.net.ssl", "HttpsURLConnection", True, "setDefaultHostnameVerifier", "", "", "Argument[0]", "set-hostname-verifier", "manual"] - - ["javax.net.ssl", "HttpsURLConnection", True, "setHostnameVerifier", "", "", "Argument[0]", "set-hostname-verifier", "manual"] + - ["javax.net.ssl", "HttpsURLConnection", True, "setDefaultHostnameVerifier", "", "", "Argument[0]", "hostname-verification", "manual"] + - ["javax.net.ssl", "HttpsURLConnection", True, "setHostnameVerifier", "", "", "Argument[0]", "hostname-verification", "manual"] diff --git a/java/ql/lib/ext/javax.script.model.yml b/java/ql/lib/ext/javax.script.model.yml index 0dcc6adb3d7..dcec679640f 100644 --- a/java/ql/lib/ext/javax.script.model.yml +++ b/java/ql/lib/ext/javax.script.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["javax.script", "CompiledScript", False, "eval", "", "", "Argument[this]", "mvel", "manual"] + - ["javax.script", "CompiledScript", False, "eval", "", "", "Argument[this]", "mvel-injection", "manual"] diff --git a/java/ql/lib/ext/javax.servlet.http.model.yml b/java/ql/lib/ext/javax.servlet.http.model.yml index e4c0a2b2332..6485ea22a2e 100644 --- a/java/ql/lib/ext/javax.servlet.http.model.yml +++ b/java/ql/lib/ext/javax.servlet.http.model.yml @@ -22,10 +22,10 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["javax.servlet.http", "HttpServletResponse", False, "addCookie", "", "", "Argument[0]", "header-splitting", "manual"] - - ["javax.servlet.http", "HttpServletResponse", False, "addHeader", "", "", "Argument[0..1]", "header-splitting", "manual"] + - ["javax.servlet.http", "HttpServletResponse", False, "addCookie", "", "", "Argument[0]", "response-splitting", "manual"] + - ["javax.servlet.http", "HttpServletResponse", False, "addHeader", "", "", "Argument[0..1]", "response-splitting", "manual"] - ["javax.servlet.http", "HttpServletResponse", False, "sendError", "(int,String)", "", "Argument[1]", "information-leak", "manual"] - - ["javax.servlet.http", "HttpServletResponse", False, "setHeader", "", "", "Argument[0..1]", "header-splitting", "manual"] + - ["javax.servlet.http", "HttpServletResponse", False, "setHeader", "", "", "Argument[0..1]", "response-splitting", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/javax.servlet.model.yml b/java/ql/lib/ext/javax.servlet.model.yml index fae0bd6f2b3..7d7f432d2bd 100644 --- a/java/ql/lib/ext/javax.servlet.model.yml +++ b/java/ql/lib/ext/javax.servlet.model.yml @@ -14,4 +14,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["javax.servlet", "ServletContext", True, "getResourceAsStream", "(String)", "", "Argument[0]", "read-file", "ai-manual"] + - ["javax.servlet", "ServletContext", True, "getResourceAsStream", "(String)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/javax.ws.rs.client.model.yml b/java/ql/lib/ext/javax.ws.rs.client.model.yml index 0a5a01c3338..e9855623951 100644 --- a/java/ql/lib/ext/javax.ws.rs.client.model.yml +++ b/java/ql/lib/ext/javax.ws.rs.client.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["javax.ws.rs.client", "Client", True, "target", "", "", "Argument[0]", "open-url", "manual"] + - ["javax.ws.rs.client", "Client", True, "target", "", "", "Argument[0]", "request-forgery", "manual"] diff --git a/java/ql/lib/ext/javax.ws.rs.core.model.yml b/java/ql/lib/ext/javax.ws.rs.core.model.yml index b73078a5ae5..dfdf2ee6fd0 100644 --- a/java/ql/lib/ext/javax.ws.rs.core.model.yml +++ b/java/ql/lib/ext/javax.ws.rs.core.model.yml @@ -3,9 +3,9 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["javax.ws.rs.core", "Response", True, "seeOther", "", "", "Argument[0]", "url-redirect", "manual"] - - ["javax.ws.rs.core", "Response", True, "temporaryRedirect", "", "", "Argument[0]", "url-redirect", "manual"] - - ["javax.ws.rs.core", "ResponseBuilder", False, "header", "", "", "Argument[1]", "header-splitting", "manual"] + - ["javax.ws.rs.core", "Response", True, "seeOther", "", "", "Argument[0]", "url-redirection", "manual"] + - ["javax.ws.rs.core", "Response", True, "temporaryRedirect", "", "", "Argument[0]", "url-redirection", "manual"] + - ["javax.ws.rs.core", "ResponseBuilder", False, "header", "", "", "Argument[1]", "response-splitting", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/javax.xml.transform.model.yml b/java/ql/lib/ext/javax.xml.transform.model.yml index ffc321b004f..62a66a3d7ae 100644 --- a/java/ql/lib/ext/javax.xml.transform.model.yml +++ b/java/ql/lib/ext/javax.xml.transform.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["javax.xml.transform", "Transformer", False, "transform", "", "", "Argument[this]", "xslt", "manual"] + - ["javax.xml.transform", "Transformer", False, "transform", "", "", "Argument[this]", "xslt-injection", "manual"] diff --git a/java/ql/lib/ext/javax.xml.transform.stream.model.yml b/java/ql/lib/ext/javax.xml.transform.stream.model.yml index c058a88f337..8cb96b4c775 100644 --- a/java/ql/lib/ext/javax.xml.transform.stream.model.yml +++ b/java/ql/lib/ext/javax.xml.transform.stream.model.yml @@ -9,4 +9,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["javax.xml.transform.stream", "StreamResult", True, "StreamResult", "(File)", "", "Argument[0]", "create-file", "ai-manual"] + - ["javax.xml.transform.stream", "StreamResult", True, "StreamResult", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/javax.xml.xpath.model.yml b/java/ql/lib/ext/javax.xml.xpath.model.yml index 68f51a34a2e..6cad83433b6 100644 --- a/java/ql/lib/ext/javax.xml.xpath.model.yml +++ b/java/ql/lib/ext/javax.xml.xpath.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["javax.xml.xpath", "XPath", True, "compile", "", "", "Argument[0]", "xpath", "manual"] - - ["javax.xml.xpath", "XPath", True, "evaluate", "", "", "Argument[0]", "xpath", "manual"] - - ["javax.xml.xpath", "XPath", True, "evaluateExpression", "", "", "Argument[0]", "xpath", "manual"] + - ["javax.xml.xpath", "XPath", True, "compile", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["javax.xml.xpath", "XPath", True, "evaluate", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["javax.xml.xpath", "XPath", True, "evaluateExpression", "", "", "Argument[0]", "xpath-injection", "manual"] diff --git a/java/ql/lib/ext/kotlin.io.model.yml b/java/ql/lib/ext/kotlin.io.model.yml index 335457a48a0..b748e04a292 100644 --- a/java/ql/lib/ext/kotlin.io.model.yml +++ b/java/ql/lib/ext/kotlin.io.model.yml @@ -3,14 +3,16 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["kotlin.io", "FilesKt", False, "deleteRecursively", "(File)", "", "Argument[0]", "create-file", "ai-manual"] # should be delete-file - - ["kotlin.io", "FilesKt", False, "inputStream", "(File)", "", "Argument[0]", "read-file", "ai-manual"] - - ["kotlin.io", "FilesKt", False, "readBytes", "(File)", "", "Argument[0]", "read-file", "ai-manual"] - - ["kotlin.io", "FilesKt", False, "readText", "(File,Charset)", "", "Argument[0]", "read-file", "ai-manual"] + - ["kotlin.io", "FilesKt", False, "deleteRecursively", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["kotlin.io", "FilesKt", False, "inputStream", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["kotlin.io", "FilesKt", False, "readBytes", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["kotlin.io", "FilesKt", False, "readText", "(File,Charset)", "", "Argument[0]", "path-injection", "ai-manual"] - addsTo: pack: codeql/java-all extensible: summaryModel data: + - ["kotlin.io", "CloseableKt", False, "use", "", "", "Argument[0]", "Argument[1].Parameter[0]", "value", "manual"] + - ["kotlin.io", "CloseableKt", False, "use", "", "", "Argument[1].ReturnValue", "ReturnValue", "value", "manual"] - ["kotlin.io", "FilesKt", False, "normalize", "(File)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"] - ["kotlin.io", "FilesKt", False, "relativeTo", "(File,File)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"] - ["kotlin.io", "FilesKt", False, "relativeTo", "(File,File)", "", "Argument[1]", "ReturnValue", "taint", "ai-manual"] diff --git a/java/ql/lib/ext/kotlin.model.yml b/java/ql/lib/ext/kotlin.model.yml new file mode 100644 index 00000000000..ea275a78515 --- /dev/null +++ b/java/ql/lib/ext/kotlin.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: codeql/java-all + extensible: summaryModel + data: + - ["kotlin", "StandardKt", False, "with", "", "", "Argument[0]", "Argument[1].Parameter[0]", "value", "manual"] + - ["kotlin", "StandardKt", False, "with", "", "", "Argument[1].ReturnValue", "ReturnValue", "value", "manual"] diff --git a/java/ql/lib/ext/net.sf.saxon.s9api.model.yml b/java/ql/lib/ext/net.sf.saxon.s9api.model.yml index 1559092f535..aa0e3eba5a9 100644 --- a/java/ql/lib/ext/net.sf.saxon.s9api.model.yml +++ b/java/ql/lib/ext/net.sf.saxon.s9api.model.yml @@ -3,8 +3,8 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["net.sf.saxon.s9api", "Xslt30Transformer", False, "applyTemplates", "", "", "Argument[this]", "xslt", "manual"] - - ["net.sf.saxon.s9api", "Xslt30Transformer", False, "callFunction", "", "", "Argument[this]", "xslt", "manual"] - - ["net.sf.saxon.s9api", "Xslt30Transformer", False, "callTemplate", "", "", "Argument[this]", "xslt", "manual"] - - ["net.sf.saxon.s9api", "Xslt30Transformer", False, "transform", "", "", "Argument[this]", "xslt", "manual"] - - ["net.sf.saxon.s9api", "XsltTransformer", False, "transform", "", "", "Argument[this]", "xslt", "manual"] + - ["net.sf.saxon.s9api", "Xslt30Transformer", False, "applyTemplates", "", "", "Argument[this]", "xslt-injection", "manual"] + - ["net.sf.saxon.s9api", "Xslt30Transformer", False, "callFunction", "", "", "Argument[this]", "xslt-injection", "manual"] + - ["net.sf.saxon.s9api", "Xslt30Transformer", False, "callTemplate", "", "", "Argument[this]", "xslt-injection", "manual"] + - ["net.sf.saxon.s9api", "Xslt30Transformer", False, "transform", "", "", "Argument[this]", "xslt-injection", "manual"] + - ["net.sf.saxon.s9api", "XsltTransformer", False, "transform", "", "", "Argument[this]", "xslt-injection", "manual"] diff --git a/java/ql/lib/ext/okhttp3.model.yml b/java/ql/lib/ext/okhttp3.model.yml index 21563331656..a0662408708 100644 --- a/java/ql/lib/ext/okhttp3.model.yml +++ b/java/ql/lib/ext/okhttp3.model.yml @@ -3,8 +3,10 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["okhttp3", "Request", True, "Request", "", "", "Argument[0]", "open-url", "manual"] - - ["okhttp3", "Request$Builder", True, "url", "", "", "Argument[0]", "open-url", "manual"] + - ["okhttp3", "OkHttpClient", True, "newCall", "(Request)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["okhttp3", "OkHttpClient", True, "newWebSocket", "(Request,WebSocketListener)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["okhttp3", "Request", True, "Request", "", "", "Argument[0]", "request-forgery", "manual"] + - ["okhttp3", "Request$Builder", True, "url", "", "", "Argument[0]", "request-forgery", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel @@ -56,3 +58,4 @@ extensions: - ["okhttp3", "HttpUrl$Builder", False, "setQueryParameter", "", "", "Argument[this]", "ReturnValue", "value", "manual"] - ["okhttp3", "HttpUrl$Builder", False, "setQueryParameter", "", "", "Argument[0]", "Argument[this]", "taint", "manual"] - ["okhttp3", "HttpUrl$Builder", False, "username", "", "", "Argument[this]", "ReturnValue", "value", "manual"] + - ["okhttp3", "Request$Builder", True, "build", "()", "", "Argument[this]", "ReturnValue", "taint", "ai-manual"] diff --git a/java/ql/lib/ext/org.antlr.runtime.model.yml b/java/ql/lib/ext/org.antlr.runtime.model.yml new file mode 100644 index 00000000000..db66062c682 --- /dev/null +++ b/java/ql/lib/ext/org.antlr.runtime.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: codeql/java-all + extensible: sinkModel + data: + - ["org.antlr.runtime", "ANTLRFileStream", True, "ANTLRFileStream", "(String,String)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/org.apache.commons.io.model.yml b/java/ql/lib/ext/org.apache.commons.io.model.yml index e23dd5fca44..e80bc525883 100644 --- a/java/ql/lib/ext/org.apache.commons.io.model.yml +++ b/java/ql/lib/ext/org.apache.commons.io.model.yml @@ -16,8 +16,8 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.commons.io", "FileUtils", True, "copyInputStreamToFile", "(InputStream,File)", "", "Argument[0]", "write-file", "ai-manual"] - - ["org.apache.commons.io", "FileUtils", True, "copyInputStreamToFile", "(InputStream,File)", "", "Argument[1]", "create-file", "manual"] - - ["org.apache.commons.io", "FileUtils", True, "copyToFile", "(InputStream,File)", "", "Argument[0]", "write-file", "ai-manual"] - - ["org.apache.commons.io", "FileUtils", True, "copyToFile", "(InputStream,File)", "", "Argument[1]", "create-file", "manual"] - - ["org.apache.commons.io", "FileUtils", True, "openInputStream", "(File)", "", "Argument[0]", "read-file", "ai-manual"] + - ["org.apache.commons.io", "FileUtils", True, "copyInputStreamToFile", "(InputStream,File)", "", "Argument[0]", "file-content-store", "ai-manual"] + - ["org.apache.commons.io", "FileUtils", True, "copyInputStreamToFile", "(InputStream,File)", "", "Argument[1]", "path-injection", "manual"] + - ["org.apache.commons.io", "FileUtils", True, "copyToFile", "(InputStream,File)", "", "Argument[0]", "file-content-store", "ai-manual"] + - ["org.apache.commons.io", "FileUtils", True, "copyToFile", "(InputStream,File)", "", "Argument[1]", "path-injection", "manual"] + - ["org.apache.commons.io", "FileUtils", True, "openInputStream", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/org.apache.commons.jelly.model.yml b/java/ql/lib/ext/org.apache.commons.jelly.model.yml index 0669f6744b9..ef9e48d041a 100644 --- a/java/ql/lib/ext/org.apache.commons.jelly.model.yml +++ b/java/ql/lib/ext/org.apache.commons.jelly.model.yml @@ -3,9 +3,9 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.commons.jelly", "JellyContext", True, "JellyContext", "(JellyContext,URL,URL)", "", "Argument[1]", "open-url", "ai-manual"] - - ["org.apache.commons.jelly", "JellyContext", True, "JellyContext", "(JellyContext,URL,URL)", "", "Argument[2]", "open-url", "ai-manual"] - - ["org.apache.commons.jelly", "JellyContext", True, "JellyContext", "(JellyContext,URL)", "", "Argument[1]", "open-url", "ai-manual"] - - ["org.apache.commons.jelly", "JellyContext", True, "JellyContext", "(URL,URL)", "", "Argument[0]", "open-url", "ai-manual"] - - ["org.apache.commons.jelly", "JellyContext", True, "JellyContext", "(URL,URL)", "", "Argument[1]", "open-url", "ai-manual"] - - ["org.apache.commons.jelly", "JellyContext", True, "JellyContext", "(URL)", "", "Argument[0]", "open-url", "ai-manual"] + - ["org.apache.commons.jelly", "JellyContext", True, "JellyContext", "(JellyContext,URL,URL)", "", "Argument[1]", "request-forgery", "ai-manual"] + - ["org.apache.commons.jelly", "JellyContext", True, "JellyContext", "(JellyContext,URL,URL)", "", "Argument[2]", "request-forgery", "ai-manual"] + - ["org.apache.commons.jelly", "JellyContext", True, "JellyContext", "(JellyContext,URL)", "", "Argument[1]", "request-forgery", "ai-manual"] + - ["org.apache.commons.jelly", "JellyContext", True, "JellyContext", "(URL,URL)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["org.apache.commons.jelly", "JellyContext", True, "JellyContext", "(URL,URL)", "", "Argument[1]", "request-forgery", "ai-manual"] + - ["org.apache.commons.jelly", "JellyContext", True, "JellyContext", "(URL)", "", "Argument[0]", "request-forgery", "ai-manual"] diff --git a/java/ql/lib/ext/org.apache.commons.jexl2.model.yml b/java/ql/lib/ext/org.apache.commons.jexl2.model.yml index f7ad474114e..8e224f5f20f 100644 --- a/java/ql/lib/ext/org.apache.commons.jexl2.model.yml +++ b/java/ql/lib/ext/org.apache.commons.jexl2.model.yml @@ -3,18 +3,18 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.commons.jexl2", "Expression", False, "callable", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "Expression", False, "evaluate", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "JexlEngine", False, "getProperty", "(JexlContext,Object,String)", "", "Argument[2]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "JexlEngine", False, "getProperty", "(Object,String)", "", "Argument[1]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "JexlEngine", False, "setProperty", "(JexlContext,Object,String,Object)", "", "Argument[2]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "JexlEngine", False, "setProperty", "(Object,String,Object)", "", "Argument[1]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "JexlExpression", False, "callable", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "JexlExpression", False, "evaluate", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "JexlScript", False, "callable", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "JexlScript", False, "execute", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "Script", False, "callable", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "Script", False, "execute", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "UnifiedJEXL$Expression", False, "evaluate", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "UnifiedJEXL$Expression", False, "prepare", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl2", "UnifiedJEXL$Template", False, "evaluate", "", "", "Argument[this]", "jexl", "manual"] + - ["org.apache.commons.jexl2", "Expression", False, "callable", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "Expression", False, "evaluate", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "JexlEngine", False, "getProperty", "(JexlContext,Object,String)", "", "Argument[2]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "JexlEngine", False, "getProperty", "(Object,String)", "", "Argument[1]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "JexlEngine", False, "setProperty", "(JexlContext,Object,String,Object)", "", "Argument[2]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "JexlEngine", False, "setProperty", "(Object,String,Object)", "", "Argument[1]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "JexlExpression", False, "callable", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "JexlExpression", False, "evaluate", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "JexlScript", False, "callable", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "JexlScript", False, "execute", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "Script", False, "callable", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "Script", False, "execute", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "UnifiedJEXL$Expression", False, "evaluate", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "UnifiedJEXL$Expression", False, "prepare", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl2", "UnifiedJEXL$Template", False, "evaluate", "", "", "Argument[this]", "jexl-injection", "manual"] diff --git a/java/ql/lib/ext/org.apache.commons.jexl3.model.yml b/java/ql/lib/ext/org.apache.commons.jexl3.model.yml index cbe04fc3e60..e2fee2fcb3d 100644 --- a/java/ql/lib/ext/org.apache.commons.jexl3.model.yml +++ b/java/ql/lib/ext/org.apache.commons.jexl3.model.yml @@ -3,18 +3,18 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.commons.jexl3", "Expression", False, "callable", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "Expression", False, "evaluate", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "JexlEngine", False, "getProperty", "(JexlContext,Object,String)", "", "Argument[2]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "JexlEngine", False, "getProperty", "(Object,String)", "", "Argument[1]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "JexlEngine", False, "setProperty", "(JexlContext,Object,String)", "", "Argument[2]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "JexlEngine", False, "setProperty", "(Object,String,Object)", "", "Argument[1]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "JexlExpression", False, "callable", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "JexlExpression", False, "evaluate", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "JexlScript", False, "callable", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "JexlScript", False, "execute", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "JxltEngine$Expression", False, "evaluate", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "JxltEngine$Expression", False, "prepare", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "JxltEngine$Template", False, "evaluate", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "Script", False, "callable", "", "", "Argument[this]", "jexl", "manual"] - - ["org.apache.commons.jexl3", "Script", False, "execute", "", "", "Argument[this]", "jexl", "manual"] + - ["org.apache.commons.jexl3", "Expression", False, "callable", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "Expression", False, "evaluate", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "JexlEngine", False, "getProperty", "(JexlContext,Object,String)", "", "Argument[2]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "JexlEngine", False, "getProperty", "(Object,String)", "", "Argument[1]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "JexlEngine", False, "setProperty", "(JexlContext,Object,String)", "", "Argument[2]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "JexlEngine", False, "setProperty", "(Object,String,Object)", "", "Argument[1]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "JexlExpression", False, "callable", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "JexlExpression", False, "evaluate", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "JexlScript", False, "callable", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "JexlScript", False, "execute", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "JxltEngine$Expression", False, "evaluate", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "JxltEngine$Expression", False, "prepare", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "JxltEngine$Template", False, "evaluate", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "Script", False, "callable", "", "", "Argument[this]", "jexl-injection", "manual"] + - ["org.apache.commons.jexl3", "Script", False, "execute", "", "", "Argument[this]", "jexl-injection", "manual"] diff --git a/java/ql/lib/ext/org.apache.commons.logging.model.yml b/java/ql/lib/ext/org.apache.commons.logging.model.yml index 8f40e26f2a1..7e2be01c522 100644 --- a/java/ql/lib/ext/org.apache.commons.logging.model.yml +++ b/java/ql/lib/ext/org.apache.commons.logging.model.yml @@ -3,9 +3,9 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.commons.logging", "Log", True, "debug", "", "", "Argument[0]", "logging", "manual"] - - ["org.apache.commons.logging", "Log", True, "error", "", "", "Argument[0]", "logging", "manual"] - - ["org.apache.commons.logging", "Log", True, "fatal", "", "", "Argument[0]", "logging", "manual"] - - ["org.apache.commons.logging", "Log", True, "info", "", "", "Argument[0]", "logging", "manual"] - - ["org.apache.commons.logging", "Log", True, "trace", "", "", "Argument[0]", "logging", "manual"] - - ["org.apache.commons.logging", "Log", True, "warn", "", "", "Argument[0]", "logging", "manual"] + - ["org.apache.commons.logging", "Log", True, "debug", "", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.commons.logging", "Log", True, "error", "", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.commons.logging", "Log", True, "fatal", "", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.commons.logging", "Log", True, "info", "", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.commons.logging", "Log", True, "trace", "", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.commons.logging", "Log", True, "warn", "", "", "Argument[0]", "log-injection", "manual"] diff --git a/java/ql/lib/ext/org.apache.commons.net.model.yml b/java/ql/lib/ext/org.apache.commons.net.model.yml new file mode 100644 index 00000000000..0a4c46e6a3c --- /dev/null +++ b/java/ql/lib/ext/org.apache.commons.net.model.yml @@ -0,0 +1,30 @@ +extensions: + - addsTo: + pack: codeql/java-all + extensible: sinkModel + data: + - ["org.apache.commons.net", "SocketClient", true, "connect", "(InetAddress)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.commons.net", "SocketClient", true, "connect", "(InetAddress,int)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.commons.net", "SocketClient", true, "connect", "(InetAddress,int,InetAddress,int)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.commons.net", "SocketClient", true, "connect", "(String)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.commons.net", "SocketClient", true, "connect", "(String,int)", "", "Argument[0]", "request-forgery", "df-manual"] + - ["org.apache.commons.net", "SocketClient", true, "connect", "(String,int,InetAddress,int)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.commons.net.util", "KeyManagerUtils", false, "createClientKeyManager", "(File,String)", "", "Argument[0]", "path-injection", "df-manual"] + - ["org.apache.commons.net.util", "KeyManagerUtils", false, "createClientKeyManager", "(File,String,String)", "", "Argument[0]", "path-injection", "df-manual"] + - ["org.apache.commons.net.util", "KeyManagerUtils", false, "createClientKeyManager", "(String,File,String,String,String)", "", "Argument[1]", "path-injection", "df-manual"] + - addsTo: + pack: codeql/java-all + extensible: sourceModel + data: + - ["org.apache.commons.net.ftp", "FTPClient", true, "listDirectories", "()", "", "ReturnValue", "remote", "df-manual"] + - ["org.apache.commons.net.ftp", "FTPClient", true, "listDirectories", "(String)", "", "ReturnValue", "remote", "df-manual"] + - ["org.apache.commons.net.ftp", "FTPClient", true, "listFiles", "()", "", "ReturnValue", "remote", "df-manual"] + - ["org.apache.commons.net.ftp", "FTPClient", true, "listFiles", "(String)", "", "ReturnValue", "remote", "df-manual"] + - ["org.apache.commons.net.ftp", "FTPClient", true, "listFiles", "(String,FTPFileFilter)", "", "ReturnValue", "remote", "df-manual"] + - ["org.apache.commons.net.ftp", "FTPClient", true, "listNames", "()", "", "ReturnValue", "remote", "df-manual"] + - ["org.apache.commons.net.ftp", "FTPClient", true, "listNames", "(String)", "", "ReturnValue", "remote", "df-manual"] + - ["org.apache.commons.net.ftp", "FTPClient", true, "mlistDir", "()", "", "ReturnValue", "remote", "df-manual"] + - ["org.apache.commons.net.ftp", "FTPClient", true, "mlistDir", "(String)", "", "ReturnValue", "remote", "df-manual"] + - ["org.apache.commons.net.ftp", "FTPClient", true, "mlistDir", "(String,FTPFileFilter)", "", "ReturnValue", "remote", "df-manual"] + - ["org.apache.commons.net.ftp", "FTPClient", true, "retrieveFile", "(String,OutputStream)", "", "Argument[1]", "remote", "df-manual"] + - ["org.apache.commons.net.ftp", "FTPClient", true, "retrieveFileStream", "(String)", "", "ReturnValue", "remote", "df-manual"] diff --git a/java/ql/lib/ext/org.apache.directory.ldap.client.api.model.yml b/java/ql/lib/ext/org.apache.directory.ldap.client.api.model.yml index 14b580383d3..57b1655d944 100644 --- a/java/ql/lib/ext/org.apache.directory.ldap.client.api.model.yml +++ b/java/ql/lib/ext/org.apache.directory.ldap.client.api.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.directory.ldap.client.api", "LdapConnection", True, "search", "", "", "Argument[0..2]", "ldap", "manual"] + - ["org.apache.directory.ldap.client.api", "LdapConnection", True, "search", "", "", "Argument[0..2]", "ldap-injection", "manual"] diff --git a/java/ql/lib/ext/org.apache.hadoop.fs.model.yml b/java/ql/lib/ext/org.apache.hadoop.fs.model.yml new file mode 100644 index 00000000000..ba819b73776 --- /dev/null +++ b/java/ql/lib/ext/org.apache.hadoop.fs.model.yml @@ -0,0 +1,15 @@ +extensions: + - addsTo: + pack: codeql/java-all + extensible: summaryModel + data: + - ["org.apache.hadoop.fs", "Path", True, "Path", "(Path,Path)", "", "Argument[0]", "Argument[this]", "taint", "ai-manual"] + - ["org.apache.hadoop.fs", "Path", True, "Path", "(Path,Path)", "", "Argument[1]", "Argument[this]", "taint", "ai-manual"] + - ["org.apache.hadoop.fs", "Path", True, "Path", "(Path,String)", "", "Argument[0]", "Argument[this]", "taint", "ai-manual"] + - ["org.apache.hadoop.fs", "Path", True, "Path", "(Path,String)", "", "Argument[1]", "Argument[this]", "taint", "ai-manual"] + - ["org.apache.hadoop.fs", "Path", True, "Path", "(String,String,String)", "", "Argument[1]", "Argument[this]", "taint", "ai-manual"] + - ["org.apache.hadoop.fs", "Path", True, "Path", "(String,String,String)", "", "Argument[2]", "Argument[this]", "taint", "ai-manual"] + - ["org.apache.hadoop.fs", "Path", True, "Path", "(String,String)", "", "Argument[0]", "Argument[this]", "taint", "ai-manual"] + - ["org.apache.hadoop.fs", "Path", True, "Path", "(String,String)", "", "Argument[1]", "Argument[this]", "taint", "ai-manual"] + - ["org.apache.hadoop.fs", "Path", True, "Path", "(String)", "", "Argument[0]", "Argument[this]", "taint", "ai-manual"] + - ["org.apache.hadoop.fs", "Path", True, "Path", "(URI)", "", "Argument[0]", "Argument[this]", "taint", "ai-manual"] diff --git a/java/ql/lib/ext/org.apache.hadoop.hive.metastore.api.model.yml b/java/ql/lib/ext/org.apache.hadoop.hive.metastore.api.model.yml index 9189c6ab1fd..60d2d0c0153 100644 --- a/java/ql/lib/ext/org.apache.hadoop.hive.metastore.api.model.yml +++ b/java/ql/lib/ext/org.apache.hadoop.hive.metastore.api.model.yml @@ -3,5 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hadoop.hive.metastore.api", "DefaultConstraintsRequest", True, "DefaultConstraintsRequest", "(String,String,String)", "", "Argument[1]", "sql", "ai-manual"] - + - ["org.apache.hadoop.hive.metastore.api", "DefaultConstraintsRequest", True, "DefaultConstraintsRequest", "(String,String,String)", "", "Argument[1]", "sql-injection", "ai-manual"] diff --git a/java/ql/lib/ext/org.apache.hadoop.hive.metastore.model.yml b/java/ql/lib/ext/org.apache.hadoop.hive.metastore.model.yml index da335795194..bc902f548fd 100644 --- a/java/ql/lib/ext/org.apache.hadoop.hive.metastore.model.yml +++ b/java/ql/lib/ext/org.apache.hadoop.hive.metastore.model.yml @@ -3,6 +3,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hadoop.hive.metastore", "ObjectStore", True, "updatePartitionColumnStatistics", "(ColumnStatistics,List,String,long)", "", "Argument[0]", "sql", "ai-manual"] - - ["org.apache.hadoop.hive.metastore", "ObjectStore", True, "updatePartitionColumnStatistics", "(ColumnStatistics,List)", "", "Argument[0]", "sql", "ai-manual"] - + - ["org.apache.hadoop.hive.metastore", "ObjectStore", True, "updatePartitionColumnStatistics", "(ColumnStatistics,List,String,long)", "", "Argument[0]", "sql-injection", "ai-manual"] + - ["org.apache.hadoop.hive.metastore", "ObjectStore", True, "updatePartitionColumnStatistics", "(ColumnStatistics,List)", "", "Argument[0]", "sql-injection", "ai-manual"] diff --git a/java/ql/lib/ext/org.apache.hc.client5.http.async.methods.model.yml b/java/ql/lib/ext/org.apache.hc.client5.http.async.methods.model.yml index 0b0e040c054..17498977d8d 100644 --- a/java/ql/lib/ext/org.apache.hc.client5.http.async.methods.model.yml +++ b/java/ql/lib/ext/org.apache.hc.client5.http.async.methods.model.yml @@ -3,87 +3,87 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "create", "(Method,HttpHost,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "create", "(Method,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "create", "(Method,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "create", "(String,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "create", "(String,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "delete", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "delete", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "delete", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "get", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "get", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "get", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "head", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "head", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "head", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "options", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "options", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "options", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "patch", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "patch", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "patch", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "post", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "post", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "post", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "put", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "put", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "put", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "trace", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "trace", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "trace", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "ConfigurableHttpRequest", True, "ConfigurableHttpRequest", "(String,HttpHost,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "ConfigurableHttpRequest", True, "ConfigurableHttpRequest", "(String,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "SimpleHttpRequest", "(Method,HttpHost,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "SimpleHttpRequest", "(Method,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "SimpleHttpRequest", "(String,HttpHost,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "SimpleHttpRequest", "(String,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "create", "(Method,HttpHost,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "create", "(Method,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "create", "(String,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "create", "(String,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "create", "(Method,HttpHost,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "create", "(Method,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "create", "(Method,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "create", "(String,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "create", "(String,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "delete", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "delete", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "delete", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "get", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "get", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "get", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "head", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "head", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "head", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "options", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "options", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "options", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "patch", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "patch", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "patch", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "post", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "post", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "post", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "put", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "put", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "put", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "trace", "(HttpHost,String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "trace", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "trace", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "delete", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "delete", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "get", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "get", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "head", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "head", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "options", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "options", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "patch", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "patch", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "post", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "post", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "put", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "put", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "trace", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "trace", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "create", "(Method,HttpHost,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "create", "(Method,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "create", "(Method,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "create", "(String,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "create", "(String,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "delete", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "delete", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "delete", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "get", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "get", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "get", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "head", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "head", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "head", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "options", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "options", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "options", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "patch", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "patch", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "patch", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "post", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "post", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "post", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "put", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "put", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "put", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "trace", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "trace", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "trace", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "ConfigurableHttpRequest", True, "ConfigurableHttpRequest", "(String,HttpHost,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "ConfigurableHttpRequest", True, "ConfigurableHttpRequest", "(String,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "SimpleHttpRequest", "(Method,HttpHost,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "SimpleHttpRequest", "(Method,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "SimpleHttpRequest", "(String,HttpHost,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "SimpleHttpRequest", "(String,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "create", "(Method,HttpHost,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "create", "(Method,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "create", "(String,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "create", "(String,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "create", "(Method,HttpHost,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "create", "(Method,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "create", "(Method,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "create", "(String,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "create", "(String,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "delete", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "delete", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "delete", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "get", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "get", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "get", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "head", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "head", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "head", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "options", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "options", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "options", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "patch", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "patch", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "patch", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "post", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "post", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "post", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "put", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "put", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "put", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "trace", "(HttpHost,String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "trace", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "trace", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "delete", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "delete", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "get", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "get", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "head", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "head", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "options", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "options", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "patch", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "patch", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "post", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "post", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "put", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "put", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "trace", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "trace", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] diff --git a/java/ql/lib/ext/org.apache.hc.client5.http.classic.methods.model.yml b/java/ql/lib/ext/org.apache.hc.client5.http.classic.methods.model.yml index 513a4e7eb7a..8b360282cec 100644 --- a/java/ql/lib/ext/org.apache.hc.client5.http.classic.methods.model.yml +++ b/java/ql/lib/ext/org.apache.hc.client5.http.classic.methods.model.yml @@ -3,40 +3,40 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "create", "(Method,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "create", "(Method,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "create", "(String,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "create", "(String,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "delete", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "delete", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "get", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "get", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "head", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "head", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "options", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "options", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "patch", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "patch", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "post", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "post", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "put", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "put", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "trace", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "trace", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpDelete", True, "HttpDelete", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpDelete", True, "HttpDelete", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpGet", True, "HttpGet", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpGet", True, "HttpGet", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpHead", True, "HttpHead", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpHead", True, "HttpHead", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpOptions", True, "HttpOptions", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpOptions", True, "HttpOptions", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpPatch", True, "HttpPatch", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpPatch", True, "HttpPatch", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpPost", True, "HttpPost", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpPost", True, "HttpPost", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpPut", True, "HttpPut", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpPut", True, "HttpPut", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpTrace", True, "HttpTrace", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpTrace", True, "HttpTrace", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.classic.methods", "HttpUriRequestBase", True, "HttpUriRequestBase", "(String,URI)", "", "Argument[1]", "open-url", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "create", "(Method,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "create", "(Method,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "create", "(String,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "create", "(String,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "delete", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "delete", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "get", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "get", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "head", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "head", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "options", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "options", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "patch", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "patch", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "post", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "post", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "put", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "put", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "trace", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "trace", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpDelete", True, "HttpDelete", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpDelete", True, "HttpDelete", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpGet", True, "HttpGet", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpGet", True, "HttpGet", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpHead", True, "HttpHead", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpHead", True, "HttpHead", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpOptions", True, "HttpOptions", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpOptions", True, "HttpOptions", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpPatch", True, "HttpPatch", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpPatch", True, "HttpPatch", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpPost", True, "HttpPost", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpPost", True, "HttpPost", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpPut", True, "HttpPut", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpPut", True, "HttpPut", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpTrace", True, "HttpTrace", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpTrace", True, "HttpTrace", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.classic.methods", "HttpUriRequestBase", True, "HttpUriRequestBase", "(String,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] diff --git a/java/ql/lib/ext/org.apache.hc.client5.http.fluent.model.yml b/java/ql/lib/ext/org.apache.hc.client5.http.fluent.model.yml index ce3b5567b7b..ff25f6c43a3 100644 --- a/java/ql/lib/ext/org.apache.hc.client5.http.fluent.model.yml +++ b/java/ql/lib/ext/org.apache.hc.client5.http.fluent.model.yml @@ -3,22 +3,22 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hc.client5.http.fluent", "Request", True, "create", "(Method,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "create", "(String,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "create", "(String,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "delete", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "delete", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "get", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "get", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "head", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "head", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "options", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "options", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "patch", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "patch", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "post", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "post", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "put", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "put", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "trace", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.client5.http.fluent", "Request", True, "trace", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "create", "(Method,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "create", "(String,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "create", "(String,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "delete", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "delete", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "get", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "get", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "head", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "head", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "options", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "options", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "patch", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "patch", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "post", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "post", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "put", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "put", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "trace", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.client5.http.fluent", "Request", True, "trace", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] diff --git a/java/ql/lib/ext/org.apache.hc.client5.http.protocol.model.yml b/java/ql/lib/ext/org.apache.hc.client5.http.protocol.model.yml new file mode 100644 index 00000000000..b5f46643f2f --- /dev/null +++ b/java/ql/lib/ext/org.apache.hc.client5.http.protocol.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: codeql/java-all + extensible: neutralModel + data: + # sink neutrals + - ["org.apache.hc.client5.http.protocol", "RedirectLocations", "contains", "", "sink", "hq-manual"] diff --git a/java/ql/lib/ext/org.apache.hc.core5.benchmark.model.yml b/java/ql/lib/ext/org.apache.hc.core5.benchmark.model.yml index 450a46cd1ec..0143a0a68ab 100644 --- a/java/ql/lib/ext/org.apache.hc.core5.benchmark.model.yml +++ b/java/ql/lib/ext/org.apache.hc.core5.benchmark.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hc.core5.benchmark", "BenchmarkConfig$Builder", True, "setUri", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] + - ["org.apache.hc.core5.benchmark", "BenchmarkConfig$Builder", True, "setUri", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] diff --git a/java/ql/lib/ext/org.apache.hc.core5.http.impl.bootstrap.model.yml b/java/ql/lib/ext/org.apache.hc.core5.http.impl.bootstrap.model.yml index a2789520908..280cf49b175 100644 --- a/java/ql/lib/ext/org.apache.hc.core5.http.impl.bootstrap.model.yml +++ b/java/ql/lib/ext/org.apache.hc.core5.http.impl.bootstrap.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hc.core5.http.impl.bootstrap", "HttpAsyncRequester", True, "connect", "(HttpHost,Timeout)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.impl.bootstrap", "HttpAsyncRequester", True, "connect", "(HttpHost,Timeout,Object,FutureCallback)", "", "Argument[0]", "open-url", "hq-manual"] + - ["org.apache.hc.core5.http.impl.bootstrap", "HttpAsyncRequester", True, "connect", "(HttpHost,Timeout)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.impl.bootstrap", "HttpAsyncRequester", True, "connect", "(HttpHost,Timeout,Object,FutureCallback)", "", "Argument[0]", "request-forgery", "hq-manual"] diff --git a/java/ql/lib/ext/org.apache.hc.core5.http.io.support.model.yml b/java/ql/lib/ext/org.apache.hc.core5.http.io.support.model.yml index 86d55853d8f..1f602d987cc 100644 --- a/java/ql/lib/ext/org.apache.hc.core5.http.io.support.model.yml +++ b/java/ql/lib/ext/org.apache.hc.core5.http.io.support.model.yml @@ -3,19 +3,19 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "delete", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "delete", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "get", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "get", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "head", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "head", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "options", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "options", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "patch", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "patch", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "post", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "post", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "put", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "put", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "trace", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "trace", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "delete", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "delete", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "get", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "get", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "head", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "head", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "options", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "options", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "patch", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "patch", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "post", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "post", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "put", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "put", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "trace", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "trace", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] diff --git a/java/ql/lib/ext/org.apache.hc.core5.http.message.model.yml b/java/ql/lib/ext/org.apache.hc.core5.http.message.model.yml index e8cc56f35a5..44ed7ac03c1 100644 --- a/java/ql/lib/ext/org.apache.hc.core5.http.message.model.yml +++ b/java/ql/lib/ext/org.apache.hc.core5.http.message.model.yml @@ -3,14 +3,14 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hc.core5.http.message", "BasicClassicHttpRequest", True, "BasicClassicHttpRequest", "(Method,HttpHost,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.message", "BasicClassicHttpRequest", True, "BasicClassicHttpRequest", "(Method,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.message", "BasicClassicHttpRequest", True, "BasicClassicHttpRequest", "(String,HttpHost,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.message", "BasicClassicHttpRequest", True, "BasicClassicHttpRequest", "(String,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.message", "BasicHttpRequest", True, "BasicHttpRequest", "(Method,HttpHost,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.message", "BasicHttpRequest", True, "BasicHttpRequest", "(Method,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.message", "BasicHttpRequest", True, "BasicHttpRequest", "(String,HttpHost,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.message", "BasicHttpRequest", True, "BasicHttpRequest", "(String,URI)", "", "Argument[1]", "open-url", "hq-manual"] + - ["org.apache.hc.core5.http.message", "BasicClassicHttpRequest", True, "BasicClassicHttpRequest", "(Method,HttpHost,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.message", "BasicClassicHttpRequest", True, "BasicClassicHttpRequest", "(Method,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.message", "BasicClassicHttpRequest", True, "BasicClassicHttpRequest", "(String,HttpHost,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.message", "BasicClassicHttpRequest", True, "BasicClassicHttpRequest", "(String,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.message", "BasicHttpRequest", True, "BasicHttpRequest", "(Method,HttpHost,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.message", "BasicHttpRequest", True, "BasicHttpRequest", "(Method,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.message", "BasicHttpRequest", True, "BasicHttpRequest", "(String,HttpHost,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.message", "BasicHttpRequest", True, "BasicHttpRequest", "(String,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] - addsTo: pack: codeql/java-all diff --git a/java/ql/lib/ext/org.apache.hc.core5.http.model.yml b/java/ql/lib/ext/org.apache.hc.core5.http.model.yml index 6c1c6d63efe..321b4235ea8 100644 --- a/java/ql/lib/ext/org.apache.hc.core5.http.model.yml +++ b/java/ql/lib/ext/org.apache.hc.core5.http.model.yml @@ -3,10 +3,10 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hc.core5.http", "HttpEntityContainer", True, "setEntity", "(HttpEntity)", "", "Argument[0]", "xss", "manual"] - - ["org.apache.hc.core5.http", "HttpRequest", True, "setUri", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http", "HttpRequestFactory", True, "newHttpRequest", "(String,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http", "HttpRequestFactory", True, "newHttpRequest", "(String,URI)", "", "Argument[1]", "open-url", "hq-manual"] + - ["org.apache.hc.core5.http", "HttpEntityContainer", True, "setEntity", "(HttpEntity)", "", "Argument[0]", "html-injection", "manual"] + - ["org.apache.hc.core5.http", "HttpRequest", True, "setUri", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http", "HttpRequestFactory", True, "newHttpRequest", "(String,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http", "HttpRequestFactory", True, "newHttpRequest", "(String,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/org.apache.hc.core5.http.nio.support.model.yml b/java/ql/lib/ext/org.apache.hc.core5.http.nio.support.model.yml index 263ca830720..9d896b593c9 100644 --- a/java/ql/lib/ext/org.apache.hc.core5.http.nio.support.model.yml +++ b/java/ql/lib/ext/org.apache.hc.core5.http.nio.support.model.yml @@ -3,27 +3,27 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "delete", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "delete", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "get", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "get", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "head", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "head", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "options", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "options", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "patch", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "patch", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "post", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "post", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "put", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "put", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "trace", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "trace", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(Method,HttpHost,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(Method,HttpHost,String,AsyncEntityProducer)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(Method,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(Method,URI,AsyncEntityProducer)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(String,HttpHost,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(String,HttpHost,String,AsyncEntityProducer)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(String,URI)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(String,URI,AsyncEntityProducer)", "", "Argument[1]", "open-url", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "delete", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "delete", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "get", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "get", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "head", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "head", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "options", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "options", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "patch", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "patch", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "post", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "post", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "put", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "put", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "trace", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "trace", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(Method,HttpHost,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(Method,HttpHost,String,AsyncEntityProducer)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(Method,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(Method,URI,AsyncEntityProducer)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(String,HttpHost,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(String,HttpHost,String,AsyncEntityProducer)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(String,URI)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(String,URI,AsyncEntityProducer)", "", "Argument[1]", "request-forgery", "hq-manual"] diff --git a/java/ql/lib/ext/org.apache.hc.core5.http.support.model.yml b/java/ql/lib/ext/org.apache.hc.core5.http.support.model.yml index eee42d496f3..cb8d17d283a 100644 --- a/java/ql/lib/ext/org.apache.hc.core5.http.support.model.yml +++ b/java/ql/lib/ext/org.apache.hc.core5.http.support.model.yml @@ -3,22 +3,22 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hc.core5.http.support", "AbstractRequestBuilder", True, "setHttpHost", "(HttpHost)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "AbstractRequestBuilder", True, "setUri", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "AbstractRequestBuilder", True, "setUri", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "delete", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "delete", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "get", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "get", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "head", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "head", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "options", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "options", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "patch", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "patch", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "post", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "post", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "put", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "put", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "trace", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "trace", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] + - ["org.apache.hc.core5.http.support", "AbstractRequestBuilder", True, "setHttpHost", "(HttpHost)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "AbstractRequestBuilder", True, "setUri", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "AbstractRequestBuilder", True, "setUri", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "delete", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "delete", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "get", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "get", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "head", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "head", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "options", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "options", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "patch", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "patch", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "post", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "post", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "put", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "put", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "trace", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "trace", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] diff --git a/java/ql/lib/ext/org.apache.hive.hcatalog.templeton.model.yml b/java/ql/lib/ext/org.apache.hive.hcatalog.templeton.model.yml index 3f980bdbb3f..35c0e9f27a3 100644 --- a/java/ql/lib/ext/org.apache.hive.hcatalog.templeton.model.yml +++ b/java/ql/lib/ext/org.apache.hive.hcatalog.templeton.model.yml @@ -3,5 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.hive.hcatalog.templeton", "HcatDelegator", True, "addOneColumn", "(String,String,String,ColumnDesc)", "", "Argument[3]", "sql", "ai-manual"] - + - ["org.apache.hive.hcatalog.templeton", "HcatDelegator", True, "addOneColumn", "(String,String,String,ColumnDesc)", "", "Argument[3]", "sql-injection", "ai-manual"] diff --git a/java/ql/lib/ext/org.apache.http.client.fluent.model.yml b/java/ql/lib/ext/org.apache.http.client.fluent.model.yml index 924ab14fc5e..dad428e4d1a 100644 --- a/java/ql/lib/ext/org.apache.http.client.fluent.model.yml +++ b/java/ql/lib/ext/org.apache.http.client.fluent.model.yml @@ -3,19 +3,19 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.http.client.fluent", "Request", True, "Delete", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Delete", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Get", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Get", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Head", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Head", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Options", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Options", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Patch", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Patch", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Post", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Post", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Put", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Put", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Trace", "(String)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.fluent", "Request", True, "Trace", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Delete", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Delete", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Get", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Get", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Head", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Head", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Options", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Options", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Patch", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Patch", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Post", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Post", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Put", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Put", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Trace", "(String)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.fluent", "Request", True, "Trace", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] diff --git a/java/ql/lib/ext/org.apache.http.client.methods.model.yml b/java/ql/lib/ext/org.apache.http.client.methods.model.yml index 5db791422c8..4eccb08eb8c 100644 --- a/java/ql/lib/ext/org.apache.http.client.methods.model.yml +++ b/java/ql/lib/ext/org.apache.http.client.methods.model.yml @@ -3,22 +3,22 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.http.client.methods", "HttpDelete", False, "HttpDelete", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "HttpGet", False, "HttpGet", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "HttpHead", False, "HttpHead", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "HttpOptions", False, "HttpOptions", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "HttpPatch", False, "HttpPatch", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "HttpPost", False, "HttpPost", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "HttpPut", False, "HttpPut", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "HttpRequestBase", True, "setURI", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "HttpRequestWrapper", True, "setURI", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] - - ["org.apache.http.client.methods", "HttpTrace", False, "HttpTrace", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "RequestBuilder", False, "delete", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "RequestBuilder", False, "get", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "RequestBuilder", False, "head", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "RequestBuilder", False, "options", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "RequestBuilder", False, "patch", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "RequestBuilder", False, "post", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "RequestBuilder", False, "put", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "RequestBuilder", False, "setUri", "", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.client.methods", "RequestBuilder", False, "trace", "", "", "Argument[0]", "open-url", "manual"] + - ["org.apache.http.client.methods", "HttpDelete", False, "HttpDelete", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "HttpGet", False, "HttpGet", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "HttpHead", False, "HttpHead", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "HttpOptions", False, "HttpOptions", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "HttpPatch", False, "HttpPatch", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "HttpPost", False, "HttpPost", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "HttpPut", False, "HttpPut", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "HttpRequestBase", True, "setURI", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "HttpRequestWrapper", True, "setURI", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] + - ["org.apache.http.client.methods", "HttpTrace", False, "HttpTrace", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "RequestBuilder", False, "delete", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "RequestBuilder", False, "get", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "RequestBuilder", False, "head", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "RequestBuilder", False, "options", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "RequestBuilder", False, "patch", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "RequestBuilder", False, "post", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "RequestBuilder", False, "put", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "RequestBuilder", False, "setUri", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.client.methods", "RequestBuilder", False, "trace", "", "", "Argument[0]", "request-forgery", "manual"] diff --git a/java/ql/lib/ext/org.apache.http.client.model.yml b/java/ql/lib/ext/org.apache.http.client.model.yml index abdfb6ed91d..681efdf32e7 100644 --- a/java/ql/lib/ext/org.apache.http.client.model.yml +++ b/java/ql/lib/ext/org.apache.http.client.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.http.client", "HttpClient", True, "execute", "(HttpUriRequest,HttpContext)", "", "Argument[0]", "open-url", "ai-manual"] - - ["org.apache.http.client", "HttpClient", True, "execute", "(HttpUriRequest,ResponseHandler,HttpContext)", "", "Argument[0]", "open-url", "ai-manual"] - - ["org.apache.http.client", "HttpClient", True, "execute", "(HttpUriRequest)", "", "Argument[0]", "open-url", "ai-manual"] + - ["org.apache.http.client", "HttpClient", True, "execute", "(HttpUriRequest,HttpContext)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["org.apache.http.client", "HttpClient", True, "execute", "(HttpUriRequest,ResponseHandler,HttpContext)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["org.apache.http.client", "HttpClient", True, "execute", "(HttpUriRequest)", "", "Argument[0]", "request-forgery", "ai-manual"] diff --git a/java/ql/lib/ext/org.apache.http.impl.client.model.yml b/java/ql/lib/ext/org.apache.http.impl.client.model.yml index 5cc1aca7498..be517e5344f 100644 --- a/java/ql/lib/ext/org.apache.http.impl.client.model.yml +++ b/java/ql/lib/ext/org.apache.http.impl.client.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.http.impl.client", "RequestWrapper", True, "setURI", "(URI)", "", "Argument[0]", "open-url", "hq-manual"] + - ["org.apache.http.impl.client", "RequestWrapper", True, "setURI", "(URI)", "", "Argument[0]", "request-forgery", "hq-manual"] diff --git a/java/ql/lib/ext/org.apache.http.message.model.yml b/java/ql/lib/ext/org.apache.http.message.model.yml index c727b57b210..4ee0d13d8c1 100644 --- a/java/ql/lib/ext/org.apache.http.message.model.yml +++ b/java/ql/lib/ext/org.apache.http.message.model.yml @@ -3,12 +3,12 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.http.message", "BasicHttpEntityEnclosingRequest", False, "BasicHttpEntityEnclosingRequest", "(RequestLine)", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.message", "BasicHttpEntityEnclosingRequest", False, "BasicHttpEntityEnclosingRequest", "(String,String)", "", "Argument[1]", "open-url", "manual"] - - ["org.apache.http.message", "BasicHttpEntityEnclosingRequest", False, "BasicHttpEntityEnclosingRequest", "(String,String,ProtocolVersion)", "", "Argument[1]", "open-url", "manual"] - - ["org.apache.http.message", "BasicHttpRequest", False, "BasicHttpRequest", "(RequestLine)", "", "Argument[0]", "open-url", "manual"] - - ["org.apache.http.message", "BasicHttpRequest", False, "BasicHttpRequest", "(String,String)", "", "Argument[1]", "open-url", "manual"] - - ["org.apache.http.message", "BasicHttpRequest", False, "BasicHttpRequest", "(String,String,ProtocolVersion)", "", "Argument[1]", "open-url", "manual"] + - ["org.apache.http.message", "BasicHttpEntityEnclosingRequest", False, "BasicHttpEntityEnclosingRequest", "(RequestLine)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.message", "BasicHttpEntityEnclosingRequest", False, "BasicHttpEntityEnclosingRequest", "(String,String)", "", "Argument[1]", "request-forgery", "manual"] + - ["org.apache.http.message", "BasicHttpEntityEnclosingRequest", False, "BasicHttpEntityEnclosingRequest", "(String,String,ProtocolVersion)", "", "Argument[1]", "request-forgery", "manual"] + - ["org.apache.http.message", "BasicHttpRequest", False, "BasicHttpRequest", "(RequestLine)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.apache.http.message", "BasicHttpRequest", False, "BasicHttpRequest", "(String,String)", "", "Argument[1]", "request-forgery", "manual"] + - ["org.apache.http.message", "BasicHttpRequest", False, "BasicHttpRequest", "(String,String,ProtocolVersion)", "", "Argument[1]", "request-forgery", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/org.apache.http.model.yml b/java/ql/lib/ext/org.apache.http.model.yml index 466fe9d15a4..ff0bd813d83 100644 --- a/java/ql/lib/ext/org.apache.http.model.yml +++ b/java/ql/lib/ext/org.apache.http.model.yml @@ -9,8 +9,8 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.http", "HttpRequestFactory", True, "newHttpRequest", "(String,String)", "", "Argument[1]", "open-url", "hq-manual"] - - ["org.apache.http", "HttpResponse", True, "setEntity", "(HttpEntity)", "", "Argument[0]", "xss", "manual"] + - ["org.apache.http", "HttpRequestFactory", True, "newHttpRequest", "(String,String)", "", "Argument[1]", "request-forgery", "hq-manual"] + - ["org.apache.http", "HttpResponse", True, "setEntity", "(HttpEntity)", "", "Argument[0]", "html-injection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/org.apache.http.util.model.yml b/java/ql/lib/ext/org.apache.http.util.model.yml index d5469664ab6..7e4fd9dde25 100644 --- a/java/ql/lib/ext/org.apache.http.util.model.yml +++ b/java/ql/lib/ext/org.apache.http.util.model.yml @@ -3,7 +3,7 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.http.util", "EntityUtils", True, "updateEntity", "(HttpResponse,HttpEntity)", "", "Argument[1]", "xss", "manual"] + - ["org.apache.http.util", "EntityUtils", True, "updateEntity", "(HttpResponse,HttpEntity)", "", "Argument[1]", "html-injection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/org.apache.ibatis.jdbc.model.yml b/java/ql/lib/ext/org.apache.ibatis.jdbc.model.yml index e966d7bd735..e1b37b8f851 100644 --- a/java/ql/lib/ext/org.apache.ibatis.jdbc.model.yml +++ b/java/ql/lib/ext/org.apache.ibatis.jdbc.model.yml @@ -3,12 +3,12 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.ibatis.jdbc", "SqlRunner", False, "delete", "(String,Object[])", "", "Argument[0]", "sql", "manual"] - - ["org.apache.ibatis.jdbc", "SqlRunner", False, "insert", "(String,Object[])", "", "Argument[0]", "sql", "manual"] - - ["org.apache.ibatis.jdbc", "SqlRunner", False, "run", "(String)", "", "Argument[0]", "sql", "manual"] - - ["org.apache.ibatis.jdbc", "SqlRunner", False, "selectAll", "(String,Object[])", "", "Argument[0]", "sql", "manual"] - - ["org.apache.ibatis.jdbc", "SqlRunner", False, "selectOne", "(String,Object[])", "", "Argument[0]", "sql", "manual"] - - ["org.apache.ibatis.jdbc", "SqlRunner", False, "update", "(String,Object[])", "", "Argument[0]", "sql", "manual"] + - ["org.apache.ibatis.jdbc", "SqlRunner", False, "delete", "(String,Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["org.apache.ibatis.jdbc", "SqlRunner", False, "insert", "(String,Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["org.apache.ibatis.jdbc", "SqlRunner", False, "run", "(String)", "", "Argument[0]", "sql-injection", "manual"] + - ["org.apache.ibatis.jdbc", "SqlRunner", False, "selectAll", "(String,Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["org.apache.ibatis.jdbc", "SqlRunner", False, "selectOne", "(String,Object[])", "", "Argument[0]", "sql-injection", "manual"] + - ["org.apache.ibatis.jdbc", "SqlRunner", False, "update", "(String,Object[])", "", "Argument[0]", "sql-injection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/org.apache.log4j.model.yml b/java/ql/lib/ext/org.apache.log4j.model.yml index 309f238111b..e27bdef0fbf 100644 --- a/java/ql/lib/ext/org.apache.log4j.model.yml +++ b/java/ql/lib/ext/org.apache.log4j.model.yml @@ -3,14 +3,14 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.log4j", "Category", True, "assertLog", "", "", "Argument[1]", "logging", "manual"] - - ["org.apache.log4j", "Category", True, "debug", "", "", "Argument[0]", "logging", "manual"] - - ["org.apache.log4j", "Category", True, "error", "", "", "Argument[0]", "logging", "manual"] - - ["org.apache.log4j", "Category", True, "fatal", "", "", "Argument[0]", "logging", "manual"] - - ["org.apache.log4j", "Category", True, "forcedLog", "", "", "Argument[2]", "logging", "manual"] - - ["org.apache.log4j", "Category", True, "info", "", "", "Argument[0]", "logging", "manual"] - - ["org.apache.log4j", "Category", True, "l7dlog", "(Priority,String,Object[],Throwable)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.log4j", "Category", True, "log", "(Priority,Object)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.log4j", "Category", True, "log", "(Priority,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.log4j", "Category", True, "log", "(String,Priority,Object,Throwable)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.log4j", "Category", True, "warn", "", "", "Argument[0]", "logging", "manual"] + - ["org.apache.log4j", "Category", True, "assertLog", "", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.log4j", "Category", True, "debug", "", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.log4j", "Category", True, "error", "", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.log4j", "Category", True, "fatal", "", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.log4j", "Category", True, "forcedLog", "", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.log4j", "Category", True, "info", "", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.log4j", "Category", True, "l7dlog", "(Priority,String,Object[],Throwable)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.log4j", "Category", True, "log", "(Priority,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.log4j", "Category", True, "log", "(Priority,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.log4j", "Category", True, "log", "(String,Priority,Object,Throwable)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.log4j", "Category", True, "warn", "", "", "Argument[0]", "log-injection", "manual"] diff --git a/java/ql/lib/ext/org.apache.logging.log4j.model.yml b/java/ql/lib/ext/org.apache.logging.log4j.model.yml index 5ffe10450a0..2c48df24365 100644 --- a/java/ql/lib/ext/org.apache.logging.log4j.model.yml +++ b/java/ql/lib/ext/org.apache.logging.log4j.model.yml @@ -3,365 +3,365 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(CharSequence)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(Message)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Supplier)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(Supplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(CharSequence)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(CharSequence,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,CharSequence)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,CharSequence,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,Message)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,MessageSupplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,MessageSupplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,Object)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Supplier)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,Supplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,Supplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Message)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Message,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(MessageSupplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(MessageSupplier,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Supplier)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Supplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "debug", "(Supplier,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "entry", "(Object[])", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(CharSequence)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(CharSequence,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,CharSequence)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,CharSequence,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,Message)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,MessageSupplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,MessageSupplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,Object)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Supplier)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,Supplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,Supplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Message)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Message,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(MessageSupplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(MessageSupplier,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Supplier)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Supplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "error", "(Supplier,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(CharSequence)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(CharSequence,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,CharSequence)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,CharSequence,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,Message)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,MessageSupplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,MessageSupplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,Object)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Supplier)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,Supplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,Supplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Message)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Message,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(MessageSupplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(MessageSupplier,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Supplier)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Supplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Supplier,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(CharSequence)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(CharSequence,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,CharSequence)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,CharSequence,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,Message)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,MessageSupplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,MessageSupplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,Object)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Supplier)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,Supplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,Supplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Message)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Message,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(MessageSupplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(MessageSupplier,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Supplier)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Supplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "info", "(Supplier,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,CharSequence)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,CharSequence,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,CharSequence)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,CharSequence,Throwable)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,Message)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,MessageSupplier)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,MessageSupplier,Throwable)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,Object)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,Object,Throwable)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object)", "", "Argument[2..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object)", "", "Argument[2..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object)", "", "Argument[2..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object)", "", "Argument[2..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object,Object)", "", "Argument[2..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[2..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[2..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[2..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[2..11]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[2..12]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object[])", "", "Argument[2..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Supplier)", "", "Argument[2..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Throwable)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,Supplier)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,Supplier,Throwable)", "", "Argument[2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Message)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Message,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,MessageSupplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,MessageSupplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Object)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Supplier)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Supplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Supplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "logMessage", "(Level,Marker,String,StackTraceElement,Message,Throwable)", "", "Argument[4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "printf", "(Level,Marker,String,Object[])", "", "Argument[2..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "printf", "(Level,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(CharSequence)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(CharSequence,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,CharSequence)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,CharSequence,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,Message)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,MessageSupplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,MessageSupplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,Object)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Supplier)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,Supplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,Supplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Message)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Message,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(MessageSupplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(MessageSupplier,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Supplier)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Supplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "trace", "(Supplier,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "traceEntry", "(Message)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "traceEntry", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "traceEntry", "(String,Supplier[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "traceEntry", "(Supplier[])", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "traceExit", "(EntryMessage)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "traceExit", "(EntryMessage,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "traceExit", "(Message,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "traceExit", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "traceExit", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(CharSequence)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(CharSequence,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,CharSequence)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,CharSequence,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,Message)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,MessageSupplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,MessageSupplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,Object)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Supplier)", "", "Argument[1..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,Supplier)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,Supplier,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Message)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Message,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(MessageSupplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(MessageSupplier,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Supplier)", "", "Argument[0..1]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Supplier)", "", "Argument[0]", "logging", "manual"] - - ["org.apache.logging.log4j", "Logger", True, "warn", "(Supplier,Throwable)", "", "Argument[0]", "logging", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(CharSequence)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(Message)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(String,Supplier)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "LogBuilder", True, "log", "(Supplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(CharSequence)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(CharSequence,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,CharSequence)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,CharSequence,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,Message)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,MessageSupplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,MessageSupplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Supplier)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,String,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,Supplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Marker,Supplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Message)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Message,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(MessageSupplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(MessageSupplier,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Supplier)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(String,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Supplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "debug", "(Supplier,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "entry", "(Object[])", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(CharSequence)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(CharSequence,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,CharSequence)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,CharSequence,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,Message)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,MessageSupplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,MessageSupplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Supplier)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,String,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,Supplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Marker,Supplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Message)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Message,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(MessageSupplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(MessageSupplier,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Supplier)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(String,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Supplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "error", "(Supplier,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(CharSequence)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(CharSequence,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,CharSequence)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,CharSequence,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,Message)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,MessageSupplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,MessageSupplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Supplier)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,String,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,Supplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Marker,Supplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Message)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Message,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(MessageSupplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(MessageSupplier,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Supplier)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(String,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Supplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "fatal", "(Supplier,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(CharSequence)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(CharSequence,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,CharSequence)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,CharSequence,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,Message)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,MessageSupplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,MessageSupplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Supplier)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,String,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,Supplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Marker,Supplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Message)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Message,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(MessageSupplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(MessageSupplier,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Supplier)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(String,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Supplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "info", "(Supplier,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,CharSequence)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,CharSequence,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,CharSequence)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,CharSequence,Throwable)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,Message)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,MessageSupplier)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,MessageSupplier,Throwable)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,Object)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,Object,Throwable)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object)", "", "Argument[2..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object)", "", "Argument[2..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object)", "", "Argument[2..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object)", "", "Argument[2..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object,Object)", "", "Argument[2..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[2..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[2..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[2..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[2..11]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[2..12]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Object[])", "", "Argument[2..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Supplier)", "", "Argument[2..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,String,Throwable)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,Supplier)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Marker,Supplier,Throwable)", "", "Argument[2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Message)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Message,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,MessageSupplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,MessageSupplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Supplier)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,String,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Supplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "log", "(Level,Supplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "logMessage", "(Level,Marker,String,StackTraceElement,Message,Throwable)", "", "Argument[4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "printf", "(Level,Marker,String,Object[])", "", "Argument[2..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "printf", "(Level,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(CharSequence)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(CharSequence,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,CharSequence)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,CharSequence,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,Message)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,MessageSupplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,MessageSupplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Supplier)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,String,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,Supplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Marker,Supplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Message)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Message,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(MessageSupplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(MessageSupplier,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Supplier)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(String,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Supplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "trace", "(Supplier,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "traceEntry", "(Message)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "traceEntry", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "traceEntry", "(String,Supplier[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "traceEntry", "(Supplier[])", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "traceExit", "(EntryMessage)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "traceExit", "(EntryMessage,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "traceExit", "(Message,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "traceExit", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "traceExit", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(CharSequence)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(CharSequence,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,CharSequence)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,CharSequence,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,Message)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,MessageSupplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,MessageSupplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object,Object)", "", "Argument[1..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object,Object,Object)", "", "Argument[1..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[1..11]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Supplier)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,String,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,Supplier)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Marker,Supplier,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Message)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Message,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(MessageSupplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(MessageSupplier,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object,Object)", "", "Argument[0..5]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object,Object,Object)", "", "Argument[0..6]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..7]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..8]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..9]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object,Object,Object,Object,Object,Object,Object,Object,Object,Object)", "", "Argument[0..10]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Supplier)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(String,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Supplier)", "", "Argument[0]", "log-injection", "manual"] + - ["org.apache.logging.log4j", "Logger", True, "warn", "(Supplier,Throwable)", "", "Argument[0]", "log-injection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/org.apache.tools.ant.model.yml b/java/ql/lib/ext/org.apache.tools.ant.model.yml index bee9b475ef7..474429db030 100644 --- a/java/ql/lib/ext/org.apache.tools.ant.model.yml +++ b/java/ql/lib/ext/org.apache.tools.ant.model.yml @@ -3,8 +3,8 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.tools.ant", "AntClassLoader", True, "addPathComponent", "(File)", "", "Argument[0]", "read-file", "ai-manual"] - - ["org.apache.tools.ant", "AntClassLoader", True, "AntClassLoader", "(ClassLoader,Project,Path,boolean)", "", "Argument[2]", "read-file", "ai-manual"] - - ["org.apache.tools.ant", "AntClassLoader", True, "AntClassLoader", "(Project,Path,boolean)", "", "Argument[1]", "read-file", "ai-manual"] - - ["org.apache.tools.ant", "AntClassLoader", True, "AntClassLoader", "(Project,Path)", "", "Argument[1]", "read-file", "ai-manual"] - - ["org.apache.tools.ant", "DirectoryScanner", True, "setBasedir", "(File)", "", "Argument[0]", "read-file", "ai-manual"] + - ["org.apache.tools.ant", "AntClassLoader", True, "addPathComponent", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["org.apache.tools.ant", "AntClassLoader", True, "AntClassLoader", "(ClassLoader,Project,Path,boolean)", "", "Argument[2]", "path-injection", "ai-manual"] + - ["org.apache.tools.ant", "AntClassLoader", True, "AntClassLoader", "(Project,Path,boolean)", "", "Argument[1]", "path-injection", "ai-manual"] + - ["org.apache.tools.ant", "AntClassLoader", True, "AntClassLoader", "(Project,Path)", "", "Argument[1]", "path-injection", "ai-manual"] + - ["org.apache.tools.ant", "DirectoryScanner", True, "setBasedir", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/org.apache.tools.ant.taskdefs.model.yml b/java/ql/lib/ext/org.apache.tools.ant.taskdefs.model.yml index 29b4ee0d16e..aaacf02d58c 100644 --- a/java/ql/lib/ext/org.apache.tools.ant.taskdefs.model.yml +++ b/java/ql/lib/ext/org.apache.tools.ant.taskdefs.model.yml @@ -3,9 +3,9 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.tools.ant.taskdefs", "Copy", True, "addFileset", "(FileSet)", "", "Argument[0]", "read-file", "ai-manual"] - - ["org.apache.tools.ant.taskdefs", "Copy", True, "setFile", "(File)", "", "Argument[0]", "read-file", "ai-manual"] - - ["org.apache.tools.ant.taskdefs", "Copy", True, "setTodir", "(File)", "", "Argument[0]", "create-file", "ai-manual"] - - ["org.apache.tools.ant.taskdefs", "Copy", True, "setTofile", "(File)", "", "Argument[0]", "create-file", "ai-manual"] - - ["org.apache.tools.ant.taskdefs", "Expand", True, "setDest", "(File)", "", "Argument[0]", "create-file", "ai-manual"] - - ["org.apache.tools.ant.taskdefs", "Expand", True, "setSrc", "(File)", "", "Argument[0]", "read-file", "ai-manual"] + - ["org.apache.tools.ant.taskdefs", "Copy", True, "addFileset", "(FileSet)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["org.apache.tools.ant.taskdefs", "Copy", True, "setFile", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["org.apache.tools.ant.taskdefs", "Copy", True, "setTodir", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["org.apache.tools.ant.taskdefs", "Copy", True, "setTofile", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["org.apache.tools.ant.taskdefs", "Expand", True, "setDest", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["org.apache.tools.ant.taskdefs", "Expand", True, "setSrc", "(File)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/org.apache.velocity.app.model.yml b/java/ql/lib/ext/org.apache.velocity.app.model.yml index 1afc328b882..307f534d3ea 100644 --- a/java/ql/lib/ext/org.apache.velocity.app.model.yml +++ b/java/ql/lib/ext/org.apache.velocity.app.model.yml @@ -3,7 +3,7 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.velocity.app", "Velocity", True, "evaluate", "", "", "Argument[3]", "ssti", "manual"] - - ["org.apache.velocity.app", "Velocity", True, "mergeTemplate", "", "", "Argument[2]", "ssti", "manual"] - - ["org.apache.velocity.app", "VelocityEngine", True, "evaluate", "", "", "Argument[3]", "ssti", "manual"] - - ["org.apache.velocity.app", "VelocityEngine", True, "mergeTemplate", "", "", "Argument[2]", "ssti", "manual"] + - ["org.apache.velocity.app", "Velocity", True, "evaluate", "", "", "Argument[3]", "template-injection", "manual"] + - ["org.apache.velocity.app", "Velocity", True, "mergeTemplate", "", "", "Argument[2]", "template-injection", "manual"] + - ["org.apache.velocity.app", "VelocityEngine", True, "evaluate", "", "", "Argument[3]", "template-injection", "manual"] + - ["org.apache.velocity.app", "VelocityEngine", True, "mergeTemplate", "", "", "Argument[2]", "template-injection", "manual"] diff --git a/java/ql/lib/ext/org.apache.velocity.runtime.model.yml b/java/ql/lib/ext/org.apache.velocity.runtime.model.yml index a8f740a2301..68f4e16fc5a 100644 --- a/java/ql/lib/ext/org.apache.velocity.runtime.model.yml +++ b/java/ql/lib/ext/org.apache.velocity.runtime.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.velocity.runtime", "RuntimeServices", True, "evaluate", "", "", "Argument[3]", "ssti", "manual"] - - ["org.apache.velocity.runtime", "RuntimeServices", True, "parse", "", "", "Argument[0]", "ssti", "manual"] - - ["org.apache.velocity.runtime", "RuntimeSingleton", True, "parse", "", "", "Argument[0]", "ssti", "manual"] + - ["org.apache.velocity.runtime", "RuntimeServices", True, "evaluate", "", "", "Argument[3]", "template-injection", "manual"] + - ["org.apache.velocity.runtime", "RuntimeServices", True, "parse", "", "", "Argument[0]", "template-injection", "manual"] + - ["org.apache.velocity.runtime", "RuntimeSingleton", True, "parse", "", "", "Argument[0]", "template-injection", "manual"] diff --git a/java/ql/lib/ext/org.apache.velocity.runtime.resource.util.model.yml b/java/ql/lib/ext/org.apache.velocity.runtime.resource.util.model.yml index 4d3ce4c37ed..a204fb0711d 100644 --- a/java/ql/lib/ext/org.apache.velocity.runtime.resource.util.model.yml +++ b/java/ql/lib/ext/org.apache.velocity.runtime.resource.util.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.apache.velocity.runtime.resource.util", "StringResourceRepository", True, "putStringResource", "", "", "Argument[1]", "ssti", "manual"] + - ["org.apache.velocity.runtime.resource.util", "StringResourceRepository", True, "putStringResource", "", "", "Argument[1]", "template-injection", "manual"] diff --git a/java/ql/lib/ext/org.codehaus.cargo.container.installer.model.yml b/java/ql/lib/ext/org.codehaus.cargo.container.installer.model.yml index dbb6ace53da..602a6223fe8 100644 --- a/java/ql/lib/ext/org.codehaus.cargo.container.installer.model.yml +++ b/java/ql/lib/ext/org.codehaus.cargo.container.installer.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.codehaus.cargo.container.installer", "ZipURLInstaller", True, "ZipURLInstaller", "(URL,String,String)", "", "Argument[0]", "open-url", "ai-manual"] - - ["org.codehaus.cargo.container.installer", "ZipURLInstaller", True, "ZipURLInstaller", "(URL,String,String)", "", "Argument[1]", "create-file", "ai-manual"] - - ["org.codehaus.cargo.container.installer", "ZipURLInstaller", True, "ZipURLInstaller", "(URL,String,String)", "", "Argument[2]", "create-file", "ai-manual"] + - ["org.codehaus.cargo.container.installer", "ZipURLInstaller", True, "ZipURLInstaller", "(URL,String,String)", "", "Argument[0]", "request-forgery", "ai-manual"] + - ["org.codehaus.cargo.container.installer", "ZipURLInstaller", True, "ZipURLInstaller", "(URL,String,String)", "", "Argument[1]", "path-injection", "ai-manual"] + - ["org.codehaus.cargo.container.installer", "ZipURLInstaller", True, "ZipURLInstaller", "(URL,String,String)", "", "Argument[2]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/org.codehaus.groovy.control.model.yml b/java/ql/lib/ext/org.codehaus.groovy.control.model.yml index 61ec26f4482..fdccc85e6a9 100644 --- a/java/ql/lib/ext/org.codehaus.groovy.control.model.yml +++ b/java/ql/lib/ext/org.codehaus.groovy.control.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.codehaus.groovy.control", "CompilationUnit", False, "compile", "", "", "Argument[this]", "groovy", "manual"] + - ["org.codehaus.groovy.control", "CompilationUnit", False, "compile", "", "", "Argument[this]", "groovy-injection", "manual"] diff --git a/java/ql/lib/ext/org.dom4j.model.yml b/java/ql/lib/ext/org.dom4j.model.yml index b2e5c2ed379..f54c817d966 100644 --- a/java/ql/lib/ext/org.dom4j.model.yml +++ b/java/ql/lib/ext/org.dom4j.model.yml @@ -3,18 +3,18 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.dom4j", "DocumentFactory", True, "createPattern", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j", "DocumentFactory", True, "createXPath", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j", "DocumentFactory", True, "createXPathFilter", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j", "DocumentHelper", False, "createPattern", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j", "DocumentHelper", False, "createXPath", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j", "DocumentHelper", False, "createXPathFilter", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j", "DocumentHelper", False, "selectNodes", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j", "DocumentHelper", False, "sort", "", "", "Argument[1]", "xpath", "manual"] - - ["org.dom4j", "Node", True, "createXPath", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j", "Node", True, "matches", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j", "Node", True, "numberValueOf", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j", "Node", True, "selectNodes", "", "", "Argument[0..1]", "xpath", "manual"] - - ["org.dom4j", "Node", True, "selectObject", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j", "Node", True, "selectSingleNode", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j", "Node", True, "valueOf", "", "", "Argument[0]", "xpath", "manual"] + - ["org.dom4j", "DocumentFactory", True, "createPattern", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j", "DocumentFactory", True, "createXPath", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j", "DocumentFactory", True, "createXPathFilter", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j", "DocumentHelper", False, "createPattern", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j", "DocumentHelper", False, "createXPath", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j", "DocumentHelper", False, "createXPathFilter", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j", "DocumentHelper", False, "selectNodes", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j", "DocumentHelper", False, "sort", "", "", "Argument[1]", "xpath-injection", "manual"] + - ["org.dom4j", "Node", True, "createXPath", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j", "Node", True, "matches", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j", "Node", True, "numberValueOf", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j", "Node", True, "selectNodes", "", "", "Argument[0..1]", "xpath-injection", "manual"] + - ["org.dom4j", "Node", True, "selectObject", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j", "Node", True, "selectSingleNode", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j", "Node", True, "valueOf", "", "", "Argument[0]", "xpath-injection", "manual"] diff --git a/java/ql/lib/ext/org.dom4j.tree.model.yml b/java/ql/lib/ext/org.dom4j.tree.model.yml index 0896937bb16..3117806aa6e 100644 --- a/java/ql/lib/ext/org.dom4j.tree.model.yml +++ b/java/ql/lib/ext/org.dom4j.tree.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.dom4j.tree", "AbstractNode", True, "createPattern", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j.tree", "AbstractNode", True, "createXPathFilter", "", "", "Argument[0]", "xpath", "manual"] + - ["org.dom4j.tree", "AbstractNode", True, "createPattern", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j.tree", "AbstractNode", True, "createXPathFilter", "", "", "Argument[0]", "xpath-injection", "manual"] diff --git a/java/ql/lib/ext/org.dom4j.util.model.yml b/java/ql/lib/ext/org.dom4j.util.model.yml index d7dc55cd145..530652f2ede 100644 --- a/java/ql/lib/ext/org.dom4j.util.model.yml +++ b/java/ql/lib/ext/org.dom4j.util.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.dom4j.util", "ProxyDocumentFactory", True, "createPattern", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j.util", "ProxyDocumentFactory", True, "createXPath", "", "", "Argument[0]", "xpath", "manual"] - - ["org.dom4j.util", "ProxyDocumentFactory", True, "createXPathFilter", "", "", "Argument[0]", "xpath", "manual"] + - ["org.dom4j.util", "ProxyDocumentFactory", True, "createPattern", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j.util", "ProxyDocumentFactory", True, "createXPath", "", "", "Argument[0]", "xpath-injection", "manual"] + - ["org.dom4j.util", "ProxyDocumentFactory", True, "createXPathFilter", "", "", "Argument[0]", "xpath-injection", "manual"] diff --git a/java/ql/lib/ext/org.eclipse.jetty.client.model.yml b/java/ql/lib/ext/org.eclipse.jetty.client.model.yml index 23f0e2a48a8..28c3430e818 100644 --- a/java/ql/lib/ext/org.eclipse.jetty.client.model.yml +++ b/java/ql/lib/ext/org.eclipse.jetty.client.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.eclipse.jetty.client", "HttpClient", True, "newRequest", "(String)", "", "Argument[0]", "open-url", "ai-manual"] + - ["org.eclipse.jetty.client", "HttpClient", True, "newRequest", "(String)", "", "Argument[0]", "request-forgery", "ai-manual"] diff --git a/java/ql/lib/ext/org.fusesource.leveldbjni.model.yml b/java/ql/lib/ext/org.fusesource.leveldbjni.model.yml new file mode 100644 index 00000000000..2c3f221abd7 --- /dev/null +++ b/java/ql/lib/ext/org.fusesource.leveldbjni.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: codeql/java-all + extensible: sinkModel + data: + - ["org.fusesource.leveldbjni", "JniDBFactory", True, "open", "(File,Options)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/org.geogebra.web.full.main.model.yml b/java/ql/lib/ext/org.geogebra.web.full.main.model.yml index c6719b6a97e..914a60fe38a 100644 --- a/java/ql/lib/ext/org.geogebra.web.full.main.model.yml +++ b/java/ql/lib/ext/org.geogebra.web.full.main.model.yml @@ -4,4 +4,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.geogebra.web.full.main", "FileManager", True, "open", "(String,String)", "", "Argument[0]", "url-redirect", "ai-manual"] + - ["org.geogebra.web.full.main", "FileManager", True, "open", "(String,String)", "", "Argument[0]", "url-redirection", "ai-manual"] diff --git a/java/ql/lib/ext/org.hibernate.model.yml b/java/ql/lib/ext/org.hibernate.model.yml index ffa483ec742..c6a18bb1350 100644 --- a/java/ql/lib/ext/org.hibernate.model.yml +++ b/java/ql/lib/ext/org.hibernate.model.yml @@ -3,7 +3,7 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.hibernate", "Session", True, "createQuery", "", "", "Argument[0]", "sql", "manual"] - - ["org.hibernate", "Session", True, "createSQLQuery", "", "", "Argument[0]", "sql", "manual"] - - ["org.hibernate", "SharedSessionContract", True, "createQuery", "", "", "Argument[0]", "sql", "manual"] - - ["org.hibernate", "SharedSessionContract", True, "createSQLQuery", "", "", "Argument[0]", "sql", "manual"] + - ["org.hibernate", "Session", True, "createQuery", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.hibernate", "Session", True, "createSQLQuery", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.hibernate", "SharedSessionContract", True, "createQuery", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.hibernate", "SharedSessionContract", True, "createSQLQuery", "", "", "Argument[0]", "sql-injection", "manual"] diff --git a/java/ql/lib/ext/org.hibernate.query.model.yml b/java/ql/lib/ext/org.hibernate.query.model.yml index 6281a33caa5..bb6232c1fcd 100644 --- a/java/ql/lib/ext/org.hibernate.query.model.yml +++ b/java/ql/lib/ext/org.hibernate.query.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.hibernate.query", "QueryProducer", True, "createNativeQuery", "", "", "Argument[0]", "sql", "manual"] - - ["org.hibernate.query", "QueryProducer", True, "createQuery", "", "", "Argument[0]", "sql", "manual"] - - ["org.hibernate.query", "QueryProducer", True, "createSQLQuery", "", "", "Argument[0]", "sql", "manual"] + - ["org.hibernate.query", "QueryProducer", True, "createNativeQuery", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.hibernate.query", "QueryProducer", True, "createQuery", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.hibernate.query", "QueryProducer", True, "createSQLQuery", "", "", "Argument[0]", "sql-injection", "manual"] diff --git a/java/ql/lib/ext/org.influxdb.model.yml b/java/ql/lib/ext/org.influxdb.model.yml new file mode 100644 index 00000000000..00dc8277407 --- /dev/null +++ b/java/ql/lib/ext/org.influxdb.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: codeql/java-all + extensible: sinkModel + data: + - ["org.influxdb", "InfluxDBFactory", False, "connect", "(String,String,String,Builder)", "", "Argument[0]", "request-forgery", "ai-manual"] diff --git a/java/ql/lib/ext/org.jboss.logging.model.yml b/java/ql/lib/ext/org.jboss.logging.model.yml index 069ae852b77..31636f1a6a3 100644 --- a/java/ql/lib/ext/org.jboss.logging.model.yml +++ b/java/ql/lib/ext/org.jboss.logging.model.yml @@ -3,327 +3,327 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.jboss.logging", "BasicLogger", True, "debug", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debug", "(Object,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debug", "(Object,Object[],Throwable)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debug", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debug", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debug", "(String,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugf", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugf", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugf", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugf", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugf", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugv", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugv", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugv", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugv", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugv", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "debugv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "error", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "error", "(Object,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "error", "(Object,Object[],Throwable)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "error", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "error", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "error", "(String,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorf", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorf", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorf", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorf", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorf", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorv", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorv", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorv", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorv", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorv", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "errorv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatal", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatal", "(Object,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatal", "(Object,Object[],Throwable)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatal", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatal", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatal", "(String,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "info", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "info", "(Object,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "info", "(Object,Object[],Throwable)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "info", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "info", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "info", "(String,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infof", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infof", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infof", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infof", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infof", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infof", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infof", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infof", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infov", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infov", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infov", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infov", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infov", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infov", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infov", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "infov", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "log", "(Level,Object)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "log", "(Level,Object,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "log", "(Level,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "log", "(Level,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "log", "(Level,String,Object,Throwable)", "", "Argument[2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "log", "(String,Level,Object,Object[],Throwable)", "", "Argument[2..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,String,Object,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,Throwable,String,Object)", "", "Argument[2..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,Throwable,String,Object,Object)", "", "Argument[2..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,Throwable,String,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logf", "(String,Level,Throwable,String,Object)", "", "Argument[3..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logf", "(String,Level,Throwable,String,Object,Object)", "", "Argument[3..5]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logf", "(String,Level,Throwable,String,Object,Object,Object)", "", "Argument[3..6]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logf", "(String,Level,Throwable,String,Object[])", "", "Argument[3..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,String,Object,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,Throwable,String,Object)", "", "Argument[2..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,Throwable,String,Object,Object)", "", "Argument[2..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,Throwable,String,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logv", "(String,Level,Throwable,String,Object)", "", "Argument[3..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logv", "(String,Level,Throwable,String,Object,Object)", "", "Argument[3..5]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logv", "(String,Level,Throwable,String,Object,Object,Object)", "", "Argument[3..6]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "logv", "(String,Level,Throwable,String,Object[])", "", "Argument[3..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "trace", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "trace", "(Object,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "trace", "(Object,Object[],Throwable)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "trace", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "trace", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "trace", "(String,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracef", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracef", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracef", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracef", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracef", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracef", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracef", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracef", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracev", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracev", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracev", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracev", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracev", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracev", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracev", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "tracev", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warn", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warn", "(Object,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warn", "(Object,Object[],Throwable)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warn", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warn", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warn", "(String,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnf", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnf", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnf", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnf", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnf", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnv", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnv", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnv", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnv", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnv", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "BasicLogger", True, "warnv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debug", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debug", "(Object,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debug", "(Object,Object[],Throwable)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debug", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debug", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debug", "(String,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugf", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugf", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugf", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugf", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugf", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugv", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugv", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugv", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugv", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugv", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "debugv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "error", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "error", "(Object,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "error", "(Object,Object[],Throwable)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "error", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "error", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "error", "(String,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorf", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorf", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorf", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorf", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorf", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorv", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorv", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorv", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorv", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorv", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "errorv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatal", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatal", "(Object,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatal", "(Object,Object[],Throwable)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatal", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatal", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatal", "(String,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalf", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalf", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalf", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalf", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalf", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalv", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalv", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalv", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalv", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalv", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "fatalv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "info", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "info", "(Object,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "info", "(Object,Object[],Throwable)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "info", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "info", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "info", "(String,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infof", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infof", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infof", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infof", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infof", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infof", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infof", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infof", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infov", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infov", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infov", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infov", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infov", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infov", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infov", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "infov", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "log", "(Level,Object)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "log", "(Level,Object,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "log", "(Level,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "log", "(Level,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "log", "(Level,String,Object,Throwable)", "", "Argument[2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "log", "(String,Level,Object,Object[],Throwable)", "", "Argument[2..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logf", "(Level,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logf", "(Level,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logf", "(Level,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logf", "(Level,String,Object,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logf", "(Level,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logf", "(Level,Throwable,String,Object)", "", "Argument[2..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logf", "(Level,Throwable,String,Object,Object)", "", "Argument[2..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logf", "(Level,Throwable,String,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logf", "(String,Level,Throwable,String,Object)", "", "Argument[3..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logf", "(String,Level,Throwable,String,Object,Object)", "", "Argument[3..5]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logf", "(String,Level,Throwable,String,Object,Object,Object)", "", "Argument[3..6]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logf", "(String,Level,Throwable,String,Object[])", "", "Argument[3..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logv", "(Level,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logv", "(Level,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logv", "(Level,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logv", "(Level,String,Object,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logv", "(Level,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logv", "(Level,Throwable,String,Object)", "", "Argument[2..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logv", "(Level,Throwable,String,Object,Object)", "", "Argument[2..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logv", "(Level,Throwable,String,Object,Object,Object)", "", "Argument[1..5]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logv", "(String,Level,Throwable,String,Object)", "", "Argument[3..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logv", "(String,Level,Throwable,String,Object,Object)", "", "Argument[3..5]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logv", "(String,Level,Throwable,String,Object,Object,Object)", "", "Argument[3..6]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "logv", "(String,Level,Throwable,String,Object[])", "", "Argument[3..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "trace", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "trace", "(Object,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "trace", "(Object,Object[],Throwable)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "trace", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "trace", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "trace", "(String,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracef", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracef", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracef", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracef", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracef", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracef", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracef", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracef", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracev", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracev", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracev", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracev", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracev", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracev", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracev", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "tracev", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warn", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warn", "(Object,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warn", "(Object,Object[],Throwable)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warn", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warn", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warn", "(String,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnf", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnf", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnf", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnf", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnf", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnv", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnv", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnv", "(String,Object,Object,Object)", "", "Argument[0..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnv", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnv", "(Throwable,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.jboss.logging", "Logger", True, "warnv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "logging", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debug", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debug", "(Object,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debug", "(Object,Object[],Throwable)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debug", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debug", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debug", "(String,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugf", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugf", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugf", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugf", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugf", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugv", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugv", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugv", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugv", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugv", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "debugv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "error", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "error", "(Object,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "error", "(Object,Object[],Throwable)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "error", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "error", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "error", "(String,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorf", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorf", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorf", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorf", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorf", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorv", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorv", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorv", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorv", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorv", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "errorv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatal", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatal", "(Object,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatal", "(Object,Object[],Throwable)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatal", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatal", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatal", "(String,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "fatalv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "info", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "info", "(Object,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "info", "(Object,Object[],Throwable)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "info", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "info", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "info", "(String,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infof", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infof", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infof", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infof", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infof", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infof", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infof", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infof", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infov", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infov", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infov", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infov", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infov", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infov", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infov", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "infov", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "log", "(Level,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "log", "(Level,Object,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "log", "(Level,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "log", "(Level,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "log", "(Level,String,Object,Throwable)", "", "Argument[2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "log", "(String,Level,Object,Object[],Throwable)", "", "Argument[2..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,String,Object,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,Throwable,String,Object)", "", "Argument[2..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,Throwable,String,Object,Object)", "", "Argument[2..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logf", "(Level,Throwable,String,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logf", "(String,Level,Throwable,String,Object)", "", "Argument[3..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logf", "(String,Level,Throwable,String,Object,Object)", "", "Argument[3..5]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logf", "(String,Level,Throwable,String,Object,Object,Object)", "", "Argument[3..6]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logf", "(String,Level,Throwable,String,Object[])", "", "Argument[3..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,String,Object,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,Throwable,String,Object)", "", "Argument[2..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,Throwable,String,Object,Object)", "", "Argument[2..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logv", "(Level,Throwable,String,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logv", "(String,Level,Throwable,String,Object)", "", "Argument[3..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logv", "(String,Level,Throwable,String,Object,Object)", "", "Argument[3..5]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logv", "(String,Level,Throwable,String,Object,Object,Object)", "", "Argument[3..6]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "logv", "(String,Level,Throwable,String,Object[])", "", "Argument[3..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "trace", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "trace", "(Object,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "trace", "(Object,Object[],Throwable)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "trace", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "trace", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "trace", "(String,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracef", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracef", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracef", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracef", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracef", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracef", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracef", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracef", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracev", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracev", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracev", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracev", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracev", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracev", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracev", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "tracev", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warn", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warn", "(Object,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warn", "(Object,Object[],Throwable)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warn", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warn", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warn", "(String,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnf", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnf", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnf", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnf", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnf", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnv", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnv", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnv", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnv", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnv", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "BasicLogger", True, "warnv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debug", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debug", "(Object,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debug", "(Object,Object[],Throwable)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debug", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debug", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debug", "(String,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugf", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugf", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugf", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugf", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugf", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugv", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugv", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugv", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugv", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugv", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "debugv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "error", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "error", "(Object,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "error", "(Object,Object[],Throwable)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "error", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "error", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "error", "(String,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorf", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorf", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorf", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorf", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorf", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorv", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorv", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorv", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorv", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorv", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "errorv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatal", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatal", "(Object,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatal", "(Object,Object[],Throwable)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatal", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatal", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatal", "(String,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalf", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalf", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalf", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalf", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalf", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalv", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalv", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalv", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalv", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalv", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "fatalv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "info", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "info", "(Object,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "info", "(Object,Object[],Throwable)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "info", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "info", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "info", "(String,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infof", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infof", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infof", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infof", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infof", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infof", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infof", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infof", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infov", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infov", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infov", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infov", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infov", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infov", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infov", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "infov", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "log", "(Level,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "log", "(Level,Object,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "log", "(Level,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "log", "(Level,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "log", "(Level,String,Object,Throwable)", "", "Argument[2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "log", "(String,Level,Object,Object[],Throwable)", "", "Argument[2..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logf", "(Level,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logf", "(Level,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logf", "(Level,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logf", "(Level,String,Object,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logf", "(Level,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logf", "(Level,Throwable,String,Object)", "", "Argument[2..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logf", "(Level,Throwable,String,Object,Object)", "", "Argument[2..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logf", "(Level,Throwable,String,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logf", "(String,Level,Throwable,String,Object)", "", "Argument[3..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logf", "(String,Level,Throwable,String,Object,Object)", "", "Argument[3..5]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logf", "(String,Level,Throwable,String,Object,Object,Object)", "", "Argument[3..6]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logf", "(String,Level,Throwable,String,Object[])", "", "Argument[3..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logv", "(Level,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logv", "(Level,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logv", "(Level,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logv", "(Level,String,Object,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logv", "(Level,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logv", "(Level,Throwable,String,Object)", "", "Argument[2..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logv", "(Level,Throwable,String,Object,Object)", "", "Argument[2..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logv", "(Level,Throwable,String,Object,Object,Object)", "", "Argument[1..5]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logv", "(String,Level,Throwable,String,Object)", "", "Argument[3..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logv", "(String,Level,Throwable,String,Object,Object)", "", "Argument[3..5]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logv", "(String,Level,Throwable,String,Object,Object,Object)", "", "Argument[3..6]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "logv", "(String,Level,Throwable,String,Object[])", "", "Argument[3..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "trace", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "trace", "(Object,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "trace", "(Object,Object[],Throwable)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "trace", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "trace", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "trace", "(String,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracef", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracef", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracef", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracef", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracef", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracef", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracef", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracef", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracev", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracev", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracev", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracev", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracev", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracev", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracev", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "tracev", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warn", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warn", "(Object,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warn", "(Object,Object[],Throwable)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warn", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warn", "(String,Object,Object[],Throwable)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warn", "(String,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnf", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnf", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnf", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnf", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnf", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnf", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnf", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnf", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnv", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnv", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnv", "(String,Object,Object,Object)", "", "Argument[0..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnv", "(String,Object,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnv", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnv", "(Throwable,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnv", "(Throwable,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.jboss.logging", "Logger", True, "warnv", "(Throwable,String,Object,Object,Object)", "", "Argument[0..4]", "log-injection", "manual"] diff --git a/java/ql/lib/ext/org.jdbi.v3.core.model.yml b/java/ql/lib/ext/org.jdbi.v3.core.model.yml index fd7f4e824ac..a80c0a3d90e 100644 --- a/java/ql/lib/ext/org.jdbi.v3.core.model.yml +++ b/java/ql/lib/ext/org.jdbi.v3.core.model.yml @@ -3,9 +3,9 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.jdbi.v3.core", "Jdbi", False, "create", "(String)", "", "Argument[0]", "jdbc-url", "manual"] - - ["org.jdbi.v3.core", "Jdbi", False, "create", "(String,Properties)", "", "Argument[0]", "jdbc-url", "manual"] - - ["org.jdbi.v3.core", "Jdbi", False, "create", "(String,String,String)", "", "Argument[0]", "jdbc-url", "manual"] - - ["org.jdbi.v3.core", "Jdbi", False, "open", "(String)", "", "Argument[0]", "jdbc-url", "manual"] - - ["org.jdbi.v3.core", "Jdbi", False, "open", "(String,Properties)", "", "Argument[0]", "jdbc-url", "manual"] - - ["org.jdbi.v3.core", "Jdbi", False, "open", "(String,String,String)", "", "Argument[0]", "jdbc-url", "manual"] + - ["org.jdbi.v3.core", "Jdbi", False, "create", "(String)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.jdbi.v3.core", "Jdbi", False, "create", "(String,Properties)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.jdbi.v3.core", "Jdbi", False, "create", "(String,String,String)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.jdbi.v3.core", "Jdbi", False, "open", "(String)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.jdbi.v3.core", "Jdbi", False, "open", "(String,Properties)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.jdbi.v3.core", "Jdbi", False, "open", "(String,String,String)", "", "Argument[0]", "request-forgery", "manual"] diff --git a/java/ql/lib/ext/org.jooq.model.yml b/java/ql/lib/ext/org.jooq.model.yml index cf7fc22a923..b7538263a31 100644 --- a/java/ql/lib/ext/org.jooq.model.yml +++ b/java/ql/lib/ext/org.jooq.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.jooq", "PlainSQL", False, "", "", "Annotated", "Argument[0]", "sql", "manual"] + - ["org.jooq", "PlainSQL", False, "", "", "Annotated", "Argument[0]", "sql-injection", "manual"] diff --git a/java/ql/lib/ext/org.kohsuke.stapler.framework.io.model.yml b/java/ql/lib/ext/org.kohsuke.stapler.framework.io.model.yml index 514b23a9958..49cd049cdfa 100644 --- a/java/ql/lib/ext/org.kohsuke.stapler.framework.io.model.yml +++ b/java/ql/lib/ext/org.kohsuke.stapler.framework.io.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.kohsuke.stapler.framework.io", "LargeText", True, "LargeText", "(File,Charset,boolean,boolean)", "", "Argument[0]", "read-file", "ai-manual"] + - ["org.kohsuke.stapler.framework.io", "LargeText", True, "LargeText", "(File,Charset,boolean,boolean)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/org.kohsuke.stapler.model.yml b/java/ql/lib/ext/org.kohsuke.stapler.model.yml index a3ae44a683b..7a242051485 100644 --- a/java/ql/lib/ext/org.kohsuke.stapler.model.yml +++ b/java/ql/lib/ext/org.kohsuke.stapler.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.kohsuke.stapler", "HttpResponses", True, "redirectTo", "(String)", "", "Argument[0]", "url-redirect", "ai-manual"] - - ["org.kohsuke.stapler", "HttpResponses", True, "staticResource", "(URL)", "", "Argument[0]", "open-url", "ai-manual"] + - ["org.kohsuke.stapler", "HttpResponses", True, "redirectTo", "(String)", "", "Argument[0]", "url-redirection", "ai-manual"] + - ["org.kohsuke.stapler", "HttpResponses", True, "staticResource", "(URL)", "", "Argument[0]", "request-forgery", "ai-manual"] diff --git a/java/ql/lib/ext/org.mvel2.compiler.model.yml b/java/ql/lib/ext/org.mvel2.compiler.model.yml index 6ca33c8cdb0..0b3535a6fcf 100644 --- a/java/ql/lib/ext/org.mvel2.compiler.model.yml +++ b/java/ql/lib/ext/org.mvel2.compiler.model.yml @@ -3,7 +3,7 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.mvel2.compiler", "Accessor", False, "getValue", "", "", "Argument[this]", "mvel", "manual"] - - ["org.mvel2.compiler", "CompiledAccExpression", False, "getValue", "", "", "Argument[this]", "mvel", "manual"] - - ["org.mvel2.compiler", "CompiledExpression", False, "getDirectValue", "", "", "Argument[this]", "mvel", "manual"] - - ["org.mvel2.compiler", "ExecutableStatement", False, "getValue", "", "", "Argument[this]", "mvel", "manual"] + - ["org.mvel2.compiler", "Accessor", False, "getValue", "", "", "Argument[this]", "mvel-injection", "manual"] + - ["org.mvel2.compiler", "CompiledAccExpression", False, "getValue", "", "", "Argument[this]", "mvel-injection", "manual"] + - ["org.mvel2.compiler", "CompiledExpression", False, "getDirectValue", "", "", "Argument[this]", "mvel-injection", "manual"] + - ["org.mvel2.compiler", "ExecutableStatement", False, "getValue", "", "", "Argument[this]", "mvel-injection", "manual"] diff --git a/java/ql/lib/ext/org.mvel2.jsr223.model.yml b/java/ql/lib/ext/org.mvel2.jsr223.model.yml index 6a63bbcf57c..7dff4964cf0 100644 --- a/java/ql/lib/ext/org.mvel2.jsr223.model.yml +++ b/java/ql/lib/ext/org.mvel2.jsr223.model.yml @@ -3,6 +3,6 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.mvel2.jsr223", "MvelCompiledScript", False, "eval", "", "", "Argument[this]", "mvel", "manual"] - - ["org.mvel2.jsr223", "MvelScriptEngine", False, "eval", "", "", "Argument[0]", "mvel", "manual"] - - ["org.mvel2.jsr223", "MvelScriptEngine", False, "evaluate", "", "", "Argument[0]", "mvel", "manual"] + - ["org.mvel2.jsr223", "MvelCompiledScript", False, "eval", "", "", "Argument[this]", "mvel-injection", "manual"] + - ["org.mvel2.jsr223", "MvelScriptEngine", False, "eval", "", "", "Argument[0]", "mvel-injection", "manual"] + - ["org.mvel2.jsr223", "MvelScriptEngine", False, "evaluate", "", "", "Argument[0]", "mvel-injection", "manual"] diff --git a/java/ql/lib/ext/org.mvel2.model.yml b/java/ql/lib/ext/org.mvel2.model.yml index fd7778c89a6..28a7154df90 100644 --- a/java/ql/lib/ext/org.mvel2.model.yml +++ b/java/ql/lib/ext/org.mvel2.model.yml @@ -3,10 +3,10 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.mvel2", "MVEL", False, "eval", "", "", "Argument[0]", "mvel", "manual"] - - ["org.mvel2", "MVEL", False, "evalToBoolean", "", "", "Argument[0]", "mvel", "manual"] - - ["org.mvel2", "MVEL", False, "evalToString", "", "", "Argument[0]", "mvel", "manual"] - - ["org.mvel2", "MVEL", False, "executeAllExpression", "", "", "Argument[0]", "mvel", "manual"] - - ["org.mvel2", "MVEL", False, "executeExpression", "", "", "Argument[0]", "mvel", "manual"] - - ["org.mvel2", "MVEL", False, "executeSetExpression", "", "", "Argument[0]", "mvel", "manual"] - - ["org.mvel2", "MVELRuntime", False, "execute", "", "", "Argument[1]", "mvel", "manual"] + - ["org.mvel2", "MVEL", False, "eval", "", "", "Argument[0]", "mvel-injection", "manual"] + - ["org.mvel2", "MVEL", False, "evalToBoolean", "", "", "Argument[0]", "mvel-injection", "manual"] + - ["org.mvel2", "MVEL", False, "evalToString", "", "", "Argument[0]", "mvel-injection", "manual"] + - ["org.mvel2", "MVEL", False, "executeAllExpression", "", "", "Argument[0]", "mvel-injection", "manual"] + - ["org.mvel2", "MVEL", False, "executeExpression", "", "", "Argument[0]", "mvel-injection", "manual"] + - ["org.mvel2", "MVEL", False, "executeSetExpression", "", "", "Argument[0]", "mvel-injection", "manual"] + - ["org.mvel2", "MVELRuntime", False, "execute", "", "", "Argument[1]", "mvel-injection", "manual"] diff --git a/java/ql/lib/ext/org.mvel2.templates.model.yml b/java/ql/lib/ext/org.mvel2.templates.model.yml index 0e31cee38b0..93fdbde10ed 100644 --- a/java/ql/lib/ext/org.mvel2.templates.model.yml +++ b/java/ql/lib/ext/org.mvel2.templates.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.mvel2.templates", "TemplateRuntime", False, "eval", "", "", "Argument[0]", "mvel", "manual"] - - ["org.mvel2.templates", "TemplateRuntime", False, "execute", "", "", "Argument[0]", "mvel", "manual"] + - ["org.mvel2.templates", "TemplateRuntime", False, "eval", "", "", "Argument[0]", "mvel-injection", "manual"] + - ["org.mvel2.templates", "TemplateRuntime", False, "execute", "", "", "Argument[0]", "mvel-injection", "manual"] diff --git a/java/ql/lib/ext/org.openjdk.jmh.runner.options.model.yml b/java/ql/lib/ext/org.openjdk.jmh.runner.options.model.yml index a4eb31084cc..1d2aa29efee 100644 --- a/java/ql/lib/ext/org.openjdk.jmh.runner.options.model.yml +++ b/java/ql/lib/ext/org.openjdk.jmh.runner.options.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.openjdk.jmh.runner.options", "ChainedOptionsBuilder", True, "result", "(String)", "", "Argument[0]", "create-file", "ai-manual"] + - ["org.openjdk.jmh.runner.options", "ChainedOptionsBuilder", True, "result", "(String)", "", "Argument[0]", "path-injection", "ai-manual"] diff --git a/java/ql/lib/ext/org.scijava.log.model.yml b/java/ql/lib/ext/org.scijava.log.model.yml index 303dbae27e2..ad53130cd07 100644 --- a/java/ql/lib/ext/org.scijava.log.model.yml +++ b/java/ql/lib/ext/org.scijava.log.model.yml @@ -3,16 +3,16 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.scijava.log", "Logger", True, "alwaysLog", "(int,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.scijava.log", "Logger", True, "debug", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.scijava.log", "Logger", True, "debug", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.scijava.log", "Logger", True, "error", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.scijava.log", "Logger", True, "error", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.scijava.log", "Logger", True, "info", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.scijava.log", "Logger", True, "info", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.scijava.log", "Logger", True, "log", "(int,Object)", "", "Argument[1]", "logging", "manual"] - - ["org.scijava.log", "Logger", True, "log", "(int,Object,Throwable)", "", "Argument[1]", "logging", "manual"] - - ["org.scijava.log", "Logger", True, "trace", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.scijava.log", "Logger", True, "trace", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.scijava.log", "Logger", True, "warn", "(Object)", "", "Argument[0]", "logging", "manual"] - - ["org.scijava.log", "Logger", True, "warn", "(Object,Throwable)", "", "Argument[0]", "logging", "manual"] + - ["org.scijava.log", "Logger", True, "alwaysLog", "(int,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.scijava.log", "Logger", True, "debug", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.scijava.log", "Logger", True, "debug", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.scijava.log", "Logger", True, "error", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.scijava.log", "Logger", True, "error", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.scijava.log", "Logger", True, "info", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.scijava.log", "Logger", True, "info", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.scijava.log", "Logger", True, "log", "(int,Object)", "", "Argument[1]", "log-injection", "manual"] + - ["org.scijava.log", "Logger", True, "log", "(int,Object,Throwable)", "", "Argument[1]", "log-injection", "manual"] + - ["org.scijava.log", "Logger", True, "trace", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.scijava.log", "Logger", True, "trace", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.scijava.log", "Logger", True, "warn", "(Object)", "", "Argument[0]", "log-injection", "manual"] + - ["org.scijava.log", "Logger", True, "warn", "(Object,Throwable)", "", "Argument[0]", "log-injection", "manual"] diff --git a/java/ql/lib/ext/org.slf4j.model.yml b/java/ql/lib/ext/org.slf4j.model.yml index 6ff2f31847d..e714155b3f2 100644 --- a/java/ql/lib/ext/org.slf4j.model.yml +++ b/java/ql/lib/ext/org.slf4j.model.yml @@ -3,53 +3,53 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.slf4j", "Logger", True, "debug", "(Marker,String)", "", "Argument[1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "debug", "(Marker,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "debug", "(Marker,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "debug", "(Marker,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "debug", "(String)", "", "Argument[0]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "debug", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "debug", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "debug", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "debug", "(String,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "error", "(Marker,String)", "", "Argument[1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "error", "(Marker,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "error", "(Marker,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "error", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "error", "(Marker,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "error", "(String)", "", "Argument[0]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "error", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "error", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "error", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "error", "(String,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "info", "(Marker,String)", "", "Argument[1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "info", "(Marker,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "info", "(Marker,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "info", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "info", "(Marker,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "info", "(String)", "", "Argument[0]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "info", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "info", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "info", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "info", "(String,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "trace", "(Marker,String)", "", "Argument[1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "trace", "(Marker,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "trace", "(Marker,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "trace", "(Marker,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "trace", "(String)", "", "Argument[0]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "trace", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "trace", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "trace", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "trace", "(String,Throwable)", "", "Argument[0]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "warn", "(Marker,String)", "", "Argument[1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "warn", "(Marker,String,Object)", "", "Argument[1..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "warn", "(Marker,String,Object,Object)", "", "Argument[1..3]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "warn", "(Marker,String,Object[])", "", "Argument[1..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "warn", "(String)", "", "Argument[0]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "warn", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "warn", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "warn", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.slf4j", "Logger", True, "warn", "(String,Throwable)", "", "Argument[0]", "logging", "manual"] + - ["org.slf4j", "Logger", True, "debug", "(Marker,String)", "", "Argument[1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "debug", "(Marker,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "debug", "(Marker,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "debug", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "debug", "(Marker,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "debug", "(String)", "", "Argument[0]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "debug", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "debug", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "debug", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "debug", "(String,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "error", "(Marker,String)", "", "Argument[1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "error", "(Marker,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "error", "(Marker,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "error", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "error", "(Marker,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "error", "(String)", "", "Argument[0]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "error", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "error", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "error", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "error", "(String,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "info", "(Marker,String)", "", "Argument[1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "info", "(Marker,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "info", "(Marker,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "info", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "info", "(Marker,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "info", "(String)", "", "Argument[0]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "info", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "info", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "info", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "info", "(String,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "trace", "(Marker,String)", "", "Argument[1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "trace", "(Marker,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "trace", "(Marker,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "trace", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "trace", "(Marker,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "trace", "(String)", "", "Argument[0]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "trace", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "trace", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "trace", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "trace", "(String,Throwable)", "", "Argument[0]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "warn", "(Marker,String)", "", "Argument[1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "warn", "(Marker,String,Object)", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "warn", "(Marker,String,Object,Object)", "", "Argument[1..3]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "warn", "(Marker,String,Object,Object,Object)", "", "Argument[1..4]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "warn", "(Marker,String,Object[])", "", "Argument[1..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "warn", "(String)", "", "Argument[0]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "warn", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "warn", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "warn", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.slf4j", "Logger", True, "warn", "(String,Throwable)", "", "Argument[0]", "log-injection", "manual"] diff --git a/java/ql/lib/ext/org.slf4j.spi.model.yml b/java/ql/lib/ext/org.slf4j.spi.model.yml index 197131b6e17..a1d5c498c33 100644 --- a/java/ql/lib/ext/org.slf4j.spi.model.yml +++ b/java/ql/lib/ext/org.slf4j.spi.model.yml @@ -3,11 +3,11 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.slf4j.spi", "LoggingEventBuilder", True, "log", "", "", "Argument[0]", "logging", "manual"] - - ["org.slf4j.spi", "LoggingEventBuilder", True, "log", "(String,Object)", "", "Argument[0..1]", "logging", "manual"] - - ["org.slf4j.spi", "LoggingEventBuilder", True, "log", "(String,Object,Object)", "", "Argument[0..2]", "logging", "manual"] - - ["org.slf4j.spi", "LoggingEventBuilder", True, "log", "(String,Object[])", "", "Argument[0..1]", "logging", "manual"] - - ["org.slf4j.spi", "LoggingEventBuilder", True, "log", "(Supplier)", "", "Argument[0]", "logging", "manual"] + - ["org.slf4j.spi", "LoggingEventBuilder", True, "log", "", "", "Argument[0]", "log-injection", "manual"] + - ["org.slf4j.spi", "LoggingEventBuilder", True, "log", "(String,Object)", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.slf4j.spi", "LoggingEventBuilder", True, "log", "(String,Object,Object)", "", "Argument[0..2]", "log-injection", "manual"] + - ["org.slf4j.spi", "LoggingEventBuilder", True, "log", "(String,Object[])", "", "Argument[0..1]", "log-injection", "manual"] + - ["org.slf4j.spi", "LoggingEventBuilder", True, "log", "(Supplier)", "", "Argument[0]", "log-injection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/org.springframework.boot.jdbc.model.yml b/java/ql/lib/ext/org.springframework.boot.jdbc.model.yml index bd7c5d8c5c1..7d61e1431c9 100644 --- a/java/ql/lib/ext/org.springframework.boot.jdbc.model.yml +++ b/java/ql/lib/ext/org.springframework.boot.jdbc.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.springframework.boot.jdbc", "DataSourceBuilder", False, "url", "(String)", "", "Argument[0]", "jdbc-url", "manual"] + - ["org.springframework.boot.jdbc", "DataSourceBuilder", False, "url", "(String)", "", "Argument[0]", "request-forgery", "manual"] diff --git a/java/ql/lib/ext/org.springframework.core.io.model.yml b/java/ql/lib/ext/org.springframework.core.io.model.yml new file mode 100644 index 00000000000..b6dd35c8096 --- /dev/null +++ b/java/ql/lib/ext/org.springframework.core.io.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: codeql/java-all + extensible: sinkModel + data: + - ["org.springframework.core.io", "ResourceLoader", True, "getResource", "(String)", "", "Argument[0]", "path-injection", "ai-manual"] + - ["org.springframework.core.io", "ResourceLoader", True, "getResource", "(String)", "", "Argument[0]", "request-forgery", "manual"] diff --git a/java/ql/lib/ext/org.springframework.http.model.yml b/java/ql/lib/ext/org.springframework.http.model.yml index 8835a471c28..cb5f18a7732 100644 --- a/java/ql/lib/ext/org.springframework.http.model.yml +++ b/java/ql/lib/ext/org.springframework.http.model.yml @@ -3,20 +3,20 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.springframework.http", "RequestEntity", False, "RequestEntity", "(HttpMethod,URI)", "", "Argument[1]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "RequestEntity", "(MultiValueMap,HttpMethod,URI)", "", "Argument[2]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "RequestEntity", "(Object,HttpMethod,URI)", "", "Argument[2]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "RequestEntity", "(Object,HttpMethod,URI,Type)", "", "Argument[2]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "RequestEntity", "(Object,MultiValueMap,HttpMethod,URI)", "", "Argument[3]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "RequestEntity", "(Object,MultiValueMap,HttpMethod,URI,Type)", "", "Argument[3]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "delete", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "get", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "head", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "method", "", "", "Argument[1]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "options", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "patch", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "post", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.http", "RequestEntity", False, "put", "", "", "Argument[0]", "open-url", "manual"] + - ["org.springframework.http", "RequestEntity", False, "RequestEntity", "(HttpMethod,URI)", "", "Argument[1]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "RequestEntity", "(MultiValueMap,HttpMethod,URI)", "", "Argument[2]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "RequestEntity", "(Object,HttpMethod,URI)", "", "Argument[2]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "RequestEntity", "(Object,HttpMethod,URI,Type)", "", "Argument[2]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "RequestEntity", "(Object,MultiValueMap,HttpMethod,URI)", "", "Argument[3]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "RequestEntity", "(Object,MultiValueMap,HttpMethod,URI,Type)", "", "Argument[3]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "delete", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "get", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "head", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "method", "", "", "Argument[1]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "options", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "patch", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "post", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.http", "RequestEntity", False, "put", "", "", "Argument[0]", "request-forgery", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/org.springframework.jdbc.core.model.yml b/java/ql/lib/ext/org.springframework.jdbc.core.model.yml index 9374293d0bb..38d91bb3090 100644 --- a/java/ql/lib/ext/org.springframework.jdbc.core.model.yml +++ b/java/ql/lib/ext/org.springframework.jdbc.core.model.yml @@ -3,13 +3,13 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.springframework.jdbc.core", "JdbcTemplate", False, "batchUpdate", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core", "JdbcTemplate", False, "batchUpdate", "(String[])", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core", "JdbcTemplate", False, "execute", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core", "JdbcTemplate", False, "query", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core", "JdbcTemplate", False, "queryForList", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core", "JdbcTemplate", False, "queryForMap", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core", "JdbcTemplate", False, "queryForObject", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core", "JdbcTemplate", False, "queryForRowSet", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core", "JdbcTemplate", False, "queryForStream", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.core", "JdbcTemplate", False, "update", "", "", "Argument[0]", "sql", "manual"] + - ["org.springframework.jdbc.core", "JdbcTemplate", False, "batchUpdate", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core", "JdbcTemplate", False, "batchUpdate", "(String[])", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core", "JdbcTemplate", False, "execute", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core", "JdbcTemplate", False, "query", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core", "JdbcTemplate", False, "queryForList", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core", "JdbcTemplate", False, "queryForMap", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core", "JdbcTemplate", False, "queryForObject", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core", "JdbcTemplate", False, "queryForRowSet", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core", "JdbcTemplate", False, "queryForStream", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core", "JdbcTemplate", False, "update", "", "", "Argument[0]", "sql-injection", "manual"] diff --git a/java/ql/lib/ext/org.springframework.jdbc.core.namedparam.model.yml b/java/ql/lib/ext/org.springframework.jdbc.core.namedparam.model.yml new file mode 100644 index 00000000000..a2ba27f6062 --- /dev/null +++ b/java/ql/lib/ext/org.springframework.jdbc.core.namedparam.model.yml @@ -0,0 +1,14 @@ +extensions: + - addsTo: + pack: codeql/java-all + extensible: sinkModel + data: + - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "batchUpdate", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "execute", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "query", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "queryForList", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "queryForMap", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "queryForObject", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "queryForRowSet", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "queryForStream", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.core.namedparam", "NamedParameterJdbcOperations", True, "update", "", "", "Argument[0]", "sql-injection", "manual"] diff --git a/java/ql/lib/ext/org.springframework.jdbc.datasource.model.yml b/java/ql/lib/ext/org.springframework.jdbc.datasource.model.yml index 7bb84c37e2c..3c274d264f9 100644 --- a/java/ql/lib/ext/org.springframework.jdbc.datasource.model.yml +++ b/java/ql/lib/ext/org.springframework.jdbc.datasource.model.yml @@ -3,7 +3,7 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.springframework.jdbc.datasource", "AbstractDriverBasedDataSource", False, "setUrl", "(String)", "", "Argument[0]", "jdbc-url", "manual"] - - ["org.springframework.jdbc.datasource", "DriverManagerDataSource", False, "DriverManagerDataSource", "(String)", "", "Argument[0]", "jdbc-url", "manual"] - - ["org.springframework.jdbc.datasource", "DriverManagerDataSource", False, "DriverManagerDataSource", "(String,Properties)", "", "Argument[0]", "jdbc-url", "manual"] - - ["org.springframework.jdbc.datasource", "DriverManagerDataSource", False, "DriverManagerDataSource", "(String,String,String)", "", "Argument[0]", "jdbc-url", "manual"] + - ["org.springframework.jdbc.datasource", "AbstractDriverBasedDataSource", False, "setUrl", "(String)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.jdbc.datasource", "DriverManagerDataSource", False, "DriverManagerDataSource", "(String)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.jdbc.datasource", "DriverManagerDataSource", False, "DriverManagerDataSource", "(String,Properties)", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.jdbc.datasource", "DriverManagerDataSource", False, "DriverManagerDataSource", "(String,String,String)", "", "Argument[0]", "request-forgery", "manual"] diff --git a/java/ql/lib/ext/org.springframework.jdbc.object.model.yml b/java/ql/lib/ext/org.springframework.jdbc.object.model.yml index 413e29e2631..192e9263f0a 100644 --- a/java/ql/lib/ext/org.springframework.jdbc.object.model.yml +++ b/java/ql/lib/ext/org.springframework.jdbc.object.model.yml @@ -3,12 +3,12 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.springframework.jdbc.object", "BatchSqlUpdate", False, "BatchSqlUpdate", "", "", "Argument[1]", "sql", "manual"] - - ["org.springframework.jdbc.object", "MappingSqlQuery", False, "MappingSqlQuery", "", "", "Argument[1]", "sql", "manual"] - - ["org.springframework.jdbc.object", "MappingSqlQueryWithParameters", False, "MappingSqlQueryWithParameters", "", "", "Argument[1]", "sql", "manual"] - - ["org.springframework.jdbc.object", "RdbmsOperation", True, "setSql", "", "", "Argument[0]", "sql", "manual"] - - ["org.springframework.jdbc.object", "SqlCall", False, "SqlCall", "", "", "Argument[1]", "sql", "manual"] - - ["org.springframework.jdbc.object", "SqlFunction", False, "SqlFunction", "", "", "Argument[1]", "sql", "manual"] - - ["org.springframework.jdbc.object", "SqlQuery", False, "SqlQuery", "", "", "Argument[1]", "sql", "manual"] - - ["org.springframework.jdbc.object", "SqlUpdate", False, "SqlUpdate", "", "", "Argument[1]", "sql", "manual"] - - ["org.springframework.jdbc.object", "UpdatableSqlQuery", False, "UpdatableSqlQuery", "", "", "Argument[1]", "sql", "manual"] + - ["org.springframework.jdbc.object", "BatchSqlUpdate", False, "BatchSqlUpdate", "", "", "Argument[1]", "sql-injection", "manual"] + - ["org.springframework.jdbc.object", "MappingSqlQuery", False, "MappingSqlQuery", "", "", "Argument[1]", "sql-injection", "manual"] + - ["org.springframework.jdbc.object", "MappingSqlQueryWithParameters", False, "MappingSqlQueryWithParameters", "", "", "Argument[1]", "sql-injection", "manual"] + - ["org.springframework.jdbc.object", "RdbmsOperation", True, "setSql", "", "", "Argument[0]", "sql-injection", "manual"] + - ["org.springframework.jdbc.object", "SqlCall", False, "SqlCall", "", "", "Argument[1]", "sql-injection", "manual"] + - ["org.springframework.jdbc.object", "SqlFunction", False, "SqlFunction", "", "", "Argument[1]", "sql-injection", "manual"] + - ["org.springframework.jdbc.object", "SqlQuery", False, "SqlQuery", "", "", "Argument[1]", "sql-injection", "manual"] + - ["org.springframework.jdbc.object", "SqlUpdate", False, "SqlUpdate", "", "", "Argument[1]", "sql-injection", "manual"] + - ["org.springframework.jdbc.object", "UpdatableSqlQuery", False, "UpdatableSqlQuery", "", "", "Argument[1]", "sql-injection", "manual"] diff --git a/java/ql/lib/ext/org.springframework.ldap.core.model.yml b/java/ql/lib/ext/org.springframework.ldap.core.model.yml index 962dec40c59..ce4ef72e283 100644 --- a/java/ql/lib/ext/org.springframework.ldap.core.model.yml +++ b/java/ql/lib/ext/org.springframework.ldap.core.model.yml @@ -22,17 +22,17 @@ extensions: - ["org.springframework.ldap.core", "LdapOperations", True, "search", "(String,String,int,String[],ContextMapper)", "", "Argument[0]", "jndi-injection", "manual"] - ["org.springframework.ldap.core", "LdapOperations", True, "searchForObject", "(Name,String,ContextMapper)", "", "Argument[0]", "jndi-injection", "manual"] - ["org.springframework.ldap.core", "LdapOperations", True, "searchForObject", "(String,String,ContextMapper)", "", "Argument[0]", "jndi-injection", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(LdapQuery,String)", "", "Argument[0]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(Name,String,String)", "", "Argument[0..1]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(Name,String,String,AuthenticatedLdapEntryContextCallback)", "", "Argument[0..1]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(Name,String,String,AuthenticatedLdapEntryContextCallback,AuthenticationErrorCallback)", "", "Argument[0..1]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(Name,String,String,AuthenticationErrorCallback)", "", "Argument[0..1]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(String,String,String)", "", "Argument[0..1]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(String,String,String,AuthenticatedLdapEntryContextCallback)", "", "Argument[0..1]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(String,String,String,AuthenticatedLdapEntryContextCallback,AuthenticationErrorCallback)", "", "Argument[0..1]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(String,String,String,AuthenticationErrorCallback)", "", "Argument[0..1]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "find", "", "", "Argument[0..1]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "findOne", "", "", "Argument[0..1]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "search", "", "", "Argument[0..1]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "searchForContext", "", "", "Argument[0..1]", "ldap", "manual"] - - ["org.springframework.ldap.core", "LdapTemplate", False, "searchForObject", "", "", "Argument[0..1]", "ldap", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(LdapQuery,String)", "", "Argument[0]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(Name,String,String)", "", "Argument[0..1]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(Name,String,String,AuthenticatedLdapEntryContextCallback)", "", "Argument[0..1]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(Name,String,String,AuthenticatedLdapEntryContextCallback,AuthenticationErrorCallback)", "", "Argument[0..1]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(Name,String,String,AuthenticationErrorCallback)", "", "Argument[0..1]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(String,String,String)", "", "Argument[0..1]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(String,String,String,AuthenticatedLdapEntryContextCallback)", "", "Argument[0..1]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(String,String,String,AuthenticatedLdapEntryContextCallback,AuthenticationErrorCallback)", "", "Argument[0..1]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "authenticate", "(String,String,String,AuthenticationErrorCallback)", "", "Argument[0..1]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "find", "", "", "Argument[0..1]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "findOne", "", "", "Argument[0..1]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "search", "", "", "Argument[0..1]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "searchForContext", "", "", "Argument[0..1]", "ldap-injection", "manual"] + - ["org.springframework.ldap.core", "LdapTemplate", False, "searchForObject", "", "", "Argument[0..1]", "ldap-injection", "manual"] diff --git a/java/ql/lib/ext/org.springframework.util.model.yml b/java/ql/lib/ext/org.springframework.util.model.yml index a0203a0ce9e..a868638c4df 100644 --- a/java/ql/lib/ext/org.springframework.util.model.yml +++ b/java/ql/lib/ext/org.springframework.util.model.yml @@ -3,9 +3,9 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.springframework.util", "FileCopyUtils", False, "copy", "(byte[],File)", "", "Argument[1]", "create-file", "manual"] - - ["org.springframework.util", "FileCopyUtils", False, "copy", "(File,File)", "", "Argument[0]", "read-file", "manual"] - - ["org.springframework.util", "FileCopyUtils", False, "copy", "(File,File)", "", "Argument[1]", "create-file", "manual"] + - ["org.springframework.util", "FileCopyUtils", False, "copy", "(byte[],File)", "", "Argument[1]", "path-injection", "manual"] + - ["org.springframework.util", "FileCopyUtils", False, "copy", "(File,File)", "", "Argument[0]", "path-injection", "manual"] + - ["org.springframework.util", "FileCopyUtils", False, "copy", "(File,File)", "", "Argument[1]", "path-injection", "manual"] - addsTo: pack: codeql/java-all diff --git a/java/ql/lib/ext/org.springframework.web.client.model.yml b/java/ql/lib/ext/org.springframework.web.client.model.yml index 69f4cb64fc6..79a7f577c3d 100644 --- a/java/ql/lib/ext/org.springframework.web.client.model.yml +++ b/java/ql/lib/ext/org.springframework.web.client.model.yml @@ -10,16 +10,16 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.springframework.web.client", "RestTemplate", False, "delete", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.client", "RestTemplate", False, "doExecute", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.client", "RestTemplate", False, "exchange", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.client", "RestTemplate", False, "execute", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.client", "RestTemplate", False, "getForEntity", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.client", "RestTemplate", False, "getForObject", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.client", "RestTemplate", False, "headForHeaders", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.client", "RestTemplate", False, "optionsForAllow", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.client", "RestTemplate", False, "patchForObject", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.client", "RestTemplate", False, "postForEntity", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.client", "RestTemplate", False, "postForLocation", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.client", "RestTemplate", False, "postForObject", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.client", "RestTemplate", False, "put", "", "", "Argument[0]", "open-url", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "delete", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "doExecute", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "exchange", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "execute", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "getForEntity", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "getForObject", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "headForHeaders", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "optionsForAllow", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "patchForObject", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "postForEntity", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "postForLocation", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "postForObject", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.client", "RestTemplate", False, "put", "", "", "Argument[0]", "request-forgery", "manual"] diff --git a/java/ql/lib/ext/org.springframework.web.reactive.function.client.model.yml b/java/ql/lib/ext/org.springframework.web.reactive.function.client.model.yml index cb2d1db4444..a76582b5e80 100644 --- a/java/ql/lib/ext/org.springframework.web.reactive.function.client.model.yml +++ b/java/ql/lib/ext/org.springframework.web.reactive.function.client.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.springframework.web.reactive.function.client", "WebClient", False, "create", "", "", "Argument[0]", "open-url", "manual"] - - ["org.springframework.web.reactive.function.client", "WebClient$Builder", False, "baseUrl", "", "", "Argument[0]", "open-url", "manual"] + - ["org.springframework.web.reactive.function.client", "WebClient", False, "create", "", "", "Argument[0]", "request-forgery", "manual"] + - ["org.springframework.web.reactive.function.client", "WebClient$Builder", False, "baseUrl", "", "", "Argument[0]", "request-forgery", "manual"] diff --git a/java/ql/lib/ext/org.thymeleaf.model.yml b/java/ql/lib/ext/org.thymeleaf.model.yml index 66361b05836..2556cad8314 100644 --- a/java/ql/lib/ext/org.thymeleaf.model.yml +++ b/java/ql/lib/ext/org.thymeleaf.model.yml @@ -3,8 +3,8 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["org.thymeleaf", "ITemplateEngine", True, "process", "", "", "Argument[0]", "ssti", "manual"] - - ["org.thymeleaf", "ITemplateEngine", True, "processThrottled", "", "", "Argument[0]", "ssti", "manual"] + - ["org.thymeleaf", "ITemplateEngine", True, "process", "", "", "Argument[0]", "template-injection", "manual"] + - ["org.thymeleaf", "ITemplateEngine", True, "processThrottled", "", "", "Argument[0]", "template-injection", "manual"] - addsTo: pack: codeql/java-all extensible: summaryModel diff --git a/java/ql/lib/ext/org.yaml.snakeyaml.model.yml b/java/ql/lib/ext/org.yaml.snakeyaml.model.yml new file mode 100644 index 00000000000..e52ef0679bc --- /dev/null +++ b/java/ql/lib/ext/org.yaml.snakeyaml.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: codeql/java-all + extensible: summaryModel + data: + - ["org.yaml.snakeyaml", "Yaml", True, "load", "(String)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"] diff --git a/java/ql/lib/ext/play.libs.ws.model.yml b/java/ql/lib/ext/play.libs.ws.model.yml new file mode 100644 index 00000000000..3547414a7ad --- /dev/null +++ b/java/ql/lib/ext/play.libs.ws.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: codeql/java-all + extensible: sinkModel + data: + - ["play.libs.ws", "WSClient", True, "url", "", "", "Argument[0]", "request-forgery", "manual"] + - ["play.libs.ws", "StandaloneWSClient", True, "url", "", "", "Argument[0]", "request-forgery", "manual"] diff --git a/java/ql/lib/ext/play.mvc.model.yml b/java/ql/lib/ext/play.mvc.model.yml index a1f8dc60fe0..ba9a11c3f78 100644 --- a/java/ql/lib/ext/play.mvc.model.yml +++ b/java/ql/lib/ext/play.mvc.model.yml @@ -3,7 +3,44 @@ extensions: pack: codeql/java-all extensible: sourceModel data: - - ["play.mvc", "Http$RequestHeader", False, "getHeader", "", "", "ReturnValue", "remote", "manual"] - - ["play.mvc", "Http$RequestHeader", False, "getQueryString", "", "", "ReturnValue", "remote", "manual"] - - ["play.mvc", "Http$RequestHeader", False, "header", "", "", "ReturnValue", "remote", "manual"] - - ["play.mvc", "Http$RequestHeader", False, "queryString", "", "", "ReturnValue", "remote", "manual"] + - ["play.mvc", "Http$Request", True, "body", "", "", "ReturnValue", "remote", "manual"] + - ["play.mvc", "Http$RequestHeader", True, "cookie", "", "", "ReturnValue", "remote", "manual"] + - ["play.mvc", "Http$RequestHeader", True, "cookies", "", "", "ReturnValue", "remote", "manual"] + - ["play.mvc", "Http$RequestHeader", True, "getHeader", "", "", "ReturnValue", "remote", "manual"] # v2.4.x + - ["play.mvc", "Http$RequestHeader", True, "getHeaders", "", "", "ReturnValue", "remote", "manual"] # v2.7.x + - ["play.mvc", "Http$RequestHeader", True, "getQueryString", "", "", "ReturnValue", "remote", "manual"] + - ["play.mvc", "Http$RequestHeader", True, "header", "", "", "ReturnValue", "remote", "manual"] # v2.7.x + - ["play.mvc", "Http$RequestHeader", True, "headers", "", "", "ReturnValue", "remote", "manual"] # v2.4.x + - ["play.mvc", "Http$RequestHeader", True, "host", "", "", "ReturnValue", "remote", "manual"] + - ["play.mvc", "Http$RequestHeader", True, "path", "", "", "ReturnValue", "remote", "manual"] + - ["play.mvc", "Http$RequestHeader", True, "queryString", "", "", "ReturnValue", "remote", "manual"] + - ["play.mvc", "Http$RequestHeader", True, "remoteAddress", "", "", "ReturnValue", "remote", "manual"] + - ["play.mvc", "Http$RequestHeader", True, "uri", "", "", "ReturnValue", "remote", "manual"] + - addsTo: + pack: codeql/java-all + extensible: summaryModel + data: + - ["play.mvc", "Http$RequestBody", True, "as", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$RequestBody", True, "asBytes", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] # v2.7.x + - ["play.mvc", "Http$RequestBody", True, "asFormUrlEncoded", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$RequestBody", True, "asJson", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$RequestBody", True, "asMultipartFormData", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$RequestBody", True, "asRaw", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$RequestBody", True, "asText", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$RequestBody", True, "asXml", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$RequestBody", True, "parseJson", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] # v2.7.x + - ["play.mvc", "Http$MultipartFormData", True, "asFormUrlEncoded", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$MultipartFormData", True, "getFile", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$MultipartFormData", True, "getFiles", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$MultipartFormData$FilePart", True, "getContentType", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$MultipartFormData$FilePart", True, "getDispositionType", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] # v2.7.x + - ["play.mvc", "Http$MultipartFormData$FilePart", True, "getFile", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] # v2.4.x + - ["play.mvc", "Http$MultipartFormData$FilePart", True, "getFilename", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$MultipartFormData$FilePart", True, "getKey", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$MultipartFormData$FilePart", True, "getRef", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] # v2.7.x + - ["play.mvc", "Http$RawBuffer", True, "asBytes", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$RawBuffer", True, "asFile", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$Cookie", True, "name", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$Cookie", True, "value", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$Cookies", True, "get", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] + - ["play.mvc", "Http$Cookies", True, "getCookie", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] # v2.7.x diff --git a/java/ql/lib/ext/retrofit2.model.yml b/java/ql/lib/ext/retrofit2.model.yml index 51c4c0eed83..4ea997169a9 100644 --- a/java/ql/lib/ext/retrofit2.model.yml +++ b/java/ql/lib/ext/retrofit2.model.yml @@ -3,4 +3,4 @@ extensions: pack: codeql/java-all extensible: sinkModel data: - - ["retrofit2", "Retrofit$Builder", True, "baseUrl", "", "", "Argument[0]", "open-url", "manual"] + - ["retrofit2", "Retrofit$Builder", True, "baseUrl", "", "", "Argument[0]", "request-forgery", "manual"] diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index c48db63b34d..ada2ac9e999 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 0.6.2-dev +version: 0.6.3-dev groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/lib/semmle/code/java/Expr.qll b/java/ql/lib/semmle/code/java/Expr.qll index 0e0d0acea3f..92c81650bc3 100644 --- a/java/ql/lib/semmle/code/java/Expr.qll +++ b/java/ql/lib/semmle/code/java/Expr.qll @@ -1809,9 +1809,6 @@ class LValue extends VarAccess { * are source expressions of the assignment. */ Expr getRhs() { exists(Assignment e | e.getDest() = this and e.getSource() = result) } - - /** DEPRECATED: Alias for getRhs */ - deprecated Expr getRHS() { result = this.getRhs() } } /** diff --git a/java/ql/lib/semmle/code/java/Serializability.qll b/java/ql/lib/semmle/code/java/Serializability.qll index fc8a19040f0..72490118020 100644 --- a/java/ql/lib/semmle/code/java/Serializability.qll +++ b/java/ql/lib/semmle/code/java/Serializability.qll @@ -4,6 +4,7 @@ import java private import frameworks.jackson.JacksonSerializability +private import frameworks.google.GsonSerializability private import frameworks.google.GoogleHttpClientApi /** diff --git a/java/ql/lib/semmle/code/java/controlflow/internal/Preconditions.qll b/java/ql/lib/semmle/code/java/controlflow/internal/Preconditions.qll index 6b7736cb70d..3563176f4b0 100644 --- a/java/ql/lib/semmle/code/java/controlflow/internal/Preconditions.qll +++ b/java/ql/lib/semmle/code/java/controlflow/internal/Preconditions.qll @@ -6,15 +6,6 @@ import java -/** - * DEPRECATED: Use `conditionCheckMethodArgument` instead. - * Holds if `m` is a non-overridable method that checks that its first argument - * is equal to `checkTrue` and throws otherwise. - */ -deprecated predicate conditionCheckMethod(Method m, boolean checkTrue) { - conditionCheckMethodArgument(m, 0, checkTrue) -} - /** * Holds if `m` is a non-overridable method that checks that its zero-indexed `argument` * is equal to `checkTrue` and throws otherwise. diff --git a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll index 4cb21496f5f..bb8485cd601 100644 --- a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll +++ b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll @@ -265,28 +265,77 @@ module ModelValidation { ) } + private class OutdatedSinkKind extends string { + OutdatedSinkKind() { + this = + [ + "sql", "url-redirect", "xpath", "ssti", "logging", "groovy", "jexl", "mvel", "xslt", + "ldap", "pending-intent-sent", "intent-start", "set-hostname-verifier", + "header-splitting", "xss", "write-file", "create-file", "read-file", "open-url", + "jdbc-url" + ] + } + + private string replacementKind() { + this = ["sql", "xpath", "groovy", "jexl", "mvel", "xslt", "ldap"] and + result = this + "-injection" + or + this = "url-redirect" and result = "url-redirection" + or + this = "ssti" and result = "template-injection" + or + this = "logging" and result = "log-injection" + or + this = "pending-intent-sent" and result = "pending-intents" + or + this = "intent-start" and result = "intent-redirection" + or + this = "set-hostname-verifier" and result = "hostname-verification" + or + this = "header-splitting" and result = "response-splitting" + or + this = "xss" and result = "html-injection\" or \"js-injection" + or + this = "write-file" and result = "file-content-store" + or + this = ["create-file", "read-file"] and result = "path-injection" + or + this = ["open-url", "jdbc-url"] and result = "request-forgery" + } + + string outdatedMessage() { + result = + "The kind \"" + this + "\" is outdated. Use \"" + this.replacementKind() + "\" instead." + } + } + private string getInvalidModelKind() { exists(string kind | summaryModel(_, _, _, _, _, _, _, _, kind, _) | not kind = ["taint", "value"] and result = "Invalid kind \"" + kind + "\" in summary model." ) or - exists(string kind | sinkModel(_, _, _, _, _, _, _, kind, _) | + exists(string kind, string msg | sinkModel(_, _, _, _, _, _, _, kind, _) | not kind = [ - "open-url", "jndi-injection", "ldap", "sql", "jdbc-url", "logging", "mvel", "xpath", - "groovy", "xss", "ognl-injection", "intent-start", "pending-intent-sent", "url-redirect", - "create-file", "read-file", "write-file", "set-hostname-verifier", "header-splitting", - "information-leak", "xslt", "jexl", "bean-validation", "ssti", "fragment-injection", - "command-injection" + "request-forgery", "jndi-injection", "ldap-injection", "sql-injection", "log-injection", + "mvel-injection", "xpath-injection", "groovy-injection", "html-injection", "js-injection", + "ognl-injection", "intent-redirection", "pending-intents", "url-redirection", + "path-injection", "file-content-store", "hostname-verification", "response-splitting", + "information-leak", "xslt-injection", "jexl-injection", "bean-validation", + "template-injection", "fragment-injection", "command-injection" ] and not kind.matches("regex-use%") and not kind.matches("qltest%") and - result = "Invalid kind \"" + kind + "\" in sink model." + msg = "Invalid kind \"" + kind + "\" in sink model." and + // The part of this message that refers to outdated sink kinds can be deleted after June 1st, 2024. + if kind instanceof OutdatedSinkKind + then result = msg + " " + kind.(OutdatedSinkKind).outdatedMessage() + else result = msg ) or exists(string kind | sourceModel(_, _, _, _, _, _, _, kind, _) | - not kind = ["remote", "contentprovider", "android-widget", "android-external-storage-dir"] and + not kind = ["remote", "contentprovider", "android-external-storage-dir"] and not kind.matches("qltest%") and result = "Invalid kind \"" + kind + "\" in source model." ) diff --git a/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll b/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll index e10cd0db708..d26aa5d35f6 100644 --- a/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll +++ b/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll @@ -36,13 +36,6 @@ abstract class RemoteFlowSource extends DataFlow::Node { abstract string getSourceType(); } -/** - * A module for importing frameworks that define remote flow sources. - */ -private module RemoteFlowSources { - private import semmle.code.java.frameworks.android.Widget -} - private class ExternalRemoteFlowSource extends RemoteFlowSource { ExternalRemoteFlowSource() { sourceNode(this, "remote") } diff --git a/java/ql/lib/semmle/code/java/dataflow/RangeUtils.qll b/java/ql/lib/semmle/code/java/dataflow/RangeUtils.qll index d073868b0f5..be7f1292091 100644 --- a/java/ql/lib/semmle/code/java/dataflow/RangeUtils.qll +++ b/java/ql/lib/semmle/code/java/dataflow/RangeUtils.qll @@ -104,6 +104,17 @@ private predicate constantBooleanExpr(Expr e, boolean val) { CalcConstants::calculateBooleanValue(e) = val } +pragma[nomagic] +private predicate constantStringExpr(Expr e, string val) { + e.(CompileTimeConstantExpr).getStringValue() = val + or + exists(SsaExplicitUpdate v, Expr src | + e = v.getAUse() and + src = v.getDefiningExpr().(VariableAssign).getSource() and + constantStringExpr(src, val) + ) +} + private boolean getBoolValue(Expr e) { constantBooleanExpr(e, result) } private int getIntValue(Expr e) { constantIntegerExpr(e, result) } @@ -126,6 +137,14 @@ class ConstantBooleanExpr extends Expr { boolean getBooleanValue() { constantBooleanExpr(this, result) } } +/** An expression that always has the same string value. */ +class ConstantStringExpr extends Expr { + ConstantStringExpr() { constantStringExpr(this, _) } + + /** Get the string value of this expression. */ + string getStringValue() { constantStringExpr(this, result) } +} + /** * Gets an expression that equals `v - d`. */ diff --git a/java/ql/lib/semmle/code/java/dataflow/SSA.qll b/java/ql/lib/semmle/code/java/dataflow/SSA.qll index d4ff7ed0ac7..dd478b2a869 100644 --- a/java/ql/lib/semmle/code/java/dataflow/SSA.qll +++ b/java/ql/lib/semmle/code/java/dataflow/SSA.qll @@ -931,9 +931,6 @@ class SsaVariable extends TSsaVariable { this = TSsaUntracked(_, result) } - /** DEPRECATED: Alias for getCfgNode */ - deprecated ControlFlowNode getCFGNode() { result = this.getCfgNode() } - /** Gets a textual representation of this SSA variable. */ string toString() { none() } diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/BaseSSA.qll b/java/ql/lib/semmle/code/java/dataflow/internal/BaseSSA.qll index 6f53dbd02c1..6e41c803553 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/BaseSSA.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/BaseSSA.qll @@ -483,9 +483,6 @@ class BaseSsaVariable extends TBaseSsaVariable { this = TSsaEntryDef(_, result) } - /** DEPRECATED: Alias for getCfgNode */ - deprecated ControlFlowNode getCFGNode() { result = this.getCfgNode() } - string toString() { none() } Location getLocation() { result = this.getCfgNode().getLocation() } diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll b/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll index 034c6101de3..e6379f6a170 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll @@ -166,28 +166,21 @@ module Public { SummaryComponentStack return(ReturnKind rk) { result = singleton(SummaryComponent::return(rk)) } } - private predicate noComponentSpecific(SummaryComponent sc) { - not exists(getComponentSpecific(sc)) - } - /** Gets a textual representation of this component used for flow summaries. */ private string getComponent(SummaryComponent sc) { result = getComponentSpecific(sc) or - noComponentSpecific(sc) and - ( - exists(ArgumentPosition pos | - sc = TParameterSummaryComponent(pos) and - result = "Parameter[" + getArgumentPosition(pos) + "]" - ) - or - exists(ParameterPosition pos | - sc = TArgumentSummaryComponent(pos) and - result = "Argument[" + getParameterPosition(pos) + "]" - ) - or - sc = TReturnSummaryComponent(getReturnValueKind()) and result = "ReturnValue" + exists(ArgumentPosition pos | + sc = TParameterSummaryComponent(pos) and + result = "Parameter[" + getArgumentPosition(pos) + "]" ) + or + exists(ParameterPosition pos | + sc = TArgumentSummaryComponent(pos) and + result = "Argument[" + getParameterPosition(pos) + "]" + ) + or + sc = TReturnSummaryComponent(getReturnValueKind()) and result = "ReturnValue" } /** Gets a textual representation of this stack used for flow summaries. */ diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll b/java/ql/lib/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll index 874c08bdaba..af8f2273cbe 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll @@ -255,8 +255,9 @@ private class BulkData extends RefType { * status of its argument. */ private predicate inputStreamWrapper(Constructor c, int argi) { + not c.fromSource() and c.getParameterType(argi) instanceof BulkData and - c.getDeclaringType().getASourceSupertype().hasQualifiedName("java.io", "InputStream") + c.getDeclaringType().getASourceSupertype+().hasQualifiedName("java.io", "InputStream") } /** An object construction that preserves the data flow status of any of its arguments. */ diff --git a/java/ql/lib/semmle/code/java/deadcode/EntryPoints.qll b/java/ql/lib/semmle/code/java/deadcode/EntryPoints.qll index 2213960222e..5c037258309 100644 --- a/java/ql/lib/semmle/code/java/deadcode/EntryPoints.qll +++ b/java/ql/lib/semmle/code/java/deadcode/EntryPoints.qll @@ -456,9 +456,6 @@ class ArbitraryXmlEntryPoint extends ReflectivelyConstructedClass { } } -/** DEPRECATED: Alias for ArbitraryXmlEntryPoint */ -deprecated class ArbitraryXMLEntryPoint = ArbitraryXmlEntryPoint; - /** A Selenium PageObject, created by a call to PageFactory.initElements(..). */ class SeleniumPageObjectEntryPoint extends ReflectivelyConstructedClass instanceof SeleniumPageObject { } diff --git a/java/ql/lib/semmle/code/java/frameworks/Camel.qll b/java/ql/lib/semmle/code/java/frameworks/Camel.qll index 4a1cf58779e..0548cc58122 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Camel.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Camel.qll @@ -27,8 +27,8 @@ deprecated class CamelToURI = CamelToUri; class CamelToBeanUri extends CamelToUri { CamelToBeanUri() { // A `` element references a bean if the URI starts with "bean:", or there is no scheme. - matches("bean:%") or - not exists(indexOf(":")) + this.matches("bean:%") or + not exists(this.indexOf(":")) } /** @@ -38,13 +38,13 @@ class CamelToBeanUri extends CamelToUri { * parameter parts are optional. */ string getBeanIdentifier() { - if not exists(indexOf(":")) + if not exists(this.indexOf(":")) then result = this else - exists(int start | start = indexOf(":", 0, 0) + 1 | - if not exists(indexOf("?")) - then result = suffix(start) - else result = substring(start, indexOf("?", 0, 0)) + exists(int start | start = this.indexOf(":", 0, 0) + 1 | + if not exists(this.indexOf("?")) + then result = this.suffix(start) + else result = this.substring(start, this.indexOf("?", 0, 0)) ) } diff --git a/java/ql/lib/semmle/code/java/frameworks/Networking.qll b/java/ql/lib/semmle/code/java/frameworks/Networking.qll index 8f86c8f75e7..c473cc9fc09 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Networking.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Networking.qll @@ -38,9 +38,6 @@ class UrlConnectionGetInputStreamMethod extends Method { } } -/** DEPRECATED: Alias for UrlConnectionGetInputStreamMethod */ -deprecated class URLConnectionGetInputStreamMethod = UrlConnectionGetInputStreamMethod; - /** The method `java.net.Socket::getInputStream`. */ class SocketGetInputStreamMethod extends Method { SocketGetInputStreamMethod() { diff --git a/java/ql/lib/semmle/code/java/frameworks/Servlets.qll b/java/ql/lib/semmle/code/java/frameworks/Servlets.qll index 82e837862be..f2de51b2aab 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Servlets.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Servlets.qll @@ -128,9 +128,6 @@ class HttpServletRequestGetRequestUrlMethod extends Method { } } -/** DEPRECATED: Alias for HttpServletRequestGetRequestUrlMethod */ -deprecated class HttpServletRequestGetRequestURLMethod = HttpServletRequestGetRequestUrlMethod; - /** * The method `getRequestURI()` declared in `javax.servlet.http.HttpServletRequest`. */ @@ -339,9 +336,6 @@ class ServletWebXmlListenerType extends RefType { } } -/** DEPRECATED: Alias for ServletWebXmlListenerType */ -deprecated class ServletWebXMLListenerType = ServletWebXmlListenerType; - /** Holds if `m` is a request handler method (for example `doGet` or `doPost`). */ predicate isServletRequestMethod(Method m) { m.getDeclaringType() instanceof ServletClass and diff --git a/java/ql/lib/semmle/code/java/frameworks/UnboundId.qll b/java/ql/lib/semmle/code/java/frameworks/UnboundId.qll index e19a6b43019..8bab6dfe581 100644 --- a/java/ql/lib/semmle/code/java/frameworks/UnboundId.qll +++ b/java/ql/lib/semmle/code/java/frameworks/UnboundId.qll @@ -29,9 +29,6 @@ class TypeUnboundIdLdapConnection extends Class { } } -/** DEPRECATED: Alias for TypeUnboundIdLdapConnection */ -deprecated class TypeUnboundIdLDAPConnection = TypeUnboundIdLdapConnection; - /*--- Methods ---*/ /** A method with the name `setBaseDN` declared in `com.unboundid.ldap.sdk.SearchRequest`. */ class MethodUnboundIdSearchRequestSetBaseDN extends Method { @@ -103,9 +100,6 @@ class MethodUnboundIdLdapConnectionSearch extends Method { } } -/** DEPRECATED: Alias for MethodUnboundIdLdapConnectionSearch */ -deprecated class MethodUnboundIdLDAPConnectionSearch = MethodUnboundIdLdapConnectionSearch; - /** A method with the name `asyncSearch` declared in `com.unboundid.ldap.sdk.LDAPConnection`. */ class MethodUnboundIdLdapConnectionAsyncSearch extends Method { MethodUnboundIdLdapConnectionAsyncSearch() { @@ -114,10 +108,6 @@ class MethodUnboundIdLdapConnectionAsyncSearch extends Method { } } -/** DEPRECATED: Alias for MethodUnboundIdLdapConnectionAsyncSearch */ -deprecated class MethodUnboundIdLDAPConnectionAsyncSearch = - MethodUnboundIdLdapConnectionAsyncSearch; - /** A method with the name `searchForEntry` declared in `com.unboundid.ldap.sdk.LDAPConnection`. */ class MethodUnboundIdLdapConnectionSearchForEntry extends Method { MethodUnboundIdLdapConnectionSearchForEntry() { @@ -125,7 +115,3 @@ class MethodUnboundIdLdapConnectionSearchForEntry extends Method { this.hasName("searchForEntry") } } - -/** DEPRECATED: Alias for MethodUnboundIdLdapConnectionSearchForEntry */ -deprecated class MethodUnboundIdLDAPConnectionSearchForEntry = - MethodUnboundIdLdapConnectionSearchForEntry; diff --git a/java/ql/lib/semmle/code/java/frameworks/android/Widget.qll b/java/ql/lib/semmle/code/java/frameworks/android/Widget.qll index 81c34179c15..9cb39ed83a7 100644 --- a/java/ql/lib/semmle/code/java/frameworks/android/Widget.qll +++ b/java/ql/lib/semmle/code/java/frameworks/android/Widget.qll @@ -4,12 +4,6 @@ import java private import semmle.code.java.dataflow.ExternalFlow private import semmle.code.java.dataflow.FlowSources -private class DefaultAndroidWidgetSources extends RemoteFlowSource { - DefaultAndroidWidgetSources() { sourceNode(this, "android-widget") } - - override string getSourceType() { result = "Android widget source" } -} - private class EditableToStringStep extends AdditionalTaintStep { override predicate step(DataFlow::Node n1, DataFlow::Node n2) { exists(MethodAccess ma | diff --git a/java/ql/lib/semmle/code/java/frameworks/apache/CommonsXml.qll b/java/ql/lib/semmle/code/java/frameworks/apache/CommonsXml.qll new file mode 100644 index 00000000000..42ecc946e50 --- /dev/null +++ b/java/ql/lib/semmle/code/java/frameworks/apache/CommonsXml.qll @@ -0,0 +1,90 @@ +/** Provides XML definitions related to the `org.apache.commons` package. */ + +import java +private import semmle.code.java.dataflow.RangeUtils +private import semmle.code.java.security.XmlParsers + +/** + * The classes `org.apache.commons.digester3.Digester`, `org.apache.commons.digester.Digester` or `org.apache.tomcat.util.digester.Digester`. + */ +private class Digester extends RefType { + Digester() { + this.hasQualifiedName([ + "org.apache.commons.digester3", "org.apache.commons.digester", + "org.apache.tomcat.util.digester" + ], "Digester") + } +} + +/** A call to `Digester.parse`. */ +private class DigesterParse extends XmlParserCall { + DigesterParse() { + exists(Method m | + this.getMethod() = m and + m.getDeclaringType() instanceof Digester and + m.hasName("parse") + ) + } + + override Expr getSink() { result = this.getArgument(0) } + + override predicate isSafe() { SafeDigesterFlow::flowToExpr(this.getQualifier()) } +} + +/** A `ParserConfig` that is specific to `Digester`. */ +private class DigesterConfig extends ParserConfig { + DigesterConfig() { + exists(Method m | + m = this.getMethod() and + m.getDeclaringType() instanceof Digester and + m.hasName("setFeature") + ) + } +} + +/** + * A safely configured `Digester`. + */ +private class SafeDigester extends VarAccess { + SafeDigester() { + exists(Variable v | v = this.getVariable() | + exists(DigesterConfig config | config.getQualifier() = v.getAnAccess() | + config.enables(singleSafeConfig()) + ) + or + exists(DigesterConfig config | config.getQualifier() = v.getAnAccess() | + config + .disables(any(ConstantStringExpr s | + s.getStringValue() = "http://xml.org/sax/features/external-general-entities" + )) + ) and + exists(DigesterConfig config | config.getQualifier() = v.getAnAccess() | + config + .disables(any(ConstantStringExpr s | + s.getStringValue() = "http://xml.org/sax/features/external-parameter-entities" + )) + ) and + exists(DigesterConfig config | config.getQualifier() = v.getAnAccess() | + config + .disables(any(ConstantStringExpr s | + s.getStringValue() = + "http://apache.org/xml/features/nonvalidating/load-external-dtd" + )) + ) + ) + } +} + +private module SafeDigesterFlowConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node src) { src.asExpr() instanceof SafeDigester } + + predicate isSink(DataFlow::Node sink) { + exists(MethodAccess ma | + sink.asExpr() = ma.getQualifier() and ma.getMethod().getDeclaringType() instanceof Digester + ) + } + + int fieldFlowBranchLimit() { result = 0 } +} + +private module SafeDigesterFlow = DataFlow::Global; diff --git a/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll b/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll new file mode 100644 index 00000000000..f7de80daaf4 --- /dev/null +++ b/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll @@ -0,0 +1,60 @@ +/** + * Provides classes and predicates for working with Java Serialization in the context of + * the `com.google.gson` JSON processing framework. + */ + +import java +private import semmle.code.java.Serializability +private import semmle.code.java.dataflow.DataFlow +private import semmle.code.java.dataflow.FlowSteps + +/** + * A method used for deserializing objects using Gson. The first parameter is the object to be + * deserialized. + */ +private class GsonReadValueMethod extends Method { + GsonReadValueMethod() { this.hasQualifiedName("com.google.gson", "Gson", "fromJson") } +} + +/** A type whose values may be deserialized by the Gson JSON framework. */ +abstract class GsonDeserializableType extends Type { } + +/** A type whose values are explicitly deserialized in a call to a Gson method. */ +private class ExplicitlyReadGsonDeserializableType extends GsonDeserializableType { + ExplicitlyReadGsonDeserializableType() { + exists(MethodAccess ma | + // A call to a Gson read method... + ma.getMethod() instanceof GsonReadValueMethod and + // ...where `this` is used in the final argument, indicating that this type will be deserialized. + // TODO: find a way to get the type represented by java.lang.reflect.Type and com.google.gson.reflect.TypeToken + // fromJson(String json, TypeToken typeOfT) + // fromJson(String json, Type typeOfT) + usesType(ma.getArgument(1).getType(), this) and + not this instanceof TypeClass and + not this instanceof TypeObject + ) + } +} + +/** A type used in a `GsonDeserializableField` declaration. */ +private class FieldReferencedGsonDeserializableType extends GsonDeserializableType { + FieldReferencedGsonDeserializableType() { + exists(GsonDeserializableField f | usesType(f.getType(), this)) + } +} + +/** A field that may be deserialized using the Gson JSON framework. */ +private class GsonDeserializableField extends DeserializableField { + pragma[assume_small_delta] + GsonDeserializableField() { + exists(GsonDeserializableType superType | + superType = this.getDeclaringType().getAnAncestor() and + not superType instanceof TypeObject and + superType.fromSource() + ) + } +} + +private class GsonInheritTaint extends DataFlow::FieldContent, TaintInheritingContent { + GsonInheritTaint() { this.getField() instanceof GsonDeserializableField } +} diff --git a/java/ql/lib/semmle/code/java/frameworks/jackson/JacksonSerializability.qll b/java/ql/lib/semmle/code/java/frameworks/jackson/JacksonSerializability.qll index 79fd19f4ef2..f1395431a3c 100644 --- a/java/ql/lib/semmle/code/java/frameworks/jackson/JacksonSerializability.qll +++ b/java/ql/lib/semmle/code/java/frameworks/jackson/JacksonSerializability.qll @@ -20,9 +20,6 @@ class JacksonJsonIgnoreAnnotation extends NonReflectiveAnnotation { } } -/** DEPRECATED: Alias for JacksonJsonIgnoreAnnotation */ -deprecated class JacksonJSONIgnoreAnnotation = JacksonJsonIgnoreAnnotation; - /** A type whose values may be serialized using the Jackson JSON framework. */ abstract class JacksonSerializableType extends Type { } diff --git a/java/ql/lib/semmle/code/java/frameworks/javaee/PersistenceXML.qll b/java/ql/lib/semmle/code/java/frameworks/javaee/PersistenceXML.qll index faca537d171..7564dafa37e 100644 --- a/java/ql/lib/semmle/code/java/frameworks/javaee/PersistenceXML.qll +++ b/java/ql/lib/semmle/code/java/frameworks/javaee/PersistenceXML.qll @@ -26,9 +26,6 @@ class PersistenceXmlFile extends XmlFile { } } -/** DEPRECATED: Alias for PersistenceXmlFile */ -deprecated class PersistenceXMLFile = PersistenceXmlFile; - /** The root `persistence` XML element in a `persistence.xml` file. */ class PersistenceXmlRoot extends XmlElement { PersistenceXmlRoot() { diff --git a/java/ql/lib/semmle/code/java/frameworks/javaee/Xml.qll b/java/ql/lib/semmle/code/java/frameworks/javaee/Xml.qll new file mode 100644 index 00000000000..590b172bffa --- /dev/null +++ b/java/ql/lib/semmle/code/java/frameworks/javaee/Xml.qll @@ -0,0 +1,64 @@ +/** Provides definitions related to the `javax.xml` package. */ + +import java +private import semmle.code.java.security.XmlParsers + +/** A call to `Validator.validate`. */ +private class ValidatorValidate extends XmlParserCall { + ValidatorValidate() { + exists(Method m | + this.getMethod() = m and + m.getDeclaringType() instanceof Validator and + m.hasName("validate") + ) + } + + override Expr getSink() { result = this.getArgument(0) } + + override predicate isSafe() { SafeValidatorFlow::flowToExpr(this.getQualifier()) } +} + +/** A `TransformerConfig` specific to `Validator`. */ +private class ValidatorConfig extends TransformerConfig { + ValidatorConfig() { + exists(Method m | + this.getMethod() = m and + m.getDeclaringType() instanceof Validator and + m.hasName("setProperty") + ) + } +} + +/** The class `javax.xml.validation.Validator`. */ +private class Validator extends RefType { + Validator() { this.hasQualifiedName("javax.xml.validation", "Validator") } +} + +/** A safely configured `Validator`. */ +private class SafeValidator extends VarAccess { + SafeValidator() { + exists(Variable v | v = this.getVariable() | + exists(ValidatorConfig config | config.getQualifier() = v.getAnAccess() | + config.disables(configAccessExternalDtd()) + ) and + exists(ValidatorConfig config | config.getQualifier() = v.getAnAccess() | + config.disables(configAccessExternalSchema()) + ) + ) + } +} + +private module SafeValidatorFlowConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node src) { src.asExpr() instanceof SafeValidator } + + predicate isSink(DataFlow::Node sink) { + exists(MethodAccess ma | + sink.asExpr() = ma.getQualifier() and + ma.getMethod().getDeclaringType() instanceof Validator + ) + } + + int fieldFlowBranchLimit() { result = 0 } +} + +private module SafeValidatorFlow = DataFlow::Global; diff --git a/java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJBJarXML.qll b/java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJBJarXML.qll index 9323b3852b4..f44d77d89bd 100644 --- a/java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJBJarXML.qll +++ b/java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJBJarXML.qll @@ -35,9 +35,6 @@ class EjbJarXmlFile extends XmlFile { } } -/** DEPRECATED: Alias for EjbJarXmlFile */ -deprecated class EjbJarXMLFile = EjbJarXmlFile; - /** The root `ejb-jar` XML element in an `ejb-jar.xml` file. */ class EjbJarRootElement extends XmlElement { EjbJarRootElement() { diff --git a/java/ql/lib/semmle/code/java/frameworks/javaee/jsf/JSFFacesContextXML.qll b/java/ql/lib/semmle/code/java/frameworks/javaee/jsf/JSFFacesContextXML.qll index f85f36c37a3..13ed765638d 100644 --- a/java/ql/lib/semmle/code/java/frameworks/javaee/jsf/JSFFacesContextXML.qll +++ b/java/ql/lib/semmle/code/java/frameworks/javaee/jsf/JSFFacesContextXML.qll @@ -16,9 +16,6 @@ class FacesConfigXmlFile extends XmlFile { } } -/** DEPRECATED: Alias for FacesConfigXmlFile */ -deprecated class FacesConfigXMLFile = FacesConfigXmlFile; - /** * An XML element in a `FacesConfigXMLFile`. */ @@ -31,9 +28,6 @@ class FacesConfigXmlElement extends XmlElement { string getValue() { result = this.allCharactersString().trim() } } -/** DEPRECATED: Alias for FacesConfigXmlElement */ -deprecated class FacesConfigXMLElement = FacesConfigXmlElement; - /** * An element in a JSF config file that declares a managed bean. */ diff --git a/java/ql/lib/semmle/code/java/frameworks/javase/Beans.qll b/java/ql/lib/semmle/code/java/frameworks/javase/Beans.qll new file mode 100644 index 00000000000..dbdaf6960f3 --- /dev/null +++ b/java/ql/lib/semmle/code/java/frameworks/javase/Beans.qll @@ -0,0 +1,24 @@ +/** Provides definitions related to the `java.beans` package. */ + +import java +private import semmle.code.java.security.XmlParsers + +/** The class `java.beans.XMLDecoder`. */ +private class XmlDecoder extends RefType { + XmlDecoder() { this.hasQualifiedName("java.beans", "XMLDecoder") } +} + +/** A call to `XMLDecoder.readObject`. */ +private class XmlDecoderReadObject extends XmlParserCall { + XmlDecoderReadObject() { + exists(Method m | + this.getMethod() = m and + m.getDeclaringType() instanceof XmlDecoder and + m.hasName("readObject") + ) + } + + override Expr getSink() { result = this.getQualifier() } + + override predicate isSafe() { none() } +} diff --git a/java/ql/lib/semmle/code/java/frameworks/rundeck/RundeckXml.qll b/java/ql/lib/semmle/code/java/frameworks/rundeck/RundeckXml.qll new file mode 100644 index 00000000000..0f271e073e6 --- /dev/null +++ b/java/ql/lib/semmle/code/java/frameworks/rundeck/RundeckXml.qll @@ -0,0 +1,19 @@ +/** Provides definitions related to XML parsing in Rundeck. */ + +import java +private import semmle.code.java.security.XmlParsers + +/** A call to `ParserHelper.loadDocument`. */ +private class ParserHelperLoadDocument extends XmlParserCall { + ParserHelperLoadDocument() { + exists(Method m | + this.getMethod() = m and + m.getDeclaringType().hasQualifiedName("org.rundeck.api.parser", "ParserHelper") and + m.hasName("loadDocument") + ) + } + + override Expr getSink() { result = this.getArgument(0) } + + override predicate isSafe() { none() } +} diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringAutowire.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringAutowire.qll index 1dd6dfd292f..966db95afce 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringAutowire.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringAutowire.qll @@ -100,9 +100,6 @@ class SpringBeanXmlAutowiredSetterMethod extends Method { } } -/** DEPRECATED: Alias for SpringBeanXmlAutowiredSetterMethod */ -deprecated class SpringBeanXMLAutowiredSetterMethod = SpringBeanXmlAutowiredSetterMethod; - /** * A callable that is annotated with `@Autowired`. * diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringCamel.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringCamel.qll index 9bbdaad9687..985565255b6 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringCamel.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringCamel.qll @@ -13,9 +13,6 @@ class SpringCamelXmlElement extends SpringXmlElement { SpringCamelXmlElement() { this.getNamespace().getUri() = "http://camel.apache.org/schema/spring" } } -/** DEPRECATED: Alias for SpringCamelXmlElement */ -deprecated class SpringCamelXMLElement = SpringCamelXmlElement; - /** * An element in a Spring beans file that defines an Apache Camel context. * @@ -25,9 +22,6 @@ class SpringCamelXmlContext extends SpringCamelXmlElement { SpringCamelXmlContext() { this.getName() = "camelContext" } } -/** DEPRECATED: Alias for SpringCamelXmlContext */ -deprecated class SpringCamelXMLContext = SpringCamelXmlContext; - /** * An element in a Spring beans file that defines an Apache Camel route context. * @@ -38,9 +32,6 @@ class SpringCamelXmlRouteContext extends SpringCamelXmlElement { SpringCamelXmlRouteContext() { this.getName() = "routeContext" } } -/** DEPRECATED: Alias for SpringCamelXmlRouteContext */ -deprecated class SpringCamelXMLRouteContext = SpringCamelXmlRouteContext; - /** * An element in a Spring beans files that defines an Apache Camel route. * @@ -58,9 +49,6 @@ class SpringCamelXmlRoute extends SpringCamelXmlElement { } } -/** DEPRECATED: Alias for SpringCamelXmlRoute */ -deprecated class SpringCamelXMLRoute = SpringCamelXmlRoute; - /** * An element in a Spring bean file that is logically contained in an Apache Camel route. */ @@ -71,9 +59,6 @@ class SpringCamelXmlRouteElement extends SpringCamelXmlElement { } } -/** DEPRECATED: Alias for SpringCamelXmlRouteElement */ -deprecated class SpringCamelXMLRouteElement = SpringCamelXmlRouteElement; - /** * A reference to a Spring bean in an Apache Camel route defined in a Spring beans file. * @@ -98,9 +83,6 @@ class SpringCamelXmlBeanRef extends SpringCamelXmlRouteElement { RefType getBeanType() { result.getQualifiedName() = this.getAttribute("beanType").getValue() } } -/** DEPRECATED: Alias for SpringCamelXmlBeanRef */ -deprecated class SpringCamelXMLBeanRef = SpringCamelXmlBeanRef; - /** * A declaration of a target in an Apache Camel route defined in a Spring beans file. * @@ -120,9 +102,6 @@ class SpringCamelXmlToElement extends SpringCamelXmlRouteElement { deprecated string getURI() { result = this.getUri() } } -/** DEPRECATED: Alias for SpringCamelXmlToElement */ -deprecated class SpringCamelXMLToElement = SpringCamelXmlToElement; - /** * A declaration of a Apache Camel "method" expression defined in a Spring beans file. * @@ -147,6 +126,3 @@ class SpringCamelXmlMethodElement extends SpringCamelXmlElement { */ RefType getBeanType() { result.getQualifiedName() = this.getAttribute("beanType").getValue() } } - -/** DEPRECATED: Alias for SpringCamelXmlMethodElement */ -deprecated class SpringCamelXMLMethodElement = SpringCamelXmlMethodElement; diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringComponentScan.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringComponentScan.qll index f3380c45458..d285e9d0e6a 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringComponentScan.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringComponentScan.qll @@ -23,9 +23,6 @@ class SpringXmlComponentScan extends SpringXmlElement { string getAProfileExpr() { result = this.getSpringBeanFile().getAProfileExpr() } } -/** DEPRECATED: Alias for SpringXmlComponentScan */ -deprecated class SpringXMLComponentScan = SpringXmlComponentScan; - /** * An annotation of a class that configures which packages are considered to be "base" packages * when performing the Spring component scan. diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringFlex.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringFlex.qll index 0d18749a63e..af0afa91f4c 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringFlex.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringFlex.qll @@ -57,11 +57,6 @@ class SpringRemotingDestinationClass extends Class { */ SpringRemotingDestination getRemotingDestinationXml() { this = result.getSpringBean().getClass() } - /** DEPRECATED: Alias for getRemotingDestinationXml */ - deprecated SpringRemotingDestination getRemotingDestinationXML() { - result = this.getRemotingDestinationXml() - } - /** * Holds if the class is operating on an "include" or "exclude" basis. * diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringXMLElement.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringXMLElement.qll index efc7dfdaaf2..312cd659b39 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringXMLElement.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringXMLElement.qll @@ -37,6 +37,3 @@ class SpringXmlElement extends XmlElement { string getContentString() { result = this.allCharactersString() } } - -/** DEPRECATED: Alias for SpringXmlElement */ -deprecated class SpringXMLElement = SpringXmlElement; diff --git a/java/ql/lib/semmle/code/java/frameworks/struts/StrutsConventions.qll b/java/ql/lib/semmle/code/java/frameworks/struts/StrutsConventions.qll index fd9f14d4c6f..b3adfa8d80e 100644 --- a/java/ql/lib/semmle/code/java/frameworks/struts/StrutsConventions.qll +++ b/java/ql/lib/semmle/code/java/frameworks/struts/StrutsConventions.qll @@ -77,9 +77,6 @@ StrutsXmlFile getRootXmlFile(RefType refType) { ) } -/** DEPRECATED: Alias for getRootXmlFile */ -deprecated StrutsXMLFile getRootXMLFile(RefType refType) { result = getRootXmlFile(refType) } - /** * Gets the suffix used for automatically identifying actions when using the convention plugin. * diff --git a/java/ql/lib/semmle/code/java/frameworks/struts/StrutsXML.qll b/java/ql/lib/semmle/code/java/frameworks/struts/StrutsXML.qll index 3009056cce3..273034978d1 100644 --- a/java/ql/lib/semmle/code/java/frameworks/struts/StrutsXML.qll +++ b/java/ql/lib/semmle/code/java/frameworks/struts/StrutsXML.qll @@ -5,9 +5,6 @@ import java */ predicate isStrutsXmlIncluded() { exists(StrutsXmlFile strutsXml) } -/** DEPRECATED: Alias for isStrutsXmlIncluded */ -deprecated predicate isStrutsXMLIncluded = isStrutsXmlIncluded/0; - /** * A struts 2 configuration file. */ @@ -51,9 +48,6 @@ abstract class StrutsXmlFile extends XmlFile { } } -/** DEPRECATED: Alias for StrutsXmlFile */ -deprecated class StrutsXMLFile = StrutsXmlFile; - /** * A Struts 2 "root" configuration XML file directly read by struts. * @@ -66,9 +60,6 @@ class StrutsRootXmlFile extends StrutsXmlFile { } } -/** DEPRECATED: Alias for StrutsRootXmlFile */ -deprecated class StrutsRootXMLFile = StrutsRootXmlFile; - /** * A Struts 2 configuration XML file included, directly or indirectly, by a root Struts configuration. */ @@ -76,9 +67,6 @@ class StrutsIncludedXmlFile extends StrutsXmlFile { StrutsIncludedXmlFile() { exists(StrutsXmlInclude include | this = include.getIncludedFile()) } } -/** DEPRECATED: Alias for StrutsIncludedXmlFile */ -deprecated class StrutsIncludedXMLFile = StrutsIncludedXmlFile; - /** * A Folder which has one or more Struts 2 root configurations. */ @@ -116,9 +104,6 @@ class StrutsXmlElement extends XmlElement { string getValue() { result = this.allCharactersString().trim() } } -/** DEPRECATED: Alias for StrutsXmlElement */ -deprecated class StrutsXMLElement = StrutsXmlElement; - /** * A `` element within a `struts.xml` file. * @@ -141,9 +126,6 @@ class StrutsXmlInclude extends StrutsXmlElement { } } -/** DEPRECATED: Alias for StrutsXmlInclude */ -deprecated class StrutsXMLInclude = StrutsXmlInclude; - /** * Escape a string for use as the matcher in a string.match(..) call. */ @@ -192,9 +174,6 @@ class StrutsXmlAction extends StrutsXmlElement { } } -/** DEPRECATED: Alias for StrutsXmlAction */ -deprecated class StrutsXMLAction = StrutsXmlAction; - /** * A `` property, representing a configuration parameter to struts. */ @@ -205,6 +184,3 @@ class StrutsXmlConstant extends StrutsXmlElement { string getConstantValue() { result = this.getAttribute("value").getValue() } } - -/** DEPRECATED: Alias for StrutsXmlConstant */ -deprecated class StrutsXMLConstant = StrutsXmlConstant; diff --git a/java/ql/lib/semmle/code/java/security/AndroidIntentRedirection.qll b/java/ql/lib/semmle/code/java/security/AndroidIntentRedirection.qll index 993c2941733..ef5f84001f0 100644 --- a/java/ql/lib/semmle/code/java/security/AndroidIntentRedirection.qll +++ b/java/ql/lib/semmle/code/java/security/AndroidIntentRedirection.qll @@ -30,7 +30,7 @@ class IntentRedirectionAdditionalTaintStep extends Unit { /** Default sink for Intent redirection vulnerabilities. */ private class DefaultIntentRedirectionSink extends IntentRedirectionSink { - DefaultIntentRedirectionSink() { sinkNode(this, "intent-start") } + DefaultIntentRedirectionSink() { sinkNode(this, "intent-redirection") } } /** diff --git a/java/ql/lib/semmle/code/java/security/CleartextStorageAndroidFilesystemQuery.qll b/java/ql/lib/semmle/code/java/security/CleartextStorageAndroidFilesystemQuery.qll index 2641a3ab0df..d7097f1ecf2 100644 --- a/java/ql/lib/semmle/code/java/security/CleartextStorageAndroidFilesystemQuery.qll +++ b/java/ql/lib/semmle/code/java/security/CleartextStorageAndroidFilesystemQuery.qll @@ -20,7 +20,7 @@ private class AndroidFilesystemCleartextStorageSink extends CleartextStorageSink /** A call to a method or constructor that may write to files to the local filesystem. */ class LocalFileOpenCall extends Storable { LocalFileOpenCall() { - this = any(DataFlow::Node sink | sinkNode(sink, "create-file")).asExpr().(Argument).getCall() + this = any(DataFlow::Node sink | sinkNode(sink, "path-injection")).asExpr().(Argument).getCall() } override Expr getAnInput() { @@ -40,7 +40,7 @@ class LocalFileOpenCall extends Storable { /** Holds if `input` is written into `file`. */ private predicate filesystemInput(DataFlow::Node file, Argument input) { - exists(DataFlow::Node write | sinkNode(write, "write-file") | + exists(DataFlow::Node write | sinkNode(write, "file-content-store") | input = write.asExpr() or isVarargs(input, write) ) and diff --git a/java/ql/lib/semmle/code/java/security/Encryption.qll b/java/ql/lib/semmle/code/java/security/Encryption.qll index c0c35103331..88a1996ffd9 100644 --- a/java/ql/lib/semmle/code/java/security/Encryption.qll +++ b/java/ql/lib/semmle/code/java/security/Encryption.qll @@ -25,9 +25,6 @@ class HttpsUrlConnection extends RefType { HttpsUrlConnection() { this.hasQualifiedName("javax.net.ssl", "HttpsURLConnection") } } -/** DEPRECATED: Alias for HttpsUrlConnection */ -deprecated class HttpsURLConnection = HttpsUrlConnection; - class SslSocketFactory extends RefType { SslSocketFactory() { this.hasQualifiedName("javax.net.ssl", "SSLSocketFactory") } } diff --git a/java/ql/lib/semmle/code/java/security/ExternalAPIs.qll b/java/ql/lib/semmle/code/java/security/ExternalAPIs.qll index 89b24006475..beef024eb15 100644 --- a/java/ql/lib/semmle/code/java/security/ExternalAPIs.qll +++ b/java/ql/lib/semmle/code/java/security/ExternalAPIs.qll @@ -12,9 +12,6 @@ import semmle.code.java.dataflow.TaintTracking */ abstract class SafeExternalApiMethod extends Method { } -/** DEPRECATED: Alias for SafeExternalApiMethod */ -deprecated class SafeExternalAPIMethod = SafeExternalApiMethod; - /** The default set of "safe" external APIs. */ private class DefaultSafeExternalApiMethod extends SafeExternalApiMethod { DefaultSafeExternalApiMethod() { @@ -95,9 +92,6 @@ class ExternalApiDataNode extends DataFlow::Node { string getMethodDescription() { result = this.getMethod().getQualifiedName() } } -/** DEPRECATED: Alias for ExternalApiDataNode */ -deprecated class ExternalAPIDataNode = ExternalApiDataNode; - /** * DEPRECATED: Use `UntrustedDataToExternalApiFlow` instead. * @@ -125,9 +119,6 @@ module UntrustedDataToExternalApiConfig implements DataFlow::ConfigSig { */ module UntrustedDataToExternalApiFlow = TaintTracking::Global; -/** DEPRECATED: Alias for UntrustedDataToExternalApiConfig */ -deprecated class UntrustedDataToExternalAPIConfig = UntrustedDataToExternalApiConfig; - /** A node representing untrusted data being passed to an external API. */ class UntrustedExternalApiDataNode extends ExternalApiDataNode { UntrustedExternalApiDataNode() { UntrustedDataToExternalApiFlow::flowTo(this) } @@ -136,9 +127,6 @@ class UntrustedExternalApiDataNode extends ExternalApiDataNode { DataFlow::Node getAnUntrustedSource() { UntrustedDataToExternalApiFlow::flow(result, this) } } -/** DEPRECATED: Alias for UntrustedExternalApiDataNode */ -deprecated class UntrustedExternalAPIDataNode = UntrustedExternalApiDataNode; - /** An external API which is used with untrusted data. */ private newtype TExternalApi = /** An untrusted API method `m` where untrusted data is passed at `index`. */ @@ -172,6 +160,3 @@ class ExternalApiUsedWithUntrustedData extends TExternalApi { ) } } - -/** DEPRECATED: Alias for ExternalApiUsedWithUntrustedData */ -deprecated class ExternalAPIUsedWithUntrustedData = ExternalApiUsedWithUntrustedData; diff --git a/java/ql/lib/semmle/code/java/security/GroovyInjection.qll b/java/ql/lib/semmle/code/java/security/GroovyInjection.qll index 54ea8afce91..b4fe2fd5e84 100644 --- a/java/ql/lib/semmle/code/java/security/GroovyInjection.qll +++ b/java/ql/lib/semmle/code/java/security/GroovyInjection.qll @@ -21,7 +21,7 @@ class GroovyInjectionAdditionalTaintStep extends Unit { } private class DefaultGroovyInjectionSink extends GroovyInjectionSink { - DefaultGroovyInjectionSink() { sinkNode(this, "groovy") } + DefaultGroovyInjectionSink() { sinkNode(this, "groovy-injection") } } /** A set of additional taint steps to consider when taint tracking Groovy related data flows. */ diff --git a/java/ql/lib/semmle/code/java/security/HttpsUrls.qll b/java/ql/lib/semmle/code/java/security/HttpsUrls.qll index a2b144a3833..07435889fd9 100644 --- a/java/ql/lib/semmle/code/java/security/HttpsUrls.qll +++ b/java/ql/lib/semmle/code/java/security/HttpsUrls.qll @@ -30,7 +30,8 @@ class HttpStringLiteral extends StringLiteral { abstract class UrlOpenSink extends DataFlow::Node { } private class DefaultUrlOpenSink extends UrlOpenSink { - DefaultUrlOpenSink() { sinkNode(this, "open-url") } + // request-forgery sinks control the URL of a request + DefaultUrlOpenSink() { sinkNode(this, "request-forgery") } } /** diff --git a/java/ql/lib/semmle/code/java/security/ImplicitPendingIntents.qll b/java/ql/lib/semmle/code/java/security/ImplicitPendingIntents.qll index 308b8037554..41985affc0e 100644 --- a/java/ql/lib/semmle/code/java/security/ImplicitPendingIntents.qll +++ b/java/ql/lib/semmle/code/java/security/ImplicitPendingIntents.qll @@ -54,7 +54,8 @@ private class IntentCreationSource extends ImplicitPendingIntentSource { private class SendPendingIntent extends ImplicitPendingIntentSink { SendPendingIntent() { - sinkNode(this, "intent-start") and + // intent redirection sinks are method calls that start Android components + sinkNode(this, "intent-redirection") and // implicit intents can't be started as services since API 21 not exists(MethodAccess ma, Method m | ma.getMethod() = m and @@ -63,7 +64,7 @@ private class SendPendingIntent extends ImplicitPendingIntentSink { this.asExpr() = ma.getArgument(0) ) or - sinkNode(this, "pending-intent-sent") + sinkNode(this, "pending-intents") } override predicate hasState(DataFlow::FlowState state) { state = "MutablePendingIntent" } diff --git a/java/ql/lib/semmle/code/java/security/JexlInjectionQuery.qll b/java/ql/lib/semmle/code/java/security/JexlInjectionQuery.qll index 4138b851e85..dd877720495 100644 --- a/java/ql/lib/semmle/code/java/security/JexlInjectionQuery.qll +++ b/java/ql/lib/semmle/code/java/security/JexlInjectionQuery.qll @@ -13,7 +13,7 @@ abstract class JexlEvaluationSink extends DataFlow::ExprNode { } /** Default sink for JXEL injection vulnerabilities. */ private class DefaultJexlEvaluationSink extends JexlEvaluationSink { - DefaultJexlEvaluationSink() { sinkNode(this, "jexl") } + DefaultJexlEvaluationSink() { sinkNode(this, "jexl-injection") } } /** diff --git a/java/ql/lib/semmle/code/java/security/LdapInjection.qll b/java/ql/lib/semmle/code/java/security/LdapInjection.qll index d78bd2f7ae1..0e2a35c764e 100644 --- a/java/ql/lib/semmle/code/java/security/LdapInjection.qll +++ b/java/ql/lib/semmle/code/java/security/LdapInjection.qll @@ -29,7 +29,7 @@ class LdapInjectionAdditionalTaintStep extends Unit { /** Default sink for LDAP injection vulnerabilities. */ private class DefaultLdapInjectionSink extends LdapInjectionSink { - DefaultLdapInjectionSink() { sinkNode(this, "ldap") } + DefaultLdapInjectionSink() { sinkNode(this, "ldap-injection") } } /** A sanitizer that clears the taint on (boxed) primitive types. */ diff --git a/java/ql/lib/semmle/code/java/security/LogInjection.qll b/java/ql/lib/semmle/code/java/security/LogInjection.qll index e60e6ed9a7f..2314d807a60 100644 --- a/java/ql/lib/semmle/code/java/security/LogInjection.qll +++ b/java/ql/lib/semmle/code/java/security/LogInjection.qll @@ -27,7 +27,7 @@ class LogInjectionAdditionalTaintStep extends Unit { } private class DefaultLogInjectionSink extends LogInjectionSink { - DefaultLogInjectionSink() { sinkNode(this, "logging") } + DefaultLogInjectionSink() { sinkNode(this, "log-injection") } } private class DefaultLogInjectionSanitizer extends LogInjectionSanitizer { diff --git a/java/ql/lib/semmle/code/java/security/MvelInjection.qll b/java/ql/lib/semmle/code/java/security/MvelInjection.qll index a0ada3d91a1..803c6ad0cf9 100644 --- a/java/ql/lib/semmle/code/java/security/MvelInjection.qll +++ b/java/ql/lib/semmle/code/java/security/MvelInjection.qll @@ -25,7 +25,7 @@ class MvelInjectionAdditionalTaintStep extends Unit { /** Default sink for MVEL injection vulnerabilities. */ private class DefaultMvelEvaluationSink extends MvelEvaluationSink { - DefaultMvelEvaluationSink() { sinkNode(this, "mvel") } + DefaultMvelEvaluationSink() { sinkNode(this, "mvel-injection") } } /** A default sanitizer that considers numeric and boolean typed data safe for building MVEL expressions */ diff --git a/java/ql/lib/semmle/code/java/security/QueryInjection.qll b/java/ql/lib/semmle/code/java/security/QueryInjection.qll index fda91647bcd..217d80bf170 100644 --- a/java/ql/lib/semmle/code/java/security/QueryInjection.qll +++ b/java/ql/lib/semmle/code/java/security/QueryInjection.qll @@ -25,7 +25,7 @@ class AdditionalQueryInjectionTaintStep extends Unit { /** A sink for SQL injection vulnerabilities. */ private class SqlInjectionSink extends QueryInjectionSink { - SqlInjectionSink() { sinkNode(this, "sql") } + SqlInjectionSink() { sinkNode(this, "sql-injection") } } /** A sink for Java Persistence Query Language injection vulnerabilities. */ diff --git a/java/ql/lib/semmle/code/java/security/RequestForgery.qll b/java/ql/lib/semmle/code/java/security/RequestForgery.qll index c454da5f035..0eeea1c2afd 100644 --- a/java/ql/lib/semmle/code/java/security/RequestForgery.qll +++ b/java/ql/lib/semmle/code/java/security/RequestForgery.qll @@ -52,12 +52,8 @@ private class TypePropertiesRequestForgeryAdditionalTaintStep extends RequestFor /** A data flow sink for server-side request forgery (SSRF) vulnerabilities. */ abstract class RequestForgerySink extends DataFlow::Node { } -private class UrlOpenSinkAsRequestForgerySink extends RequestForgerySink { - UrlOpenSinkAsRequestForgerySink() { sinkNode(this, "open-url") } -} - -private class JdbcUrlSinkAsRequestForgerySink extends RequestForgerySink { - JdbcUrlSinkAsRequestForgerySink() { sinkNode(this, "jdbc-url") } +private class DefaultRequestForgerySink extends RequestForgerySink { + DefaultRequestForgerySink() { sinkNode(this, "request-forgery") } } /** A sanitizer for request forgery vulnerabilities. */ @@ -79,10 +75,7 @@ private class HostnameSanitizingPrefix extends InterestingPrefix { // the host or entity addressed: for example, anything containing `?` or `#`, or a slash that // doesn't appear to be a protocol specifier (e.g. `http://` is not sanitizing), or specifically // the string "/". - exists( - this.getStringValue() - .regexpFind(".*([?#]|[^?#:/\\\\][/\\\\]).*|[/\\\\][^/\\\\].*|^/$", 0, offset) - ) + exists(this.getStringValue().regexpFind("([?#]|[^?#:/\\\\][/\\\\])|^/$", 0, offset)) } override int getOffset() { result = offset } diff --git a/java/ql/lib/semmle/code/java/security/ResponseSplitting.qll b/java/ql/lib/semmle/code/java/security/ResponseSplitting.qll index 916b6df4372..2e2033443a5 100644 --- a/java/ql/lib/semmle/code/java/security/ResponseSplitting.qll +++ b/java/ql/lib/semmle/code/java/security/ResponseSplitting.qll @@ -11,7 +11,7 @@ private import semmle.code.java.dataflow.ExternalFlow abstract class HeaderSplittingSink extends DataFlow::Node { } private class DefaultHeaderSplittingSink extends HeaderSplittingSink { - DefaultHeaderSplittingSink() { sinkNode(this, "header-splitting") } + DefaultHeaderSplittingSink() { sinkNode(this, "response-splitting") } } /** A source that introduces data considered safe to use by a header splitting source. */ diff --git a/java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll b/java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll index d9ed2b970b0..984c9f6fcaa 100644 --- a/java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll +++ b/java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll @@ -35,7 +35,7 @@ deprecated class SensitiveLoggerConfiguration extends TaintTracking::Configurati override predicate isSource(DataFlow::Node source) { source.asExpr() instanceof CredentialExpr } - override predicate isSink(DataFlow::Node sink) { sinkNode(sink, "logging") } + override predicate isSink(DataFlow::Node sink) { sinkNode(sink, "log-injection") } override predicate isSanitizer(DataFlow::Node sanitizer) { sanitizer.asExpr() instanceof LiveLiteral or @@ -52,7 +52,7 @@ deprecated class SensitiveLoggerConfiguration extends TaintTracking::Configurati module SensitiveLoggerConfig implements DataFlow::ConfigSig { predicate isSource(DataFlow::Node source) { source.asExpr() instanceof CredentialExpr } - predicate isSink(DataFlow::Node sink) { sinkNode(sink, "logging") } + predicate isSink(DataFlow::Node sink) { sinkNode(sink, "log-injection") } predicate isBarrier(DataFlow::Node sanitizer) { sanitizer.asExpr() instanceof LiveLiteral or diff --git a/java/ql/lib/semmle/code/java/security/TaintedPathQuery.qll b/java/ql/lib/semmle/code/java/security/TaintedPathQuery.qll index 27a54d0ecfa..a90a23c2165 100644 --- a/java/ql/lib/semmle/code/java/security/TaintedPathQuery.qll +++ b/java/ql/lib/semmle/code/java/security/TaintedPathQuery.qll @@ -5,7 +5,6 @@ import semmle.code.java.frameworks.Networking import semmle.code.java.dataflow.DataFlow import semmle.code.java.dataflow.FlowSources private import semmle.code.java.dataflow.ExternalFlow -import semmle.code.java.security.PathCreation import semmle.code.java.security.PathSanitizer /** @@ -55,11 +54,7 @@ private class TaintPreservingUriCtorParam extends Parameter { module TaintedPathConfig implements DataFlow::ConfigSig { predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource } - predicate isSink(DataFlow::Node sink) { - sink.asExpr() = any(PathCreation p).getAnInput() - or - sinkNode(sink, ["create-file", "read-file"]) - } + predicate isSink(DataFlow::Node sink) { sinkNode(sink, "path-injection") } predicate isBarrier(DataFlow::Node sanitizer) { sanitizer.getType() instanceof BoxedType or @@ -82,11 +77,7 @@ module TaintedPathFlow = TaintTracking::Global; module TaintedPathLocalConfig implements DataFlow::ConfigSig { predicate isSource(DataFlow::Node source) { source instanceof LocalUserInput } - predicate isSink(DataFlow::Node sink) { - sink.asExpr() = any(PathCreation p).getAnInput() - or - sinkNode(sink, "create-file") - } + predicate isSink(DataFlow::Node sink) { sinkNode(sink, "path-injection") } predicate isBarrier(DataFlow::Node sanitizer) { sanitizer.getType() instanceof BoxedType or diff --git a/java/ql/lib/semmle/code/java/security/TemplateInjection.qll b/java/ql/lib/semmle/code/java/security/TemplateInjection.qll index b8625556c7a..bd568355886 100644 --- a/java/ql/lib/semmle/code/java/security/TemplateInjection.qll +++ b/java/ql/lib/semmle/code/java/security/TemplateInjection.qll @@ -66,7 +66,7 @@ private class DefaultTemplateInjectionSource extends TemplateInjectionSource ins { } private class DefaultTemplateInjectionSink extends TemplateInjectionSink { - DefaultTemplateInjectionSink() { sinkNode(this, "ssti") } + DefaultTemplateInjectionSink() { sinkNode(this, "template-injection") } } private class DefaultTemplateInjectionSanitizer extends TemplateInjectionSanitizer { diff --git a/java/ql/lib/semmle/code/java/security/UnsafeHostnameVerificationQuery.qll b/java/ql/lib/semmle/code/java/security/UnsafeHostnameVerificationQuery.qll index 1fc60e3494e..1b44121591c 100644 --- a/java/ql/lib/semmle/code/java/security/UnsafeHostnameVerificationQuery.qll +++ b/java/ql/lib/semmle/code/java/security/UnsafeHostnameVerificationQuery.qll @@ -74,7 +74,7 @@ module TrustAllHostnameVerifierFlow = DataFlow::Global; * A sink that represents a file creation, such as a file write, copy or move operation. */ private class FileCreationSink extends DataFlow::Node { - FileCreationSink() { sinkNode(this, "create-file") } + FileCreationSink() { + sinkNode(this, "path-injection") and + not isPathCreation(this) + } +} + +/** + * Holds if `sink` is a path creation node that doesn't imply a read/write filesystem operation. + * This is to avoid creating new spurious alerts, since `PathCreation` sinks weren't + * previously part of this query. + */ +private predicate isPathCreation(DataFlow::Node sink) { + exists(PathCreation pc | + pc.getAnInput() = sink.asExpr() + or + pc.getAnInput().(Argument).isVararg() and sink.(DataFlow::ImplicitVarargsArray).getCall() = pc + | + // exclude actual read/write operations included in `PathCreation` + not pc.(Call) + .getCallee() + .getDeclaringType() + .hasQualifiedName("java.io", + ["FileInputStream", "FileOutputStream", "FileReader", "FileWriter"]) + ) } diff --git a/java/ql/lib/semmle/code/xml/WebXML.qll b/java/ql/lib/semmle/code/xml/WebXML.qll index c15793b58a4..c356081c95f 100644 --- a/java/ql/lib/semmle/code/xml/WebXML.qll +++ b/java/ql/lib/semmle/code/xml/WebXML.qll @@ -5,9 +5,6 @@ import java */ predicate isWebXmlIncluded() { exists(WebXmlFile webXml) } -/** DEPRECATED: Alias for isWebXmlIncluded */ -deprecated predicate isWebXMLIncluded = isWebXmlIncluded/0; - /** * A deployment descriptor file, typically called `web.xml`. */ @@ -31,9 +28,6 @@ class WebXmlFile extends XmlFile { } } -/** DEPRECATED: Alias for WebXmlFile */ -deprecated class WebXMLFile = WebXmlFile; - /** * An XML element in a `WebXMLFile`. */ @@ -46,9 +40,6 @@ class WebXmlElement extends XmlElement { string getValue() { result = this.allCharactersString().trim() } } -/** DEPRECATED: Alias for WebXmlElement */ -deprecated class WebXMLElement = WebXmlElement; - /** * A `` element in a `web.xml` file. */ diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md index 744ac866083..1e7cebcfca1 100644 --- a/java/ql/src/CHANGELOG.md +++ b/java/ql/src/CHANGELOG.md @@ -1,3 +1,11 @@ +## 0.6.2 + +### Minor Analysis Improvements + +* The query `java/groovy-injection` now recognizes `groovy.text.TemplateEngine.createTemplate` as a sink. +* The queries `java/xxe` and `java/xxe-local` now recognize the second argument of calls to `XPath.evaluate` as a sink. +* Experimental sinks for the query "Resolving XML external entity in user-controlled data" (`java/xxe`) have been promoted to the main query pack. These sinks were originally [submitted as part of an experimental query by @haby0](https://github.com/github/codeql/pull/6564). + ## 0.6.1 No user-facing changes. diff --git a/java/ql/src/Metrics/Summaries/LinesOfCode.ql b/java/ql/src/Metrics/Summaries/LinesOfCode.ql index c1b43c2a3d9..62c19d1b932 100644 --- a/java/ql/src/Metrics/Summaries/LinesOfCode.ql +++ b/java/ql/src/Metrics/Summaries/LinesOfCode.ql @@ -1,8 +1,8 @@ /** * @id java/summary/lines-of-code * @name Total lines of Java code in the database - * @description The total number of lines of code across all files. This is a useful metric of the size of a database. - * For all files that were seen during the build, this query counts the lines of code, excluding whitespace + * @description The total number of lines of code across all Java files. This is a useful metric of the size of a database. + * For all Java files that were seen during the build, this query counts the lines of code, excluding whitespace * or comments. * @kind metric * @tags summary @@ -11,4 +11,4 @@ import java -select sum(CompilationUnit f | f.fromSource() | f.getNumberOfLinesOfCode()) +select sum(CompilationUnit f | f.fromSource() and f.isJavaSourceFile() | f.getNumberOfLinesOfCode()) diff --git a/java/ql/src/Metrics/Summaries/LinesOfCodeKotlin.ql b/java/ql/src/Metrics/Summaries/LinesOfCodeKotlin.ql new file mode 100644 index 00000000000..0093bc0a98f --- /dev/null +++ b/java/ql/src/Metrics/Summaries/LinesOfCodeKotlin.ql @@ -0,0 +1,18 @@ +/** + * @id java/summary/lines-of-code-kotlin + * @name Total lines of Kotlin code in the database + * @description The total number of lines of code across all Kotlin files. This is a useful metric of the size of a database. + * For all Kotlin files that were seen during the build, this query counts the lines of code, excluding whitespace + * or comments. + * @kind metric + * @tags summary + * lines-of-code + */ + +import java + +select sum(CompilationUnit f | + f.fromSource() and f.isKotlinSourceFile() + | + f.getNumberOfLinesOfCode() + ) diff --git a/java/ql/src/Security/CWE/CWE-022/TaintedPath.ql b/java/ql/src/Security/CWE/CWE-022/TaintedPath.ql index 2d73514d97b..96e8e66c7cd 100644 --- a/java/ql/src/Security/CWE/CWE-022/TaintedPath.ql +++ b/java/ql/src/Security/CWE/CWE-022/TaintedPath.ql @@ -14,6 +14,7 @@ */ import java +import semmle.code.java.security.PathCreation import semmle.code.java.security.TaintedPathQuery import TaintedPathFlow::PathGraph diff --git a/java/ql/src/Security/CWE/CWE-022/TaintedPathLocal.ql b/java/ql/src/Security/CWE/CWE-022/TaintedPathLocal.ql index c017b8a3aa9..8e56121883f 100644 --- a/java/ql/src/Security/CWE/CWE-022/TaintedPathLocal.ql +++ b/java/ql/src/Security/CWE/CWE-022/TaintedPathLocal.ql @@ -14,6 +14,7 @@ */ import java +import semmle.code.java.security.PathCreation import semmle.code.java.security.TaintedPathQuery import TaintedPathLocalFlow::PathGraph diff --git a/java/ql/src/Security/CWE/CWE-730/PolynomialReDoS.qhelp b/java/ql/src/Security/CWE/CWE-730/PolynomialReDoS.qhelp index dbb1f4c37f5..5a56343420a 100644 --- a/java/ql/src/Security/CWE/CWE-730/PolynomialReDoS.qhelp +++ b/java/ql/src/Security/CWE/CWE-730/PolynomialReDoS.qhelp @@ -15,8 +15,7 @@

    - Pattern.compile("^\\s+|\\s+$").matcher(text).replaceAll("") // BAD - +Pattern.compile("^\\s+|\\s+$").matcher(text).replaceAll("") // BAD

    @@ -71,8 +70,7 @@

    - "^0\\.\\d+E?\\d+$"" - +"^0\\.\\d+E?\\d+$""

    @@ -103,6 +101,33 @@ + +

    + Sometimes it is unclear how a regular expression can be rewritten to + avoid the problem. In such cases, it often suffices to limit the + length of the input string. For instance, the following + regular expression is used to match numbers, and on some non-number + inputs it can have quadratic time complexity: +

    + + +Pattern.matches("^(\\+|-)?(\\d+|(\\d*\\.\\d*))?(E|e)?([-+])?(\\d+)?$", str); + +

    + It is not immediately obvious how to rewrite this regular expression + to avoid the problem. However, you can mitigate performance issues by limiting the length + to 1000 characters, which will always finish in a reasonable amount + of time. +

    + + +if (str.length() > 1000) { + throw new IllegalArgumentException("Input too long"); +} + +Pattern.matches("^(\\+|-)?(\\d+|(\\d*\\.\\d*))?(E|e)?([-+])?(\\d+)?$", str); + + diff --git a/java/ql/src/Security/CWE/CWE-730/ReDoS.qhelp b/java/ql/src/Security/CWE/CWE-730/ReDoS.qhelp index 08b67acb638..7fcdb97535b 100644 --- a/java/ql/src/Security/CWE/CWE-730/ReDoS.qhelp +++ b/java/ql/src/Security/CWE/CWE-730/ReDoS.qhelp @@ -11,8 +11,7 @@ Consider this regular expression:

    - ^_(__|.)+_$ - +^_(__|.)+_$

    Its sub-expression "(__|.)+?" can match the string "__" either by the first alternative "__" to the left of the "|" operator, or by two @@ -25,8 +24,7 @@ the two branches of the alternative inside the repetition:

    - ^_(__|[^_])+_$ - +^_(__|[^_])+_$ diff --git a/java/ql/src/Telemetry/AutomodelEndpointTypes.qll b/java/ql/src/Telemetry/AutomodelEndpointTypes.qll new file mode 100644 index 00000000000..7414837b605 --- /dev/null +++ b/java/ql/src/Telemetry/AutomodelEndpointTypes.qll @@ -0,0 +1,60 @@ +/** + * For internal use only. + * + * Defines the set of classes that endpoint scoring models can predict. Endpoint scoring models must + * only predict classes defined within this file. This file is the source of truth for the integer + * representation of each of these classes. + */ + +/** A class that can be predicted by a classifier. */ +abstract class EndpointType extends string { + /** + * Holds when the string matches the name of the sink / source type. + */ + bindingset[this] + EndpointType() { any() } + + /** + * Gets the name of the sink/source kind for this endpoint type as used in models-as-data. + * + * See https://github.com/github/codeql/blob/44213f0144fdd54bb679ca48d68b28dcf820f7a8/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll#LL353C11-L357C31 + */ + final string getKind() { result = this } +} + +/** A class for sink types that can be predicted by a classifier. */ +abstract class SinkType extends EndpointType { + bindingset[this] + SinkType() { any() } +} + +/** A class for source types that can be predicted by a classifier. */ +abstract class SourceType extends EndpointType { + bindingset[this] + SourceType() { any() } +} + +/** The `Negative` class for non-sinks. */ +class NegativeSinkType extends SinkType { + NegativeSinkType() { this = "non-sink" } +} + +/** A sink relevant to the SQL injection query */ +class SqlSinkType extends SinkType { + SqlSinkType() { this = "sql" } +} + +/** A sink relevant to the tainted path injection query. */ +class TaintedPathSinkType extends SinkType { + TaintedPathSinkType() { this = "tainted-path" } +} + +/** A sink relevant to the SSRF query. */ +class RequestForgerySinkType extends SinkType { + RequestForgerySinkType() { this = "ssrf" } +} + +/** A sink relevant to the command injection query. */ +class CommandInjectionSinkType extends SinkType { + CommandInjectionSinkType() { this = "command-injection" } +} diff --git a/java/ql/src/Telemetry/AutomodelFrameworkModeCharacteristics.qll b/java/ql/src/Telemetry/AutomodelFrameworkModeCharacteristics.qll new file mode 100644 index 00000000000..57bd397f7a8 --- /dev/null +++ b/java/ql/src/Telemetry/AutomodelFrameworkModeCharacteristics.qll @@ -0,0 +1,332 @@ +/** + * For internal use only. + */ + +private import java +private import semmle.code.Location as Location +private import semmle.code.java.dataflow.DataFlow +private import semmle.code.java.dataflow.TaintTracking +private import semmle.code.java.security.PathCreation +private import semmle.code.java.dataflow.ExternalFlow as ExternalFlow +private import semmle.code.java.dataflow.internal.FlowSummaryImpl as FlowSummaryImpl +private import semmle.code.java.security.ExternalAPIs as ExternalAPIs +private import semmle.code.java.Expr as Expr +private import semmle.code.java.security.QueryInjection +private import semmle.code.java.security.RequestForgery +private import semmle.code.java.dataflow.internal.ModelExclusions as ModelExclusions +import AutomodelSharedCharacteristics as SharedCharacteristics +import AutomodelEndpointTypes as AutomodelEndpointTypes + +/** + * A meta data extractor. Any Java extraction mode needs to implement exactly + * one instance of this class. + */ +abstract class MetadataExtractor extends string { + bindingset[this] + MetadataExtractor() { any() } + + abstract predicate hasMetadata( + DataFlow::ParameterNode e, string package, string type, boolean subtypes, string name, + string signature, int input, string parameterName + ); +} + +newtype JavaRelatedLocationType = + MethodDoc() or + ClassDoc() + +/** + * A candidates implementation for framework mode. + * + * Some important notes: + * - This mode is using parameters as endpoints. + * - Sink- and neutral-information is being used from MaD models. + * - When available, we use method- and class-java-docs as related locations. + */ +module FrameworkCandidatesImpl implements SharedCharacteristics::CandidateSig { + // for documentation of the implementations here, see the QLDoc in the CandidateSig signature module. + class Endpoint = DataFlow::ParameterNode; + + class EndpointType = AutomodelEndpointTypes::EndpointType; + + class NegativeEndpointType = AutomodelEndpointTypes::NegativeSinkType; + + class RelatedLocation = Location::Top; + + class RelatedLocationType = JavaRelatedLocationType; + + // Sanitizers are currently not modeled in MaD. TODO: check if this has large negative impact. + predicate isSanitizer(Endpoint e, EndpointType t) { none() } + + RelatedLocation asLocation(Endpoint e) { result = e.asParameter() } + + predicate isKnownKind(string kind, string humanReadableKind, EndpointType type) { + kind = "read-file" and + humanReadableKind = "read file" and + type instanceof AutomodelEndpointTypes::TaintedPathSinkType + or + kind = "create-file" and + humanReadableKind = "create file" and + type instanceof AutomodelEndpointTypes::TaintedPathSinkType + or + kind = "sql" and + humanReadableKind = "mad modeled sql" and + type instanceof AutomodelEndpointTypes::SqlSinkType + or + kind = "open-url" and + humanReadableKind = "open url" and + type instanceof AutomodelEndpointTypes::RequestForgerySinkType + or + kind = "jdbc-url" and + humanReadableKind = "jdbc url" and + type instanceof AutomodelEndpointTypes::RequestForgerySinkType + or + kind = "command-injection" and + humanReadableKind = "command injection" and + type instanceof AutomodelEndpointTypes::CommandInjectionSinkType + } + + predicate isSink(Endpoint e, string kind) { + exists(string package, string type, string name, string signature, string ext, string input | + sinkSpec(e, package, type, name, signature, ext, input) and + ExternalFlow::sinkModel(package, type, _, name, [signature, ""], ext, input, kind, _) + ) + } + + predicate isNeutral(Endpoint e) { + exists(string package, string type, string name, string signature | + sinkSpec(e, package, type, name, signature, _, _) and + ExternalFlow::neutralModel(package, type, name, [signature, ""], _, _) + ) + } + + additional predicate sinkSpec( + Endpoint e, string package, string type, string name, string signature, string ext, string input + ) { + FrameworkCandidatesImpl::getCallable(e).hasQualifiedName(package, type, name) and + signature = ExternalFlow::paramsString(getCallable(e)) and + ext = "" and + exists(int paramIdx | e.isParameterOf(_, paramIdx) | + if paramIdx = -1 then input = "Argument[this]" else input = "Argument[" + paramIdx + "]" + ) + } + + /** + * Returns the related location for the given endpoint. + * + * Related locations can be JavaDoc comments of the class or the method. + */ + RelatedLocation getRelatedLocation(Endpoint e, RelatedLocationType type) { + type = MethodDoc() and + result = FrameworkCandidatesImpl::getCallable(e).(Documentable).getJavadoc() + or + type = ClassDoc() and + result = FrameworkCandidatesImpl::getCallable(e).getDeclaringType().(Documentable).getJavadoc() + } + + /** + * Returns the callable that contains the given endpoint. + * + * Each Java mode should implement this predicate. + */ + additional Callable getCallable(Endpoint e) { result = e.getEnclosingCallable() } +} + +module CharacteristicsImpl = SharedCharacteristics::SharedCharacteristics; + +class EndpointCharacteristic = CharacteristicsImpl::EndpointCharacteristic; + +class Endpoint = FrameworkCandidatesImpl::Endpoint; + +/* + * Predicates that are used to surface prompt examples and candidates for classification with an ML model. + */ + +/** + * A MetadataExtractor that extracts metadata for framework mode. + */ +class FrameworkModeMetadataExtractor extends MetadataExtractor { + FrameworkModeMetadataExtractor() { this = "FrameworkModeMetadataExtractor" } + + /** + * By convention, the subtypes property of the MaD declaration should only be + * true when there _can_ exist any subtypes with a different implementation. + * + * It would technically be ok to always use the value 'true', but this would + * break convention. + */ + boolean considerSubtypes(Callable callable) { + if + callable.isStatic() or + callable.getDeclaringType().isStatic() or + callable.isFinal() or + callable.getDeclaringType().isFinal() + then result = false + else result = true + } + + override predicate hasMetadata( + Endpoint e, string package, string type, boolean subtypes, string name, string signature, + int input, string parameterName + ) { + exists(Callable callable | + e.asParameter() = callable.getParameter(input) and + package = callable.getDeclaringType().getPackage().getName() and + type = callable.getDeclaringType().getErasure().(RefType).nestedName() and + subtypes = this.considerSubtypes(callable) and + name = callable.getName() and + parameterName = e.asParameter().getName() and + signature = ExternalFlow::paramsString(callable) + ) + } +} + +/* + * EndpointCharacteristic classes that are specific to Automodel for Java. + */ + +/** + * A negative characteristic that indicates that an is-style boolean method is unexploitable even if it is a sink. + * + * A sink is highly unlikely to be exploitable if its callable's name starts with `is` and the callable has a boolean return + * type (e.g. `isDirectory`). These kinds of calls normally do only checks, and appear before the proper call that does + * the dangerous/interesting thing, so we want the latter to be modeled as the sink. + * + * TODO: this might filter too much, it's possible that methods with more than one parameter contain interesting sinks + */ +private class UnexploitableIsCharacteristic extends CharacteristicsImpl::NotASinkCharacteristic { + UnexploitableIsCharacteristic() { this = "unexploitable (is-style boolean method)" } + + override predicate appliesToEndpoint(Endpoint e) { + not FrameworkCandidatesImpl::isSink(e, _) and + FrameworkCandidatesImpl::getCallable(e).getName().matches("is%") and + FrameworkCandidatesImpl::getCallable(e).getReturnType() instanceof BooleanType + } +} + +/** + * A negative characteristic that indicates that an existence-checking boolean method is unexploitable even if it is a + * sink. + * + * A sink is highly unlikely to be exploitable if its callable's name is `exists` or `notExists` and the callable has a + * boolean return type. These kinds of calls normally do only checks, and appear before the proper call that does the + * dangerous/interesting thing, so we want the latter to be modeled as the sink. + */ +private class UnexploitableExistsCharacteristic extends CharacteristicsImpl::NotASinkCharacteristic { + UnexploitableExistsCharacteristic() { this = "unexploitable (existence-checking boolean method)" } + + override predicate appliesToEndpoint(Endpoint e) { + not FrameworkCandidatesImpl::isSink(e, _) and + exists(Callable callable | + callable = FrameworkCandidatesImpl::getCallable(e) and + callable.getName().toLowerCase() = ["exists", "notexists"] and + callable.getReturnType() instanceof BooleanType + ) + } +} + +/** + * A negative characteristic that indicates that an endpoint is an argument to an exception, which is not a sink. + */ +private class ExceptionCharacteristic extends CharacteristicsImpl::NotASinkCharacteristic { + ExceptionCharacteristic() { this = "exception" } + + override predicate appliesToEndpoint(Endpoint e) { + FrameworkCandidatesImpl::getCallable(e).getDeclaringType().getASupertype*() instanceof + TypeThrowable + } +} + +/** + * A characteristic that limits candidates to parameters of methods that are recognized as `ModelApi`, iow., APIs that + * are considered worth modeling. + */ +private class NotAModelApiParameter extends CharacteristicsImpl::UninterestingToModelCharacteristic { + NotAModelApiParameter() { this = "not a model API parameter" } + + override predicate appliesToEndpoint(Endpoint e) { + not exists(ModelExclusions::ModelApi api | api.getAParameter() = e.asParameter()) + } +} + +/** + * A negative characteristic that filters out non-public methods. Non-public methods are not interesting to include in + * the standard Java modeling, because they cannot be called from outside the package. + */ +private class NonPublicMethodCharacteristic extends CharacteristicsImpl::UninterestingToModelCharacteristic +{ + NonPublicMethodCharacteristic() { this = "non-public method" } + + override predicate appliesToEndpoint(Endpoint e) { + not FrameworkCandidatesImpl::getCallable(e).isPublic() + } +} + +/** + * Holds if the given endpoint has a self-contradictory combination of characteristics. Detects errors in our endpoint + * characteristics. Lists the problematic characteristics and their implications for all such endpoints, together with + * an error message indicating why this combination is problematic. + * + * Copied from + * javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/ContradictoryEndpointCharacteristics.ql + */ +predicate erroneousEndpoints( + Endpoint endpoint, EndpointCharacteristic characteristic, + AutomodelEndpointTypes::EndpointType endpointType, float confidence, string errorMessage, + boolean ignoreKnownModelingErrors +) { + // An endpoint's characteristics should not include positive indicators with medium/high confidence for more than one + // sink/source type (including the negative type). + exists( + EndpointCharacteristic characteristic2, AutomodelEndpointTypes::EndpointType endpointClass2, + float confidence2 + | + endpointType != endpointClass2 and + ( + endpointType instanceof AutomodelEndpointTypes::SinkType and + endpointClass2 instanceof AutomodelEndpointTypes::SinkType + or + endpointType instanceof AutomodelEndpointTypes::SourceType and + endpointClass2 instanceof AutomodelEndpointTypes::SourceType + ) and + characteristic.appliesToEndpoint(endpoint) and + characteristic2.appliesToEndpoint(endpoint) and + characteristic.hasImplications(endpointType, true, confidence) and + characteristic2.hasImplications(endpointClass2, true, confidence2) and + confidence > SharedCharacteristics::mediumConfidence() and + confidence2 > SharedCharacteristics::mediumConfidence() and + ( + ignoreKnownModelingErrors = true and + not knownOverlappingCharacteristics(characteristic, characteristic2) + or + ignoreKnownModelingErrors = false + ) + ) and + errorMessage = "Endpoint has high-confidence positive indicators for multiple classes" + or + // An endpoint's characteristics should not include positive indicators with medium/high confidence for some class and + // also include negative indicators with medium/high confidence for this same class. + exists(EndpointCharacteristic characteristic2, float confidence2 | + characteristic.appliesToEndpoint(endpoint) and + characteristic2.appliesToEndpoint(endpoint) and + characteristic.hasImplications(endpointType, true, confidence) and + characteristic2.hasImplications(endpointType, false, confidence2) and + confidence > SharedCharacteristics::mediumConfidence() and + confidence2 > SharedCharacteristics::mediumConfidence() + ) and + ignoreKnownModelingErrors = false and + errorMessage = "Endpoint has high-confidence positive and negative indicators for the same class" +} + +/** + * Holds if `characteristic1` and `characteristic2` are among the pairs of currently known positive characteristics that + * have some overlap in their results. This indicates a problem with the underlying Java modeling. Specifically, + * `PathCreation` is prone to FPs. + */ +private predicate knownOverlappingCharacteristics( + EndpointCharacteristic characteristic1, EndpointCharacteristic characteristic2 +) { + characteristic1 != characteristic2 and + characteristic1 = ["mad taint step", "create path", "read file", "known non-sink"] and + characteristic2 = ["mad taint step", "create path", "read file", "known non-sink"] +} diff --git a/java/ql/src/Telemetry/AutomodelFrameworkModeExtractCandidates.ql b/java/ql/src/Telemetry/AutomodelFrameworkModeExtractCandidates.ql new file mode 100644 index 00000000000..a64327422a0 --- /dev/null +++ b/java/ql/src/Telemetry/AutomodelFrameworkModeExtractCandidates.ql @@ -0,0 +1,51 @@ +/** + * Surfaces the endpoints that are not already known to be sinks, and are therefore used as candidates for + * classification with an ML model. + * + * Note: This query does not actually classify the endpoints using the model. + * + * @name Automodel candidates + * @description A query to extract automodel candidates. + * @kind problem + * @severity info + * @id java/ml/extract-automodel-candidates + * @tags internal automodel extract candidates + */ + +private import AutomodelFrameworkModeCharacteristics +private import AutomodelSharedUtil + +from + Endpoint endpoint, string message, MetadataExtractor meta, string package, string type, + boolean subtypes, string name, string signature, int input, string parameterName +where + not exists(CharacteristicsImpl::UninterestingToModelCharacteristic u | + u.appliesToEndpoint(endpoint) + ) and + // If a node is already a known sink for any of our existing ATM queries and is already modeled as a MaD sink, we + // don't include it as a candidate. Otherwise, we might include it as a candidate for query A, but the model will + // label it as a sink for one of the sink types of query B, for which it's already a known sink. This would result in + // overlap between our detected sinks and the pre-existing modeling. We assume that, if a sink has already been + // modeled in a MaD model, then it doesn't belong to any additional sink types, and we don't need to reexamine it. + not CharacteristicsImpl::isSink(endpoint, _) and + meta.hasMetadata(endpoint, package, type, subtypes, name, signature, input, parameterName) and + // The message is the concatenation of all sink types for which this endpoint is known neither to be a sink nor to be + // a non-sink, and we surface only endpoints that have at least one such sink type. + message = + strictconcat(AutomodelEndpointTypes::SinkType sinkType | + not CharacteristicsImpl::isKnownSink(endpoint, sinkType) and + CharacteristicsImpl::isSinkCandidate(endpoint, sinkType) + | + sinkType, ", " + ) +select endpoint, + message + "\nrelated locations: $@, $@." + "\nmetadata: $@, $@, $@, $@, $@, $@, $@.", // + CharacteristicsImpl::getRelatedLocationOrCandidate(endpoint, MethodDoc()), "MethodDoc", // + CharacteristicsImpl::getRelatedLocationOrCandidate(endpoint, ClassDoc()), "ClassDoc", // + package.(DollarAtString), "package", // + type.(DollarAtString), "type", // + subtypes.toString().(DollarAtString), "subtypes", // + name.(DollarAtString), "name", // + signature.(DollarAtString), "signature", // + input.toString().(DollarAtString), "input", // + parameterName.(DollarAtString), "parameterName" // diff --git a/java/ql/src/Telemetry/AutomodelFrameworkModeExtractNegativeExamples.ql b/java/ql/src/Telemetry/AutomodelFrameworkModeExtractNegativeExamples.ql new file mode 100644 index 00000000000..f1ba8ee4119 --- /dev/null +++ b/java/ql/src/Telemetry/AutomodelFrameworkModeExtractNegativeExamples.ql @@ -0,0 +1,48 @@ +/** + * Surfaces endpoints that are non-sinks with high confidence, for use as negative examples in the prompt. + * + * @name Negative examples (experimental) + * @kind problem + * @severity info + * @id java/ml/non-sink + * @tags internal automodel extract examples negative + */ + +private import AutomodelFrameworkModeCharacteristics +private import AutomodelEndpointTypes +private import AutomodelSharedUtil + +from + Endpoint endpoint, EndpointCharacteristic characteristic, float confidence, string message, + MetadataExtractor meta, string package, string type, boolean subtypes, string name, + string signature, int input, string parameterName +where + characteristic.appliesToEndpoint(endpoint) and + confidence >= SharedCharacteristics::highConfidence() and + characteristic.hasImplications(any(NegativeSinkType negative), true, confidence) and + // Exclude endpoints that have contradictory endpoint characteristics, because we only want examples we're highly + // certain about in the prompt. + not erroneousEndpoints(endpoint, _, _, _, _, false) and + meta.hasMetadata(endpoint, package, type, subtypes, name, signature, input, parameterName) and + // It's valid for a node to satisfy the logic for both `isSink` and `isSanitizer`, but in that case it will be + // treated by the actual query as a sanitizer, since the final logic is something like + // `isSink(n) and not isSanitizer(n)`. We don't want to include such nodes as negative examples in the prompt, because + // they're ambiguous and might confuse the model, so we explicitly exclude all known sinks from the negative examples. + not exists(EndpointCharacteristic characteristic2, float confidence2, SinkType positiveType | + not positiveType instanceof NegativeSinkType and + characteristic2.appliesToEndpoint(endpoint) and + confidence2 >= SharedCharacteristics::maximalConfidence() and + characteristic2.hasImplications(positiveType, true, confidence2) + ) and + message = characteristic +select endpoint, + message + "\nrelated locations: $@, $@." + "\nmetadata: $@, $@, $@, $@, $@, $@, $@.", // + CharacteristicsImpl::getRelatedLocationOrCandidate(endpoint, MethodDoc()), "MethodDoc", // + CharacteristicsImpl::getRelatedLocationOrCandidate(endpoint, ClassDoc()), "ClassDoc", // + package.(DollarAtString), "package", // + type.(DollarAtString), "type", // + subtypes.toString().(DollarAtString), "subtypes", // + name.(DollarAtString), "name", // + signature.(DollarAtString), "signature", // + input.toString().(DollarAtString), "input", // + parameterName.(DollarAtString), "parameterName" // diff --git a/java/ql/src/Telemetry/AutomodelFrameworkModeExtractPositiveExamples.ql b/java/ql/src/Telemetry/AutomodelFrameworkModeExtractPositiveExamples.ql new file mode 100644 index 00000000000..e216c292538 --- /dev/null +++ b/java/ql/src/Telemetry/AutomodelFrameworkModeExtractPositiveExamples.ql @@ -0,0 +1,35 @@ +/** + * Surfaces endpoints that are sinks with high confidence, for use as positive examples in the prompt. + * + * @name Positive examples (experimental) + * @kind problem + * @severity info + * @id java/ml/known-sink + * @tags internal automodel extract examples positive + */ + +private import AutomodelFrameworkModeCharacteristics +private import AutomodelEndpointTypes +private import AutomodelSharedUtil + +from + Endpoint endpoint, SinkType sinkType, MetadataExtractor meta, string package, string type, + boolean subtypes, string name, string signature, int input, string parameterName +where + // Exclude endpoints that have contradictory endpoint characteristics, because we only want examples we're highly + // certain about in the prompt. + not erroneousEndpoints(endpoint, _, _, _, _, false) and + meta.hasMetadata(endpoint, package, type, subtypes, name, signature, input, parameterName) and + // Extract positive examples of sinks belonging to the existing ATM query configurations. + CharacteristicsImpl::isKnownSink(endpoint, sinkType) +select endpoint, + sinkType + "\nrelated locations: $@, $@." + "\nmetadata: $@, $@, $@, $@, $@, $@, $@.", // + CharacteristicsImpl::getRelatedLocationOrCandidate(endpoint, MethodDoc()), "MethodDoc", // + CharacteristicsImpl::getRelatedLocationOrCandidate(endpoint, ClassDoc()), "ClassDoc", // + package.(DollarAtString), "package", // + type.(DollarAtString), "type", // + subtypes.toString().(DollarAtString), "subtypes", // + name.(DollarAtString), "name", // + signature.(DollarAtString), "signature", // + input.toString().(DollarAtString), "input", // + parameterName.(DollarAtString), "parameterName" // diff --git a/java/ql/src/Telemetry/AutomodelSharedCharacteristics.qll b/java/ql/src/Telemetry/AutomodelSharedCharacteristics.qll new file mode 100644 index 00000000000..f23340bf34f --- /dev/null +++ b/java/ql/src/Telemetry/AutomodelSharedCharacteristics.qll @@ -0,0 +1,305 @@ +float maximalConfidence() { result = 1.0 } + +float highConfidence() { result = 0.9 } + +float mediumConfidence() { result = 0.6 } + +/** + * A specification of how to instantiate the shared characteristics for a given candidate class. + * + * The `CandidateSig` implementation specifies a type to use for Endpoints (eg., `ParameterNode`), as well as a type + * to label endpoint classes (the `EndpointType`). One of the endpoint classes needs to be a 'negative' class, meaning + * "not any of the other known endpoint types". + */ +signature module CandidateSig { + /** + * An endpoint is a potential candidate for modeling. This will typically be bound to the language's + * DataFlow node class, or a subtype thereof. + */ + class Endpoint; + + /** + * A related location for an endpoint. This will typically be bound to the supertype of all AST nodes (eg., `Top`). + */ + class RelatedLocation; + + /** + * A label for a related location. + * + * Eg., method-doc, class-doc, etc. + */ + class RelatedLocationType; + + /** + * A class kind for an endpoint. + */ + class EndpointType extends string; + + /** + * An EndpointType that denotes the absence of any sink. + */ + class NegativeEndpointType extends EndpointType; + + /** + * Gets the endpoint as a location. + * + * This is a utility function to convert an endpoint to its corresponding location. + */ + RelatedLocation asLocation(Endpoint e); + + /** + * Defines what MaD kinds are known, and what endpoint type they correspond to. + */ + predicate isKnownKind(string kind, string humanReadableLabel, EndpointType type); + + /** + * Holds if `e` is a flow sanitizer, and has type `t`. + */ + predicate isSanitizer(Endpoint e, EndpointType t); + + /** + * Holds if `e` is a sink with the label `kind`. + */ + predicate isSink(Endpoint e, string kind); + + /** + * Holds if `e` is not a sink of any kind. + */ + predicate isNeutral(Endpoint e); + + /** + * Gets a related location. + * + * A related location is a source code location that may hold extra information about an endpoint that can be useful + * to the machine learning model. + * + * For example, a related location for a method call may be the documentation comment of a method. + */ + RelatedLocation getRelatedLocation(Endpoint e, RelatedLocationType name); +} + +/** + * A set of shared characteristics for a given candidate class. + * + * This module is language-agnostic, although the `CandidateSig` module will be language-specific. + * + * The language specific implementation can also further extend the behavior of this module by adding additional + * implementations of endpoint characteristics exported by this module. + */ +module SharedCharacteristics { + predicate isSink = Candidate::isSink/2; + + predicate isNeutral = Candidate::isNeutral/1; + + /** + * Holds if `sink` is a known sink of type `endpointType`. + */ + predicate isKnownSink(Candidate::Endpoint sink, Candidate::EndpointType endpointType) { + // If the list of characteristics includes positive indicators with maximal confidence for this class, then it's a + // known sink for the class. + not endpointType instanceof Candidate::NegativeEndpointType and + exists(EndpointCharacteristic characteristic | + characteristic.appliesToEndpoint(sink) and + characteristic.hasImplications(endpointType, true, maximalConfidence()) + ) + } + + /** + * Holds if the candidate sink `candidateSink` should be considered as a possible sink of type `sinkType`, and + * classified by the ML model. A candidate sink is a node that cannot be excluded from `sinkType` based on its + * characteristics. + */ + predicate isSinkCandidate(Candidate::Endpoint candidateSink, Candidate::EndpointType sinkType) { + not sinkType instanceof Candidate::NegativeEndpointType and + not exists(getAReasonSinkExcluded(candidateSink, sinkType)) + } + + /** + * Gets the related location of `e` with name `name`, if it exists. + * Otherwise, gets the candidate itself. + */ + Candidate::RelatedLocation getRelatedLocationOrCandidate( + Candidate::Endpoint e, Candidate::RelatedLocationType type + ) { + if exists(Candidate::getRelatedLocation(e, type)) + then result = Candidate::getRelatedLocation(e, type) + else result = Candidate::asLocation(e) + } + + /** + * Gets the list of characteristics that cause `candidateSink` to be excluded as an effective sink for a given sink + * type. + */ + EndpointCharacteristic getAReasonSinkExcluded( + Candidate::Endpoint candidateSink, Candidate::EndpointType sinkType + ) { + // An endpoint is a sink candidate if none of its characteristics give much indication whether or not it is a sink. + not sinkType instanceof Candidate::NegativeEndpointType and + result.appliesToEndpoint(candidateSink) and + ( + // Exclude endpoints that have a characteristic that implies they're not sinks for _any_ sink type. + exists(float confidence | + confidence >= mediumConfidence() and + result.hasImplications(any(Candidate::NegativeEndpointType t), true, confidence) + ) + or + // Exclude endpoints that have a characteristic that implies they're not sinks for _this particular_ sink type. + exists(float confidence | + confidence >= mediumConfidence() and + result.hasImplications(sinkType, false, confidence) + ) + ) + } + + /** + * A set of characteristics that a particular endpoint might have. This set of characteristics is used to make decisions + * about whether to include the endpoint in the training set and with what kind, as well as whether to score the + * endpoint at inference time. + */ + abstract class EndpointCharacteristic extends string { + /** + * Holds for the string that is the name of the characteristic. This should describe some property of an endpoint + * that is meaningful for determining whether it's a sink, and if so, of which sink type. + */ + bindingset[this] + EndpointCharacteristic() { any() } + + /** + * Holds for endpoints that have this characteristic. + */ + abstract predicate appliesToEndpoint(Candidate::Endpoint n); + + /** + * This predicate describes what the characteristic tells us about an endpoint. + * + * Params: + * endpointType: The sink/source type. + * isPositiveIndicator: If true, this characteristic indicates that this endpoint _is_ a member of the class; if + * false, it indicates that it _isn't_ a member of the class. + * confidence: A float in [0, 1], which tells us how strong an indicator this characteristic is for the endpoint + * belonging / not belonging to the given class. A confidence near zero means this characteristic is a very weak + * indicator of whether or not the endpoint belongs to the class. A confidence of 1 means that all endpoints with + * this characteristic definitively do/don't belong to the class. + */ + abstract predicate hasImplications( + Candidate::EndpointType endpointType, boolean isPositiveIndicator, float confidence + ); + + /** Indicators with confidence at or above this threshold are considered to be high-confidence indicators. */ + final float getHighConfidenceThreshold() { result = 0.8 } + } + + /** + * A high-confidence characteristic that indicates that an endpoint is a sink of a specified type. These endpoints can + * be used as positive samples for training or for a few-shot prompt. + */ + abstract class SinkCharacteristic extends EndpointCharacteristic { + bindingset[this] + SinkCharacteristic() { any() } + + abstract Candidate::EndpointType getSinkType(); + + final override predicate hasImplications( + Candidate::EndpointType endpointType, boolean isPositiveIndicator, float confidence + ) { + endpointType = this.getSinkType() and + isPositiveIndicator = true and + confidence = maximalConfidence() + } + } + + /** + * A high-confidence characteristic that indicates that an endpoint is not a sink of any type. These endpoints can be + * used as negative samples for training or for a few-shot prompt. + */ + abstract class NotASinkCharacteristic extends EndpointCharacteristic { + bindingset[this] + NotASinkCharacteristic() { any() } + + override predicate hasImplications( + Candidate::EndpointType endpointType, boolean isPositiveIndicator, float confidence + ) { + endpointType instanceof Candidate::NegativeEndpointType and + isPositiveIndicator = true and + confidence = highConfidence() + } + } + + /** + * A medium-confidence characteristic that indicates that an endpoint is unlikely to be a sink of any type. These + * endpoints can be excluded from scoring at inference time, both to save time and to avoid false positives. They should + * not, however, be used as negative samples for training or for a few-shot prompt, because they may include a small + * number of sinks. + */ + abstract class LikelyNotASinkCharacteristic extends EndpointCharacteristic { + bindingset[this] + LikelyNotASinkCharacteristic() { any() } + + override predicate hasImplications( + Candidate::EndpointType endpointType, boolean isPositiveIndicator, float confidence + ) { + endpointType instanceof Candidate::NegativeEndpointType and + isPositiveIndicator = true and + confidence = mediumConfidence() + } + } + + /** + * A characteristic that indicates not necessarily that an endpoint is not a sink, but rather that it is not a sink + * that's interesting to model in the standard Java libraries. These filters should be removed when extracting sink + * candidates within a user's codebase for customized modeling. + * + * These endpoints should not be used as negative samples for training or for a few-shot prompt, because they are not + * necessarily non-sinks. + */ + abstract class UninterestingToModelCharacteristic extends EndpointCharacteristic { + bindingset[this] + UninterestingToModelCharacteristic() { any() } + + override predicate hasImplications( + Candidate::EndpointType endpointType, boolean isPositiveIndicator, float confidence + ) { + endpointType instanceof Candidate::NegativeEndpointType and + isPositiveIndicator = true and + confidence = mediumConfidence() + } + } + + /** + * Contains default implementations that are derived solely from the `CandidateSig` implementation. + */ + private module DefaultCharacteristicImplementations { + /** + * Endpoints identified as sinks by the `CandidateSig` implementation are sinks with maximal confidence. + */ + private class KnownSinkCharacteristic extends SinkCharacteristic { + string madKind; + Candidate::EndpointType endpointType; + + KnownSinkCharacteristic() { Candidate::isKnownKind(madKind, this, endpointType) } + + override predicate appliesToEndpoint(Candidate::Endpoint e) { Candidate::isSink(e, madKind) } + + override Candidate::EndpointType getSinkType() { result = endpointType } + } + + /** + * A negative characteristic that indicates that an endpoint was manually modeled as a neutral model. + */ + private class NeutralModelCharacteristic extends NotASinkCharacteristic { + NeutralModelCharacteristic() { this = "known non-sink" } + + override predicate appliesToEndpoint(Candidate::Endpoint e) { Candidate::isNeutral(e) } + } + + /** + * A negative characteristic that indicates that an endpoint is not part of the source code for the project being + * analyzed. + */ + private class IsSanitizerCharacteristic extends NotASinkCharacteristic { + IsSanitizerCharacteristic() { this = "external" } + + override predicate appliesToEndpoint(Candidate::Endpoint e) { Candidate::isSanitizer(e, _) } + } + } +} diff --git a/java/ql/src/Telemetry/AutomodelSharedUtil.qll b/java/ql/src/Telemetry/AutomodelSharedUtil.qll new file mode 100644 index 00000000000..e03e46abd1d --- /dev/null +++ b/java/ql/src/Telemetry/AutomodelSharedUtil.qll @@ -0,0 +1,21 @@ +/** + * A helper class to represent a string value that can be returned by a query using $@ notation. + * + * It extends `string`, but adds a mock `hasLocationInfo` method that returns the string itself as the file name. + * + * Use this, when you want to return a string value from a query using $@ notation - the string value + * will be included in the sarif file. + * + * + * Background information on `hasLocationInfo`: + * https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/#providing-location-information + */ +class DollarAtString extends string { + bindingset[this] + DollarAtString() { any() } + + bindingset[this] + predicate hasLocationInfo(string path, int sl, int sc, int el, int ec) { + path = this and sl = 1 and sc = 1 and el = 1 and ec = 1 + } +} diff --git a/java/ql/src/Telemetry/ExternalApi.qll b/java/ql/src/Telemetry/ExternalApi.qll index 6189d12ba25..a8624f8fef6 100644 --- a/java/ql/src/Telemetry/ExternalApi.qll +++ b/java/ql/src/Telemetry/ExternalApi.qll @@ -10,10 +10,6 @@ private import semmle.code.java.dataflow.internal.FlowSummaryImpl as FlowSummary private import semmle.code.java.dataflow.TaintTracking private import semmle.code.java.dataflow.internal.ModelExclusions -private string containerAsJar(Container container) { - if container instanceof JarFile then result = container.getBaseName() else result = "rt.jar" -} - /** Holds if the given callable is not worth supporting. */ private predicate isUninteresting(Callable c) { c.getDeclaringType() instanceof TestLibrary or @@ -35,10 +31,18 @@ class ExternalApi extends Callable { "#" + this.getName() + paramsString(this) } + private string getJarName() { + result = this.getCompilationUnit().getParentContainer*().(JarFile).getBaseName() + } + /** * Gets the jar file containing this API. Normalizes the Java Runtime to "rt.jar" despite the presence of modules. */ - string jarContainer() { result = containerAsJar(this.getCompilationUnit().getParentContainer*()) } + string jarContainer() { + result = this.getJarName() + or + not exists(this.getJarName()) and result = "rt.jar" + } /** Gets a node that is an input to a call to this API. */ private DataFlow::Node getAnInput() { diff --git a/java/ql/src/Violations of Best Practice/Implementation Hiding/ExposeRepresentation.ql b/java/ql/src/Violations of Best Practice/Implementation Hiding/ExposeRepresentation.ql index 9f24744fa0c..2889de0b5cf 100644 --- a/java/ql/src/Violations of Best Practice/Implementation Hiding/ExposeRepresentation.ql +++ b/java/ql/src/Violations of Best Practice/Implementation Hiding/ExposeRepresentation.ql @@ -128,4 +128,4 @@ where not exists(Property p | p.getBackingField() = f) select c, c.getName() + " exposes the internal representation stored in field " + f.getName() + - ". The value may be modified $@.", why.getLocation(), whyText + ". The value may be modified $@.", why, whyText diff --git a/java/ql/src/change-notes/2023-06-05-lines-of-code.md b/java/ql/src/change-notes/2023-06-05-lines-of-code.md new file mode 100644 index 00000000000..a96c891e506 --- /dev/null +++ b/java/ql/src/change-notes/2023-06-05-lines-of-code.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* The `java/summary/lines-of-code` query now only counts lines of Java code. The new `java/summary/lines-of-code-kotlin` counts lines of Kotlin code. diff --git a/java/ql/src/change-notes/released/0.6.2.md b/java/ql/src/change-notes/released/0.6.2.md new file mode 100644 index 00000000000..50a5ff81b8f --- /dev/null +++ b/java/ql/src/change-notes/released/0.6.2.md @@ -0,0 +1,7 @@ +## 0.6.2 + +### Minor Analysis Improvements + +* The query `java/groovy-injection` now recognizes `groovy.text.TemplateEngine.createTemplate` as a sink. +* The queries `java/xxe` and `java/xxe-local` now recognize the second argument of calls to `XPath.evaluate` as a sink. +* Experimental sinks for the query "Resolving XML external entity in user-controlled data" (`java/xxe`) have been promoted to the main query pack. These sinks were originally [submitted as part of an experimental query by @haby0](https://github.com/github/codeql/pull/6564). diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml index 80fb0899f64..5501a2a1cc5 100644 --- a/java/ql/src/codeql-pack.release.yml +++ b/java/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.1 +lastReleaseVersion: 0.6.2 diff --git a/java/ql/src/experimental/Security/CWE/CWE-073/FilePathInjection.ql b/java/ql/src/experimental/Security/CWE/CWE-073/FilePathInjection.ql index 8e113837bca..ba3411e4da2 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-073/FilePathInjection.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-073/FilePathInjection.ql @@ -16,7 +16,6 @@ import java import semmle.code.java.dataflow.TaintTracking import semmle.code.java.dataflow.ExternalFlow import semmle.code.java.dataflow.FlowSources -import semmle.code.java.security.PathCreation import JFinalController import semmle.code.java.security.PathSanitizer import InjectFilePathFlow::PathGraph @@ -52,7 +51,7 @@ module InjectFilePathConfig implements DataFlow::ConfigSig { predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource } predicate isSink(DataFlow::Node sink) { - sink.asExpr() = any(PathCreation p).getAnInput() and + sinkNode(sink, "path-injection") and not sink instanceof NormalizedPathNode } diff --git a/java/ql/src/experimental/Security/CWE/CWE-089/MyBatisCommonLib.qll b/java/ql/src/experimental/Security/CWE/CWE-089/MyBatisCommonLib.qll index 85d3f36dfdf..377c7f74bd4 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-089/MyBatisCommonLib.qll +++ b/java/ql/src/experimental/Security/CWE/CWE-089/MyBatisCommonLib.qll @@ -56,9 +56,6 @@ predicate myBatisMapperXmlElementFromMethod(Method method, MyBatisMapperXmlEleme ) } -/** DEPRECATED: Alias for myBatisMapperXmlElementFromMethod */ -deprecated predicate myBatisMapperXMLElementFromMethod = myBatisMapperXmlElementFromMethod/2; - /** Holds if the specified `method` has Ibatis Sql operation annotation `isoa`. */ predicate myBatisSqlOperationAnnotationFromMethod(Method method, IbatisSqlOperationAnnotation isoa) { exists(MyBatisSqlOperationAnnotationMethod msoam | diff --git a/java/ql/src/experimental/Security/CWE/CWE-200/AndroidFileIntentSink.qll b/java/ql/src/experimental/Security/CWE/CWE-200/AndroidFileIntentSink.qll index e8795a25431..ba6c895dc8f 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-200/AndroidFileIntentSink.qll +++ b/java/ql/src/experimental/Security/CWE/CWE-200/AndroidFileIntentSink.qll @@ -8,7 +8,7 @@ import semmle.code.java.frameworks.android.Intent /** A sink representing methods creating a file in Android. */ class AndroidFileSink extends DataFlow::Node { - AndroidFileSink() { sinkNode(this, "create-file") } + AndroidFileSink() { sinkNode(this, "path-injection") } } /** diff --git a/java/ql/src/experimental/Security/CWE/CWE-552/UnsafeUrlForward.qll b/java/ql/src/experimental/Security/CWE/CWE-552/UnsafeUrlForward.qll index bff6a0a3893..3b5a8940239 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-552/UnsafeUrlForward.qll +++ b/java/ql/src/experimental/Security/CWE/CWE-552/UnsafeUrlForward.qll @@ -89,7 +89,7 @@ class GetVirtualFileChildMethod extends Method { /** An argument to `getResource()` or `getResourceAsStream()`. */ private class GetResourceSink extends UnsafeUrlForwardSink { GetResourceSink() { - sinkNode(this, "open-url") + sinkNode(this, "request-forgery") or sinkNode(this, "get-resource") or diff --git a/java/ql/src/experimental/Security/CWE/CWE-611/XXE.java b/java/ql/src/experimental/Security/CWE/CWE-611/XXE.java deleted file mode 100644 index b56914235a7..00000000000 --- a/java/ql/src/experimental/Security/CWE/CWE-611/XXE.java +++ /dev/null @@ -1,85 +0,0 @@ -import java.beans.XMLDecoder; -import java.io.BufferedReader; -import javax.servlet.ServletInputStream; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.xml.transform.stream.StreamSource; -import javax.xml.validation.Schema; -import javax.xml.validation.SchemaFactory; -import javax.xml.validation.Validator; -import org.apache.commons.digester3.Digester; -import org.dom4j.Document; -import org.dom4j.DocumentHelper; -import org.springframework.stereotype.Controller; -import org.springframework.web.bind.annotation.PostMapping; - -@Controller -public class XxeController { - - @PostMapping(value = "xxe1") - public void bad1(HttpServletRequest request, HttpServletResponse response) throws Exception { - ServletInputStream servletInputStream = request.getInputStream(); - Digester digester = new Digester(); - digester.parse(servletInputStream); - } - - @PostMapping(value = "xxe2") - public void bad2(HttpServletRequest request) throws Exception { - BufferedReader br = request.getReader(); - String str = ""; - StringBuilder listString = new StringBuilder(); - while ((str = br.readLine()) != null) { - listString.append(str).append("\n"); - } - Document document = DocumentHelper.parseText(listString.toString()); - } - - @PostMapping(value = "xxe3") - public void bad3(HttpServletRequest request) throws Exception { - ServletInputStream servletInputStream = request.getInputStream(); - SchemaFactory factory = SchemaFactory.newInstance("http://www.w3.org/2001/XMLSchema"); - Schema schema = factory.newSchema(); - Validator validator = schema.newValidator(); - StreamSource source = new StreamSource(servletInputStream); - validator.validate(source); - } - - @PostMapping(value = "xxe4") - public void bad4(HttpServletRequest request) throws Exception { - ServletInputStream servletInputStream = request.getInputStream(); - XMLDecoder xmlDecoder = new XMLDecoder(servletInputStream); - xmlDecoder.readObject(); - } - - @PostMapping(value = "good1") - public void good1(HttpServletRequest request, HttpServletResponse response) throws Exception { - BufferedReader br = request.getReader(); - String str = ""; - StringBuilder listString = new StringBuilder(); - while ((str = br.readLine()) != null) { - listString.append(str); - } - Digester digester = new Digester(); - digester.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true); - digester.setFeature("http://xml.org/sax/features/external-general-entities", false); - digester.setFeature("http://xml.org/sax/features/external-parameter-entities", false); - digester.parse(listString.toString()); - } - - @PostMapping(value = "good2") - public void good2(HttpServletRequest request, HttpServletResponse response) throws Exception { - BufferedReader br = request.getReader(); - String str = ""; - StringBuilder listString = new StringBuilder(); - while ((str = br.readLine()) != null) { - listString.append(str).append("\n"); - } - SchemaFactory factory = SchemaFactory.newInstance("http://www.w3.org/2001/XMLSchema"); - Schema schema = factory.newSchema(); - Validator validator = schema.newValidator(); - validator.setProperty("http://javax.xml.XMLConstants/property/accessExternalDTD", ""); - validator.setProperty("http://javax.xml.XMLConstants/property/accessExternalSchema", ""); - StreamSource source = new StreamSource(listString.toString()); - validator.validate(source); - } -} diff --git a/java/ql/src/experimental/Security/CWE/CWE-611/XXE.qhelp b/java/ql/src/experimental/Security/CWE/CWE-611/XXE.qhelp deleted file mode 100644 index c3cc04fdacb..00000000000 --- a/java/ql/src/experimental/Security/CWE/CWE-611/XXE.qhelp +++ /dev/null @@ -1,67 +0,0 @@ - - - - -

    -Parsing untrusted XML files with a weakly configured XML parser may lead to an XML External Entity (XXE) attack. This type of attack -uses external entity references to access arbitrary files on a system, carry out denial of service, or server side -request forgery. Even when the result of parsing is not returned to the user, out-of-band -data retrieval techniques may allow attackers to steal sensitive data. Denial of services can also be -carried out in this situation. -

    -

    -There are many XML parsers for Java, and most of them are vulnerable to XXE because their default settings enable parsing of -external entities. This query currently identifies vulnerable XML parsing from the following parsers: javax.xml.validation.Validator, -org.dom4j.DocumentHelper, org.rundeck.api.parser.ParserHelper, org.apache.commons.digester3.Digester, -org.apache.commons.digester.Digester, org.apache.tomcat.util.digester.Digester, java.beans.XMLDecoder. -

    -     - - -

    -The best way to prevent XXE attacks is to disable the parsing of any Document Type Declarations (DTDs) in untrusted data. -If this is not possible you should disable the parsing of external general entities and external parameter entities. -This improves security but the code will still be at risk of denial of service and server side request forgery attacks. -Protection against denial of service attacks may also be implemented by setting entity expansion limits, which is done -by default in recent JDK and JRE implementations. -

    -     - - -

    -The following bad examples parses the xml data entered by the user under an unsafe configuration, which is inherently insecure and may cause xml entity injection. -In good examples, the security configuration is carried out, for example: Disable DTD to protect the program from XXE attacks. -

    - -     - - - -
  • -OWASP vulnerability description: -XML External Entity (XXE) Processing. -
    • -
  • -OWASP guidance on parsing xml files: -XXE Prevention Cheat Sheet. -
    • -
  • -Paper by Timothy Morgen: -XML Schema, DTD, and Entity Attacks -
    • -
  • -Out-of-band data retrieval: Timur Yunusov & Alexey Osipov, Black hat EU 2013: -XML Out-Of-Band Data Retrieval. -
    • -
  • -Denial of service attack (Billion laughs): -Billion Laughs. -
    • -
  • -The Java Tutorials: -Processing Limit Definitions. -
    • - -     - -     diff --git a/java/ql/src/experimental/Security/CWE/CWE-611/XXE.ql b/java/ql/src/experimental/Security/CWE/CWE-611/XXE.ql deleted file mode 100644 index 118fbd5dcaa..00000000000 --- a/java/ql/src/experimental/Security/CWE/CWE-611/XXE.ql +++ /dev/null @@ -1,32 +0,0 @@ -/** - * @name Resolving XML external entity in user-controlled data (experimental sinks) - * @description Parsing user-controlled XML documents and allowing expansion of external entity - * references may lead to disclosure of confidential data or denial of service. - * (note this version differs from query `java/xxe` by including support for additional possibly-vulnerable XML parsers) - * @kind path-problem - * @problem.severity error - * @precision high - * @id java/xxe-with-experimental-sinks - * @tags security - * experimental - * external/cwe/cwe-611 - */ - -import java -import XXELib -import semmle.code.java.dataflow.TaintTracking -import semmle.code.java.dataflow.FlowSources -import XxeFlow::PathGraph - -module XxeConfig implements DataFlow::ConfigSig { - predicate isSource(DataFlow::Node src) { src instanceof RemoteFlowSource } - - predicate isSink(DataFlow::Node sink) { sink instanceof UnsafeXxeSink } -} - -module XxeFlow = TaintTracking::Global; - -from XxeFlow::PathNode source, XxeFlow::PathNode sink -where XxeFlow::flowPath(source, sink) -select sink.getNode(), source, sink, "Unsafe parsing of XML file from $@.", source.getNode(), - "user input" diff --git a/java/ql/src/experimental/Security/CWE/CWE-611/XXELib.qll b/java/ql/src/experimental/Security/CWE/CWE-611/XXELib.qll deleted file mode 100644 index eb3cb3d269b..00000000000 --- a/java/ql/src/experimental/Security/CWE/CWE-611/XXELib.qll +++ /dev/null @@ -1,246 +0,0 @@ -import java -import semmle.code.java.dataflow.DataFlow3 -import semmle.code.java.dataflow.DataFlow4 -import semmle.code.java.dataflow.DataFlow5 -import semmle.code.java.security.XmlParsers -private import semmle.code.java.dataflow.SSA - -/** A data flow sink for untrusted user input used to insecure xml parse. */ -class UnsafeXxeSink extends DataFlow::ExprNode { - UnsafeXxeSink() { - exists(XmlParserCall parse | - parse.getSink() = this.getExpr() and - not parse.isSafe() - ) - } -} - -/** The class `org.rundeck.api.parser.ParserHelper`. */ -class ParserHelper extends RefType { - ParserHelper() { this.hasQualifiedName("org.rundeck.api.parser", "ParserHelper") } -} - -/** A call to `ParserHelper.loadDocument`. */ -class ParserHelperLoadDocument extends XmlParserCall { - ParserHelperLoadDocument() { - exists(Method m | - this.getMethod() = m and - m.getDeclaringType() instanceof ParserHelper and - m.hasName("loadDocument") - ) - } - - override Expr getSink() { result = this.getArgument(0) } - - override predicate isSafe() { none() } -} - -/** The class `javax.xml.validation.Validator`. */ -class Validator extends RefType { - Validator() { this.hasQualifiedName("javax.xml.validation", "Validator") } -} - -/** A call to `Validator.validate`. */ -class ValidatorValidate extends XmlParserCall { - ValidatorValidate() { - exists(Method m | - this.getMethod() = m and - m.getDeclaringType() instanceof Validator and - m.hasName("validate") - ) - } - - override Expr getSink() { result = this.getArgument(0) } - - override predicate isSafe() { SafeValidatorFlow::flowToExpr(this.getQualifier()) } -} - -/** A `ParserConfig` specific to `Validator`. */ -class ValidatorConfig extends TransformerConfig { - ValidatorConfig() { - exists(Method m | - this.getMethod() = m and - m.getDeclaringType() instanceof Validator and - m.hasName("setProperty") - ) - } -} - -/** A safely configured `Validator`. */ -class SafeValidator extends VarAccess { - SafeValidator() { - exists(Variable v | v = this.getVariable() | - exists(ValidatorConfig config | config.getQualifier() = v.getAnAccess() | - config.disables(configAccessExternalDtd()) - ) and - exists(ValidatorConfig config | config.getQualifier() = v.getAnAccess() | - config.disables(configAccessExternalSchema()) - ) - ) - } -} - -private module SafeValidatorFlowConfig implements DataFlow::ConfigSig { - predicate isSource(DataFlow::Node src) { src.asExpr() instanceof SafeValidator } - - predicate isSink(DataFlow::Node sink) { - exists(MethodAccess ma | - sink.asExpr() = ma.getQualifier() and - ma.getMethod().getDeclaringType() instanceof Validator - ) - } - - int fieldFlowBranchLimit() { result = 0 } -} - -private module SafeValidatorFlow = DataFlow::Global; - -/** - * The classes `org.apache.commons.digester3.Digester`, `org.apache.commons.digester.Digester` or `org.apache.tomcat.util.digester.Digester`. - */ -class Digester extends RefType { - Digester() { - this.hasQualifiedName([ - "org.apache.commons.digester3", "org.apache.commons.digester", - "org.apache.tomcat.util.digester" - ], "Digester") - } -} - -/** A call to `Digester.parse`. */ -class DigesterParse extends XmlParserCall { - DigesterParse() { - exists(Method m | - this.getMethod() = m and - m.getDeclaringType() instanceof Digester and - m.hasName("parse") - ) - } - - override Expr getSink() { result = this.getArgument(0) } - - override predicate isSafe() { SafeDigesterFlow::flowToExpr(this.getQualifier()) } -} - -/** A `ParserConfig` that is specific to `Digester`. */ -class DigesterConfig extends ParserConfig { - DigesterConfig() { - exists(Method m | - m = this.getMethod() and - m.getDeclaringType() instanceof Digester and - m.hasName("setFeature") - ) - } -} - -/** - * A safely configured `Digester`. - */ -class SafeDigester extends VarAccess { - SafeDigester() { - exists(Variable v | v = this.getVariable() | - exists(DigesterConfig config | config.getQualifier() = v.getAnAccess() | - config.enables(singleSafeConfig()) - ) - or - exists(DigesterConfig config | config.getQualifier() = v.getAnAccess() | - config - .disables(any(ConstantStringExpr s | - s.getStringValue() = "http://xml.org/sax/features/external-general-entities" - )) - ) and - exists(DigesterConfig config | config.getQualifier() = v.getAnAccess() | - config - .disables(any(ConstantStringExpr s | - s.getStringValue() = "http://xml.org/sax/features/external-parameter-entities" - )) - ) and - exists(DigesterConfig config | config.getQualifier() = v.getAnAccess() | - config - .disables(any(ConstantStringExpr s | - s.getStringValue() = - "http://apache.org/xml/features/nonvalidating/load-external-dtd" - )) - ) - ) - } -} - -private module SafeDigesterFlowConfig implements DataFlow::ConfigSig { - predicate isSource(DataFlow::Node src) { src.asExpr() instanceof SafeDigester } - - predicate isSink(DataFlow::Node sink) { - exists(MethodAccess ma | - sink.asExpr() = ma.getQualifier() and ma.getMethod().getDeclaringType() instanceof Digester - ) - } - - int fieldFlowBranchLimit() { result = 0 } -} - -private module SafeDigesterFlow = DataFlow::Global; - -/** The class `java.beans.XMLDecoder`. */ -class XmlDecoder extends RefType { - XmlDecoder() { this.hasQualifiedName("java.beans", "XMLDecoder") } -} - -/** DEPRECATED: Alias for XmlDecoder */ -deprecated class XMLDecoder = XmlDecoder; - -/** A call to `XMLDecoder.readObject`. */ -class XmlDecoderReadObject extends XmlParserCall { - XmlDecoderReadObject() { - exists(Method m | - this.getMethod() = m and - m.getDeclaringType() instanceof XmlDecoder and - m.hasName("readObject") - ) - } - - override Expr getSink() { result = this.getQualifier() } - - override predicate isSafe() { none() } -} - -/** DEPRECATED: Alias for XmlDecoderReadObject */ -deprecated class XMLDecoderReadObject = XmlDecoderReadObject; - -private predicate constantStringExpr(Expr e, string val) { - e.(CompileTimeConstantExpr).getStringValue() = val - or - exists(SsaExplicitUpdate v, Expr src | - e = v.getAUse() and - src = v.getDefiningExpr().(VariableAssign).getSource() and - constantStringExpr(src, val) - ) -} - -/** A call to `SAXTransformerFactory.newTransformerHandler`. */ -class SaxTransformerFactoryNewTransformerHandler extends XmlParserCall { - SaxTransformerFactoryNewTransformerHandler() { - exists(Method m | - this.getMethod() = m and - m.getDeclaringType().hasQualifiedName("javax.xml.transform.sax", "SAXTransformerFactory") and - m.hasName("newTransformerHandler") - ) - } - - override Expr getSink() { result = this.getArgument(0) } - - override predicate isSafe() { SafeTransformerFactoryFlow::flowToExpr(this.getQualifier()) } -} - -/** DEPRECATED: Alias for SaxTransformerFactoryNewTransformerHandler */ -deprecated class SAXTransformerFactoryNewTransformerHandler = - SaxTransformerFactoryNewTransformerHandler; - -/** An expression that always has the same string value. */ -private class ConstantStringExpr extends Expr { - string value; - - ConstantStringExpr() { constantStringExpr(this, value) } - - /** Get the string value of this expression. */ - string getStringValue() { result = value } -} diff --git a/java/ql/src/experimental/Security/CWE/CWE-611/XXELocal.qhelp b/java/ql/src/experimental/Security/CWE/CWE-611/XXELocal.qhelp deleted file mode 100644 index 4dc505dec6a..00000000000 --- a/java/ql/src/experimental/Security/CWE/CWE-611/XXELocal.qhelp +++ /dev/null @@ -1,5 +0,0 @@ - - - \ No newline at end of file diff --git a/java/ql/src/experimental/Security/CWE/CWE-611/XXELocal.ql b/java/ql/src/experimental/Security/CWE/CWE-611/XXELocal.ql deleted file mode 100644 index 99e65fa99e8..00000000000 --- a/java/ql/src/experimental/Security/CWE/CWE-611/XXELocal.ql +++ /dev/null @@ -1,34 +0,0 @@ -/** - * @name Resolving XML external entity from a local source (experimental sinks) - * @description Parsing user-controlled XML documents and allowing expansion of external entity - * references may lead to disclosure of confidential data or denial of service. - * (note this version differs from query `java/xxe` by including support for additional possibly-vulnerable XML parsers, - * and by considering local information sources dangerous (e.g. environment variables) in addition to the remote sources - * considered by the normal `java/xxe` query) - * @kind path-problem - * @problem.severity recommendation - * @precision medium - * @id java/xxe-local-experimental-sinks - * @tags security - * experimental - * external/cwe/cwe-611 - */ - -import java -import XXELib -import semmle.code.java.dataflow.TaintTracking -import semmle.code.java.dataflow.FlowSources -import XxeLocalFlow::PathGraph - -module XxeLocalConfig implements DataFlow::ConfigSig { - predicate isSource(DataFlow::Node src) { src instanceof LocalUserInput } - - predicate isSink(DataFlow::Node sink) { sink instanceof UnsafeXxeSink } -} - -module XxeLocalFlow = TaintTracking::Global; - -from XxeLocalFlow::PathNode source, XxeLocalFlow::PathNode sink -where XxeLocalFlow::flowPath(source, sink) -select sink.getNode(), source, sink, "Unsafe parsing of XML file from $@.", source.getNode(), - "user input" diff --git a/java/ql/src/experimental/semmle/code/xml/StrutsXML.qll b/java/ql/src/experimental/semmle/code/xml/StrutsXML.qll index 874d8448640..8d829612d95 100644 --- a/java/ql/src/experimental/semmle/code/xml/StrutsXML.qll +++ b/java/ql/src/experimental/semmle/code/xml/StrutsXML.qll @@ -10,9 +10,6 @@ class StrutsXmlFile extends XmlFile { } } -/** DEPRECATED: Alias for StrutsXmlFile */ -deprecated class StrutsXMLFile = StrutsXmlFile; - /** * An XML element in a `StrutsXMLFile`. */ @@ -25,9 +22,6 @@ class StrutsXmlElement extends XmlElement { string getValue() { result = this.allCharactersString().trim() } } -/** DEPRECATED: Alias for StrutsXmlElement */ -deprecated class StrutsXMLElement = StrutsXmlElement; - /** * A `` element in a `StrutsXMLFile`. */ diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index bc528c5c590..2da31e822ff 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 0.6.2-dev +version: 0.6.3-dev groups: - java - queries @@ -12,4 +12,4 @@ dependencies: codeql/util: ${workspace} dataExtensions: - Telemetry/ExtractorInformation.yml -warnOmImplicitThis: true +warnOnImplicitThis: true diff --git a/java/ql/src/semmle/code/xml/MyBatisMapperXML.qll b/java/ql/src/semmle/code/xml/MyBatisMapperXML.qll index c7de1b8b945..529a627e96f 100644 --- a/java/ql/src/semmle/code/xml/MyBatisMapperXML.qll +++ b/java/ql/src/semmle/code/xml/MyBatisMapperXML.qll @@ -14,9 +14,6 @@ class MyBatisMapperXmlFile extends XmlFile { } } -/** DEPRECATED: Alias for MyBatisMapperXmlFile */ -deprecated class MyBatisMapperXMLFile = MyBatisMapperXmlFile; - /** * An XML element in a `MyBatisMapperXMLFile`. */ @@ -36,9 +33,6 @@ class MyBatisMapperXmlElement extends XmlElement { } } -/** DEPRECATED: Alias for MyBatisMapperXmlElement */ -deprecated class MyBatisMapperXMLElement = MyBatisMapperXmlElement; - /** * An MyBatis Mapper sql operation element. */ diff --git a/java/ql/src/utils/flowtestcasegenerator/GenerateFlowTestCase.py b/java/ql/src/utils/flowtestcasegenerator/GenerateFlowTestCase.py index 5e35ca52dd1..1cc943a78ec 100755 --- a/java/ql/src/utils/flowtestcasegenerator/GenerateFlowTestCase.py +++ b/java/ql/src/utils/flowtestcasegenerator/GenerateFlowTestCase.py @@ -18,7 +18,7 @@ GenerateFlowTestCase.py specsToTest projectPom.xml outdir [--force] This generates test cases exercising function model specifications found in specsToTest producing files Test.java, test.ql, test.ext.yml and test.expected in outdir. -specsToTest should either be a .csv file, a .yml file, or a directory of .yml files, containing the +specsToTest should either be a .csv file, a .yml file, or a directory of .yml files, containing the model specifications to test. projectPom.xml should be a Maven pom sufficient to resolve the classes named in specsToTest.csv. @@ -276,7 +276,7 @@ if len(supportModelRows) != 0: modelSpecRow[0].strip() for modelSpecRow in supportModelRows) dataextensions = f"""extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: {models} diff --git a/java/ql/src/utils/modelgenerator/internal/CaptureModelsSpecific.qll b/java/ql/src/utils/modelgenerator/internal/CaptureModelsSpecific.qll index fcc1ef97ecc..7877594519a 100644 --- a/java/ql/src/utils/modelgenerator/internal/CaptureModelsSpecific.qll +++ b/java/ql/src/utils/modelgenerator/internal/CaptureModelsSpecific.qll @@ -250,9 +250,9 @@ string asInputArgumentSpecific(DataFlow::Node source) { */ bindingset[kind] predicate isRelevantSinkKind(string kind) { - not kind = "logging" and + not kind = "log-injection" and not kind.matches("regex-use%") and - not kind = "write-file" + not kind = "file-content-store" } /** diff --git a/java/ql/src/utils/stub-generator/Stubs.qll b/java/ql/src/utils/stub-generator/Stubs.qll index 785f621cba0..889bc6b466c 100644 --- a/java/ql/src/utils/stub-generator/Stubs.qll +++ b/java/ql/src/utils/stub-generator/Stubs.qll @@ -285,15 +285,25 @@ private string stubQualifier(RefType t) { else result = "" } +pragma[nomagic] +private predicate needsPackageNameHelper(RefType t, GeneratedTopLevel top, string name) { + t.getSourceDeclaration() = + pragma[only_bind_out]([getAReferencedType(top), top].getSourceDeclaration()) and + name = t.getName() +} + +pragma[nomagic] +private predicate describesMultipleTypes(GeneratedTopLevel top, string name) { + 2 <= strictcount(RefType t | needsPackageNameHelper(t, top, name)) +} + /** * Holds if `t` may clash with another type of the same name, so should be referred to using the fully qualified name */ private predicate needsPackageName(RefType t) { - exists(GeneratedTopLevel top, RefType other | - t.getSourceDeclaration() = [getAReferencedType(top), top].getSourceDeclaration() and - other.getSourceDeclaration() = [getAReferencedType(top), top].getSourceDeclaration() and - t.getName() = other.getName() and - t != other + exists(GeneratedTopLevel top, string name | + needsPackageNameHelper(t, top, name) and + describesMultipleTypes(top, name) ) } diff --git a/java/ql/test/TestUtilities/InlineFlowTest.qll b/java/ql/test/TestUtilities/InlineFlowTest.qll index 0700708fcb7..5e37770a279 100644 --- a/java/ql/test/TestUtilities/InlineFlowTest.qll +++ b/java/ql/test/TestUtilities/InlineFlowTest.qll @@ -7,7 +7,7 @@ * import TestUtilities.InlineFlowTest * ``` * - * To declare expecations, you can use the $hasTaintFlow or $hasValueFlow comments within the test source files. + * To declare expectations, you can use the $hasTaintFlow or $hasValueFlow comments within the test source files. * Example of the corresponding test file, e.g. Test.java * ```java * public class Test { @@ -73,7 +73,7 @@ class InlineFlowTest extends InlineExpectationsTest { override predicate hasActualResult(Location location, string element, string tag, string value) { tag = "hasValueFlow" and - exists(DataFlow::Node src, DataFlow::Node sink | hasValueFlow(src, sink) | + exists(DataFlow::Node src, DataFlow::Node sink | this.hasValueFlow(src, sink) | sink.getLocation() = location and element = sink.toString() and if exists(getSourceArgString(src)) then value = getSourceArgString(src) else value = "" @@ -81,7 +81,7 @@ class InlineFlowTest extends InlineExpectationsTest { or tag = "hasTaintFlow" and exists(DataFlow::Node src, DataFlow::Node sink | - hasTaintFlow(src, sink) and not hasValueFlow(src, sink) + this.hasTaintFlow(src, sink) and not this.hasValueFlow(src, sink) | sink.getLocation() = location and element = sink.toString() and diff --git a/java/ql/test/experimental/query-tests/security/CWE-073/FilePathInjection.expected b/java/ql/test/experimental/query-tests/security/CWE-073/FilePathInjection.expected index 5720de5c4b9..cd2b49f28c1 100644 --- a/java/ql/test/experimental/query-tests/security/CWE-073/FilePathInjection.expected +++ b/java/ql/test/experimental/query-tests/security/CWE-073/FilePathInjection.expected @@ -2,7 +2,12 @@ edges | FilePathInjection.java:21:21:21:34 | getPara(...) : String | FilePathInjection.java:26:47:26:59 | finalFilePath | | FilePathInjection.java:64:21:64:34 | getPara(...) : String | FilePathInjection.java:72:47:72:59 | finalFilePath | | FilePathInjection.java:87:21:87:34 | getPara(...) : String | FilePathInjection.java:95:47:95:59 | finalFilePath | +| FilePathInjection.java:177:50:177:58 | file : File | FilePathInjection.java:182:30:182:33 | file | | FilePathInjection.java:205:17:205:44 | getParameter(...) : String | FilePathInjection.java:209:24:209:31 | filePath | +| FilePathInjection.java:205:17:205:44 | getParameter(...) : String | FilePathInjection.java:209:24:209:31 | filePath : String | +| FilePathInjection.java:209:15:209:32 | new File(...) : File | FilePathInjection.java:217:19:217:22 | file : File | +| FilePathInjection.java:209:24:209:31 | filePath : String | FilePathInjection.java:209:15:209:32 | new File(...) : File | +| FilePathInjection.java:217:19:217:22 | file : File | FilePathInjection.java:177:50:177:58 | file : File | nodes | FilePathInjection.java:21:21:21:34 | getPara(...) : String | semmle.label | getPara(...) : String | | FilePathInjection.java:26:47:26:59 | finalFilePath | semmle.label | finalFilePath | @@ -10,11 +15,17 @@ nodes | FilePathInjection.java:72:47:72:59 | finalFilePath | semmle.label | finalFilePath | | FilePathInjection.java:87:21:87:34 | getPara(...) : String | semmle.label | getPara(...) : String | | FilePathInjection.java:95:47:95:59 | finalFilePath | semmle.label | finalFilePath | +| FilePathInjection.java:177:50:177:58 | file : File | semmle.label | file : File | +| FilePathInjection.java:182:30:182:33 | file | semmle.label | file | | FilePathInjection.java:205:17:205:44 | getParameter(...) : String | semmle.label | getParameter(...) : String | +| FilePathInjection.java:209:15:209:32 | new File(...) : File | semmle.label | new File(...) : File | | FilePathInjection.java:209:24:209:31 | filePath | semmle.label | filePath | +| FilePathInjection.java:209:24:209:31 | filePath : String | semmle.label | filePath : String | +| FilePathInjection.java:217:19:217:22 | file : File | semmle.label | file : File | subpaths #select | FilePathInjection.java:26:47:26:59 | finalFilePath | FilePathInjection.java:21:21:21:34 | getPara(...) : String | FilePathInjection.java:26:47:26:59 | finalFilePath | External control of file name or path due to $@. | FilePathInjection.java:21:21:21:34 | getPara(...) | user-provided value | | FilePathInjection.java:72:47:72:59 | finalFilePath | FilePathInjection.java:64:21:64:34 | getPara(...) : String | FilePathInjection.java:72:47:72:59 | finalFilePath | External control of file name or path due to $@. | FilePathInjection.java:64:21:64:34 | getPara(...) | user-provided value | | FilePathInjection.java:95:47:95:59 | finalFilePath | FilePathInjection.java:87:21:87:34 | getPara(...) : String | FilePathInjection.java:95:47:95:59 | finalFilePath | External control of file name or path due to $@. | FilePathInjection.java:87:21:87:34 | getPara(...) | user-provided value | +| FilePathInjection.java:182:30:182:33 | file | FilePathInjection.java:205:17:205:44 | getParameter(...) : String | FilePathInjection.java:182:30:182:33 | file | External control of file name or path due to $@. | FilePathInjection.java:205:17:205:44 | getParameter(...) | user-provided value | | FilePathInjection.java:209:24:209:31 | filePath | FilePathInjection.java:205:17:205:44 | getParameter(...) : String | FilePathInjection.java:209:24:209:31 | filePath | External control of file name or path due to $@. | FilePathInjection.java:205:17:205:44 | getParameter(...) | user-provided value | diff --git a/java/ql/test/experimental/query-tests/security/CWE-552/UnsafeUrlForward.expected b/java/ql/test/experimental/query-tests/security/CWE-552/UnsafeUrlForward.expected index 11a8bc6c248..a39906b4115 100644 --- a/java/ql/test/experimental/query-tests/security/CWE-552/UnsafeUrlForward.expected +++ b/java/ql/test/experimental/query-tests/security/CWE-552/UnsafeUrlForward.expected @@ -3,6 +3,7 @@ edges | UnsafeLoadSpringResource.java:31:27:31:57 | new ClassPathResource(...) : ClassPathResource | UnsafeLoadSpringResource.java:35:31:35:33 | clr | | UnsafeLoadSpringResource.java:31:49:31:56 | fileName : String | UnsafeLoadSpringResource.java:31:27:31:57 | new ClassPathResource(...) : ClassPathResource | | UnsafeLoadSpringResource.java:68:32:68:77 | fileName : String | UnsafeLoadSpringResource.java:76:38:76:45 | fileName | +| UnsafeLoadSpringResource.java:108:32:108:77 | fileName : String | UnsafeLoadSpringResource.java:116:51:116:58 | fileName | | UnsafeRequestPath.java:20:17:20:63 | getServletPath(...) : String | UnsafeRequestPath.java:23:33:23:36 | path | | UnsafeResourceGet2.java:16:32:16:79 | getRequestParameterMap(...) : Map | UnsafeResourceGet2.java:17:20:17:25 | params : Map | | UnsafeResourceGet2.java:17:20:17:25 | params : Map | UnsafeResourceGet2.java:17:20:17:40 | get(...) : Object | @@ -35,6 +36,8 @@ nodes | UnsafeLoadSpringResource.java:35:31:35:33 | clr | semmle.label | clr | | UnsafeLoadSpringResource.java:68:32:68:77 | fileName : String | semmle.label | fileName : String | | UnsafeLoadSpringResource.java:76:38:76:45 | fileName | semmle.label | fileName | +| UnsafeLoadSpringResource.java:108:32:108:77 | fileName : String | semmle.label | fileName : String | +| UnsafeLoadSpringResource.java:116:51:116:58 | fileName | semmle.label | fileName | | UnsafeRequestPath.java:20:17:20:63 | getServletPath(...) : String | semmle.label | getServletPath(...) : String | | UnsafeRequestPath.java:23:33:23:36 | path | semmle.label | path | | UnsafeResourceGet2.java:16:32:16:79 | getRequestParameterMap(...) : Map | semmle.label | getRequestParameterMap(...) : Map | @@ -83,6 +86,7 @@ subpaths #select | UnsafeLoadSpringResource.java:35:31:35:33 | clr | UnsafeLoadSpringResource.java:27:32:27:77 | fileName : String | UnsafeLoadSpringResource.java:35:31:35:33 | clr | Potentially untrusted URL forward due to $@. | UnsafeLoadSpringResource.java:27:32:27:77 | fileName | user-provided value | | UnsafeLoadSpringResource.java:76:38:76:45 | fileName | UnsafeLoadSpringResource.java:68:32:68:77 | fileName : String | UnsafeLoadSpringResource.java:76:38:76:45 | fileName | Potentially untrusted URL forward due to $@. | UnsafeLoadSpringResource.java:68:32:68:77 | fileName | user-provided value | +| UnsafeLoadSpringResource.java:116:51:116:58 | fileName | UnsafeLoadSpringResource.java:108:32:108:77 | fileName : String | UnsafeLoadSpringResource.java:116:51:116:58 | fileName | Potentially untrusted URL forward due to $@. | UnsafeLoadSpringResource.java:108:32:108:77 | fileName | user-provided value | | UnsafeRequestPath.java:23:33:23:36 | path | UnsafeRequestPath.java:20:17:20:63 | getServletPath(...) : String | UnsafeRequestPath.java:23:33:23:36 | path | Potentially untrusted URL forward due to $@. | UnsafeRequestPath.java:20:17:20:63 | getServletPath(...) | user-provided value | | UnsafeResourceGet2.java:19:93:19:99 | loadUrl | UnsafeResourceGet2.java:16:32:16:79 | getRequestParameterMap(...) : Map | UnsafeResourceGet2.java:19:93:19:99 | loadUrl | Potentially untrusted URL forward due to $@. | UnsafeResourceGet2.java:16:32:16:79 | getRequestParameterMap(...) | user-provided value | | UnsafeResourceGet2.java:37:20:37:22 | url | UnsafeResourceGet2.java:32:32:32:79 | getRequestParameterMap(...) : Map | UnsafeResourceGet2.java:37:20:37:22 | url | Potentially untrusted URL forward due to $@. | UnsafeResourceGet2.java:32:32:32:79 | getRequestParameterMap(...) | user-provided value | diff --git a/java/ql/test/experimental/query-tests/security/CWE-611/XXE.expected b/java/ql/test/experimental/query-tests/security/CWE-611/XXE.expected deleted file mode 100644 index b99edb2122d..00000000000 --- a/java/ql/test/experimental/query-tests/security/CWE-611/XXE.expected +++ /dev/null @@ -1,26 +0,0 @@ -edges -| XXE.java:22:43:22:66 | getInputStream(...) : ServletInputStream | XXE.java:24:18:24:35 | servletInputStream | -| XXE.java:29:43:29:66 | getInputStream(...) : ServletInputStream | XXE.java:33:42:33:59 | servletInputStream : ServletInputStream | -| XXE.java:33:25:33:60 | new StreamSource(...) : StreamSource | XXE.java:34:22:34:27 | source | -| XXE.java:33:42:33:59 | servletInputStream : ServletInputStream | XXE.java:33:25:33:60 | new StreamSource(...) : StreamSource | -| XXE.java:39:43:39:66 | getInputStream(...) : ServletInputStream | XXE.java:40:42:40:59 | servletInputStream : ServletInputStream | -| XXE.java:40:27:40:60 | new XMLDecoder(...) : XMLDecoder | XXE.java:41:3:41:12 | xmlDecoder | -| XXE.java:40:42:40:59 | servletInputStream : ServletInputStream | XXE.java:40:27:40:60 | new XMLDecoder(...) : XMLDecoder | -nodes -| XXE.java:22:43:22:66 | getInputStream(...) : ServletInputStream | semmle.label | getInputStream(...) : ServletInputStream | -| XXE.java:24:18:24:35 | servletInputStream | semmle.label | servletInputStream | -| XXE.java:29:43:29:66 | getInputStream(...) : ServletInputStream | semmle.label | getInputStream(...) : ServletInputStream | -| XXE.java:33:25:33:60 | new StreamSource(...) : StreamSource | semmle.label | new StreamSource(...) : StreamSource | -| XXE.java:33:42:33:59 | servletInputStream : ServletInputStream | semmle.label | servletInputStream : ServletInputStream | -| XXE.java:34:22:34:27 | source | semmle.label | source | -| XXE.java:39:43:39:66 | getInputStream(...) : ServletInputStream | semmle.label | getInputStream(...) : ServletInputStream | -| XXE.java:40:27:40:60 | new XMLDecoder(...) : XMLDecoder | semmle.label | new XMLDecoder(...) : XMLDecoder | -| XXE.java:40:42:40:59 | servletInputStream : ServletInputStream | semmle.label | servletInputStream : ServletInputStream | -| XXE.java:41:3:41:12 | xmlDecoder | semmle.label | xmlDecoder | -| XXE.java:46:49:46:72 | getInputStream(...) | semmle.label | getInputStream(...) | -subpaths -#select -| XXE.java:24:18:24:35 | servletInputStream | XXE.java:22:43:22:66 | getInputStream(...) : ServletInputStream | XXE.java:24:18:24:35 | servletInputStream | Unsafe parsing of XML file from $@. | XXE.java:22:43:22:66 | getInputStream(...) | user input | -| XXE.java:34:22:34:27 | source | XXE.java:29:43:29:66 | getInputStream(...) : ServletInputStream | XXE.java:34:22:34:27 | source | Unsafe parsing of XML file from $@. | XXE.java:29:43:29:66 | getInputStream(...) | user input | -| XXE.java:41:3:41:12 | xmlDecoder | XXE.java:39:43:39:66 | getInputStream(...) : ServletInputStream | XXE.java:41:3:41:12 | xmlDecoder | Unsafe parsing of XML file from $@. | XXE.java:39:43:39:66 | getInputStream(...) | user input | -| XXE.java:46:49:46:72 | getInputStream(...) | XXE.java:46:49:46:72 | getInputStream(...) | XXE.java:46:49:46:72 | getInputStream(...) | Unsafe parsing of XML file from $@. | XXE.java:46:49:46:72 | getInputStream(...) | user input | diff --git a/java/ql/test/experimental/query-tests/security/CWE-611/XXE.java b/java/ql/test/experimental/query-tests/security/CWE-611/XXE.java deleted file mode 100644 index 92a669acdc0..00000000000 --- a/java/ql/test/experimental/query-tests/security/CWE-611/XXE.java +++ /dev/null @@ -1,92 +0,0 @@ -import java.beans.XMLDecoder; -import java.io.BufferedReader; -import javax.servlet.ServletInputStream; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.xml.transform.stream.StreamSource; -import javax.xml.validation.Schema; -import javax.xml.validation.SchemaFactory; -import javax.xml.validation.Validator; -import org.rundeck.api.parser.ParserHelper; -import org.apache.commons.digester3.Digester; -import org.dom4j.Document; -import org.dom4j.DocumentHelper; -import org.springframework.stereotype.Controller; -import org.springframework.web.bind.annotation.PostMapping; - -@Controller -public class XXE { - - @PostMapping(value = "bad1") - public void bad1(HttpServletRequest request, HttpServletResponse response) throws Exception { - ServletInputStream servletInputStream = request.getInputStream(); - Digester digester = new Digester(); - digester.parse(servletInputStream); // bad - } - - @PostMapping(value = "bad2") - public void bad2(HttpServletRequest request) throws Exception { - ServletInputStream servletInputStream = request.getInputStream(); - SchemaFactory factory = SchemaFactory.newInstance("http://www.w3.org/2001/XMLSchema"); - Schema schema = factory.newSchema(); - Validator validator = schema.newValidator(); - StreamSource source = new StreamSource(servletInputStream); - validator.validate(source); // bad - } - - @PostMapping(value = "bad3") - public void bad3(HttpServletRequest request) throws Exception { - ServletInputStream servletInputStream = request.getInputStream(); - XMLDecoder xmlDecoder = new XMLDecoder(servletInputStream); - xmlDecoder.readObject(); // bad - } - - @PostMapping(value = "bad4") - public void bad4(HttpServletRequest request) throws Exception { - Document document = ParserHelper.loadDocument(request.getInputStream()); // bad - } - - @PostMapping(value = "good1") - public void good1(HttpServletRequest request, HttpServletResponse response) throws Exception { - BufferedReader br = request.getReader(); - String str = ""; - StringBuilder listString = new StringBuilder(); - while ((str = br.readLine()) != null) { - listString.append(str); - } - Digester digester = new Digester(); - digester.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true); - digester.setFeature("http://xml.org/sax/features/external-general-entities", false); - digester.setFeature("http://xml.org/sax/features/external-parameter-entities", false); - digester.parse(listString.toString()); - } - - @PostMapping(value = "good2") - public void good2(HttpServletRequest request, HttpServletResponse response) throws Exception { - BufferedReader br = request.getReader(); - String str = ""; - StringBuilder listString = new StringBuilder(); - while ((str = br.readLine()) != null) { - listString.append(str).append("\n"); - } - SchemaFactory factory = SchemaFactory.newInstance("http://www.w3.org/2001/XMLSchema"); - Schema schema = factory.newSchema(); - Validator validator = schema.newValidator(); - validator.setProperty("http://javax.xml.XMLConstants/property/accessExternalDTD", ""); - validator.setProperty("http://javax.xml.XMLConstants/property/accessExternalSchema", ""); - StreamSource source = new StreamSource(listString.toString()); - validator.validate(source); - } - - @PostMapping(value = "good3") - public void good3(HttpServletRequest request) throws Exception { - BufferedReader br = request.getReader(); - String str = ""; - StringBuilder listString = new StringBuilder(); - while ((str = br.readLine()) != null) { - listString.append(str).append("\n"); - } - // parseText falls back to a default SAXReader, which is safe - Document document = DocumentHelper.parseText(listString.toString()); // Safe - } -} diff --git a/java/ql/test/experimental/query-tests/security/CWE-611/XXE.qlref b/java/ql/test/experimental/query-tests/security/CWE-611/XXE.qlref deleted file mode 100644 index 0675e245daa..00000000000 --- a/java/ql/test/experimental/query-tests/security/CWE-611/XXE.qlref +++ /dev/null @@ -1 +0,0 @@ -experimental/Security/CWE/CWE-611/XXE.ql diff --git a/java/ql/test/experimental/query-tests/security/CWE-611/options b/java/ql/test/experimental/query-tests/security/CWE-611/options deleted file mode 100644 index 9aea8cdbe50..00000000000 --- a/java/ql/test/experimental/query-tests/security/CWE-611/options +++ /dev/null @@ -1 +0,0 @@ -//semmle-extractor-options: --javac-args -cp ${testdir}/../../../../stubs/servlet-api-2.4/:${testdir}/../../../../stubs/springframework-5.3.8/:${testdir}/../../../../stubs/dom4j-2.1.1:${testdir}/../../../../stubs/apache-commons-digester3-3.2:${testdir}/../../../../stubs/jaxen-1.2.0/:${testdir}/../../../../stubs/rundeck-api-java-client-13.2 \ No newline at end of file diff --git a/java/ql/test/ext/TestModels/test.ext.yml b/java/ql/test/ext/TestModels/test.ext.yml index 4fff7d575a3..c5873214f71 100644 --- a/java/ql/test/ext/TestModels/test.ext.yml +++ b/java/ql/test/ext/TestModels/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["generatedtest", "Test", False, "newWithMapValueDefault", "(Object)", "", "Argument[0]", "ReturnValue.MapValue", "value", "manual"] diff --git a/java/ql/test/kotlin/library-tests/dataflow/notnullexpr/test.ext.yml b/java/ql/test/kotlin/library-tests/dataflow/notnullexpr/test.ext.yml index 589c787bf9a..700f3f51e6f 100644 --- a/java/ql/test/kotlin/library-tests/dataflow/notnullexpr/test.ext.yml +++ b/java/ql/test/kotlin/library-tests/dataflow/notnullexpr/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["", "Uri", False, "getQueryParameter", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] diff --git a/java/ql/test/kotlin/library-tests/dataflow/summaries/use.kt b/java/ql/test/kotlin/library-tests/dataflow/summaries/use.kt new file mode 100644 index 00000000000..07beffd2be2 --- /dev/null +++ b/java/ql/test/kotlin/library-tests/dataflow/summaries/use.kt @@ -0,0 +1,11 @@ +import java.io.Closeable + +class UseFlowTest { + fun taint(t: T) = t + fun sink(s: Closeable) { } + + fun test(input: Closeable) { + taint(input).use { it -> sink(it) } // $ hasValueFlow + sink(taint(input).use { it }) // $ hasValueFlow + } +} diff --git a/java/ql/test/kotlin/library-tests/dataflow/summaries/with.kt b/java/ql/test/kotlin/library-tests/dataflow/summaries/with.kt new file mode 100644 index 00000000000..d495f95c854 --- /dev/null +++ b/java/ql/test/kotlin/library-tests/dataflow/summaries/with.kt @@ -0,0 +1,9 @@ +class WithFlowTest { + fun taint(t: T) = t + fun sink(s: String) { } + + fun test(input: String) { + with(taint(input)) { sink(this) } // $ hasValueFlow + sink(with(taint(input)) { this }) // $ hasValueFlow + } +} diff --git a/java/ql/test/kotlin/library-tests/dataflow/whenexpr/test.ext.yml b/java/ql/test/kotlin/library-tests/dataflow/whenexpr/test.ext.yml index 589c787bf9a..700f3f51e6f 100644 --- a/java/ql/test/kotlin/library-tests/dataflow/whenexpr/test.ext.yml +++ b/java/ql/test/kotlin/library-tests/dataflow/whenexpr/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["", "Uri", False, "getQueryParameter", "", "", "Argument[this]", "ReturnValue", "taint", "manual"] diff --git a/java/ql/test/library-tests/dataflow/callback-dispatch/test.ext.yml b/java/ql/test/library-tests/dataflow/callback-dispatch/test.ext.yml index 5f35c923ad0..a153e39a0e0 100644 --- a/java/ql/test/library-tests/dataflow/callback-dispatch/test.ext.yml +++ b/java/ql/test/library-tests/dataflow/callback-dispatch/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["my.callback.qltest", "A", False, "applyConsumer1", "(Object,Consumer1)", "", "Argument[0]", "Argument[1].Parameter[0]", "value", "manual"] @@ -15,4 +15,3 @@ extensions: - ["my.callback.qltest", "A", False, "produceConsume", "(Producer1,Consumer3)", "", "Argument[1].Parameter[0]", "ReturnValue", "value", "manual"] - ["my.callback.qltest", "A", False, "applyConverter1", "(Object,Converter1)", "", "Argument[0]", "Argument[1].Parameter[0]", "value", "manual"] - ["my.callback.qltest", "A", False, "applyConverter1", "(Object,Converter1)", "", "Argument[1].ReturnValue", "ReturnValue", "value", "manual"] - diff --git a/java/ql/test/library-tests/dataflow/collections/containerflow.ext.yml b/java/ql/test/library-tests/dataflow/collections/containerflow.ext.yml index ebe7e3b6ea5..c12a0156d0c 100644 --- a/java/ql/test/library-tests/dataflow/collections/containerflow.ext.yml +++ b/java/ql/test/library-tests/dataflow/collections/containerflow.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["", "B", False, "readElement", "(Spliterator)", "", "Argument[0].Element", "ReturnValue", "value", "manual"] diff --git a/java/ql/test/library-tests/dataflow/external-models/sinks.ext.yml b/java/ql/test/library-tests/dataflow/external-models/sinks.ext.yml index 55a76b79b21..d469a2de0dc 100644 --- a/java/ql/test/library-tests/dataflow/external-models/sinks.ext.yml +++ b/java/ql/test/library-tests/dataflow/external-models/sinks.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: sinkModel data: - ["my.qltest", "B", False, "sink1", "(Object)", "", "Argument[0]", "qltest", "manual"] diff --git a/java/ql/test/library-tests/dataflow/external-models/srcs.ext.yml b/java/ql/test/library-tests/dataflow/external-models/srcs.ext.yml index 7730d41e549..9693152f1c0 100644 --- a/java/ql/test/library-tests/dataflow/external-models/srcs.ext.yml +++ b/java/ql/test/library-tests/dataflow/external-models/srcs.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: sourceModel data: - ["my.qltest", "A", False, "src1", "()", "", "ReturnValue", "qltest", "manual"] diff --git a/java/ql/test/library-tests/dataflow/external-models/steps.ext.yml b/java/ql/test/library-tests/dataflow/external-models/steps.ext.yml index 41d26cf815a..c6a1fb69d6d 100644 --- a/java/ql/test/library-tests/dataflow/external-models/steps.ext.yml +++ b/java/ql/test/library-tests/dataflow/external-models/steps.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["my.qltest", "C", False, "stepArgRes", "(Object)", "", "Argument[0]", "ReturnValue", "taint", "manual"] diff --git a/java/ql/test/library-tests/dataflow/synth-global/test.ext.yml b/java/ql/test/library-tests/dataflow/synth-global/test.ext.yml index 3d3bbe9fd47..58b4d2ecc24 100644 --- a/java/ql/test/library-tests/dataflow/synth-global/test.ext.yml +++ b/java/ql/test/library-tests/dataflow/synth-global/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["my.qltest.synth", "A", False, "storeInArray", "(String)", "", "Argument[0]", "SyntheticGlobal[db1].ArrayElement", "value", "manual"] diff --git a/java/ql/test/library-tests/dataflow/taint-gson/Test.java b/java/ql/test/library-tests/dataflow/taint-gson/Test.java new file mode 100644 index 00000000000..82ca2388bbe --- /dev/null +++ b/java/ql/test/library-tests/dataflow/taint-gson/Test.java @@ -0,0 +1,38 @@ +import com.google.gson.Gson; + +public class Test { + public static class Potato { + private String name; + private Potato inner; + private Object object; + + private String getName() { + return name; + } + + private Potato getInner() { + return inner; + } + + private Object getObject() { + return object; + } + + } + + public static String source() { + return ""; + } + + public static void sink(Object any) {} + + public static void gsonfromJson() throws Exception { + String s = source(); + Potato tainted = new Gson().fromJson(s, Potato.class); + sink(tainted); // $ hasTaintFlow + sink(tainted.getName()); // $ hasTaintFlow + sink(tainted.getInner()); // $ hasTaintFlow + sink(tainted.getInner().getName()); // $ hasTaintFlow + sink(tainted.getObject()); // $ hasTaintFlow + } +} diff --git a/swift/ql/test/library-tests/ast/no_double_children.expected b/java/ql/test/library-tests/dataflow/taint-gson/dataFlow.expected similarity index 100% rename from swift/ql/test/library-tests/ast/no_double_children.expected rename to java/ql/test/library-tests/dataflow/taint-gson/dataFlow.expected diff --git a/java/ql/test/library-tests/dataflow/taint-gson/dataFlow.ql b/java/ql/test/library-tests/dataflow/taint-gson/dataFlow.ql new file mode 100644 index 00000000000..5d91e4e8e26 --- /dev/null +++ b/java/ql/test/library-tests/dataflow/taint-gson/dataFlow.ql @@ -0,0 +1,2 @@ +import java +import TestUtilities.InlineFlowTest diff --git a/java/ql/test/library-tests/dataflow/taint-gson/options b/java/ql/test/library-tests/dataflow/taint-gson/options new file mode 100644 index 00000000000..a9cce94fd94 --- /dev/null +++ b/java/ql/test/library-tests/dataflow/taint-gson/options @@ -0,0 +1 @@ +//semmle-extractor-options: --javac-args -cp ${testdir}/../../../stubs/gson-2.8.6 diff --git a/java/ql/test/library-tests/dataflow/taintsources/PlayMvc.java b/java/ql/test/library-tests/dataflow/taintsources/PlayMvc.java new file mode 100644 index 00000000000..55087a6596b --- /dev/null +++ b/java/ql/test/library-tests/dataflow/taintsources/PlayMvc.java @@ -0,0 +1,25 @@ +import play.mvc.Http; + +public class PlayMvc { + + private Http.Request request; + private Http.RequestHeader header; + + private static void sink(Object o) {} + + public void test() throws Exception { + sink(request.body()); // $ hasRemoteValueFlow + sink(header.cookie(null)); // $ hasRemoteValueFlow + sink(header.cookies()); // $ hasRemoteValueFlow + sink(header.getHeader(null)); // $ hasRemoteValueFlow + sink(header.getHeaders()); // $ hasRemoteValueFlow + sink(header.getQueryString(null)); // $ hasRemoteValueFlow + sink(header.header(null)); // $ hasRemoteValueFlow + sink(header.headers()); // $ hasRemoteValueFlow + sink(header.host()); // $ hasRemoteValueFlow + sink(header.path()); // $ hasRemoteValueFlow + sink(header.queryString()); // $ hasRemoteValueFlow + sink(header.remoteAddress()); // $ hasRemoteValueFlow + sink(header.uri()); // $ hasRemoteValueFlow + } +} diff --git a/java/ql/test/library-tests/dispatch/CallableViaSummary.java b/java/ql/test/library-tests/dispatch/CallableViaSummary.java new file mode 100644 index 00000000000..da7c7d86efd --- /dev/null +++ b/java/ql/test/library-tests/dispatch/CallableViaSummary.java @@ -0,0 +1,31 @@ +import java.util.*; + +public class CallableViaSummary { + public interface Element { + public void handle(String message); + } + + public void main(String[] args) { + List elements = new ArrayList<>(); + + List elements2 = new ArrayList<>(); + + elements.add(new Element() { + @Override + public void handle(String message) { + System.out.println(message); + } + }); + + elements.add(message -> System.out.println(message)); + + // This dispatches to the two added elements because + // the summary of ArrayList causes flow via type tracking. + elements.get(0).handle("Hello, world!"); + + // This does not dispatch to anything, showing that the + // open-world assumption does not apply + // (and hence that type tracking is necessary above). + elements2.get(0).handle("Hello, world!"); + } +} \ No newline at end of file diff --git a/java/ql/test/library-tests/dispatch/viaSummary.expected b/java/ql/test/library-tests/dispatch/viaSummary.expected new file mode 100644 index 00000000000..7c311587d9a --- /dev/null +++ b/java/ql/test/library-tests/dispatch/viaSummary.expected @@ -0,0 +1,2 @@ +| CallableViaSummary.java:24:9:24:47 | handle(...) | CallableViaSummary.java:15:25:15:30 | handle | +| CallableViaSummary.java:24:9:24:47 | handle(...) | CallableViaSummary.java:20:22:20:59 | handle | diff --git a/java/ql/test/library-tests/dispatch/viaSummary.ql b/java/ql/test/library-tests/dispatch/viaSummary.ql new file mode 100644 index 00000000000..a7a88d0749d --- /dev/null +++ b/java/ql/test/library-tests/dispatch/viaSummary.ql @@ -0,0 +1,9 @@ +import java +import semmle.code.java.dispatch.VirtualDispatch + +from MethodAccess ma, Method m +where + m = viableImpl(ma) and + m.fromSource() and + ma.getFile().toString() = "CallableViaSummary" +select ma, m diff --git a/java/ql/test/library-tests/frameworks/android/content-provider-summaries/test.ext.yml b/java/ql/test/library-tests/frameworks/android/content-provider-summaries/test.ext.yml index cf5c80bc456..06781456552 100644 --- a/java/ql/test/library-tests/frameworks/android/content-provider-summaries/test.ext.yml +++ b/java/ql/test/library-tests/frameworks/android/content-provider-summaries/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["generatedtest", "Test", False, "newWithMapValueDefault", "(Object)", "", "Argument[0]", "ReturnValue.MapValue", "value", "manual"] diff --git a/java/ql/test/library-tests/frameworks/android/intent/test.ext.yml b/java/ql/test/library-tests/frameworks/android/intent/test.ext.yml index 31321102a46..0a3ce554bc7 100644 --- a/java/ql/test/library-tests/frameworks/android/intent/test.ext.yml +++ b/java/ql/test/library-tests/frameworks/android/intent/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["generatedtest", "Test", False, "newBundleWithMapValue", "(Object)", "", "Argument[0]", "ReturnValue.MapValue", "value", "manual"] diff --git a/java/ql/test/library-tests/frameworks/android/notification/test.ext.yml b/java/ql/test/library-tests/frameworks/android/notification/test.ext.yml index bd5c804fddc..69b416a5b72 100644 --- a/java/ql/test/library-tests/frameworks/android/notification/test.ext.yml +++ b/java/ql/test/library-tests/frameworks/android/notification/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["generatedtest", "Test", False, "getMapKeyDefault", "(Bundle)", "", "Argument[0].MapKey", "ReturnValue", "value", "manual"] diff --git a/java/ql/test/library-tests/frameworks/apache-collections/test.ext.yml b/java/ql/test/library-tests/frameworks/apache-collections/test.ext.yml index a5d1cc8e1ab..60531154074 100644 --- a/java/ql/test/library-tests/frameworks/apache-collections/test.ext.yml +++ b/java/ql/test/library-tests/frameworks/apache-collections/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["generatedtest", "Test", False, "newRBWithMapValue", "", "", "Argument[0]", "ReturnValue.MapValue", "value", "manual"] diff --git a/java/ql/test/library-tests/frameworks/apache-http/flow.ext.yml b/java/ql/test/library-tests/frameworks/apache-http/flow.ext.yml index ff32ab78646..6e41b8a4e24 100644 --- a/java/ql/test/library-tests/frameworks/apache-http/flow.ext.yml +++ b/java/ql/test/library-tests/frameworks/apache-http/flow.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["generatedtest", "Client", False, "getURIBuilder_pathDefault", "(Object)", "", "Argument[0].SyntheticField[org.apache.http.client.utils.URIBuilder.path]", "ReturnValue", "taint", "manual"] diff --git a/java/ql/test/library-tests/frameworks/gson/Test.java b/java/ql/test/library-tests/frameworks/gson/Test.java new file mode 100644 index 00000000000..6fa1fd2a1e5 --- /dev/null +++ b/java/ql/test/library-tests/frameworks/gson/Test.java @@ -0,0 +1,475 @@ +package generatedtest; + +import com.google.gson.Gson; +import com.google.gson.JsonArray; +import com.google.gson.JsonElement; +import com.google.gson.JsonObject; +import com.google.gson.JsonPrimitive; +import com.google.gson.reflect.TypeToken; +import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonWriter; +import java.io.Reader; +import java.io.Writer; +import java.lang.reflect.Type; +import java.util.List; +import java.util.Map; +import java.util.Set; + +// Test case generated by GenerateFlowTestCase.ql +public class Test { + + K getMapKey(Map map) { return map.keySet().iterator().next(); } + T getElement(Iterable it) { return it.iterator().next(); } + V getMapValue(Map map) { return map.get(null); } + String getMapKeyDefault(JsonObject container) { return container.keySet().iterator().next(); } + K getMapKeyDefault(Map.Entry container) { return container.getKey(); } + JsonElement getMapValueDefault(JsonObject container) { return container.get(null); } + V getMapValueDefault(Map.Entry container) { return container.getValue(); } + JsonArray newWithElementDefault(JsonElement element) { JsonArray a = new JsonArray(); a.add(element); return a; } + JsonObject newWithMapKeyDefault(String key) { JsonObject o = new JsonObject(); o.add(key, (JsonElement) null); return o; } + JsonObject newWithMapValueDefault(JsonElement element) { JsonObject o = new JsonObject(); o.add(null, element); return o; } + Object source() { return null; } + void sink(Object o) { } + + public void test() throws Exception { + + { + // "com.google.gson.stream;JsonReader;false;nextName;;;Argument[this];ReturnValue;taint;manual" + String out = null; + JsonReader in = (JsonReader)source(); + out = in.nextName(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson.stream;JsonReader;false;nextString;;;Argument[this];ReturnValue;taint;manual" + String out = null; + JsonReader in = (JsonReader)source(); + out = in.nextString(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;fromJson;;;Argument[0];ReturnValue;taint;manual" + Object out = null; + JsonElement in = (JsonElement)source(); + Gson instance = null; + out = instance.fromJson(in, (Class)null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;fromJson;;;Argument[0];ReturnValue;taint;manual" + Object out = null; + JsonElement in = (JsonElement)source(); + Gson instance = null; + out = instance.fromJson(in, (Type)null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;fromJson;;;Argument[0];ReturnValue;taint;manual" + Object out = null; + JsonElement in = (JsonElement)source(); + Gson instance = null; + out = instance.fromJson(in, (TypeToken)null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;fromJson;;;Argument[0];ReturnValue;taint;manual" + Object out = null; + JsonReader in = (JsonReader)source(); + Gson instance = null; + out = instance.fromJson(in, (Type)null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;fromJson;;;Argument[0];ReturnValue;taint;manual" + Object out = null; + JsonReader in = (JsonReader)source(); + Gson instance = null; + out = instance.fromJson(in, (TypeToken)null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;fromJson;;;Argument[0];ReturnValue;taint;manual" + Object out = null; + Reader in = (Reader)source(); + Gson instance = null; + out = instance.fromJson(in, (Class)null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;fromJson;;;Argument[0];ReturnValue;taint;manual" + Object out = null; + Reader in = (Reader)source(); + Gson instance = null; + out = instance.fromJson(in, (Type)null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;fromJson;;;Argument[0];ReturnValue;taint;manual" + Object out = null; + Reader in = (Reader)source(); + Gson instance = null; + out = instance.fromJson(in, (TypeToken)null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;fromJson;;;Argument[0];ReturnValue;taint;manual" + Object out = null; + String in = (String)source(); + Gson instance = null; + out = instance.fromJson(in, (Class)null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;fromJson;;;Argument[0];ReturnValue;taint;manual" + Object out = null; + String in = (String)source(); + Gson instance = null; + out = instance.fromJson(in, (Type)null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;fromJson;;;Argument[0];ReturnValue;taint;manual" + Object out = null; + String in = (String)source(); + Gson instance = null; + out = instance.fromJson(in, (TypeToken)null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;newJsonReader;;;Argument[0];ReturnValue;taint;manual" + JsonReader out = null; + Reader in = (Reader)source(); + Gson instance = null; + out = instance.newJsonReader(in); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;newJsonWriter;;;Argument[0];ReturnValue;taint;manual" + JsonWriter out = null; + Writer in = (Writer)source(); + Gson instance = null; + out = instance.newJsonWriter(in); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;toJson;(JsonElement);;Argument[0];ReturnValue;taint;manual" + String out = null; + JsonElement in = (JsonElement)source(); + Gson instance = null; + out = instance.toJson(in); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;toJson;(JsonElement,Appendable);;Argument[0];Argument[1];taint;manual" + Appendable out = null; + JsonElement in = (JsonElement)source(); + Gson instance = null; + instance.toJson(in, out); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;toJson;(JsonElement,JsonWriter);;Argument[0];Argument[1];taint;manual" + JsonWriter out = null; + JsonElement in = (JsonElement)source(); + Gson instance = null; + instance.toJson(in, out); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;toJson;(Object);;Argument[0];ReturnValue;taint;manual" + String out = null; + Object in = (Object)source(); + Gson instance = null; + out = instance.toJson(in); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;toJson;(Object,Appendable);;Argument[0];Argument[1];taint;manual" + Appendable out = null; + Object in = (Object)source(); + Gson instance = null; + instance.toJson(in, out); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;toJson;(Object,Type);;Argument[0];ReturnValue;taint;manual" + String out = null; + Object in = (Object)source(); + Gson instance = null; + out = instance.toJson(in, (Type)null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;toJson;(Object,Type,Appendable);;Argument[0];Argument[2];taint;manual" + Appendable out = null; + Object in = (Object)source(); + Gson instance = null; + instance.toJson(in, (Type)null, out); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;toJson;(Object,Type,JsonWriter);;Argument[0];Argument[2];taint;manual" + JsonWriter out = null; + Object in = (Object)source(); + Gson instance = null; + instance.toJson(in, (Type)null, out); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;toJsonTree;(Object);;Argument[0];ReturnValue;taint;manual" + JsonElement out = null; + Object in = (Object)source(); + Gson instance = null; + out = instance.toJsonTree(in); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;Gson;false;toJsonTree;(Object,Type);;Argument[0];ReturnValue;taint;manual" + JsonElement out = null; + Object in = (Object)source(); + Gson instance = null; + out = instance.toJsonTree(in, null); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonArray;true;add;(Boolean);;Argument[0];Argument[this].Element;taint;manual" + JsonArray out = null; + Boolean in = (Boolean)source(); + out.add(in); + sink(getElement(out)); // $ hasTaintFlow + } + { + // "com.google.gson;JsonArray;true;add;(Character);;Argument[0];Argument[this].Element;taint;manual" + JsonArray out = null; + Character in = (Character)source(); + out.add(in); + sink(getElement(out)); // $ hasTaintFlow + } + { + // "com.google.gson;JsonArray;true;add;(JsonElement);;Argument[0];Argument[this].Element;value;manual" + JsonArray out = null; + JsonElement in = (JsonElement)source(); + out.add(in); + sink(getElement(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonArray;true;add;(Number);;Argument[0];Argument[this].Element;taint;manual" + JsonArray out = null; + Number in = (Number)source(); + out.add(in); + sink(getElement(out)); // $ hasTaintFlow + } + { + // "com.google.gson;JsonArray;true;add;(String);;Argument[0];Argument[this].Element;taint;manual" + JsonArray out = null; + String in = (String)source(); + out.add(in); + sink(getElement(out)); // $ hasTaintFlow + } + { + // "com.google.gson;JsonArray;true;addAll;(JsonArray);;Argument[0].Element;Argument[this].Element;value;manual" + JsonArray out = null; + JsonArray in = newWithElementDefault((JsonElement) source()); + out.addAll(in); + sink(getElement(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonArray;true;asList;;;Argument[this].Element;ReturnValue.Element;value;manual" + List out = null; + JsonArray in = newWithElementDefault((JsonElement) source()); + out = in.asList(); + sink(getElement(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonArray;true;get;;;Argument[this].Element;ReturnValue;value;manual" + JsonElement out = null; + JsonArray in = newWithElementDefault((JsonElement) source()); + out = in.get(0); + sink(out); // $ hasValueFlow + } + { + // "com.google.gson;JsonArray;true;set;;;Argument[1];Argument[this].Element;value;manual" + JsonArray out = null; + JsonElement in = (JsonElement)source(); + out.set(0, in); + sink(getElement(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonElement;true;getAsByte;();;Argument[this];ReturnValue;taint;manual" + byte out = 0; + JsonArray in = (JsonArray)source(); + out = in.getAsByte(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonElement;true;getAsByte;();;Argument[this];ReturnValue;taint;manual" + byte out = 0; + JsonElement in = (JsonElement)source(); + out = in.getAsByte(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonElement;true;getAsByte;();;Argument[this];ReturnValue;taint;manual" + byte out = 0; + JsonPrimitive in = (JsonPrimitive)source(); + out = in.getAsByte(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonElement;true;getAsCharacter;();;Argument[this];ReturnValue;taint;manual" + char out = 'a'; + JsonArray in = (JsonArray)source(); + out = in.getAsCharacter(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonElement;true;getAsCharacter;();;Argument[this];ReturnValue;taint;manual" + char out = 'a'; + JsonElement in = (JsonElement)source(); + out = in.getAsCharacter(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonElement;true;getAsCharacter;();;Argument[this];ReturnValue;taint;manual" + char out = 'a'; + JsonPrimitive in = (JsonPrimitive)source(); + out = in.getAsCharacter(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonElement;true;getAsJsonArray;();;Argument[this];ReturnValue;taint;manual" + JsonArray out = null; + JsonElement in = (JsonElement)source(); + out = in.getAsJsonArray(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonElement;true;getAsJsonObject;();;Argument[this];ReturnValue;taint;manual" + JsonObject out = null; + JsonElement in = (JsonElement)source(); + out = in.getAsJsonObject(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonElement;true;getAsJsonPrimitive;();;Argument[this];ReturnValue;taint;manual" + JsonPrimitive out = null; + JsonElement in = (JsonElement)source(); + out = in.getAsJsonPrimitive(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonElement;true;getAsString;();;Argument[this];ReturnValue;taint;manual" + String out = null; + JsonArray in = (JsonArray)source(); + out = in.getAsString(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonElement;true;getAsString;();;Argument[this];ReturnValue;taint;manual" + String out = null; + JsonElement in = (JsonElement)source(); + out = in.getAsString(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonElement;true;getAsString;();;Argument[this];ReturnValue;taint;manual" + String out = null; + JsonPrimitive in = (JsonPrimitive)source(); + out = in.getAsString(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonElement;true;toString;();;Argument[this];ReturnValue;taint;manual" + String out = null; + JsonElement in = (JsonElement)source(); + out = in.toString(); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonObject;true;add;;;Argument[0];Argument[this].MapKey;value;manual" + JsonObject out = null; + String in = (String)source(); + out.add(in, null); + sink(getMapKeyDefault(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonObject;true;add;;;Argument[1];Argument[this].MapValue;value;manual" + JsonObject out = null; + JsonElement in = (JsonElement)source(); + out.add(null, in); + sink(getMapValueDefault(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonObject;true;addProperty;(String,String);;Argument[0];Argument[this].MapKey;value;manual" + JsonObject out = null; + String in = (String)source(); + out.addProperty(in, (String)null); + sink(getMapKeyDefault(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonObject;true;addProperty;(String,String);;Argument[1];Argument[this].MapValue;value;manual" + JsonObject out = null; + String in = (String)source(); + out.addProperty((String)null, in); + sink(getMapValueDefault(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonObject;true;asMap;;;Argument[this].MapKey;ReturnValue.MapKey;value;manual" + Map out = null; + JsonObject in = (JsonObject)newWithMapKeyDefault((String) source()); + out = in.asMap(); + sink(getMapKey(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonObject;true;asMap;;;Argument[this].MapValue;ReturnValue.MapValue;value;manual" + Map out = null; + JsonObject in = (JsonObject)newWithMapValueDefault((JsonElement) source()); + out = in.asMap(); + sink(getMapValue(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonObject;true;entrySet;;;Argument[this].MapKey;ReturnValue.Element.MapKey;value;manual" + Set> out = null; + JsonObject in = (JsonObject)newWithMapKeyDefault((String) source()); + out = in.entrySet(); + sink(getMapKeyDefault(getElement(out))); // $ hasValueFlow + } + { + // "com.google.gson;JsonObject;true;entrySet;;;Argument[this].MapKey;ReturnValue.Element.MapValue;value;manual" + Set> out = null; + JsonObject in = (JsonObject) newWithMapKeyDefault((String) source()); + out = in.entrySet(); + sink(getMapValueDefault(getElement(out))); // $ hasValueFlow + } + { + // "com.google.gson;JsonObject;true;get;;;Argument[this].MapValue;ReturnValue;value;manual" + JsonElement out = null; + JsonObject in = (JsonObject)newWithMapValueDefault((JsonElement) source()); + out = in.get(null); + sink(out); // $ hasValueFlow + } + { + // "com.google.gson;JsonObject;true;keySet;;;Argument[this].MapKey;ReturnValue.Element;value;manual" + Set out = null; + JsonObject in = (JsonObject)newWithMapKeyDefault((String) source()); + out = in.keySet(); + sink(getElement(out)); // $ hasValueFlow + } + { + // "com.google.gson;JsonPrimitive;true;JsonPrimitive;(Character);;Argument[0];Argument[this];taint;manual" + JsonPrimitive out = null; + Character in = (Character)source(); + out = new JsonPrimitive(in); + sink(out); // $ hasTaintFlow + } + { + // "com.google.gson;JsonPrimitive;true;JsonPrimitive;(String);;Argument[0];Argument[this];taint;manual" + JsonPrimitive out = null; + String in = (String)source(); + out = new JsonPrimitive(in); + sink(out); // $ hasTaintFlow + } + + } + +} \ No newline at end of file diff --git a/java/ql/test/library-tests/frameworks/gson/options b/java/ql/test/library-tests/frameworks/gson/options new file mode 100644 index 00000000000..a9cce94fd94 --- /dev/null +++ b/java/ql/test/library-tests/frameworks/gson/options @@ -0,0 +1 @@ +//semmle-extractor-options: --javac-args -cp ${testdir}/../../../stubs/gson-2.8.6 diff --git a/swift/ql/test/library-tests/ast/no_double_indexes.expected b/java/ql/test/library-tests/frameworks/gson/test.expected similarity index 100% rename from swift/ql/test/library-tests/ast/no_double_indexes.expected rename to java/ql/test/library-tests/frameworks/gson/test.expected diff --git a/java/ql/test/library-tests/frameworks/gson/test.ql b/java/ql/test/library-tests/frameworks/gson/test.ql new file mode 100644 index 00000000000..5d91e4e8e26 --- /dev/null +++ b/java/ql/test/library-tests/frameworks/gson/test.ql @@ -0,0 +1,2 @@ +import java +import TestUtilities.InlineFlowTest diff --git a/java/ql/test/library-tests/frameworks/guava/generated/collect/test.ext.yml b/java/ql/test/library-tests/frameworks/guava/generated/collect/test.ext.yml index 153b649a3e6..e711fa15ecc 100644 --- a/java/ql/test/library-tests/frameworks/guava/generated/collect/test.ext.yml +++ b/java/ql/test/library-tests/frameworks/guava/generated/collect/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["generatedtest", "Test", False, "newWithElementDefault", "(Object)", "", "Argument[0]", "ReturnValue.Element", "value", "manual"] diff --git a/java/ql/test/library-tests/frameworks/jdk/java.io/test.ext.yml b/java/ql/test/library-tests/frameworks/jdk/java.io/test.ext.yml index 35050f48ec0..230733b3ebc 100644 --- a/java/ql/test/library-tests/frameworks/jdk/java.io/test.ext.yml +++ b/java/ql/test/library-tests/frameworks/jdk/java.io/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["generatedtest", "Test", False, "getThrowable_messageDefault", "(Object)", "", "Argument[0].SyntheticField[java.lang.Throwable.message]", "ReturnValue", "value", "manual"] diff --git a/java/ql/test/library-tests/frameworks/netty/generated/test.ext.yml b/java/ql/test/library-tests/frameworks/netty/generated/test.ext.yml index f6b69f08632..47a199c75f1 100644 --- a/java/ql/test/library-tests/frameworks/netty/generated/test.ext.yml +++ b/java/ql/test/library-tests/frameworks/netty/generated/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["generatedtest", "Test", False, "newWithMapValueDefault", "(Object)", "", "Argument[0]", "ReturnValue.MapValue", "value", "manual"] diff --git a/java/ql/test/library-tests/frameworks/okhttp/test.ql b/java/ql/test/library-tests/frameworks/okhttp/test.ql index 2992a519e64..52e8a47132a 100644 --- a/java/ql/test/library-tests/frameworks/okhttp/test.ql +++ b/java/ql/test/library-tests/frameworks/okhttp/test.ql @@ -5,7 +5,9 @@ import TestUtilities.InlineFlowTest module OkHttpFlowConfig implements DataFlow::ConfigSig { predicate isSource = DefaultFlowConfig::isSource/1; - predicate isSink(DataFlow::Node n) { DefaultFlowConfig::isSink(n) or sinkNode(n, "open-url") } + predicate isSink(DataFlow::Node n) { + DefaultFlowConfig::isSink(n) or sinkNode(n, "request-forgery") + } } module OkHttpFlow = DataFlow::Global; diff --git a/java/ql/test/library-tests/frameworks/play/mad/Test.java b/java/ql/test/library-tests/frameworks/play/mad/Test.java new file mode 100644 index 00000000000..cb7fb123a62 --- /dev/null +++ b/java/ql/test/library-tests/frameworks/play/mad/Test.java @@ -0,0 +1,194 @@ +package generatedtest; + +import akka.util.ByteString; +import com.fasterxml.jackson.databind.JsonNode; +import java.io.File; +import java.util.List; +import java.util.Map; +import java.util.Optional; +import org.w3c.dom.Document; +import play.mvc.Http; + +// Test case generated by GenerateFlowTestCase.ql +public class Test { + + Object source() { + return null; + } + + void sink(Object o) {} + + public void test() throws Exception { + + { + // "play.mvc;Http$Cookie;true;name;;;Argument[this];ReturnValue;taint;manual" + String out = null; + Http.Cookie in = (Http.Cookie) source(); + out = in.name(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$Cookie;true;value;;;Argument[this];ReturnValue;taint;manual" + String out = null; + Http.Cookie in = (Http.Cookie) source(); + out = in.value(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$Cookies;true;get;;;Argument[this];ReturnValue;taint;manual" + Http.Cookie out = null; + Http.Cookies in = (Http.Cookies) source(); + out = in.get(null); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$Cookies;true;getCookie;;;Argument[this];ReturnValue;taint;manual" + Optional out = null; + Http.Cookies in = (Http.Cookies) source(); + out = in.getCookie(null); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$MultipartFormData$FilePart;true;getContentType;;;Argument[this];ReturnValue;taint;manual" + String out = null; + Http.MultipartFormData.FilePart in = (Http.MultipartFormData.FilePart) source(); + out = in.getContentType(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$MultipartFormData$FilePart;true;getDispositionType;;;Argument[this];ReturnValue;taint;manual" + String out = null; + Http.MultipartFormData.FilePart in = (Http.MultipartFormData.FilePart) source(); + out = in.getDispositionType(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$MultipartFormData$FilePart;true;getFilename;;;Argument[this];ReturnValue;taint;manual" + String out = null; + Http.MultipartFormData.FilePart in = (Http.MultipartFormData.FilePart) source(); + out = in.getFilename(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$MultipartFormData$FilePart;true;getKey;;;Argument[this];ReturnValue;taint;manual" + String out = null; + Http.MultipartFormData.FilePart in = (Http.MultipartFormData.FilePart) source(); + out = in.getKey(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$MultipartFormData$FilePart;true;getRef;;;Argument[this];ReturnValue;taint;manual" + Object out = null; + Http.MultipartFormData.FilePart in = (Http.MultipartFormData.FilePart) source(); + out = in.getRef(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$MultipartFormData;true;asFormUrlEncoded;;;Argument[this];ReturnValue;taint;manual" + Map out = null; + Http.MultipartFormData in = (Http.MultipartFormData) source(); + out = in.asFormUrlEncoded(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$MultipartFormData;true;getFile;;;Argument[this];ReturnValue;taint;manual" + Http.MultipartFormData.FilePart out = null; + Http.MultipartFormData in = (Http.MultipartFormData) source(); + out = in.getFile(null); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$MultipartFormData;true;getFiles;;;Argument[this];ReturnValue;taint;manual" + List out = null; + Http.MultipartFormData in = (Http.MultipartFormData) source(); + out = in.getFiles(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$RawBuffer;true;asBytes;;;Argument[this];ReturnValue;taint;manual" + ByteString out = null; + Http.RawBuffer in = (Http.RawBuffer) source(); + out = in.asBytes(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$RawBuffer;true;asBytes;;;Argument[this];ReturnValue;taint;manual" + ByteString out = null; + Http.RawBuffer in = (Http.RawBuffer) source(); + out = in.asBytes(0); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$RawBuffer;true;asFile;;;Argument[this];ReturnValue;taint;manual" + File out = null; + Http.RawBuffer in = (Http.RawBuffer) source(); + out = in.asFile(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$RequestBody;true;as;;;Argument[this];ReturnValue;taint;manual" + Object out = null; + Http.RequestBody in = (Http.RequestBody) source(); + out = in.as(null); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$RequestBody;true;asBytes;;;Argument[this];ReturnValue;taint;manual" + ByteString out = null; + Http.RequestBody in = (Http.RequestBody) source(); + out = in.asBytes(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$RequestBody;true;asFormUrlEncoded;;;Argument[this];ReturnValue;taint;manual" + Map out = null; + Http.RequestBody in = (Http.RequestBody) source(); + out = in.asFormUrlEncoded(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$RequestBody;true;asJson;;;Argument[this];ReturnValue;taint;manual" + JsonNode out = null; + Http.RequestBody in = (Http.RequestBody) source(); + out = in.asJson(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$RequestBody;true;asMultipartFormData;;;Argument[this];ReturnValue;taint;manual" + Http.MultipartFormData out = null; + Http.RequestBody in = (Http.RequestBody) source(); + out = in.asMultipartFormData(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$RequestBody;true;asRaw;;;Argument[this];ReturnValue;taint;manual" + Http.RawBuffer out = null; + Http.RequestBody in = (Http.RequestBody) source(); + out = in.asRaw(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$RequestBody;true;asText;;;Argument[this];ReturnValue;taint;manual" + String out = null; + Http.RequestBody in = (Http.RequestBody) source(); + out = in.asText(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$RequestBody;true;asXml;;;Argument[this];ReturnValue;taint;manual" + Document out = null; + Http.RequestBody in = (Http.RequestBody) source(); + out = in.asXml(); + sink(out); // $ hasTaintFlow + } + { + // "play.mvc;Http$RequestBody;true;parseJson;;;Argument[this];ReturnValue;taint;manual" + Optional out = null; + Http.RequestBody in = (Http.RequestBody) source(); + out = in.parseJson(null); + sink(out); // $ hasTaintFlow + } + + } + +} diff --git a/swift/ql/test/library-tests/ast/no_double_parents.expected b/java/ql/test/library-tests/frameworks/play/test.expected similarity index 100% rename from swift/ql/test/library-tests/ast/no_double_parents.expected rename to java/ql/test/library-tests/frameworks/play/test.expected diff --git a/java/ql/test/library-tests/frameworks/play/test.ql b/java/ql/test/library-tests/frameworks/play/test.ql new file mode 100644 index 00000000000..5d91e4e8e26 --- /dev/null +++ b/java/ql/test/library-tests/frameworks/play/test.ql @@ -0,0 +1,2 @@ +import java +import TestUtilities.InlineFlowTest diff --git a/java/ql/test/library-tests/frameworks/retrofit/test.ql b/java/ql/test/library-tests/frameworks/retrofit/test.ql index 5db5201aad0..e09f1ed41d7 100644 --- a/java/ql/test/library-tests/frameworks/retrofit/test.ql +++ b/java/ql/test/library-tests/frameworks/retrofit/test.ql @@ -5,7 +5,9 @@ import TestUtilities.InlineFlowTest module FlowConfig implements DataFlow::ConfigSig { predicate isSource = DefaultFlowConfig::isSource/1; - predicate isSink(DataFlow::Node n) { DefaultFlowConfig::isSink(n) or sinkNode(n, "open-url") } + predicate isSink(DataFlow::Node n) { + DefaultFlowConfig::isSink(n) or sinkNode(n, "request-forgery") + } } module Flow = DataFlow::Global; diff --git a/java/ql/test/library-tests/frameworks/stream/test.ext.yml b/java/ql/test/library-tests/frameworks/stream/test.ext.yml index 4f1cc3e38ac..a304f9542a4 100644 --- a/java/ql/test/library-tests/frameworks/stream/test.ext.yml +++ b/java/ql/test/library-tests/frameworks/stream/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["generatedtest", "Test", False, "getElementSpliterator", "(Spliterator)", "", "Argument[0].Element", "ReturnValue", "value", "manual"] diff --git a/swift/ql/test/library-tests/ast/no_parent_child_loops.expected b/java/ql/test/library-tests/neutrals/neutralsinks/NeutralSinksTest.expected similarity index 100% rename from swift/ql/test/library-tests/ast/no_parent_child_loops.expected rename to java/ql/test/library-tests/neutrals/neutralsinks/NeutralSinksTest.expected diff --git a/java/ql/test/library-tests/neutrals/neutralsinks/NeutralSinksTest.ql b/java/ql/test/library-tests/neutrals/neutralsinks/NeutralSinksTest.ql new file mode 100644 index 00000000000..224b03ea51c --- /dev/null +++ b/java/ql/test/library-tests/neutrals/neutralsinks/NeutralSinksTest.ql @@ -0,0 +1,40 @@ +import java +import TestUtilities.InlineExpectationsTest +import semmle.code.java.dataflow.DataFlow +import semmle.code.java.dataflow.ExternalFlow +import semmle.code.java.dataflow.internal.FlowSummaryImpl as FlowSummaryImpl + +class SinkTest extends InlineExpectationsTest { + SinkTest() { this = "SinkTest" } + + override string getARelevantTag() { result = "isSink" } + + override predicate hasActualResult(Location location, string element, string tag, string value) { + tag = "isSink" and + exists(DataFlow::Node sink | + sinkNode(sink, _) and + sink.getLocation() = location and + element = sink.toString() and + value = "" + ) + } +} + +class NeutralSinkTest extends InlineExpectationsTest { + NeutralSinkTest() { this = "NeutralSinkTest" } + + override string getARelevantTag() { result = "isNeutralSink" } + + override predicate hasActualResult(Location location, string element, string tag, string value) { + tag = "isNeutralSink" and + exists(Call call, Callable callable | + call.getCallee() = callable and + neutralModel(callable.getDeclaringType().getCompilationUnit().getPackage().getName(), + callable.getDeclaringType().getSourceDeclaration().nestedName(), callable.getName(), + [paramsString(callable), ""], "sink", _) and + call.getLocation() = location and + element = call.toString() and + value = "" + ) + } +} diff --git a/java/ql/test/library-tests/neutrals/neutralsinks/Test.java b/java/ql/test/library-tests/neutrals/neutralsinks/Test.java new file mode 100644 index 00000000000..a234132226f --- /dev/null +++ b/java/ql/test/library-tests/neutrals/neutralsinks/Test.java @@ -0,0 +1,61 @@ +import java.io.File; +import java.nio.file.Files; +import java.nio.file.spi.FileSystemProvider; +import java.nio.file.LinkOption; +import java.text.Collator; +import java.text.RuleBasedCollator; +import java.util.prefs.AbstractPreferences; +import java.util.prefs.Preferences; +import org.apache.hc.client5.http.protocol.RedirectLocations; + +public class Test { + + public void test() throws Exception { + + // java.io + File file = null; + file.exists(); // $ isNeutralSink + file.compareTo(null); // $ isNeutralSink + + // java.nio.file + Files.exists(null, (LinkOption[])null); // $ isNeutralSink + Files.getLastModifiedTime(null, (LinkOption[])null); // $ isNeutralSink + Files.getOwner(null, (LinkOption[])null); // $ isNeutralSink + Files.getPosixFilePermissions(null, (LinkOption[])null); // $ isNeutralSink + Files.isDirectory(null, (LinkOption[])null); // $ isNeutralSink + Files.isExecutable(null); // $ isNeutralSink + Files.isHidden(null); // $ isNeutralSink + Files.isReadable(null); // $ isNeutralSink + Files.isRegularFile(null, (LinkOption[])null); // $ isNeutralSink + Files.isSameFile(null, null); // $ isNeutralSink + Files.isSymbolicLink(null); // $ isNeutralSink + Files.isWritable(null); // $ isNeutralSink + Files.notExists(null, (LinkOption[])null); // $ isNeutralSink + Files.setLastModifiedTime(null, null); // $ isNeutralSink + Files.size(null); // $ isNeutralSink + + // java.nio.file.spi + FileSystemProvider fsp = null; + fsp.isHidden(null); // $ isNeutralSink + fsp.isSameFile(null, null); // $ isNeutralSink + + // java.text + Collator c = null; + c.compare(null, null); // $ isNeutralSink + c.equals(null); // $ isNeutralSink + c.equals(null, null); // $ isNeutralSink + RuleBasedCollator rbc = null; + rbc.compare(null, null); // $ isNeutralSink + + // java.util.prefs + AbstractPreferences ap = null; + ap.nodeExists(null); // $ isNeutralSink + Preferences p = null; + p.nodeExists(null); // $ isNeutralSink + + // org.apache.hc.client5.http.protocol + RedirectLocations rl = null; + rl.contains(null); // $ isNeutralSink + } + +} diff --git a/java/ql/test/library-tests/neutrals/neutralsinks/options b/java/ql/test/library-tests/neutrals/neutralsinks/options new file mode 100644 index 00000000000..6de6bb95285 --- /dev/null +++ b/java/ql/test/library-tests/neutrals/neutralsinks/options @@ -0,0 +1 @@ +//semmle-extractor-options: --javac-args -source 11 -target 11 -cp ${testdir}/../../../stubs/apache-http-5 diff --git a/java/ql/test/library-tests/optional/test.ext.yml b/java/ql/test/library-tests/optional/test.ext.yml index 2aebf3bdb97..24842526782 100644 --- a/java/ql/test/library-tests/optional/test.ext.yml +++ b/java/ql/test/library-tests/optional/test.ext.yml @@ -1,6 +1,6 @@ extensions: - addsTo: - pack: codeql/java-tests + pack: codeql/java-all extensible: summaryModel data: - ["generatedtest", "Test", False, "getStreamElement", "", "", "Argument[0].Element", "ReturnValue", "value", "manual"] diff --git a/java/ql/test/query-tests/ExposeRepresentation/ExposeRepresentation.expected b/java/ql/test/query-tests/ExposeRepresentation/ExposeRepresentation.expected index 0056c25bb53..3162056ab42 100644 --- a/java/ql/test/query-tests/ExposeRepresentation/ExposeRepresentation.expected +++ b/java/ql/test/query-tests/ExposeRepresentation/ExposeRepresentation.expected @@ -1,7 +1,7 @@ -| ExposesRep.java:11:19:11:28 | getStrings | getStrings exposes the internal representation stored in field strings. The value may be modified $@. | User.java:5:5:5:19 | User.java:5:5:5:19 | after this call to getStrings | -| ExposesRep.java:11:19:11:28 | getStrings | getStrings exposes the internal representation stored in field strings. The value may be modified $@. | User.java:13:12:13:26 | User.java:13:12:13:26 | after this call to getStrings | -| ExposesRep.java:11:19:11:28 | getStrings | getStrings exposes the internal representation stored in field strings. The value may be modified $@. | User.java:38:12:38:26 | User.java:38:12:38:26 | after this call to getStrings | -| ExposesRep.java:13:30:13:41 | getStringMap | getStringMap exposes the internal representation stored in field stringMap. The value may be modified $@. | User.java:9:5:9:21 | User.java:9:5:9:21 | after this call to getStringMap | -| ExposesRep.java:17:15:17:24 | setStrings | setStrings exposes the internal representation stored in field strings. The value may be modified $@. | User.java:22:5:22:6 | User.java:22:5:22:6 | through the variable ss | -| ExposesRep.java:21:15:21:26 | setStringMap | setStringMap exposes the internal representation stored in field stringMap. The value may be modified $@. | User.java:27:5:27:5 | User.java:27:5:27:5 | through the variable m | -| ExposesRep.java:29:14:29:21 | getArray | getArray exposes the internal representation stored in field array. The value may be modified $@. | User.java:31:5:31:18 | User.java:31:5:31:18 | after this call to getArray | +| ExposesRep.java:11:19:11:28 | getStrings | getStrings exposes the internal representation stored in field strings. The value may be modified $@. | User.java:5:5:5:19 | getStrings(...) | after this call to getStrings | +| ExposesRep.java:11:19:11:28 | getStrings | getStrings exposes the internal representation stored in field strings. The value may be modified $@. | User.java:13:12:13:26 | getStrings(...) | after this call to getStrings | +| ExposesRep.java:11:19:11:28 | getStrings | getStrings exposes the internal representation stored in field strings. The value may be modified $@. | User.java:38:12:38:26 | getStrings(...) | after this call to getStrings | +| ExposesRep.java:13:30:13:41 | getStringMap | getStringMap exposes the internal representation stored in field stringMap. The value may be modified $@. | User.java:9:5:9:21 | getStringMap(...) | after this call to getStringMap | +| ExposesRep.java:17:15:17:24 | setStrings | setStrings exposes the internal representation stored in field strings. The value may be modified $@. | User.java:22:5:22:6 | ss | through the variable ss | +| ExposesRep.java:21:15:21:26 | setStringMap | setStringMap exposes the internal representation stored in field stringMap. The value may be modified $@. | User.java:27:5:27:5 | m | through the variable m | +| ExposesRep.java:29:14:29:21 | getArray | getArray exposes the internal representation stored in field array. The value may be modified $@. | User.java:31:5:31:18 | getArray(...) | after this call to getArray | diff --git a/java/ql/test/query-tests/Telemetry/SupportedExternalSinks/SupportedExternalSinks.expected b/java/ql/test/query-tests/Telemetry/SupportedExternalSinks/SupportedExternalSinks.expected index 6cb849601d5..5f0ed7d05df 100644 --- a/java/ql/test/query-tests/Telemetry/SupportedExternalSinks/SupportedExternalSinks.expected +++ b/java/ql/test/query-tests/Telemetry/SupportedExternalSinks/SupportedExternalSinks.expected @@ -1,2 +1,3 @@ +| java.io.File#File(String) | 1 | | java.io.FileWriter#FileWriter(File) | 1 | | java.net.URL#openStream() | 1 | diff --git a/java/ql/test/query-tests/security/CWE-022/semmle/tests/TaintedPath.expected b/java/ql/test/query-tests/security/CWE-022/semmle/tests/TaintedPath.expected index 95a492fcd12..86f20972e2e 100644 --- a/java/ql/test/query-tests/security/CWE-022/semmle/tests/TaintedPath.expected +++ b/java/ql/test/query-tests/security/CWE-022/semmle/tests/TaintedPath.expected @@ -23,10 +23,8 @@ edges | mad/Test.java:29:16:29:36 | getHostName(...) : String | mad/Test.java:46:31:46:38 | source(...) : String | | mad/Test.java:29:16:29:36 | getHostName(...) : String | mad/Test.java:48:33:48:40 | source(...) : String | | mad/Test.java:29:16:29:36 | getHostName(...) : String | mad/Test.java:50:27:50:34 | source(...) : String | -| mad/Test.java:29:16:29:36 | getHostName(...) : String | mad/Test.java:51:27:51:34 | source(...) : String | -| mad/Test.java:29:16:29:36 | getHostName(...) : String | mad/Test.java:52:34:52:41 | source(...) : String | +| mad/Test.java:29:16:29:36 | getHostName(...) : String | mad/Test.java:52:27:52:34 | source(...) : String | | mad/Test.java:29:16:29:36 | getHostName(...) : String | mad/Test.java:54:40:54:47 | source(...) : String | -| mad/Test.java:29:16:29:36 | getHostName(...) : String | mad/Test.java:55:48:55:55 | source(...) : String | | mad/Test.java:29:16:29:36 | getHostName(...) : String | mad/Test.java:56:47:56:54 | source(...) : String | | mad/Test.java:29:16:29:36 | getHostName(...) : String | mad/Test.java:58:40:58:47 | source(...) : String | | mad/Test.java:29:16:29:36 | getHostName(...) : String | mad/Test.java:60:38:60:45 | source(...) : String | @@ -77,10 +75,8 @@ edges | mad/Test.java:46:31:46:38 | source(...) : String | mad/Test.java:46:24:46:38 | (...)... | | mad/Test.java:48:33:48:40 | source(...) : String | mad/Test.java:48:24:48:40 | (...)... | | mad/Test.java:50:27:50:34 | source(...) : String | mad/Test.java:50:20:50:34 | (...)... | -| mad/Test.java:51:27:51:34 | source(...) : String | mad/Test.java:51:20:51:34 | (...)... | -| mad/Test.java:52:34:52:41 | source(...) : String | mad/Test.java:52:20:52:41 | (...)... | +| mad/Test.java:52:27:52:34 | source(...) : String | mad/Test.java:52:20:52:34 | (...)... | | mad/Test.java:54:40:54:47 | source(...) : String | mad/Test.java:54:33:54:47 | (...)... | -| mad/Test.java:55:48:55:55 | source(...) : String | mad/Test.java:55:33:55:55 | (...)... | | mad/Test.java:56:47:56:54 | source(...) : String | mad/Test.java:56:40:56:54 | (...)... | | mad/Test.java:58:40:58:47 | source(...) : String | mad/Test.java:58:33:58:47 | (...)... | | mad/Test.java:60:38:60:45 | source(...) : String | mad/Test.java:60:31:60:45 | (...)... | @@ -161,14 +157,10 @@ nodes | mad/Test.java:48:33:48:40 | source(...) : String | semmle.label | source(...) : String | | mad/Test.java:50:20:50:34 | (...)... | semmle.label | (...)... | | mad/Test.java:50:27:50:34 | source(...) : String | semmle.label | source(...) : String | -| mad/Test.java:51:20:51:34 | (...)... | semmle.label | (...)... | -| mad/Test.java:51:27:51:34 | source(...) : String | semmle.label | source(...) : String | -| mad/Test.java:52:20:52:41 | (...)... | semmle.label | (...)... | -| mad/Test.java:52:34:52:41 | source(...) : String | semmle.label | source(...) : String | +| mad/Test.java:52:20:52:34 | (...)... | semmle.label | (...)... | +| mad/Test.java:52:27:52:34 | source(...) : String | semmle.label | source(...) : String | | mad/Test.java:54:33:54:47 | (...)... | semmle.label | (...)... | | mad/Test.java:54:40:54:47 | source(...) : String | semmle.label | source(...) : String | -| mad/Test.java:55:33:55:55 | (...)... | semmle.label | (...)... | -| mad/Test.java:55:48:55:55 | source(...) : String | semmle.label | source(...) : String | | mad/Test.java:56:40:56:54 | (...)... | semmle.label | (...)... | | mad/Test.java:56:47:56:54 | source(...) : String | semmle.label | source(...) : String | | mad/Test.java:58:33:58:47 | (...)... | semmle.label | (...)... | @@ -273,10 +265,8 @@ subpaths | mad/Test.java:46:24:46:38 | (...)... | mad/Test.java:29:16:29:36 | getHostName(...) : String | mad/Test.java:46:24:46:38 | (...)... | This path depends on a $@. | mad/Test.java:29:16:29:36 | getHostName(...) | user-provided value | | mad/Test.java:48:9:48:41 | new FileReader(...) | mad/Test.java:29:16:29:36 | getHostName(...) : String | mad/Test.java:48:24:48:40 | (...)... | This path depends on a $@. | mad/Test.java:29:16:29:36 | getHostName(...) | user-provided value | | mad/Test.java:50:20:50:34 | (...)... | mad/Test.java:29:16:29:36 | getHostName(...) : String | mad/Test.java:50:20:50:34 | (...)... | This path depends on a $@. | mad/Test.java:29:16:29:36 | getHostName(...) | user-provided value | -| mad/Test.java:51:20:51:34 | (...)... | mad/Test.java:29:16:29:36 | getHostName(...) : String | mad/Test.java:51:20:51:34 | (...)... | This path depends on a $@. | mad/Test.java:29:16:29:36 | getHostName(...) | user-provided value | -| mad/Test.java:52:20:52:41 | (...)... | mad/Test.java:29:16:29:36 | getHostName(...) : String | mad/Test.java:52:20:52:41 | (...)... | This path depends on a $@. | mad/Test.java:29:16:29:36 | getHostName(...) | user-provided value | +| mad/Test.java:52:20:52:34 | (...)... | mad/Test.java:29:16:29:36 | getHostName(...) : String | mad/Test.java:52:20:52:34 | (...)... | This path depends on a $@. | mad/Test.java:29:16:29:36 | getHostName(...) | user-provided value | | mad/Test.java:54:33:54:47 | (...)... | mad/Test.java:29:16:29:36 | getHostName(...) : String | mad/Test.java:54:33:54:47 | (...)... | This path depends on a $@. | mad/Test.java:29:16:29:36 | getHostName(...) | user-provided value | -| mad/Test.java:55:33:55:55 | (...)... | mad/Test.java:29:16:29:36 | getHostName(...) : String | mad/Test.java:55:33:55:55 | (...)... | This path depends on a $@. | mad/Test.java:29:16:29:36 | getHostName(...) | user-provided value | | mad/Test.java:56:40:56:54 | (...)... | mad/Test.java:29:16:29:36 | getHostName(...) : String | mad/Test.java:56:40:56:54 | (...)... | This path depends on a $@. | mad/Test.java:29:16:29:36 | getHostName(...) | user-provided value | | mad/Test.java:58:33:58:47 | (...)... | mad/Test.java:29:16:29:36 | getHostName(...) : String | mad/Test.java:58:33:58:47 | (...)... | This path depends on a $@. | mad/Test.java:29:16:29:36 | getHostName(...) | user-provided value | | mad/Test.java:60:31:60:45 | (...)... | mad/Test.java:29:16:29:36 | getHostName(...) : String | mad/Test.java:60:31:60:45 | (...)... | This path depends on a $@. | mad/Test.java:29:16:29:36 | getHostName(...) | user-provided value | diff --git a/java/ql/test/query-tests/security/CWE-022/semmle/tests/mad/Test.java b/java/ql/test/query-tests/security/CWE-022/semmle/tests/mad/Test.java index daa82c43a04..d936309e7b8 100644 --- a/java/ql/test/query-tests/security/CWE-022/semmle/tests/mad/Test.java +++ b/java/ql/test/query-tests/security/CWE-022/semmle/tests/mad/Test.java @@ -46,13 +46,13 @@ public class Test { new FileReader((File) source()); // "java.io;FileReader;true;FileReader;(String);;Argument[0];read-file;ai-generated" new FileReader((String) source()); - // "java.nio.file;Files;false;copy;;;Argument[0];read-file;manual" - Files.copy((Path) source(), (Path) null); + // "java.nio.file;Files;false;copy;(Path,OutputStream);;Argument[0];read-file;manual" Files.copy((Path) source(), (OutputStream) null); - Files.copy((InputStream) source(), null); - // "java.nio.file;Files;false;copy;;;Argument[1];create-file;manual" + // "java.nio.file;Files;false;copy;(Path,Path,CopyOption[]);;Argument[0];read-file;manual" + Files.copy((Path) source(), (Path) null); + // "java.nio.file;Files;false;copy;(Path,Path,CopyOption[]);;Argument[1];create-file;manual" Files.copy((Path) null, (Path) source()); - Files.copy((Path) null, (OutputStream) source()); + // "java.nio.file;Files;false;copy;(InputStream,Path,CopyOption[]);;Argument[1];create-file;manual" Files.copy((InputStream) null, (Path) source()); // "java.nio.file;Files;false;createDirectories;;;Argument[0];create-file;manual" Files.createDirectories((Path) source()); diff --git a/java/ql/test/query-tests/security/CWE-089/semmle/examples/SpringJdbc.java b/java/ql/test/query-tests/security/CWE-089/semmle/examples/SpringJdbc.java index c83d238576a..2772ce95536 100644 --- a/java/ql/test/query-tests/security/CWE-089/semmle/examples/SpringJdbc.java +++ b/java/ql/test/query-tests/security/CWE-089/semmle/examples/SpringJdbc.java @@ -1,7 +1,13 @@ import java.sql.ResultSet; import java.util.Map; import org.springframework.jdbc.core.JdbcTemplate; +import org.springframework.jdbc.core.namedparam.NamedParameterJdbcOperations; +import org.springframework.jdbc.core.namedparam.SqlParameterSource; +import org.springframework.jdbc.core.PreparedStatementCallback; +import org.springframework.jdbc.core.ResultSetExtractor; +import org.springframework.jdbc.core.RowCallbackHandler; import org.springframework.jdbc.core.RowMapper; +import org.springframework.jdbc.core.SqlParameter; import org.springframework.jdbc.object.BatchSqlUpdate; import org.springframework.jdbc.object.MappingSqlQueryWithParameters; import org.springframework.jdbc.object.SqlFunction; @@ -22,7 +28,7 @@ public class SpringJdbc { } } - public static void test(JdbcTemplate template) { + public static void test(JdbcTemplate template, NamedParameterJdbcOperations namedParamTemplate) { new BatchSqlUpdate(null, source()); // $ sqlInjection new SqlFunction(null, source()); // $ sqlInjection new SqlUpdate(null, source()); // $ sqlInjection @@ -39,6 +45,39 @@ public class SpringJdbc { template.queryForObject(source(), (Class)null); // $ sqlInjection template.queryForRowSet(source()); // $ sqlInjection template.queryForStream(source(), (RowMapper)null); // $ sqlInjection + + namedParamTemplate.batchUpdate(source(), (Map[]) null); // $ sqlInjection + namedParamTemplate.batchUpdate(source(), (SqlParameterSource[]) null); // $ sqlInjection + namedParamTemplate.execute(source(), (PreparedStatementCallback) null); // $ sqlInjection + namedParamTemplate.execute(source(), (Map) null, (PreparedStatementCallback) null); // $ sqlInjection + namedParamTemplate.execute(source(), (SqlParameterSource) null, (PreparedStatementCallback) null); // $ sqlInjection + namedParamTemplate.query(source(), (Map) null, (ResultSetExtractor) null); // $ sqlInjection + namedParamTemplate.query(source(), (Map) null, (RowMapper) null); // $ sqlInjection + namedParamTemplate.query(source(), (Map) null, (RowCallbackHandler) null); // $ sqlInjection + namedParamTemplate.query(source(), (SqlParameterSource) null, (ResultSetExtractor) null); // $ sqlInjection + namedParamTemplate.query(source(), (SqlParameterSource) null, (RowMapper) null); // $ sqlInjection + namedParamTemplate.query(source(), (SqlParameterSource) null, (RowCallbackHandler) null); // $ sqlInjection + namedParamTemplate.query(source(), (ResultSetExtractor) null); // $ sqlInjection + namedParamTemplate.query(source(), (RowMapper) null); // $ sqlInjection + namedParamTemplate.query(source(), (RowCallbackHandler) null); // $ sqlInjection + namedParamTemplate.queryForList(source(), (Map) null); // $ sqlInjection + namedParamTemplate.queryForList(source(), (Map) null, (Class) null); // $ sqlInjection + namedParamTemplate.queryForList(source(), (SqlParameterSource) null); // $ sqlInjection + namedParamTemplate.queryForList(source(), (SqlParameterSource) null, (Class) null); // $ sqlInjection + namedParamTemplate.queryForMap(source(), (Map) null); // $ sqlInjection + namedParamTemplate.queryForMap(source(), (SqlParameterSource) null); // $ sqlInjection + namedParamTemplate.queryForObject(source(), (Map) null, (Class) null); // $ sqlInjection + namedParamTemplate.queryForObject(source(), (Map) null, (RowMapper) null); // $ sqlInjection + namedParamTemplate.queryForObject(source(), (SqlParameterSource) null, (Class) null); // $ sqlInjection + namedParamTemplate.queryForObject(source(), (SqlParameterSource) null, (RowMapper) null); // $ sqlInjection + namedParamTemplate.queryForRowSet(source(), (Map) null); // $ sqlInjection + namedParamTemplate.queryForRowSet(source(), (SqlParameterSource) null); // $ sqlInjection + namedParamTemplate.queryForStream(source(), (Map) null, (RowMapper) null); // $ sqlInjection + namedParamTemplate.queryForStream(source(), (SqlParameterSource) null, (RowMapper) null); // $ sqlInjection + namedParamTemplate.update(source(), (Map) null); // $ sqlInjection + namedParamTemplate.update(source(), (SqlParameterSource) null); // $ sqlInjection + namedParamTemplate.update(source(), null, null); // $ sqlInjection + namedParamTemplate.update(source(), null, null, null); // $ sqlInjection } } \ No newline at end of file diff --git a/java/ql/test/query-tests/security/CWE-094/TemplateEngineTest.java b/java/ql/test/query-tests/security/CWE-094/TemplateEngineTest.java new file mode 100644 index 00000000000..dbf32494e10 --- /dev/null +++ b/java/ql/test/query-tests/security/CWE-094/TemplateEngineTest.java @@ -0,0 +1,30 @@ +import java.io.File; +import java.io.IOException; +import java.io.Reader; +import java.net.URL; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import groovy.text.TemplateEngine; + +public class TemplateEngineTest extends HttpServlet { + + private Object source(HttpServletRequest request) { + return request.getParameter("script"); + } + + protected void doGet(HttpServletRequest request, HttpServletResponse response) + throws ServletException, IOException { + try { + Object script = source(request); + TemplateEngine engine = null; + engine.createTemplate(request.getParameter("script")); // $ hasGroovyInjection + engine.createTemplate((File) script); // $ hasGroovyInjection + engine.createTemplate((Reader) script); // $ hasGroovyInjection + engine.createTemplate((URL) script); // $ hasGroovyInjection + } catch (Exception e) { + } + + } +} diff --git a/java/ql/test/query-tests/security/CWE-611/DigesterTests.java b/java/ql/test/query-tests/security/CWE-611/DigesterTests.java new file mode 100644 index 00000000000..bace07a9b30 --- /dev/null +++ b/java/ql/test/query-tests/security/CWE-611/DigesterTests.java @@ -0,0 +1,33 @@ +import java.io.BufferedReader; +import javax.servlet.ServletInputStream; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import org.apache.commons.digester3.Digester; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.PostMapping; + +@Controller +public class DigesterTests { + + @PostMapping(value = "bad") + public void bad1(HttpServletRequest request, HttpServletResponse response) throws Exception { + ServletInputStream servletInputStream = request.getInputStream(); + Digester digester = new Digester(); + digester.parse(servletInputStream); // $ hasTaintFlow + } + + @PostMapping(value = "good") + public void good1(HttpServletRequest request, HttpServletResponse response) throws Exception { + BufferedReader br = request.getReader(); + String str = ""; + StringBuilder listString = new StringBuilder(); + while ((str = br.readLine()) != null) { + listString.append(str); + } + Digester digester = new Digester(); + digester.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true); + digester.setFeature("http://xml.org/sax/features/external-general-entities", false); + digester.setFeature("http://xml.org/sax/features/external-parameter-entities", false); + digester.parse(listString.toString()); + } +} diff --git a/java/ql/test/query-tests/security/CWE-611/DocumentBuilderTests.java b/java/ql/test/query-tests/security/CWE-611/DocumentBuilderTests.java index 0018e41346a..98d95686301 100644 --- a/java/ql/test/query-tests/security/CWE-611/DocumentBuilderTests.java +++ b/java/ql/test/query-tests/security/CWE-611/DocumentBuilderTests.java @@ -11,42 +11,44 @@ class DocumentBuilderTests { public void unconfiguredParse(Socket sock) throws Exception { DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); DocumentBuilder builder = factory.newDocumentBuilder(); - builder.parse(sock.getInputStream()); //unsafe + builder.parse(sock.getInputStream()); // $ hasTaintFlow } public void disableDTD(Socket sock) throws Exception { DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); factory.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true); DocumentBuilder builder = factory.newDocumentBuilder(); - builder.parse(sock.getInputStream()); //safe + builder.parse(sock.getInputStream()); // safe } public void enableSecurityFeature(Socket sock) throws Exception { DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); DocumentBuilder builder = factory.newDocumentBuilder(); - builder.parse(sock.getInputStream()); //unsafe -- secure-processing by itself is insufficient + builder.parse(sock.getInputStream()); // $ hasTaintFlow -- secure-processing by itself is + // insufficient } public void enableSecurityFeature2(Socket sock) throws Exception { DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); factory.setFeature("http://javax.xml.XMLConstants/feature/secure-processing", true); DocumentBuilder builder = factory.newDocumentBuilder(); - builder.parse(sock.getInputStream()); //unsafe -- secure-processing by itself is insufficient + builder.parse(sock.getInputStream()); // $ hasTaintFlow -- secure-processing by itself is + // insufficient } public void enableDTD(Socket sock) throws Exception { DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); factory.setFeature("http://apache.org/xml/features/disallow-doctype-decl", false); DocumentBuilder builder = factory.newDocumentBuilder(); - builder.parse(sock.getInputStream()); //unsafe + builder.parse(sock.getInputStream()); // $ hasTaintFlow } public void disableSecurityFeature(Socket sock) throws Exception { DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); factory.setFeature("http://javax.xml.XMLConstants/feature/secure-processing", false); DocumentBuilder builder = factory.newDocumentBuilder(); - builder.parse(sock.getInputStream()); //unsafe + builder.parse(sock.getInputStream()); // $ hasTaintFlow } public void disableExternalEntities(Socket sock) throws Exception { @@ -54,21 +56,21 @@ class DocumentBuilderTests { factory.setFeature("http://xml.org/sax/features/external-parameter-entities", false); factory.setFeature("http://xml.org/sax/features/external-general-entities", false); DocumentBuilder builder = factory.newDocumentBuilder(); - builder.parse(sock.getInputStream()); //safe + builder.parse(sock.getInputStream()); // safe } public void partialDisableExternalEntities(Socket sock) throws Exception { DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); factory.setFeature("http://xml.org/sax/features/external-parameter-entities", false); DocumentBuilder builder = factory.newDocumentBuilder(); - builder.parse(sock.getInputStream()); //unsafe + builder.parse(sock.getInputStream()); // $ hasTaintFlow } public void partialDisableExternalEntities2(Socket sock) throws Exception { DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); factory.setFeature("http://xml.org/sax/features/external-general-entities", false); DocumentBuilder builder = factory.newDocumentBuilder(); - builder.parse(sock.getInputStream()); //unsafe + builder.parse(sock.getInputStream()); // $ hasTaintFlow } public void misConfigureExternalEntities1(Socket sock) throws Exception { @@ -76,7 +78,7 @@ class DocumentBuilderTests { factory.setFeature("http://xml.org/sax/features/external-parameter-entities", true); factory.setFeature("http://xml.org/sax/features/external-general-entities", false); DocumentBuilder builder = factory.newDocumentBuilder(); - builder.parse(sock.getInputStream()); //unsafe + builder.parse(sock.getInputStream()); // $ hasTaintFlow } public void misConfigureExternalEntities2(Socket sock) throws Exception { @@ -84,22 +86,22 @@ class DocumentBuilderTests { factory.setFeature("http://xml.org/sax/features/external-parameter-entities", false); factory.setFeature("http://xml.org/sax/features/external-general-entities", true); DocumentBuilder builder = factory.newDocumentBuilder(); - builder.parse(sock.getInputStream()); //unsafe + builder.parse(sock.getInputStream()); // $ hasTaintFlow } public void taintedSAXInputSource1(Socket sock) throws Exception { - DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); - DocumentBuilder builder = factory.newDocumentBuilder(); - SAXSource source = new SAXSource(new InputSource(sock.getInputStream())); - builder.parse(source.getInputSource()); //unsafe + DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); + DocumentBuilder builder = factory.newDocumentBuilder(); + SAXSource source = new SAXSource(new InputSource(sock.getInputStream())); + builder.parse(source.getInputSource()); // $ hasTaintFlow } public void taintedSAXInputSource2(Socket sock) throws Exception { - DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); - DocumentBuilder builder = factory.newDocumentBuilder(); - StreamSource source = new StreamSource(sock.getInputStream()); - builder.parse(SAXSource.sourceToInputSource(source)); //unsafe - builder.parse(source.getInputStream()); //unsafe + DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); + DocumentBuilder builder = factory.newDocumentBuilder(); + StreamSource source = new StreamSource(sock.getInputStream()); + builder.parse(SAXSource.sourceToInputSource(source)); // $ hasTaintFlow + builder.parse(source.getInputStream()); // $ hasTaintFlow } private static DocumentBuilderFactory getDocumentBuilderFactory() throws Exception { @@ -112,21 +114,22 @@ class DocumentBuilderTests { return factory; } - private static final ThreadLocal XML_DOCUMENT_BUILDER = new ThreadLocal() { - @Override - protected DocumentBuilder initialValue() { - try { - DocumentBuilderFactory factory = getDocumentBuilderFactory(); - return factory.newDocumentBuilder(); - } catch (Exception ex) { - throw new RuntimeException(ex); - } - } - }; + private static final ThreadLocal XML_DOCUMENT_BUILDER = + new ThreadLocal() { + @Override + protected DocumentBuilder initialValue() { + try { + DocumentBuilderFactory factory = getDocumentBuilderFactory(); + return factory.newDocumentBuilder(); + } catch (Exception ex) { + throw new RuntimeException(ex); + } + } + }; public void disableExternalEntities2(Socket sock) throws Exception { DocumentBuilder builder = XML_DOCUMENT_BUILDER.get(); - builder.parse(sock.getInputStream()); //safe + builder.parse(sock.getInputStream()); // safe } } diff --git a/java/ql/test/query-tests/security/CWE-611/ParserHelperTests.java b/java/ql/test/query-tests/security/CWE-611/ParserHelperTests.java new file mode 100644 index 00000000000..6b43c224d94 --- /dev/null +++ b/java/ql/test/query-tests/security/CWE-611/ParserHelperTests.java @@ -0,0 +1,14 @@ +import javax.servlet.http.HttpServletRequest; +import org.dom4j.Document; +import org.rundeck.api.parser.ParserHelper; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.PostMapping; + +@Controller +public class ParserHelperTests { + + @PostMapping(value = "bad4") + public void bad4(HttpServletRequest request) throws Exception { + Document document = ParserHelper.loadDocument(request.getInputStream()); // $ hasTaintFlow + } +} diff --git a/java/ql/test/query-tests/security/CWE-611/SAXBuilderTests.java b/java/ql/test/query-tests/security/CWE-611/SAXBuilderTests.java index c0a58bfc18d..2b25540b85b 100644 --- a/java/ql/test/query-tests/security/CWE-611/SAXBuilderTests.java +++ b/java/ql/test/query-tests/security/CWE-611/SAXBuilderTests.java @@ -5,18 +5,18 @@ public class SAXBuilderTests { public void unconfiguredSAXBuilder(Socket sock) throws Exception { SAXBuilder builder = new SAXBuilder(); - builder.build(sock.getInputStream()); //unsafe + builder.build(sock.getInputStream()); // $ hasTaintFlow } - + public void safeBuilder(Socket sock) throws Exception { SAXBuilder builder = new SAXBuilder(); - builder.setFeature("http://apache.org/xml/features/disallow-doctype-decl",true); - builder.build(sock.getInputStream()); //safe + builder.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true); + builder.build(sock.getInputStream()); // safe } public void misConfiguredBuilder(Socket sock) throws Exception { SAXBuilder builder = new SAXBuilder(); - builder.setFeature("http://apache.org/xml/features/disallow-doctype-decl",false); - builder.build(sock.getInputStream()); //unsafe + builder.setFeature("http://apache.org/xml/features/disallow-doctype-decl", false); + builder.build(sock.getInputStream()); // $ hasTaintFlow } } diff --git a/java/ql/test/query-tests/security/CWE-611/SAXParserTests.java b/java/ql/test/query-tests/security/CWE-611/SAXParserTests.java index f8079dd1bc8..a6de7709aed 100644 --- a/java/ql/test/query-tests/security/CWE-611/SAXParserTests.java +++ b/java/ql/test/query-tests/security/CWE-611/SAXParserTests.java @@ -6,78 +6,78 @@ import javax.xml.XMLConstants; import org.xml.sax.helpers.DefaultHandler; public class SAXParserTests { - + public void unconfiguredParser(Socket sock) throws Exception { SAXParserFactory factory = SAXParserFactory.newInstance(); SAXParser parser = factory.newSAXParser(); - parser.parse(sock.getInputStream(), new DefaultHandler()); //unsafe + parser.parse(sock.getInputStream(), new DefaultHandler()); // $ hasTaintFlow } - + public void safeParser(Socket sock) throws Exception { SAXParserFactory factory = SAXParserFactory.newInstance(); factory.setFeature("http://xml.org/sax/features/external-general-entities", false); factory.setFeature("http://xml.org/sax/features/external-parameter-entities", false); factory.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false); SAXParser parser = factory.newSAXParser(); - parser.parse(sock.getInputStream(), new DefaultHandler()); //safe + parser.parse(sock.getInputStream(), new DefaultHandler()); // safe } - + public void partialConfiguredParser1(Socket sock) throws Exception { SAXParserFactory factory = SAXParserFactory.newInstance(); factory.setFeature("http://xml.org/sax/features/external-general-entities", false); factory.setFeature("http://xml.org/sax/features/external-parameter-entities", false); SAXParser parser = factory.newSAXParser(); - parser.parse(sock.getInputStream(), new DefaultHandler()); //unsafe + parser.parse(sock.getInputStream(), new DefaultHandler()); // $ hasTaintFlow } - + public void partialConfiguredParser2(Socket sock) throws Exception { SAXParserFactory factory = SAXParserFactory.newInstance(); factory.setFeature("http://xml.org/sax/features/external-parameter-entities", false); factory.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false); SAXParser parser = factory.newSAXParser(); - parser.parse(sock.getInputStream(), new DefaultHandler()); //unsafe + parser.parse(sock.getInputStream(), new DefaultHandler()); // $ hasTaintFlow } - + public void partialConfiguredParser3(Socket sock) throws Exception { SAXParserFactory factory = SAXParserFactory.newInstance(); factory.setFeature("http://xml.org/sax/features/external-general-entities", false); factory.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false); SAXParser parser = factory.newSAXParser(); - parser.parse(sock.getInputStream(), new DefaultHandler()); //unsafe + parser.parse(sock.getInputStream(), new DefaultHandler()); // $ hasTaintFlow } - + public void misConfiguredParser1(Socket sock) throws Exception { SAXParserFactory factory = SAXParserFactory.newInstance(); factory.setFeature("http://xml.org/sax/features/external-general-entities", true); factory.setFeature("http://xml.org/sax/features/external-parameter-entities", false); factory.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false); SAXParser parser = factory.newSAXParser(); - parser.parse(sock.getInputStream(), new DefaultHandler()); //unsafe + parser.parse(sock.getInputStream(), new DefaultHandler()); // $ hasTaintFlow } - + public void misConfiguredParser2(Socket sock) throws Exception { SAXParserFactory factory = SAXParserFactory.newInstance(); factory.setFeature("http://xml.org/sax/features/external-general-entities", false); factory.setFeature("http://xml.org/sax/features/external-parameter-entities", true); factory.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false); SAXParser parser = factory.newSAXParser(); - parser.parse(sock.getInputStream(), new DefaultHandler()); //unsafe + parser.parse(sock.getInputStream(), new DefaultHandler()); // $ hasTaintFlow } - + public void misConfiguredParser3(Socket sock) throws Exception { SAXParserFactory factory = SAXParserFactory.newInstance(); factory.setFeature("http://xml.org/sax/features/external-general-entities", false); factory.setFeature("http://xml.org/sax/features/external-parameter-entities", false); factory.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", true); SAXParser parser = factory.newSAXParser(); - parser.parse(sock.getInputStream(), new DefaultHandler()); //unsafe + parser.parse(sock.getInputStream(), new DefaultHandler()); // $ hasTaintFlow } public void safeParser2(Socket sock) throws Exception { SAXParserFactory factory = SAXParserFactory.newInstance(); factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); - factory.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true); + factory.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true); SAXParser parser = factory.newSAXParser(); - parser.parse(sock.getInputStream(), new DefaultHandler()); //safe + parser.parse(sock.getInputStream(), new DefaultHandler()); // safe } } diff --git a/java/ql/test/query-tests/security/CWE-611/SAXReaderTests.java b/java/ql/test/query-tests/security/CWE-611/SAXReaderTests.java index ba0bfac5a29..f436074f65f 100644 --- a/java/ql/test/query-tests/security/CWE-611/SAXReaderTests.java +++ b/java/ql/test/query-tests/security/CWE-611/SAXReaderTests.java @@ -5,59 +5,59 @@ public class SAXReaderTests { public void unconfiguredReader(Socket sock) throws Exception { SAXReader reader = new SAXReader(); - reader.read(sock.getInputStream()); //unsafe + reader.read(sock.getInputStream()); // $ hasTaintFlow } - + public void safeReader(Socket sock) throws Exception { SAXReader reader = new SAXReader(); reader.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true); reader.setFeature("http://xml.org/sax/features/external-general-entities", false); - reader.setFeature("http://xml.org/sax/features/external-parameter-entities", false); - reader.read(sock.getInputStream()); //safe + reader.setFeature("http://xml.org/sax/features/external-parameter-entities", false); + reader.read(sock.getInputStream()); // safe } - + public void partialConfiguredReader1(Socket sock) throws Exception { SAXReader reader = new SAXReader(); reader.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true); reader.setFeature("http://xml.org/sax/features/external-general-entities", false); - reader.read(sock.getInputStream()); //unsafe + reader.read(sock.getInputStream()); // $ hasTaintFlow } - + public void partialConfiguredReader2(Socket sock) throws Exception { SAXReader reader = new SAXReader(); reader.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true); - reader.setFeature("http://xml.org/sax/features/external-parameter-entities", false); - reader.read(sock.getInputStream()); //unsafe + reader.setFeature("http://xml.org/sax/features/external-parameter-entities", false); + reader.read(sock.getInputStream()); // $ hasTaintFlow } - + public void partialConfiguredReader3(Socket sock) throws Exception { SAXReader reader = new SAXReader(); reader.setFeature("http://xml.org/sax/features/external-general-entities", false); - reader.setFeature("http://xml.org/sax/features/external-parameter-entities", false); - reader.read(sock.getInputStream()); //unsafe + reader.setFeature("http://xml.org/sax/features/external-parameter-entities", false); + reader.read(sock.getInputStream()); // $ hasTaintFlow } - + public void misConfiguredReader1(Socket sock) throws Exception { SAXReader reader = new SAXReader(); reader.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true); reader.setFeature("http://xml.org/sax/features/external-general-entities", true); - reader.setFeature("http://xml.org/sax/features/external-parameter-entities", false); - reader.read(sock.getInputStream()); //unsafe + reader.setFeature("http://xml.org/sax/features/external-parameter-entities", false); + reader.read(sock.getInputStream()); // $ hasTaintFlow } - + public void misConfiguredReader2(Socket sock) throws Exception { SAXReader reader = new SAXReader(); reader.setFeature("http://apache.org/xml/features/disallow-doctype-decl", false); reader.setFeature("http://xml.org/sax/features/external-general-entities", false); - reader.setFeature("http://xml.org/sax/features/external-parameter-entities", false); - reader.read(sock.getInputStream()); //unsafe + reader.setFeature("http://xml.org/sax/features/external-parameter-entities", false); + reader.read(sock.getInputStream()); // $ hasTaintFlow } - + public void misConfiguredReader3(Socket sock) throws Exception { SAXReader reader = new SAXReader(); reader.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true); reader.setFeature("http://xml.org/sax/features/external-general-entities", false); - reader.setFeature("http://xml.org/sax/features/external-parameter-entities", true); - reader.read(sock.getInputStream()); //unsafe + reader.setFeature("http://xml.org/sax/features/external-parameter-entities", true); + reader.read(sock.getInputStream()); // $ hasTaintFlow } } diff --git a/java/ql/test/query-tests/security/CWE-611/SAXSourceTests.java b/java/ql/test/query-tests/security/CWE-611/SAXSourceTests.java index 06a4b5a43f3..721f596457d 100644 --- a/java/ql/test/query-tests/security/CWE-611/SAXSourceTests.java +++ b/java/ql/test/query-tests/security/CWE-611/SAXSourceTests.java @@ -17,14 +17,14 @@ public class SAXSourceTests { SAXSource source = new SAXSource(reader, new InputSource(sock.getInputStream())); JAXBContext jc = JAXBContext.newInstance(Object.class); Unmarshaller um = jc.createUnmarshaller(); - um.unmarshal(source); // BAD + um.unmarshal(source); // $ hasTaintFlow } public void explicitlySafeSource1(Socket sock) throws Exception { XMLReader reader = XMLReaderFactory.createXMLReader(); reader.setFeature("http://xml.org/sax/features/external-general-entities", false); reader.setFeature("http://xml.org/sax/features/external-parameter-entities", false); - reader.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd",false); + reader.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false); SAXSource source = new SAXSource(reader, new InputSource(sock.getInputStream())); // GOOD } diff --git a/java/ql/test/query-tests/security/CWE-611/SchemaTests.java b/java/ql/test/query-tests/security/CWE-611/SchemaTests.java index f41e0017af1..d98aeb4a3ba 100644 --- a/java/ql/test/query-tests/security/CWE-611/SchemaTests.java +++ b/java/ql/test/query-tests/security/CWE-611/SchemaTests.java @@ -9,39 +9,39 @@ public class SchemaTests { public void unconfiguredSchemaFactory(Socket sock) throws Exception { SchemaFactory factory = SchemaFactory.newInstance("http://www.w3.org/2001/XMLSchema"); - Schema schema = factory.newSchema(new StreamSource(sock.getInputStream())); //unsafe + Schema schema = factory.newSchema(new StreamSource(sock.getInputStream())); // $ hasTaintFlow } public void safeSchemaFactory(Socket sock) throws Exception { SchemaFactory factory = SchemaFactory.newInstance("http://www.w3.org/2001/XMLSchema"); factory.setProperty(XMLConstants.ACCESS_EXTERNAL_DTD, ""); factory.setProperty(XMLConstants.ACCESS_EXTERNAL_SCHEMA, ""); - Schema schema = factory.newSchema(new StreamSource(sock.getInputStream())); //safe + Schema schema = factory.newSchema(new StreamSource(sock.getInputStream())); // safe } public void partialConfiguredSchemaFactory1(Socket sock) throws Exception { SchemaFactory factory = SchemaFactory.newInstance("http://www.w3.org/2001/XMLSchema"); factory.setProperty(XMLConstants.ACCESS_EXTERNAL_DTD, ""); - Schema schema = factory.newSchema(new StreamSource(sock.getInputStream())); //unsafe + Schema schema = factory.newSchema(new StreamSource(sock.getInputStream())); // $ hasTaintFlow } public void partialConfiguredSchemaFactory2(Socket sock) throws Exception { SchemaFactory factory = SchemaFactory.newInstance("http://www.w3.org/2001/XMLSchema"); factory.setProperty(XMLConstants.ACCESS_EXTERNAL_SCHEMA, ""); - Schema schema = factory.newSchema(new StreamSource(sock.getInputStream())); //unsafe + Schema schema = factory.newSchema(new StreamSource(sock.getInputStream())); // $ hasTaintFlow } public void misConfiguredSchemaFactory1(Socket sock) throws Exception { SchemaFactory factory = SchemaFactory.newInstance("http://www.w3.org/2001/XMLSchema"); factory.setProperty(XMLConstants.ACCESS_EXTERNAL_DTD, ""); factory.setProperty(XMLConstants.ACCESS_EXTERNAL_SCHEMA, "ab"); - Schema schema = factory.newSchema(new StreamSource(sock.getInputStream())); //unsafe + Schema schema = factory.newSchema(new StreamSource(sock.getInputStream())); // $ hasTaintFlow } public void misConfiguredSchemaFactory2(Socket sock) throws Exception { SchemaFactory factory = SchemaFactory.newInstance("http://www.w3.org/2001/XMLSchema"); factory.setProperty(XMLConstants.ACCESS_EXTERNAL_DTD, "cd"); factory.setProperty(XMLConstants.ACCESS_EXTERNAL_SCHEMA, ""); - Schema schema = factory.newSchema(new StreamSource(sock.getInputStream())); //unsafe + Schema schema = factory.newSchema(new StreamSource(sock.getInputStream())); // $ hasTaintFlow } } diff --git a/java/ql/test/query-tests/security/CWE-611/SimpleXMLTests.java b/java/ql/test/query-tests/security/CWE-611/SimpleXMLTests.java index baefeadfbe6..65c759acbf4 100644 --- a/java/ql/test/query-tests/security/CWE-611/SimpleXMLTests.java +++ b/java/ql/test/query-tests/security/CWE-611/SimpleXMLTests.java @@ -11,145 +11,145 @@ public class SimpleXMLTests { public void persisterValidate1(Socket sock) throws Exception { Persister persister = new Persister(); - persister.validate(this.getClass(), sock.getInputStream()); + persister.validate(this.getClass(), sock.getInputStream()); // $ hasTaintFlow } - + public void persisterValidate2(Socket sock) throws Exception { Persister persister = new Persister(); - persister.validate(this.getClass(), sock.getInputStream(), true); + persister.validate(this.getClass(), sock.getInputStream(), true); // $ hasTaintFlow } public void persisterValidate3(Socket sock) throws Exception { Persister persister = new Persister(); - persister.validate(this.getClass(), new InputStreamReader(sock.getInputStream())); + persister.validate(this.getClass(), new InputStreamReader(sock.getInputStream())); // $ hasTaintFlow } public void persisterValidate4(Socket sock) throws Exception { Persister persister = new Persister(); - byte[] b = new byte[]{}; + byte[] b = new byte[] {}; sock.getInputStream().read(b); - persister.validate(this.getClass(), new String(b)); + persister.validate(this.getClass(), new String(b)); // $ hasTaintFlow } public void persisterValidate5(Socket sock) throws Exception { Persister persister = new Persister(); - byte[] b = new byte[]{}; + byte[] b = new byte[] {}; sock.getInputStream().read(b); - persister.validate(this.getClass(), new String(b), true); + persister.validate(this.getClass(), new String(b), true); // $ hasTaintFlow } public void persisterValidate6(Socket sock) throws Exception { Persister persister = new Persister(); - persister.validate(this.getClass(), new InputStreamReader(sock.getInputStream()), true); + persister.validate(this.getClass(), new InputStreamReader(sock.getInputStream()), true); // $ hasTaintFlow } public void persisterRead1(Socket sock) throws Exception { Persister persister = new Persister(); - persister.read(this.getClass(), sock.getInputStream()); + persister.read(this.getClass(), sock.getInputStream()); // $ hasTaintFlow } - + public void persisterRead2(Socket sock) throws Exception { Persister persister = new Persister(); - persister.read(this.getClass(), sock.getInputStream(), true); + persister.read(this.getClass(), sock.getInputStream(), true); // $ hasTaintFlow } - + public void persisterRead3(Socket sock) throws Exception { Persister persister = new Persister(); - persister.read(this, sock.getInputStream()); + persister.read(this, sock.getInputStream()); // $ hasTaintFlow } - + public void persisterRead4(Socket sock) throws Exception { Persister persister = new Persister(); - persister.read(this, sock.getInputStream(), true); + persister.read(this, sock.getInputStream(), true); // $ hasTaintFlow } - + public void persisterRead5(Socket sock) throws Exception { Persister persister = new Persister(); - persister.read(this.getClass(), new InputStreamReader(sock.getInputStream())); + persister.read(this.getClass(), new InputStreamReader(sock.getInputStream())); // $ hasTaintFlow } public void persisterRead6(Socket sock) throws Exception { Persister persister = new Persister(); - persister.read(this.getClass(), new InputStreamReader(sock.getInputStream()), true); + persister.read(this.getClass(), new InputStreamReader(sock.getInputStream()), true); // $ hasTaintFlow } public void persisterRead7(Socket sock) throws Exception { Persister persister = new Persister(); - persister.read(this, new InputStreamReader(sock.getInputStream())); + persister.read(this, new InputStreamReader(sock.getInputStream())); // $ hasTaintFlow } public void persisterRead8(Socket sock) throws Exception { Persister persister = new Persister(); - persister.read(this, new InputStreamReader(sock.getInputStream()), true); + persister.read(this, new InputStreamReader(sock.getInputStream()), true); // $ hasTaintFlow } - + public void persisterRead9(Socket sock) throws Exception { Persister persister = new Persister(); - byte[] b = new byte[]{}; + byte[] b = new byte[] {}; sock.getInputStream().read(b); - persister.read(this.getClass(), new String(b)); + persister.read(this.getClass(), new String(b)); // $ hasTaintFlow } - + public void persisterRead10(Socket sock) throws Exception { Persister persister = new Persister(); - byte[] b = new byte[]{}; + byte[] b = new byte[] {}; sock.getInputStream().read(b); - persister.read(this.getClass(), new String(b), true); + persister.read(this.getClass(), new String(b), true); // $ hasTaintFlow } - + public void persisterRead11(Socket sock) throws Exception { Persister persister = new Persister(); - byte[] b = new byte[]{}; + byte[] b = new byte[] {}; sock.getInputStream().read(b); - persister.read(this, new String(b)); + persister.read(this, new String(b)); // $ hasTaintFlow } - + public void persisterRead12(Socket sock) throws Exception { Persister persister = new Persister(); - byte[] b = new byte[]{}; + byte[] b = new byte[] {}; sock.getInputStream().read(b); - persister.read(this, new String(b), true); + persister.read(this, new String(b), true); // $ hasTaintFlow } - + public void nodeBuilderRead1(Socket sock) throws Exception { - NodeBuilder.read(sock.getInputStream()); + NodeBuilder.read(sock.getInputStream()); // $ hasTaintFlow } - + public void nodeBuilderRead2(Socket sock) throws Exception { - NodeBuilder.read(new InputStreamReader(sock.getInputStream())); + NodeBuilder.read(new InputStreamReader(sock.getInputStream())); // $ hasTaintFlow } - + public void documentProviderProvide1(Socket sock) throws Exception { DocumentProvider provider = new DocumentProvider(); - provider.provide(sock.getInputStream()); + provider.provide(sock.getInputStream()); // $ hasTaintFlow } - + public void documentProviderProvide2(Socket sock) throws Exception { DocumentProvider provider = new DocumentProvider(); - provider.provide(new InputStreamReader(sock.getInputStream())); + provider.provide(new InputStreamReader(sock.getInputStream())); // $ hasTaintFlow } public void streamProviderProvide1(Socket sock) throws Exception { StreamProvider provider = new StreamProvider(); - provider.provide(sock.getInputStream()); + provider.provide(sock.getInputStream()); // $ hasTaintFlow } public void streamProviderProvide2(Socket sock) throws Exception { StreamProvider provider = new StreamProvider(); - provider.provide(new InputStreamReader(sock.getInputStream())); + provider.provide(new InputStreamReader(sock.getInputStream())); // $ hasTaintFlow } public void formatterFormat1(Socket sock) throws Exception { Formatter formatter = new Formatter(); - byte[] b = new byte[]{}; + byte[] b = new byte[] {}; sock.getInputStream().read(b); - formatter.format(new String(b), null); + formatter.format(new String(b), null); // $ hasTaintFlow } - + public void formatterFormat2(Socket sock) throws Exception { Formatter formatter = new Formatter(); - byte[] b = new byte[]{}; + byte[] b = new byte[] {}; sock.getInputStream().read(b); - formatter.format(new String(b)); + formatter.format(new String(b)); // $ hasTaintFlow } } diff --git a/java/ql/test/query-tests/security/CWE-611/TransformerTests.java b/java/ql/test/query-tests/security/CWE-611/TransformerTests.java index 696d00c3fcf..afba1790f0c 100644 --- a/java/ql/test/query-tests/security/CWE-611/TransformerTests.java +++ b/java/ql/test/query-tests/security/CWE-611/TransformerTests.java @@ -17,8 +17,8 @@ public class TransformerTests { public void unconfiguredTransformerFactory(Socket sock) throws Exception { TransformerFactory tf = TransformerFactory.newInstance(); Transformer transformer = tf.newTransformer(); - transformer.transform(new StreamSource(sock.getInputStream()), null); //unsafe - tf.newTransformer(new StreamSource(sock.getInputStream())); //unsafe + transformer.transform(new StreamSource(sock.getInputStream()), null); // $ hasTaintFlow + tf.newTransformer(new StreamSource(sock.getInputStream())); // $ hasTaintFlow } public void safeTransformerFactory1(Socket sock) throws Exception { @@ -26,8 +26,8 @@ public class TransformerTests { tf.setAttribute("http://javax.xml.XMLConstants/property/accessExternalDTD", ""); tf.setAttribute("http://javax.xml.XMLConstants/property/accessExternalStylesheet", ""); Transformer transformer = tf.newTransformer(); - transformer.transform(new StreamSource(sock.getInputStream()), null); //safe - tf.newTransformer(new StreamSource(sock.getInputStream())); //safe + transformer.transform(new StreamSource(sock.getInputStream()), null); // safe + tf.newTransformer(new StreamSource(sock.getInputStream())); // safe } public void safeTransformerFactory2(Socket sock) throws Exception { @@ -35,49 +35,49 @@ public class TransformerTests { tf.setAttribute(XMLConstants.ACCESS_EXTERNAL_DTD, ""); tf.setAttribute(XMLConstants.ACCESS_EXTERNAL_STYLESHEET, ""); Transformer transformer = tf.newTransformer(); - transformer.transform(new StreamSource(sock.getInputStream()), null); //safe - tf.newTransformer(new StreamSource(sock.getInputStream())); //safe + transformer.transform(new StreamSource(sock.getInputStream()), null); // safe + tf.newTransformer(new StreamSource(sock.getInputStream())); // safe } public void safeTransformerFactory3(Socket sock) throws Exception { - TransformerFactory tf = TransformerFactory.newInstance(); - Transformer transformer = tf.newTransformer(); + TransformerFactory tf = TransformerFactory.newInstance(); + Transformer transformer = tf.newTransformer(); XMLReader reader = XMLReaderFactory.createXMLReader(); reader.setFeature("http://xml.org/sax/features/external-general-entities", false); reader.setFeature("http://xml.org/sax/features/external-parameter-entities", false); - reader.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd",false); - SAXSource source = new SAXSource(reader, new InputSource(sock.getInputStream())); //safe - transformer.transform(source, null); //safe - tf.newTransformer(source); //safe + reader.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false); + SAXSource source = new SAXSource(reader, new InputSource(sock.getInputStream())); // safe + transformer.transform(source, null); // safe + tf.newTransformer(source); // safe } public void safeTransformerFactory4(Socket sock) throws Exception { - TransformerFactory tf = TransformerFactory.newInstance(); - Transformer transformer = tf.newTransformer(); + TransformerFactory tf = TransformerFactory.newInstance(); + Transformer transformer = tf.newTransformer(); XMLReader reader = XMLReaderFactory.createXMLReader(); reader.setFeature("http://xml.org/sax/features/external-general-entities", false); reader.setFeature("http://xml.org/sax/features/external-parameter-entities", false); - reader.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd",false); + reader.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false); SAXSource source = new SAXSource(new InputSource(sock.getInputStream())); source.setXMLReader(reader); - transformer.transform(source, null); //safe - tf.newTransformer(source); //safe + transformer.transform(source, null); // safe + tf.newTransformer(source); // safe } public void partialConfiguredTransformerFactory1(Socket sock) throws Exception { TransformerFactory tf = TransformerFactory.newInstance(); tf.setAttribute(XMLConstants.ACCESS_EXTERNAL_DTD, ""); Transformer transformer = tf.newTransformer(); - transformer.transform(new StreamSource(sock.getInputStream()), null); //unsafe - tf.newTransformer(new StreamSource(sock.getInputStream())); //unsafe + transformer.transform(new StreamSource(sock.getInputStream()), null); // $ hasTaintFlow + tf.newTransformer(new StreamSource(sock.getInputStream())); // $ hasTaintFlow } public void partialConfiguredTransformerFactory2(Socket sock) throws Exception { TransformerFactory tf = TransformerFactory.newInstance(); tf.setAttribute(XMLConstants.ACCESS_EXTERNAL_STYLESHEET, ""); Transformer transformer = tf.newTransformer(); - transformer.transform(new StreamSource(sock.getInputStream()), null); //unsafe - tf.newTransformer(new StreamSource(sock.getInputStream())); //unsafe + transformer.transform(new StreamSource(sock.getInputStream()), null); // $ hasTaintFlow + tf.newTransformer(new StreamSource(sock.getInputStream())); // $ hasTaintFlow } public void misConfiguredTransformerFactory1(Socket sock) throws Exception { @@ -85,8 +85,8 @@ public class TransformerTests { Transformer transformer = tf.newTransformer(); tf.setAttribute(XMLConstants.ACCESS_EXTERNAL_DTD, "ab"); tf.setAttribute(XMLConstants.ACCESS_EXTERNAL_STYLESHEET, ""); - transformer.transform(new StreamSource(sock.getInputStream()), null); //unsafe - tf.newTransformer(new StreamSource(sock.getInputStream())); //unsafe + transformer.transform(new StreamSource(sock.getInputStream()), null); // $ hasTaintFlow + tf.newTransformer(new StreamSource(sock.getInputStream())); // $ hasTaintFlow } public void misConfiguredTransformerFactory2(Socket sock) throws Exception { @@ -94,50 +94,50 @@ public class TransformerTests { Transformer transformer = tf.newTransformer(); tf.setAttribute(XMLConstants.ACCESS_EXTERNAL_DTD, ""); tf.setAttribute(XMLConstants.ACCESS_EXTERNAL_STYLESHEET, "cd"); - transformer.transform(new StreamSource(sock.getInputStream()), null); //unsafe - tf.newTransformer(new StreamSource(sock.getInputStream())); //unsafe + transformer.transform(new StreamSource(sock.getInputStream()), null); // $ hasTaintFlow + tf.newTransformer(new StreamSource(sock.getInputStream())); // $ hasTaintFlow } public void unconfiguredSAXTransformerFactory(Socket sock) throws Exception { - SAXTransformerFactory sf = (SAXTransformerFactory)SAXTransformerFactory.newInstance(); - sf.newXMLFilter(new StreamSource(sock.getInputStream())); //unsafe + SAXTransformerFactory sf = (SAXTransformerFactory) SAXTransformerFactory.newInstance(); + sf.newXMLFilter(new StreamSource(sock.getInputStream())); // $ hasTaintFlow } public void safeSAXTransformerFactory(Socket sock) throws Exception { - SAXTransformerFactory sf = (SAXTransformerFactory)SAXTransformerFactory.newInstance(); + SAXTransformerFactory sf = (SAXTransformerFactory) SAXTransformerFactory.newInstance(); sf.setAttribute(XMLConstants.ACCESS_EXTERNAL_DTD, ""); sf.setAttribute(XMLConstants.ACCESS_EXTERNAL_STYLESHEET, ""); - sf.newXMLFilter(new StreamSource(sock.getInputStream())); //safe + sf.newXMLFilter(new StreamSource(sock.getInputStream())); // safe } public void partialConfiguredSAXTransformerFactory1(Socket sock) throws Exception { - SAXTransformerFactory sf = (SAXTransformerFactory)SAXTransformerFactory.newInstance(); + SAXTransformerFactory sf = (SAXTransformerFactory) SAXTransformerFactory.newInstance(); sf.setAttribute(XMLConstants.ACCESS_EXTERNAL_DTD, ""); - sf.newXMLFilter(new StreamSource(sock.getInputStream())); //unsafe + sf.newXMLFilter(new StreamSource(sock.getInputStream())); // $ hasTaintFlow } public void partialConfiguredSAXTransformerFactory2(Socket sock) throws Exception { - SAXTransformerFactory sf = (SAXTransformerFactory)SAXTransformerFactory.newInstance(); + SAXTransformerFactory sf = (SAXTransformerFactory) SAXTransformerFactory.newInstance(); sf.setAttribute(XMLConstants.ACCESS_EXTERNAL_STYLESHEET, ""); - sf.newXMLFilter(new StreamSource(sock.getInputStream())); //unsafe + sf.newXMLFilter(new StreamSource(sock.getInputStream())); // $ hasTaintFlow } public void misConfiguredSAXTransformerFactory1(Socket sock) throws Exception { - SAXTransformerFactory sf = (SAXTransformerFactory)SAXTransformerFactory.newInstance(); + SAXTransformerFactory sf = (SAXTransformerFactory) SAXTransformerFactory.newInstance(); sf.setAttribute(XMLConstants.ACCESS_EXTERNAL_DTD, "ab"); sf.setAttribute(XMLConstants.ACCESS_EXTERNAL_STYLESHEET, ""); - sf.newXMLFilter(new StreamSource(sock.getInputStream())); //unsafe + sf.newXMLFilter(new StreamSource(sock.getInputStream())); // $ hasTaintFlow } public void misConfiguredSAXTransformerFactory2(Socket sock) throws Exception { - SAXTransformerFactory sf = (SAXTransformerFactory)SAXTransformerFactory.newInstance(); + SAXTransformerFactory sf = (SAXTransformerFactory) SAXTransformerFactory.newInstance(); sf.setAttribute(XMLConstants.ACCESS_EXTERNAL_DTD, ""); sf.setAttribute(XMLConstants.ACCESS_EXTERNAL_STYLESHEET, "cd"); - sf.newXMLFilter(new StreamSource(sock.getInputStream())); //unsafe + sf.newXMLFilter(new StreamSource(sock.getInputStream())); // $ hasTaintFlow } public void taintedSAXSource(Socket sock) throws Exception { - SAXTransformerFactory sf = (SAXTransformerFactory)SAXTransformerFactory.newInstance(); - sf.newXMLFilter(new SAXSource(new InputSource(sock.getInputStream()))); //unsafe + SAXTransformerFactory sf = (SAXTransformerFactory) SAXTransformerFactory.newInstance(); + sf.newXMLFilter(new SAXSource(new InputSource(sock.getInputStream()))); // $ hasTaintFlow } } diff --git a/java/ql/test/query-tests/security/CWE-611/UnmarshallerTests.java b/java/ql/test/query-tests/security/CWE-611/UnmarshallerTests.java index f29018d599a..54efa567aa3 100644 --- a/java/ql/test/query-tests/security/CWE-611/UnmarshallerTests.java +++ b/java/ql/test/query-tests/security/CWE-611/UnmarshallerTests.java @@ -16,15 +16,16 @@ public class UnmarshallerTests { spf.setFeature("http://xml.org/sax/features/external-parameter-entities", false); spf.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false); JAXBContext jc = JAXBContext.newInstance(Object.class); - Source xmlSource = new SAXSource(spf.newSAXParser().getXMLReader(), new InputSource(sock.getInputStream())); + Source xmlSource = + new SAXSource(spf.newSAXParser().getXMLReader(), new InputSource(sock.getInputStream())); Unmarshaller um = jc.createUnmarshaller(); - um.unmarshal(xmlSource); //safe + um.unmarshal(xmlSource); // safe } public void unsafeUnmarshal(Socket sock) throws Exception { SAXParserFactory spf = SAXParserFactory.newInstance(); JAXBContext jc = JAXBContext.newInstance(Object.class); Unmarshaller um = jc.createUnmarshaller(); - um.unmarshal(sock.getInputStream()); //unsafe + um.unmarshal(sock.getInputStream()); // $ hasTaintFlow } } diff --git a/java/ql/test/query-tests/security/CWE-611/ValidatorTests.java b/java/ql/test/query-tests/security/CWE-611/ValidatorTests.java new file mode 100644 index 00000000000..091be21676a --- /dev/null +++ b/java/ql/test/query-tests/security/CWE-611/ValidatorTests.java @@ -0,0 +1,41 @@ +import java.io.BufferedReader; +import javax.servlet.ServletInputStream; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.xml.transform.stream.StreamSource; +import javax.xml.validation.Schema; +import javax.xml.validation.SchemaFactory; +import javax.xml.validation.Validator; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.PostMapping; + +@Controller +public class ValidatorTests { + + @PostMapping(value = "bad") + public void bad2(HttpServletRequest request) throws Exception { + ServletInputStream servletInputStream = request.getInputStream(); + SchemaFactory factory = SchemaFactory.newInstance("http://www.w3.org/2001/XMLSchema"); + Schema schema = factory.newSchema(); + Validator validator = schema.newValidator(); + StreamSource source = new StreamSource(servletInputStream); + validator.validate(source); // $ hasTaintFlow + } + + @PostMapping(value = "good") + public void good2(HttpServletRequest request, HttpServletResponse response) throws Exception { + BufferedReader br = request.getReader(); + String str = ""; + StringBuilder listString = new StringBuilder(); + while ((str = br.readLine()) != null) { + listString.append(str).append("\n"); + } + SchemaFactory factory = SchemaFactory.newInstance("http://www.w3.org/2001/XMLSchema"); + Schema schema = factory.newSchema(); + Validator validator = schema.newValidator(); + validator.setProperty("http://javax.xml.XMLConstants/property/accessExternalDTD", ""); + validator.setProperty("http://javax.xml.XMLConstants/property/accessExternalSchema", ""); + StreamSource source = new StreamSource(listString.toString()); + validator.validate(source); + } +} diff --git a/java/ql/test/query-tests/security/CWE-611/XMLDecoderTests.java b/java/ql/test/query-tests/security/CWE-611/XMLDecoderTests.java new file mode 100644 index 00000000000..8e75ebc1401 --- /dev/null +++ b/java/ql/test/query-tests/security/CWE-611/XMLDecoderTests.java @@ -0,0 +1,32 @@ +import java.beans.XMLDecoder; +import java.io.BufferedReader; +import javax.servlet.ServletInputStream; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import org.dom4j.Document; +import org.dom4j.DocumentHelper; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.PostMapping; + +@Controller +public class XMLDecoderTests { + + @PostMapping(value = "bad") + public void bad3(HttpServletRequest request) throws Exception { + ServletInputStream servletInputStream = request.getInputStream(); + XMLDecoder xmlDecoder = new XMLDecoder(servletInputStream); + xmlDecoder.readObject(); // $ hasTaintFlow + } + + @PostMapping(value = "good") + public void good3(HttpServletRequest request) throws Exception { + BufferedReader br = request.getReader(); + String str = ""; + StringBuilder listString = new StringBuilder(); + while ((str = br.readLine()) != null) { + listString.append(str).append("\n"); + } + // parseText falls back to a default SAXReader, which is safe + Document document = DocumentHelper.parseText(listString.toString()); // Safe + } +} diff --git a/java/ql/test/query-tests/security/CWE-611/XMLReaderTests.java b/java/ql/test/query-tests/security/CWE-611/XMLReaderTests.java index 9f63e64d0c9..15536b766b7 100644 --- a/java/ql/test/query-tests/security/CWE-611/XMLReaderTests.java +++ b/java/ql/test/query-tests/security/CWE-611/XMLReaderTests.java @@ -13,23 +13,23 @@ public class XMLReaderTests { public void unconfiguredReader(Socket sock) throws Exception { XMLReader reader = XMLReaderFactory.createXMLReader(); - reader.parse(new InputSource(sock.getInputStream())); //unsafe + reader.parse(new InputSource(sock.getInputStream())); // $ hasTaintFlow } public void safeReaderFromConfig1(Socket sock) throws Exception { XMLReader reader = XMLReaderFactory.createXMLReader(); reader.setFeature("http://xml.org/sax/features/external-general-entities", false); reader.setFeature("http://xml.org/sax/features/external-parameter-entities", false); - reader.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd",false); - reader.parse(new InputSource(sock.getInputStream())); //safe + reader.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false); + reader.parse(new InputSource(sock.getInputStream())); // safe } public void safeReaderFromConfig2(Socket sock) throws Exception { XMLReader reader = XMLReaderFactory.createXMLReader(); reader.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true); - reader.parse(new InputSource(sock.getInputStream())); //safe + reader.parse(new InputSource(sock.getInputStream())); // safe } - + public void safeReaderFromSAXParser(Socket sock) throws Exception { SAXParserFactory factory = SAXParserFactory.newInstance(); factory.setFeature("http://xml.org/sax/features/external-general-entities", false); @@ -37,66 +37,66 @@ public class XMLReaderTests { factory.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false); SAXParser parser = factory.newSAXParser(); XMLReader reader = parser.getXMLReader(); - reader.parse(new InputSource(sock.getInputStream())); //safe + reader.parse(new InputSource(sock.getInputStream())); // safe } public void safeReaderFromSAXReader(Socket sock) throws Exception { SAXReader reader = new SAXReader(); reader.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true); reader.setFeature("http://xml.org/sax/features/external-general-entities", false); - reader.setFeature("http://xml.org/sax/features/external-parameter-entities", false); + reader.setFeature("http://xml.org/sax/features/external-parameter-entities", false); XMLReader xmlReader = reader.getXMLReader(); - xmlReader.parse(new InputSource(sock.getInputStream())); //safe + xmlReader.parse(new InputSource(sock.getInputStream())); // safe } public void partialConfiguredXMLReader1(Socket sock) throws Exception { XMLReader reader = XMLReaderFactory.createXMLReader(); reader.setFeature("http://xml.org/sax/features/external-general-entities", false); reader.setFeature("http://xml.org/sax/features/external-parameter-entities", false); - reader.parse(new InputSource(sock.getInputStream())); //unsafe + reader.parse(new InputSource(sock.getInputStream())); // $ hasTaintFlow } public void partialConfiguredXMLReader2(Socket sock) throws Exception { XMLReader reader = XMLReaderFactory.createXMLReader(); reader.setFeature("http://xml.org/sax/features/external-general-entities", false); - reader.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd",false); - reader.parse(new InputSource(sock.getInputStream())); //unsafe + reader.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false); + reader.parse(new InputSource(sock.getInputStream())); // $ hasTaintFlow } public void partilaConfiguredXMLReader3(Socket sock) throws Exception { XMLReader reader = XMLReaderFactory.createXMLReader(); reader.setFeature("http://xml.org/sax/features/external-parameter-entities", false); - reader.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd",false); - reader.parse(new InputSource(sock.getInputStream())); //unsafe + reader.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false); + reader.parse(new InputSource(sock.getInputStream())); // $ hasTaintFlow } public void misConfiguredXMLReader1(Socket sock) throws Exception { XMLReader reader = XMLReaderFactory.createXMLReader(); reader.setFeature("http://xml.org/sax/features/external-general-entities", true); reader.setFeature("http://xml.org/sax/features/external-parameter-entities", false); - reader.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd",false); - reader.parse(new InputSource(sock.getInputStream())); //unsafe + reader.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false); + reader.parse(new InputSource(sock.getInputStream())); // $ hasTaintFlow } public void misConfiguredXMLReader2(Socket sock) throws Exception { XMLReader reader = XMLReaderFactory.createXMLReader(); reader.setFeature("http://xml.org/sax/features/external-general-entities", false); reader.setFeature("http://xml.org/sax/features/external-parameter-entities", true); - reader.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd",false); - reader.parse(new InputSource(sock.getInputStream())); //unsafe + reader.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false); + reader.parse(new InputSource(sock.getInputStream())); // $ hasTaintFlow } public void misConfiguredXMLReader3(Socket sock) throws Exception { XMLReader reader = XMLReaderFactory.createXMLReader(); reader.setFeature("http://xml.org/sax/features/external-general-entities", false); reader.setFeature("http://xml.org/sax/features/external-parameter-entities", false); - reader.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", true); - reader.parse(new InputSource(sock.getInputStream())); //unsafe + reader.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", true); + reader.parse(new InputSource(sock.getInputStream())); // $ hasTaintFlow } - + public void misConfiguredXMLReader4(Socket sock) throws Exception { XMLReader reader = XMLReaderFactory.createXMLReader(); reader.setFeature("http://apache.org/xml/features/disallow-doctype-decl", false); - reader.parse(new InputSource(sock.getInputStream())); //unsafe + reader.parse(new InputSource(sock.getInputStream())); // $ hasTaintFlow } } diff --git a/java/ql/test/query-tests/security/CWE-611/XPathExpressionTests.java b/java/ql/test/query-tests/security/CWE-611/XPathExpressionTests.java index 1d67b9a055f..088fdb9afd6 100644 --- a/java/ql/test/query-tests/security/CWE-611/XPathExpressionTests.java +++ b/java/ql/test/query-tests/security/CWE-611/XPathExpressionTests.java @@ -12,18 +12,33 @@ public class XPathExpressionTests { public void safeXPathExpression(Socket sock) throws Exception { DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); - factory.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true); - DocumentBuilder builder = factory.newDocumentBuilder(); - XPathFactory xFactory = XPathFactory.newInstance(); - XPath path = xFactory.newXPath(); - XPathExpression expr = path.compile(""); - expr.evaluate(builder.parse(sock.getInputStream())); //safe + factory.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true); + DocumentBuilder builder = factory.newDocumentBuilder(); + XPathFactory xFactory = XPathFactory.newInstance(); + XPath path = xFactory.newXPath(); + XPathExpression expr = path.compile(""); + expr.evaluate(builder.parse(sock.getInputStream())); // safe } public void unsafeExpressionTests(Socket sock) throws Exception { - XPathFactory xFactory = XPathFactory.newInstance(); - XPath path = xFactory.newXPath(); - XPathExpression expr = path.compile(""); - expr.evaluate(new InputSource(sock.getInputStream())); //unsafe + XPathFactory xFactory = XPathFactory.newInstance(); + XPath path = xFactory.newXPath(); + XPathExpression expr = path.compile(""); + expr.evaluate(new InputSource(sock.getInputStream())); // $ hasTaintFlow + } + + public void safeXPathEvaluateTest(Socket sock) throws Exception { + DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); + factory.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true); + DocumentBuilder builder = factory.newDocumentBuilder(); + XPathFactory xFactory = XPathFactory.newInstance(); + XPath path = xFactory.newXPath(); + path.evaluate("", builder.parse(sock.getInputStream())); // safe + } + + public void unsafeXPathEvaluateTest(Socket sock) throws Exception { + XPathFactory xFactory = XPathFactory.newInstance(); + XPath path = xFactory.newXPath(); + path.evaluate("", new InputSource(sock.getInputStream())); // $ hasTaintFlow } } diff --git a/java/ql/test/query-tests/security/CWE-611/XXE.expected b/java/ql/test/query-tests/security/CWE-611/XXE.expected index 6304e3582a2..e69de29bb2d 100644 --- a/java/ql/test/query-tests/security/CWE-611/XXE.expected +++ b/java/ql/test/query-tests/security/CWE-611/XXE.expected @@ -1,351 +0,0 @@ -edges -| DocumentBuilderTests.java:93:21:93:73 | new SAXSource(...) : SAXSource | DocumentBuilderTests.java:94:16:94:21 | source : SAXSource | -| DocumentBuilderTests.java:93:35:93:72 | new InputSource(...) : InputSource | DocumentBuilderTests.java:93:21:93:73 | new SAXSource(...) : SAXSource | -| DocumentBuilderTests.java:93:51:93:71 | getInputStream(...) : InputStream | DocumentBuilderTests.java:93:35:93:72 | new InputSource(...) : InputSource | -| DocumentBuilderTests.java:94:16:94:21 | source : SAXSource | DocumentBuilderTests.java:94:16:94:38 | getInputSource(...) | -| DocumentBuilderTests.java:100:24:100:62 | new StreamSource(...) : StreamSource | DocumentBuilderTests.java:101:46:101:51 | source : StreamSource | -| DocumentBuilderTests.java:100:24:100:62 | new StreamSource(...) : StreamSource | DocumentBuilderTests.java:102:16:102:21 | source : StreamSource | -| DocumentBuilderTests.java:100:41:100:61 | getInputStream(...) : InputStream | DocumentBuilderTests.java:100:24:100:62 | new StreamSource(...) : StreamSource | -| DocumentBuilderTests.java:101:46:101:51 | source : StreamSource | DocumentBuilderTests.java:101:16:101:52 | sourceToInputSource(...) | -| DocumentBuilderTests.java:102:16:102:21 | source : StreamSource | DocumentBuilderTests.java:102:16:102:38 | getInputStream(...) | -| SAXSourceTests.java:17:24:17:84 | new SAXSource(...) : SAXSource | SAXSourceTests.java:20:18:20:23 | source | -| SAXSourceTests.java:17:46:17:83 | new InputSource(...) : InputSource | SAXSourceTests.java:17:24:17:84 | new SAXSource(...) : SAXSource | -| SAXSourceTests.java:17:62:17:82 | getInputStream(...) : InputStream | SAXSourceTests.java:17:46:17:83 | new InputSource(...) : InputSource | -| SchemaTests.java:12:56:12:76 | getInputStream(...) : InputStream | SchemaTests.java:12:39:12:77 | new StreamSource(...) | -| SchemaTests.java:25:56:25:76 | getInputStream(...) : InputStream | SchemaTests.java:25:39:25:77 | new StreamSource(...) | -| SchemaTests.java:31:56:31:76 | getInputStream(...) : InputStream | SchemaTests.java:31:39:31:77 | new StreamSource(...) | -| SchemaTests.java:38:56:38:76 | getInputStream(...) : InputStream | SchemaTests.java:38:39:38:77 | new StreamSource(...) | -| SchemaTests.java:45:56:45:76 | getInputStream(...) : InputStream | SchemaTests.java:45:39:45:77 | new StreamSource(...) | -| SimpleXMLTests.java:24:63:24:83 | getInputStream(...) : InputStream | SimpleXMLTests.java:24:41:24:84 | new InputStreamReader(...) | -| SimpleXMLTests.java:30:5:30:25 | getInputStream(...) : InputStream | SimpleXMLTests.java:30:32:30:32 | b [post update] : byte[] | -| SimpleXMLTests.java:30:32:30:32 | b [post update] : byte[] | SimpleXMLTests.java:31:52:31:52 | b : byte[] | -| SimpleXMLTests.java:31:52:31:52 | b : byte[] | SimpleXMLTests.java:31:41:31:53 | new String(...) | -| SimpleXMLTests.java:37:5:37:25 | getInputStream(...) : InputStream | SimpleXMLTests.java:37:32:37:32 | b [post update] : byte[] | -| SimpleXMLTests.java:37:32:37:32 | b [post update] : byte[] | SimpleXMLTests.java:38:52:38:52 | b : byte[] | -| SimpleXMLTests.java:38:52:38:52 | b : byte[] | SimpleXMLTests.java:38:41:38:53 | new String(...) | -| SimpleXMLTests.java:43:63:43:83 | getInputStream(...) : InputStream | SimpleXMLTests.java:43:41:43:84 | new InputStreamReader(...) | -| SimpleXMLTests.java:68:59:68:79 | getInputStream(...) : InputStream | SimpleXMLTests.java:68:37:68:80 | new InputStreamReader(...) | -| SimpleXMLTests.java:73:59:73:79 | getInputStream(...) : InputStream | SimpleXMLTests.java:73:37:73:80 | new InputStreamReader(...) | -| SimpleXMLTests.java:78:48:78:68 | getInputStream(...) : InputStream | SimpleXMLTests.java:78:26:78:69 | new InputStreamReader(...) | -| SimpleXMLTests.java:83:48:83:68 | getInputStream(...) : InputStream | SimpleXMLTests.java:83:26:83:69 | new InputStreamReader(...) | -| SimpleXMLTests.java:89:5:89:25 | getInputStream(...) : InputStream | SimpleXMLTests.java:89:32:89:32 | b [post update] : byte[] | -| SimpleXMLTests.java:89:32:89:32 | b [post update] : byte[] | SimpleXMLTests.java:90:48:90:48 | b : byte[] | -| SimpleXMLTests.java:90:48:90:48 | b : byte[] | SimpleXMLTests.java:90:37:90:49 | new String(...) | -| SimpleXMLTests.java:96:5:96:25 | getInputStream(...) : InputStream | SimpleXMLTests.java:96:32:96:32 | b [post update] : byte[] | -| SimpleXMLTests.java:96:32:96:32 | b [post update] : byte[] | SimpleXMLTests.java:97:48:97:48 | b : byte[] | -| SimpleXMLTests.java:97:48:97:48 | b : byte[] | SimpleXMLTests.java:97:37:97:49 | new String(...) | -| SimpleXMLTests.java:103:5:103:25 | getInputStream(...) : InputStream | SimpleXMLTests.java:103:32:103:32 | b [post update] : byte[] | -| SimpleXMLTests.java:103:32:103:32 | b [post update] : byte[] | SimpleXMLTests.java:104:37:104:37 | b : byte[] | -| SimpleXMLTests.java:104:37:104:37 | b : byte[] | SimpleXMLTests.java:104:26:104:38 | new String(...) | -| SimpleXMLTests.java:110:5:110:25 | getInputStream(...) : InputStream | SimpleXMLTests.java:110:32:110:32 | b [post update] : byte[] | -| SimpleXMLTests.java:110:32:110:32 | b [post update] : byte[] | SimpleXMLTests.java:111:37:111:37 | b : byte[] | -| SimpleXMLTests.java:111:37:111:37 | b : byte[] | SimpleXMLTests.java:111:26:111:38 | new String(...) | -| SimpleXMLTests.java:119:44:119:64 | getInputStream(...) : InputStream | SimpleXMLTests.java:119:22:119:65 | new InputStreamReader(...) | -| SimpleXMLTests.java:129:44:129:64 | getInputStream(...) : InputStream | SimpleXMLTests.java:129:22:129:65 | new InputStreamReader(...) | -| SimpleXMLTests.java:139:44:139:64 | getInputStream(...) : InputStream | SimpleXMLTests.java:139:22:139:65 | new InputStreamReader(...) | -| SimpleXMLTests.java:145:5:145:25 | getInputStream(...) : InputStream | SimpleXMLTests.java:145:32:145:32 | b [post update] : byte[] | -| SimpleXMLTests.java:145:32:145:32 | b [post update] : byte[] | SimpleXMLTests.java:146:33:146:33 | b : byte[] | -| SimpleXMLTests.java:146:33:146:33 | b : byte[] | SimpleXMLTests.java:146:22:146:34 | new String(...) | -| SimpleXMLTests.java:152:5:152:25 | getInputStream(...) : InputStream | SimpleXMLTests.java:152:32:152:32 | b [post update] : byte[] | -| SimpleXMLTests.java:152:32:152:32 | b [post update] : byte[] | SimpleXMLTests.java:153:33:153:33 | b : byte[] | -| SimpleXMLTests.java:153:33:153:33 | b : byte[] | SimpleXMLTests.java:153:22:153:34 | new String(...) | -| TransformerTests.java:20:44:20:64 | getInputStream(...) : InputStream | TransformerTests.java:20:27:20:65 | new StreamSource(...) | -| TransformerTests.java:21:40:21:60 | getInputStream(...) : InputStream | TransformerTests.java:21:23:21:61 | new StreamSource(...) | -| TransformerTests.java:71:44:71:64 | getInputStream(...) : InputStream | TransformerTests.java:71:27:71:65 | new StreamSource(...) | -| TransformerTests.java:72:40:72:60 | getInputStream(...) : InputStream | TransformerTests.java:72:23:72:61 | new StreamSource(...) | -| TransformerTests.java:79:44:79:64 | getInputStream(...) : InputStream | TransformerTests.java:79:27:79:65 | new StreamSource(...) | -| TransformerTests.java:80:40:80:60 | getInputStream(...) : InputStream | TransformerTests.java:80:23:80:61 | new StreamSource(...) | -| TransformerTests.java:88:44:88:64 | getInputStream(...) : InputStream | TransformerTests.java:88:27:88:65 | new StreamSource(...) | -| TransformerTests.java:89:40:89:60 | getInputStream(...) : InputStream | TransformerTests.java:89:23:89:61 | new StreamSource(...) | -| TransformerTests.java:97:44:97:64 | getInputStream(...) : InputStream | TransformerTests.java:97:27:97:65 | new StreamSource(...) | -| TransformerTests.java:98:40:98:60 | getInputStream(...) : InputStream | TransformerTests.java:98:23:98:61 | new StreamSource(...) | -| TransformerTests.java:103:38:103:58 | getInputStream(...) : InputStream | TransformerTests.java:103:21:103:59 | new StreamSource(...) | -| TransformerTests.java:116:38:116:58 | getInputStream(...) : InputStream | TransformerTests.java:116:21:116:59 | new StreamSource(...) | -| TransformerTests.java:122:38:122:58 | getInputStream(...) : InputStream | TransformerTests.java:122:21:122:59 | new StreamSource(...) | -| TransformerTests.java:129:38:129:58 | getInputStream(...) : InputStream | TransformerTests.java:129:21:129:59 | new StreamSource(...) | -| TransformerTests.java:136:38:136:58 | getInputStream(...) : InputStream | TransformerTests.java:136:21:136:59 | new StreamSource(...) | -| TransformerTests.java:141:32:141:69 | new InputSource(...) : InputSource | TransformerTests.java:141:18:141:70 | new SAXSource(...) | -| TransformerTests.java:141:48:141:68 | getInputStream(...) : InputStream | TransformerTests.java:141:32:141:69 | new InputSource(...) : InputSource | -| XMLReaderTests.java:16:34:16:54 | getInputStream(...) : InputStream | XMLReaderTests.java:16:18:16:55 | new InputSource(...) | -| XMLReaderTests.java:56:34:56:54 | getInputStream(...) : InputStream | XMLReaderTests.java:56:18:56:55 | new InputSource(...) | -| XMLReaderTests.java:63:34:63:54 | getInputStream(...) : InputStream | XMLReaderTests.java:63:18:63:55 | new InputSource(...) | -| XMLReaderTests.java:70:34:70:54 | getInputStream(...) : InputStream | XMLReaderTests.java:70:18:70:55 | new InputSource(...) | -| XMLReaderTests.java:78:34:78:54 | getInputStream(...) : InputStream | XMLReaderTests.java:78:18:78:55 | new InputSource(...) | -| XMLReaderTests.java:86:34:86:54 | getInputStream(...) : InputStream | XMLReaderTests.java:86:18:86:55 | new InputSource(...) | -| XMLReaderTests.java:94:34:94:54 | getInputStream(...) : InputStream | XMLReaderTests.java:94:18:94:55 | new InputSource(...) | -| XMLReaderTests.java:100:34:100:54 | getInputStream(...) : InputStream | XMLReaderTests.java:100:18:100:55 | new InputSource(...) | -| XPathExpressionTests.java:27:37:27:57 | getInputStream(...) : InputStream | XPathExpressionTests.java:27:21:27:58 | new InputSource(...) | -nodes -| DocumentBuilderTests.java:14:19:14:39 | getInputStream(...) | semmle.label | getInputStream(...) | -| DocumentBuilderTests.java:28:19:28:39 | getInputStream(...) | semmle.label | getInputStream(...) | -| DocumentBuilderTests.java:35:19:35:39 | getInputStream(...) | semmle.label | getInputStream(...) | -| DocumentBuilderTests.java:42:19:42:39 | getInputStream(...) | semmle.label | getInputStream(...) | -| DocumentBuilderTests.java:49:19:49:39 | getInputStream(...) | semmle.label | getInputStream(...) | -| DocumentBuilderTests.java:64:19:64:39 | getInputStream(...) | semmle.label | getInputStream(...) | -| DocumentBuilderTests.java:71:19:71:39 | getInputStream(...) | semmle.label | getInputStream(...) | -| DocumentBuilderTests.java:79:19:79:39 | getInputStream(...) | semmle.label | getInputStream(...) | -| DocumentBuilderTests.java:87:19:87:39 | getInputStream(...) | semmle.label | getInputStream(...) | -| DocumentBuilderTests.java:93:21:93:73 | new SAXSource(...) : SAXSource | semmle.label | new SAXSource(...) : SAXSource | -| DocumentBuilderTests.java:93:35:93:72 | new InputSource(...) : InputSource | semmle.label | new InputSource(...) : InputSource | -| DocumentBuilderTests.java:93:51:93:71 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| DocumentBuilderTests.java:94:16:94:21 | source : SAXSource | semmle.label | source : SAXSource | -| DocumentBuilderTests.java:94:16:94:38 | getInputSource(...) | semmle.label | getInputSource(...) | -| DocumentBuilderTests.java:100:24:100:62 | new StreamSource(...) : StreamSource | semmle.label | new StreamSource(...) : StreamSource | -| DocumentBuilderTests.java:100:41:100:61 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| DocumentBuilderTests.java:101:16:101:52 | sourceToInputSource(...) | semmle.label | sourceToInputSource(...) | -| DocumentBuilderTests.java:101:46:101:51 | source : StreamSource | semmle.label | source : StreamSource | -| DocumentBuilderTests.java:102:16:102:21 | source : StreamSource | semmle.label | source : StreamSource | -| DocumentBuilderTests.java:102:16:102:38 | getInputStream(...) | semmle.label | getInputStream(...) | -| SAXBuilderTests.java:8:19:8:39 | getInputStream(...) | semmle.label | getInputStream(...) | -| SAXBuilderTests.java:20:19:20:39 | getInputStream(...) | semmle.label | getInputStream(...) | -| SAXParserTests.java:13:18:13:38 | getInputStream(...) | semmle.label | getInputStream(...) | -| SAXParserTests.java:30:18:30:38 | getInputStream(...) | semmle.label | getInputStream(...) | -| SAXParserTests.java:38:18:38:38 | getInputStream(...) | semmle.label | getInputStream(...) | -| SAXParserTests.java:46:18:46:38 | getInputStream(...) | semmle.label | getInputStream(...) | -| SAXParserTests.java:55:18:55:38 | getInputStream(...) | semmle.label | getInputStream(...) | -| SAXParserTests.java:64:18:64:38 | getInputStream(...) | semmle.label | getInputStream(...) | -| SAXParserTests.java:73:18:73:38 | getInputStream(...) | semmle.label | getInputStream(...) | -| SAXReaderTests.java:8:17:8:37 | getInputStream(...) | semmle.label | getInputStream(...) | -| SAXReaderTests.java:23:17:23:37 | getInputStream(...) | semmle.label | getInputStream(...) | -| SAXReaderTests.java:30:17:30:37 | getInputStream(...) | semmle.label | getInputStream(...) | -| SAXReaderTests.java:37:17:37:37 | getInputStream(...) | semmle.label | getInputStream(...) | -| SAXReaderTests.java:45:17:45:37 | getInputStream(...) | semmle.label | getInputStream(...) | -| SAXReaderTests.java:53:17:53:37 | getInputStream(...) | semmle.label | getInputStream(...) | -| SAXReaderTests.java:61:17:61:37 | getInputStream(...) | semmle.label | getInputStream(...) | -| SAXSourceTests.java:17:24:17:84 | new SAXSource(...) : SAXSource | semmle.label | new SAXSource(...) : SAXSource | -| SAXSourceTests.java:17:46:17:83 | new InputSource(...) : InputSource | semmle.label | new InputSource(...) : InputSource | -| SAXSourceTests.java:17:62:17:82 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| SAXSourceTests.java:20:18:20:23 | source | semmle.label | source | -| SchemaTests.java:12:39:12:77 | new StreamSource(...) | semmle.label | new StreamSource(...) | -| SchemaTests.java:12:56:12:76 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| SchemaTests.java:25:39:25:77 | new StreamSource(...) | semmle.label | new StreamSource(...) | -| SchemaTests.java:25:56:25:76 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| SchemaTests.java:31:39:31:77 | new StreamSource(...) | semmle.label | new StreamSource(...) | -| SchemaTests.java:31:56:31:76 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| SchemaTests.java:38:39:38:77 | new StreamSource(...) | semmle.label | new StreamSource(...) | -| SchemaTests.java:38:56:38:76 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| SchemaTests.java:45:39:45:77 | new StreamSource(...) | semmle.label | new StreamSource(...) | -| SchemaTests.java:45:56:45:76 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| SimpleXMLTests.java:14:41:14:61 | getInputStream(...) | semmle.label | getInputStream(...) | -| SimpleXMLTests.java:19:41:19:61 | getInputStream(...) | semmle.label | getInputStream(...) | -| SimpleXMLTests.java:24:41:24:84 | new InputStreamReader(...) | semmle.label | new InputStreamReader(...) | -| SimpleXMLTests.java:24:63:24:83 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| SimpleXMLTests.java:30:5:30:25 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| SimpleXMLTests.java:30:32:30:32 | b [post update] : byte[] | semmle.label | b [post update] : byte[] | -| SimpleXMLTests.java:31:41:31:53 | new String(...) | semmle.label | new String(...) | -| SimpleXMLTests.java:31:52:31:52 | b : byte[] | semmle.label | b : byte[] | -| SimpleXMLTests.java:37:5:37:25 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| SimpleXMLTests.java:37:32:37:32 | b [post update] : byte[] | semmle.label | b [post update] : byte[] | -| SimpleXMLTests.java:38:41:38:53 | new String(...) | semmle.label | new String(...) | -| SimpleXMLTests.java:38:52:38:52 | b : byte[] | semmle.label | b : byte[] | -| SimpleXMLTests.java:43:41:43:84 | new InputStreamReader(...) | semmle.label | new InputStreamReader(...) | -| SimpleXMLTests.java:43:63:43:83 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| SimpleXMLTests.java:48:37:48:57 | getInputStream(...) | semmle.label | getInputStream(...) | -| SimpleXMLTests.java:53:37:53:57 | getInputStream(...) | semmle.label | getInputStream(...) | -| SimpleXMLTests.java:58:26:58:46 | getInputStream(...) | semmle.label | getInputStream(...) | -| SimpleXMLTests.java:63:26:63:46 | getInputStream(...) | semmle.label | getInputStream(...) | -| SimpleXMLTests.java:68:37:68:80 | new InputStreamReader(...) | semmle.label | new InputStreamReader(...) | -| SimpleXMLTests.java:68:59:68:79 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| SimpleXMLTests.java:73:37:73:80 | new InputStreamReader(...) | semmle.label | new InputStreamReader(...) | -| SimpleXMLTests.java:73:59:73:79 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| SimpleXMLTests.java:78:26:78:69 | new InputStreamReader(...) | semmle.label | new InputStreamReader(...) | -| SimpleXMLTests.java:78:48:78:68 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| SimpleXMLTests.java:83:26:83:69 | new InputStreamReader(...) | semmle.label | new InputStreamReader(...) | -| SimpleXMLTests.java:83:48:83:68 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| SimpleXMLTests.java:89:5:89:25 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| SimpleXMLTests.java:89:32:89:32 | b [post update] : byte[] | semmle.label | b [post update] : byte[] | -| SimpleXMLTests.java:90:37:90:49 | new String(...) | semmle.label | new String(...) | -| SimpleXMLTests.java:90:48:90:48 | b : byte[] | semmle.label | b : byte[] | -| SimpleXMLTests.java:96:5:96:25 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| SimpleXMLTests.java:96:32:96:32 | b [post update] : byte[] | semmle.label | b [post update] : byte[] | -| SimpleXMLTests.java:97:37:97:49 | new String(...) | semmle.label | new String(...) | -| SimpleXMLTests.java:97:48:97:48 | b : byte[] | semmle.label | b : byte[] | -| SimpleXMLTests.java:103:5:103:25 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| SimpleXMLTests.java:103:32:103:32 | b [post update] : byte[] | semmle.label | b [post update] : byte[] | -| SimpleXMLTests.java:104:26:104:38 | new String(...) | semmle.label | new String(...) | -| SimpleXMLTests.java:104:37:104:37 | b : byte[] | semmle.label | b : byte[] | -| SimpleXMLTests.java:110:5:110:25 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| SimpleXMLTests.java:110:32:110:32 | b [post update] : byte[] | semmle.label | b [post update] : byte[] | -| SimpleXMLTests.java:111:26:111:38 | new String(...) | semmle.label | new String(...) | -| SimpleXMLTests.java:111:37:111:37 | b : byte[] | semmle.label | b : byte[] | -| SimpleXMLTests.java:115:22:115:42 | getInputStream(...) | semmle.label | getInputStream(...) | -| SimpleXMLTests.java:119:22:119:65 | new InputStreamReader(...) | semmle.label | new InputStreamReader(...) | -| SimpleXMLTests.java:119:44:119:64 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| SimpleXMLTests.java:124:22:124:42 | getInputStream(...) | semmle.label | getInputStream(...) | -| SimpleXMLTests.java:129:22:129:65 | new InputStreamReader(...) | semmle.label | new InputStreamReader(...) | -| SimpleXMLTests.java:129:44:129:64 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| SimpleXMLTests.java:134:22:134:42 | getInputStream(...) | semmle.label | getInputStream(...) | -| SimpleXMLTests.java:139:22:139:65 | new InputStreamReader(...) | semmle.label | new InputStreamReader(...) | -| SimpleXMLTests.java:139:44:139:64 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| SimpleXMLTests.java:145:5:145:25 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| SimpleXMLTests.java:145:32:145:32 | b [post update] : byte[] | semmle.label | b [post update] : byte[] | -| SimpleXMLTests.java:146:22:146:34 | new String(...) | semmle.label | new String(...) | -| SimpleXMLTests.java:146:33:146:33 | b : byte[] | semmle.label | b : byte[] | -| SimpleXMLTests.java:152:5:152:25 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| SimpleXMLTests.java:152:32:152:32 | b [post update] : byte[] | semmle.label | b [post update] : byte[] | -| SimpleXMLTests.java:153:22:153:34 | new String(...) | semmle.label | new String(...) | -| SimpleXMLTests.java:153:33:153:33 | b : byte[] | semmle.label | b : byte[] | -| TransformerTests.java:20:27:20:65 | new StreamSource(...) | semmle.label | new StreamSource(...) | -| TransformerTests.java:20:44:20:64 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| TransformerTests.java:21:23:21:61 | new StreamSource(...) | semmle.label | new StreamSource(...) | -| TransformerTests.java:21:40:21:60 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| TransformerTests.java:71:27:71:65 | new StreamSource(...) | semmle.label | new StreamSource(...) | -| TransformerTests.java:71:44:71:64 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| TransformerTests.java:72:23:72:61 | new StreamSource(...) | semmle.label | new StreamSource(...) | -| TransformerTests.java:72:40:72:60 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| TransformerTests.java:79:27:79:65 | new StreamSource(...) | semmle.label | new StreamSource(...) | -| TransformerTests.java:79:44:79:64 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| TransformerTests.java:80:23:80:61 | new StreamSource(...) | semmle.label | new StreamSource(...) | -| TransformerTests.java:80:40:80:60 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| TransformerTests.java:88:27:88:65 | new StreamSource(...) | semmle.label | new StreamSource(...) | -| TransformerTests.java:88:44:88:64 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| TransformerTests.java:89:23:89:61 | new StreamSource(...) | semmle.label | new StreamSource(...) | -| TransformerTests.java:89:40:89:60 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| TransformerTests.java:97:27:97:65 | new StreamSource(...) | semmle.label | new StreamSource(...) | -| TransformerTests.java:97:44:97:64 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| TransformerTests.java:98:23:98:61 | new StreamSource(...) | semmle.label | new StreamSource(...) | -| TransformerTests.java:98:40:98:60 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| TransformerTests.java:103:21:103:59 | new StreamSource(...) | semmle.label | new StreamSource(...) | -| TransformerTests.java:103:38:103:58 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| TransformerTests.java:116:21:116:59 | new StreamSource(...) | semmle.label | new StreamSource(...) | -| TransformerTests.java:116:38:116:58 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| TransformerTests.java:122:21:122:59 | new StreamSource(...) | semmle.label | new StreamSource(...) | -| TransformerTests.java:122:38:122:58 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| TransformerTests.java:129:21:129:59 | new StreamSource(...) | semmle.label | new StreamSource(...) | -| TransformerTests.java:129:38:129:58 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| TransformerTests.java:136:21:136:59 | new StreamSource(...) | semmle.label | new StreamSource(...) | -| TransformerTests.java:136:38:136:58 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| TransformerTests.java:141:18:141:70 | new SAXSource(...) | semmle.label | new SAXSource(...) | -| TransformerTests.java:141:32:141:69 | new InputSource(...) : InputSource | semmle.label | new InputSource(...) : InputSource | -| TransformerTests.java:141:48:141:68 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| UnmarshallerTests.java:28:18:28:38 | getInputStream(...) | semmle.label | getInputStream(...) | -| XMLReaderTests.java:16:18:16:55 | new InputSource(...) | semmle.label | new InputSource(...) | -| XMLReaderTests.java:16:34:16:54 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| XMLReaderTests.java:56:18:56:55 | new InputSource(...) | semmle.label | new InputSource(...) | -| XMLReaderTests.java:56:34:56:54 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| XMLReaderTests.java:63:18:63:55 | new InputSource(...) | semmle.label | new InputSource(...) | -| XMLReaderTests.java:63:34:63:54 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| XMLReaderTests.java:70:18:70:55 | new InputSource(...) | semmle.label | new InputSource(...) | -| XMLReaderTests.java:70:34:70:54 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| XMLReaderTests.java:78:18:78:55 | new InputSource(...) | semmle.label | new InputSource(...) | -| XMLReaderTests.java:78:34:78:54 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| XMLReaderTests.java:86:18:86:55 | new InputSource(...) | semmle.label | new InputSource(...) | -| XMLReaderTests.java:86:34:86:54 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| XMLReaderTests.java:94:18:94:55 | new InputSource(...) | semmle.label | new InputSource(...) | -| XMLReaderTests.java:94:34:94:54 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| XMLReaderTests.java:100:18:100:55 | new InputSource(...) | semmle.label | new InputSource(...) | -| XMLReaderTests.java:100:34:100:54 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| XPathExpressionTests.java:27:21:27:58 | new InputSource(...) | semmle.label | new InputSource(...) | -| XPathExpressionTests.java:27:37:27:57 | getInputStream(...) : InputStream | semmle.label | getInputStream(...) : InputStream | -| XmlInputFactoryTests.java:9:35:9:55 | getInputStream(...) | semmle.label | getInputStream(...) | -| XmlInputFactoryTests.java:10:34:10:54 | getInputStream(...) | semmle.label | getInputStream(...) | -| XmlInputFactoryTests.java:24:35:24:55 | getInputStream(...) | semmle.label | getInputStream(...) | -| XmlInputFactoryTests.java:25:34:25:54 | getInputStream(...) | semmle.label | getInputStream(...) | -| XmlInputFactoryTests.java:31:35:31:55 | getInputStream(...) | semmle.label | getInputStream(...) | -| XmlInputFactoryTests.java:32:34:32:54 | getInputStream(...) | semmle.label | getInputStream(...) | -| XmlInputFactoryTests.java:39:35:39:55 | getInputStream(...) | semmle.label | getInputStream(...) | -| XmlInputFactoryTests.java:40:34:40:54 | getInputStream(...) | semmle.label | getInputStream(...) | -| XmlInputFactoryTests.java:47:35:47:55 | getInputStream(...) | semmle.label | getInputStream(...) | -| XmlInputFactoryTests.java:48:34:48:54 | getInputStream(...) | semmle.label | getInputStream(...) | -| XmlInputFactoryTests.java:55:35:55:55 | getInputStream(...) | semmle.label | getInputStream(...) | -| XmlInputFactoryTests.java:56:34:56:54 | getInputStream(...) | semmle.label | getInputStream(...) | -subpaths -#select -| DocumentBuilderTests.java:14:19:14:39 | getInputStream(...) | DocumentBuilderTests.java:14:19:14:39 | getInputStream(...) | DocumentBuilderTests.java:14:19:14:39 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | DocumentBuilderTests.java:14:19:14:39 | getInputStream(...) | user-provided value | -| DocumentBuilderTests.java:28:19:28:39 | getInputStream(...) | DocumentBuilderTests.java:28:19:28:39 | getInputStream(...) | DocumentBuilderTests.java:28:19:28:39 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | DocumentBuilderTests.java:28:19:28:39 | getInputStream(...) | user-provided value | -| DocumentBuilderTests.java:35:19:35:39 | getInputStream(...) | DocumentBuilderTests.java:35:19:35:39 | getInputStream(...) | DocumentBuilderTests.java:35:19:35:39 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | DocumentBuilderTests.java:35:19:35:39 | getInputStream(...) | user-provided value | -| DocumentBuilderTests.java:42:19:42:39 | getInputStream(...) | DocumentBuilderTests.java:42:19:42:39 | getInputStream(...) | DocumentBuilderTests.java:42:19:42:39 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | DocumentBuilderTests.java:42:19:42:39 | getInputStream(...) | user-provided value | -| DocumentBuilderTests.java:49:19:49:39 | getInputStream(...) | DocumentBuilderTests.java:49:19:49:39 | getInputStream(...) | DocumentBuilderTests.java:49:19:49:39 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | DocumentBuilderTests.java:49:19:49:39 | getInputStream(...) | user-provided value | -| DocumentBuilderTests.java:64:19:64:39 | getInputStream(...) | DocumentBuilderTests.java:64:19:64:39 | getInputStream(...) | DocumentBuilderTests.java:64:19:64:39 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | DocumentBuilderTests.java:64:19:64:39 | getInputStream(...) | user-provided value | -| DocumentBuilderTests.java:71:19:71:39 | getInputStream(...) | DocumentBuilderTests.java:71:19:71:39 | getInputStream(...) | DocumentBuilderTests.java:71:19:71:39 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | DocumentBuilderTests.java:71:19:71:39 | getInputStream(...) | user-provided value | -| DocumentBuilderTests.java:79:19:79:39 | getInputStream(...) | DocumentBuilderTests.java:79:19:79:39 | getInputStream(...) | DocumentBuilderTests.java:79:19:79:39 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | DocumentBuilderTests.java:79:19:79:39 | getInputStream(...) | user-provided value | -| DocumentBuilderTests.java:87:19:87:39 | getInputStream(...) | DocumentBuilderTests.java:87:19:87:39 | getInputStream(...) | DocumentBuilderTests.java:87:19:87:39 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | DocumentBuilderTests.java:87:19:87:39 | getInputStream(...) | user-provided value | -| DocumentBuilderTests.java:94:16:94:38 | getInputSource(...) | DocumentBuilderTests.java:93:51:93:71 | getInputStream(...) : InputStream | DocumentBuilderTests.java:94:16:94:38 | getInputSource(...) | XML parsing depends on a $@ without guarding against external entity expansion. | DocumentBuilderTests.java:93:51:93:71 | getInputStream(...) | user-provided value | -| DocumentBuilderTests.java:101:16:101:52 | sourceToInputSource(...) | DocumentBuilderTests.java:100:41:100:61 | getInputStream(...) : InputStream | DocumentBuilderTests.java:101:16:101:52 | sourceToInputSource(...) | XML parsing depends on a $@ without guarding against external entity expansion. | DocumentBuilderTests.java:100:41:100:61 | getInputStream(...) | user-provided value | -| DocumentBuilderTests.java:102:16:102:38 | getInputStream(...) | DocumentBuilderTests.java:100:41:100:61 | getInputStream(...) : InputStream | DocumentBuilderTests.java:102:16:102:38 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | DocumentBuilderTests.java:100:41:100:61 | getInputStream(...) | user-provided value | -| SAXBuilderTests.java:8:19:8:39 | getInputStream(...) | SAXBuilderTests.java:8:19:8:39 | getInputStream(...) | SAXBuilderTests.java:8:19:8:39 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SAXBuilderTests.java:8:19:8:39 | getInputStream(...) | user-provided value | -| SAXBuilderTests.java:20:19:20:39 | getInputStream(...) | SAXBuilderTests.java:20:19:20:39 | getInputStream(...) | SAXBuilderTests.java:20:19:20:39 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SAXBuilderTests.java:20:19:20:39 | getInputStream(...) | user-provided value | -| SAXParserTests.java:13:18:13:38 | getInputStream(...) | SAXParserTests.java:13:18:13:38 | getInputStream(...) | SAXParserTests.java:13:18:13:38 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SAXParserTests.java:13:18:13:38 | getInputStream(...) | user-provided value | -| SAXParserTests.java:30:18:30:38 | getInputStream(...) | SAXParserTests.java:30:18:30:38 | getInputStream(...) | SAXParserTests.java:30:18:30:38 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SAXParserTests.java:30:18:30:38 | getInputStream(...) | user-provided value | -| SAXParserTests.java:38:18:38:38 | getInputStream(...) | SAXParserTests.java:38:18:38:38 | getInputStream(...) | SAXParserTests.java:38:18:38:38 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SAXParserTests.java:38:18:38:38 | getInputStream(...) | user-provided value | -| SAXParserTests.java:46:18:46:38 | getInputStream(...) | SAXParserTests.java:46:18:46:38 | getInputStream(...) | SAXParserTests.java:46:18:46:38 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SAXParserTests.java:46:18:46:38 | getInputStream(...) | user-provided value | -| SAXParserTests.java:55:18:55:38 | getInputStream(...) | SAXParserTests.java:55:18:55:38 | getInputStream(...) | SAXParserTests.java:55:18:55:38 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SAXParserTests.java:55:18:55:38 | getInputStream(...) | user-provided value | -| SAXParserTests.java:64:18:64:38 | getInputStream(...) | SAXParserTests.java:64:18:64:38 | getInputStream(...) | SAXParserTests.java:64:18:64:38 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SAXParserTests.java:64:18:64:38 | getInputStream(...) | user-provided value | -| SAXParserTests.java:73:18:73:38 | getInputStream(...) | SAXParserTests.java:73:18:73:38 | getInputStream(...) | SAXParserTests.java:73:18:73:38 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SAXParserTests.java:73:18:73:38 | getInputStream(...) | user-provided value | -| SAXReaderTests.java:8:17:8:37 | getInputStream(...) | SAXReaderTests.java:8:17:8:37 | getInputStream(...) | SAXReaderTests.java:8:17:8:37 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SAXReaderTests.java:8:17:8:37 | getInputStream(...) | user-provided value | -| SAXReaderTests.java:23:17:23:37 | getInputStream(...) | SAXReaderTests.java:23:17:23:37 | getInputStream(...) | SAXReaderTests.java:23:17:23:37 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SAXReaderTests.java:23:17:23:37 | getInputStream(...) | user-provided value | -| SAXReaderTests.java:30:17:30:37 | getInputStream(...) | SAXReaderTests.java:30:17:30:37 | getInputStream(...) | SAXReaderTests.java:30:17:30:37 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SAXReaderTests.java:30:17:30:37 | getInputStream(...) | user-provided value | -| SAXReaderTests.java:37:17:37:37 | getInputStream(...) | SAXReaderTests.java:37:17:37:37 | getInputStream(...) | SAXReaderTests.java:37:17:37:37 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SAXReaderTests.java:37:17:37:37 | getInputStream(...) | user-provided value | -| SAXReaderTests.java:45:17:45:37 | getInputStream(...) | SAXReaderTests.java:45:17:45:37 | getInputStream(...) | SAXReaderTests.java:45:17:45:37 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SAXReaderTests.java:45:17:45:37 | getInputStream(...) | user-provided value | -| SAXReaderTests.java:53:17:53:37 | getInputStream(...) | SAXReaderTests.java:53:17:53:37 | getInputStream(...) | SAXReaderTests.java:53:17:53:37 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SAXReaderTests.java:53:17:53:37 | getInputStream(...) | user-provided value | -| SAXReaderTests.java:61:17:61:37 | getInputStream(...) | SAXReaderTests.java:61:17:61:37 | getInputStream(...) | SAXReaderTests.java:61:17:61:37 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SAXReaderTests.java:61:17:61:37 | getInputStream(...) | user-provided value | -| SAXSourceTests.java:20:18:20:23 | source | SAXSourceTests.java:17:62:17:82 | getInputStream(...) : InputStream | SAXSourceTests.java:20:18:20:23 | source | XML parsing depends on a $@ without guarding against external entity expansion. | SAXSourceTests.java:17:62:17:82 | getInputStream(...) | user-provided value | -| SchemaTests.java:12:39:12:77 | new StreamSource(...) | SchemaTests.java:12:56:12:76 | getInputStream(...) : InputStream | SchemaTests.java:12:39:12:77 | new StreamSource(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SchemaTests.java:12:56:12:76 | getInputStream(...) | user-provided value | -| SchemaTests.java:25:39:25:77 | new StreamSource(...) | SchemaTests.java:25:56:25:76 | getInputStream(...) : InputStream | SchemaTests.java:25:39:25:77 | new StreamSource(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SchemaTests.java:25:56:25:76 | getInputStream(...) | user-provided value | -| SchemaTests.java:31:39:31:77 | new StreamSource(...) | SchemaTests.java:31:56:31:76 | getInputStream(...) : InputStream | SchemaTests.java:31:39:31:77 | new StreamSource(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SchemaTests.java:31:56:31:76 | getInputStream(...) | user-provided value | -| SchemaTests.java:38:39:38:77 | new StreamSource(...) | SchemaTests.java:38:56:38:76 | getInputStream(...) : InputStream | SchemaTests.java:38:39:38:77 | new StreamSource(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SchemaTests.java:38:56:38:76 | getInputStream(...) | user-provided value | -| SchemaTests.java:45:39:45:77 | new StreamSource(...) | SchemaTests.java:45:56:45:76 | getInputStream(...) : InputStream | SchemaTests.java:45:39:45:77 | new StreamSource(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SchemaTests.java:45:56:45:76 | getInputStream(...) | user-provided value | -| SimpleXMLTests.java:14:41:14:61 | getInputStream(...) | SimpleXMLTests.java:14:41:14:61 | getInputStream(...) | SimpleXMLTests.java:14:41:14:61 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SimpleXMLTests.java:14:41:14:61 | getInputStream(...) | user-provided value | -| SimpleXMLTests.java:19:41:19:61 | getInputStream(...) | SimpleXMLTests.java:19:41:19:61 | getInputStream(...) | SimpleXMLTests.java:19:41:19:61 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SimpleXMLTests.java:19:41:19:61 | getInputStream(...) | user-provided value | -| SimpleXMLTests.java:24:41:24:84 | new InputStreamReader(...) | SimpleXMLTests.java:24:63:24:83 | getInputStream(...) : InputStream | SimpleXMLTests.java:24:41:24:84 | new InputStreamReader(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SimpleXMLTests.java:24:63:24:83 | getInputStream(...) | user-provided value | -| SimpleXMLTests.java:31:41:31:53 | new String(...) | SimpleXMLTests.java:30:5:30:25 | getInputStream(...) : InputStream | SimpleXMLTests.java:31:41:31:53 | new String(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SimpleXMLTests.java:30:5:30:25 | getInputStream(...) | user-provided value | -| SimpleXMLTests.java:38:41:38:53 | new String(...) | SimpleXMLTests.java:37:5:37:25 | getInputStream(...) : InputStream | SimpleXMLTests.java:38:41:38:53 | new String(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SimpleXMLTests.java:37:5:37:25 | getInputStream(...) | user-provided value | -| SimpleXMLTests.java:43:41:43:84 | new InputStreamReader(...) | SimpleXMLTests.java:43:63:43:83 | getInputStream(...) : InputStream | SimpleXMLTests.java:43:41:43:84 | new InputStreamReader(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SimpleXMLTests.java:43:63:43:83 | getInputStream(...) | user-provided value | -| SimpleXMLTests.java:48:37:48:57 | getInputStream(...) | SimpleXMLTests.java:48:37:48:57 | getInputStream(...) | SimpleXMLTests.java:48:37:48:57 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SimpleXMLTests.java:48:37:48:57 | getInputStream(...) | user-provided value | -| SimpleXMLTests.java:53:37:53:57 | getInputStream(...) | SimpleXMLTests.java:53:37:53:57 | getInputStream(...) | SimpleXMLTests.java:53:37:53:57 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SimpleXMLTests.java:53:37:53:57 | getInputStream(...) | user-provided value | -| SimpleXMLTests.java:58:26:58:46 | getInputStream(...) | SimpleXMLTests.java:58:26:58:46 | getInputStream(...) | SimpleXMLTests.java:58:26:58:46 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SimpleXMLTests.java:58:26:58:46 | getInputStream(...) | user-provided value | -| SimpleXMLTests.java:63:26:63:46 | getInputStream(...) | SimpleXMLTests.java:63:26:63:46 | getInputStream(...) | SimpleXMLTests.java:63:26:63:46 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SimpleXMLTests.java:63:26:63:46 | getInputStream(...) | user-provided value | -| SimpleXMLTests.java:68:37:68:80 | new InputStreamReader(...) | SimpleXMLTests.java:68:59:68:79 | getInputStream(...) : InputStream | SimpleXMLTests.java:68:37:68:80 | new InputStreamReader(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SimpleXMLTests.java:68:59:68:79 | getInputStream(...) | user-provided value | -| SimpleXMLTests.java:73:37:73:80 | new InputStreamReader(...) | SimpleXMLTests.java:73:59:73:79 | getInputStream(...) : InputStream | SimpleXMLTests.java:73:37:73:80 | new InputStreamReader(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SimpleXMLTests.java:73:59:73:79 | getInputStream(...) | user-provided value | -| SimpleXMLTests.java:78:26:78:69 | new InputStreamReader(...) | SimpleXMLTests.java:78:48:78:68 | getInputStream(...) : InputStream | SimpleXMLTests.java:78:26:78:69 | new InputStreamReader(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SimpleXMLTests.java:78:48:78:68 | getInputStream(...) | user-provided value | -| SimpleXMLTests.java:83:26:83:69 | new InputStreamReader(...) | SimpleXMLTests.java:83:48:83:68 | getInputStream(...) : InputStream | SimpleXMLTests.java:83:26:83:69 | new InputStreamReader(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SimpleXMLTests.java:83:48:83:68 | getInputStream(...) | user-provided value | -| SimpleXMLTests.java:90:37:90:49 | new String(...) | SimpleXMLTests.java:89:5:89:25 | getInputStream(...) : InputStream | SimpleXMLTests.java:90:37:90:49 | new String(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SimpleXMLTests.java:89:5:89:25 | getInputStream(...) | user-provided value | -| SimpleXMLTests.java:97:37:97:49 | new String(...) | SimpleXMLTests.java:96:5:96:25 | getInputStream(...) : InputStream | SimpleXMLTests.java:97:37:97:49 | new String(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SimpleXMLTests.java:96:5:96:25 | getInputStream(...) | user-provided value | -| SimpleXMLTests.java:104:26:104:38 | new String(...) | SimpleXMLTests.java:103:5:103:25 | getInputStream(...) : InputStream | SimpleXMLTests.java:104:26:104:38 | new String(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SimpleXMLTests.java:103:5:103:25 | getInputStream(...) | user-provided value | -| SimpleXMLTests.java:111:26:111:38 | new String(...) | SimpleXMLTests.java:110:5:110:25 | getInputStream(...) : InputStream | SimpleXMLTests.java:111:26:111:38 | new String(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SimpleXMLTests.java:110:5:110:25 | getInputStream(...) | user-provided value | -| SimpleXMLTests.java:115:22:115:42 | getInputStream(...) | SimpleXMLTests.java:115:22:115:42 | getInputStream(...) | SimpleXMLTests.java:115:22:115:42 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SimpleXMLTests.java:115:22:115:42 | getInputStream(...) | user-provided value | -| SimpleXMLTests.java:119:22:119:65 | new InputStreamReader(...) | SimpleXMLTests.java:119:44:119:64 | getInputStream(...) : InputStream | SimpleXMLTests.java:119:22:119:65 | new InputStreamReader(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SimpleXMLTests.java:119:44:119:64 | getInputStream(...) | user-provided value | -| SimpleXMLTests.java:124:22:124:42 | getInputStream(...) | SimpleXMLTests.java:124:22:124:42 | getInputStream(...) | SimpleXMLTests.java:124:22:124:42 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SimpleXMLTests.java:124:22:124:42 | getInputStream(...) | user-provided value | -| SimpleXMLTests.java:129:22:129:65 | new InputStreamReader(...) | SimpleXMLTests.java:129:44:129:64 | getInputStream(...) : InputStream | SimpleXMLTests.java:129:22:129:65 | new InputStreamReader(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SimpleXMLTests.java:129:44:129:64 | getInputStream(...) | user-provided value | -| SimpleXMLTests.java:134:22:134:42 | getInputStream(...) | SimpleXMLTests.java:134:22:134:42 | getInputStream(...) | SimpleXMLTests.java:134:22:134:42 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SimpleXMLTests.java:134:22:134:42 | getInputStream(...) | user-provided value | -| SimpleXMLTests.java:139:22:139:65 | new InputStreamReader(...) | SimpleXMLTests.java:139:44:139:64 | getInputStream(...) : InputStream | SimpleXMLTests.java:139:22:139:65 | new InputStreamReader(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SimpleXMLTests.java:139:44:139:64 | getInputStream(...) | user-provided value | -| SimpleXMLTests.java:146:22:146:34 | new String(...) | SimpleXMLTests.java:145:5:145:25 | getInputStream(...) : InputStream | SimpleXMLTests.java:146:22:146:34 | new String(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SimpleXMLTests.java:145:5:145:25 | getInputStream(...) | user-provided value | -| SimpleXMLTests.java:153:22:153:34 | new String(...) | SimpleXMLTests.java:152:5:152:25 | getInputStream(...) : InputStream | SimpleXMLTests.java:153:22:153:34 | new String(...) | XML parsing depends on a $@ without guarding against external entity expansion. | SimpleXMLTests.java:152:5:152:25 | getInputStream(...) | user-provided value | -| TransformerTests.java:20:27:20:65 | new StreamSource(...) | TransformerTests.java:20:44:20:64 | getInputStream(...) : InputStream | TransformerTests.java:20:27:20:65 | new StreamSource(...) | XML parsing depends on a $@ without guarding against external entity expansion. | TransformerTests.java:20:44:20:64 | getInputStream(...) | user-provided value | -| TransformerTests.java:21:23:21:61 | new StreamSource(...) | TransformerTests.java:21:40:21:60 | getInputStream(...) : InputStream | TransformerTests.java:21:23:21:61 | new StreamSource(...) | XML parsing depends on a $@ without guarding against external entity expansion. | TransformerTests.java:21:40:21:60 | getInputStream(...) | user-provided value | -| TransformerTests.java:71:27:71:65 | new StreamSource(...) | TransformerTests.java:71:44:71:64 | getInputStream(...) : InputStream | TransformerTests.java:71:27:71:65 | new StreamSource(...) | XML parsing depends on a $@ without guarding against external entity expansion. | TransformerTests.java:71:44:71:64 | getInputStream(...) | user-provided value | -| TransformerTests.java:72:23:72:61 | new StreamSource(...) | TransformerTests.java:72:40:72:60 | getInputStream(...) : InputStream | TransformerTests.java:72:23:72:61 | new StreamSource(...) | XML parsing depends on a $@ without guarding against external entity expansion. | TransformerTests.java:72:40:72:60 | getInputStream(...) | user-provided value | -| TransformerTests.java:79:27:79:65 | new StreamSource(...) | TransformerTests.java:79:44:79:64 | getInputStream(...) : InputStream | TransformerTests.java:79:27:79:65 | new StreamSource(...) | XML parsing depends on a $@ without guarding against external entity expansion. | TransformerTests.java:79:44:79:64 | getInputStream(...) | user-provided value | -| TransformerTests.java:80:23:80:61 | new StreamSource(...) | TransformerTests.java:80:40:80:60 | getInputStream(...) : InputStream | TransformerTests.java:80:23:80:61 | new StreamSource(...) | XML parsing depends on a $@ without guarding against external entity expansion. | TransformerTests.java:80:40:80:60 | getInputStream(...) | user-provided value | -| TransformerTests.java:88:27:88:65 | new StreamSource(...) | TransformerTests.java:88:44:88:64 | getInputStream(...) : InputStream | TransformerTests.java:88:27:88:65 | new StreamSource(...) | XML parsing depends on a $@ without guarding against external entity expansion. | TransformerTests.java:88:44:88:64 | getInputStream(...) | user-provided value | -| TransformerTests.java:89:23:89:61 | new StreamSource(...) | TransformerTests.java:89:40:89:60 | getInputStream(...) : InputStream | TransformerTests.java:89:23:89:61 | new StreamSource(...) | XML parsing depends on a $@ without guarding against external entity expansion. | TransformerTests.java:89:40:89:60 | getInputStream(...) | user-provided value | -| TransformerTests.java:97:27:97:65 | new StreamSource(...) | TransformerTests.java:97:44:97:64 | getInputStream(...) : InputStream | TransformerTests.java:97:27:97:65 | new StreamSource(...) | XML parsing depends on a $@ without guarding against external entity expansion. | TransformerTests.java:97:44:97:64 | getInputStream(...) | user-provided value | -| TransformerTests.java:98:23:98:61 | new StreamSource(...) | TransformerTests.java:98:40:98:60 | getInputStream(...) : InputStream | TransformerTests.java:98:23:98:61 | new StreamSource(...) | XML parsing depends on a $@ without guarding against external entity expansion. | TransformerTests.java:98:40:98:60 | getInputStream(...) | user-provided value | -| TransformerTests.java:103:21:103:59 | new StreamSource(...) | TransformerTests.java:103:38:103:58 | getInputStream(...) : InputStream | TransformerTests.java:103:21:103:59 | new StreamSource(...) | XML parsing depends on a $@ without guarding against external entity expansion. | TransformerTests.java:103:38:103:58 | getInputStream(...) | user-provided value | -| TransformerTests.java:116:21:116:59 | new StreamSource(...) | TransformerTests.java:116:38:116:58 | getInputStream(...) : InputStream | TransformerTests.java:116:21:116:59 | new StreamSource(...) | XML parsing depends on a $@ without guarding against external entity expansion. | TransformerTests.java:116:38:116:58 | getInputStream(...) | user-provided value | -| TransformerTests.java:122:21:122:59 | new StreamSource(...) | TransformerTests.java:122:38:122:58 | getInputStream(...) : InputStream | TransformerTests.java:122:21:122:59 | new StreamSource(...) | XML parsing depends on a $@ without guarding against external entity expansion. | TransformerTests.java:122:38:122:58 | getInputStream(...) | user-provided value | -| TransformerTests.java:129:21:129:59 | new StreamSource(...) | TransformerTests.java:129:38:129:58 | getInputStream(...) : InputStream | TransformerTests.java:129:21:129:59 | new StreamSource(...) | XML parsing depends on a $@ without guarding against external entity expansion. | TransformerTests.java:129:38:129:58 | getInputStream(...) | user-provided value | -| TransformerTests.java:136:21:136:59 | new StreamSource(...) | TransformerTests.java:136:38:136:58 | getInputStream(...) : InputStream | TransformerTests.java:136:21:136:59 | new StreamSource(...) | XML parsing depends on a $@ without guarding against external entity expansion. | TransformerTests.java:136:38:136:58 | getInputStream(...) | user-provided value | -| TransformerTests.java:141:18:141:70 | new SAXSource(...) | TransformerTests.java:141:48:141:68 | getInputStream(...) : InputStream | TransformerTests.java:141:18:141:70 | new SAXSource(...) | XML parsing depends on a $@ without guarding against external entity expansion. | TransformerTests.java:141:48:141:68 | getInputStream(...) | user-provided value | -| UnmarshallerTests.java:28:18:28:38 | getInputStream(...) | UnmarshallerTests.java:28:18:28:38 | getInputStream(...) | UnmarshallerTests.java:28:18:28:38 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | UnmarshallerTests.java:28:18:28:38 | getInputStream(...) | user-provided value | -| XMLReaderTests.java:16:18:16:55 | new InputSource(...) | XMLReaderTests.java:16:34:16:54 | getInputStream(...) : InputStream | XMLReaderTests.java:16:18:16:55 | new InputSource(...) | XML parsing depends on a $@ without guarding against external entity expansion. | XMLReaderTests.java:16:34:16:54 | getInputStream(...) | user-provided value | -| XMLReaderTests.java:56:18:56:55 | new InputSource(...) | XMLReaderTests.java:56:34:56:54 | getInputStream(...) : InputStream | XMLReaderTests.java:56:18:56:55 | new InputSource(...) | XML parsing depends on a $@ without guarding against external entity expansion. | XMLReaderTests.java:56:34:56:54 | getInputStream(...) | user-provided value | -| XMLReaderTests.java:63:18:63:55 | new InputSource(...) | XMLReaderTests.java:63:34:63:54 | getInputStream(...) : InputStream | XMLReaderTests.java:63:18:63:55 | new InputSource(...) | XML parsing depends on a $@ without guarding against external entity expansion. | XMLReaderTests.java:63:34:63:54 | getInputStream(...) | user-provided value | -| XMLReaderTests.java:70:18:70:55 | new InputSource(...) | XMLReaderTests.java:70:34:70:54 | getInputStream(...) : InputStream | XMLReaderTests.java:70:18:70:55 | new InputSource(...) | XML parsing depends on a $@ without guarding against external entity expansion. | XMLReaderTests.java:70:34:70:54 | getInputStream(...) | user-provided value | -| XMLReaderTests.java:78:18:78:55 | new InputSource(...) | XMLReaderTests.java:78:34:78:54 | getInputStream(...) : InputStream | XMLReaderTests.java:78:18:78:55 | new InputSource(...) | XML parsing depends on a $@ without guarding against external entity expansion. | XMLReaderTests.java:78:34:78:54 | getInputStream(...) | user-provided value | -| XMLReaderTests.java:86:18:86:55 | new InputSource(...) | XMLReaderTests.java:86:34:86:54 | getInputStream(...) : InputStream | XMLReaderTests.java:86:18:86:55 | new InputSource(...) | XML parsing depends on a $@ without guarding against external entity expansion. | XMLReaderTests.java:86:34:86:54 | getInputStream(...) | user-provided value | -| XMLReaderTests.java:94:18:94:55 | new InputSource(...) | XMLReaderTests.java:94:34:94:54 | getInputStream(...) : InputStream | XMLReaderTests.java:94:18:94:55 | new InputSource(...) | XML parsing depends on a $@ without guarding against external entity expansion. | XMLReaderTests.java:94:34:94:54 | getInputStream(...) | user-provided value | -| XMLReaderTests.java:100:18:100:55 | new InputSource(...) | XMLReaderTests.java:100:34:100:54 | getInputStream(...) : InputStream | XMLReaderTests.java:100:18:100:55 | new InputSource(...) | XML parsing depends on a $@ without guarding against external entity expansion. | XMLReaderTests.java:100:34:100:54 | getInputStream(...) | user-provided value | -| XPathExpressionTests.java:27:21:27:58 | new InputSource(...) | XPathExpressionTests.java:27:37:27:57 | getInputStream(...) : InputStream | XPathExpressionTests.java:27:21:27:58 | new InputSource(...) | XML parsing depends on a $@ without guarding against external entity expansion. | XPathExpressionTests.java:27:37:27:57 | getInputStream(...) | user-provided value | -| XmlInputFactoryTests.java:9:35:9:55 | getInputStream(...) | XmlInputFactoryTests.java:9:35:9:55 | getInputStream(...) | XmlInputFactoryTests.java:9:35:9:55 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | XmlInputFactoryTests.java:9:35:9:55 | getInputStream(...) | user-provided value | -| XmlInputFactoryTests.java:10:34:10:54 | getInputStream(...) | XmlInputFactoryTests.java:10:34:10:54 | getInputStream(...) | XmlInputFactoryTests.java:10:34:10:54 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | XmlInputFactoryTests.java:10:34:10:54 | getInputStream(...) | user-provided value | -| XmlInputFactoryTests.java:24:35:24:55 | getInputStream(...) | XmlInputFactoryTests.java:24:35:24:55 | getInputStream(...) | XmlInputFactoryTests.java:24:35:24:55 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | XmlInputFactoryTests.java:24:35:24:55 | getInputStream(...) | user-provided value | -| XmlInputFactoryTests.java:25:34:25:54 | getInputStream(...) | XmlInputFactoryTests.java:25:34:25:54 | getInputStream(...) | XmlInputFactoryTests.java:25:34:25:54 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | XmlInputFactoryTests.java:25:34:25:54 | getInputStream(...) | user-provided value | -| XmlInputFactoryTests.java:31:35:31:55 | getInputStream(...) | XmlInputFactoryTests.java:31:35:31:55 | getInputStream(...) | XmlInputFactoryTests.java:31:35:31:55 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | XmlInputFactoryTests.java:31:35:31:55 | getInputStream(...) | user-provided value | -| XmlInputFactoryTests.java:32:34:32:54 | getInputStream(...) | XmlInputFactoryTests.java:32:34:32:54 | getInputStream(...) | XmlInputFactoryTests.java:32:34:32:54 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | XmlInputFactoryTests.java:32:34:32:54 | getInputStream(...) | user-provided value | -| XmlInputFactoryTests.java:39:35:39:55 | getInputStream(...) | XmlInputFactoryTests.java:39:35:39:55 | getInputStream(...) | XmlInputFactoryTests.java:39:35:39:55 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | XmlInputFactoryTests.java:39:35:39:55 | getInputStream(...) | user-provided value | -| XmlInputFactoryTests.java:40:34:40:54 | getInputStream(...) | XmlInputFactoryTests.java:40:34:40:54 | getInputStream(...) | XmlInputFactoryTests.java:40:34:40:54 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | XmlInputFactoryTests.java:40:34:40:54 | getInputStream(...) | user-provided value | -| XmlInputFactoryTests.java:47:35:47:55 | getInputStream(...) | XmlInputFactoryTests.java:47:35:47:55 | getInputStream(...) | XmlInputFactoryTests.java:47:35:47:55 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | XmlInputFactoryTests.java:47:35:47:55 | getInputStream(...) | user-provided value | -| XmlInputFactoryTests.java:48:34:48:54 | getInputStream(...) | XmlInputFactoryTests.java:48:34:48:54 | getInputStream(...) | XmlInputFactoryTests.java:48:34:48:54 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | XmlInputFactoryTests.java:48:34:48:54 | getInputStream(...) | user-provided value | -| XmlInputFactoryTests.java:55:35:55:55 | getInputStream(...) | XmlInputFactoryTests.java:55:35:55:55 | getInputStream(...) | XmlInputFactoryTests.java:55:35:55:55 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | XmlInputFactoryTests.java:55:35:55:55 | getInputStream(...) | user-provided value | -| XmlInputFactoryTests.java:56:34:56:54 | getInputStream(...) | XmlInputFactoryTests.java:56:34:56:54 | getInputStream(...) | XmlInputFactoryTests.java:56:34:56:54 | getInputStream(...) | XML parsing depends on a $@ without guarding against external entity expansion. | XmlInputFactoryTests.java:56:34:56:54 | getInputStream(...) | user-provided value | diff --git a/java/ql/test/query-tests/security/CWE-611/XXE.ql b/java/ql/test/query-tests/security/CWE-611/XXE.ql new file mode 100644 index 00000000000..f1463f561f3 --- /dev/null +++ b/java/ql/test/query-tests/security/CWE-611/XXE.ql @@ -0,0 +1,11 @@ +import java +import TestUtilities.InlineFlowTest +import semmle.code.java.security.XxeRemoteQuery + +class HasFlowTest extends InlineFlowTest { + override predicate hasTaintFlow(DataFlow::Node src, DataFlow::Node sink) { + XxeFlow::flow(src, sink) + } + + override predicate hasValueFlow(DataFlow::Node src, DataFlow::Node sink) { none() } +} diff --git a/java/ql/test/query-tests/security/CWE-611/XXE.qlref b/java/ql/test/query-tests/security/CWE-611/XXE.qlref deleted file mode 100644 index dc71ddf9ddb..00000000000 --- a/java/ql/test/query-tests/security/CWE-611/XXE.qlref +++ /dev/null @@ -1 +0,0 @@ -Security/CWE/CWE-611/XXE.ql \ No newline at end of file diff --git a/java/ql/test/query-tests/security/CWE-611/XmlInputFactoryTests.java b/java/ql/test/query-tests/security/CWE-611/XmlInputFactoryTests.java index ce0f9c43e19..a75bcde8c1f 100644 --- a/java/ql/test/query-tests/security/CWE-611/XmlInputFactoryTests.java +++ b/java/ql/test/query-tests/security/CWE-611/XmlInputFactoryTests.java @@ -6,53 +6,53 @@ public class XmlInputFactoryTests { public void unconfigureFactory(Socket sock) throws Exception { XMLInputFactory factory = XMLInputFactory.newFactory(); - factory.createXMLStreamReader(sock.getInputStream()); //unsafe - factory.createXMLEventReader(sock.getInputStream()); //unsafe + factory.createXMLStreamReader(sock.getInputStream()); // $ hasTaintFlow + factory.createXMLEventReader(sock.getInputStream()); // $ hasTaintFlow } - + public void safeFactory(Socket sock) throws Exception { XMLInputFactory factory = XMLInputFactory.newFactory(); factory.setProperty(XMLInputFactory.SUPPORT_DTD, false); factory.setProperty("javax.xml.stream.isSupportingExternalEntities", false); - factory.createXMLStreamReader(sock.getInputStream()); //safe - factory.createXMLEventReader(sock.getInputStream()); //safe + factory.createXMLStreamReader(sock.getInputStream()); // safe + factory.createXMLEventReader(sock.getInputStream()); // safe } - + public void misConfiguredFactory(Socket sock) throws Exception { XMLInputFactory factory = XMLInputFactory.newFactory(); factory.setProperty("javax.xml.stream.isSupportingExternalEntities", false); - factory.createXMLStreamReader(sock.getInputStream()); //unsafe - factory.createXMLEventReader(sock.getInputStream()); //unsafe + factory.createXMLStreamReader(sock.getInputStream()); // $ hasTaintFlow + factory.createXMLEventReader(sock.getInputStream()); // $ hasTaintFlow } - + public void misConfiguredFactory2(Socket sock) throws Exception { XMLInputFactory factory = XMLInputFactory.newFactory(); factory.setProperty(XMLInputFactory.SUPPORT_DTD, false); - factory.createXMLStreamReader(sock.getInputStream()); //unsafe - factory.createXMLEventReader(sock.getInputStream()); //unsafe + factory.createXMLStreamReader(sock.getInputStream()); // $ hasTaintFlow + factory.createXMLEventReader(sock.getInputStream()); // $ hasTaintFlow } - + public void misConfiguredFactory3(Socket sock) throws Exception { XMLInputFactory factory = XMLInputFactory.newFactory(); factory.setProperty("javax.xml.stream.isSupportingExternalEntities", true); factory.setProperty(XMLInputFactory.SUPPORT_DTD, true); - factory.createXMLStreamReader(sock.getInputStream()); //unsafe - factory.createXMLEventReader(sock.getInputStream()); //unsafe + factory.createXMLStreamReader(sock.getInputStream()); // $ hasTaintFlow + factory.createXMLEventReader(sock.getInputStream()); // $ hasTaintFlow } - + public void misConfiguredFactory4(Socket sock) throws Exception { XMLInputFactory factory = XMLInputFactory.newFactory(); factory.setProperty("javax.xml.stream.isSupportingExternalEntities", false); factory.setProperty(XMLInputFactory.SUPPORT_DTD, true); - factory.createXMLStreamReader(sock.getInputStream()); //unsafe - factory.createXMLEventReader(sock.getInputStream()); //unsafe + factory.createXMLStreamReader(sock.getInputStream()); // $ hasTaintFlow + factory.createXMLEventReader(sock.getInputStream()); // $ hasTaintFlow } - + public void misConfiguredFactory5(Socket sock) throws Exception { XMLInputFactory factory = XMLInputFactory.newFactory(); factory.setProperty("javax.xml.stream.isSupportingExternalEntities", true); factory.setProperty(XMLInputFactory.SUPPORT_DTD, false); - factory.createXMLStreamReader(sock.getInputStream()); //unsafe - factory.createXMLEventReader(sock.getInputStream()); //unsafe - } + factory.createXMLStreamReader(sock.getInputStream()); // $ hasTaintFlow + factory.createXMLEventReader(sock.getInputStream()); // $ hasTaintFlow + } } diff --git a/java/ql/test/query-tests/security/CWE-611/options b/java/ql/test/query-tests/security/CWE-611/options index c3935792c6b..bec95f19163 100644 --- a/java/ql/test/query-tests/security/CWE-611/options +++ b/java/ql/test/query-tests/security/CWE-611/options @@ -1 +1 @@ -//semmle-extractor-options: --javac-args -cp ${testdir}/../../../stubs/jdom-1.1.3:${testdir}/../../../stubs/dom4j-2.1.1:${testdir}/../../../stubs/simple-xml-2.7.1:${testdir}/../../../stubs/jaxb-api-2.3.1:${testdir}/../../../stubs/jaxen-1.2.0 +//semmle-extractor-options: --javac-args -cp ${testdir}/../../../stubs/jdom-1.1.3:${testdir}/../../../stubs/dom4j-2.1.1:${testdir}/../../../stubs/simple-xml-2.7.1:${testdir}/../../../stubs/jaxb-api-2.3.1:${testdir}/../../../stubs/jaxen-1.2.0:${testdir}/../../../stubs/apache-commons-digester3-3.2:${testdir}/../../../stubs/servlet-api-2.4/:${testdir}/../../../stubs/rundeck-api-java-client-13.2:${testdir}/../../../stubs/springframework-5.3.8/ diff --git a/java/ql/test/query-tests/security/CWE-918/SanitizationTests.java b/java/ql/test/query-tests/security/CWE-918/SanitizationTests.java index 9a65374024c..6a99c619ff3 100644 --- a/java/ql/test/query-tests/security/CWE-918/SanitizationTests.java +++ b/java/ql/test/query-tests/security/CWE-918/SanitizationTests.java @@ -116,6 +116,9 @@ public class SanitizationTests extends HttpServlet { HttpRequest unsafer9 = HttpRequest.newBuilder(new URI(unsafeUri9)).build(); // $ SSRF client.send(unsafer9, null); + String unsafeUri10 = String.format("%s://%s:%s%s", "http", "myserver.com", "80", request.getParameter("baduri10")); + HttpRequest unsafer10 = HttpRequest.newBuilder(new URI(unsafeUri10)).build(); // $ SSRF + client.send(unsafer10, null); } catch (Exception e) { // TODO: handle exception } diff --git a/java/ql/test/query-tests/security/CWE-918/mad/Test.java b/java/ql/test/query-tests/security/CWE-918/mad/Test.java index 8666e821fd0..6c224b65d31 100644 --- a/java/ql/test/query-tests/security/CWE-918/mad/Test.java +++ b/java/ql/test/query-tests/security/CWE-918/mad/Test.java @@ -9,6 +9,8 @@ import javafx.scene.web.WebEngine; import org.apache.commons.jelly.JellyContext; import org.codehaus.cargo.container.installer.ZipURLInstaller; import org.kohsuke.stapler.HttpResponses; +import play.libs.ws.WSClient; +import play.libs.ws.StandaloneWSClient; public class Test { @@ -74,4 +76,14 @@ public class Test { r.staticResource((URL) source()); // $ SSRF } + public void test(WSClient c) { + // "play.libs.ws;WSClient;true;url;;;Argument[0];open-url;manual" + c.url((String) source()); // $ SSRF + } + + public void test(StandaloneWSClient c) { + // "play.libs.ws;StandaloneWSClient;true;url;;;Argument[0];open-url;manual" + c.url((String) source()); // $ SSRF + } + } diff --git a/java/ql/test/query-tests/security/CWE-918/options b/java/ql/test/query-tests/security/CWE-918/options index c8147ece2a9..82a3894bc18 100644 --- a/java/ql/test/query-tests/security/CWE-918/options +++ b/java/ql/test/query-tests/security/CWE-918/options @@ -1 +1 @@ -//semmle-extractor-options: --javac-args -source 11 -target 11 -cp ${testdir}/../../../stubs/springframework-5.3.8:${testdir}/../../../stubs/javax-ws-rs-api-2.1.1:${testdir}/../../../stubs/javax-ws-rs-api-3.0.0:${testdir}/../../../stubs/apache-http-4.4.13/:${testdir}/../../../stubs/projectreactor-3.4.3/:${testdir}/../../../stubs/postgresql-42.3.3/:${testdir}/../../../stubs/HikariCP-3.4.5/:${testdir}/../../../stubs/spring-jdbc-5.3.8/:${testdir}/../../../stubs/jdbi3-core-3.27.2/:${testdir}/../../../stubs/cargo:${testdir}/../../../stubs/javafx-web:${testdir}/../../../stubs/apache-commons-jelly-1.0.1:${testdir}/../../../stubs/dom4j-2.1.1:${testdir}/../../../stubs/jaxen-1.2.0:${testdir}/../../../stubs/stapler-1.263:${testdir}/../../../stubs/javax-servlet-2.5:${testdir}/../../../stubs/apache-commons-fileupload-1.4:${testdir}/../../../stubs/saxon-xqj-9.x:${testdir}/../../../stubs/apache-commons-beanutils:${testdir}/../../../stubs/apache-commons-lang:${testdir}/../../../stubs/apache-http-5 +//semmle-extractor-options: --javac-args -source 11 -target 11 -cp ${testdir}/../../../stubs/springframework-5.3.8:${testdir}/../../../stubs/javax-ws-rs-api-2.1.1:${testdir}/../../../stubs/javax-ws-rs-api-3.0.0:${testdir}/../../../stubs/apache-http-4.4.13/:${testdir}/../../../stubs/projectreactor-3.4.3/:${testdir}/../../../stubs/postgresql-42.3.3/:${testdir}/../../../stubs/HikariCP-3.4.5/:${testdir}/../../../stubs/spring-jdbc-5.3.8/:${testdir}/../../../stubs/jdbi3-core-3.27.2/:${testdir}/../../../stubs/cargo:${testdir}/../../../stubs/javafx-web:${testdir}/../../../stubs/apache-commons-jelly-1.0.1:${testdir}/../../../stubs/dom4j-2.1.1:${testdir}/../../../stubs/jaxen-1.2.0:${testdir}/../../../stubs/stapler-1.263:${testdir}/../../../stubs/javax-servlet-2.5:${testdir}/../../../stubs/apache-commons-fileupload-1.4:${testdir}/../../../stubs/saxon-xqj-9.x:${testdir}/../../../stubs/apache-commons-beanutils:${testdir}/../../../stubs/apache-commons-lang:${testdir}/../../../stubs/apache-http-5:${testdir}/../../../stubs/playframework-2.6.x diff --git a/java/ql/test/stubs/apache-http-5/org/apache/hc/client5/http/protocol/RedirectLocations.java b/java/ql/test/stubs/apache-http-5/org/apache/hc/client5/http/protocol/RedirectLocations.java new file mode 100644 index 00000000000..ca717c54ebd --- /dev/null +++ b/java/ql/test/stubs/apache-http-5/org/apache/hc/client5/http/protocol/RedirectLocations.java @@ -0,0 +1,111 @@ +/* + * ==================================================================== + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * ==================================================================== + * + * This software consists of voluntary contributions made by many + * individuals on behalf of the Apache Software Foundation. For more + * information on the Apache Software Foundation, please see + * . + * + */ + + package org.apache.hc.client5.http.protocol; + + import java.net.URI; + import java.util.ArrayList; + import java.util.HashSet; + import java.util.List; + import java.util.Set; + + /** + * This class represents a collection of {@link java.net.URI}s used + * as redirect locations. + * + * @since 4.0 + */ + public final class RedirectLocations { + + private final Set unique; + private final List all; + + public RedirectLocations() { + super(); + this.unique = new HashSet<>(); + this.all = new ArrayList<>(); + } + + /** + * Test if the URI is present in the collection. + */ + public boolean contains(final URI uri) { + return this.unique.contains(uri); + } + + /** + * Adds a new URI to the collection. + */ + public void add(final URI uri) { + this.unique.add(uri); + this.all.add(uri); + } + + /** + * Returns all redirect {@link URI}s in the order they were added to the collection. + * + * @return list of all URIs + * + * @since 4.1 + */ + public List getAll() { + return new ArrayList<>(this.all); + } + + /** + * Returns the URI at the specified position in this list. + * + * @param index + * index of the location to return + * @return the URI at the specified position in this list + * @throws IndexOutOfBoundsException + * if the index is out of range ( + * {@code index < 0 || index >= size()}) + * @since 4.3 + */ + public URI get(final int index) { + return this.all.get(index); + } + + /** + * Returns the number of elements in this list. If this list contains more + * than {@code Integer.MAX_VALUE} elements, returns + * {@code Integer.MAX_VALUE}. + * + * @return the number of elements in this list + * @since 4.3 + */ + public int size() { + return this.all.size(); + } + + public void clear() { + unique.clear(); + all.clear(); + } + + } diff --git a/java/ql/test/stubs/groovy-all-3.0.7/groovy/lang/Writable.java b/java/ql/test/stubs/groovy-all-3.0.7/groovy/lang/Writable.java new file mode 100644 index 00000000000..bd66e0da4fd --- /dev/null +++ b/java/ql/test/stubs/groovy-all-3.0.7/groovy/lang/Writable.java @@ -0,0 +1,10 @@ +// Generated automatically from groovy.lang.Writable for testing purposes + +package groovy.lang; + +import java.io.Writer; + +public interface Writable +{ + Writer writeTo(Writer p0); +} diff --git a/java/ql/test/stubs/groovy-all-3.0.7/groovy/text/Template.java b/java/ql/test/stubs/groovy-all-3.0.7/groovy/text/Template.java new file mode 100644 index 00000000000..e48446274a6 --- /dev/null +++ b/java/ql/test/stubs/groovy-all-3.0.7/groovy/text/Template.java @@ -0,0 +1,12 @@ +// Generated automatically from groovy.text.Template for testing purposes + +package groovy.text; + +import groovy.lang.Writable; +import java.util.Map; + +public interface Template +{ + Writable make(); + Writable make(Map p0); +} diff --git a/java/ql/test/stubs/groovy-all-3.0.7/groovy/text/TemplateEngine.java b/java/ql/test/stubs/groovy-all-3.0.7/groovy/text/TemplateEngine.java new file mode 100644 index 00000000000..a42814b4db1 --- /dev/null +++ b/java/ql/test/stubs/groovy-all-3.0.7/groovy/text/TemplateEngine.java @@ -0,0 +1,17 @@ +// Generated automatically from groovy.text.TemplateEngine for testing purposes + +package groovy.text; + +import groovy.text.Template; +import java.io.File; +import java.io.Reader; +import java.net.URL; + +abstract public class TemplateEngine +{ + public Template createTemplate(File p0){ return null; } + public Template createTemplate(String p0){ return null; } + public Template createTemplate(URL p0){ return null; } + public TemplateEngine(){} + public abstract Template createTemplate(Reader p0); +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/ExclusionStrategy.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/ExclusionStrategy.java new file mode 100644 index 00000000000..a1cac336243 --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/ExclusionStrategy.java @@ -0,0 +1,11 @@ +// Generated automatically from com.google.gson.ExclusionStrategy for testing purposes + +package com.google.gson; + +import com.google.gson.FieldAttributes; + +public interface ExclusionStrategy +{ + boolean shouldSkipClass(Class p0); + boolean shouldSkipField(FieldAttributes p0); +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/FieldAttributes.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/FieldAttributes.java new file mode 100644 index 00000000000..1db8d794976 --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/FieldAttributes.java @@ -0,0 +1,22 @@ +// Generated automatically from com.google.gson.FieldAttributes for testing purposes + +package com.google.gson; + +import java.lang.annotation.Annotation; +import java.lang.reflect.Field; +import java.lang.reflect.Type; +import java.util.Collection; + +public class FieldAttributes +{ + protected FieldAttributes() {} + public T getAnnotation(java.lang.Class p0){ return null; } + public Class getDeclaredClass(){ return null; } + public Class getDeclaringClass(){ return null; } + public Collection getAnnotations(){ return null; } + public FieldAttributes(Field p0){} + public String getName(){ return null; } + public String toString(){ return null; } + public Type getDeclaredType(){ return null; } + public boolean hasModifier(int p0){ return false; } +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/FieldNamingPolicy.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/FieldNamingPolicy.java new file mode 100644 index 00000000000..465703ae28a --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/FieldNamingPolicy.java @@ -0,0 +1,10 @@ +// Generated automatically from com.google.gson.FieldNamingPolicy for testing purposes + +package com.google.gson; + + +public enum FieldNamingPolicy { + IDENTITY, LOWER_CASE_WITH_DASHES, LOWER_CASE_WITH_DOTS, LOWER_CASE_WITH_UNDERSCORES, UPPER_CAMEL_CASE, UPPER_CAMEL_CASE_WITH_SPACES, UPPER_CASE_WITH_UNDERSCORES; + + private FieldNamingPolicy() {} +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/FieldNamingStrategy.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/FieldNamingStrategy.java new file mode 100644 index 00000000000..bb3ad76d598 --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/FieldNamingStrategy.java @@ -0,0 +1,10 @@ +// Generated automatically from com.google.gson.FieldNamingStrategy for testing purposes + +package com.google.gson; + +import java.lang.reflect.Field; + +public interface FieldNamingStrategy +{ + String translateName(Field p0); +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/Gson.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/Gson.java index a269763665b..61c29245d15 100644 --- a/java/ql/test/stubs/gson-2.8.6/com/google/gson/Gson.java +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/Gson.java @@ -1,38 +1,53 @@ +// Generated automatically from com.google.gson.Gson for testing purposes + package com.google.gson; -import java.lang.reflect.Type; -import java.io.Reader; +import com.google.gson.FieldNamingStrategy; +import com.google.gson.GsonBuilder; +import com.google.gson.JsonElement; +import com.google.gson.TypeAdapter; +import com.google.gson.TypeAdapterFactory; +import com.google.gson.internal.Excluder; +import com.google.gson.reflect.TypeToken; import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonWriter; +import java.io.Reader; +import java.io.Writer; +import java.lang.reflect.Type; -public final class Gson { - public Gson() { - } - - public String toJson(Object src) { - return null; - } - - public String toJson(Object src, Type typeOfSrc) { - return null; - } - - public T fromJson(String json, Class classOfT) throws JsonSyntaxException { - return null; - } - - public T fromJson(String json, Type typeOfT) throws JsonSyntaxException { - return null; - } - - public T fromJson(Reader json, Class classOfT) throws JsonSyntaxException, JsonIOException { - return null; - } - - public T fromJson(Reader json, Type typeOfT) throws JsonIOException, JsonSyntaxException { - return null; - } - - public T fromJson(JsonReader reader, Type typeOfT) throws JsonIOException, JsonSyntaxException { - return null; - } +public class Gson +{ + public T fromJson(JsonElement p0, Type p1){ return null; } + public T fromJson(JsonElement p0, com.google.gson.reflect.TypeToken p1){ return null; } + public T fromJson(JsonElement p0, java.lang.Class p1){ return null; } + public T fromJson(JsonReader p0, Type p1){ return null; } + public T fromJson(JsonReader p0, com.google.gson.reflect.TypeToken p1){ return null; } + public T fromJson(Reader p0, Type p1){ return null; } + public T fromJson(Reader p0, com.google.gson.reflect.TypeToken p1){ return null; } + public T fromJson(Reader p0, java.lang.Class p1){ return null; } + public T fromJson(String p0, Type p1){ return null; } + public T fromJson(String p0, com.google.gson.reflect.TypeToken p1){ return null; } + public T fromJson(String p0, java.lang.Class p1){ return null; } + public com.google.gson.TypeAdapter getAdapter(com.google.gson.reflect.TypeToken p0){ return null; } + public com.google.gson.TypeAdapter getAdapter(java.lang.Class p0){ return null; } + public com.google.gson.TypeAdapter getDelegateAdapter(TypeAdapterFactory p0, com.google.gson.reflect.TypeToken p1){ return null; } + public Excluder excluder(){ return null; } + public FieldNamingStrategy fieldNamingStrategy(){ return null; } + public Gson(){} + public GsonBuilder newBuilder(){ return null; } + public JsonElement toJsonTree(Object p0){ return null; } + public JsonElement toJsonTree(Object p0, Type p1){ return null; } + public JsonReader newJsonReader(Reader p0){ return null; } + public JsonWriter newJsonWriter(Writer p0){ return null; } + public String toJson(JsonElement p0){ return null; } + public String toJson(Object p0){ return null; } + public String toJson(Object p0, Type p1){ return null; } + public String toString(){ return null; } + public boolean htmlSafe(){ return false; } + public boolean serializeNulls(){ return false; } + public void toJson(JsonElement p0, Appendable p1){} + public void toJson(JsonElement p0, JsonWriter p1){} + public void toJson(Object p0, Appendable p1){} + public void toJson(Object p0, Type p1, Appendable p2){} + public void toJson(Object p0, Type p1, JsonWriter p2){} } diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/GsonBuilder.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/GsonBuilder.java index 3853cb40356..33d656b7bd7 100644 --- a/java/ql/test/stubs/gson-2.8.6/com/google/gson/GsonBuilder.java +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/GsonBuilder.java @@ -1,99 +1,46 @@ -/* - * Copyright (C) 2008 Google Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ +// Generated automatically from com.google.gson.GsonBuilder for testing purposes package com.google.gson; +import com.google.gson.ExclusionStrategy; +import com.google.gson.FieldNamingPolicy; +import com.google.gson.FieldNamingStrategy; +import com.google.gson.Gson; +import com.google.gson.LongSerializationPolicy; +import com.google.gson.ReflectionAccessFilter; +import com.google.gson.ToNumberStrategy; +import com.google.gson.TypeAdapterFactory; import java.lang.reflect.Type; -public final class GsonBuilder { - /** - * Creates a GsonBuilder instance that can be used to build Gson with various configuration - * settings. GsonBuilder follows the builder pattern, and it is typically used by first - * invoking various configuration methods to set desired options, and finally calling - * {@link #create()}. - */ - public GsonBuilder() { - } - - /** - * Constructs a GsonBuilder instance from a Gson instance. The newly constructed GsonBuilder - * has the same configuration as the previously built Gson instance. - * - * @param gson the gson instance whose configuration should by applied to a new GsonBuilder. - */ - GsonBuilder(Gson gson) { - } - - /** - * Configures Gson for custom serialization or deserialization. This method combines the - * registration of an {@link TypeAdapter}, {@link InstanceCreator}, {@link JsonSerializer}, and a - * {@link JsonDeserializer}. It is best used when a single object {@code typeAdapter} implements - * all the required interfaces for custom serialization with Gson. If a type adapter was - * previously registered for the specified {@code type}, it is overwritten. - * - *

    This registers the type specified and no other types: you must manually register related - * types! For example, applications registering {@code boolean.class} should also register {@code - * Boolean.class}. - * - * @param type the type definition for the type adapter being registered - * @param typeAdapter This object must implement at least one of the {@link TypeAdapter}, - * {@link InstanceCreator}, {@link JsonSerializer}, and a {@link JsonDeserializer} interfaces. - * @return a reference to this {@code GsonBuilder} object to fulfill the "Builder" pattern - */ - public GsonBuilder registerTypeAdapter(Type type, Object typeAdapter) { - return null; - } - - /** - * Register a factory for type adapters. Registering a factory is useful when the type - * adapter needs to be configured based on the type of the field being processed. Gson - * is designed to handle a large number of factories, so you should consider registering - * them to be at par with registering an individual type adapter. - * - * @since 2.1 - */ - public GsonBuilder registerTypeAdapterFactory(TypeAdapterFactory factory) { - return null; - } - - /** - * Configures Gson for custom serialization or deserialization for an inheritance type hierarchy. - * This method combines the registration of a {@link TypeAdapter}, {@link JsonSerializer} and - * a {@link JsonDeserializer}. If a type adapter was previously registered for the specified - * type hierarchy, it is overridden. If a type adapter is registered for a specific type in - * the type hierarchy, it will be invoked instead of the one registered for the type hierarchy. - * - * @param baseType the class definition for the type adapter being registered for the base class - * or interface - * @param typeAdapter This object must implement at least one of {@link TypeAdapter}, - * {@link JsonSerializer} or {@link JsonDeserializer} interfaces. - * @return a reference to this {@code GsonBuilder} object to fulfill the "Builder" pattern - * @since 1.7 - */ - public GsonBuilder registerTypeHierarchyAdapter(Class baseType, Object typeAdapter) { - return null; - } - - /** - * Creates a {@link Gson} instance based on the current configuration. This method is free of - * side-effects to this {@code GsonBuilder} instance and hence can be called multiple times. - * - * @return an instance of Gson configured with the options currently set in this builder - */ - public Gson create() { - return null; - } -} \ No newline at end of file +public class GsonBuilder +{ + public Gson create(){ return null; } + public GsonBuilder addDeserializationExclusionStrategy(ExclusionStrategy p0){ return null; } + public GsonBuilder addReflectionAccessFilter(ReflectionAccessFilter p0){ return null; } + public GsonBuilder addSerializationExclusionStrategy(ExclusionStrategy p0){ return null; } + public GsonBuilder disableHtmlEscaping(){ return null; } + public GsonBuilder disableInnerClassSerialization(){ return null; } + public GsonBuilder disableJdkUnsafe(){ return null; } + public GsonBuilder enableComplexMapKeySerialization(){ return null; } + public GsonBuilder excludeFieldsWithModifiers(int... p0){ return null; } + public GsonBuilder excludeFieldsWithoutExposeAnnotation(){ return null; } + public GsonBuilder generateNonExecutableJson(){ return null; } + public GsonBuilder registerTypeAdapter(Type p0, Object p1){ return null; } + public GsonBuilder registerTypeAdapterFactory(TypeAdapterFactory p0){ return null; } + public GsonBuilder registerTypeHierarchyAdapter(Class p0, Object p1){ return null; } + public GsonBuilder serializeNulls(){ return null; } + public GsonBuilder serializeSpecialFloatingPointValues(){ return null; } + public GsonBuilder setDateFormat(String p0){ return null; } + public GsonBuilder setDateFormat(int p0){ return null; } + public GsonBuilder setDateFormat(int p0, int p1){ return null; } + public GsonBuilder setExclusionStrategies(ExclusionStrategy... p0){ return null; } + public GsonBuilder setFieldNamingPolicy(FieldNamingPolicy p0){ return null; } + public GsonBuilder setFieldNamingStrategy(FieldNamingStrategy p0){ return null; } + public GsonBuilder setLenient(){ return null; } + public GsonBuilder setLongSerializationPolicy(LongSerializationPolicy p0){ return null; } + public GsonBuilder setNumberToNumberStrategy(ToNumberStrategy p0){ return null; } + public GsonBuilder setObjectToNumberStrategy(ToNumberStrategy p0){ return null; } + public GsonBuilder setPrettyPrinting(){ return null; } + public GsonBuilder setVersion(double p0){ return null; } + public GsonBuilder(){} +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonArray.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonArray.java new file mode 100644 index 00000000000..c4fbae6bc1f --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonArray.java @@ -0,0 +1,45 @@ +// Generated automatically from com.google.gson.JsonArray for testing purposes + +package com.google.gson; + +import com.google.gson.JsonElement; +import java.math.BigDecimal; +import java.math.BigInteger; +import java.util.Iterator; +import java.util.List; + +public class JsonArray extends JsonElement implements Iterable +{ + public BigDecimal getAsBigDecimal(){ return null; } + public BigInteger getAsBigInteger(){ return null; } + public Iterator iterator(){ return null; } + public JsonArray deepCopy(){ return null; } + public JsonArray(){} + public JsonArray(int p0){} + public JsonElement get(int p0){ return null; } + public JsonElement remove(int p0){ return null; } + public JsonElement set(int p0, JsonElement p1){ return null; } + public List asList(){ return null; } + public Number getAsNumber(){ return null; } + public String getAsString(){ return null; } + public boolean contains(JsonElement p0){ return false; } + public boolean equals(Object p0){ return false; } + public boolean getAsBoolean(){ return false; } + public boolean isEmpty(){ return false; } + public boolean remove(JsonElement p0){ return false; } + public byte getAsByte(){ return 0; } + public char getAsCharacter(){ return '0'; } + public double getAsDouble(){ return 0; } + public float getAsFloat(){ return 0; } + public int getAsInt(){ return 0; } + public int hashCode(){ return 0; } + public int size(){ return 0; } + public long getAsLong(){ return 0; } + public short getAsShort(){ return 0; } + public void add(Boolean p0){} + public void add(Character p0){} + public void add(JsonElement p0){} + public void add(Number p0){} + public void add(String p0){} + public void addAll(JsonArray p0){} +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonElement.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonElement.java new file mode 100644 index 00000000000..592fce2b672 --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonElement.java @@ -0,0 +1,37 @@ +// Generated automatically from com.google.gson.JsonElement for testing purposes + +package com.google.gson; + +import com.google.gson.JsonArray; +import com.google.gson.JsonNull; +import com.google.gson.JsonObject; +import com.google.gson.JsonPrimitive; +import java.math.BigDecimal; +import java.math.BigInteger; + +abstract public class JsonElement +{ + public BigDecimal getAsBigDecimal(){ return null; } + public BigInteger getAsBigInteger(){ return null; } + public JsonArray getAsJsonArray(){ return null; } + public JsonElement(){} + public JsonNull getAsJsonNull(){ return null; } + public JsonObject getAsJsonObject(){ return null; } + public JsonPrimitive getAsJsonPrimitive(){ return null; } + public Number getAsNumber(){ return null; } + public String getAsString(){ return null; } + public String toString(){ return null; } + public abstract JsonElement deepCopy(); + public boolean getAsBoolean(){ return false; } + public boolean isJsonArray(){ return false; } + public boolean isJsonNull(){ return false; } + public boolean isJsonObject(){ return false; } + public boolean isJsonPrimitive(){ return false; } + public byte getAsByte(){ return 0; } + public char getAsCharacter(){ return '0'; } + public double getAsDouble(){ return 0; } + public float getAsFloat(){ return 0; } + public int getAsInt(){ return 0; } + public long getAsLong(){ return 0; } + public short getAsShort(){ return 0; } +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonNull.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonNull.java new file mode 100644 index 00000000000..e38275991eb --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonNull.java @@ -0,0 +1,14 @@ +// Generated automatically from com.google.gson.JsonNull for testing purposes + +package com.google.gson; + +import com.google.gson.JsonElement; + +public class JsonNull extends JsonElement +{ + public JsonNull deepCopy(){ return null; } + public JsonNull(){} + public boolean equals(Object p0){ return false; } + public int hashCode(){ return 0; } + public static JsonNull INSTANCE = null; +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonObject.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonObject.java new file mode 100644 index 00000000000..a37b5455b51 --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonObject.java @@ -0,0 +1,33 @@ +// Generated automatically from com.google.gson.JsonObject for testing purposes + +package com.google.gson; + +import com.google.gson.JsonArray; +import com.google.gson.JsonElement; +import com.google.gson.JsonPrimitive; +import java.util.Map; +import java.util.Set; + +public class JsonObject extends JsonElement +{ + public JsonArray getAsJsonArray(String p0){ return null; } + public JsonElement get(String p0){ return null; } + public JsonElement remove(String p0){ return null; } + public JsonObject deepCopy(){ return null; } + public JsonObject getAsJsonObject(String p0){ return null; } + public JsonObject(){} + public JsonPrimitive getAsJsonPrimitive(String p0){ return null; } + public Map asMap(){ return null; } + public Set> entrySet(){ return null; } + public Set keySet(){ return null; } + public boolean equals(Object p0){ return false; } + public boolean has(String p0){ return false; } + public boolean isEmpty(){ return false; } + public int hashCode(){ return 0; } + public int size(){ return 0; } + public void add(String p0, JsonElement p1){} + public void addProperty(String p0, Boolean p1){} + public void addProperty(String p0, Character p1){} + public void addProperty(String p0, Number p1){} + public void addProperty(String p0, String p1){} +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonPrimitive.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonPrimitive.java new file mode 100644 index 00000000000..21ec07c4246 --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/JsonPrimitive.java @@ -0,0 +1,34 @@ +// Generated automatically from com.google.gson.JsonPrimitive for testing purposes + +package com.google.gson; + +import com.google.gson.JsonElement; +import java.math.BigDecimal; +import java.math.BigInteger; + +public class JsonPrimitive extends JsonElement +{ + protected JsonPrimitive() {} + public BigDecimal getAsBigDecimal(){ return null; } + public BigInteger getAsBigInteger(){ return null; } + public JsonPrimitive deepCopy(){ return null; } + public JsonPrimitive(Boolean p0){} + public JsonPrimitive(Character p0){} + public JsonPrimitive(Number p0){} + public JsonPrimitive(String p0){} + public Number getAsNumber(){ return null; } + public String getAsString(){ return null; } + public boolean equals(Object p0){ return false; } + public boolean getAsBoolean(){ return false; } + public boolean isBoolean(){ return false; } + public boolean isNumber(){ return false; } + public boolean isString(){ return false; } + public byte getAsByte(){ return 0; } + public char getAsCharacter(){ return '0'; } + public double getAsDouble(){ return 0; } + public float getAsFloat(){ return 0; } + public int getAsInt(){ return 0; } + public int hashCode(){ return 0; } + public long getAsLong(){ return 0; } + public short getAsShort(){ return 0; } +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/LongSerializationPolicy.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/LongSerializationPolicy.java new file mode 100644 index 00000000000..0452deec4b9 --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/LongSerializationPolicy.java @@ -0,0 +1,24 @@ +// Generated automatically from com.google.gson.LongSerializationPolicy for testing purposes + +package com.google.gson; + +import com.google.gson.JsonElement; + +public enum LongSerializationPolicy { + DEFAULT { + @Override + public JsonElement serialize(Long p0) { + return null; + } + }, + STRING { + @Override + public JsonElement serialize(Long p0) { + return null; + } + }; + + private LongSerializationPolicy() {} + + public abstract JsonElement serialize(Long p0); +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/ReflectionAccessFilter.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/ReflectionAccessFilter.java new file mode 100644 index 00000000000..ff91f103f62 --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/ReflectionAccessFilter.java @@ -0,0 +1,18 @@ +// Generated automatically from com.google.gson.ReflectionAccessFilter for testing purposes + +package com.google.gson; + + +public interface ReflectionAccessFilter +{ + ReflectionAccessFilter.FilterResult check(Class p0); + static ReflectionAccessFilter BLOCK_ALL_ANDROID = null; + static ReflectionAccessFilter BLOCK_ALL_JAVA = null; + static ReflectionAccessFilter BLOCK_ALL_PLATFORM = null; + static ReflectionAccessFilter BLOCK_INACCESSIBLE_JAVA = null; + static public enum FilterResult + { + ALLOW, BLOCK_ALL, BLOCK_INACCESSIBLE, INDECISIVE; + private FilterResult() {} + } +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/ToNumberStrategy.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/ToNumberStrategy.java new file mode 100644 index 00000000000..1c6ccb23111 --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/ToNumberStrategy.java @@ -0,0 +1,10 @@ +// Generated automatically from com.google.gson.ToNumberStrategy for testing purposes + +package com.google.gson; + +import com.google.gson.stream.JsonReader; + +public interface ToNumberStrategy +{ + Number readNumber(JsonReader p0); +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/TypeAdapter.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/TypeAdapter.java index 73e6ef993b7..cdd0d1185b1 100644 --- a/java/ql/test/stubs/gson-2.8.6/com/google/gson/TypeAdapter.java +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/TypeAdapter.java @@ -1,130 +1,23 @@ -/* - * Copyright (C) 2011 Google Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ +// Generated automatically from com.google.gson.TypeAdapter for testing purposes package com.google.gson; +import com.google.gson.JsonElement; import com.google.gson.stream.JsonReader; -import java.io.IOException; +import com.google.gson.stream.JsonWriter; import java.io.Reader; import java.io.Writer; -public abstract class TypeAdapter { - /** - * Converts {@code value} to a JSON document and writes it to {@code out}. - * Unlike Gson's similar {@link Gson#toJson(JsonElement, Appendable) toJson} - * method, this write is strict. Create a {@link - * JsonWriter#setLenient(boolean) lenient} {@code JsonWriter} and call - * {@link #write(com.google.gson.stream.JsonWriter, Object)} for lenient - * writing. - * - * @param value the Java object to convert. May be null. - * @since 2.2 - */ - public final void toJson(Writer out, T value) throws IOException { - } - - /** - * This wrapper method is used to make a type adapter null tolerant. In general, a - * type adapter is required to handle nulls in write and read methods. Here is how this - * is typically done:
    - * 

       {@code
-   *
-   * Gson gson = new GsonBuilder().registerTypeAdapter(Foo.class,
-   *   new TypeAdapter() {
-   *     public Foo read(JsonReader in) throws IOException {
-   *       if (in.peek() == JsonToken.NULL) {
-   *         in.nextNull();
-   *         return null;
-   *       }
-   *       // read a Foo from in and return it
-   *     }
-   *     public void write(JsonWriter out, Foo src) throws IOException {
-   *       if (src == null) {
-   *         out.nullValue();
-   *         return;
-   *       }
-   *       // write src as JSON to out
-   *     }
-   *   }).create();
-   * }
    - * You can avoid this boilerplate handling of nulls by wrapping your type adapter with - * this method. Here is how we will rewrite the above example: - * 
       {@code
-   *
-   * Gson gson = new GsonBuilder().registerTypeAdapter(Foo.class,
-   *   new TypeAdapter() {
-   *     public Foo read(JsonReader in) throws IOException {
-   *       // read a Foo from in and return it
-   *     }
-   *     public void write(JsonWriter out, Foo src) throws IOException {
-   *       // write src as JSON to out
-   *     }
-   *   }.nullSafe()).create();
-   * }
    - * Note that we didn't need to check for nulls in our type adapter after we used nullSafe. - */ - public final TypeAdapter nullSafe() { - return null; - } - - /** - * Converts {@code value} to a JSON document. Unlike Gson's similar {@link - * Gson#toJson(Object) toJson} method, this write is strict. Create a {@link - * JsonWriter#setLenient(boolean) lenient} {@code JsonWriter} and call - * {@link #write(com.google.gson.stream.JsonWriter, Object)} for lenient - * writing. - * - * @param value the Java object to convert. May be null. - * @since 2.2 - */ - public final String toJson(T value) { - return null; - } - - /** - * Reads one JSON value (an array, object, string, number, boolean or null) - * and converts it to a Java object. Returns the converted object. - * - * @return the converted Java object. May be null. - */ - public abstract T read(JsonReader in) throws IOException; - - /** - * Converts the JSON document in {@code in} to a Java object. Unlike Gson's - * similar {@link Gson#fromJson(java.io.Reader, Class) fromJson} method, this - * read is strict. Create a {@link JsonReader#setLenient(boolean) lenient} - * {@code JsonReader} and call {@link #read(JsonReader)} for lenient reading. - * - * @return the converted Java object. May be null. - * @since 2.2 - */ - public final T fromJson(Reader in) throws IOException { - return null; - } - - /** - * Converts the JSON document in {@code json} to a Java object. Unlike Gson's - * similar {@link Gson#fromJson(String, Class) fromJson} method, this read is - * strict. Create a {@link JsonReader#setLenient(boolean) lenient} {@code - * JsonReader} and call {@link #read(JsonReader)} for lenient reading. - * - * @return the converted Java object. May be null. - * @since 2.2 - */ - public final T fromJson(String json) throws IOException { - return null; - } +abstract public class TypeAdapter +{ + public TypeAdapter(){} + public abstract T read(JsonReader p0); + public abstract void write(JsonWriter p0, T p1); + public final JsonElement toJsonTree(T p0){ return null; } + public final String toJson(T p0){ return null; } + public final T fromJson(Reader p0){ return null; } + public final T fromJson(String p0){ return null; } + public final T fromJsonTree(JsonElement p0){ return null; } + public final TypeAdapter nullSafe(){ return null; } + public final void toJson(Writer p0, T p1){} } diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/TypeAdapterFactory.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/TypeAdapterFactory.java index d6cc8133712..6b3728f38b0 100644 --- a/java/ql/test/stubs/gson-2.8.6/com/google/gson/TypeAdapterFactory.java +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/TypeAdapterFactory.java @@ -1,28 +1,12 @@ -/* - * Copyright (C) 2011 Google Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ +// Generated automatically from com.google.gson.TypeAdapterFactory for testing purposes package com.google.gson; +import com.google.gson.Gson; +import com.google.gson.TypeAdapter; import com.google.gson.reflect.TypeToken; -public interface TypeAdapterFactory { - - /** - * Returns a type adapter for {@code type}, or null if this factory doesn't - * support {@code type}. - */ - TypeAdapter create(Gson gson, TypeToken type); -} \ No newline at end of file +public interface TypeAdapterFactory +{ + com.google.gson.TypeAdapter create(Gson p0, com.google.gson.reflect.TypeToken p1); +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/internal/Excluder.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/internal/Excluder.java new file mode 100644 index 00000000000..dc05b0477c5 --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/internal/Excluder.java @@ -0,0 +1,25 @@ +// Generated automatically from com.google.gson.internal.Excluder for testing purposes + +package com.google.gson.internal; + +import com.google.gson.ExclusionStrategy; +import com.google.gson.Gson; +import com.google.gson.TypeAdapter; +import com.google.gson.TypeAdapterFactory; +import com.google.gson.reflect.TypeToken; +import java.lang.reflect.Field; + +public class Excluder implements Cloneable, TypeAdapterFactory +{ + protected Excluder clone(){ return null; } + public com.google.gson.TypeAdapter create(Gson p0, com.google.gson.reflect.TypeToken p1){ return null; } + public Excluder disableInnerClassSerialization(){ return null; } + public Excluder excludeFieldsWithoutExposeAnnotation(){ return null; } + public Excluder withExclusionStrategy(ExclusionStrategy p0, boolean p1, boolean p2){ return null; } + public Excluder withModifiers(int... p0){ return null; } + public Excluder withVersion(double p0){ return null; } + public Excluder(){} + public boolean excludeClass(Class p0, boolean p1){ return false; } + public boolean excludeField(Field p0, boolean p1){ return false; } + public static Excluder DEFAULT = null; +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/reflect/TypeToken.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/reflect/TypeToken.java index a35b2a45b85..ac3b84cb258 100644 --- a/java/ql/test/stubs/gson-2.8.6/com/google/gson/reflect/TypeToken.java +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/reflect/TypeToken.java @@ -1,50 +1,22 @@ -/* - * Copyright (C) 2008 Google Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ +// Generated automatically from com.google.gson.reflect.TypeToken for testing purposes package com.google.gson.reflect; -/** - * Represents a generic type {@code T}. Java doesn't yet provide a way to - * represent generic types, so this class does. Forces clients to create a - * subclass of this class which enables retrieval the type information even at - * runtime. - * - *

    For example, to create a type literal for {@code List}, you can - * create an empty anonymous inner class: - * - *

    - * {@code TypeToken> list = new TypeToken>() {};} - * - *

    This syntax cannot be used to create type literals that have wildcard - * parameters, such as {@code Class} or {@code List}. - * - * @author Bob Lee - * @author Sven Mawson - * @author Jesse Wilson - */ -public class TypeToken { +import java.lang.reflect.Type; - /** - * Constructs a new type literal. Derives represented class from type - * parameter. - * - *

    Clients create an empty anonymous subclass. Doing so embeds the type - * parameter in the anonymous class's type hierarchy so we can reconstitute it - * at runtime despite erasure. - */ - protected TypeToken() { - } -} \ No newline at end of file +public class TypeToken +{ + protected TypeToken(){} + public boolean isAssignableFrom(Class p0){ return false; } + public boolean isAssignableFrom(Type p0){ return false; } + public boolean isAssignableFrom(TypeToken p0){ return false; } + public final String toString(){ return null; } + public final Type getType(){ return null; } + public final boolean equals(Object p0){ return false; } + public final int hashCode(){ return 0; } + public final java.lang.Class getRawType(){ return null; } + public static com.google.gson.reflect.TypeToken get(java.lang.Class p0){ return null; } + public static TypeToken get(Type p0){ return null; } + public static TypeToken getArray(Type p0){ return null; } + public static TypeToken getParameterized(Type p0, Type... p1){ return null; } +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/stream/JsonReader.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/stream/JsonReader.java index 5d0d2ad112f..677d58d8cd8 100644 --- a/java/ql/test/stubs/gson-2.8.6/com/google/gson/stream/JsonReader.java +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/stream/JsonReader.java @@ -1,66 +1,33 @@ +// Generated automatically from com.google.gson.stream.JsonReader for testing purposes + package com.google.gson.stream; +import com.google.gson.stream.JsonToken; import java.io.Closeable; -import java.io.IOException; import java.io.Reader; -public class JsonReader implements Closeable { - public JsonReader(Reader in) { - } - - public final void setLenient(boolean lenient) { - } - - public final boolean isLenient() { - return false; - } - - public void beginArray() throws IOException { - } - - public void endArray() throws IOException { - } - - public void beginObject() throws IOException { - } - - public void endObject() throws IOException { - } - - public boolean hasNext() throws IOException { - return false; - } - - public String nextName() throws IOException { - return null; - } - - public String nextString() throws IOException { - return null; - } - - public boolean nextBoolean() throws IOException { - return false; - } - - public void nextNull() throws IOException { - } - - public double nextDouble() throws IOException { - return -1; - } - - public long nextLong() throws IOException { - return -1; - } - - public int nextInt() throws IOException { - return -1; - } - - public void close() throws IOException { - } - - public void skipValue() throws IOException { - } -} \ No newline at end of file +public class JsonReader implements Closeable +{ + protected JsonReader() {} + public JsonReader(Reader p0){} + public JsonToken peek(){ return null; } + public String getPath(){ return null; } + public String getPreviousPath(){ return null; } + public String nextName(){ return null; } + public String nextString(){ return null; } + public String toString(){ return null; } + public boolean hasNext(){ return false; } + public boolean nextBoolean(){ return false; } + public double nextDouble(){ return 0; } + public final boolean isLenient(){ return false; } + public final void setLenient(boolean p0){} + public int nextInt(){ return 0; } + public long nextLong(){ return 0; } + public void beginArray(){} + public void beginObject(){} + public void close(){} + public void endArray(){} + public void endObject(){} + public void nextNull(){} + public void skipValue(){} +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/stream/JsonToken.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/stream/JsonToken.java new file mode 100644 index 00000000000..fbb2e7ac463 --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/stream/JsonToken.java @@ -0,0 +1,10 @@ +// Generated automatically from com.google.gson.stream.JsonToken for testing purposes + +package com.google.gson.stream; + + +public enum JsonToken +{ + BEGIN_ARRAY, BEGIN_OBJECT, BOOLEAN, END_ARRAY, END_DOCUMENT, END_OBJECT, NAME, NULL, NUMBER, STRING; + private JsonToken() {} +} diff --git a/java/ql/test/stubs/gson-2.8.6/com/google/gson/stream/JsonWriter.java b/java/ql/test/stubs/gson-2.8.6/com/google/gson/stream/JsonWriter.java new file mode 100644 index 00000000000..282343f0bed --- /dev/null +++ b/java/ql/test/stubs/gson-2.8.6/com/google/gson/stream/JsonWriter.java @@ -0,0 +1,36 @@ +// Generated automatically from com.google.gson.stream.JsonWriter for testing purposes + +package com.google.gson.stream; + +import java.io.Closeable; +import java.io.Flushable; +import java.io.Writer; + +public class JsonWriter implements Closeable, Flushable +{ + protected JsonWriter() {} + public JsonWriter beginArray(){ return null; } + public JsonWriter beginObject(){ return null; } + public JsonWriter endArray(){ return null; } + public JsonWriter endObject(){ return null; } + public JsonWriter jsonValue(String p0){ return null; } + public JsonWriter name(String p0){ return null; } + public JsonWriter nullValue(){ return null; } + public JsonWriter value(Boolean p0){ return null; } + public JsonWriter value(Number p0){ return null; } + public JsonWriter value(String p0){ return null; } + public JsonWriter value(boolean p0){ return null; } + public JsonWriter value(double p0){ return null; } + public JsonWriter value(float p0){ return null; } + public JsonWriter value(long p0){ return null; } + public JsonWriter(Writer p0){} + public boolean isLenient(){ return false; } + public final boolean getSerializeNulls(){ return false; } + public final boolean isHtmlSafe(){ return false; } + public final void setHtmlSafe(boolean p0){} + public final void setIndent(String p0){} + public final void setLenient(boolean p0){} + public final void setSerializeNulls(boolean p0){} + public void close(){} + public void flush(){} +} diff --git a/java/ql/test/stubs/playframework-2.6.x/play/api/mvc/Cookie.java b/java/ql/test/stubs/playframework-2.6.x/play/api/mvc/Cookie.java new file mode 100644 index 00000000000..1b8377af641 --- /dev/null +++ b/java/ql/test/stubs/playframework-2.6.x/play/api/mvc/Cookie.java @@ -0,0 +1,131 @@ +// Generated automatically from play.api.mvc.Cookie for testing purposes + +package play.api.mvc; + +import play.mvc.Http; + +public class Cookie { + protected Cookie() {} + + abstract static public class SameSite { + protected SameSite() {} + + public Http.Cookie.SameSite asJava() { + return null; + } + + public SameSite(String p0) {} + + public String value() { + return null; + } + + public boolean play$api$mvc$Cookie$SameSite$$matches(String p0) { + return false; + } + } + + public Http.Cookie asJava() { + return null; + } + + public Object productElement(int p0) { + return null; + } + + public String copy$default$1() { + return null; + } + + public String copy$default$2() { + return null; + } + + public String copy$default$4() { + return null; + } + + public String name() { + return null; + } + + public String path() { + return null; + } + + public String productPrefix() { + return null; + } + + public String toString() { + return null; + } + + public String value() { + return null; + } + + public boolean canEqual(Object p0) { + return false; + } + + public boolean copy$default$6() { + return false; + } + + public boolean copy$default$7() { + return false; + } + + public boolean equals(Object p0) { + return false; + } + + public boolean httpOnly() { + return false; + } + + public boolean secure() { + return false; + } + + public int hashCode() { + return 0; + } + + public int productArity() { + return 0; + } + + public static String $lessinit$greater$default$4() { + return null; + } + + public static String apply$default$4() { + return null; + } + + public static boolean $lessinit$greater$default$6() { + return false; + } + + public static boolean $lessinit$greater$default$7() { + return false; + } + + public static boolean apply$default$6() { + return false; + } + + public static boolean apply$default$7() { + return false; + } + + public static int DiscardedMaxAge() { + return 0; + } + + public static play.api.mvc.Cookie validatePrefix(play.api.mvc.Cookie p0) { + return null; + } +} diff --git a/java/ql/test/stubs/playframework-2.6.x/play/libs/ws/StandaloneWSClient.java b/java/ql/test/stubs/playframework-2.6.x/play/libs/ws/StandaloneWSClient.java new file mode 100644 index 00000000000..5a75fc16132 --- /dev/null +++ b/java/ql/test/stubs/playframework-2.6.x/play/libs/ws/StandaloneWSClient.java @@ -0,0 +1,9 @@ +package play.libs.ws; + +public class StandaloneWSClient { + + public StandaloneWSRequest url(String url) { + return null; + } + +} diff --git a/java/ql/test/stubs/playframework-2.6.x/play/libs/ws/StandaloneWSRequest.java b/java/ql/test/stubs/playframework-2.6.x/play/libs/ws/StandaloneWSRequest.java new file mode 100644 index 00000000000..2266d2cc24a --- /dev/null +++ b/java/ql/test/stubs/playframework-2.6.x/play/libs/ws/StandaloneWSRequest.java @@ -0,0 +1,5 @@ +package play.libs.ws; + +public class StandaloneWSRequest { + +} diff --git a/java/ql/test/stubs/playframework-2.6.x/play/libs/ws/WSClient.java b/java/ql/test/stubs/playframework-2.6.x/play/libs/ws/WSClient.java new file mode 100644 index 00000000000..22b3546dddf --- /dev/null +++ b/java/ql/test/stubs/playframework-2.6.x/play/libs/ws/WSClient.java @@ -0,0 +1,9 @@ +package play.libs.ws; + +public class WSClient { + + public WSRequest url(String url) { + return null; + } + +} diff --git a/java/ql/test/stubs/playframework-2.6.x/play/libs/ws/WSRequest.java b/java/ql/test/stubs/playframework-2.6.x/play/libs/ws/WSRequest.java new file mode 100644 index 00000000000..8dbd4521b06 --- /dev/null +++ b/java/ql/test/stubs/playframework-2.6.x/play/libs/ws/WSRequest.java @@ -0,0 +1,5 @@ +package play.libs.ws; + +public class WSRequest { + +} diff --git a/java/ql/test/stubs/playframework-2.6.x/play/mvc/Http.java b/java/ql/test/stubs/playframework-2.6.x/play/mvc/Http.java index 99e22cb5987..b4668362e6c 100644 --- a/java/ql/test/stubs/playframework-2.6.x/play/mvc/Http.java +++ b/java/ql/test/stubs/playframework-2.6.x/play/mvc/Http.java @@ -1,5 +1,6 @@ package play.mvc; +import akka.util.ByteString; import com.fasterxml.jackson.databind.JsonNode; import java.io.File; import java.net.URI; @@ -32,24 +33,12 @@ public class Http { public Context(Request request, JavaContextComponents components) {} - public Context( - Long id, - play.api.mvc.RequestHeader header, - Request request, - Map sessionData, - Map flashData, - Map args, + public Context(Long id, play.api.mvc.RequestHeader header, Request request, + Map sessionData, Map flashData, Map args, JavaContextComponents components) {} - public Context( - Long id, - play.api.mvc.RequestHeader header, - Request request, - Response response, - Session session, - Flash flash, - Map args, - JavaContextComponents components) {} + public Context(Long id, play.api.mvc.RequestHeader header, Request request, Response response, + Session session, Flash flash, Map args, JavaContextComponents components) {} public Long id() { return 0L; @@ -328,8 +317,8 @@ public class Http { return null; } - public RequestBuilder bodyMultipart( - List data, Files.TemporaryFileCreator temporaryFileCreator, String mat) { + public RequestBuilder bodyMultipart(List data, + Files.TemporaryFileCreator temporaryFileCreator, String mat) { return null; } @@ -536,6 +525,10 @@ public class Http { public abstract static class RawBuffer { + public abstract ByteString asBytes(); + + public abstract ByteString asBytes(int maxLength); + public abstract Long size(); public abstract File asFile(); @@ -559,7 +552,8 @@ public class Http { } } - public interface Part {} + public interface Part { + } public static class FilePart implements Part { @@ -577,9 +571,17 @@ public class Http { return ""; } + public String getDispositionType() { + return ""; + } + public A getFile() { return null; } + + public A getRef() { + return null; + } } public static class DataPart { @@ -608,6 +610,10 @@ public class Http { public RequestBody(Object body) {} + public ByteString asBytes() { + return null; + } + public MultipartFormData asMultipartFormData() { return null; } @@ -640,6 +646,10 @@ public class Http { return null; } + public Optional parseJson(Class clazz) { + return null; + } + public String toString() { return ""; } @@ -657,15 +667,8 @@ public class Http { public void setContentType(String contentType) {} @Deprecated - public void setCookie( - String name, - String value, - Integer maxAge, - String path, - String domain, - boolean secure, - boolean httpOnly, - SameSite sameSite) {} + public void setCookie(String name, String value, Integer maxAge, String path, String domain, + boolean secure, boolean httpOnly, SameSite sameSite) {} public void setCookie(Cookie cookie) {} @@ -734,25 +737,12 @@ public class Http { public static class Cookie { - public Cookie( - String name, - String value, - Integer maxAge, - String path, - String domain, - boolean secure, - boolean httpOnly, - SameSite sameSite) {} + public Cookie(String name, String value, Integer maxAge, String path, String domain, + boolean secure, boolean httpOnly, SameSite sameSite) {} @Deprecated - public Cookie( - String name, - String value, - Integer maxAge, - String path, - String domain, - boolean secure, - boolean httpOnly) {} + public Cookie(String name, String value, Integer maxAge, String path, String domain, + boolean secure, boolean httpOnly) {} public static CookieBuilder builder(String name, String value) { return null; @@ -791,9 +781,7 @@ public class Http { } public enum SameSite { - STRICT("Strict"), - LAX("Lax"), - NONE("None"); + STRICT("Strict"), LAX("Lax"), NONE("None"); SameSite(String value) {} @@ -856,6 +844,8 @@ public class Http { public interface Cookies extends Iterable { Cookie get(String name); + + Optional getCookie(String name); } public interface HeaderNames { diff --git a/java/ql/test/stubs/springframework-5.3.8/org/springframework/jdbc/core/JdbcOperations.java b/java/ql/test/stubs/springframework-5.3.8/org/springframework/jdbc/core/JdbcOperations.java index 08ba78baa99..74f7cd40dbf 100644 --- a/java/ql/test/stubs/springframework-5.3.8/org/springframework/jdbc/core/JdbcOperations.java +++ b/java/ql/test/stubs/springframework-5.3.8/org/springframework/jdbc/core/JdbcOperations.java @@ -24,41 +24,41 @@ import org.springframework.jdbc.support.rowset.SqlRowSet; public interface JdbcOperations { - List query(PreparedStatementCreator p0, RowMapper p1); - List query(String p0, Object[] p1, RowMapper p2); - List query(String p0, Object[] p1, int[] p2, RowMapper p3); - List query(String p0, PreparedStatementSetter p1, RowMapper p2); - List query(String p0, RowMapper p1); - List query(String p0, RowMapper p1, Object... p2); - List queryForList(String p0, Class p1); - List queryForList(String p0, Class p1, Object... p2); - List queryForList(String p0, Object[] p1, Class p2); - List queryForList(String p0, Object[] p1, int[] p2, Class p3); - Stream queryForStream(PreparedStatementCreator p0, RowMapper p1); - Stream queryForStream(String p0, PreparedStatementSetter p1, RowMapper p2); - Stream queryForStream(String p0, RowMapper p1); - Stream queryForStream(String p0, RowMapper p1, Object... p2); - T execute(CallableStatementCreator p0, CallableStatementCallback p1); - T execute(ConnectionCallback p0); - T execute(PreparedStatementCreator p0, PreparedStatementCallback p1); - T execute(StatementCallback p0); - T execute(String p0, CallableStatementCallback p1); - T execute(String p0, PreparedStatementCallback p1); - T query(PreparedStatementCreator p0, ResultSetExtractor p1); - T query(String p0, Object[] p1, ResultSetExtractor p2); - T query(String p0, Object[] p1, int[] p2, ResultSetExtractor p3); - T query(String p0, PreparedStatementSetter p1, ResultSetExtractor p2); - T query(String p0, ResultSetExtractor p1); - T query(String p0, ResultSetExtractor p1, Object... p2); - T queryForObject(String p0, Class p1); - T queryForObject(String p0, Class p1, Object... p2); - T queryForObject(String p0, Object[] p1, Class p2); - T queryForObject(String p0, Object[] p1, RowMapper p2); - T queryForObject(String p0, Object[] p1, int[] p2, Class p3); - T queryForObject(String p0, Object[] p1, int[] p2, RowMapper p3); - T queryForObject(String p0, RowMapper p1); - T queryForObject(String p0, RowMapper p1, Object... p2); - int[] batchUpdate(String p0, Collection p1, int p2, ParameterizedPreparedStatementSetter p3); + T execute(CallableStatementCreator p0, org.springframework.jdbc.core.CallableStatementCallback p1); + T execute(PreparedStatementCreator p0, org.springframework.jdbc.core.PreparedStatementCallback p1); + T execute(String p0, org.springframework.jdbc.core.CallableStatementCallback p1); + T execute(String p0, org.springframework.jdbc.core.PreparedStatementCallback p1); + T execute(org.springframework.jdbc.core.ConnectionCallback p0); + T execute(org.springframework.jdbc.core.StatementCallback p0); + T query(PreparedStatementCreator p0, org.springframework.jdbc.core.ResultSetExtractor p1); + T query(String p0, Object[] p1, int[] p2, org.springframework.jdbc.core.ResultSetExtractor p3); + T query(String p0, Object[] p1, org.springframework.jdbc.core.ResultSetExtractor p2); + T query(String p0, PreparedStatementSetter p1, org.springframework.jdbc.core.ResultSetExtractor p2); + T query(String p0, org.springframework.jdbc.core.ResultSetExtractor p1); + T query(String p0, org.springframework.jdbc.core.ResultSetExtractor p1, Object... p2); + T queryForObject(String p0, Object[] p1, int[] p2, java.lang.Class p3); + T queryForObject(String p0, Object[] p1, int[] p2, org.springframework.jdbc.core.RowMapper p3); + T queryForObject(String p0, Object[] p1, java.lang.Class p2); + T queryForObject(String p0, Object[] p1, org.springframework.jdbc.core.RowMapper p2); + T queryForObject(String p0, java.lang.Class p1); + T queryForObject(String p0, java.lang.Class p1, Object... p2); + T queryForObject(String p0, org.springframework.jdbc.core.RowMapper p1); + T queryForObject(String p0, org.springframework.jdbc.core.RowMapper p1, Object... p2); + int[][] batchUpdate(String p0, java.util.Collection p1, int p2, org.springframework.jdbc.core.ParameterizedPreparedStatementSetter p3); + java.util.List query(PreparedStatementCreator p0, org.springframework.jdbc.core.RowMapper p1); + java.util.List query(String p0, Object[] p1, int[] p2, org.springframework.jdbc.core.RowMapper p3); + java.util.List query(String p0, Object[] p1, org.springframework.jdbc.core.RowMapper p2); + java.util.List query(String p0, PreparedStatementSetter p1, org.springframework.jdbc.core.RowMapper p2); + java.util.List query(String p0, org.springframework.jdbc.core.RowMapper p1); + java.util.List query(String p0, org.springframework.jdbc.core.RowMapper p1, Object... p2); + java.util.List queryForList(String p0, Object[] p1, int[] p2, java.lang.Class p3); + java.util.List queryForList(String p0, Object[] p1, java.lang.Class p2); + java.util.List queryForList(String p0, java.lang.Class p1); + java.util.List queryForList(String p0, java.lang.Class p1, Object... p2); + java.util.stream.Stream queryForStream(PreparedStatementCreator p0, org.springframework.jdbc.core.RowMapper p1); + java.util.stream.Stream queryForStream(String p0, PreparedStatementSetter p1, org.springframework.jdbc.core.RowMapper p2); + java.util.stream.Stream queryForStream(String p0, org.springframework.jdbc.core.RowMapper p1); + java.util.stream.Stream queryForStream(String p0, org.springframework.jdbc.core.RowMapper p1, Object... p2); List> queryForList(String p0); List> queryForList(String p0, Object... p1); List> queryForList(String p0, Object[] p1, int[] p2); diff --git a/java/ql/test/stubs/springframework-5.3.8/org/springframework/jdbc/core/JdbcTemplate.java b/java/ql/test/stubs/springframework-5.3.8/org/springframework/jdbc/core/JdbcTemplate.java index 65fb5d6d22e..1f154499fb4 100644 --- a/java/ql/test/stubs/springframework-5.3.8/org/springframework/jdbc/core/JdbcTemplate.java +++ b/java/ql/test/stubs/springframework-5.3.8/org/springframework/jdbc/core/JdbcTemplate.java @@ -35,7 +35,7 @@ import org.springframework.jdbc.support.rowset.SqlRowSet; public class JdbcTemplate extends JdbcAccessor implements JdbcOperations { - protected RowMapper getSingleColumnRowMapper(Class p0){ return null; } + protected org.springframework.jdbc.core.RowMapper getSingleColumnRowMapper(java.lang.Class p0){ return null; } protected Connection createConnectionProxy(Connection p0){ return null; } protected DataAccessException translateException(String p0, String p1, SQLException p2){ return null; } protected Map createResultsMap(){ return null; } @@ -49,43 +49,43 @@ public class JdbcTemplate extends JdbcAccessor implements JdbcOperations protected void applyStatementSettings(Statement p0){} protected void handleWarnings(SQLWarning p0){} protected void handleWarnings(Statement p0){} - public List query(PreparedStatementCreator p0, RowMapper p1){ return null; } - public List query(String p0, Object[] p1, RowMapper p2){ return null; } - public List query(String p0, Object[] p1, int[] p2, RowMapper p3){ return null; } - public List query(String p0, PreparedStatementSetter p1, RowMapper p2){ return null; } - public List query(String p0, RowMapper p1){ return null; } - public List query(String p0, RowMapper p1, Object... p2){ return null; } - public List queryForList(String p0, Class p1){ return null; } - public List queryForList(String p0, Class p1, Object... p2){ return null; } - public List queryForList(String p0, Object[] p1, Class p2){ return null; } - public List queryForList(String p0, Object[] p1, int[] p2, Class p3){ return null; } - public Stream queryForStream(PreparedStatementCreator p0, PreparedStatementSetter p1, RowMapper p2){ return null; } - public Stream queryForStream(PreparedStatementCreator p0, RowMapper p1){ return null; } - public Stream queryForStream(String p0, PreparedStatementSetter p1, RowMapper p2){ return null; } - public Stream queryForStream(String p0, RowMapper p1){ return null; } - public Stream queryForStream(String p0, RowMapper p1, Object... p2){ return null; } - public T execute(CallableStatementCreator p0, CallableStatementCallback p1){ return null; } - public T execute(ConnectionCallback p0){ return null; } - public T execute(PreparedStatementCreator p0, PreparedStatementCallback p1){ return null; } - public T execute(StatementCallback p0){ return null; } - public T execute(String p0, CallableStatementCallback p1){ return null; } - public T execute(String p0, PreparedStatementCallback p1){ return null; } - public T query(PreparedStatementCreator p0, PreparedStatementSetter p1, ResultSetExtractor p2){ return null; } - public T query(PreparedStatementCreator p0, ResultSetExtractor p1){ return null; } - public T query(String p0, Object[] p1, ResultSetExtractor p2){ return null; } - public T query(String p0, Object[] p1, int[] p2, ResultSetExtractor p3){ return null; } - public T query(String p0, PreparedStatementSetter p1, ResultSetExtractor p2){ return null; } - public T query(String p0, ResultSetExtractor p1){ return null; } - public T query(String p0, ResultSetExtractor p1, Object... p2){ return null; } - public T queryForObject(String p0, Class p1){ return null; } - public T queryForObject(String p0, Class p1, Object... p2){ return null; } - public T queryForObject(String p0, Object[] p1, Class p2){ return null; } - public T queryForObject(String p0, Object[] p1, RowMapper p2){ return null; } - public T queryForObject(String p0, Object[] p1, int[] p2, Class p3){ return null; } - public T queryForObject(String p0, Object[] p1, int[] p2, RowMapper p3){ return null; } - public T queryForObject(String p0, RowMapper p1){ return null; } - public T queryForObject(String p0, RowMapper p1, Object... p2){ return null; } - public int[] batchUpdate(String p0, Collection p1, int p2, ParameterizedPreparedStatementSetter p3){ return null; } + public T execute(CallableStatementCreator p0, org.springframework.jdbc.core.CallableStatementCallback p1){ return null; } + public T execute(PreparedStatementCreator p0, org.springframework.jdbc.core.PreparedStatementCallback p1){ return null; } + public T execute(String p0, org.springframework.jdbc.core.CallableStatementCallback p1){ return null; } + public T execute(String p0, org.springframework.jdbc.core.PreparedStatementCallback p1){ return null; } + public T execute(org.springframework.jdbc.core.ConnectionCallback p0){ return null; } + public T execute(org.springframework.jdbc.core.StatementCallback p0){ return null; } + public T query(PreparedStatementCreator p0, PreparedStatementSetter p1, org.springframework.jdbc.core.ResultSetExtractor p2){ return null; } + public T query(PreparedStatementCreator p0, org.springframework.jdbc.core.ResultSetExtractor p1){ return null; } + public T query(String p0, Object[] p1, int[] p2, org.springframework.jdbc.core.ResultSetExtractor p3){ return null; } + public T query(String p0, Object[] p1, org.springframework.jdbc.core.ResultSetExtractor p2){ return null; } + public T query(String p0, PreparedStatementSetter p1, org.springframework.jdbc.core.ResultSetExtractor p2){ return null; } + public T query(String p0, org.springframework.jdbc.core.ResultSetExtractor p1){ return null; } + public T query(String p0, org.springframework.jdbc.core.ResultSetExtractor p1, Object... p2){ return null; } + public T queryForObject(String p0, Object[] p1, int[] p2, java.lang.Class p3){ return null; } + public T queryForObject(String p0, Object[] p1, int[] p2, org.springframework.jdbc.core.RowMapper p3){ return null; } + public T queryForObject(String p0, Object[] p1, java.lang.Class p2){ return null; } + public T queryForObject(String p0, Object[] p1, org.springframework.jdbc.core.RowMapper p2){ return null; } + public T queryForObject(String p0, java.lang.Class p1){ return null; } + public T queryForObject(String p0, java.lang.Class p1, Object... p2){ return null; } + public T queryForObject(String p0, org.springframework.jdbc.core.RowMapper p1){ return null; } + public T queryForObject(String p0, org.springframework.jdbc.core.RowMapper p1, Object... p2){ return null; } + public int[][] batchUpdate(String p0, java.util.Collection p1, int p2, org.springframework.jdbc.core.ParameterizedPreparedStatementSetter p3){ return null; } + public java.util.List query(PreparedStatementCreator p0, org.springframework.jdbc.core.RowMapper p1){ return null; } + public java.util.List query(String p0, Object[] p1, int[] p2, org.springframework.jdbc.core.RowMapper p3){ return null; } + public java.util.List query(String p0, Object[] p1, org.springframework.jdbc.core.RowMapper p2){ return null; } + public java.util.List query(String p0, PreparedStatementSetter p1, org.springframework.jdbc.core.RowMapper p2){ return null; } + public java.util.List query(String p0, org.springframework.jdbc.core.RowMapper p1){ return null; } + public java.util.List query(String p0, org.springframework.jdbc.core.RowMapper p1, Object... p2){ return null; } + public java.util.List queryForList(String p0, Object[] p1, int[] p2, java.lang.Class p3){ return null; } + public java.util.List queryForList(String p0, Object[] p1, java.lang.Class p2){ return null; } + public java.util.List queryForList(String p0, java.lang.Class p1){ return null; } + public java.util.List queryForList(String p0, java.lang.Class p1, Object... p2){ return null; } + public java.util.stream.Stream queryForStream(PreparedStatementCreator p0, PreparedStatementSetter p1, org.springframework.jdbc.core.RowMapper p2){ return null; } + public java.util.stream.Stream queryForStream(PreparedStatementCreator p0, org.springframework.jdbc.core.RowMapper p1){ return null; } + public java.util.stream.Stream queryForStream(String p0, PreparedStatementSetter p1, org.springframework.jdbc.core.RowMapper p2){ return null; } + public java.util.stream.Stream queryForStream(String p0, org.springframework.jdbc.core.RowMapper p1){ return null; } + public java.util.stream.Stream queryForStream(String p0, org.springframework.jdbc.core.RowMapper p1, Object... p2){ return null; } public JdbcTemplate(){} public JdbcTemplate(DataSource p0){} public JdbcTemplate(DataSource p0, boolean p1){} diff --git a/java/ql/test/stubs/springframework-5.3.8/org/springframework/jdbc/core/namedparam/NamedParameterJdbcOperations.java b/java/ql/test/stubs/springframework-5.3.8/org/springframework/jdbc/core/namedparam/NamedParameterJdbcOperations.java new file mode 100644 index 00000000000..de787490da1 --- /dev/null +++ b/java/ql/test/stubs/springframework-5.3.8/org/springframework/jdbc/core/namedparam/NamedParameterJdbcOperations.java @@ -0,0 +1,52 @@ +// Generated automatically from org.springframework.jdbc.core.namedparam.NamedParameterJdbcOperations for testing purposes + +package org.springframework.jdbc.core.namedparam; + +import java.util.List; +import java.util.Map; +import java.util.stream.Stream; +import org.springframework.jdbc.core.JdbcOperations; +import org.springframework.jdbc.core.PreparedStatementCallback; +import org.springframework.jdbc.core.ResultSetExtractor; +import org.springframework.jdbc.core.RowCallbackHandler; +import org.springframework.jdbc.core.RowMapper; +import org.springframework.jdbc.core.namedparam.SqlParameterSource; +import org.springframework.jdbc.support.KeyHolder; +import org.springframework.jdbc.support.rowset.SqlRowSet; + +public interface NamedParameterJdbcOperations +{ + T execute(String p0, Map p1, org.springframework.jdbc.core.PreparedStatementCallback p2); + T execute(String p0, SqlParameterSource p1, org.springframework.jdbc.core.PreparedStatementCallback p2); + T execute(String p0, org.springframework.jdbc.core.PreparedStatementCallback p1); + T query(String p0, Map p1, org.springframework.jdbc.core.ResultSetExtractor p2); + T query(String p0, SqlParameterSource p1, org.springframework.jdbc.core.ResultSetExtractor p2); + T query(String p0, org.springframework.jdbc.core.ResultSetExtractor p1); + T queryForObject(String p0, Map p1, java.lang.Class p2); + T queryForObject(String p0, Map p1, org.springframework.jdbc.core.RowMapper p2); + T queryForObject(String p0, SqlParameterSource p1, java.lang.Class p2); + T queryForObject(String p0, SqlParameterSource p1, org.springframework.jdbc.core.RowMapper p2); + java.util.List query(String p0, Map p1, org.springframework.jdbc.core.RowMapper p2); + java.util.List query(String p0, SqlParameterSource p1, org.springframework.jdbc.core.RowMapper p2); + java.util.List query(String p0, org.springframework.jdbc.core.RowMapper p1); + java.util.List queryForList(String p0, Map p1, java.lang.Class p2); + java.util.List queryForList(String p0, SqlParameterSource p1, java.lang.Class p2); + java.util.stream.Stream queryForStream(String p0, Map p1, org.springframework.jdbc.core.RowMapper p2); + java.util.stream.Stream queryForStream(String p0, SqlParameterSource p1, org.springframework.jdbc.core.RowMapper p2); + JdbcOperations getJdbcOperations(); + List> queryForList(String p0, Map p1); + List> queryForList(String p0, SqlParameterSource p1); + Map queryForMap(String p0, Map p1); + Map queryForMap(String p0, SqlParameterSource p1); + SqlRowSet queryForRowSet(String p0, Map p1); + SqlRowSet queryForRowSet(String p0, SqlParameterSource p1); + int update(String p0, Map p1); + int update(String p0, SqlParameterSource p1); + int update(String p0, SqlParameterSource p1, KeyHolder p2); + int update(String p0, SqlParameterSource p1, KeyHolder p2, String[] p3); + int[] batchUpdate(String p0, Map[] p1); + int[] batchUpdate(String p0, SqlParameterSource[] p1); + void query(String p0, Map p1, RowCallbackHandler p2); + void query(String p0, RowCallbackHandler p1); + void query(String p0, SqlParameterSource p1, RowCallbackHandler p2); +} diff --git a/java/ql/test/stubs/springframework-5.3.8/org/springframework/jdbc/core/namedparam/ParsedSql.java b/java/ql/test/stubs/springframework-5.3.8/org/springframework/jdbc/core/namedparam/ParsedSql.java index a304a40a32c..1ea7fb37448 100644 --- a/java/ql/test/stubs/springframework-5.3.8/org/springframework/jdbc/core/namedparam/ParsedSql.java +++ b/java/ql/test/stubs/springframework-5.3.8/org/springframework/jdbc/core/namedparam/ParsedSql.java @@ -2,21 +2,9 @@ package org.springframework.jdbc.core.namedparam; -import java.util.List; public class ParsedSql { protected ParsedSql() {} - List getParameterNames(){ return null; } - ParsedSql(String p0){} - String getOriginalSql(){ return null; } - int getNamedParameterCount(){ return 0; } - int getTotalParameterCount(){ return 0; } - int getUnnamedParameterCount(){ return 0; } - int[] getParameterIndexes(int p0){ return null; } public String toString(){ return null; } - void addNamedParameter(String p0, int p1, int p2){} - void setNamedParameterCount(int p0){} - void setTotalParameterCount(int p0){} - void setUnnamedParameterCount(int p0){} } diff --git a/java/ql/test/stubs/springframework-5.3.8/org/springframework/jdbc/core/namedparam/SqlParameterSource.java b/java/ql/test/stubs/springframework-5.3.8/org/springframework/jdbc/core/namedparam/SqlParameterSource.java new file mode 100644 index 00000000000..e0095623b68 --- /dev/null +++ b/java/ql/test/stubs/springframework-5.3.8/org/springframework/jdbc/core/namedparam/SqlParameterSource.java @@ -0,0 +1,14 @@ +// Generated automatically from org.springframework.jdbc.core.namedparam.SqlParameterSource for testing purposes + +package org.springframework.jdbc.core.namedparam; + + +public interface SqlParameterSource +{ + Object getValue(String p0); + boolean hasValue(String p0); + default String getTypeName(String p0){ return null; } + default String[] getParameterNames(){ return null; } + default int getSqlType(String p0){ return 0; } + static int TYPE_UNKNOWN = 0; +} diff --git a/java/ql/test/stubs/springframework-5.3.8/org/springframework/jdbc/support/JdbcAccessor.java b/java/ql/test/stubs/springframework-5.3.8/org/springframework/jdbc/support/JdbcAccessor.java index d852955dba8..347e8212c36 100644 --- a/java/ql/test/stubs/springframework-5.3.8/org/springframework/jdbc/support/JdbcAccessor.java +++ b/java/ql/test/stubs/springframework-5.3.8/org/springframework/jdbc/support/JdbcAccessor.java @@ -3,12 +3,14 @@ package org.springframework.jdbc.support; import javax.sql.DataSource; +import org.apache.commons.logging.Log; import org.springframework.beans.factory.InitializingBean; import org.springframework.jdbc.support.SQLExceptionTranslator; abstract public class JdbcAccessor implements InitializingBean { protected DataSource obtainDataSource(){ return null; } + protected final Log logger = null; public DataSource getDataSource(){ return null; } public JdbcAccessor(){} public SQLExceptionTranslator getExceptionTranslator(){ return null; } diff --git a/java/ql/test/stubs/springframework-5.3.8/org/springframework/jdbc/support/KeyHolder.java b/java/ql/test/stubs/springframework-5.3.8/org/springframework/jdbc/support/KeyHolder.java index e699415370e..e19f1c5ff64 100644 --- a/java/ql/test/stubs/springframework-5.3.8/org/springframework/jdbc/support/KeyHolder.java +++ b/java/ql/test/stubs/springframework-5.3.8/org/springframework/jdbc/support/KeyHolder.java @@ -7,7 +7,7 @@ import java.util.Map; public interface KeyHolder { - T getKeyAs(Class p0); + T getKeyAs(java.lang.Class p0); List> getKeyList(); Map getKeys(); Number getKey(); diff --git a/java/ql/test/utils/modelgenerator/dataflow/CaptureSinkModels.expected b/java/ql/test/utils/modelgenerator/dataflow/CaptureSinkModels.expected index b0c363c1b4a..799a1a37dd4 100644 --- a/java/ql/test/utils/modelgenerator/dataflow/CaptureSinkModels.expected +++ b/java/ql/test/utils/modelgenerator/dataflow/CaptureSinkModels.expected @@ -1,5 +1,5 @@ -| p;PrivateFlowViaPublicInterface$SPI;true;openStream;();;Argument[this];create-file;df-generated | -| p;Sinks;true;copyFileToDirectory;(Path,Path,CopyOption[]);;Argument[0];read-file;df-generated | -| p;Sinks;true;copyFileToDirectory;(Path,Path,CopyOption[]);;Argument[1];create-file;df-generated | -| p;Sinks;true;readUrl;(URL,Charset);;Argument[0];open-url;df-generated | -| p;Sources;true;readUrl;(URL);;Argument[0];open-url;df-generated | +| p;PrivateFlowViaPublicInterface$SPI;true;openStream;();;Argument[this];path-injection;df-generated | +| p;Sinks;true;copyFileToDirectory;(Path,Path,CopyOption[]);;Argument[0];path-injection;df-generated | +| p;Sinks;true;copyFileToDirectory;(Path,Path,CopyOption[]);;Argument[1];path-injection;df-generated | +| p;Sinks;true;readUrl;(URL,Charset);;Argument[0];request-forgery;df-generated | +| p;Sources;true;readUrl;(URL);;Argument[0];request-forgery;df-generated | diff --git a/javascript/downgrades/8accf0f930bcb8b42d69fd7ef7b4372604f551ed/old.dbscheme b/javascript/downgrades/8accf0f930bcb8b42d69fd7ef7b4372604f551ed/old.dbscheme new file mode 100644 index 00000000000..8accf0f930b --- /dev/null +++ b/javascript/downgrades/8accf0f930bcb8b42d69fd7ef7b4372604f551ed/old.dbscheme @@ -0,0 +1,1189 @@ +/*** Standard fragments ***/ + +/*- Files and folders -*/ + +/** + * The location of an element. + * The location spans column `startcolumn` of line `startline` to + * column `endcolumn` of line `endline` in file `file`. + * For more information, see + * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). + */ +locations_default( + unique int id: @location_default, + int file: @file ref, + int beginLine: int ref, + int beginColumn: int ref, + int endLine: int ref, + int endColumn: int ref +); + +files( + unique int id: @file, + string name: string ref +); + +folders( + unique int id: @folder, + string name: string ref +); + +@container = @file | @folder + +containerparent( + int parent: @container ref, + unique int child: @container ref +); + +/*- Lines of code -*/ + +numlines( + int element_id: @sourceline ref, + int num_lines: int ref, + int num_code: int ref, + int num_comment: int ref +); + +/*- External data -*/ + +/** + * External data, loaded from CSV files during snapshot creation. See + * [Tutorial: Incorporating external data](https://help.semmle.com/wiki/display/SD/Tutorial%3A+Incorporating+external+data) + * for more information. + */ +externalData( + int id : @externalDataElement, + string path : string ref, + int column: int ref, + string value : string ref +); + +/*- Source location prefix -*/ + +/** + * The source location of the snapshot. + */ +sourceLocationPrefix(string prefix : string ref); + +/*- JavaScript-specific part -*/ + +@location = @location_default + +@sourceline = @locatable; + +filetype( + int file: @file ref, + string filetype: string ref +) + +// top-level code fragments +toplevels (unique int id: @toplevel, + int kind: int ref); + +is_externs (int toplevel: @toplevel ref); + +case @toplevel.kind of + 0 = @script +| 1 = @inline_script +| 2 = @event_handler +| 3 = @javascript_url +| 4 = @template_toplevel; + +is_module (int tl: @toplevel ref); +is_nodejs (int tl: @toplevel ref); +is_es2015_module (int tl: @toplevel ref); +is_closure_module (int tl: @toplevel ref); + +@xml_node_with_code = @xmlelement | @xmlattribute | @template_placeholder_tag; +toplevel_parent_xml_node( + unique int toplevel: @toplevel ref, + int xmlnode: @xml_node_with_code ref); + +xml_element_parent_expression( + unique int xmlnode: @xmlelement ref, + int expression: @expr ref, + int index: int ref); + +// statements +#keyset[parent, idx] +stmts (unique int id: @stmt, + int kind: int ref, + int parent: @stmt_parent ref, + int idx: int ref, + varchar(900) tostring: string ref); + +stmt_containers (unique int stmt: @stmt ref, + int container: @stmt_container ref); + +jump_targets (unique int jump: @stmt ref, + int target: @stmt ref); + +@stmt_parent = @stmt | @toplevel | @function_expr | @arrow_function_expr | @static_initializer; +@stmt_container = @toplevel | @function | @namespace_declaration | @external_module_declaration | @global_augmentation_declaration; + +case @stmt.kind of + 0 = @empty_stmt +| 1 = @block_stmt +| 2 = @expr_stmt +| 3 = @if_stmt +| 4 = @labeled_stmt +| 5 = @break_stmt +| 6 = @continue_stmt +| 7 = @with_stmt +| 8 = @switch_stmt +| 9 = @return_stmt +| 10 = @throw_stmt +| 11 = @try_stmt +| 12 = @while_stmt +| 13 = @do_while_stmt +| 14 = @for_stmt +| 15 = @for_in_stmt +| 16 = @debugger_stmt +| 17 = @function_decl_stmt +| 18 = @var_decl_stmt +| 19 = @case +| 20 = @catch_clause +| 21 = @for_of_stmt +| 22 = @const_decl_stmt +| 23 = @let_stmt +| 24 = @legacy_let_stmt +| 25 = @for_each_stmt +| 26 = @class_decl_stmt +| 27 = @import_declaration +| 28 = @export_all_declaration +| 29 = @export_default_declaration +| 30 = @export_named_declaration +| 31 = @namespace_declaration +| 32 = @import_equals_declaration +| 33 = @export_assign_declaration +| 34 = @interface_declaration +| 35 = @type_alias_declaration +| 36 = @enum_declaration +| 37 = @external_module_declaration +| 38 = @export_as_namespace_declaration +| 39 = @global_augmentation_declaration +; + +@decl_stmt = @var_decl_stmt | @const_decl_stmt | @let_stmt | @legacy_let_stmt; + +@export_declaration = @export_all_declaration | @export_default_declaration | @export_named_declaration; + +@namespace_definition = @namespace_declaration | @enum_declaration; +@type_definition = @class_definition | @interface_declaration | @enum_declaration | @type_alias_declaration | @enum_member; + +is_instantiated(unique int decl: @namespace_declaration ref); + +@declarable_node = @decl_stmt | @namespace_declaration | @class_decl_stmt | @function_decl_stmt | @enum_declaration | @external_module_declaration | @global_augmentation_declaration | @field; +has_declare_keyword(unique int stmt: @declarable_node ref); + +is_for_await_of(unique int forof: @for_of_stmt ref); + +// expressions +#keyset[parent, idx] +exprs (unique int id: @expr, + int kind: int ref, + int parent: @expr_parent ref, + int idx: int ref, + varchar(900) tostring: string ref); + +literals (varchar(900) value: string ref, + varchar(900) raw: string ref, + unique int expr: @expr_or_type ref); + +enclosing_stmt (unique int expr: @expr_or_type ref, + int stmt: @stmt ref); + +expr_containers (unique int expr: @expr_or_type ref, + int container: @stmt_container ref); + +array_size (unique int ae: @arraylike ref, + int sz: int ref); + +is_delegating (int yield: @yield_expr ref); + +@expr_or_stmt = @expr | @stmt; +@expr_or_type = @expr | @typeexpr; +@expr_parent = @expr_or_stmt | @property | @function_typeexpr; +@arraylike = @array_expr | @array_pattern; +@type_annotation = @typeexpr | @jsdoc_type_expr; +@node_in_stmt_container = @cfg_node | @type_annotation | @toplevel; + +case @expr.kind of + 0 = @label +| 1 = @null_literal +| 2 = @boolean_literal +| 3 = @number_literal +| 4 = @string_literal +| 5 = @regexp_literal +| 6 = @this_expr +| 7 = @array_expr +| 8 = @obj_expr +| 9 = @function_expr +| 10 = @seq_expr +| 11 = @conditional_expr +| 12 = @new_expr +| 13 = @call_expr +| 14 = @dot_expr +| 15 = @index_expr +| 16 = @neg_expr +| 17 = @plus_expr +| 18 = @log_not_expr +| 19 = @bit_not_expr +| 20 = @typeof_expr +| 21 = @void_expr +| 22 = @delete_expr +| 23 = @eq_expr +| 24 = @neq_expr +| 25 = @eqq_expr +| 26 = @neqq_expr +| 27 = @lt_expr +| 28 = @le_expr +| 29 = @gt_expr +| 30 = @ge_expr +| 31 = @lshift_expr +| 32 = @rshift_expr +| 33 = @urshift_expr +| 34 = @add_expr +| 35 = @sub_expr +| 36 = @mul_expr +| 37 = @div_expr +| 38 = @mod_expr +| 39 = @bitor_expr +| 40 = @xor_expr +| 41 = @bitand_expr +| 42 = @in_expr +| 43 = @instanceof_expr +| 44 = @logand_expr +| 45 = @logor_expr +| 47 = @assign_expr +| 48 = @assign_add_expr +| 49 = @assign_sub_expr +| 50 = @assign_mul_expr +| 51 = @assign_div_expr +| 52 = @assign_mod_expr +| 53 = @assign_lshift_expr +| 54 = @assign_rshift_expr +| 55 = @assign_urshift_expr +| 56 = @assign_or_expr +| 57 = @assign_xor_expr +| 58 = @assign_and_expr +| 59 = @preinc_expr +| 60 = @postinc_expr +| 61 = @predec_expr +| 62 = @postdec_expr +| 63 = @par_expr +| 64 = @var_declarator +| 65 = @arrow_function_expr +| 66 = @spread_element +| 67 = @array_pattern +| 68 = @object_pattern +| 69 = @yield_expr +| 70 = @tagged_template_expr +| 71 = @template_literal +| 72 = @template_element +| 73 = @array_comprehension_expr +| 74 = @generator_expr +| 75 = @for_in_comprehension_block +| 76 = @for_of_comprehension_block +| 77 = @legacy_letexpr +| 78 = @var_decl +| 79 = @proper_varaccess +| 80 = @class_expr +| 81 = @super_expr +| 82 = @newtarget_expr +| 83 = @named_import_specifier +| 84 = @import_default_specifier +| 85 = @import_namespace_specifier +| 86 = @named_export_specifier +| 87 = @exp_expr +| 88 = @assign_exp_expr +| 89 = @jsx_element +| 90 = @jsx_qualified_name +| 91 = @jsx_empty_expr +| 92 = @await_expr +| 93 = @function_sent_expr +| 94 = @decorator +| 95 = @export_default_specifier +| 96 = @export_namespace_specifier +| 97 = @bind_expr +| 98 = @external_module_reference +| 99 = @dynamic_import +| 100 = @expression_with_type_arguments +| 101 = @prefix_type_assertion +| 102 = @as_type_assertion +| 103 = @export_varaccess +| 104 = @decorator_list +| 105 = @non_null_assertion +| 106 = @bigint_literal +| 107 = @nullishcoalescing_expr +| 108 = @e4x_xml_anyname +| 109 = @e4x_xml_static_attribute_selector +| 110 = @e4x_xml_dynamic_attribute_selector +| 111 = @e4x_xml_filter_expression +| 112 = @e4x_xml_static_qualident +| 113 = @e4x_xml_dynamic_qualident +| 114 = @e4x_xml_dotdotexpr +| 115 = @import_meta_expr +| 116 = @assignlogandexpr +| 117 = @assignlogorexpr +| 118 = @assignnullishcoalescingexpr +| 119 = @template_pipe_ref +| 120 = @generated_code_expr +| 121 = @satisfies_expr +; + +@varaccess = @proper_varaccess | @export_varaccess; +@varref = @var_decl | @varaccess; + +@identifier = @label | @varref | @type_identifier; + +@literal = @null_literal | @boolean_literal | @number_literal | @string_literal | @regexp_literal | @bigint_literal; + +@propaccess = @dot_expr | @index_expr; + +@invokeexpr = @new_expr | @call_expr; + +@unaryexpr = @neg_expr | @plus_expr | @log_not_expr | @bit_not_expr | @typeof_expr | @void_expr | @delete_expr | @spread_element; + +@equality_test = @eq_expr | @neq_expr | @eqq_expr | @neqq_expr; + +@comparison = @equality_test | @lt_expr | @le_expr | @gt_expr | @ge_expr; + +@binaryexpr = @comparison | @lshift_expr | @rshift_expr | @urshift_expr | @add_expr | @sub_expr | @mul_expr | @div_expr | @mod_expr | @exp_expr | @bitor_expr | @xor_expr | @bitand_expr | @in_expr | @instanceof_expr | @logand_expr | @logor_expr | @nullishcoalescing_expr; + +@assignment = @assign_expr | @assign_add_expr | @assign_sub_expr | @assign_mul_expr | @assign_div_expr | @assign_mod_expr | @assign_exp_expr | @assign_lshift_expr | @assign_rshift_expr | @assign_urshift_expr | @assign_or_expr | @assign_xor_expr | @assign_and_expr | @assignlogandexpr | @assignlogorexpr | @assignnullishcoalescingexpr; + +@updateexpr = @preinc_expr | @postinc_expr | @predec_expr | @postdec_expr; + +@pattern = @varref | @array_pattern | @object_pattern; + +@comprehension_expr = @array_comprehension_expr | @generator_expr; + +@comprehension_block = @for_in_comprehension_block | @for_of_comprehension_block; + +@import_specifier = @named_import_specifier | @import_default_specifier | @import_namespace_specifier; + +@exportspecifier = @named_export_specifier | @export_default_specifier | @export_namespace_specifier; + +@type_keyword_operand = @import_declaration | @export_declaration | @import_specifier; + +@type_assertion = @as_type_assertion | @prefix_type_assertion; + +@class_definition = @class_decl_stmt | @class_expr; +@interface_definition = @interface_declaration | @interface_typeexpr; +@class_or_interface = @class_definition | @interface_definition; + +@lexical_decl = @var_decl | @type_decl; +@lexical_access = @varaccess | @local_type_access | @local_var_type_access | @local_namespace_access; +@lexical_ref = @lexical_decl | @lexical_access; + +@e4x_xml_attribute_selector = @e4x_xml_static_attribute_selector | @e4x_xml_dynamic_attribute_selector; +@e4x_xml_qualident = @e4x_xml_static_qualident | @e4x_xml_dynamic_qualident; + +expr_contains_template_tag_location( + int expr: @expr ref, + int location: @location ref +); + +@template_placeholder_tag_parent = @xmlelement | @xmlattribute | @file; + +template_placeholder_tag_info( + unique int node: @template_placeholder_tag, + int parentNode: @template_placeholder_tag_parent ref, + varchar(900) raw: string ref +); + +// scopes +scopes (unique int id: @scope, + int kind: int ref); + +case @scope.kind of + 0 = @global_scope +| 1 = @function_scope +| 2 = @catch_scope +| 3 = @module_scope +| 4 = @block_scope +| 5 = @for_scope +| 6 = @for_in_scope // for-of scopes work the same as for-in scopes +| 7 = @comprehension_block_scope +| 8 = @class_expr_scope +| 9 = @namespace_scope +| 10 = @class_decl_scope +| 11 = @interface_scope +| 12 = @type_alias_scope +| 13 = @mapped_type_scope +| 14 = @enum_scope +| 15 = @external_module_scope +| 16 = @conditional_type_scope; + +scopenodes (unique int node: @ast_node ref, + int scope: @scope ref); + +scopenesting (unique int inner: @scope ref, + int outer: @scope ref); + +// functions +@function = @function_decl_stmt | @function_expr | @arrow_function_expr; + +@parameterized = @function | @catch_clause; +@type_parameterized = @function | @class_or_interface | @type_alias_declaration | @mapped_typeexpr | @infer_typeexpr; + +is_generator (int fun: @function ref); +has_rest_parameter (int fun: @function ref); +is_async (int fun: @function ref); + +// variables and lexically scoped type names +#keyset[scope, name] +variables (unique int id: @variable, + varchar(900) name: string ref, + int scope: @scope ref); + +#keyset[scope, name] +local_type_names (unique int id: @local_type_name, + varchar(900) name: string ref, + int scope: @scope ref); + +#keyset[scope, name] +local_namespace_names (unique int id: @local_namespace_name, + varchar(900) name: string ref, + int scope: @scope ref); + +is_arguments_object (int id: @variable ref); + +@lexical_name = @variable | @local_type_name | @local_namespace_name; + +@bind_id = @varaccess | @local_var_type_access; +bind (unique int id: @bind_id ref, + int decl: @variable ref); + +decl (unique int id: @var_decl ref, + int decl: @variable ref); + +@typebind_id = @local_type_access | @export_varaccess; +typebind (unique int id: @typebind_id ref, + int decl: @local_type_name ref); + +@typedecl_id = @type_decl | @var_decl; +typedecl (unique int id: @typedecl_id ref, + int decl: @local_type_name ref); + +namespacedecl (unique int id: @var_decl ref, + int decl: @local_namespace_name ref); + +@namespacebind_id = @local_namespace_access | @export_varaccess; +namespacebind (unique int id: @namespacebind_id ref, + int decl: @local_namespace_name ref); + + +// properties in object literals, property patterns in object patterns, and method declarations in classes +#keyset[parent, index] +properties (unique int id: @property, + int parent: @property_parent ref, + int index: int ref, + int kind: int ref, + varchar(900) tostring: string ref); + +case @property.kind of + 0 = @value_property +| 1 = @property_getter +| 2 = @property_setter +| 3 = @jsx_attribute +| 4 = @function_call_signature +| 5 = @constructor_call_signature +| 6 = @index_signature +| 7 = @enum_member +| 8 = @proper_field +| 9 = @parameter_field +| 10 = @static_initializer +; + +@property_parent = @obj_expr | @object_pattern | @class_definition | @jsx_element | @interface_definition | @enum_declaration; +@property_accessor = @property_getter | @property_setter; +@call_signature = @function_call_signature | @constructor_call_signature; +@field = @proper_field | @parameter_field; +@field_or_vardeclarator = @field | @var_declarator; + +is_computed (int id: @property ref); +is_method (int id: @property ref); +is_static (int id: @property ref); +is_abstract_member (int id: @property ref); +is_const_enum (int id: @enum_declaration ref); +is_abstract_class (int id: @class_decl_stmt ref); + +has_public_keyword (int id: @property ref); +has_private_keyword (int id: @property ref); +has_protected_keyword (int id: @property ref); +has_readonly_keyword (int id: @property ref); +has_type_keyword (int id: @type_keyword_operand ref); +is_optional_member (int id: @property ref); +has_definite_assignment_assertion (int id: @field_or_vardeclarator ref); +is_optional_parameter_declaration (unique int parameter: @pattern ref); + +#keyset[constructor, param_index] +parameter_fields( + unique int field: @parameter_field ref, + int constructor: @function_expr ref, + int param_index: int ref +); + +// types +#keyset[parent, idx] +typeexprs ( + unique int id: @typeexpr, + int kind: int ref, + int parent: @typeexpr_parent ref, + int idx: int ref, + varchar(900) tostring: string ref +); + +case @typeexpr.kind of + 0 = @local_type_access +| 1 = @type_decl +| 2 = @keyword_typeexpr +| 3 = @string_literal_typeexpr +| 4 = @number_literal_typeexpr +| 5 = @boolean_literal_typeexpr +| 6 = @array_typeexpr +| 7 = @union_typeexpr +| 8 = @indexed_access_typeexpr +| 9 = @intersection_typeexpr +| 10 = @parenthesized_typeexpr +| 11 = @tuple_typeexpr +| 12 = @keyof_typeexpr +| 13 = @qualified_type_access +| 14 = @generic_typeexpr +| 15 = @type_label +| 16 = @typeof_typeexpr +| 17 = @local_var_type_access +| 18 = @qualified_var_type_access +| 19 = @this_var_type_access +| 20 = @predicate_typeexpr +| 21 = @interface_typeexpr +| 22 = @type_parameter +| 23 = @plain_function_typeexpr +| 24 = @constructor_typeexpr +| 25 = @local_namespace_access +| 26 = @qualified_namespace_access +| 27 = @mapped_typeexpr +| 28 = @conditional_typeexpr +| 29 = @infer_typeexpr +| 30 = @import_type_access +| 31 = @import_namespace_access +| 32 = @import_var_type_access +| 33 = @optional_typeexpr +| 34 = @rest_typeexpr +| 35 = @bigint_literal_typeexpr +| 36 = @readonly_typeexpr +| 37 = @template_literal_typeexpr +; + +@typeref = @typeaccess | @type_decl; +@type_identifier = @type_decl | @local_type_access | @type_label | @local_var_type_access | @local_namespace_access; +@typeexpr_parent = @expr | @stmt | @property | @typeexpr; +@literal_typeexpr = @string_literal_typeexpr | @number_literal_typeexpr | @boolean_literal_typeexpr | @bigint_literal_typeexpr; +@typeaccess = @local_type_access | @qualified_type_access | @import_type_access; +@vartypeaccess = @local_var_type_access | @qualified_var_type_access | @this_var_type_access | @import_var_type_access; +@namespace_access = @local_namespace_access | @qualified_namespace_access | @import_namespace_access; +@import_typeexpr = @import_type_access | @import_namespace_access | @import_var_type_access; + +@function_typeexpr = @plain_function_typeexpr | @constructor_typeexpr; + +// types +types ( + unique int id: @type, + int kind: int ref, + varchar(900) tostring: string ref +); + +#keyset[parent, idx] +type_child ( + int child: @type ref, + int parent: @type ref, + int idx: int ref +); + +case @type.kind of + 0 = @any_type +| 1 = @string_type +| 2 = @number_type +| 3 = @union_type +| 4 = @true_type +| 5 = @false_type +| 6 = @type_reference +| 7 = @object_type +| 8 = @canonical_type_variable_type +| 9 = @typeof_type +| 10 = @void_type +| 11 = @undefined_type +| 12 = @null_type +| 13 = @never_type +| 14 = @plain_symbol_type +| 15 = @unique_symbol_type +| 16 = @objectkeyword_type +| 17 = @intersection_type +| 18 = @tuple_type +| 19 = @lexical_type_variable_type +| 20 = @this_type +| 21 = @number_literal_type +| 22 = @string_literal_type +| 23 = @unknown_type +| 24 = @bigint_type +| 25 = @bigint_literal_type +; + +@boolean_literal_type = @true_type | @false_type; +@symbol_type = @plain_symbol_type | @unique_symbol_type; +@union_or_intersection_type = @union_type | @intersection_type; +@typevariable_type = @canonical_type_variable_type | @lexical_type_variable_type; + +has_asserts_keyword(int node: @predicate_typeexpr ref); + +@typed_ast_node = @expr | @typeexpr | @function; +ast_node_type( + unique int node: @typed_ast_node ref, + int typ: @type ref); + +declared_function_signature( + unique int node: @function ref, + int sig: @signature_type ref +); + +invoke_expr_signature( + unique int node: @invokeexpr ref, + int sig: @signature_type ref +); + +invoke_expr_overload_index( + unique int node: @invokeexpr ref, + int index: int ref +); + +symbols ( + unique int id: @symbol, + int kind: int ref, + varchar(900) name: string ref +); + +symbol_parent ( + unique int symbol: @symbol ref, + int parent: @symbol ref +); + +symbol_module ( + int symbol: @symbol ref, + varchar(900) moduleName: string ref +); + +symbol_global ( + int symbol: @symbol ref, + varchar(900) globalName: string ref +); + +case @symbol.kind of + 0 = @root_symbol +| 1 = @member_symbol +| 2 = @other_symbol +; + +@type_with_symbol = @type_reference | @typevariable_type | @typeof_type | @unique_symbol_type; +@ast_node_with_symbol = @type_definition | @namespace_definition | @toplevel | @typeaccess | @namespace_access | @var_decl | @function | @invokeexpr | @import_declaration | @external_module_reference | @external_module_declaration; + +ast_node_symbol( + unique int node: @ast_node_with_symbol ref, + int symbol: @symbol ref); + +type_symbol( + unique int typ: @type_with_symbol ref, + int symbol: @symbol ref); + +#keyset[typ, name] +type_property( + int typ: @type ref, + varchar(900) name: string ref, + int propertyType: @type ref); + +type_alias( + unique int aliasType: @type ref, + int underlyingType: @type ref); + +@literal_type = @string_literal_type | @number_literal_type | @boolean_literal_type | @bigint_literal_type; +@type_with_literal_value = @string_literal_type | @number_literal_type | @bigint_literal_type; +type_literal_value( + unique int typ: @type_with_literal_value ref, + varchar(900) value: string ref); + +signature_types ( + unique int id: @signature_type, + int kind: int ref, + varchar(900) tostring: string ref, + int type_parameters: int ref, + int required_params: int ref +); + +is_abstract_signature( + unique int sig: @signature_type ref +); + +signature_rest_parameter( + unique int sig: @signature_type ref, + int rest_param_arra_type: @type ref +); + +case @signature_type.kind of + 0 = @function_signature_type +| 1 = @constructor_signature_type +; + +#keyset[typ, kind, index] +type_contains_signature ( + int typ: @type ref, + int kind: int ref, // constructor/call/index + int index: int ref, // ordering of overloaded signatures + int sig: @signature_type ref +); + +#keyset[parent, index] +signature_contains_type ( + int child: @type ref, + int parent: @signature_type ref, + int index: int ref +); + +#keyset[sig, index] +signature_parameter_name ( + int sig: @signature_type ref, + int index: int ref, + varchar(900) name: string ref +); + +number_index_type ( + unique int baseType: @type ref, + int propertyType: @type ref +); + +string_index_type ( + unique int baseType: @type ref, + int propertyType: @type ref +); + +base_type_names( + int typeName: @symbol ref, + int baseTypeName: @symbol ref +); + +self_types( + int typeName: @symbol ref, + int selfType: @type_reference ref +); + +tuple_type_min_length( + unique int typ: @type ref, + int minLength: int ref +); + +tuple_type_rest_index( + unique int typ: @type ref, + int index: int ref +); + +// comments +comments (unique int id: @comment, + int kind: int ref, + int toplevel: @toplevel ref, + varchar(900) text: string ref, + varchar(900) tostring: string ref); + +case @comment.kind of + 0 = @slashslash_comment +| 1 = @slashstar_comment +| 2 = @doc_comment +| 3 = @html_comment_start +| 4 = @htmlcommentend; + +@html_comment = @html_comment_start | @htmlcommentend; +@line_comment = @slashslash_comment | @html_comment; +@block_comment = @slashstar_comment | @doc_comment; + +// source lines +lines (unique int id: @line, + int toplevel: @toplevel ref, + varchar(900) text: string ref, + varchar(2) terminator: string ref); +indentation (int file: @file ref, + int lineno: int ref, + varchar(1) indentChar: string ref, + int indentDepth: int ref); + +// JavaScript parse errors +js_parse_errors (unique int id: @js_parse_error, + int toplevel: @toplevel ref, + varchar(900) message: string ref, + varchar(900) line: string ref); + +// regular expressions +#keyset[parent, idx] +regexpterm (unique int id: @regexpterm, + int kind: int ref, + int parent: @regexpparent ref, + int idx: int ref, + varchar(900) tostring: string ref); + +@regexpparent = @regexpterm | @regexp_literal | @string_literal | @add_expr; + +case @regexpterm.kind of + 0 = @regexp_alt +| 1 = @regexp_seq +| 2 = @regexp_caret +| 3 = @regexp_dollar +| 4 = @regexp_wordboundary +| 5 = @regexp_nonwordboundary +| 6 = @regexp_positive_lookahead +| 7 = @regexp_negative_lookahead +| 8 = @regexp_star +| 9 = @regexp_plus +| 10 = @regexp_opt +| 11 = @regexp_range +| 12 = @regexp_dot +| 13 = @regexp_group +| 14 = @regexp_normal_constant +| 15 = @regexp_hex_escape +| 16 = @regexp_unicode_escape +| 17 = @regexp_dec_escape +| 18 = @regexp_oct_escape +| 19 = @regexp_ctrl_escape +| 20 = @regexp_char_class_escape +| 21 = @regexp_id_escape +| 22 = @regexp_backref +| 23 = @regexp_char_class +| 24 = @regexp_char_range +| 25 = @regexp_positive_lookbehind +| 26 = @regexp_negative_lookbehind +| 27 = @regexp_unicode_property_escape; + +regexp_parse_errors (unique int id: @regexp_parse_error, + int regexp: @regexpterm ref, + varchar(900) message: string ref); + +@regexp_quantifier = @regexp_star | @regexp_plus | @regexp_opt | @regexp_range; +@regexp_escape = @regexp_char_escape | @regexp_char_class_escape | @regexp_unicode_property_escape; +@regexp_char_escape = @regexp_hex_escape | @regexp_unicode_escape | @regexp_dec_escape | @regexp_oct_escape | @regexp_ctrl_escape | @regexp_id_escape; +@regexp_constant = @regexp_normal_constant | @regexp_char_escape; +@regexp_lookahead = @regexp_positive_lookahead | @regexp_negative_lookahead; +@regexp_lookbehind = @regexp_positive_lookbehind | @regexp_negative_lookbehind; +@regexp_subpattern = @regexp_lookahead | @regexp_lookbehind; +@regexp_anchor = @regexp_dollar | @regexp_caret; + +is_greedy (int id: @regexp_quantifier ref); +range_quantifier_lower_bound (unique int id: @regexp_range ref, int lo: int ref); +range_quantifier_upper_bound (unique int id: @regexp_range ref, int hi: int ref); +is_capture (unique int id: @regexp_group ref, int number: int ref); +is_named_capture (unique int id: @regexp_group ref, string name: string ref); +is_inverted (int id: @regexp_char_class ref); +regexp_const_value (unique int id: @regexp_constant ref, varchar(1) value: string ref); +char_class_escape (unique int id: @regexp_char_class_escape ref, varchar(1) value: string ref); +backref (unique int id: @regexp_backref ref, int value: int ref); +named_backref (unique int id: @regexp_backref ref, string name: string ref); +unicode_property_escapename (unique int id: @regexp_unicode_property_escape ref, string name: string ref); +unicode_property_escapevalue (unique int id: @regexp_unicode_property_escape ref, string value: string ref); + +// tokens +#keyset[toplevel, idx] +tokeninfo (unique int id: @token, + int kind: int ref, + int toplevel: @toplevel ref, + int idx: int ref, + varchar(900) value: string ref); + +case @token.kind of + 0 = @token_eof +| 1 = @token_null_literal +| 2 = @token_boolean_literal +| 3 = @token_numeric_literal +| 4 = @token_string_literal +| 5 = @token_regular_expression +| 6 = @token_identifier +| 7 = @token_keyword +| 8 = @token_punctuator; + +// associate comments with the token immediately following them (which may be EOF) +next_token (int comment: @comment ref, int token: @token ref); + +// JSON +#keyset[parent, idx] +json (unique int id: @json_value, + int kind: int ref, + int parent: @json_parent ref, + int idx: int ref, + varchar(900) tostring: string ref); + +json_literals (varchar(900) value: string ref, + varchar(900) raw: string ref, + unique int expr: @json_value ref); + +json_properties (int obj: @json_object ref, + varchar(900) property: string ref, + int value: @json_value ref); + +json_errors (unique int id: @json_parse_error, + varchar(900) message: string ref); + +json_locations(unique int locatable: @json_locatable ref, + int location: @location_default ref); + +case @json_value.kind of + 0 = @json_null +| 1 = @json_boolean +| 2 = @json_number +| 3 = @json_string +| 4 = @json_array +| 5 = @json_object; + +@json_parent = @json_object | @json_array | @file; + +@json_locatable = @json_value | @json_parse_error; + +// locations +@ast_node = @toplevel | @stmt | @expr | @property | @typeexpr; + +@locatable = @file + | @ast_node + | @comment + | @line + | @js_parse_error | @regexp_parse_error + | @regexpterm + | @json_locatable + | @token + | @cfg_node + | @jsdoc | @jsdoc_type_expr | @jsdoc_tag + | @yaml_locatable + | @xmllocatable + | @configLocatable + | @template_placeholder_tag; + +hasLocation (unique int locatable: @locatable ref, + int location: @location ref); + +// CFG +entry_cfg_node (unique int id: @entry_node, int container: @stmt_container ref); +exit_cfg_node (unique int id: @exit_node, int container: @stmt_container ref); +guard_node (unique int id: @guard_node, int kind: int ref, int test: @expr ref); +case @guard_node.kind of + 0 = @falsy_guard +| 1 = @truthy_guard; +@condition_guard = @falsy_guard | @truthy_guard; + +@synthetic_cfg_node = @entry_node | @exit_node | @guard_node; +@cfg_node = @synthetic_cfg_node | @expr_parent; + +successor (int pred: @cfg_node ref, int succ: @cfg_node ref); + +// JSDoc comments +jsdoc (unique int id: @jsdoc, varchar(900) description: string ref, int comment: @comment ref); +#keyset[parent, idx] +jsdoc_tags (unique int id: @jsdoc_tag, varchar(900) title: string ref, + int parent: @jsdoc ref, int idx: int ref, varchar(900) tostring: string ref); +jsdoc_tag_descriptions (unique int tag: @jsdoc_tag ref, varchar(900) text: string ref); +jsdoc_tag_names (unique int tag: @jsdoc_tag ref, varchar(900) text: string ref); + +#keyset[parent, idx] +jsdoc_type_exprs (unique int id: @jsdoc_type_expr, + int kind: int ref, + int parent: @jsdoc_type_expr_parent ref, + int idx: int ref, + varchar(900) tostring: string ref); +case @jsdoc_type_expr.kind of + 0 = @jsdoc_any_type_expr +| 1 = @jsdoc_null_type_expr +| 2 = @jsdoc_undefined_type_expr +| 3 = @jsdoc_unknown_type_expr +| 4 = @jsdoc_void_type_expr +| 5 = @jsdoc_named_type_expr +| 6 = @jsdoc_applied_type_expr +| 7 = @jsdoc_nullable_type_expr +| 8 = @jsdoc_non_nullable_type_expr +| 9 = @jsdoc_record_type_expr +| 10 = @jsdoc_array_type_expr +| 11 = @jsdoc_union_type_expr +| 12 = @jsdoc_function_type_expr +| 13 = @jsdoc_optional_type_expr +| 14 = @jsdoc_rest_type_expr +; + +#keyset[id, idx] +jsdoc_record_field_name (int id: @jsdoc_record_type_expr ref, int idx: int ref, varchar(900) name: string ref); +jsdoc_prefix_qualifier (int id: @jsdoc_type_expr ref); +jsdoc_has_new_parameter (int fn: @jsdoc_function_type_expr ref); + +@jsdoc_type_expr_parent = @jsdoc_type_expr | @jsdoc_tag; + +jsdoc_errors (unique int id: @jsdoc_error, int tag: @jsdoc_tag ref, varchar(900) message: string ref, varchar(900) tostring: string ref); + +@dataflownode = @expr | @function_decl_stmt | @class_decl_stmt | @namespace_declaration | @enum_declaration | @property; + +@optionalchainable = @call_expr | @propaccess; + +isOptionalChaining(int id: @optionalchainable ref); + +/** + * The time taken for the extraction of a file. + * This table contains non-deterministic content. + * + * The sum of the `time` column for each (`file`, `timerKind`) pair + * is the total time taken for extraction of `file`. The `extractionPhase` + * column provides a granular view of the extraction time of the file. + */ +extraction_time( + int file : @file ref, + // see `com.semmle.js.extractor.ExtractionMetrics.ExtractionPhase`. + int extractionPhase: int ref, + // 0 for the elapsed CPU time in nanoseconds, 1 for the elapsed wallclock time in nanoseconds + int timerKind: int ref, + float time: float ref +) + +/** +* Non-timing related data for the extraction of a single file. +* This table contains non-deterministic content. +*/ +extraction_data( + int file : @file ref, + // the absolute path to the cache file + varchar(900) cacheFile: string ref, + boolean fromCache: boolean ref, + int length: int ref +) + +/*- YAML -*/ + +#keyset[parent, idx] +yaml (unique int id: @yaml_node, + int kind: int ref, + int parent: @yaml_node_parent ref, + int idx: int ref, + string tag: string ref, + string tostring: string ref); + +case @yaml_node.kind of + 0 = @yaml_scalar_node +| 1 = @yaml_mapping_node +| 2 = @yaml_sequence_node +| 3 = @yaml_alias_node +; + +@yaml_collection_node = @yaml_mapping_node | @yaml_sequence_node; + +@yaml_node_parent = @yaml_collection_node | @file; + +yaml_anchors (unique int node: @yaml_node ref, + string anchor: string ref); + +yaml_aliases (unique int alias: @yaml_alias_node ref, + string target: string ref); + +yaml_scalars (unique int scalar: @yaml_scalar_node ref, + int style: int ref, + string value: string ref); + +yaml_errors (unique int id: @yaml_error, + string message: string ref); + +yaml_locations(unique int locatable: @yaml_locatable ref, + int location: @location_default ref); + +@yaml_locatable = @yaml_node | @yaml_error; + +/*- XML Files -*/ + +xmlEncoding( + unique int id: @file ref, + string encoding: string ref +); + +xmlDTDs( + unique int id: @xmldtd, + string root: string ref, + string publicId: string ref, + string systemId: string ref, + int fileid: @file ref +); + +xmlElements( + unique int id: @xmlelement, + string name: string ref, + int parentid: @xmlparent ref, + int idx: int ref, + int fileid: @file ref +); + +xmlAttrs( + unique int id: @xmlattribute, + int elementid: @xmlelement ref, + string name: string ref, + string value: string ref, + int idx: int ref, + int fileid: @file ref +); + +xmlNs( + int id: @xmlnamespace, + string prefixName: string ref, + string URI: string ref, + int fileid: @file ref +); + +xmlHasNs( + int elementId: @xmlnamespaceable ref, + int nsId: @xmlnamespace ref, + int fileid: @file ref +); + +xmlComments( + unique int id: @xmlcomment, + string text: string ref, + int parentid: @xmlparent ref, + int fileid: @file ref +); + +xmlChars( + unique int id: @xmlcharacters, + string text: string ref, + int parentid: @xmlparent ref, + int idx: int ref, + int isCDATA: int ref, + int fileid: @file ref +); + +@xmlparent = @file | @xmlelement; +@xmlnamespaceable = @xmlelement | @xmlattribute; + +xmllocations( + int xmlElement: @xmllocatable ref, + int location: @location_default ref +); + +@xmllocatable = @xmlcharacters | @xmlelement | @xmlcomment | @xmlattribute | @xmldtd | @file | @xmlnamespace; + +/*- Configuration files with key value pairs -*/ + +configs( + unique int id: @config +); + +configNames( + unique int id: @configName, + int config: @config ref, + string name: string ref +); + +configValues( + unique int id: @configValue, + int config: @config ref, + string value: string ref +); + +configLocations( + int locatable: @configLocatable ref, + int location: @location_default ref +); + +@configLocatable = @config | @configName | @configValue; diff --git a/javascript/downgrades/8accf0f930bcb8b42d69fd7ef7b4372604f551ed/semmlecode.javascript.dbscheme b/javascript/downgrades/8accf0f930bcb8b42d69fd7ef7b4372604f551ed/semmlecode.javascript.dbscheme new file mode 100644 index 00000000000..4d00210ca57 --- /dev/null +++ b/javascript/downgrades/8accf0f930bcb8b42d69fd7ef7b4372604f551ed/semmlecode.javascript.dbscheme @@ -0,0 +1,1218 @@ +/*** Standard fragments ***/ + +/** Files and folders **/ + +@location = @location_default; + +locations_default(unique int id: @location_default, + int file: @file ref, + int beginLine: int ref, + int beginColumn: int ref, + int endLine: int ref, + int endColumn: int ref + ); + +@sourceline = @locatable; + +numlines(int element_id: @sourceline ref, + int num_lines: int ref, + int num_code: int ref, + int num_comment: int ref + ); + +files(unique int id: @file, + varchar(900) name: string ref); + +folders(unique int id: @folder, + varchar(900) name: string ref); + + +@container = @folder | @file ; + + +containerparent(int parent: @container ref, + unique int child: @container ref); + +/** Duplicate code **/ + +duplicateCode( + unique int id : @duplication, + varchar(900) relativePath : string ref, + int equivClass : int ref); + +similarCode( + unique int id : @similarity, + varchar(900) relativePath : string ref, + int equivClass : int ref); + +@duplication_or_similarity = @duplication | @similarity; + +tokens( + int id : @duplication_or_similarity ref, + int offset : int ref, + int beginLine : int ref, + int beginColumn : int ref, + int endLine : int ref, + int endColumn : int ref); + +/** External data **/ + +externalData( + int id : @externalDataElement, + varchar(900) path : string ref, + int column: int ref, + varchar(900) value : string ref +); + +snapshotDate(unique date snapshotDate : date ref); + +sourceLocationPrefix(varchar(900) prefix : string ref); + +/** Version control data **/ + +svnentries( + int id : @svnentry, + varchar(500) revision : string ref, + varchar(500) author : string ref, + date revisionDate : date ref, + int changeSize : int ref +); + +svnaffectedfiles( + int id : @svnentry ref, + int file : @file ref, + varchar(500) action : string ref +); + +svnentrymsg( + int id : @svnentry ref, + varchar(500) message : string ref +); + +svnchurn( + int commit : @svnentry ref, + int file : @file ref, + int addedLines : int ref, + int deletedLines : int ref +); + + +/*** JavaScript-specific part ***/ + +filetype( + int file: @file ref, + string filetype: string ref +) + +// top-level code fragments +toplevels (unique int id: @toplevel, + int kind: int ref); + +is_externs (int toplevel: @toplevel ref); + +case @toplevel.kind of + 0 = @script +| 1 = @inline_script +| 2 = @event_handler +| 3 = @javascript_url +| 4 = @template_toplevel; + +is_module (int tl: @toplevel ref); +is_nodejs (int tl: @toplevel ref); +is_es2015_module (int tl: @toplevel ref); +is_closure_module (int tl: @toplevel ref); + +@xml_node_with_code = @xmlelement | @xmlattribute | @template_placeholder_tag; +toplevel_parent_xml_node( + unique int toplevel: @toplevel ref, + int xmlnode: @xml_node_with_code ref); + +xml_element_parent_expression( + unique int xmlnode: @xmlelement ref, + int expression: @expr ref, + int index: int ref); + +// statements +#keyset[parent, idx] +stmts (unique int id: @stmt, + int kind: int ref, + int parent: @stmt_parent ref, + int idx: int ref, + varchar(900) tostring: string ref); + +stmt_containers (unique int stmt: @stmt ref, + int container: @stmt_container ref); + +jump_targets (unique int jump: @stmt ref, + int target: @stmt ref); + +@stmt_parent = @stmt | @toplevel | @function_expr | @arrow_function_expr | @static_initializer; +@stmt_container = @toplevel | @function | @namespace_declaration | @external_module_declaration | @global_augmentation_declaration; + +case @stmt.kind of + 0 = @empty_stmt +| 1 = @block_stmt +| 2 = @expr_stmt +| 3 = @if_stmt +| 4 = @labeled_stmt +| 5 = @break_stmt +| 6 = @continue_stmt +| 7 = @with_stmt +| 8 = @switch_stmt +| 9 = @return_stmt +| 10 = @throw_stmt +| 11 = @try_stmt +| 12 = @while_stmt +| 13 = @do_while_stmt +| 14 = @for_stmt +| 15 = @for_in_stmt +| 16 = @debugger_stmt +| 17 = @function_decl_stmt +| 18 = @var_decl_stmt +| 19 = @case +| 20 = @catch_clause +| 21 = @for_of_stmt +| 22 = @const_decl_stmt +| 23 = @let_stmt +| 24 = @legacy_let_stmt +| 25 = @for_each_stmt +| 26 = @class_decl_stmt +| 27 = @import_declaration +| 28 = @export_all_declaration +| 29 = @export_default_declaration +| 30 = @export_named_declaration +| 31 = @namespace_declaration +| 32 = @import_equals_declaration +| 33 = @export_assign_declaration +| 34 = @interface_declaration +| 35 = @type_alias_declaration +| 36 = @enum_declaration +| 37 = @external_module_declaration +| 38 = @export_as_namespace_declaration +| 39 = @global_augmentation_declaration +; + +@decl_stmt = @var_decl_stmt | @const_decl_stmt | @let_stmt | @legacy_let_stmt; + +@export_declaration = @export_all_declaration | @export_default_declaration | @export_named_declaration; + +@namespace_definition = @namespace_declaration | @enum_declaration; +@type_definition = @class_definition | @interface_declaration | @enum_declaration | @type_alias_declaration | @enum_member; + +is_instantiated(unique int decl: @namespace_declaration ref); + +@declarable_node = @decl_stmt | @namespace_declaration | @class_decl_stmt | @function_decl_stmt | @enum_declaration | @external_module_declaration | @global_augmentation_declaration | @field; +has_declare_keyword(unique int stmt: @declarable_node ref); + +is_for_await_of(unique int forof: @for_of_stmt ref); + +// expressions +#keyset[parent, idx] +exprs (unique int id: @expr, + int kind: int ref, + int parent: @expr_parent ref, + int idx: int ref, + varchar(900) tostring: string ref); + +literals (varchar(900) value: string ref, + varchar(900) raw: string ref, + unique int expr: @expr_or_type ref); + +enclosing_stmt (unique int expr: @expr_or_type ref, + int stmt: @stmt ref); + +expr_containers (unique int expr: @expr_or_type ref, + int container: @stmt_container ref); + +array_size (unique int ae: @arraylike ref, + int sz: int ref); + +is_delegating (int yield: @yield_expr ref); + +@expr_or_stmt = @expr | @stmt; +@expr_or_type = @expr | @typeexpr; +@expr_parent = @expr_or_stmt | @property | @function_typeexpr; +@arraylike = @array_expr | @array_pattern; +@type_annotation = @typeexpr | @jsdoc_type_expr; +@node_in_stmt_container = @cfg_node | @type_annotation | @toplevel; + +case @expr.kind of + 0 = @label +| 1 = @null_literal +| 2 = @boolean_literal +| 3 = @number_literal +| 4 = @string_literal +| 5 = @regexp_literal +| 6 = @this_expr +| 7 = @array_expr +| 8 = @obj_expr +| 9 = @function_expr +| 10 = @seq_expr +| 11 = @conditional_expr +| 12 = @new_expr +| 13 = @call_expr +| 14 = @dot_expr +| 15 = @index_expr +| 16 = @neg_expr +| 17 = @plus_expr +| 18 = @log_not_expr +| 19 = @bit_not_expr +| 20 = @typeof_expr +| 21 = @void_expr +| 22 = @delete_expr +| 23 = @eq_expr +| 24 = @neq_expr +| 25 = @eqq_expr +| 26 = @neqq_expr +| 27 = @lt_expr +| 28 = @le_expr +| 29 = @gt_expr +| 30 = @ge_expr +| 31 = @lshift_expr +| 32 = @rshift_expr +| 33 = @urshift_expr +| 34 = @add_expr +| 35 = @sub_expr +| 36 = @mul_expr +| 37 = @div_expr +| 38 = @mod_expr +| 39 = @bitor_expr +| 40 = @xor_expr +| 41 = @bitand_expr +| 42 = @in_expr +| 43 = @instanceof_expr +| 44 = @logand_expr +| 45 = @logor_expr +| 47 = @assign_expr +| 48 = @assign_add_expr +| 49 = @assign_sub_expr +| 50 = @assign_mul_expr +| 51 = @assign_div_expr +| 52 = @assign_mod_expr +| 53 = @assign_lshift_expr +| 54 = @assign_rshift_expr +| 55 = @assign_urshift_expr +| 56 = @assign_or_expr +| 57 = @assign_xor_expr +| 58 = @assign_and_expr +| 59 = @preinc_expr +| 60 = @postinc_expr +| 61 = @predec_expr +| 62 = @postdec_expr +| 63 = @par_expr +| 64 = @var_declarator +| 65 = @arrow_function_expr +| 66 = @spread_element +| 67 = @array_pattern +| 68 = @object_pattern +| 69 = @yield_expr +| 70 = @tagged_template_expr +| 71 = @template_literal +| 72 = @template_element +| 73 = @array_comprehension_expr +| 74 = @generator_expr +| 75 = @for_in_comprehension_block +| 76 = @for_of_comprehension_block +| 77 = @legacy_letexpr +| 78 = @var_decl +| 79 = @proper_varaccess +| 80 = @class_expr +| 81 = @super_expr +| 82 = @newtarget_expr +| 83 = @named_import_specifier +| 84 = @import_default_specifier +| 85 = @import_namespace_specifier +| 86 = @named_export_specifier +| 87 = @exp_expr +| 88 = @assign_exp_expr +| 89 = @jsx_element +| 90 = @jsx_qualified_name +| 91 = @jsx_empty_expr +| 92 = @await_expr +| 93 = @function_sent_expr +| 94 = @decorator +| 95 = @export_default_specifier +| 96 = @export_namespace_specifier +| 97 = @bind_expr +| 98 = @external_module_reference +| 99 = @dynamic_import +| 100 = @expression_with_type_arguments +| 101 = @prefix_type_assertion +| 102 = @as_type_assertion +| 103 = @export_varaccess +| 104 = @decorator_list +| 105 = @non_null_assertion +| 106 = @bigint_literal +| 107 = @nullishcoalescing_expr +| 108 = @e4x_xml_anyname +| 109 = @e4x_xml_static_attribute_selector +| 110 = @e4x_xml_dynamic_attribute_selector +| 111 = @e4x_xml_filter_expression +| 112 = @e4x_xml_static_qualident +| 113 = @e4x_xml_dynamic_qualident +| 114 = @e4x_xml_dotdotexpr +| 115 = @import_meta_expr +| 116 = @assignlogandexpr +| 117 = @assignlogorexpr +| 118 = @assignnullishcoalescingexpr +| 119 = @template_pipe_ref +| 120 = @generated_code_expr +| 121 = @satisfies_expr +; + +@varaccess = @proper_varaccess | @export_varaccess; +@varref = @var_decl | @varaccess; + +@identifier = @label | @varref | @type_identifier; + +@literal = @null_literal | @boolean_literal | @number_literal | @string_literal | @regexp_literal | @bigint_literal; + +@propaccess = @dot_expr | @index_expr; + +@invokeexpr = @new_expr | @call_expr; + +@unaryexpr = @neg_expr | @plus_expr | @log_not_expr | @bit_not_expr | @typeof_expr | @void_expr | @delete_expr | @spread_element; + +@equality_test = @eq_expr | @neq_expr | @eqq_expr | @neqq_expr; + +@comparison = @equality_test | @lt_expr | @le_expr | @gt_expr | @ge_expr; + +@binaryexpr = @comparison | @lshift_expr | @rshift_expr | @urshift_expr | @add_expr | @sub_expr | @mul_expr | @div_expr | @mod_expr | @exp_expr | @bitor_expr | @xor_expr | @bitand_expr | @in_expr | @instanceof_expr | @logand_expr | @logor_expr | @nullishcoalescing_expr; + +@assignment = @assign_expr | @assign_add_expr | @assign_sub_expr | @assign_mul_expr | @assign_div_expr | @assign_mod_expr | @assign_exp_expr | @assign_lshift_expr | @assign_rshift_expr | @assign_urshift_expr | @assign_or_expr | @assign_xor_expr | @assign_and_expr | @assignlogandexpr | @assignlogorexpr | @assignnullishcoalescingexpr; + +@updateexpr = @preinc_expr | @postinc_expr | @predec_expr | @postdec_expr; + +@pattern = @varref | @array_pattern | @object_pattern; + +@comprehension_expr = @array_comprehension_expr | @generator_expr; + +@comprehension_block = @for_in_comprehension_block | @for_of_comprehension_block; + +@import_specifier = @named_import_specifier | @import_default_specifier | @import_namespace_specifier; + +@exportspecifier = @named_export_specifier | @export_default_specifier | @export_namespace_specifier; + +@type_keyword_operand = @import_declaration | @export_declaration | @import_specifier; + +@type_assertion = @as_type_assertion | @prefix_type_assertion; + +@class_definition = @class_decl_stmt | @class_expr; +@interface_definition = @interface_declaration | @interface_typeexpr; +@class_or_interface = @class_definition | @interface_definition; + +@lexical_decl = @var_decl | @type_decl; +@lexical_access = @varaccess | @local_type_access | @local_var_type_access | @local_namespace_access; +@lexical_ref = @lexical_decl | @lexical_access; + +@e4x_xml_attribute_selector = @e4x_xml_static_attribute_selector | @e4x_xml_dynamic_attribute_selector; +@e4x_xml_qualident = @e4x_xml_static_qualident | @e4x_xml_dynamic_qualident; + +expr_contains_template_tag_location( + int expr: @expr ref, + int location: @location ref +); + +@template_placeholder_tag_parent = @xmlelement | @xmlattribute | @file; + +template_placeholder_tag_info( + unique int node: @template_placeholder_tag, + int parentNode: @template_placeholder_tag_parent ref, + varchar(900) raw: string ref +); + +// scopes +scopes (unique int id: @scope, + int kind: int ref); + +case @scope.kind of + 0 = @global_scope +| 1 = @function_scope +| 2 = @catch_scope +| 3 = @module_scope +| 4 = @block_scope +| 5 = @for_scope +| 6 = @for_in_scope // for-of scopes work the same as for-in scopes +| 7 = @comprehension_block_scope +| 8 = @class_expr_scope +| 9 = @namespace_scope +| 10 = @class_decl_scope +| 11 = @interface_scope +| 12 = @type_alias_scope +| 13 = @mapped_type_scope +| 14 = @enum_scope +| 15 = @external_module_scope +| 16 = @conditional_type_scope; + +scopenodes (unique int node: @ast_node ref, + int scope: @scope ref); + +scopenesting (unique int inner: @scope ref, + int outer: @scope ref); + +// functions +@function = @function_decl_stmt | @function_expr | @arrow_function_expr; + +@parameterized = @function | @catch_clause; +@type_parameterized = @function | @class_or_interface | @type_alias_declaration | @mapped_typeexpr | @infer_typeexpr; + +is_generator (int fun: @function ref); +has_rest_parameter (int fun: @function ref); +is_async (int fun: @function ref); + +// variables and lexically scoped type names +#keyset[scope, name] +variables (unique int id: @variable, + varchar(900) name: string ref, + int scope: @scope ref); + +#keyset[scope, name] +local_type_names (unique int id: @local_type_name, + varchar(900) name: string ref, + int scope: @scope ref); + +#keyset[scope, name] +local_namespace_names (unique int id: @local_namespace_name, + varchar(900) name: string ref, + int scope: @scope ref); + +is_arguments_object (int id: @variable ref); + +@lexical_name = @variable | @local_type_name | @local_namespace_name; + +@bind_id = @varaccess | @local_var_type_access; +bind (unique int id: @bind_id ref, + int decl: @variable ref); + +decl (unique int id: @var_decl ref, + int decl: @variable ref); + +@typebind_id = @local_type_access | @export_varaccess; +typebind (unique int id: @typebind_id ref, + int decl: @local_type_name ref); + +@typedecl_id = @type_decl | @var_decl; +typedecl (unique int id: @typedecl_id ref, + int decl: @local_type_name ref); + +namespacedecl (unique int id: @var_decl ref, + int decl: @local_namespace_name ref); + +@namespacebind_id = @local_namespace_access | @export_varaccess; +namespacebind (unique int id: @namespacebind_id ref, + int decl: @local_namespace_name ref); + + +// properties in object literals, property patterns in object patterns, and method declarations in classes +#keyset[parent, index] +properties (unique int id: @property, + int parent: @property_parent ref, + int index: int ref, + int kind: int ref, + varchar(900) tostring: string ref); + +case @property.kind of + 0 = @value_property +| 1 = @property_getter +| 2 = @property_setter +| 3 = @jsx_attribute +| 4 = @function_call_signature +| 5 = @constructor_call_signature +| 6 = @index_signature +| 7 = @enum_member +| 8 = @proper_field +| 9 = @parameter_field +| 10 = @static_initializer +; + +@property_parent = @obj_expr | @object_pattern | @class_definition | @jsx_element | @interface_definition | @enum_declaration; +@property_accessor = @property_getter | @property_setter; +@call_signature = @function_call_signature | @constructor_call_signature; +@field = @proper_field | @parameter_field; +@field_or_vardeclarator = @field | @var_declarator; + +is_computed (int id: @property ref); +is_method (int id: @property ref); +is_static (int id: @property ref); +is_abstract_member (int id: @property ref); +is_const_enum (int id: @enum_declaration ref); +is_abstract_class (int id: @class_decl_stmt ref); + +has_public_keyword (int id: @property ref); +has_private_keyword (int id: @property ref); +has_protected_keyword (int id: @property ref); +has_readonly_keyword (int id: @property ref); +has_type_keyword (int id: @type_keyword_operand ref); +is_optional_member (int id: @property ref); +has_definite_assignment_assertion (int id: @field_or_vardeclarator ref); +is_optional_parameter_declaration (unique int parameter: @pattern ref); + +#keyset[constructor, param_index] +parameter_fields( + unique int field: @parameter_field ref, + int constructor: @function_expr ref, + int param_index: int ref +); + +// types +#keyset[parent, idx] +typeexprs ( + unique int id: @typeexpr, + int kind: int ref, + int parent: @typeexpr_parent ref, + int idx: int ref, + varchar(900) tostring: string ref +); + +case @typeexpr.kind of + 0 = @local_type_access +| 1 = @type_decl +| 2 = @keyword_typeexpr +| 3 = @string_literal_typeexpr +| 4 = @number_literal_typeexpr +| 5 = @boolean_literal_typeexpr +| 6 = @array_typeexpr +| 7 = @union_typeexpr +| 8 = @indexed_access_typeexpr +| 9 = @intersection_typeexpr +| 10 = @parenthesized_typeexpr +| 11 = @tuple_typeexpr +| 12 = @keyof_typeexpr +| 13 = @qualified_type_access +| 14 = @generic_typeexpr +| 15 = @type_label +| 16 = @typeof_typeexpr +| 17 = @local_var_type_access +| 18 = @qualified_var_type_access +| 19 = @this_var_type_access +| 20 = @predicate_typeexpr +| 21 = @interface_typeexpr +| 22 = @type_parameter +| 23 = @plain_function_typeexpr +| 24 = @constructor_typeexpr +| 25 = @local_namespace_access +| 26 = @qualified_namespace_access +| 27 = @mapped_typeexpr +| 28 = @conditional_typeexpr +| 29 = @infer_typeexpr +| 30 = @import_type_access +| 31 = @import_namespace_access +| 32 = @import_var_type_access +| 33 = @optional_typeexpr +| 34 = @rest_typeexpr +| 35 = @bigint_literal_typeexpr +| 36 = @readonly_typeexpr +| 37 = @template_literal_typeexpr +; + +@typeref = @typeaccess | @type_decl; +@type_identifier = @type_decl | @local_type_access | @type_label | @local_var_type_access | @local_namespace_access; +@typeexpr_parent = @expr | @stmt | @property | @typeexpr; +@literal_typeexpr = @string_literal_typeexpr | @number_literal_typeexpr | @boolean_literal_typeexpr | @bigint_literal_typeexpr; +@typeaccess = @local_type_access | @qualified_type_access | @import_type_access; +@vartypeaccess = @local_var_type_access | @qualified_var_type_access | @this_var_type_access | @import_var_type_access; +@namespace_access = @local_namespace_access | @qualified_namespace_access | @import_namespace_access; +@import_typeexpr = @import_type_access | @import_namespace_access | @import_var_type_access; + +@function_typeexpr = @plain_function_typeexpr | @constructor_typeexpr; + +// types +types ( + unique int id: @type, + int kind: int ref, + varchar(900) tostring: string ref +); + +#keyset[parent, idx] +type_child ( + int child: @type ref, + int parent: @type ref, + int idx: int ref +); + +case @type.kind of + 0 = @any_type +| 1 = @string_type +| 2 = @number_type +| 3 = @union_type +| 4 = @true_type +| 5 = @false_type +| 6 = @type_reference +| 7 = @object_type +| 8 = @canonical_type_variable_type +| 9 = @typeof_type +| 10 = @void_type +| 11 = @undefined_type +| 12 = @null_type +| 13 = @never_type +| 14 = @plain_symbol_type +| 15 = @unique_symbol_type +| 16 = @objectkeyword_type +| 17 = @intersection_type +| 18 = @tuple_type +| 19 = @lexical_type_variable_type +| 20 = @this_type +| 21 = @number_literal_type +| 22 = @string_literal_type +| 23 = @unknown_type +| 24 = @bigint_type +| 25 = @bigint_literal_type +; + +@boolean_literal_type = @true_type | @false_type; +@symbol_type = @plain_symbol_type | @unique_symbol_type; +@union_or_intersection_type = @union_type | @intersection_type; +@typevariable_type = @canonical_type_variable_type | @lexical_type_variable_type; + +has_asserts_keyword(int node: @predicate_typeexpr ref); + +@typed_ast_node = @expr | @typeexpr | @function; +ast_node_type( + unique int node: @typed_ast_node ref, + int typ: @type ref); + +declared_function_signature( + unique int node: @function ref, + int sig: @signature_type ref +); + +invoke_expr_signature( + unique int node: @invokeexpr ref, + int sig: @signature_type ref +); + +invoke_expr_overload_index( + unique int node: @invokeexpr ref, + int index: int ref +); + +symbols ( + unique int id: @symbol, + int kind: int ref, + varchar(900) name: string ref +); + +symbol_parent ( + unique int symbol: @symbol ref, + int parent: @symbol ref +); + +symbol_module ( + int symbol: @symbol ref, + varchar(900) moduleName: string ref +); + +symbol_global ( + int symbol: @symbol ref, + varchar(900) globalName: string ref +); + +case @symbol.kind of + 0 = @root_symbol +| 1 = @member_symbol +| 2 = @other_symbol +; + +@type_with_symbol = @type_reference | @typevariable_type | @typeof_type | @unique_symbol_type; +@ast_node_with_symbol = @type_definition | @namespace_definition | @toplevel | @typeaccess | @namespace_access | @var_decl | @function | @invokeexpr | @import_declaration | @external_module_reference | @external_module_declaration; + +ast_node_symbol( + unique int node: @ast_node_with_symbol ref, + int symbol: @symbol ref); + +type_symbol( + unique int typ: @type_with_symbol ref, + int symbol: @symbol ref); + +#keyset[typ, name] +type_property( + int typ: @type ref, + varchar(900) name: string ref, + int propertyType: @type ref); + +type_alias( + unique int aliasType: @type ref, + int underlyingType: @type ref); + +@literal_type = @string_literal_type | @number_literal_type | @boolean_literal_type | @bigint_literal_type; +@type_with_literal_value = @string_literal_type | @number_literal_type | @bigint_literal_type; +type_literal_value( + unique int typ: @type_with_literal_value ref, + varchar(900) value: string ref); + +signature_types ( + unique int id: @signature_type, + int kind: int ref, + varchar(900) tostring: string ref, + int type_parameters: int ref, + int required_params: int ref +); + +is_abstract_signature( + unique int sig: @signature_type ref +); + +signature_rest_parameter( + unique int sig: @signature_type ref, + int rest_param_arra_type: @type ref +); + +case @signature_type.kind of + 0 = @function_signature_type +| 1 = @constructor_signature_type +; + +#keyset[typ, kind, index] +type_contains_signature ( + int typ: @type ref, + int kind: int ref, // constructor/call/index + int index: int ref, // ordering of overloaded signatures + int sig: @signature_type ref +); + +#keyset[parent, index] +signature_contains_type ( + int child: @type ref, + int parent: @signature_type ref, + int index: int ref +); + +#keyset[sig, index] +signature_parameter_name ( + int sig: @signature_type ref, + int index: int ref, + varchar(900) name: string ref +); + +number_index_type ( + unique int baseType: @type ref, + int propertyType: @type ref +); + +string_index_type ( + unique int baseType: @type ref, + int propertyType: @type ref +); + +base_type_names( + int typeName: @symbol ref, + int baseTypeName: @symbol ref +); + +self_types( + int typeName: @symbol ref, + int selfType: @type_reference ref +); + +tuple_type_min_length( + unique int typ: @type ref, + int minLength: int ref +); + +tuple_type_rest_index( + unique int typ: @type ref, + int index: int ref +); + +// comments +comments (unique int id: @comment, + int kind: int ref, + int toplevel: @toplevel ref, + varchar(900) text: string ref, + varchar(900) tostring: string ref); + +case @comment.kind of + 0 = @slashslash_comment +| 1 = @slashstar_comment +| 2 = @doc_comment +| 3 = @html_comment_start +| 4 = @htmlcommentend; + +@html_comment = @html_comment_start | @htmlcommentend; +@line_comment = @slashslash_comment | @html_comment; +@block_comment = @slashstar_comment | @doc_comment; + +// source lines +lines (unique int id: @line, + int toplevel: @toplevel ref, + varchar(900) text: string ref, + varchar(2) terminator: string ref); +indentation (int file: @file ref, + int lineno: int ref, + varchar(1) indentChar: string ref, + int indentDepth: int ref); + +// JavaScript parse errors +js_parse_errors (unique int id: @js_parse_error, + int toplevel: @toplevel ref, + varchar(900) message: string ref, + varchar(900) line: string ref); + +// regular expressions +#keyset[parent, idx] +regexpterm (unique int id: @regexpterm, + int kind: int ref, + int parent: @regexpparent ref, + int idx: int ref, + varchar(900) tostring: string ref); + +@regexpparent = @regexpterm | @regexp_literal | @string_literal | @add_expr; + +case @regexpterm.kind of + 0 = @regexp_alt +| 1 = @regexp_seq +| 2 = @regexp_caret +| 3 = @regexp_dollar +| 4 = @regexp_wordboundary +| 5 = @regexp_nonwordboundary +| 6 = @regexp_positive_lookahead +| 7 = @regexp_negative_lookahead +| 8 = @regexp_star +| 9 = @regexp_plus +| 10 = @regexp_opt +| 11 = @regexp_range +| 12 = @regexp_dot +| 13 = @regexp_group +| 14 = @regexp_normal_constant +| 15 = @regexp_hex_escape +| 16 = @regexp_unicode_escape +| 17 = @regexp_dec_escape +| 18 = @regexp_oct_escape +| 19 = @regexp_ctrl_escape +| 20 = @regexp_char_class_escape +| 21 = @regexp_id_escape +| 22 = @regexp_backref +| 23 = @regexp_char_class +| 24 = @regexp_char_range +| 25 = @regexp_positive_lookbehind +| 26 = @regexp_negative_lookbehind +| 27 = @regexp_unicode_property_escape; + +regexp_parse_errors (unique int id: @regexp_parse_error, + int regexp: @regexpterm ref, + varchar(900) message: string ref); + +@regexp_quantifier = @regexp_star | @regexp_plus | @regexp_opt | @regexp_range; +@regexp_escape = @regexp_char_escape | @regexp_char_class_escape | @regexp_unicode_property_escape; +@regexp_char_escape = @regexp_hex_escape | @regexp_unicode_escape | @regexp_dec_escape | @regexp_oct_escape | @regexp_ctrl_escape | @regexp_id_escape; +@regexp_constant = @regexp_normal_constant | @regexp_char_escape; +@regexp_lookahead = @regexp_positive_lookahead | @regexp_negative_lookahead; +@regexp_lookbehind = @regexp_positive_lookbehind | @regexp_negative_lookbehind; +@regexp_subpattern = @regexp_lookahead | @regexp_lookbehind; +@regexp_anchor = @regexp_dollar | @regexp_caret; + +is_greedy (int id: @regexp_quantifier ref); +range_quantifier_lower_bound (unique int id: @regexp_range ref, int lo: int ref); +range_quantifier_upper_bound (unique int id: @regexp_range ref, int hi: int ref); +is_capture (unique int id: @regexp_group ref, int number: int ref); +is_named_capture (unique int id: @regexp_group ref, string name: string ref); +is_inverted (int id: @regexp_char_class ref); +regexp_const_value (unique int id: @regexp_constant ref, varchar(1) value: string ref); +char_class_escape (unique int id: @regexp_char_class_escape ref, varchar(1) value: string ref); +backref (unique int id: @regexp_backref ref, int value: int ref); +named_backref (unique int id: @regexp_backref ref, string name: string ref); +unicode_property_escapename (unique int id: @regexp_unicode_property_escape ref, string name: string ref); +unicode_property_escapevalue (unique int id: @regexp_unicode_property_escape ref, string value: string ref); + +// tokens +#keyset[toplevel, idx] +tokeninfo (unique int id: @token, + int kind: int ref, + int toplevel: @toplevel ref, + int idx: int ref, + varchar(900) value: string ref); + +case @token.kind of + 0 = @token_eof +| 1 = @token_null_literal +| 2 = @token_boolean_literal +| 3 = @token_numeric_literal +| 4 = @token_string_literal +| 5 = @token_regular_expression +| 6 = @token_identifier +| 7 = @token_keyword +| 8 = @token_punctuator; + +// associate comments with the token immediately following them (which may be EOF) +next_token (int comment: @comment ref, int token: @token ref); + +// JSON +#keyset[parent, idx] +json (unique int id: @json_value, + int kind: int ref, + int parent: @json_parent ref, + int idx: int ref, + varchar(900) tostring: string ref); + +json_literals (varchar(900) value: string ref, + varchar(900) raw: string ref, + unique int expr: @json_value ref); + +json_properties (int obj: @json_object ref, + varchar(900) property: string ref, + int value: @json_value ref); + +json_errors (unique int id: @json_parse_error, + varchar(900) message: string ref); + +json_locations(unique int locatable: @json_locatable ref, + int location: @location_default ref); + +case @json_value.kind of + 0 = @json_null +| 1 = @json_boolean +| 2 = @json_number +| 3 = @json_string +| 4 = @json_array +| 5 = @json_object; + +@json_parent = @json_object | @json_array | @file; + +@json_locatable = @json_value | @json_parse_error; + +// locations +@ast_node = @toplevel | @stmt | @expr | @property | @typeexpr; + +@locatable = @file + | @ast_node + | @comment + | @line + | @js_parse_error | @regexp_parse_error + | @regexpterm + | @json_locatable + | @token + | @cfg_node + | @jsdoc | @jsdoc_type_expr | @jsdoc_tag + | @yaml_locatable + | @xmllocatable + | @configLocatable + | @template_placeholder_tag; + +hasLocation (unique int locatable: @locatable ref, + int location: @location ref); + +// CFG +entry_cfg_node (unique int id: @entry_node, int container: @stmt_container ref); +exit_cfg_node (unique int id: @exit_node, int container: @stmt_container ref); +guard_node (unique int id: @guard_node, int kind: int ref, int test: @expr ref); +case @guard_node.kind of + 0 = @falsy_guard +| 1 = @truthy_guard; +@condition_guard = @falsy_guard | @truthy_guard; + +@synthetic_cfg_node = @entry_node | @exit_node | @guard_node; +@cfg_node = @synthetic_cfg_node | @expr_parent; + +successor (int pred: @cfg_node ref, int succ: @cfg_node ref); + +// JSDoc comments +jsdoc (unique int id: @jsdoc, varchar(900) description: string ref, int comment: @comment ref); +#keyset[parent, idx] +jsdoc_tags (unique int id: @jsdoc_tag, varchar(900) title: string ref, + int parent: @jsdoc ref, int idx: int ref, varchar(900) tostring: string ref); +jsdoc_tag_descriptions (unique int tag: @jsdoc_tag ref, varchar(900) text: string ref); +jsdoc_tag_names (unique int tag: @jsdoc_tag ref, varchar(900) text: string ref); + +#keyset[parent, idx] +jsdoc_type_exprs (unique int id: @jsdoc_type_expr, + int kind: int ref, + int parent: @jsdoc_type_expr_parent ref, + int idx: int ref, + varchar(900) tostring: string ref); +case @jsdoc_type_expr.kind of + 0 = @jsdoc_any_type_expr +| 1 = @jsdoc_null_type_expr +| 2 = @jsdoc_undefined_type_expr +| 3 = @jsdoc_unknown_type_expr +| 4 = @jsdoc_void_type_expr +| 5 = @jsdoc_named_type_expr +| 6 = @jsdoc_applied_type_expr +| 7 = @jsdoc_nullable_type_expr +| 8 = @jsdoc_non_nullable_type_expr +| 9 = @jsdoc_record_type_expr +| 10 = @jsdoc_array_type_expr +| 11 = @jsdoc_union_type_expr +| 12 = @jsdoc_function_type_expr +| 13 = @jsdoc_optional_type_expr +| 14 = @jsdoc_rest_type_expr +; + +#keyset[id, idx] +jsdoc_record_field_name (int id: @jsdoc_record_type_expr ref, int idx: int ref, varchar(900) name: string ref); +jsdoc_prefix_qualifier (int id: @jsdoc_type_expr ref); +jsdoc_has_new_parameter (int fn: @jsdoc_function_type_expr ref); + +@jsdoc_type_expr_parent = @jsdoc_type_expr | @jsdoc_tag; + +jsdoc_errors (unique int id: @jsdoc_error, int tag: @jsdoc_tag ref, varchar(900) message: string ref, varchar(900) tostring: string ref); + +// YAML +#keyset[parent, idx] +yaml (unique int id: @yaml_node, + int kind: int ref, + int parent: @yaml_node_parent ref, + int idx: int ref, + varchar(900) tag: string ref, + varchar(900) tostring: string ref); + +case @yaml_node.kind of + 0 = @yaml_scalar_node +| 1 = @yaml_mapping_node +| 2 = @yaml_sequence_node +| 3 = @yaml_alias_node +; + +@yaml_collection_node = @yaml_mapping_node | @yaml_sequence_node; + +@yaml_node_parent = @yaml_collection_node | @file; + +yaml_anchors (unique int node: @yaml_node ref, + varchar(900) anchor: string ref); + +yaml_aliases (unique int alias: @yaml_alias_node ref, + varchar(900) target: string ref); + +yaml_scalars (unique int scalar: @yaml_scalar_node ref, + int style: int ref, + varchar(900) value: string ref); + +yaml_errors (unique int id: @yaml_error, + varchar(900) message: string ref); + +yaml_locations(unique int locatable: @yaml_locatable ref, + int location: @location_default ref); + +@yaml_locatable = @yaml_node | @yaml_error; + +/* XML Files */ + +xmlEncoding( + unique int id: @file ref, + varchar(900) encoding: string ref +); + +xmlDTDs( + unique int id: @xmldtd, + varchar(900) root: string ref, + varchar(900) publicId: string ref, + varchar(900) systemId: string ref, + int fileid: @file ref +); + +xmlElements( + unique int id: @xmlelement, + varchar(900) name: string ref, + int parentid: @xmlparent ref, + int idx: int ref, + int fileid: @file ref +); + +xmlAttrs( + unique int id: @xmlattribute, + int elementid: @xmlelement ref, + varchar(900) name: string ref, + varchar(3600) value: string ref, + int idx: int ref, + int fileid: @file ref +); + +xmlNs( + int id: @xmlnamespace, + varchar(900) prefixName: string ref, + varchar(900) URI: string ref, + int fileid: @file ref +); + +xmlHasNs( + int elementId: @xmlnamespaceable ref, + int nsId: @xmlnamespace ref, + int fileid: @file ref +); + +xmlComments( + unique int id: @xmlcomment, + varchar(3600) text: string ref, + int parentid: @xmlparent ref, + int fileid: @file ref +); + +xmlChars( + unique int id: @xmlcharacters, + varchar(3600) text: string ref, + int parentid: @xmlparent ref, + int idx: int ref, + int isCDATA: int ref, + int fileid: @file ref +); + +@xmlparent = @file | @xmlelement; +@xmlnamespaceable = @xmlelement | @xmlattribute; + +xmllocations( + int xmlElement: @xmllocatable ref, + int location: @location_default ref +); + +@xmllocatable = @xmlcharacters | @xmlelement | @xmlcomment | @xmlattribute | @xmldtd | @file | @xmlnamespace; + +@dataflownode = @expr | @function_decl_stmt | @class_decl_stmt | @namespace_declaration | @enum_declaration | @property; + +@optionalchainable = @call_expr | @propaccess; + +isOptionalChaining(int id: @optionalchainable ref); + +/* + * configuration files with key value pairs + */ + +configs( + unique int id: @config +); + +configNames( + unique int id: @configName, + int config: @config ref, + string name: string ref +); + +configValues( + unique int id: @configValue, + int config: @config ref, + string value: string ref +); + +configLocations( + int locatable: @configLocatable ref, + int location: @location_default ref +); + +@configLocatable = @config | @configName | @configValue; + +/** + * The time taken for the extraction of a file. + * This table contains non-deterministic content. + * + * The sum of the `time` column for each (`file`, `timerKind`) pair + * is the total time taken for extraction of `file`. The `extractionPhase` + * column provides a granular view of the extraction time of the file. + */ +extraction_time( + int file : @file ref, + // see `com.semmle.js.extractor.ExtractionMetrics.ExtractionPhase`. + int extractionPhase: int ref, + // 0 for the elapsed CPU time in nanoseconds, 1 for the elapsed wallclock time in nanoseconds + int timerKind: int ref, + float time: float ref +) + +/** + * Non-timing related data for the extraction of a single file. + * This table contains non-deterministic content. + */ +extraction_data( + int file : @file ref, + // the absolute path to the cache file + varchar(900) cacheFile: string ref, + boolean fromCache: boolean ref, + int length: int ref +) diff --git a/javascript/downgrades/8accf0f930bcb8b42d69fd7ef7b4372604f551ed/upgrade.properties b/javascript/downgrades/8accf0f930bcb8b42d69fd7ef7b4372604f551ed/upgrade.properties new file mode 100644 index 00000000000..7b75d5de56a --- /dev/null +++ b/javascript/downgrades/8accf0f930bcb8b42d69fd7ef7b4372604f551ed/upgrade.properties @@ -0,0 +1,2 @@ +description: Sync dbscheme fragments +compatibility: full diff --git a/javascript/extractor/lib/typescript/package.json b/javascript/extractor/lib/typescript/package.json index 0c8de4f1bbc..3190b683d34 100644 --- a/javascript/extractor/lib/typescript/package.json +++ b/javascript/extractor/lib/typescript/package.json @@ -2,7 +2,7 @@ "name": "typescript-parser-wrapper", "private": true, "dependencies": { - "typescript": "5.0.2" + "typescript": "5.1.3" }, "scripts": { "build": "tsc --project tsconfig.json", diff --git a/javascript/extractor/lib/typescript/src/main.ts b/javascript/extractor/lib/typescript/src/main.ts index 2e9f26b6953..2594f4e35f5 100644 --- a/javascript/extractor/lib/typescript/src/main.ts +++ b/javascript/extractor/lib/typescript/src/main.ts @@ -579,7 +579,6 @@ function handleOpenProjectCommand(command: OpenProjectCommand) { // inverse mapping, nor a way to enumerate all known module names. So we discover all // modules on the type roots (usually "node_modules/@types" but this is configurable). let typeRoots = ts.getEffectiveTypeRoots(config.options, { - directoryExists: (path) => ts.sys.directoryExists(path), getCurrentDirectory: () => basePath, }); diff --git a/javascript/extractor/lib/typescript/yarn.lock b/javascript/extractor/lib/typescript/yarn.lock index 88d32ae6b3a..355c257cf69 100644 --- a/javascript/extractor/lib/typescript/yarn.lock +++ b/javascript/extractor/lib/typescript/yarn.lock @@ -7,7 +7,7 @@ resolved "https://registry.yarnpkg.com/@types/node/-/node-18.15.3.tgz#f0b991c32cfc6a4e7f3399d6cb4b8cf9a0315014" integrity sha512-p6ua9zBxz5otCmbpb5D3U4B5Nanw6Pk3PPyX05xnxbB/fRv71N7CPmORg7uAD5P70T0xmx1pzAx/FUfa5X+3cw== -typescript@5.0.2: - version "5.0.2" - resolved "https://registry.yarnpkg.com/typescript/-/typescript-5.0.2.tgz#891e1a90c5189d8506af64b9ef929fca99ba1ee5" - integrity sha512-wVORMBGO/FAs/++blGNeAVdbNKtIh1rbBL2EyQ1+J9lClJ93KiiKe8PmFIVdXhHcyv44SL9oglmfeSsndo0jRw== +typescript@5.1.3: + version "5.1.3" + resolved "https://registry.yarnpkg.com/typescript/-/typescript-5.1.3.tgz#8d84219244a6b40b6fb2b33cc1c062f715b9e826" + integrity sha512-XH627E9vkeqhlZFQuL+UsyAXEnibT0kWR2FWONlr4sTjvxyJYnyefgrkyECLzM5NenmKzRAy2rR/OlYLA1HkZw== diff --git a/javascript/extractor/src/com/semmle/js/extractor/Main.java b/javascript/extractor/src/com/semmle/js/extractor/Main.java index 4f8bb2c1ced..2a188676924 100644 --- a/javascript/extractor/src/com/semmle/js/extractor/Main.java +++ b/javascript/extractor/src/com/semmle/js/extractor/Main.java @@ -41,7 +41,7 @@ public class Main { * A version identifier that should be updated every time the extractor changes in such a way that * it may produce different tuples for the same file under the same {@link ExtractorConfig}. */ - public static final String EXTRACTOR_VERSION = "2023-03-16"; + public static final String EXTRACTOR_VERSION = "2023-04-19"; public static final Pattern NEWLINE = Pattern.compile("\n"); diff --git a/javascript/extractor/src/com/semmle/ts/extractor/TypeScriptASTConverter.java b/javascript/extractor/src/com/semmle/ts/extractor/TypeScriptASTConverter.java index e34d552b777..7b68106bb3f 100644 --- a/javascript/extractor/src/com/semmle/ts/extractor/TypeScriptASTConverter.java +++ b/javascript/extractor/src/com/semmle/ts/extractor/TypeScriptASTConverter.java @@ -1552,8 +1552,13 @@ public class TypeScriptASTConverter { } private Node convertJsxAttribute(JsonObject node, SourceLocation loc) throws ParseError { + JsonObject nameNode = node.get("name").getAsJsonObject(); + if (nameNode.get("name") != null) { + // it's a namespaced attribute + nameNode = nameNode.get("name").getAsJsonObject(); + } return new JSXAttribute( - loc, convertJSXName(convertChild(node, "name")), convertChild(node, "initializer")); + loc, convertJSXName(((Expression)convertNode(nameNode, null))), convertChild(node, "initializer")); // 2 } private Node convertJsxClosingElement(JsonObject node, SourceLocation loc) throws ParseError { diff --git a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/ATMConfig.qll b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/ATMConfig.qll index 5532c8d4726..6836e14e72c 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/ATMConfig.qll +++ b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/ATMConfig.qll @@ -166,6 +166,3 @@ abstract class AtmConfig extends JS::TaintTracking::Configuration { ) } } - -/** DEPRECATED: Alias for AtmConfig */ -deprecated class ATMConfig = AtmConfig; diff --git a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointCharacteristics.qll b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointCharacteristics.qll index 6bb2f29d05c..5d289d4512c 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointCharacteristics.qll +++ b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointCharacteristics.qll @@ -220,7 +220,7 @@ private class DomBasedXssSinkCharacteristic extends EndpointCharacteristic { ) { endpointClass instanceof XssSinkType and isPositiveIndicator = true and - confidence = maximalConfidence() + confidence = this.maximalConfidence() } } @@ -238,7 +238,7 @@ private class TaintedPathSinkCharacteristic extends EndpointCharacteristic { ) { endpointClass instanceof TaintedPathSinkType and isPositiveIndicator = true and - confidence = maximalConfidence() + confidence = this.maximalConfidence() } } @@ -256,7 +256,7 @@ private class SqlInjectionSinkCharacteristic extends EndpointCharacteristic { ) { endpointClass instanceof SqlInjectionSinkType and isPositiveIndicator = true and - confidence = maximalConfidence() + confidence = this.maximalConfidence() } } @@ -274,7 +274,7 @@ private class NosqlInjectionSinkCharacteristic extends EndpointCharacteristic { ) { endpointClass instanceof NosqlInjectionSinkType and isPositiveIndicator = true and - confidence = maximalConfidence() + confidence = this.maximalConfidence() } } @@ -296,7 +296,7 @@ private class ShellCommandInjectionFromEnvironmentSinkCharacteristic extends End ) { endpointClass instanceof ShellCommandInjectionFromEnvironmentSinkType and isPositiveIndicator = true and - confidence = maximalConfidence() + confidence = this.maximalConfidence() } } @@ -335,7 +335,7 @@ abstract private class NotASinkCharacteristic extends EndpointCharacteristic { ) { endpointClass instanceof NegativeType and isPositiveIndicator = true and - confidence = highConfidence() + confidence = this.highConfidence() } } @@ -354,7 +354,7 @@ abstract class LikelyNotASinkCharacteristic extends EndpointCharacteristic { ) { endpointClass instanceof NegativeType and isPositiveIndicator = true and - confidence = mediumConfidence() + confidence = this.mediumConfidence() } } @@ -685,7 +685,7 @@ abstract private class StandardEndpointFilterCharacteristic extends EndpointFilt ) { endpointClass instanceof NegativeType and isPositiveIndicator = true and - confidence = mediumConfidence() + confidence = this.mediumConfidence() } } @@ -786,7 +786,7 @@ abstract private class NosqlInjectionSinkEndpointFilterCharacteristic extends En ) { endpointClass instanceof NosqlInjectionSinkType and isPositiveIndicator = false and - confidence = mediumConfidence() + confidence = this.mediumConfidence() } } @@ -817,7 +817,7 @@ private class ModeledSinkCharacteristic extends NosqlInjectionSinkEndpointFilter override predicate appliesToEndpoint(DataFlow::Node n) { exists(DataFlow::CallNode call | n = call.getAnArgument() | // Remove modeled sinks - isArgumentToKnownLibrarySinkFunction(n) + this.isArgumentToKnownLibrarySinkFunction(n) ) } } @@ -928,7 +928,7 @@ abstract private class SqlInjectionSinkEndpointFilterCharacteristic extends Endp ) { endpointClass instanceof SqlInjectionSinkType and isPositiveIndicator = false and - confidence = mediumConfidence() + confidence = this.mediumConfidence() } } @@ -1002,7 +1002,7 @@ abstract private class TaintedPathSinkEndpointFilterCharacteristic extends Endpo ) { endpointClass instanceof TaintedPathSinkType and isPositiveIndicator = false and - confidence = mediumConfidence() + confidence = this.mediumConfidence() } } @@ -1055,7 +1055,7 @@ abstract private class XssSinkEndpointFilterCharacteristic extends EndpointFilte ) { endpointClass instanceof XssSinkType and isPositiveIndicator = false and - confidence = mediumConfidence() + confidence = this.mediumConfidence() } } diff --git a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointTypes.qll b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointTypes.qll index 452128083fa..24d67e68db3 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointTypes.qll +++ b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointTypes.qll @@ -24,7 +24,7 @@ abstract class EndpointType extends TEndpointType { */ abstract int getEncoding(); - string toString() { result = getDescription() } + string toString() { result = this.getDescription() } } /** The `Negative` class that can be predicted by endpoint scoring models. */ diff --git a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/FunctionBodyFeatures.qll b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/FunctionBodyFeatures.qll index 62531a9d423..0fc660796c4 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/FunctionBodyFeatures.qll +++ b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/FunctionBodyFeatures.qll @@ -41,9 +41,6 @@ AstNode getAnAstNodeToFeaturize(Function f) { not result = f.getIdentifier() } -/** DEPRECATED: Alias for getAnAstNodeToFeaturize */ -deprecated ASTNode getAnASTNodeToFeaturize(Function f) { result = getAnAstNodeToFeaturize(f) } - /** * Gets a function that contains the endpoint. * @@ -130,9 +127,6 @@ AstNode getAnAstNodeWithAFeature(Function f) { result = getAnAstNodeToFeaturize(f) } -/** DEPRECATED: Alias for getAnAstNodeWithAFeature */ -deprecated ASTNode getAnASTNodeWithAFeature(Function f) { result = getAnAstNodeWithAFeature(f) } - /** Returns the number of source-code characters in a function. */ int getNumCharsInFunction(Function f) { result = diff --git a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/NosqlInjectionATM.qll b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/NosqlInjectionATM.qll index e6d602280a4..33614da5dfc 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/NosqlInjectionATM.qll +++ b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/NosqlInjectionATM.qll @@ -33,7 +33,7 @@ class NosqlInjectionAtmConfig extends AtmConfig { sink.(NosqlInjection::Sink).getAFlowLabel() = label or // Allow effective sinks to have any taint label - isEffectiveSink(sink) + this.isEffectiveSink(sink) } override predicate isSanitizer(DataFlow::Node node) { @@ -49,11 +49,11 @@ class NosqlInjectionAtmConfig extends AtmConfig { DataFlow::Node src, DataFlow::Node trg, DataFlow::FlowLabel inlbl, DataFlow::FlowLabel outlbl ) { // additional flow steps from the base (non-boosted) security query - isBaseAdditionalFlowStep(src, trg, inlbl, outlbl) + this.isBaseAdditionalFlowStep(src, trg, inlbl, outlbl) or // relaxed version of previous step to track taint through unmodeled NoSQL query objects - isEffectiveSink(trg) and - src = getASubexpressionWithinQuery(trg) + this.isEffectiveSink(trg) and + src = this.getASubexpressionWithinQuery(trg) } /** Holds if src -> trg is an additional flow step in the non-boosted NoSql injection security query. */ @@ -80,9 +80,9 @@ class NosqlInjectionAtmConfig extends AtmConfig { * involving more complex queries. */ private DataFlow::Node getASubexpressionWithinQuery(DataFlow::Node query) { - isEffectiveSink(query) and + this.isEffectiveSink(query) and exists(DataFlow::SourceNode receiver | - receiver = [getASubexpressionWithinQuery(query), query].getALocalSource() + receiver = [this.getASubexpressionWithinQuery(query), query].getALocalSource() | result = [ diff --git a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/TaintedPathATM.qll b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/TaintedPathATM.qll index de5c9fab415..c20eceb0f9c 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/TaintedPathATM.qll +++ b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/TaintedPathATM.qll @@ -25,7 +25,7 @@ class TaintedPathAtmConfig extends AtmConfig { label = sink.(TaintedPath::Sink).getAFlowLabel() or // Allow effective sinks to have any taint label - isEffectiveSink(sink) + this.isEffectiveSink(sink) } override predicate isSanitizer(DataFlow::Node node) { node instanceof TaintedPath::Sanitizer } @@ -54,10 +54,10 @@ class TaintedPathAtmConfig extends AtmConfig { private class BarrierGuardNodeAsSanitizerGuardNode extends TaintTracking::LabeledSanitizerGuardNode instanceof TaintedPath::BarrierGuardNode { override predicate sanitizes(boolean outcome, Expr e) { - blocks(outcome, e) or blocks(outcome, e, _) + this.blocks(outcome, e) or this.blocks(outcome, e, _) } override predicate sanitizes(boolean outcome, Expr e, DataFlow::FlowLabel label) { - sanitizes(outcome, e) and exists(label) + this.sanitizes(outcome, e) and exists(label) } } diff --git a/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/Labels.qll b/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/Labels.qll index 85ced189b30..dc2c449a20b 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/Labels.qll +++ b/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/Labels.qll @@ -13,7 +13,7 @@ newtype TEndpointLabel = abstract class EndpointLabel extends TEndpointLabel { abstract string getEncoding(); - string toString() { result = getEncoding() } + string toString() { result = this.getEncoding() } } class SinkLabel extends EndpointLabel, TSinkLabel { diff --git a/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/Queries.qll b/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/Queries.qll index 4f7260e7e62..488c2f51914 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/Queries.qll +++ b/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/Queries.qll @@ -15,7 +15,7 @@ newtype TQuery = abstract class Query extends TQuery { abstract string getName(); - string toString() { result = getName() } + string toString() { result = this.getName() } } class NosqlInjectionQuery extends Query, TNosqlInjectionQuery { diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md index 24e199a69d7..3ac3bc23481 100644 --- a/javascript/ql/lib/CHANGELOG.md +++ b/javascript/ql/lib/CHANGELOG.md @@ -1,3 +1,9 @@ +## 0.6.2 + +### Minor Analysis Improvements + +* Improved the queries for injection vulnerabilities in GitHub Actions workflows (`js/actions/command-injection` and `js/actions/pull-request-target`) and the associated library `semmle.javascript.Actions`. These now support steps defined in composite actions, in addition to steps defined in Actions workflow files. It supports more potentially untrusted input values. Additionally to the shell injections it now also detects injections in `actions/github-script`. It also detects simple injections from user controlled `${{ env.name }}`. Additionally to the `yml` extension now it also supports workflows with the `yaml` extension. + ## 0.6.1 ### Major Analysis Improvements diff --git a/javascript/ql/lib/Expressions/DOMProperties.qll b/javascript/ql/lib/Expressions/DOMProperties.qll index 17f53f8a366..fdb7e6024c2 100644 --- a/javascript/ql/lib/Expressions/DOMProperties.qll +++ b/javascript/ql/lib/Expressions/DOMProperties.qll @@ -4,9 +4,6 @@ import semmle.javascript.Externs -/** DEPRECATED: Alias for isDomRootType */ -deprecated predicate isDOMRootType = isDomRootType/1; - /** Holds if `p` is declared as a property of a DOM class or interface. */ pragma[nomagic] predicate isDomProperty(string p) { @@ -14,6 +11,3 @@ predicate isDomProperty(string p) { isDomRootType(emd.getDeclaringType().getASupertype*()) ) } - -/** DEPRECATED: Alias for isDomProperty */ -deprecated predicate isDOMProperty = isDomProperty/1; diff --git a/javascript/ql/lib/change-notes/2023-04-19-typescript-5-1.md b/javascript/ql/lib/change-notes/2023-04-19-typescript-5-1.md new file mode 100644 index 00000000000..7260bd3d389 --- /dev/null +++ b/javascript/ql/lib/change-notes/2023-04-19-typescript-5-1.md @@ -0,0 +1,4 @@ +--- +category: majorAnalysis +--- +* Added support for TypeScript 5.1. \ No newline at end of file diff --git a/javascript/ql/lib/change-notes/2023-04-30-npm-submodule.md b/javascript/ql/lib/change-notes/2023-04-30-npm-submodule.md new file mode 100644 index 00000000000..5ef95cf7d58 --- /dev/null +++ b/javascript/ql/lib/change-notes/2023-04-30-npm-submodule.md @@ -0,0 +1,5 @@ +--- +category: minorAnalysis +--- + +- Added a support of sub modules in `node_modules`. diff --git a/javascript/ql/lib/change-notes/2023-05-12-update-js-sink-kinds.md b/javascript/ql/lib/change-notes/2023-05-12-update-js-sink-kinds.md new file mode 100644 index 00000000000..9d215924623 --- /dev/null +++ b/javascript/ql/lib/change-notes/2023-05-12-update-js-sink-kinds.md @@ -0,0 +1,6 @@ +--- +category: minorAnalysis +--- +* Updated the following JavaScript sink kind names. Any custom data extensions that use these sink kinds will need to be updated accordingly in order to continue working. + * `command-line-injection` to `command-injection` + * `credentials[kind]` to `credentials-kind` diff --git a/javascript/ql/lib/change-notes/2023-06-02-delete-deps.md b/javascript/ql/lib/change-notes/2023-06-02-delete-deps.md new file mode 100644 index 00000000000..9edbce9771e --- /dev/null +++ b/javascript/ql/lib/change-notes/2023-06-02-delete-deps.md @@ -0,0 +1,10 @@ +--- +category: minorAnalysis +--- +* Deleted many deprecated predicates and classes with uppercase `XML`, `JSON`, `URL`, `API`, etc. in their names. Use the PascalCased versions instead. +* Deleted the deprecated `localTaintStep` predicate from `DataFlow.qll`. +* Deleted the deprecated `stringStep`, and `localTaintStep` predicates from `TaintTracking.qll`. +* Deleted many modules that started with a lowercase letter. Use the versions that start with an uppercase letter instead. +* Deleted the deprecated `HtmlInjectionConfiguration` and `JQueryHtmlOrSelectorInjectionConfiguration` classes from `DomBasedXssQuery.qll`, use `Configuration` instead. +* Deleted the deprecated `DefiningIdentifier` class and the `Definitions.qll` file it was in. Use `SsaDefinition` instead. +* Deleted the deprecated `definitionReaches`, `localDefinitionReaches`, `getAPseudoDefinitionInput`, `nextDefAfter`, and `localDefinitionOverwrites` predicates from `DefUse.qll`. \ No newline at end of file diff --git a/javascript/ql/lib/change-notes/released/0.6.2.md b/javascript/ql/lib/change-notes/released/0.6.2.md new file mode 100644 index 00000000000..f97f6633c49 --- /dev/null +++ b/javascript/ql/lib/change-notes/released/0.6.2.md @@ -0,0 +1,5 @@ +## 0.6.2 + +### Minor Analysis Improvements + +* Improved the queries for injection vulnerabilities in GitHub Actions workflows (`js/actions/command-injection` and `js/actions/pull-request-target`) and the associated library `semmle.javascript.Actions`. These now support steps defined in composite actions, in addition to steps defined in Actions workflow files. It supports more potentially untrusted input values. Additionally to the shell injections it now also detects injections in `actions/github-script`. It also detects simple injections from user controlled `${{ env.name }}`. Additionally to the `yml` extension now it also supports workflows with the `yaml` extension. diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml index 80fb0899f64..5501a2a1cc5 100644 --- a/javascript/ql/lib/codeql-pack.release.yml +++ b/javascript/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.6.1 +lastReleaseVersion: 0.6.2 diff --git a/javascript/ql/lib/javascript.qll b/javascript/ql/lib/javascript.qll index 53bb91797aa..ed38db6550e 100644 --- a/javascript/ql/lib/javascript.qll +++ b/javascript/ql/lib/javascript.qll @@ -67,6 +67,7 @@ import semmle.javascript.YAML import semmle.javascript.dataflow.DataFlow import semmle.javascript.dataflow.TaintTracking import semmle.javascript.dataflow.TypeInference +import semmle.javascript.frameworks.ActionsLib import semmle.javascript.frameworks.Angular2 import semmle.javascript.frameworks.AngularJS import semmle.javascript.frameworks.Anser diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index 3864785cd12..52962f549b0 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 0.6.2-dev +version: 0.6.3-dev groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript @@ -12,3 +12,4 @@ dependencies: codeql/yaml: ${workspace} dataExtensions: - semmle/javascript/frameworks/**/model.yml +warnOnImplicitThis: true diff --git a/javascript/ql/lib/semmle/javascript/AST.qll b/javascript/ql/lib/semmle/javascript/AST.qll index 895922f952f..e4a1cf944c4 100644 --- a/javascript/ql/lib/semmle/javascript/AST.qll +++ b/javascript/ql/lib/semmle/javascript/AST.qll @@ -184,9 +184,6 @@ class AstNode extends @ast_node, NodeInStmtContainer { } } -/** DEPRECATED: Alias for AstNode */ -deprecated class ASTNode = AstNode; - /** * Holds if the given file is a `.d.ts` file. */ @@ -339,9 +336,6 @@ class EventHandlerCode extends @event_handler, CodeInAttribute { } */ class JavaScriptUrl extends @javascript_url, CodeInAttribute { } -/** DEPRECATED: Alias for JavaScriptUrl */ -deprecated class JavaScriptURL = JavaScriptUrl; - /** * A toplevel syntactic entity containing Closure-style externs definitions. * diff --git a/javascript/ql/lib/semmle/javascript/Actions.qll b/javascript/ql/lib/semmle/javascript/Actions.qll index 7fd3952ac85..8854eb11a55 100644 --- a/javascript/ql/lib/semmle/javascript/Actions.qll +++ b/javascript/ql/lib/semmle/javascript/Actions.qll @@ -10,16 +10,70 @@ import javascript * See https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions. */ module Actions { - /** A YAML node in a GitHub Actions workflow file. */ + /** A YAML node in a GitHub Actions workflow or a custom composite action file. */ private class Node extends YamlNode { Node() { - this.getLocation() - .getFile() - .getRelativePath() - .regexpMatch("(^|.*/)\\.github/workflows/.*\\.yml$") + exists(File f | + f = this.getLocation().getFile() and + ( + f.getRelativePath().regexpMatch("(^|.*/)\\.github/workflows/.*\\.ya?ml$") + or + f.getBaseName() = ["action.yml", "action.yaml"] + ) + ) } } + /** + * A custom composite action. This is a mapping at the top level of an Actions YAML action file. + * See https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions. + */ + class CompositeAction extends Node, YamlDocument, YamlMapping { + CompositeAction() { + this.getFile().getBaseName() = ["action.yml", "action.yaml"] and + this.lookup("runs").(YamlMapping).lookup("using").(YamlScalar).getValue() = "composite" + } + + /** Gets the `runs` mapping. */ + Runs getRuns() { result = this.lookup("runs") } + } + + /** + * An `runs` mapping in a custom composite action YAML. + * See https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions#runs + */ + class Runs extends StepsContainer { + CompositeAction action; + + Runs() { action.lookup("runs") = this } + + /** Gets the action that this `runs` mapping is in. */ + CompositeAction getAction() { result = action } + + /** Gets the `using` mapping. */ + Using getUsing() { result = this.lookup("using") } + } + + /** + * The parent class of the class that can contain `steps` mappings. (`Job` or `Runs` currently.) + */ + abstract class StepsContainer extends YamlNode, YamlMapping { + /** Gets the sequence of `steps` within this YAML node. */ + YamlSequence getSteps() { result = this.lookup("steps") } + } + + /** + * A `using` mapping in a custom composite action YAML. + */ + class Using extends YamlNode, YamlScalar { + Runs runs; + + Using() { runs.lookup("using") = this } + + /** Gets the `runs` mapping that this `using` mapping is in. */ + Runs getRuns() { result = runs } + } + /** * An Actions workflow. This is a mapping at the top level of an Actions YAML workflow file. * See https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions. @@ -28,6 +82,9 @@ module Actions { /** Gets the `jobs` mapping from job IDs to job definitions in this workflow. */ YamlMapping getJobs() { result = this.lookup("jobs") } + /** Gets the 'global' `env` mapping in this workflow. */ + WorkflowEnv getEnv() { result = this.lookup("env") } + /** Gets the name of the workflow. */ string getName() { result = this.lookup("name").(YamlString).getValue() } @@ -54,11 +111,44 @@ module Actions { Workflow getWorkflow() { result = workflow } } + /** A common class for `env` in workflow, job or step. */ + abstract class Env extends YamlNode, YamlMapping { } + + /** A workflow level `env` mapping. */ + class WorkflowEnv extends Env { + Workflow workflow; + + WorkflowEnv() { workflow.lookup("env") = this } + + /** Gets the workflow this field belongs to. */ + Workflow getWorkflow() { result = workflow } + } + + /** A job level `env` mapping. */ + class JobEnv extends Env { + Job job; + + JobEnv() { job.lookup("env") = this } + + /** Gets the job this field belongs to. */ + Job getJob() { result = job } + } + + /** A step level `env` mapping. */ + class StepEnv extends Env { + Step step; + + StepEnv() { step.lookup("env") = this } + + /** Gets the step this field belongs to. */ + Step getStep() { result = step } + } + /** * An Actions job within a workflow. * See https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#jobs. */ - class Job extends YamlNode, YamlMapping { + class Job extends StepsContainer { string jobId; Workflow workflow; @@ -85,8 +175,8 @@ module Actions { /** Gets the step at the given index within this job. */ Step getStep(int index) { result.getJob() = this and result.getIndex() = index } - /** Gets the sequence of `steps` within this job. */ - YamlSequence getSteps() { result = this.lookup("steps") } + /** Gets the `env` mapping in this job. */ + JobEnv getEnv() { result = this.lookup("env") } /** Gets the workflow this job belongs to. */ Workflow getWorkflow() { result = workflow } @@ -130,15 +220,18 @@ module Actions { */ class Step extends YamlNode, YamlMapping { int index; - Job job; + StepsContainer parent; - Step() { this = job.getSteps().getElement(index) } + Step() { this = parent.getSteps().getElement(index) } /** Gets the 0-based position of this step within the sequence of `steps`. */ int getIndex() { result = index } - /** Gets the job this step belongs to. */ - Job getJob() { result = job } + /** Gets the `job` this step belongs to, if the step belongs to a `job` in a workflow. Has no result if the step belongs to `runs` in a custom composite action. */ + Job getJob() { result = parent } + + /** Gets the `runs` this step belongs to, if the step belongs to a `runs` in a custom composite action. Has no result if the step belongs to a `job` in a workflow. */ + Runs getRuns() { result = parent } /** Gets the value of the `uses` field in this step, if any. */ Uses getUses() { result.getStep() = this } @@ -149,6 +242,9 @@ module Actions { /** Gets the value of the `if` field in this step, if any. */ StepIf getIf() { result.getStep() = this } + /** Gets the value of the `env` field in this step, if any. */ + StepEnv getEnv() { result = this.lookup("env") } + /** Gets the ID of this step, if any. */ string getId() { result = this.lookup("id").(YamlString).getValue() } } @@ -244,6 +340,25 @@ module Actions { With getWith() { result = with } } + /** + * Holds if `${{ e }}` is a GitHub Actions expression evaluated within this YAML string. + * See https://docs.github.com/en/free-pro-team@latest/actions/reference/context-and-expression-syntax-for-github-actions. + * Only finds simple expressions like `${{ github.event.comment.body }}`, where the expression contains only alphanumeric characters, underscores, dots, or dashes. + * Does not identify more complicated expressions like `${{ fromJSON(env.time) }}`, or ${{ format('{{Hello {0}!}}', github.event.head_commit.author.name) }} + */ + string getASimpleReferenceExpression(YamlString node) { + // We use `regexpFind` to obtain *all* matches of `${{...}}`, + // not just the last (greedy match) or first (reluctant match). + result = + node.getValue() + .regexpFind("\\$\\{\\{\\s*[A-Za-z0-9_\\[\\]\\*\\(\\)\\.\\-]+\\s*\\}\\}", _, _) + .regexpCapture("\\$\\{\\{\\s*([A-Za-z0-9_\\[\\]\\*\\((\\)\\.\\-]+)\\s*\\}\\}", 1) + } + + /** Extracts the 'name' part from env.name */ + bindingset[name] + string getEnvName(string name) { result = name.regexpCapture("env\\.([A-Za-z0-9_]+)", 1) } + /** * A `run` field within an Actions job step, which runs command-line programs using an operating system shell. * See https://docs.github.com/en/free-pro-team@latest/actions/reference/workflow-syntax-for-github-actions#jobsjob_idstepsrun. @@ -255,20 +370,5 @@ module Actions { /** Gets the step that executes this `run` command. */ Step getStep() { result = step } - - /** - * Holds if `${{ e }}` is a GitHub Actions expression evaluated within this `run` command. - * See https://docs.github.com/en/free-pro-team@latest/actions/reference/context-and-expression-syntax-for-github-actions. - * Only finds simple expressions like `${{ github.event.comment.body }}`, where the expression contains only alphanumeric characters, underscores, dots, or dashes. - * Does not identify more complicated expressions like `${{ fromJSON(env.time) }}`, or ${{ format('{{Hello {0}!}}', github.event.head_commit.author.name) }} - */ - string getASimpleReferenceExpression() { - // We use `regexpFind` to obtain *all* matches of `${{...}}`, - // not just the last (greedy match) or first (reluctant match). - result = - this.getValue() - .regexpFind("\\$\\{\\{\\s*[A-Za-z0-9_\\.\\-]+\\s*\\}\\}", _, _) - .regexpCapture("\\$\\{\\{\\s*([A-Za-z0-9_\\.\\-]+)\\s*\\}\\}", 1) - } } } diff --git a/javascript/ql/lib/semmle/javascript/ApiGraphs.qll b/javascript/ql/lib/semmle/javascript/ApiGraphs.qll index c543607e73f..080a1bc1209 100644 --- a/javascript/ql/lib/semmle/javascript/ApiGraphs.qll +++ b/javascript/ql/lib/semmle/javascript/ApiGraphs.qll @@ -636,9 +636,6 @@ module API { /** Gets an API-node for this entry point. */ API::Node getANode() { result = root().getASuccessor(Label::entryPoint(this)) } - - /** DEPRECATED. Use `getANode()` instead. */ - deprecated API::Node getNode() { result = this.getANode() } } /** diff --git a/javascript/ql/lib/semmle/javascript/CFG.qll b/javascript/ql/lib/semmle/javascript/CFG.qll index d0897f18948..81bbef4c6d2 100644 --- a/javascript/ql/lib/semmle/javascript/CFG.qll +++ b/javascript/ql/lib/semmle/javascript/CFG.qll @@ -364,7 +364,9 @@ class SyntheticControlFlowNode extends @synthetic_cfg_node, ControlFlowNode { class ControlFlowEntryNode extends SyntheticControlFlowNode, @entry_node { override predicate isUnreachable() { none() } - override string toString() { result = "entry node of " + this.getContainer().toString() } + override string toString() { + result = "entry node of " + pragma[only_bind_out](this.getContainer()).toString() + } } /** A synthetic CFG node marking the exit of a function or toplevel script. */ @@ -373,7 +375,9 @@ class ControlFlowExitNode extends SyntheticControlFlowNode, @exit_node { exit_cfg_node(this, container) } - override string toString() { result = "exit node of " + this.getContainer().toString() } + override string toString() { + result = "exit node of " + pragma[only_bind_out](this.getContainer()).toString() + } } /** diff --git a/javascript/ql/lib/semmle/javascript/DefUse.qll b/javascript/ql/lib/semmle/javascript/DefUse.qll index 8ad710fdc57..a9d021f939e 100644 --- a/javascript/ql/lib/semmle/javascript/DefUse.qll +++ b/javascript/ql/lib/semmle/javascript/DefUse.qll @@ -243,71 +243,3 @@ class VarUse extends ControlFlowNode, @varref instanceof RValue { */ SsaVariable getSsaVariable() { result.getAUse() = this } } - -/** - * Holds if the definition of `v` in `def` reaches `use` along some control flow path - * without crossing another definition of `v`. - * DEPRECATED: Use the `SSA.qll` library instead. - */ -deprecated predicate definitionReaches(Variable v, VarDef def, VarUse use) { - v = use.getVariable() and - exists(BasicBlock bb, int i, int next | next = nextDefAfter(bb, v, i, def) | - exists(int j | j in [i + 1 .. next - 1] | bb.useAt(j, v, use)) - or - exists(BasicBlock succ | succ = bb.getASuccessor() | - succ.isLiveAtEntry(v, use) and - next = bb.length() - ) - ) -} - -/** - * Holds if the definition of local variable `v` in `def` reaches `use` along some control flow path - * without crossing another definition of `v`. - * DEPRECATED: Use the `SSA.qll` library instead. - */ -deprecated predicate localDefinitionReaches(LocalVariable v, VarDef def, VarUse use) { - exists(SsaExplicitDefinition ssa | - ssa.defines(def, v) and - ssa = getAPseudoDefinitionInput*(use.getSsaVariable().getDefinition()) - ) -} - -/** - * Holds if `nd` is a pseudo-definition and the result is one of its inputs. - * DEPRECATED: Use the `SSA.qll` library instead. - */ -deprecated private SsaDefinition getAPseudoDefinitionInput(SsaDefinition nd) { - result = nd.(SsaPseudoDefinition).getAnInput() -} - -/** - * Holds if `d` is a definition of `v` at index `i` in `bb`, and the result is the next index - * in `bb` after `i` at which the same variable is defined, or `bb.length()` if there is none. - */ -deprecated private int nextDefAfter(BasicBlock bb, Variable v, int i, VarDef d) { - bb.defAt(i, v, d) and - result = - min(int jj | - (bb.defAt(jj, v, _) or jj = bb.length()) and - jj > i - ) -} - -/** - * Holds if the `later` definition of `v` could overwrite its `earlier` definition. - * - * This is the case if there is a path from `earlier` to `later` that does not cross - * another definition of `v`. - * DEPRECATED: Use the `SSA.qll` library instead. - */ -deprecated predicate localDefinitionOverwrites(LocalVariable v, VarDef earlier, VarDef later) { - exists(BasicBlock bb, int next | next = nextDefAfter(bb, v, _, earlier) | - bb.defAt(next, v, later) - or - exists(BasicBlock succ | succ = bb.getASuccessor() | - succ.localMayBeOverwritten(v, later) and - next = bb.length() - ) - ) -} diff --git a/javascript/ql/lib/semmle/javascript/E4X.qll b/javascript/ql/lib/semmle/javascript/E4X.qll index 47f1b8e4189..cd112d60664 100644 --- a/javascript/ql/lib/semmle/javascript/E4X.qll +++ b/javascript/ql/lib/semmle/javascript/E4X.qll @@ -16,9 +16,6 @@ module E4X { */ class XmlAnyName extends Expr, @e4x_xml_anyname { } - /** DEPRECATED: Alias for XmlAnyName */ - deprecated class XMLAnyName = XmlAnyName; - /** * An E4X qualified identifier. * @@ -57,9 +54,6 @@ module E4X { } } - /** DEPRECATED: Alias for XmlQualifiedIdentifier */ - deprecated class XMLQualifiedIdentifier = XmlQualifiedIdentifier; - /** * An E4X attribute selector. * @@ -89,9 +83,6 @@ module E4X { } } - /** DEPRECATED: Alias for XmlAttributeSelector */ - deprecated class XMLAttributeSelector = XmlAttributeSelector; - /** * An E4X filter expression. * @@ -117,9 +108,6 @@ module E4X { } } - /** DEPRECATED: Alias for XmlFilterExpression */ - deprecated class XMLFilterExpression = XmlFilterExpression; - /** * An E4X "dot-dot" expression. * @@ -144,7 +132,4 @@ module E4X { result = this.getBase().getFirstControlFlowNode() } } - - /** DEPRECATED: Alias for XmlDotDotExpression */ - deprecated class XMLDotDotExpression = XmlDotDotExpression; } diff --git a/javascript/ql/lib/semmle/javascript/GlobalAccessPaths.qll b/javascript/ql/lib/semmle/javascript/GlobalAccessPaths.qll index e9828e5bf25..35ba8cfe601 100644 --- a/javascript/ql/lib/semmle/javascript/GlobalAccessPaths.qll +++ b/javascript/ql/lib/semmle/javascript/GlobalAccessPaths.qll @@ -234,7 +234,8 @@ module AccessPath { or baseName = fromRhs(write.getBase(), root) or - baseName = fromRhs(GetLaterAccess::getLaterBaseAccess(write), root) + baseName = fromRhs(GetLaterAccess::getLaterBaseAccess(write), root) and + not baseName.matches("%.%") ) or exists(GlobalVariable var | diff --git a/javascript/ql/lib/semmle/javascript/JSON.qll b/javascript/ql/lib/semmle/javascript/JSON.qll index c0d78c078da..1e56fc00657 100644 --- a/javascript/ql/lib/semmle/javascript/JSON.qll +++ b/javascript/ql/lib/semmle/javascript/JSON.qll @@ -61,9 +61,6 @@ class JsonValue extends @json_value, Locatable { override string getAPrimaryQlClass() { result = "JsonValue" } } -/** DEPRECATED: Alias for JsonValue */ -deprecated class JSONValue = JsonValue; - /** * A JSON-encoded primitive value. * @@ -85,9 +82,6 @@ abstract class JsonPrimitiveValue extends JsonValue { string getRawValue() { json_literals(_, result, this) } } -/** DEPRECATED: Alias for JsonPrimitiveValue */ -deprecated class JSONPrimitiveValue = JsonPrimitiveValue; - /** * A JSON-encoded null value. * @@ -101,9 +95,6 @@ class JsonNull extends @json_null, JsonPrimitiveValue { override string getAPrimaryQlClass() { result = "JsonNull" } } -/** DEPRECATED: Alias for JsonNull */ -deprecated class JSONNull = JsonNull; - /** * A JSON-encoded Boolean value. * @@ -118,9 +109,6 @@ class JsonBoolean extends @json_boolean, JsonPrimitiveValue { override string getAPrimaryQlClass() { result = "JsonBoolean" } } -/** DEPRECATED: Alias for JsonBoolean */ -deprecated class JSONBoolean = JsonBoolean; - /** * A JSON-encoded number. * @@ -135,9 +123,6 @@ class JsonNumber extends @json_number, JsonPrimitiveValue { override string getAPrimaryQlClass() { result = "JsonNumber" } } -/** DEPRECATED: Alias for JsonNumber */ -deprecated class JSONNumber = JsonNumber; - /** * A JSON-encoded string value. * @@ -151,9 +136,6 @@ class JsonString extends @json_string, JsonPrimitiveValue { override string getAPrimaryQlClass() { result = "JsonString" } } -/** DEPRECATED: Alias for JsonString */ -deprecated class JSONString = JsonString; - /** * A JSON-encoded array. * @@ -170,9 +152,6 @@ class JsonArray extends @json_array, JsonValue { string getElementStringValue(int i) { result = this.getElementValue(i).getStringValue() } } -/** DEPRECATED: Alias for JsonArray */ -deprecated class JSONArray = JsonArray; - /** * A JSON-encoded object. * @@ -189,9 +168,6 @@ class JsonObject extends @json_object, JsonValue { string getPropStringValue(string name) { result = this.getPropValue(name).getStringValue() } } -/** DEPRECATED: Alias for JsonObject */ -deprecated class JSONObject = JsonObject; - /** * An error reported by the JSON parser. */ @@ -200,6 +176,3 @@ class JsonParseError extends @json_parse_error, Error { override string getMessage() { json_errors(this, result) } } - -/** DEPRECATED: Alias for JsonParseError */ -deprecated class JSONParseError = JsonParseError; diff --git a/javascript/ql/lib/semmle/javascript/JSX.qll b/javascript/ql/lib/semmle/javascript/JSX.qll index fa8f79fb2bb..6fd7c775d4e 100644 --- a/javascript/ql/lib/semmle/javascript/JSX.qll +++ b/javascript/ql/lib/semmle/javascript/JSX.qll @@ -30,9 +30,6 @@ class JsxNode extends Expr, @jsx_element { override string getAPrimaryQlClass() { result = "JsxNode" } } -/** DEPRECATED: Alias for JsxNode */ -deprecated class JSXNode = JsxNode; - /** * A JSX element. * @@ -81,9 +78,6 @@ class JsxElement extends JsxNode { deprecated predicate isHTMLElement() { this.isHtmlElement() } } -/** DEPRECATED: Alias for JsxElement */ -deprecated class JSXElement = JsxElement; - /** * A JSX fragment. * @@ -105,9 +99,6 @@ class JsxFragment extends JsxNode { override string getAPrimaryQlClass() { result = "JsxFragment" } } -/** DEPRECATED: Alias for JsxFragment */ -deprecated class JSXFragment = JsxFragment; - /** * An attribute of a JSX element, including spread attributes. * @@ -154,9 +145,6 @@ class JsxAttribute extends AstNode, @jsx_attribute { override string getAPrimaryQlClass() { result = "JsxAttribute" } } -/** DEPRECATED: Alias for JsxAttribute */ -deprecated class JSXAttribute = JsxAttribute; - /** * A spread attribute of a JSX element. * @@ -175,9 +163,6 @@ class JsxSpreadAttribute extends JsxAttribute { } } -/** DEPRECATED: Alias for JsxSpreadAttribute */ -deprecated class JSXSpreadAttribute = JsxSpreadAttribute; - /** * A namespace-qualified name such as `n:a`. * @@ -201,9 +186,6 @@ class JsxQualifiedName extends Expr, @jsx_qualified_name { override string getAPrimaryQlClass() { result = "JsxQualifiedName" } } -/** DEPRECATED: Alias for JsxQualifiedName */ -deprecated class JSXQualifiedName = JsxQualifiedName; - /** * A name of an JSX element or attribute (which is * always an identifier, a dot expression, or a qualified @@ -244,9 +226,6 @@ class JsxName extends Expr { } } -/** DEPRECATED: Alias for JsxName */ -deprecated class JSXName = JsxName; - /** * An interpolating expression that interpolates nothing. * @@ -260,9 +239,6 @@ class JsxEmptyExpr extends Expr, @jsx_empty_expr { override string getAPrimaryQlClass() { result = "JsxEmptyExpr" } } -/** DEPRECATED: Alias for JsxEmptyExpr */ -deprecated class JSXEmptyExpr = JsxEmptyExpr; - /** * A legacy `@jsx` pragma. * @@ -284,6 +260,3 @@ class JsxPragma extends JSDocTag { /** DEPRECATED: Alias for getDomName */ deprecated string getDOMName() { result = this.getDomName() } } - -/** DEPRECATED: Alias for JsxPragma */ -deprecated class JSXPragma = JsxPragma; diff --git a/javascript/ql/lib/semmle/javascript/JsonStringifiers.qll b/javascript/ql/lib/semmle/javascript/JsonStringifiers.qll index 0ca2ec2ac2e..d128dd9a653 100644 --- a/javascript/ql/lib/semmle/javascript/JsonStringifiers.qll +++ b/javascript/ql/lib/semmle/javascript/JsonStringifiers.qll @@ -77,6 +77,3 @@ class PrettyJsonTaintStep extends TaintTracking::SharedTaintStep { ) } } - -/** DEPRECATED: Alias for PrettyJsonTaintStep */ -deprecated class PrettyJSONTaintStep = PrettyJsonTaintStep; diff --git a/javascript/ql/lib/semmle/javascript/NPM.qll b/javascript/ql/lib/semmle/javascript/NPM.qll index d05045784a6..0bf92c5d29a 100644 --- a/javascript/ql/lib/semmle/javascript/NPM.qll +++ b/javascript/ql/lib/semmle/javascript/NPM.qll @@ -12,8 +12,26 @@ class PackageJson extends JsonObject { this.isTopLevel() } - /** Gets the name of this package. */ - string getPackageName() { result = this.getPropStringValue("name") } + /** + * Gets the name of this package. + * If the package is located under the package `pkg1` and its relative path is `foo/bar`, then the resulting package name will be `pkg1/foo/bar`. + */ + string getPackageName() { + result = this.getPropStringValue("name") + or + exists( + PackageJson parentPkg, Container currentDir, Container parentDir, string parentPkgName, + string pkgNameDiff + | + currentDir = this.getJsonFile().getParentContainer() and + parentDir = parentPkg.getJsonFile().getParentContainer() and + parentPkgName = parentPkg.getPropStringValue("name") and + parentDir.getAChildContainer+() = currentDir and + pkgNameDiff = currentDir.getAbsolutePath().suffix(parentDir.getAbsolutePath().length()) and + not exists(pkgNameDiff.indexOf("/node_modules/")) and + result = parentPkgName + pkgNameDiff + ) + } /** Gets the version of this package. */ string getVersion() { result = this.getPropStringValue("version") } @@ -244,9 +262,6 @@ class PackageJson extends JsonObject { Module getTypingsModule() { result.getFile() = this.getTypingsFile() } } -/** DEPRECATED: Alias for PackageJson */ -deprecated class PackageJSON = PackageJson; - /** * A representation of bug tracker information for an NPM package. */ @@ -352,9 +367,6 @@ class NpmPackage extends @folder { /** Gets the `package.json` object of this package. */ PackageJson getPackageJson() { result = pkg } - /** DEPRECATED: Alias for getPackageJson */ - deprecated PackageJSON getPackageJSON() { result = this.getPackageJson() } - /** Gets the name of this package. */ string getPackageName() { result = this.getPackageJson().getPackageName() } @@ -393,9 +405,6 @@ class NpmPackage extends @folder { predicate declaresDependency(string p, string v) { pkg.declaresDependency(p, v) } } -/** DEPRECATED: Alias for NpmPackage */ -deprecated class NPMPackage = NpmPackage; - /** * Gets the parent folder of `c`, provided that they belong to the same NPM * package; that is, `c` must not be a `node_modules` folder. diff --git a/javascript/ql/lib/semmle/javascript/NodeModuleResolutionImpl.qll b/javascript/ql/lib/semmle/javascript/NodeModuleResolutionImpl.qll index 468d31c2c02..7231143ed55 100644 --- a/javascript/ql/lib/semmle/javascript/NodeModuleResolutionImpl.qll +++ b/javascript/ql/lib/semmle/javascript/NodeModuleResolutionImpl.qll @@ -198,7 +198,7 @@ class MainModulePath extends PathExpr, @json_string { } /** DEPRECATED: Alias for getPackageJson */ - deprecated PackageJSON getPackageJSON() { result = this.getPackageJson() } + deprecated PackageJson getPackageJSON() { result = this.getPackageJson() } override string getValue() { result = this.(JsonString).getValue() } @@ -259,7 +259,7 @@ private class FilesPath extends PathExpr, @json_string { PackageJson getPackageJson() { result = pkg } /** DEPRECATED: Alias for getPackageJson */ - deprecated PackageJSON getPackageJSON() { result = this.getPackageJson() } + deprecated PackageJson getPackageJSON() { result = this.getPackageJson() } override string getValue() { result = this.(JsonString).getValue() } diff --git a/javascript/ql/lib/semmle/javascript/PrintAst.qll b/javascript/ql/lib/semmle/javascript/PrintAst.qll index 5c4960e041c..0defda1dc6b 100644 --- a/javascript/ql/lib/semmle/javascript/PrintAst.qll +++ b/javascript/ql/lib/semmle/javascript/PrintAst.qll @@ -391,9 +391,6 @@ private module PrintJavaScript { } } - /** DEPRECATED: Alias for JsxNodeNode */ - deprecated class JSXNodeNode = JsxNodeNode; - /** * An aggregate node representing all the attributes in a `JSXNode`. */ @@ -409,17 +406,11 @@ private module PrintJavaScript { */ JsxElement getJsxElement() { result = n } - /** DEPRECATED: Alias for getJsxElement */ - deprecated JSXElement getJSXElement() { result = this.getJsxElement() } - override PrintAstNode getChild(int childIndex) { result.(ElementNode).getElement() = n.getAttribute(childIndex) } } - /** DEPRECATED: Alias for JsxAttributesNode */ - deprecated class JSXAttributesNode = JsxAttributesNode; - /** * An aggregate node representing all the body elements in a `JSXNode`. */ @@ -435,17 +426,11 @@ private module PrintJavaScript { */ JsxNode getJsxNode() { result = n } - /** DEPRECATED: Alias for getJsxNode */ - deprecated JSXNode getJSXNode() { result = this.getJsxNode() } - override PrintAstNode getChild(int childIndex) { result.(ElementNode).getElement() = n.getBodyElement(childIndex) } } - /** DEPRECATED: Alias for JsxBodyElementsNode */ - deprecated class JSXBodyElementsNode = JsxBodyElementsNode; - /** * A node representing any `ASTNode` that has type-parameters. * @@ -582,9 +567,6 @@ private module PrintJson { } } - /** DEPRECATED: Alias for JsonNode */ - deprecated class JSONNode = JsonNode; - /** Provied predicates for pretty printing JSON. */ private module PrettyPrinting { /** @@ -655,9 +637,6 @@ module PrintYaml { } } - /** DEPRECATED: Alias for YamlNodeNode */ - deprecated class YAMLNodeNode = YamlNodeNode; - /** * A print node representing a `YAMLMapping`. * @@ -671,9 +650,6 @@ module PrintYaml { } } - /** DEPRECATED: Alias for YamlMappingNode */ - deprecated class YAMLMappingNode = YamlMappingNode; - /** * A print node representing the `i`th mapping in `mapping`. */ @@ -703,14 +679,8 @@ module PrintYaml { childIndex = 1 and result.(YamlNodeNode).getValue() = mapping.getValueNode(i) } } - - /** DEPRECATED: Alias for YamlMappingMapNode */ - deprecated class YAMLMappingMapNode = YamlMappingMapNode; } -/** DEPRECATED: Alias for PrintYaml */ -deprecated module PrintYAML = PrintYaml; - /** * Classes for printing HTML AST. */ @@ -741,9 +711,6 @@ module PrintHtml { } } - /** DEPRECATED: Alias for HtmlElementNode */ - deprecated class HTMLElementNode = HtmlElementNode; - /** * A print node representing an HTML node in a .html file. */ @@ -757,9 +724,6 @@ module PrintHtml { } } - /** DEPRECATED: Alias for HtmlScriptElementNode */ - deprecated class HTMLScriptElementNode = HtmlScriptElementNode; - /** * A print node representing the code inside a `