diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/ir/dataflow/internal/tainttracking1/TaintTracking.qll b/cpp/ql/lib/experimental/semmle/code/cpp/ir/dataflow/internal/tainttracking1/TaintTracking.qll index 7333264298e..7f96fe5e6fb 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/ir/dataflow/internal/tainttracking1/TaintTracking.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/ir/dataflow/internal/tainttracking1/TaintTracking.qll @@ -7,7 +7,8 @@ import TaintTrackingParameter::Public private import TaintTrackingParameter::Private private module AddTaintDefaults implements -DataFlowInternal::FullStateConfigSig { + DataFlowInternal::FullStateConfigSig +{ import Config predicate isBarrier(DataFlow::Node node) { diff --git a/cpp/ql/lib/semmle/code/cpp/NameQualifiers.qll b/cpp/ql/lib/semmle/code/cpp/NameQualifiers.qll index 042ee10700a..a5894e21071 100644 --- a/cpp/ql/lib/semmle/code/cpp/NameQualifiers.qll +++ b/cpp/ql/lib/semmle/code/cpp/NameQualifiers.qll @@ -159,7 +159,8 @@ class NameQualifyingElement extends Element, @namequalifyingelement { * A special name-qualifying element. For example: `__super`. */ library class SpecialNameQualifyingElement extends NameQualifyingElement, - @specialnamequalifyingelement { + @specialnamequalifyingelement +{ /** Gets the name of this special qualifying element. */ override string getName() { specialnamequalifyingelements(underlyingElement(this), result) } diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking1/TaintTracking.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking1/TaintTracking.qll index 7333264298e..7f96fe5e6fb 100644 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking1/TaintTracking.qll +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking1/TaintTracking.qll @@ -7,7 +7,8 @@ import TaintTrackingParameter::Public private import TaintTrackingParameter::Private private module AddTaintDefaults implements -DataFlowInternal::FullStateConfigSig { + DataFlowInternal::FullStateConfigSig +{ import Config predicate isBarrier(DataFlow::Node node) { diff --git a/cpp/ql/lib/semmle/code/cpp/exprs/BuiltInOperations.qll b/cpp/ql/lib/semmle/code/cpp/exprs/BuiltInOperations.qll index fa6589f7e27..c0ffa96297b 100644 --- a/cpp/ql/lib/semmle/code/cpp/exprs/BuiltInOperations.qll +++ b/cpp/ql/lib/semmle/code/cpp/exprs/BuiltInOperations.qll @@ -569,7 +569,8 @@ class BuiltInOperationBuiltInAddressOf extends UnaryOperation, BuiltInOperation, * ``` */ class BuiltInOperationIsTriviallyConstructible extends BuiltInOperation, - @istriviallyconstructibleexpr { + @istriviallyconstructibleexpr +{ override string toString() { result = "__is_trivially_constructible" } override string getAPrimaryQlClass() { result = "BuiltInOperationIsTriviallyConstructible" } @@ -619,7 +620,8 @@ class BuiltInOperationIsNothrowDestructible extends BuiltInOperation, @isnothrow * bool v = __is_trivially_destructible(MyType); * ``` */ -class BuiltInOperationIsTriviallyDestructible extends BuiltInOperation, @istriviallydestructibleexpr { +class BuiltInOperationIsTriviallyDestructible extends BuiltInOperation, @istriviallydestructibleexpr +{ override string toString() { result = "__is_trivially_destructible" } override string getAPrimaryQlClass() { result = "BuiltInOperationIsTriviallyDestructible" } @@ -738,7 +740,8 @@ class BuiltInOperationIsLiteralType extends BuiltInOperation, @isliteraltypeexpr * ``` */ class BuiltInOperationHasTrivialMoveConstructor extends BuiltInOperation, - @hastrivialmoveconstructorexpr { + @hastrivialmoveconstructorexpr +{ override string toString() { result = "__has_trivial_move_constructor" } override string getAPrimaryQlClass() { result = "BuiltInOperationHasTrivialMoveConstructor" } @@ -1034,7 +1037,8 @@ class BuiltInOperationIsAggregate extends BuiltInOperation, @isaggregate { * ``` */ class BuiltInOperationHasUniqueObjectRepresentations extends BuiltInOperation, - @hasuniqueobjectrepresentations { + @hasuniqueobjectrepresentations +{ override string toString() { result = "__has_unique_object_representations" } override string getAPrimaryQlClass() { result = "BuiltInOperationHasUniqueObjectRepresentations" } @@ -1107,7 +1111,8 @@ class BuiltInOperationIsLayoutCompatible extends BuiltInOperation, @islayoutcomp * ``` */ class BuiltInOperationIsPointerInterconvertibleBaseOf extends BuiltInOperation, - @ispointerinterconvertiblebaseof { + @ispointerinterconvertiblebaseof +{ override string toString() { result = "__is_pointer_interconvertible_base_of" } override string getAPrimaryQlClass() { diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/tainttracking1/TaintTracking.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/tainttracking1/TaintTracking.qll index 7333264298e..7f96fe5e6fb 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/tainttracking1/TaintTracking.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/tainttracking1/TaintTracking.qll @@ -7,7 +7,8 @@ import TaintTrackingParameter::Public private import TaintTrackingParameter::Private private module AddTaintDefaults implements -DataFlowInternal::FullStateConfigSig { + DataFlowInternal::FullStateConfigSig +{ import Config predicate isBarrier(DataFlow::Node node) { diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/Opcode.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/Opcode.qll index b4def7fe4ae..7b064340ffe 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/Opcode.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/Opcode.qll @@ -1082,7 +1082,8 @@ module Opcode { * See the `CallSideEffectInstruction` documentation for more details. */ class CallSideEffect extends WriteSideEffectOpcode, EscapedWriteOpcode, MayWriteOpcode, - ReadSideEffectOpcode, EscapedReadOpcode, MayReadOpcode, TCallSideEffect { + ReadSideEffectOpcode, EscapedReadOpcode, MayReadOpcode, TCallSideEffect + { final override string toString() { result = "CallSideEffect" } } @@ -1092,7 +1093,8 @@ module Opcode { * See the `CallReadSideEffectInstruction` documentation for more details. */ class CallReadSideEffect extends ReadSideEffectOpcode, EscapedReadOpcode, MayReadOpcode, - TCallReadSideEffect { + TCallReadSideEffect + { final override string toString() { result = "CallReadSideEffect" } } @@ -1102,7 +1104,8 @@ module Opcode { * See the `IndirectReadSideEffectInstruction` documentation for more details. */ class IndirectReadSideEffect extends ReadSideEffectOpcode, IndirectReadOpcode, - TIndirectReadSideEffect { + TIndirectReadSideEffect + { final override string toString() { result = "IndirectReadSideEffect" } } @@ -1112,7 +1115,8 @@ module Opcode { * See the `IndirectMustWriteSideEffectInstruction` documentation for more details. */ class IndirectMustWriteSideEffect extends WriteSideEffectOpcode, IndirectWriteOpcode, - TIndirectMustWriteSideEffect { + TIndirectMustWriteSideEffect + { final override string toString() { result = "IndirectMustWriteSideEffect" } } @@ -1122,7 +1126,8 @@ module Opcode { * See the `IndirectMayWriteSideEffectInstruction` documentation for more details. */ class IndirectMayWriteSideEffect extends WriteSideEffectOpcode, IndirectWriteOpcode, - MayWriteOpcode, TIndirectMayWriteSideEffect { + MayWriteOpcode, TIndirectMayWriteSideEffect + { final override string toString() { result = "IndirectMayWriteSideEffect" } } @@ -1132,7 +1137,8 @@ module Opcode { * See the `BufferReadSideEffectInstruction` documentation for more details. */ class BufferReadSideEffect extends ReadSideEffectOpcode, UnsizedBufferReadOpcode, - TBufferReadSideEffect { + TBufferReadSideEffect + { final override string toString() { result = "BufferReadSideEffect" } } @@ -1142,7 +1148,8 @@ module Opcode { * See the `BufferMustWriteSideEffectInstruction` documentation for more details. */ class BufferMustWriteSideEffect extends WriteSideEffectOpcode, UnsizedBufferWriteOpcode, - TBufferMustWriteSideEffect { + TBufferMustWriteSideEffect + { final override string toString() { result = "BufferMustWriteSideEffect" } } @@ -1152,7 +1159,8 @@ module Opcode { * See the `BufferMayWriteSideEffectInstruction` documentation for more details. */ class BufferMayWriteSideEffect extends WriteSideEffectOpcode, UnsizedBufferWriteOpcode, - MayWriteOpcode, TBufferMayWriteSideEffect { + MayWriteOpcode, TBufferMayWriteSideEffect + { final override string toString() { result = "BufferMayWriteSideEffect" } } @@ -1162,7 +1170,8 @@ module Opcode { * See the `SizedBufferReadSideEffectInstruction` documentation for more details. */ class SizedBufferReadSideEffect extends ReadSideEffectOpcode, SizedBufferReadOpcode, - TSizedBufferReadSideEffect { + TSizedBufferReadSideEffect + { final override string toString() { result = "SizedBufferReadSideEffect" } } @@ -1172,7 +1181,8 @@ module Opcode { * See the `SizedBufferMustWriteSideEffectInstruction` documentation for more details. */ class SizedBufferMustWriteSideEffect extends WriteSideEffectOpcode, SizedBufferWriteOpcode, - TSizedBufferMustWriteSideEffect { + TSizedBufferMustWriteSideEffect + { final override string toString() { result = "SizedBufferMustWriteSideEffect" } } @@ -1182,7 +1192,8 @@ module Opcode { * See the `SizedBufferMayWriteSideEffectInstruction` documentation for more details. */ class SizedBufferMayWriteSideEffect extends WriteSideEffectOpcode, SizedBufferWriteOpcode, - MayWriteOpcode, TSizedBufferMayWriteSideEffect { + MayWriteOpcode, TSizedBufferMayWriteSideEffect + { final override string toString() { result = "SizedBufferMayWriteSideEffect" } } @@ -1192,7 +1203,8 @@ module Opcode { * See the `InitializeDynamicAllocationInstruction` documentation for more details. */ class InitializeDynamicAllocation extends SideEffectOpcode, EntireAllocationWriteOpcode, - TInitializeDynamicAllocation { + TInitializeDynamicAllocation + { final override string toString() { result = "InitializeDynamicAllocation" } } @@ -1221,7 +1233,8 @@ module Opcode { * See the `InlineAsmInstruction` documentation for more details. */ class InlineAsm extends Opcode, EscapedWriteOpcode, MayWriteOpcode, EscapedReadOpcode, - MayReadOpcode, TInlineAsm { + MayReadOpcode, TInlineAsm + { final override string toString() { result = "InlineAsm" } final override predicate hasOperandInternal(OperandTag tag) { diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/AliasedSSA.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/AliasedSSA.qll index 0a3e0287635..15ed979f69e 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/AliasedSSA.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/internal/AliasedSSA.qll @@ -246,7 +246,8 @@ class VariableMemoryLocation extends TVariableMemoryLocation, AllocationMemoryLo } class EntireAllocationMemoryLocation extends TEntireAllocationMemoryLocation, - AllocationMemoryLocation { + AllocationMemoryLocation +{ EntireAllocationMemoryLocation() { this = TEntireAllocationMemoryLocation(var, isMayAccess) } final override string toStringInternal() { result = var.toString() } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCall.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCall.qll index 7d015654056..473b23e8b8d 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCall.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCall.qll @@ -511,7 +511,8 @@ abstract class TranslatedArgumentSideEffect extends TranslatedSideEffect { * calls other than constructor calls. */ class TranslatedArgumentExprSideEffect extends TranslatedArgumentSideEffect, - TTranslatedArgumentExprSideEffect { + TTranslatedArgumentExprSideEffect +{ Expr arg; TranslatedArgumentExprSideEffect() { @@ -546,7 +547,8 @@ class TranslatedArgumentExprSideEffect extends TranslatedArgumentSideEffect, * calls to non-static member functions. */ class TranslatedStructorQualifierSideEffect extends TranslatedArgumentSideEffect, - TTranslatedStructorQualifierSideEffect { + TTranslatedStructorQualifierSideEffect +{ TranslatedStructorQualifierSideEffect() { this = TTranslatedStructorQualifierSideEffect(call, sideEffectOpcode) and index = -1 diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCondition.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCondition.qll index 528acf4498b..2953c9eeb1f 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCondition.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedCondition.qll @@ -34,7 +34,8 @@ abstract class TranslatedCondition extends TranslatedElement { } abstract class TranslatedFlexibleCondition extends TranslatedCondition, ConditionContext, - TTranslatedFlexibleCondition { + TTranslatedFlexibleCondition +{ TranslatedFlexibleCondition() { this = TTranslatedFlexibleCondition(expr) } final override TranslatedElement getChild(int id) { id = 0 and result = getOperand() } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedDeclarationEntry.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedDeclarationEntry.qll index 03a6422b114..2b2acfb94a3 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedDeclarationEntry.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedDeclarationEntry.qll @@ -75,7 +75,8 @@ abstract class TranslatedLocalVariableDeclaration extends TranslatedVariableInit * The IR translation of a local variable declaration within a declaration statement. */ class TranslatedAutoVariableDeclarationEntry extends TranslatedLocalVariableDeclaration, - TranslatedDeclarationEntry { + TranslatedDeclarationEntry +{ StackVariable var; TranslatedAutoVariableDeclarationEntry() { var = entry.getDeclaration() } @@ -217,7 +218,8 @@ class TranslatedStaticLocalVariableDeclarationEntry extends TranslatedDeclaratio * with a dynamic initializer. */ class TranslatedStaticLocalVariableInitialization extends TranslatedElement, - TranslatedLocalVariableDeclaration, TTranslatedStaticLocalVariableInitialization { + TranslatedLocalVariableDeclaration, TTranslatedStaticLocalVariableInitialization +{ IRVariableDeclarationEntry entry; StaticLocalVariable var; diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll index df5a974c45b..8e228d55279 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedExpr.qll @@ -131,7 +131,8 @@ abstract class TranslatedCoreExpr extends TranslatedExpr { } class TranslatedConditionValue extends TranslatedCoreExpr, ConditionContext, - TTranslatedConditionValue { + TTranslatedConditionValue +{ TranslatedConditionValue() { this = TTranslatedConditionValue(expr) } override TranslatedElement getChild(int id) { id = 0 and result = this.getCondition() } @@ -326,7 +327,8 @@ class TranslatedLoad extends TranslatedValueCategoryAdjustment, TTranslatedLoad * from the AST. */ class TranslatedSyntheticTemporaryObject extends TranslatedValueCategoryAdjustment, - TTranslatedSyntheticTemporaryObject { + TTranslatedSyntheticTemporaryObject +{ TranslatedSyntheticTemporaryObject() { this = TTranslatedSyntheticTemporaryObject(expr) } override string toString() { result = "Temporary materialization of " + expr.toString() } @@ -2302,7 +2304,8 @@ class TranslatedBinaryConditionalExpr extends TranslatedConditionalExpr { * its initializer. */ class TranslatedTemporaryObjectExpr extends TranslatedNonConstantExpr, - TranslatedVariableInitialization { + TranslatedVariableInitialization +{ override TemporaryObjectExpr expr; final override predicate hasTempVariable(TempVariableTag tag, CppType type) { diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedFunction.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedFunction.qll index b4746ae58de..d29d8c80cf5 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedFunction.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedFunction.qll @@ -566,7 +566,8 @@ private TranslatedConstructorInitList getTranslatedConstructorInitList(Function * instances for constructors can actually contain initializers. */ class TranslatedConstructorInitList extends TranslatedElement, InitializationContext, - TTranslatedConstructorInitList { + TTranslatedConstructorInitList +{ Function func; TranslatedConstructorInitList() { this = TTranslatedConstructorInitList(func) } @@ -637,7 +638,8 @@ private TranslatedDestructorDestructionList getTranslatedDestructorDestructionLi * destructions. */ class TranslatedDestructorDestructionList extends TranslatedElement, - TTranslatedDestructorDestructionList { + TTranslatedDestructorDestructionList +{ Function func; TranslatedDestructorDestructionList() { this = TTranslatedDestructorDestructionList(func) } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedGlobalVar.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedGlobalVar.qll index dde5e00361a..5a4f7977ac8 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedGlobalVar.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedGlobalVar.qll @@ -9,7 +9,8 @@ private import InstructionTag private import semmle.code.cpp.ir.internal.IRUtilities class TranslatedGlobalOrNamespaceVarInit extends TranslatedRootElement, - TTranslatedGlobalOrNamespaceVarInit, InitializationContext { + TTranslatedGlobalOrNamespaceVarInit, InitializationContext +{ GlobalOrNamespaceVariable var; TranslatedGlobalOrNamespaceVarInit() { this = TTranslatedGlobalOrNamespaceVarInit(var) } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedInitialization.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedInitialization.qll index 452c9beedb9..4cd235a52bf 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedInitialization.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedInitialization.qll @@ -440,7 +440,8 @@ class TranslatedStringLiteralInitialization extends TranslatedDirectInitializati } class TranslatedConstructorInitialization extends TranslatedDirectInitialization, - StructorCallContext { + StructorCallContext +{ override ConstructorCall expr; override predicate hasInstruction(Opcode opcode, InstructionTag tag, CppType resultType) { @@ -528,7 +529,8 @@ abstract class TranslatedFieldInitialization extends TranslatedElement { * explicit element in an initializer list. */ class TranslatedExplicitFieldInitialization extends TranslatedFieldInitialization, - InitializationContext, TTranslatedExplicitFieldInitialization { + InitializationContext, TTranslatedExplicitFieldInitialization +{ Expr expr; TranslatedExplicitFieldInitialization() { @@ -565,7 +567,8 @@ private string getZeroValue(Type type) { * corresponding element in the initializer list. */ class TranslatedFieldValueInitialization extends TranslatedFieldInitialization, - TTranslatedFieldValueInitialization { + TTranslatedFieldValueInitialization +{ TranslatedFieldValueInitialization() { this = TTranslatedFieldValueInitialization(ast, field) } override predicate hasInstruction(Opcode opcode, InstructionTag tag, CppType resultType) { @@ -700,7 +703,8 @@ abstract class TranslatedElementInitialization extends TranslatedElement { * an explicit element in an initializer list. */ class TranslatedExplicitElementInitialization extends TranslatedElementInitialization, - TTranslatedExplicitElementInitialization, InitializationContext { + TTranslatedExplicitElementInitialization, InitializationContext +{ int elementIndex; TranslatedExplicitElementInitialization() { @@ -737,7 +741,8 @@ class TranslatedExplicitElementInitialization extends TranslatedElementInitializ * elements without corresponding elements in the initializer list. */ class TranslatedElementValueInitialization extends TranslatedElementInitialization, - TTranslatedElementValueInitialization { + TTranslatedElementValueInitialization +{ int elementIndex; int elementCount; @@ -881,7 +886,8 @@ abstract class TranslatedBaseStructorCall extends TranslatedStructorCallFromStru * Represents a call to a delegating or base class constructor from within a constructor. */ abstract class TranslatedConstructorCallFromConstructor extends TranslatedStructorCallFromStructor, - TTranslatedConstructorBaseInit { + TTranslatedConstructorBaseInit +{ TranslatedConstructorCallFromConstructor() { this = TTranslatedConstructorBaseInit(call) } } @@ -917,7 +923,8 @@ class TranslatedConstructorDelegationInit extends TranslatedConstructorCallFromC * derived class constructor */ class TranslatedConstructorBaseInit extends TranslatedConstructorCallFromConstructor, - TranslatedBaseStructorCall { + TranslatedBaseStructorCall +{ TranslatedConstructorBaseInit() { not call instanceof ConstructorDelegationInit } final override string toString() { result = "construct base: " + call.toString() } @@ -934,7 +941,8 @@ TranslatedDestructorBaseDestruction getTranslatedDestructorBaseDestruction( * derived class destructor. */ class TranslatedDestructorBaseDestruction extends TranslatedBaseStructorCall, - TTranslatedDestructorBaseDestruction { + TTranslatedDestructorBaseDestruction +{ TranslatedDestructorBaseDestruction() { this = TTranslatedDestructorBaseDestruction(call) } final override string toString() { result = "destroy base: " + call.toString() } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedStmt.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedStmt.qll index 9140620cddc..da4183ca25c 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedStmt.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/internal/TranslatedStmt.qll @@ -20,7 +20,8 @@ TranslatedMicrosoftTryExceptHandler getTranslatedMicrosoftTryExceptHandler( } class TranslatedMicrosoftTryExceptHandler extends TranslatedElement, - TTranslatedMicrosoftTryExceptHandler { + TTranslatedMicrosoftTryExceptHandler +{ MicrosoftTryExceptStmt tryExcept; TranslatedMicrosoftTryExceptHandler() { this = TTranslatedMicrosoftTryExceptHandler(tryExcept) } diff --git a/cpp/ql/lib/semmle/code/cpp/models/implementations/Allocation.qll b/cpp/ql/lib/semmle/code/cpp/models/implementations/Allocation.qll index 028ab1a0370..a1fa08daa7d 100644 --- a/cpp/ql/lib/semmle/code/cpp/models/implementations/Allocation.qll +++ b/cpp/ql/lib/semmle/code/cpp/models/implementations/Allocation.qll @@ -389,7 +389,8 @@ private class NewArrayAllocationExpr extends AllocationExpr, NewArrayExpr { private module HeuristicAllocation { /** A class that maps an `AllocationExpr` to an `HeuristicAllocationExpr`. */ - private class HeuristicAllocationModeled extends HeuristicAllocationExpr instanceof AllocationExpr { + private class HeuristicAllocationModeled extends HeuristicAllocationExpr instanceof AllocationExpr + { override Expr getSizeExpr() { result = AllocationExpr.super.getSizeExpr() } override int getSizeMult() { result = AllocationExpr.super.getSizeMult() } @@ -406,7 +407,8 @@ private module HeuristicAllocation { } /** A class that maps an `AllocationFunction` to an `HeuristicAllocationFunction`. */ - private class HeuristicAllocationFunctionModeled extends HeuristicAllocationFunction instanceof AllocationFunction { + private class HeuristicAllocationFunctionModeled extends HeuristicAllocationFunction instanceof AllocationFunction + { override int getSizeArg() { result = AllocationFunction.super.getSizeArg() } override int getSizeMult() { result = AllocationFunction.super.getSizeMult() } @@ -430,7 +432,8 @@ private module HeuristicAllocation { * 2. The function must return a pointer type * 3. There must be a unique parameter of unsigned integral type. */ - private class HeuristicAllocationFunctionByName extends HeuristicAllocationFunction instanceof Function { + private class HeuristicAllocationFunctionByName extends HeuristicAllocationFunction instanceof Function + { int sizeArg; HeuristicAllocationFunctionByName() { diff --git a/cpp/ql/lib/semmle/code/cpp/models/implementations/GetDelim.qll b/cpp/ql/lib/semmle/code/cpp/models/implementations/GetDelim.qll index 6cf642bd4cb..4415dd0c3fc 100644 --- a/cpp/ql/lib/semmle/code/cpp/models/implementations/GetDelim.qll +++ b/cpp/ql/lib/semmle/code/cpp/models/implementations/GetDelim.qll @@ -7,7 +7,8 @@ import semmle.code.cpp.models.interfaces.FlowSource * The standard functions `getdelim`, `getwdelim` and the glibc variant `__getdelim`. */ private class GetDelimFunction extends TaintFunction, AliasFunction, SideEffectFunction, - RemoteFlowSourceFunction { + RemoteFlowSourceFunction +{ GetDelimFunction() { this.hasGlobalName(["getdelim", "getwdelim", "__getdelim"]) } override predicate hasTaintFlow(FunctionInput i, FunctionOutput o) { diff --git a/cpp/ql/lib/semmle/code/cpp/models/implementations/Gets.qll b/cpp/ql/lib/semmle/code/cpp/models/implementations/Gets.qll index b89eb2c1f14..4ac9daf6dda 100644 --- a/cpp/ql/lib/semmle/code/cpp/models/implementations/Gets.qll +++ b/cpp/ql/lib/semmle/code/cpp/models/implementations/Gets.qll @@ -14,7 +14,8 @@ import semmle.code.cpp.models.interfaces.FlowSource * The standard functions `fgets` and `fgetws`. */ private class FgetsFunction extends DataFlowFunction, TaintFunction, ArrayFunction, AliasFunction, - SideEffectFunction, RemoteFlowSourceFunction { + SideEffectFunction, RemoteFlowSourceFunction +{ FgetsFunction() { // fgets(str, num, stream) // fgetws(wstr, num, stream) @@ -69,7 +70,8 @@ private class FgetsFunction extends DataFlowFunction, TaintFunction, ArrayFuncti * The standard functions `gets`. */ private class GetsFunction extends DataFlowFunction, ArrayFunction, AliasFunction, - SideEffectFunction, LocalFlowSourceFunction { + SideEffectFunction, LocalFlowSourceFunction +{ GetsFunction() { // gets(str) this.hasGlobalOrStdOrBslName("gets") diff --git a/cpp/ql/lib/semmle/code/cpp/models/implementations/IdentityFunction.qll b/cpp/ql/lib/semmle/code/cpp/models/implementations/IdentityFunction.qll index 60afd2b25ef..f07e990dc16 100644 --- a/cpp/ql/lib/semmle/code/cpp/models/implementations/IdentityFunction.qll +++ b/cpp/ql/lib/semmle/code/cpp/models/implementations/IdentityFunction.qll @@ -7,7 +7,8 @@ import semmle.code.cpp.models.interfaces.SideEffect * The standard function templates `std::move` and `std::forward`. */ private class IdentityFunction extends DataFlowFunction, SideEffectFunction, AliasFunction, - FunctionTemplateInstantiation { + FunctionTemplateInstantiation +{ IdentityFunction() { this.hasQualifiedName("std", ["move", "forward"]) } override predicate hasOnlySpecificReadSideEffects() { any() } diff --git a/cpp/ql/lib/semmle/code/cpp/models/implementations/Iterator.qll b/cpp/ql/lib/semmle/code/cpp/models/implementations/Iterator.qll index 93b64c343bd..cafd9aeeef0 100644 --- a/cpp/ql/lib/semmle/code/cpp/models/implementations/Iterator.qll +++ b/cpp/ql/lib/semmle/code/cpp/models/implementations/Iterator.qll @@ -121,7 +121,8 @@ class IteratorCrementNonMemberOperator extends Operator { } private class IteratorCrementNonMemberOperatorModel extends IteratorCrementNonMemberOperator, - DataFlowFunction { + DataFlowFunction +{ override predicate hasDataFlow(FunctionInput input, FunctionOutput output) { input = getIteratorArgumentInput(this, 0) and output.isReturnValue() @@ -143,7 +144,8 @@ class IteratorCrementMemberOperator extends MemberFunction { } private class IteratorCrementMemberOperatorModel extends IteratorCrementMemberOperator, - DataFlowFunction, TaintFunction { + DataFlowFunction, TaintFunction +{ override predicate hasDataFlow(FunctionInput input, FunctionOutput output) { input.isQualifierAddress() and output.isReturnValue() @@ -204,7 +206,8 @@ class IteratorBinaryArithmeticMemberOperator extends MemberFunction { } private class IteratorBinaryArithmeticMemberOperatorModel extends IteratorBinaryArithmeticMemberOperator, - TaintFunction { + TaintFunction +{ override predicate hasTaintFlow(FunctionInput input, FunctionOutput output) { input.isQualifierObject() and output.isReturnValue() @@ -258,7 +261,8 @@ class IteratorAssignArithmeticNonMemberOperator extends Operator { } private class IteratorAssignArithmeticNonMemberOperatorModel extends IteratorAssignArithmeticNonMemberOperator, - DataFlowFunction, TaintFunction { + DataFlowFunction, TaintFunction +{ override predicate hasDataFlow(FunctionInput input, FunctionOutput output) { input.isParameter(0) and output.isReturnValue() @@ -289,7 +293,8 @@ class IteratorAssignArithmeticMemberOperator extends MemberFunction { } private class IteratorAssignArithmeticMemberOperatorModel extends IteratorAssignArithmeticMemberOperator, - DataFlowFunction, TaintFunction { + DataFlowFunction, TaintFunction +{ override predicate hasDataFlow(FunctionInput input, FunctionOutput output) { input.isQualifierAddress() and output.isReturnValue() @@ -325,7 +330,8 @@ class IteratorAssignArithmeticOperator extends Function { * non-member and member versions, use `IteratorPointerDereferenceOperator`. */ class IteratorPointerDereferenceMemberOperator extends MemberFunction, TaintFunction, - IteratorReferenceFunction { + IteratorReferenceFunction +{ IteratorPointerDereferenceMemberOperator() { this.getClassAndName("operator*") instanceof Iterator } @@ -353,7 +359,8 @@ class IteratorPointerDereferenceNonMemberOperator extends Operator, IteratorRefe } private class IteratorPointerDereferenceNonMemberOperatorModel extends IteratorPointerDereferenceNonMemberOperator, - TaintFunction { + TaintFunction +{ override predicate hasTaintFlow(FunctionInput input, FunctionOutput output) { input = getIteratorArgumentInput(this, 0) and output.isReturnValue() @@ -389,7 +396,8 @@ private class IteratorFieldMemberOperator extends Operator, TaintFunction { * An `operator[]` member function of an iterator class. */ private class IteratorArrayMemberOperator extends MemberFunction, TaintFunction, - IteratorReferenceFunction { + IteratorReferenceFunction +{ IteratorArrayMemberOperator() { this.getClassAndName("operator[]") instanceof Iterator } override predicate hasTaintFlow(FunctionInput input, FunctionOutput output) { @@ -418,7 +426,8 @@ class IteratorAssignmentMemberOperator extends MemberFunction { * `operator*` and use their own `operator=` to assign to the container. */ private class IteratorAssignmentMemberOperatorModel extends IteratorAssignmentMemberOperator, - TaintFunction { + TaintFunction +{ override predicate hasTaintFlow(FunctionInput input, FunctionOutput output) { input.isParameterDeref(0) and output.isQualifierObject() diff --git a/cpp/ql/lib/semmle/code/cpp/models/implementations/Memcpy.qll b/cpp/ql/lib/semmle/code/cpp/models/implementations/Memcpy.qll index a8d0e94f43c..2c47587f42e 100644 --- a/cpp/ql/lib/semmle/code/cpp/models/implementations/Memcpy.qll +++ b/cpp/ql/lib/semmle/code/cpp/models/implementations/Memcpy.qll @@ -15,7 +15,8 @@ import semmle.code.cpp.models.interfaces.Taint * `__builtin___memcpy_chk`. */ private class MemcpyFunction extends ArrayFunction, DataFlowFunction, SideEffectFunction, - AliasFunction { + AliasFunction +{ MemcpyFunction() { // memcpy(dest, src, num) // memmove(dest, src, num) diff --git a/cpp/ql/lib/semmle/code/cpp/models/implementations/Memset.qll b/cpp/ql/lib/semmle/code/cpp/models/implementations/Memset.qll index 11ef853a0bc..0d09173854c 100644 --- a/cpp/ql/lib/semmle/code/cpp/models/implementations/Memset.qll +++ b/cpp/ql/lib/semmle/code/cpp/models/implementations/Memset.qll @@ -13,7 +13,8 @@ import semmle.code.cpp.models.interfaces.SideEffect * The standard function `memset` and its assorted variants */ private class MemsetFunction extends ArrayFunction, DataFlowFunction, AliasFunction, - SideEffectFunction { + SideEffectFunction +{ MemsetFunction() { this.hasGlobalOrStdOrBslName("memset") or diff --git a/cpp/ql/lib/semmle/code/cpp/models/implementations/Pure.qll b/cpp/ql/lib/semmle/code/cpp/models/implementations/Pure.qll index 4efab29cabf..41bd9ae0db7 100644 --- a/cpp/ql/lib/semmle/code/cpp/models/implementations/Pure.qll +++ b/cpp/ql/lib/semmle/code/cpp/models/implementations/Pure.qll @@ -8,7 +8,8 @@ import semmle.code.cpp.models.interfaces.SideEffect * guaranteed to be side-effect free. */ private class PureStrFunction extends AliasFunction, ArrayFunction, TaintFunction, - SideEffectFunction { + SideEffectFunction +{ PureStrFunction() { this.hasGlobalOrStdOrBslName([ atoi(), "strcasestr", "strchnul", "strchr", "strchrnul", "strstr", "strpbrk", "strrchr", @@ -153,7 +154,8 @@ private class PureFunction extends TaintFunction, SideEffectFunction { * evaluation is guaranteed to be side-effect free. */ private class PureMemFunction extends AliasFunction, ArrayFunction, TaintFunction, - SideEffectFunction { + SideEffectFunction +{ PureMemFunction() { this.hasGlobalOrStdOrBslName([ "memchr", "__builtin_memchr", "memrchr", "rawmemchr", "memcmp", "__builtin_memcmp", "memmem" diff --git a/cpp/ql/lib/semmle/code/cpp/models/implementations/Recv.qll b/cpp/ql/lib/semmle/code/cpp/models/implementations/Recv.qll index 6a4dd524b86..7323df0eedc 100644 --- a/cpp/ql/lib/semmle/code/cpp/models/implementations/Recv.qll +++ b/cpp/ql/lib/semmle/code/cpp/models/implementations/Recv.qll @@ -11,7 +11,8 @@ import semmle.code.cpp.models.interfaces.SideEffect /** The function `recv` and its assorted variants */ private class Recv extends AliasFunction, ArrayFunction, SideEffectFunction, - RemoteFlowSourceFunction { + RemoteFlowSourceFunction +{ Recv() { this.hasGlobalName([ "recv", // recv(socket, dest, len, flags) diff --git a/cpp/ql/lib/semmle/code/cpp/models/implementations/Scanf.qll b/cpp/ql/lib/semmle/code/cpp/models/implementations/Scanf.qll index 9a9e02611f8..fbef5a8fcac 100644 --- a/cpp/ql/lib/semmle/code/cpp/models/implementations/Scanf.qll +++ b/cpp/ql/lib/semmle/code/cpp/models/implementations/Scanf.qll @@ -15,7 +15,8 @@ import semmle.code.cpp.models.interfaces.FlowSource * The `scanf` family of functions. */ abstract private class ScanfFunctionModel extends ArrayFunction, TaintFunction, AliasFunction, - SideEffectFunction { + SideEffectFunction +{ override predicate hasArrayWithNullTerminator(int bufParam) { bufParam = this.(ScanfFunction).getFormatParameterIndex() } diff --git a/cpp/ql/lib/semmle/code/cpp/models/implementations/SmartPointer.qll b/cpp/ql/lib/semmle/code/cpp/models/implementations/SmartPointer.qll index 389ce6c5ab0..64453f551c7 100644 --- a/cpp/ql/lib/semmle/code/cpp/models/implementations/SmartPointer.qll +++ b/cpp/ql/lib/semmle/code/cpp/models/implementations/SmartPointer.qll @@ -29,7 +29,8 @@ private class SmartPtr extends Class, PointerWrapper { * - `std::weak_ptr::operator*()` */ private class PointerUnwrapperFunction extends MemberFunction, TaintFunction, DataFlowFunction, - SideEffectFunction, AliasFunction { + SideEffectFunction, AliasFunction +{ PointerUnwrapperFunction() { exists(PointerWrapper wrapper | wrapper.getAnUnwrapperFunction() = this) } diff --git a/cpp/ql/lib/semmle/code/cpp/models/implementations/Strset.qll b/cpp/ql/lib/semmle/code/cpp/models/implementations/Strset.qll index f4a80cbabac..e5b493cc2ee 100644 --- a/cpp/ql/lib/semmle/code/cpp/models/implementations/Strset.qll +++ b/cpp/ql/lib/semmle/code/cpp/models/implementations/Strset.qll @@ -13,7 +13,8 @@ import semmle.code.cpp.models.interfaces.SideEffect * The standard function `strset` and its assorted variants */ private class StrsetFunction extends ArrayFunction, DataFlowFunction, AliasFunction, - SideEffectFunction { + SideEffectFunction +{ StrsetFunction() { hasGlobalName([ "strset", "_strset", "_strset_l", "_wcsset", "_wcsset_l", "_mbsset", "_mbsset_l", diff --git a/cpp/ql/lib/semmle/code/cpp/models/implementations/System.qll b/cpp/ql/lib/semmle/code/cpp/models/implementations/System.qll index 02a9d0d6744..de62517e5bb 100644 --- a/cpp/ql/lib/semmle/code/cpp/models/implementations/System.qll +++ b/cpp/ql/lib/semmle/code/cpp/models/implementations/System.qll @@ -7,7 +7,8 @@ import semmle.code.cpp.models.interfaces.CommandExecution * A function for running a command using a command interpreter. */ private class SystemFunction extends CommandExecutionFunction, ArrayFunction, AliasFunction, - SideEffectFunction { + SideEffectFunction +{ SystemFunction() { hasGlobalOrStdName("system") or // system(command) hasGlobalName("popen") or // popen(command, mode) diff --git a/cpp/ql/lib/semmle/code/cpp/security/TaintTrackingImpl.qll b/cpp/ql/lib/semmle/code/cpp/security/TaintTrackingImpl.qll index 05a54b09385..285aba40e86 100644 --- a/cpp/ql/lib/semmle/code/cpp/security/TaintTrackingImpl.qll +++ b/cpp/ql/lib/semmle/code/cpp/security/TaintTrackingImpl.qll @@ -591,7 +591,8 @@ deprecated library class DataSensitiveExprCall extends DataSensitiveCallExpr, Ex /** Call to a virtual function. */ deprecated library class DataSensitiveOverriddenFunctionCall extends DataSensitiveCallExpr, - FunctionCall { + FunctionCall +{ DataSensitiveOverriddenFunctionCall() { exists(getTarget().(VirtualFunction).getAnOverridingFunction()) } diff --git a/csharp/ql/lib/semmle/code/cil/Method.qll b/csharp/ql/lib/semmle/code/cil/Method.qll index 4ba193fb01f..08abb9f41c7 100644 --- a/csharp/ql/lib/semmle/code/cil/Method.qll +++ b/csharp/ql/lib/semmle/code/cil/Method.qll @@ -67,7 +67,8 @@ class MethodImplementation extends EntryPoint, @cil_method_implementation { * destructors, operators, accessors and so on. */ class Method extends DotNet::Callable, Element, Member, TypeContainer, DataFlowNode, - CustomModifierReceiver, Parameterizable, @cil_method { + CustomModifierReceiver, Parameterizable, @cil_method +{ /** * Gets a method implementation, if any. Note that there can * be several implementations in different assemblies. diff --git a/csharp/ql/lib/semmle/code/cil/Types.qll b/csharp/ql/lib/semmle/code/cil/Types.qll index 32efaf193ad..0e41fe748f4 100644 --- a/csharp/ql/lib/semmle/code/cil/Types.qll +++ b/csharp/ql/lib/semmle/code/cil/Types.qll @@ -302,7 +302,8 @@ class SystemType extends ValueOrRefType { * ``` */ class FunctionPointerType extends Type, CustomModifierReceiver, Parameterizable, - @cil_function_pointer_type { + @cil_function_pointer_type +{ /** Gets the return type of this function pointer. */ Type getReturnType() { cil_function_pointer_return_type(this, result) } diff --git a/csharp/ql/lib/semmle/code/csharp/Property.qll b/csharp/ql/lib/semmle/code/csharp/Property.qll index 94aecf65637..15c707321c8 100644 --- a/csharp/ql/lib/semmle/code/csharp/Property.qll +++ b/csharp/ql/lib/semmle/code/csharp/Property.qll @@ -15,7 +15,8 @@ private import TypeRef * (`Property`), or an indexer (`Indexer`). */ class DeclarationWithAccessors extends AssignableMember, Virtualizable, Attributable, - @declaration_with_accessors { + @declaration_with_accessors +{ /** Gets an accessor of this declaration. */ Accessor getAnAccessor() { result.getDeclaration() = this } @@ -49,7 +50,8 @@ class DeclarationWithAccessors extends AssignableMember, Virtualizable, Attribut * property (`Property`) or an indexer (`Indexer`). */ class DeclarationWithGetSetAccessors extends DeclarationWithAccessors, TopLevelExprParent, - @assignable_with_accessors { + @assignable_with_accessors +{ /** Gets the `get` accessor of this declaration, if any. */ Getter getGetter() { result = this.getAnAccessor() } diff --git a/csharp/ql/lib/semmle/code/csharp/Variable.qll b/csharp/ql/lib/semmle/code/csharp/Variable.qll index e5ccba59794..13254c90867 100644 --- a/csharp/ql/lib/semmle/code/csharp/Variable.qll +++ b/csharp/ql/lib/semmle/code/csharp/Variable.qll @@ -90,7 +90,8 @@ class LocalScopeVariable extends Variable, @local_scope_variable { * ``` */ class Parameter extends DotNet::Parameter, LocalScopeVariable, Attributable, TopLevelExprParent, - @parameter { + @parameter +{ /** * Gets the position of this parameter. For example, the position of `x` is * 0 and the position of `y` is 1 in @@ -376,7 +377,8 @@ class LocalConstant extends LocalVariable, @local_constant { * ``` */ class Field extends Variable, AssignableMember, Attributable, TopLevelExprParent, DotNet::Field, - @field { + @field +{ /** * Gets the initial value of this field, if any. For example, the initial * value of `F` on line 2 is `20` in diff --git a/csharp/ql/lib/semmle/code/csharp/commons/Assertions.qll b/csharp/ql/lib/semmle/code/csharp/commons/Assertions.qll index f35b10ac934..a73b3f9c52e 100644 --- a/csharp/ql/lib/semmle/code/csharp/commons/Assertions.qll +++ b/csharp/ql/lib/semmle/code/csharp/commons/Assertions.qll @@ -172,7 +172,8 @@ private predicate isDoesNotReturnIfAttributeParameter(Parameter p, boolean value * A method with a parameter that is annotated with * `System.Diagnostics.CodeAnalysis.DoesNotReturnIfAttribute(false)`. */ -class SystemDiagnosticsCodeAnalysisDoesNotReturnIfAnnotatedAssertTrueMethod extends BooleanAssertMethod { +class SystemDiagnosticsCodeAnalysisDoesNotReturnIfAnnotatedAssertTrueMethod extends BooleanAssertMethod +{ private int i_; SystemDiagnosticsCodeAnalysisDoesNotReturnIfAnnotatedAssertTrueMethod() { @@ -190,7 +191,8 @@ class SystemDiagnosticsCodeAnalysisDoesNotReturnIfAnnotatedAssertTrueMethod exte * A method with a parameter that is annotated with * `System.Diagnostics.CodeAnalysis.DoesNotReturnIfAttribute(true)`. */ -class SystemDiagnosticsCodeAnalysisDoesNotReturnIfAnnotatedAssertFalseMethod extends BooleanAssertMethod { +class SystemDiagnosticsCodeAnalysisDoesNotReturnIfAnnotatedAssertFalseMethod extends BooleanAssertMethod +{ private int i_; SystemDiagnosticsCodeAnalysisDoesNotReturnIfAnnotatedAssertFalseMethod() { diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/FlowSummary.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/FlowSummary.qll index 65b63958cb9..0fcbe39c462 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/FlowSummary.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/FlowSummary.qll @@ -143,7 +143,8 @@ private class RecordConstructorFlow extends SummarizedCallable { class RequiredSummaryComponentStack = Impl::Public::RequiredSummaryComponentStack; -private class RecordConstructorFlowRequiredSummaryComponentStack extends RequiredSummaryComponentStack { +private class RecordConstructorFlowRequiredSummaryComponentStack extends RequiredSummaryComponentStack +{ override predicate required(SummaryComponent head, SummaryComponentStack tail) { exists(Property p | recordConstructorFlow(_, _, p) and diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/SSA.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/SSA.qll index 8764da0a784..e692721f058 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/SSA.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/SSA.qll @@ -110,7 +110,8 @@ module Ssa { /** A plain field or property. */ class PlainFieldOrPropSourceVariable extends FieldOrPropSourceVariable, - SsaImpl::TPlainFieldOrProp { + SsaImpl::TPlainFieldOrProp + { override Callable getEnclosingCallable() { this = SsaImpl::TPlainFieldOrProp(result, _) } override string toString() { @@ -127,7 +128,8 @@ module Ssa { /** A qualified field or property. */ class QualifiedFieldOrPropSourceVariable extends FieldOrPropSourceVariable, - SsaImpl::TQualifiedFieldOrProp { + SsaImpl::TQualifiedFieldOrProp + { override Callable getEnclosingCallable() { this = SsaImpl::TQualifiedFieldOrProp(result, _, _) } diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll index 4edd6dd79bb..a7fc72d0c17 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowPrivate.qll @@ -1215,7 +1215,8 @@ private module ArgumentNodes { * ``` */ class ImplicitCapturedArgumentNode extends ArgumentNodeImpl, NodeImpl, - TImplicitCapturedArgumentNode { + TImplicitCapturedArgumentNode + { private LocalScopeVariable v; private ControlFlow::Nodes::ElementNode cfn; @@ -2034,7 +2035,8 @@ private module PostUpdateNodes { * a pre-update node for the `ObjectCreationNode`. */ class ObjectInitializerNode extends PostUpdateNode, NodeImpl, ArgumentNodeImpl, - TObjectInitializerNode { + TObjectInitializerNode + { private ObjectCreation oc; private ControlFlow::Nodes::ElementNode cfn; diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/tainttracking1/TaintTracking.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/tainttracking1/TaintTracking.qll index 7333264298e..7f96fe5e6fb 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/tainttracking1/TaintTracking.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/tainttracking1/TaintTracking.qll @@ -7,7 +7,8 @@ import TaintTrackingParameter::Public private import TaintTrackingParameter::Private private module AddTaintDefaults implements -DataFlowInternal::FullStateConfigSig { + DataFlowInternal::FullStateConfigSig +{ import Config predicate isBarrier(DataFlow::Node node) { diff --git a/csharp/ql/lib/semmle/code/csharp/dispatch/Dispatch.qll b/csharp/ql/lib/semmle/code/csharp/dispatch/Dispatch.qll index 4d994ed2afb..c50ec8dfb21 100644 --- a/csharp/ql/lib/semmle/code/csharp/dispatch/Dispatch.qll +++ b/csharp/ql/lib/semmle/code/csharp/dispatch/Dispatch.qll @@ -1115,7 +1115,8 @@ private module Internal { /** A call using reflection. */ private class DispatchReflectionCall extends DispatchReflectionOrDynamicCall, - TDispatchReflectionCall { + TDispatchReflectionCall + { override MethodCall getCall() { this = TDispatchReflectionCall(result, _, _, _, _) } override string getName() { this = TDispatchReflectionCall(_, result, _, _, _) } @@ -1163,7 +1164,8 @@ private module Internal { /** A method call using dynamic types. */ private class DispatchDynamicMethodCall extends DispatchReflectionOrDynamicCall, - TDispatchDynamicMethodCall { + TDispatchDynamicMethodCall + { override DynamicMethodCall getCall() { this = TDispatchDynamicMethodCall(result) } override string getName() { result = this.getCall().getLateBoundTargetName() } @@ -1184,7 +1186,8 @@ private module Internal { /** An operator call using dynamic types. */ private class DispatchDynamicOperatorCall extends DispatchReflectionOrDynamicCall, - TDispatchDynamicOperatorCall { + TDispatchDynamicOperatorCall + { override DynamicOperatorCall getCall() { this = TDispatchDynamicOperatorCall(result) } override string getName() { @@ -1201,7 +1204,8 @@ private module Internal { /** A (potential) call to a property accessor using dynamic types. */ private class DispatchDynamicMemberAccess extends DispatchReflectionOrDynamicCall, - TDispatchDynamicMemberAccess { + TDispatchDynamicMemberAccess + { override DynamicMemberAccess getCall() { this = TDispatchDynamicMemberAccess(result) } override string getName() { @@ -1225,7 +1229,8 @@ private module Internal { /** A (potential) call to an indexer accessor using dynamic types. */ private class DispatchDynamicElementAccess extends DispatchReflectionOrDynamicCall, - TDispatchDynamicElementAccess { + TDispatchDynamicElementAccess + { override DynamicElementAccess getCall() { this = TDispatchDynamicElementAccess(result) } override string getName() { @@ -1251,7 +1256,8 @@ private module Internal { /** A (potential) call to an event accessor using dynamic types. */ private class DispatchDynamicEventAccess extends DispatchReflectionOrDynamicCall, - TDispatchDynamicEventAccess { + TDispatchDynamicEventAccess + { override AssignArithmeticOperation getCall() { this = TDispatchDynamicEventAccess(result, _, _) } @@ -1268,7 +1274,8 @@ private module Internal { /** A call to a constructor using dynamic types. */ private class DispatchDynamicObjectCreation extends DispatchReflectionOrDynamicCall, - TDispatchDynamicObjectCreation { + TDispatchDynamicObjectCreation + { override DynamicObjectCreation getCall() { this = TDispatchDynamicObjectCreation(result) } override string getName() { none() } diff --git a/csharp/ql/lib/semmle/code/csharp/exprs/Dynamic.qll b/csharp/ql/lib/semmle/code/csharp/exprs/Dynamic.qll index eda31432f38..04ea9f062a5 100644 --- a/csharp/ql/lib/semmle/code/csharp/exprs/Dynamic.qll +++ b/csharp/ql/lib/semmle/code/csharp/exprs/Dynamic.qll @@ -190,7 +190,8 @@ class DynamicAccess extends DynamicExpr { * property, or an event). */ class DynamicMemberAccess extends DynamicAccess, MemberAccess, AssignableAccess, - @dynamic_member_access_expr { + @dynamic_member_access_expr +{ override string toString() { result = "dynamic access to member " + this.getLateBoundTargetName() } diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/EntityFramework.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/EntityFramework.qll index c35db06d214..77022bc4ab3 100644 --- a/csharp/ql/lib/semmle/code/csharp/frameworks/EntityFramework.qll +++ b/csharp/ql/lib/semmle/code/csharp/frameworks/EntityFramework.qll @@ -432,7 +432,8 @@ module EntityFramework { } } - private class DbContextSaveChangesRequiredSummaryComponentStack extends RequiredSummaryComponentStack { + private class DbContextSaveChangesRequiredSummaryComponentStack extends RequiredSummaryComponentStack + { override predicate required(SummaryComponent head, SummaryComponentStack tail) { exists(Content c | head = SummaryComponent::content(c) | any(DbContextClass cls).requiresComponentStackIn(c, _, tail, _) diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/system/Diagnostics.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/system/Diagnostics.qll index 81a620c9e7c..14d7497ec33 100644 --- a/csharp/ql/lib/semmle/code/csharp/frameworks/system/Diagnostics.qll +++ b/csharp/ql/lib/semmle/code/csharp/frameworks/system/Diagnostics.qll @@ -74,7 +74,8 @@ class SystemDiagnosticsProcessClass extends SystemDiagnosticsClass { } /** The `System.Diagnostics.CodeAnalysis.DoesNotReturnIfAttribute` class. */ -class SystemDiagnosticsCodeAnalysisDoesNotReturnIfAttributeClass extends SystemDiagnosticsCodeAnalysisClass { +class SystemDiagnosticsCodeAnalysisDoesNotReturnIfAttributeClass extends SystemDiagnosticsCodeAnalysisClass +{ SystemDiagnosticsCodeAnalysisDoesNotReturnIfAttributeClass() { this.hasName("DoesNotReturnIfAttribute") } diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/system/collections/Generic.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/system/collections/Generic.qll index 260fe6d0318..bc1b514e0d1 100644 --- a/csharp/ql/lib/semmle/code/csharp/frameworks/system/collections/Generic.qll +++ b/csharp/ql/lib/semmle/code/csharp/frameworks/system/collections/Generic.qll @@ -33,7 +33,8 @@ class SystemCollectionsGenericUnboundGenericStruct extends UnboundGenericStruct } /** The `System.Collections.Generic.IComparer<>` interface. */ -class SystemCollectionsGenericIComparerTInterface extends SystemCollectionsGenericUnboundGenericInterface { +class SystemCollectionsGenericIComparerTInterface extends SystemCollectionsGenericUnboundGenericInterface +{ SystemCollectionsGenericIComparerTInterface() { this.hasName("IComparer<>") } /** Gets the `int Compare(T, T)` method. */ @@ -48,7 +49,8 @@ class SystemCollectionsGenericIComparerTInterface extends SystemCollectionsGener } /** The `System.Collections.Generic.IEqualityComparer<>` interface. */ -class SystemCollectionsGenericIEqualityComparerTInterface extends SystemCollectionsGenericUnboundGenericInterface { +class SystemCollectionsGenericIEqualityComparerTInterface extends SystemCollectionsGenericUnboundGenericInterface +{ SystemCollectionsGenericIEqualityComparerTInterface() { this.hasName("IEqualityComparer<>") } /** Gets the `bool Equals(T, T)` method. */ @@ -63,7 +65,8 @@ class SystemCollectionsGenericIEqualityComparerTInterface extends SystemCollecti } /** The `System.Collections.Generic.IEnumerable<>` interface. */ -class SystemCollectionsGenericIEnumerableTInterface extends SystemCollectionsGenericUnboundGenericInterface { +class SystemCollectionsGenericIEnumerableTInterface extends SystemCollectionsGenericUnboundGenericInterface +{ SystemCollectionsGenericIEnumerableTInterface() { this.hasName("IEnumerable<>") and this.getNumberOfTypeParameters() = 1 @@ -71,7 +74,8 @@ class SystemCollectionsGenericIEnumerableTInterface extends SystemCollectionsGen } /** The `System.Collections.Generic.IEnumerator<>` interface. */ -class SystemCollectionsGenericIEnumeratorInterface extends SystemCollectionsGenericUnboundGenericInterface { +class SystemCollectionsGenericIEnumeratorInterface extends SystemCollectionsGenericUnboundGenericInterface +{ SystemCollectionsGenericIEnumeratorInterface() { this.hasName("IEnumerator<>") and this.getNumberOfTypeParameters() = 1 @@ -86,7 +90,8 @@ class SystemCollectionsGenericIEnumeratorInterface extends SystemCollectionsGene } /** The `System.Collections.Generic.IList<>` interface. */ -class SystemCollectionsGenericIListTInterface extends SystemCollectionsGenericUnboundGenericInterface { +class SystemCollectionsGenericIListTInterface extends SystemCollectionsGenericUnboundGenericInterface +{ SystemCollectionsGenericIListTInterface() { this.hasName("IList<>") and this.getNumberOfTypeParameters() = 1 @@ -102,7 +107,8 @@ class SystemCollectionsGenericListClass extends SystemCollectionsGenericUnboundG } /** The `System.Collections.Generic.KeyValuePair<,>` structure. */ -class SystemCollectionsGenericKeyValuePairStruct extends SystemCollectionsGenericUnboundGenericStruct { +class SystemCollectionsGenericKeyValuePairStruct extends SystemCollectionsGenericUnboundGenericStruct +{ SystemCollectionsGenericKeyValuePairStruct() { this.hasName("KeyValuePair<,>") and this.getNumberOfTypeParameters() = 2 @@ -124,7 +130,8 @@ class SystemCollectionsGenericKeyValuePairStruct extends SystemCollectionsGeneri } /** The `System.Collections.Generic.ICollection<>` interface. */ -class SystemCollectionsGenericICollectionInterface extends SystemCollectionsGenericUnboundGenericInterface { +class SystemCollectionsGenericICollectionInterface extends SystemCollectionsGenericUnboundGenericInterface +{ SystemCollectionsGenericICollectionInterface() { this.hasName("ICollection<>") } /** Gets the `Count` property. */ @@ -138,12 +145,14 @@ class SystemCollectionsGenericICollectionInterface extends SystemCollectionsGene } /** The `System.Collections.Generic.IList<>` interface. */ -class SystemCollectionsGenericIListInterface extends SystemCollectionsGenericUnboundGenericInterface { +class SystemCollectionsGenericIListInterface extends SystemCollectionsGenericUnboundGenericInterface +{ SystemCollectionsGenericIListInterface() { this.hasName("IList<>") } } /** The `System.Collections.Generic.IDictionary<>` interface. */ -class SystemCollectionsGenericIDictionaryInterface extends SystemCollectionsGenericUnboundGenericInterface { +class SystemCollectionsGenericIDictionaryInterface extends SystemCollectionsGenericUnboundGenericInterface +{ SystemCollectionsGenericIDictionaryInterface() { this.hasName("IDictionary<,>") and this.getNumberOfTypeParameters() = 2 diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/system/collections/Specialized.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/system/collections/Specialized.qll index 2ddac761c4b..07ec6b1213c 100644 --- a/csharp/ql/lib/semmle/code/csharp/frameworks/system/collections/Specialized.qll +++ b/csharp/ql/lib/semmle/code/csharp/frameworks/system/collections/Specialized.qll @@ -19,6 +19,7 @@ class SystemCollectionsSpecializedClass extends Class { } /** The `System.Collections.Specialized.NameValueCollection` class. */ -class SystemCollectionsSpecializedNameValueCollectionClass extends SystemCollectionsSpecializedClass { +class SystemCollectionsSpecializedNameValueCollectionClass extends SystemCollectionsSpecializedClass +{ SystemCollectionsSpecializedNameValueCollectionClass() { this.hasName("NameValueCollection") } } diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/system/runtime/CompilerServices.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/system/runtime/CompilerServices.qll index 9ae5ec90b24..f8d6139d30d 100644 --- a/csharp/ql/lib/semmle/code/csharp/frameworks/system/runtime/CompilerServices.qll +++ b/csharp/ql/lib/semmle/code/csharp/frameworks/system/runtime/CompilerServices.qll @@ -20,7 +20,8 @@ class SystemRuntimeCompilerServicesNamespaceUnboundGenericStruct extends Unbound } /** The `System.Runtime.CompilerServices.TaskAwaiter<>` struct. */ -class SystemRuntimeCompilerServicesTaskAwaiterStruct extends SystemRuntimeCompilerServicesNamespaceUnboundGenericStruct { +class SystemRuntimeCompilerServicesTaskAwaiterStruct extends SystemRuntimeCompilerServicesNamespaceUnboundGenericStruct +{ SystemRuntimeCompilerServicesTaskAwaiterStruct() { this.hasName("TaskAwaiter<>") } /** Gets the `GetResult` method. */ @@ -31,7 +32,8 @@ class SystemRuntimeCompilerServicesTaskAwaiterStruct extends SystemRuntimeCompil } /** The `System.Runtime.CompilerServices.ConfiguredTaskAwaitable<>` struct. */ -class SystemRuntimeCompilerServicesConfiguredTaskAwaitableTStruct extends SystemRuntimeCompilerServicesNamespaceUnboundGenericStruct { +class SystemRuntimeCompilerServicesConfiguredTaskAwaitableTStruct extends SystemRuntimeCompilerServicesNamespaceUnboundGenericStruct +{ SystemRuntimeCompilerServicesConfiguredTaskAwaitableTStruct() { this.hasName("ConfiguredTaskAwaitable<>") } @@ -55,7 +57,8 @@ private class SyntheticConfiguredTaskAwaiterField extends SyntheticField { } /** The `System.Runtime.CompilerServices.ConfiguredTaskAwaitable<>.ConfiguredTaskAwaiter` struct. */ -class SystemRuntimeCompilerServicesConfiguredTaskAwaitableTConfiguredTaskAwaiterStruct extends Struct { +class SystemRuntimeCompilerServicesConfiguredTaskAwaitableTConfiguredTaskAwaiterStruct extends Struct +{ SystemRuntimeCompilerServicesConfiguredTaskAwaitableTConfiguredTaskAwaiterStruct() { this = any(SystemRuntimeCompilerServicesConfiguredTaskAwaitableTStruct n).getANestedType() and this.hasName("ConfiguredTaskAwaiter") diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/system/security/cryptography/X509Certificates.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/system/security/cryptography/X509Certificates.qll index 54cc8d11864..5e7bcd2b5d7 100644 --- a/csharp/ql/lib/semmle/code/csharp/frameworks/system/security/cryptography/X509Certificates.qll +++ b/csharp/ql/lib/semmle/code/csharp/frameworks/system/security/cryptography/X509Certificates.qll @@ -22,7 +22,8 @@ class SystemSecurityCryptographyX509CertificatesClass extends Class { * The `X509Certificate` or `X509Certificate2` class in the namespace * `System.Security.Cryptography.X509Certificates`. */ -class SystemSecurityCryptographyX509CertificatesX509CertificateClass extends SystemSecurityCryptographyX509CertificatesClass { +class SystemSecurityCryptographyX509CertificatesX509CertificateClass extends SystemSecurityCryptographyX509CertificatesClass +{ SystemSecurityCryptographyX509CertificatesX509CertificateClass() { this.hasName("X509Certificate") or this.hasName("X509Certificate2") diff --git a/csharp/ql/lib/semmle/code/csharp/security/dataflow/UnsafeDeserializationQuery.qll b/csharp/ql/lib/semmle/code/csharp/security/dataflow/UnsafeDeserializationQuery.qll index 9f1deaa3854..3ccc1f64fd4 100644 --- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/UnsafeDeserializationQuery.qll +++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/UnsafeDeserializationQuery.qll @@ -299,7 +299,8 @@ private predicate isDataContractJsonSerializerCall(MethodCall mc, Method m) { abstract private class DataContractJsonSerializerSink extends InstanceMethodSink { } -private class DataContractJsonSerializerDeserializeMethodSink extends DataContractJsonSerializerSink { +private class DataContractJsonSerializerDeserializeMethodSink extends DataContractJsonSerializerSink +{ DataContractJsonSerializerDeserializeMethodSink() { exists(MethodCall mc | isDataContractJsonSerializerCall(mc, _) and @@ -308,7 +309,8 @@ private class DataContractJsonSerializerDeserializeMethodSink extends DataContra } } -private class DataContractJsonSafeConstructorTrackingConfiguration extends SafeConstructorTrackingConfig { +private class DataContractJsonSafeConstructorTrackingConfiguration extends SafeConstructorTrackingConfig +{ DataContractJsonSafeConstructorTrackingConfiguration() { this = "DataContractJsonSafeConstructorTrackingConfiguration" } @@ -357,7 +359,8 @@ private class JavaScriptSerializerDeserializeMethodSink extends JavaScriptSerial } } -private class JavaScriptSerializerSafeConstructorTrackingConfiguration extends SafeConstructorTrackingConfig { +private class JavaScriptSerializerSafeConstructorTrackingConfiguration extends SafeConstructorTrackingConfig +{ JavaScriptSerializerSafeConstructorTrackingConfiguration() { this = "JavaScriptSerializerSafeConstructorTrackingConfiguration" } @@ -400,7 +403,8 @@ private class XmlObjectSerializerDeserializeMethodSink extends XmlObjectSerializ } } -private class XmlObjectSerializerDerivedConstructorTrackingConfiguration extends SafeConstructorTrackingConfig { +private class XmlObjectSerializerDerivedConstructorTrackingConfiguration extends SafeConstructorTrackingConfig +{ XmlObjectSerializerDerivedConstructorTrackingConfiguration() { this = "XmlObjectSerializerDerivedConstructorTrackingConfiguration" } @@ -445,7 +449,8 @@ private class XmlSerializerDeserializeMethodSink extends XmlSerializerSink { } } -private class XmlSerializerSafeConstructorTrackingConfiguration extends SafeConstructorTrackingConfig { +private class XmlSerializerSafeConstructorTrackingConfiguration extends SafeConstructorTrackingConfig +{ XmlSerializerSafeConstructorTrackingConfiguration() { this = "XmlSerializerSafeConstructorTrackingConfiguration" } @@ -492,7 +497,8 @@ private class DataContractSerializerDeserializeMethodSink extends DataContractSe } } -private class DataContractSerializerSafeConstructorTrackingConfiguration extends SafeConstructorTrackingConfig { +private class DataContractSerializerSafeConstructorTrackingConfiguration extends SafeConstructorTrackingConfig +{ DataContractSerializerSafeConstructorTrackingConfiguration() { this = "DataContractSerializerSafeConstructorTrackingConfiguration" } @@ -535,7 +541,8 @@ private class XmlMessageFormatterDeserializeMethodSink extends XmlMessageFormatt } } -private class XmlMessageFormatterSafeConstructorTrackingConfiguration extends SafeConstructorTrackingConfig { +private class XmlMessageFormatterSafeConstructorTrackingConfiguration extends SafeConstructorTrackingConfig +{ XmlMessageFormatterSafeConstructorTrackingConfiguration() { this = "XmlMessageFormatterSafeConstructorTrackingConfiguration" } @@ -717,7 +724,8 @@ private class SweetJaysonDeserializeMethodSink extends SweetJaysonSink { /** ServiceStack.Text.JsonSerializer */ abstract private class ServiceStackTextJsonSerializerSink extends ConstructorOrStaticMethodSink { } -private class ServiceStackTextJsonSerializerDeserializeMethodSink extends ServiceStackTextJsonSerializerSink { +private class ServiceStackTextJsonSerializerDeserializeMethodSink extends ServiceStackTextJsonSerializerSink +{ ServiceStackTextJsonSerializerDeserializeMethodSink() { exists(MethodCall mc, Method m | m = mc.getTarget() and @@ -741,7 +749,8 @@ private class ServiceStackTextJsonSerializerDeserializeMethodSink extends Servic /** ServiceStack.Text.TypeSerializer */ abstract private class ServiceStackTextTypeSerializerSink extends ConstructorOrStaticMethodSink { } -private class ServiceStackTextTypeSerializerDeserializeMethodSink extends ServiceStackTextTypeSerializerSink { +private class ServiceStackTextTypeSerializerDeserializeMethodSink extends ServiceStackTextTypeSerializerSink +{ ServiceStackTextTypeSerializerDeserializeMethodSink() { exists(MethodCall mc, Method m | m = mc.getTarget() and @@ -765,7 +774,8 @@ private class ServiceStackTextTypeSerializerDeserializeMethodSink extends Servic /** ServiceStack.Text.CsvSerializer */ abstract private class ServiceStackTextCsvSerializerSink extends ConstructorOrStaticMethodSink { } -private class ServiceStackTextCsvSerializerDeserializeMethodSink extends ServiceStackTextCsvSerializerSink { +private class ServiceStackTextCsvSerializerDeserializeMethodSink extends ServiceStackTextCsvSerializerSink +{ ServiceStackTextCsvSerializerDeserializeMethodSink() { exists(MethodCall mc, Method m | m = mc.getTarget() and @@ -789,7 +799,8 @@ private class ServiceStackTextCsvSerializerDeserializeMethodSink extends Service /** ServiceStack.Text.XmlSerializer */ abstract private class ServiceStackTextXmlSerializerSink extends ConstructorOrStaticMethodSink { } -private class ServiceStackTextXmlSerializerDeserializeMethodSink extends ServiceStackTextXmlSerializerSink { +private class ServiceStackTextXmlSerializerDeserializeMethodSink extends ServiceStackTextXmlSerializerSink +{ ServiceStackTextXmlSerializerDeserializeMethodSink() { exists(MethodCall mc, Method m | m = mc.getTarget() and diff --git a/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsources/Remote.qll b/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsources/Remote.qll index 6243074cf17..404730ac4c4 100644 --- a/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsources/Remote.qll +++ b/csharp/ql/lib/semmle/code/csharp/security/dataflow/flowsources/Remote.qll @@ -75,7 +75,8 @@ class AspNetQueryStringRemoteFlowSource extends AspNetRemoteFlowSource, DataFlow /** A data flow source of remote user input (ASP.NET unvalidated request data). */ class AspNetUnvalidatedQueryStringRemoteFlowSource extends AspNetRemoteFlowSource, - DataFlow::ExprNode { + DataFlow::ExprNode +{ AspNetUnvalidatedQueryStringRemoteFlowSource() { this.getExpr() = any(SystemWebUnvalidatedRequestValues c).getAProperty().getGetter().getACall() or this.getExpr() = diff --git a/csharp/ql/src/experimental/Security Features/JsonWebTokenHandler/JsonWebTokenHandlerLib.qll b/csharp/ql/src/experimental/Security Features/JsonWebTokenHandler/JsonWebTokenHandlerLib.qll index 636400ceb33..8b2c28a4a06 100644 --- a/csharp/ql/src/experimental/Security Features/JsonWebTokenHandler/JsonWebTokenHandlerLib.qll +++ b/csharp/ql/src/experimental/Security Features/JsonWebTokenHandler/JsonWebTokenHandlerLib.qll @@ -21,7 +21,8 @@ class TokenValidationParametersPropertySensitiveValidation extends Property { /** * A dataflow from a `false` value to a write sensitive property for `TokenValidationParameters`. */ -class FalseValueFlowsToTokenValidationParametersPropertyWriteToBypassValidation extends DataFlow::Configuration { +class FalseValueFlowsToTokenValidationParametersPropertyWriteToBypassValidation extends DataFlow::Configuration +{ FalseValueFlowsToTokenValidationParametersPropertyWriteToBypassValidation() { this = "FalseValueFlowsToTokenValidationParametersPropertyWriteToBypassValidation" } @@ -219,7 +220,8 @@ class CallableAlwaysReturnsParameter0 extends CallableReturnsStringAndArg0IsStri /** * A Callable that always return the 1st argument, both of `string` type. Higher precision */ -class CallableAlwaysReturnsParameter0MayThrowExceptions extends CallableReturnsStringAndArg0IsString { +class CallableAlwaysReturnsParameter0MayThrowExceptions extends CallableReturnsStringAndArg0IsString +{ CallableAlwaysReturnsParameter0MayThrowExceptions() { forex(Expr ret | this.canReturn(ret) | ret = this.getParameter(0).getAnAccess() diff --git a/csharp/ql/src/experimental/Security Features/backdoor/PotentialTimeBomb.ql b/csharp/ql/src/experimental/Security Features/backdoor/PotentialTimeBomb.ql index 7f1d48788db..d493bdd7e27 100644 --- a/csharp/ql/src/experimental/Security Features/backdoor/PotentialTimeBomb.ql +++ b/csharp/ql/src/experimental/Security Features/backdoor/PotentialTimeBomb.ql @@ -80,7 +80,8 @@ class DateTimeStruct extends Struct { /** * Dataflow configuration to find flow from a GetLastWriteTime source to a DateTime arithmetic operation */ -private class FlowsFromGetLastWriteTimeConfigToTimeSpanArithmeticCallable extends TaintTracking::Configuration { +private class FlowsFromGetLastWriteTimeConfigToTimeSpanArithmeticCallable extends TaintTracking::Configuration +{ FlowsFromGetLastWriteTimeConfigToTimeSpanArithmeticCallable() { this = "FlowsFromGetLastWriteTimeConfigToTimeSpanArithmeticCallable" } @@ -103,7 +104,8 @@ private class FlowsFromGetLastWriteTimeConfigToTimeSpanArithmeticCallable extend /** * Dataflow configuration to find flow from a DateTime arithmetic operation to a DateTime comparison operation */ -private class FlowsFromTimeSpanArithmeticToTimeComparisonCallable extends TaintTracking::Configuration { +private class FlowsFromTimeSpanArithmeticToTimeComparisonCallable extends TaintTracking::Configuration +{ FlowsFromTimeSpanArithmeticToTimeComparisonCallable() { this = "FlowsFromTimeSpanArithmeticToTimeComparisonCallable" } @@ -125,7 +127,8 @@ private class FlowsFromTimeSpanArithmeticToTimeComparisonCallable extends TaintT /** * Dataflow configuration to find flow from a DateTime comparison operation to a Selection Statement (such as an If) */ -private class FlowsFromTimeComparisonCallableToSelectionStatementCondition extends TaintTracking::Configuration { +private class FlowsFromTimeComparisonCallableToSelectionStatementCondition extends TaintTracking::Configuration +{ FlowsFromTimeComparisonCallableToSelectionStatementCondition() { this = "FlowsFromTimeComparisonCallableToSelectionStatementCondition" } diff --git a/csharp/ql/src/experimental/ir/implementation/Opcode.qll b/csharp/ql/src/experimental/ir/implementation/Opcode.qll index b4def7fe4ae..7b064340ffe 100644 --- a/csharp/ql/src/experimental/ir/implementation/Opcode.qll +++ b/csharp/ql/src/experimental/ir/implementation/Opcode.qll @@ -1082,7 +1082,8 @@ module Opcode { * See the `CallSideEffectInstruction` documentation for more details. */ class CallSideEffect extends WriteSideEffectOpcode, EscapedWriteOpcode, MayWriteOpcode, - ReadSideEffectOpcode, EscapedReadOpcode, MayReadOpcode, TCallSideEffect { + ReadSideEffectOpcode, EscapedReadOpcode, MayReadOpcode, TCallSideEffect + { final override string toString() { result = "CallSideEffect" } } @@ -1092,7 +1093,8 @@ module Opcode { * See the `CallReadSideEffectInstruction` documentation for more details. */ class CallReadSideEffect extends ReadSideEffectOpcode, EscapedReadOpcode, MayReadOpcode, - TCallReadSideEffect { + TCallReadSideEffect + { final override string toString() { result = "CallReadSideEffect" } } @@ -1102,7 +1104,8 @@ module Opcode { * See the `IndirectReadSideEffectInstruction` documentation for more details. */ class IndirectReadSideEffect extends ReadSideEffectOpcode, IndirectReadOpcode, - TIndirectReadSideEffect { + TIndirectReadSideEffect + { final override string toString() { result = "IndirectReadSideEffect" } } @@ -1112,7 +1115,8 @@ module Opcode { * See the `IndirectMustWriteSideEffectInstruction` documentation for more details. */ class IndirectMustWriteSideEffect extends WriteSideEffectOpcode, IndirectWriteOpcode, - TIndirectMustWriteSideEffect { + TIndirectMustWriteSideEffect + { final override string toString() { result = "IndirectMustWriteSideEffect" } } @@ -1122,7 +1126,8 @@ module Opcode { * See the `IndirectMayWriteSideEffectInstruction` documentation for more details. */ class IndirectMayWriteSideEffect extends WriteSideEffectOpcode, IndirectWriteOpcode, - MayWriteOpcode, TIndirectMayWriteSideEffect { + MayWriteOpcode, TIndirectMayWriteSideEffect + { final override string toString() { result = "IndirectMayWriteSideEffect" } } @@ -1132,7 +1137,8 @@ module Opcode { * See the `BufferReadSideEffectInstruction` documentation for more details. */ class BufferReadSideEffect extends ReadSideEffectOpcode, UnsizedBufferReadOpcode, - TBufferReadSideEffect { + TBufferReadSideEffect + { final override string toString() { result = "BufferReadSideEffect" } } @@ -1142,7 +1148,8 @@ module Opcode { * See the `BufferMustWriteSideEffectInstruction` documentation for more details. */ class BufferMustWriteSideEffect extends WriteSideEffectOpcode, UnsizedBufferWriteOpcode, - TBufferMustWriteSideEffect { + TBufferMustWriteSideEffect + { final override string toString() { result = "BufferMustWriteSideEffect" } } @@ -1152,7 +1159,8 @@ module Opcode { * See the `BufferMayWriteSideEffectInstruction` documentation for more details. */ class BufferMayWriteSideEffect extends WriteSideEffectOpcode, UnsizedBufferWriteOpcode, - MayWriteOpcode, TBufferMayWriteSideEffect { + MayWriteOpcode, TBufferMayWriteSideEffect + { final override string toString() { result = "BufferMayWriteSideEffect" } } @@ -1162,7 +1170,8 @@ module Opcode { * See the `SizedBufferReadSideEffectInstruction` documentation for more details. */ class SizedBufferReadSideEffect extends ReadSideEffectOpcode, SizedBufferReadOpcode, - TSizedBufferReadSideEffect { + TSizedBufferReadSideEffect + { final override string toString() { result = "SizedBufferReadSideEffect" } } @@ -1172,7 +1181,8 @@ module Opcode { * See the `SizedBufferMustWriteSideEffectInstruction` documentation for more details. */ class SizedBufferMustWriteSideEffect extends WriteSideEffectOpcode, SizedBufferWriteOpcode, - TSizedBufferMustWriteSideEffect { + TSizedBufferMustWriteSideEffect + { final override string toString() { result = "SizedBufferMustWriteSideEffect" } } @@ -1182,7 +1192,8 @@ module Opcode { * See the `SizedBufferMayWriteSideEffectInstruction` documentation for more details. */ class SizedBufferMayWriteSideEffect extends WriteSideEffectOpcode, SizedBufferWriteOpcode, - MayWriteOpcode, TSizedBufferMayWriteSideEffect { + MayWriteOpcode, TSizedBufferMayWriteSideEffect + { final override string toString() { result = "SizedBufferMayWriteSideEffect" } } @@ -1192,7 +1203,8 @@ module Opcode { * See the `InitializeDynamicAllocationInstruction` documentation for more details. */ class InitializeDynamicAllocation extends SideEffectOpcode, EntireAllocationWriteOpcode, - TInitializeDynamicAllocation { + TInitializeDynamicAllocation + { final override string toString() { result = "InitializeDynamicAllocation" } } @@ -1221,7 +1233,8 @@ module Opcode { * See the `InlineAsmInstruction` documentation for more details. */ class InlineAsm extends Opcode, EscapedWriteOpcode, MayWriteOpcode, EscapedReadOpcode, - MayReadOpcode, TInlineAsm { + MayReadOpcode, TInlineAsm + { final override string toString() { result = "InlineAsm" } final override predicate hasOperandInternal(OperandTag tag) { diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedCondition.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedCondition.qll index fe555344b2f..43db3c90065 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedCondition.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedCondition.qll @@ -28,7 +28,8 @@ abstract class TranslatedCondition extends ConditionBase { } abstract class TranslatedFlexibleCondition extends TranslatedCondition, ConditionContext, - TTranslatedFlexibleCondition { + TTranslatedFlexibleCondition +{ TranslatedFlexibleCondition() { this = TTranslatedFlexibleCondition(expr) } final override TranslatedElement getChild(int id) { id = 0 and result = this.getOperand() } @@ -156,7 +157,8 @@ class TranslatedLogicalOrExpr extends TranslatedBinaryLogicalOperation { } class TranslatedValueCondition extends TranslatedCondition, ValueConditionBase, - TTranslatedValueCondition { + TTranslatedValueCondition +{ TranslatedValueCondition() { this = TTranslatedValueCondition(expr) } override TranslatedExpr getValueExpr() { result = getTranslatedExpr(expr) } diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedDeclaration.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedDeclaration.qll index 74d72f4f438..20d2b1e3459 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedDeclaration.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedDeclaration.qll @@ -40,7 +40,8 @@ abstract class TranslatedLocalDeclaration extends TranslatedElement, TTranslated * including its initialization, if any. */ class TranslatedLocalVariableDeclaration extends TranslatedLocalDeclaration, - LocalVariableDeclarationBase, InitializationContext { + LocalVariableDeclarationBase, InitializationContext +{ LocalVariable var; TranslatedLocalVariableDeclaration() { var = expr.getVariable() } diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedExpr.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedExpr.qll index 06391c010b4..67ebf19b766 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedExpr.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedExpr.qll @@ -119,7 +119,8 @@ abstract class TranslatedCoreExpr extends TranslatedExpr { } class TranslatedConditionValue extends TranslatedCoreExpr, ConditionContext, - TTranslatedConditionValue { + TTranslatedConditionValue +{ TranslatedConditionValue() { this = TTranslatedConditionValue(expr) } override TranslatedElement getChild(int id) { id = 0 and result = this.getCondition() } @@ -1950,7 +1951,8 @@ class TranslatedDelegateCall extends TranslatedNonConstantExpr { * object is allocated, which is then initialized by the constructor. */ abstract class TranslatedCreation extends TranslatedCoreExpr, TTranslatedCreationExpr, - ConstructorCallContext { + ConstructorCallContext +{ TranslatedCreation() { this = TTranslatedCreationExpr(expr) } override TranslatedElement getChild(int id) { diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedInitialization.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedInitialization.qll index d5b287ddbde..bc127680ca4 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedInitialization.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedInitialization.qll @@ -276,7 +276,8 @@ abstract class TranslatedElementInitialization extends TranslatedElement { * an explicit element in an initializer list. */ class TranslatedExplicitElementInitialization extends TranslatedElementInitialization, - TTranslatedExplicitElementInitialization, InitializationContext { + TTranslatedExplicitElementInitialization, InitializationContext +{ int elementIndex; TranslatedExplicitElementInitialization() { @@ -312,7 +313,8 @@ class TranslatedExplicitElementInitialization extends TranslatedElementInitializ // TODO: Possibly refactor into something simpler abstract class TranslatedConstructorCallFromConstructor extends TranslatedElement, - ConstructorCallContext { + ConstructorCallContext +{ Call call; final override Language::AST getAst() { result = call } @@ -344,7 +346,8 @@ TranslatedConstructorInitializer getTranslatedConstructorInitializer(Constructor */ // Review: do we need the conversion instructions in C#? class TranslatedConstructorInitializer extends TranslatedConstructorCallFromConstructor, - TTranslatedConstructorInitializer { + TTranslatedConstructorInitializer +{ TranslatedConstructorInitializer() { this = TTranslatedConstructorInitializer(call) } override string toString() { result = "constructor init: " + call.toString() } diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/Common.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/Common.qll index 19b773c2622..dbc76ec3954 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/Common.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/Common.qll @@ -126,7 +126,8 @@ abstract class TranslatedCompilerGeneratedBlock extends TranslatedCompilerGenera * the body of the `then` and the body of the `else`. */ abstract class TranslatedCompilerGeneratedIfStmt extends TranslatedCompilerGeneratedStmt, - ConditionContext { + ConditionContext +{ override Instruction getFirstInstruction() { result = getCondition().getFirstInstruction() } override TranslatedElement getChild(int id) { diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/Delegate.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/Delegate.qll index 5e51073900e..4ce965aa1f0 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/Delegate.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/Delegate.qll @@ -45,7 +45,8 @@ module DelegateElements { * The translation of the constructor call that happens as part of the delegate creation. */ private class TranslatedDelegateConstructorCall extends TranslatedCompilerGeneratedCall, - TTranslatedCompilerGeneratedElement { + TTranslatedCompilerGeneratedElement +{ override DelegateCreation generatedBy; TranslatedDelegateConstructorCall() { this = TTranslatedCompilerGeneratedElement(generatedBy, 0) } @@ -80,7 +81,8 @@ private class TranslatedDelegateConstructorCall extends TranslatedCompilerGenera * The translation of the invoke call that happens as part of the desugaring of the delegate call. */ private class TranslatedDelegateInvokeCall extends TranslatedCompilerGeneratedCall, - TTranslatedCompilerGeneratedElement { + TTranslatedCompilerGeneratedElement +{ override DelegateCall generatedBy; TranslatedDelegateInvokeCall() { this = TTranslatedCompilerGeneratedElement(generatedBy, 1) } diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/Foreach.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/Foreach.qll index bc8ec748648..9be3c45d418 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/Foreach.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/Foreach.qll @@ -64,7 +64,8 @@ module ForeachElements { } private class TranslatedForeachTry extends TranslatedCompilerGeneratedTry, - TTranslatedCompilerGeneratedElement { + TTranslatedCompilerGeneratedElement +{ override ForeachStmt generatedBy; TranslatedForeachTry() { this = TTranslatedCompilerGeneratedElement(generatedBy, 0) } @@ -88,7 +89,8 @@ private class TranslatedForeachTry extends TranslatedCompilerGeneratedTry, * The translation of the finally block. */ private class TranslatedForeachFinally extends TranslatedCompilerGeneratedBlock, - TTranslatedCompilerGeneratedElement { + TTranslatedCompilerGeneratedElement +{ override ForeachStmt generatedBy; TranslatedForeachFinally() { this = TTranslatedCompilerGeneratedElement(generatedBy, 1) } @@ -108,7 +110,8 @@ private class TranslatedForeachFinally extends TranslatedCompilerGeneratedBlock, * to correctly mark which edges should be back edges. */ class TranslatedForeachWhile extends TranslatedCompilerGeneratedStmt, ConditionContext, - TTranslatedCompilerGeneratedElement { + TTranslatedCompilerGeneratedElement +{ override ForeachStmt generatedBy; TranslatedForeachWhile() { this = TTranslatedCompilerGeneratedElement(generatedBy, 2) } @@ -164,7 +167,8 @@ class TranslatedForeachWhile extends TranslatedCompilerGeneratedStmt, ConditionC * The translation of the call to the `MoveNext` method, used as a condition for the while. */ private class TranslatedForeachMoveNext extends TranslatedCompilerGeneratedCall, - TTranslatedCompilerGeneratedElement { + TTranslatedCompilerGeneratedElement +{ override ForeachStmt generatedBy; TranslatedForeachMoveNext() { this = TTranslatedCompilerGeneratedElement(generatedBy, 3) } @@ -192,7 +196,8 @@ private class TranslatedForeachMoveNext extends TranslatedCompilerGeneratedCall, * The translation of the call to retrieve the enumerator. */ private class TranslatedForeachGetEnumerator extends TranslatedCompilerGeneratedCall, - TTranslatedCompilerGeneratedElement { + TTranslatedCompilerGeneratedElement +{ override ForeachStmt generatedBy; TranslatedForeachGetEnumerator() { this = TTranslatedCompilerGeneratedElement(generatedBy, 4) } @@ -219,7 +224,8 @@ private class TranslatedForeachGetEnumerator extends TranslatedCompilerGenerated * The translation of the call to the getter method of the `Current` property of the enumerator. */ private class TranslatedForeachCurrent extends TranslatedCompilerGeneratedCall, - TTranslatedCompilerGeneratedElement { + TTranslatedCompilerGeneratedElement +{ override ForeachStmt generatedBy; TranslatedForeachCurrent() { this = TTranslatedCompilerGeneratedElement(generatedBy, 5) } @@ -247,7 +253,8 @@ private class TranslatedForeachCurrent extends TranslatedCompilerGeneratedCall, * The translation of the call to dispose (inside the finally block) */ private class TranslatedForeachDispose extends TranslatedCompilerGeneratedCall, - TTranslatedCompilerGeneratedElement { + TTranslatedCompilerGeneratedElement +{ override ForeachStmt generatedBy; TranslatedForeachDispose() { this = TTranslatedCompilerGeneratedElement(generatedBy, 6) } @@ -275,7 +282,8 @@ private class TranslatedForeachDispose extends TranslatedCompilerGeneratedCall, * The condition for the while, ie. a call to MoveNext. */ private class TranslatedForeachWhileCondition extends TranslatedCompilerGeneratedValueCondition, - TTranslatedCompilerGeneratedElement { + TTranslatedCompilerGeneratedElement +{ override ForeachStmt generatedBy; TranslatedForeachWhileCondition() { this = TTranslatedCompilerGeneratedElement(generatedBy, 7) } @@ -295,7 +303,8 @@ private class TranslatedForeachWhileCondition extends TranslatedCompilerGenerate * declaration of the `temporary` enumerator variable) */ private class TranslatedForeachEnumerator extends TranslatedCompilerGeneratedDeclaration, - TTranslatedCompilerGeneratedElement { + TTranslatedCompilerGeneratedElement +{ override ForeachStmt generatedBy; TranslatedForeachEnumerator() { this = TTranslatedCompilerGeneratedElement(generatedBy, 8) } @@ -323,7 +332,8 @@ private class TranslatedForeachEnumerator extends TranslatedCompilerGeneratedDec * Class that represents that translation of the declaration that's happening inside the body of the while. */ private class TranslatedForeachIterVar extends TranslatedCompilerGeneratedDeclaration, - TTranslatedCompilerGeneratedElement { + TTranslatedCompilerGeneratedElement +{ override ForeachStmt generatedBy; TranslatedForeachIterVar() { this = TTranslatedCompilerGeneratedElement(generatedBy, 9) } @@ -352,7 +362,8 @@ private class TranslatedForeachIterVar extends TranslatedCompilerGeneratedDeclar * for the call to `MoveNext`. */ private class TranslatedMoveNextEnumAcc extends TTranslatedCompilerGeneratedElement, - TranslatedCompilerGeneratedVariableAccess { + TranslatedCompilerGeneratedVariableAccess +{ override ForeachStmt generatedBy; TranslatedMoveNextEnumAcc() { this = TTranslatedCompilerGeneratedElement(generatedBy, 10) } @@ -384,7 +395,8 @@ private class TranslatedMoveNextEnumAcc extends TTranslatedCompilerGeneratedElem * for the call to the getter of the property `Current`. */ private class TranslatedForeachCurrentEnumAcc extends TTranslatedCompilerGeneratedElement, - TranslatedCompilerGeneratedVariableAccess { + TranslatedCompilerGeneratedVariableAccess +{ override ForeachStmt generatedBy; TranslatedForeachCurrentEnumAcc() { this = TTranslatedCompilerGeneratedElement(generatedBy, 11) } @@ -416,7 +428,8 @@ private class TranslatedForeachCurrentEnumAcc extends TTranslatedCompilerGenerat * for the call to `Dispose`. */ private class TranslatedForeachDisposeEnumAcc extends TTranslatedCompilerGeneratedElement, - TranslatedCompilerGeneratedVariableAccess { + TranslatedCompilerGeneratedVariableAccess +{ override ForeachStmt generatedBy; TranslatedForeachDisposeEnumAcc() { this = TTranslatedCompilerGeneratedElement(generatedBy, 12) } diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/Lock.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/Lock.qll index bb1ab29e51c..484d11205cd 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/Lock.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/Lock.qll @@ -57,7 +57,8 @@ module LockElements { * The translation of the `try` stmt. */ private class TranslatedLockTry extends TranslatedCompilerGeneratedTry, - TTranslatedCompilerGeneratedElement { + TTranslatedCompilerGeneratedElement +{ override LockStmt generatedBy; TranslatedLockTry() { this = TTranslatedCompilerGeneratedElement(generatedBy, 0) } @@ -81,7 +82,8 @@ private class TranslatedLockTry extends TranslatedCompilerGeneratedTry, * The translation of the `lock` stmt's body. */ private class TranslatedLockTryBody extends TranslatedCompilerGeneratedBlock, - TTranslatedCompilerGeneratedElement { + TTranslatedCompilerGeneratedElement +{ override LockStmt generatedBy; TranslatedLockTryBody() { this = TTranslatedCompilerGeneratedElement(generatedBy, 1) } @@ -102,7 +104,8 @@ private class TranslatedLockTryBody extends TranslatedCompilerGeneratedBlock, * The translation of the finally block. */ private class TranslatedLockFinally extends TranslatedCompilerGeneratedBlock, - TTranslatedCompilerGeneratedElement { + TTranslatedCompilerGeneratedElement +{ override LockStmt generatedBy; TranslatedLockFinally() { this = TTranslatedCompilerGeneratedElement(generatedBy, 2) } @@ -120,7 +123,8 @@ private class TranslatedLockFinally extends TranslatedCompilerGeneratedBlock, * The translation of the call to dispose (inside the finally block) */ private class TranslatedMonitorExit extends TranslatedCompilerGeneratedCall, - TTranslatedCompilerGeneratedElement { + TTranslatedCompilerGeneratedElement +{ override LockStmt generatedBy; TranslatedMonitorExit() { this = TTranslatedCompilerGeneratedElement(generatedBy, 3) } @@ -152,7 +156,8 @@ private class TranslatedMonitorExit extends TranslatedCompilerGeneratedCall, * The translation of the call to dispose (inside the finally block) */ private class TranslatedMonitorEnter extends TranslatedCompilerGeneratedCall, - TTranslatedCompilerGeneratedElement { + TTranslatedCompilerGeneratedElement +{ override LockStmt generatedBy; TranslatedMonitorEnter() { this = TTranslatedCompilerGeneratedElement(generatedBy, 4) } @@ -190,7 +195,8 @@ private class TranslatedMonitorEnter extends TranslatedCompilerGeneratedCall, * The translation of the condition of the `if` present in the `finally` clause. */ private class TranslatedIfCondition extends TranslatedCompilerGeneratedValueCondition, - TTranslatedCompilerGeneratedElement { + TTranslatedCompilerGeneratedElement +{ override LockStmt generatedBy; TranslatedIfCondition() { this = TTranslatedCompilerGeneratedElement(generatedBy, 5) } @@ -209,7 +215,8 @@ private class TranslatedIfCondition extends TranslatedCompilerGeneratedValueCond * The translation of the `if` stmt present in the `finally` clause. */ private class TranslatedFinallyIf extends TranslatedCompilerGeneratedIfStmt, - TTranslatedCompilerGeneratedElement { + TTranslatedCompilerGeneratedElement +{ override LockStmt generatedBy; TranslatedFinallyIf() { this = TTranslatedCompilerGeneratedElement(generatedBy, 6) } @@ -236,7 +243,8 @@ private class TranslatedFinallyIf extends TranslatedCompilerGeneratedIfStmt, * bool temp variable. */ private class TranslatedWasTakenConst extends TranslatedCompilerGeneratedConstant, - TTranslatedCompilerGeneratedElement { + TTranslatedCompilerGeneratedElement +{ override LockStmt generatedBy; TranslatedWasTakenConst() { this = TTranslatedCompilerGeneratedElement(generatedBy, 7) } @@ -255,7 +263,8 @@ private class TranslatedWasTakenConst extends TranslatedCompilerGeneratedConstan * Represents the translation of the `lockWasTaken` temp variable declaration. */ private class TranslatedLockWasTakenDecl extends TranslatedCompilerGeneratedDeclaration, - TTranslatedCompilerGeneratedElement { + TTranslatedCompilerGeneratedElement +{ override LockStmt generatedBy; TranslatedLockWasTakenDecl() { this = TTranslatedCompilerGeneratedElement(generatedBy, 8) } @@ -286,7 +295,8 @@ private class TranslatedLockWasTakenDecl extends TranslatedCompilerGeneratedDecl * expression being locked. */ private class TranslatedLockedVarDecl extends TranslatedCompilerGeneratedDeclaration, - TTranslatedCompilerGeneratedElement { + TTranslatedCompilerGeneratedElement +{ override LockStmt generatedBy; TranslatedLockedVarDecl() { this = TTranslatedCompilerGeneratedElement(generatedBy, 9) } @@ -315,7 +325,8 @@ private class TranslatedLockedVarDecl extends TranslatedCompilerGeneratedDeclara * Used as an argument for the `MonitorEnter` call. */ private class TranslatedMonitorEnterVarAcc extends TTranslatedCompilerGeneratedElement, - TranslatedCompilerGeneratedVariableAccess { + TranslatedCompilerGeneratedVariableAccess +{ override LockStmt generatedBy; TranslatedMonitorEnterVarAcc() { this = TTranslatedCompilerGeneratedElement(generatedBy, 10) } @@ -341,7 +352,8 @@ private class TranslatedMonitorEnterVarAcc extends TTranslatedCompilerGeneratedE * Used as an argument for the `MonitorExit` call. */ private class TranslatedMonitorExitVarAcc extends TTranslatedCompilerGeneratedElement, - TranslatedCompilerGeneratedVariableAccess { + TranslatedCompilerGeneratedVariableAccess +{ override LockStmt generatedBy; TranslatedMonitorExitVarAcc() { this = TTranslatedCompilerGeneratedElement(generatedBy, 11) } @@ -366,7 +378,8 @@ private class TranslatedMonitorExitVarAcc extends TTranslatedCompilerGeneratedEl * Used as an argument for the `MonitorEnter` call. */ private class TranslatedLockWasTakenCondVarAcc extends TTranslatedCompilerGeneratedElement, - TranslatedCompilerGeneratedVariableAccess { + TranslatedCompilerGeneratedVariableAccess +{ override LockStmt generatedBy; TranslatedLockWasTakenCondVarAcc() { this = TTranslatedCompilerGeneratedElement(generatedBy, 12) } @@ -391,7 +404,8 @@ private class TranslatedLockWasTakenCondVarAcc extends TTranslatedCompilerGenera * as the `if` condition in the finally clause. */ private class TranslatedLockWasTakenRefArg extends TTranslatedCompilerGeneratedElement, - TranslatedCompilerGeneratedVariableAccess { + TranslatedCompilerGeneratedVariableAccess +{ override LockStmt generatedBy; TranslatedLockWasTakenRefArg() { this = TTranslatedCompilerGeneratedElement(generatedBy, 13) } diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/internal/TranslatedCompilerGeneratedCall.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/internal/TranslatedCompilerGeneratedCall.qll index 28dfd2b4cc3..d1834f90c1c 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/internal/TranslatedCompilerGeneratedCall.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/internal/TranslatedCompilerGeneratedCall.qll @@ -10,7 +10,8 @@ private import TranslatedCompilerGeneratedElement private import experimental.ir.internal.IRCSharpLanguage as Language abstract class TranslatedCompilerGeneratedCall extends TranslatedCallBase, - TranslatedCompilerGeneratedElement { + TranslatedCompilerGeneratedElement +{ final override string toString() { result = "compiler generated call (" + generatedBy.toString() + ")" } diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/internal/TranslatedCompilerGeneratedCondition.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/internal/TranslatedCompilerGeneratedCondition.qll index df0bf1b24c6..57fdc12121c 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/internal/TranslatedCompilerGeneratedCondition.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/internal/TranslatedCompilerGeneratedCondition.qll @@ -9,7 +9,8 @@ private import TranslatedCompilerGeneratedElement private import experimental.ir.internal.IRCSharpLanguage as Language abstract class TranslatedCompilerGeneratedValueCondition extends TranslatedCompilerGeneratedElement, - ValueConditionBase { + ValueConditionBase +{ final override string toString() { result = "compiler generated condition (" + generatedBy.toString() + ")" } diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/internal/TranslatedCompilerGeneratedDeclaration.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/internal/TranslatedCompilerGeneratedDeclaration.qll index 6757b032424..ead9a38fc5e 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/internal/TranslatedCompilerGeneratedDeclaration.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/internal/TranslatedCompilerGeneratedDeclaration.qll @@ -16,7 +16,8 @@ private import experimental.ir.internal.CSharpType private import experimental.ir.internal.IRCSharpLanguage as Language abstract class TranslatedCompilerGeneratedDeclaration extends LocalVariableDeclarationBase, - TranslatedCompilerGeneratedElement { + TranslatedCompilerGeneratedElement +{ final override string toString() { result = "compiler generated declaration (" + generatedBy.toString() + ")" } diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/internal/TranslatedCompilerGeneratedElement.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/internal/TranslatedCompilerGeneratedElement.qll index ffcc400a9bc..7008187520c 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/internal/TranslatedCompilerGeneratedElement.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/internal/TranslatedCompilerGeneratedElement.qll @@ -7,7 +7,8 @@ private import experimental.ir.implementation.raw.internal.TranslatedElement private import experimental.ir.internal.IRCSharpLanguage as Language abstract class TranslatedCompilerGeneratedElement extends TranslatedElement, - TTranslatedCompilerGeneratedElement { + TTranslatedCompilerGeneratedElement +{ // The element that generates generated the compiler element can // only be a stmt or an expr ControlFlowElement generatedBy; diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/internal/TranslatedCompilerGeneratedExpr.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/internal/TranslatedCompilerGeneratedExpr.qll index b7988c3fde8..3c5a60cf812 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/internal/TranslatedCompilerGeneratedExpr.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/desugar/internal/TranslatedCompilerGeneratedExpr.qll @@ -10,7 +10,8 @@ private import experimental.ir.implementation.raw.internal.common.TranslatedExpr private import experimental.ir.internal.IRCSharpLanguage as Language abstract class TranslatedCompilerGeneratedExpr extends TranslatedCompilerGeneratedElement, - TranslatedExprBase { + TranslatedExprBase +{ override string toString() { result = "compiler generated expr (" + generatedBy.toString() + ")" } abstract Type getResultType(); diff --git a/csharp/ql/test/library-tests/dataflow/library/FlowSummaries.ql b/csharp/ql/test/library-tests/dataflow/library/FlowSummaries.ql index eaf4d9d947f..69a03f32893 100644 --- a/csharp/ql/test/library-tests/dataflow/library/FlowSummaries.ql +++ b/csharp/ql/test/library-tests/dataflow/library/FlowSummaries.ql @@ -6,7 +6,8 @@ private class IncludeAllSummarizedCallable extends IncludeSummarizedCallable { IncludeAllSummarizedCallable() { exists(this) } } -private class IncludeNeutralCallable extends RelevantNeutralCallable instanceof FlowSummaryImpl::Public::NeutralCallable { +private class IncludeNeutralCallable extends RelevantNeutralCallable instanceof FlowSummaryImpl::Public::NeutralCallable +{ /** Gets a string representing the callable in semi-colon separated format for use in flow summaries. */ final override string getCallableCsv() { result = Csv::asPartialNeutralModel(this) } } diff --git a/csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.ql b/csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.ql index 82cf263ec9c..c1e093a1f42 100644 --- a/csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.ql +++ b/csharp/ql/test/library-tests/dataflow/library/FlowSummariesFiltered.ql @@ -2,7 +2,8 @@ import shared.FlowSummaries private import semmle.code.csharp.dataflow.internal.DataFlowPrivate::Csv private import semmle.code.csharp.dataflow.ExternalFlow -class IncludeFilteredSummarizedCallable extends IncludeSummarizedCallable instanceof SummarizedCallable { +class IncludeFilteredSummarizedCallable extends IncludeSummarizedCallable instanceof SummarizedCallable +{ /** * Holds if flow is propagated between `input` and `output` and * if there is no summary for a callable in a `base` class or interface diff --git a/csharp/ql/test/library-tests/frameworks/EntityFramework/FlowSummaries.ql b/csharp/ql/test/library-tests/frameworks/EntityFramework/FlowSummaries.ql index 00873833083..75faad9d633 100644 --- a/csharp/ql/test/library-tests/frameworks/EntityFramework/FlowSummaries.ql +++ b/csharp/ql/test/library-tests/frameworks/EntityFramework/FlowSummaries.ql @@ -2,8 +2,8 @@ import semmle.code.csharp.frameworks.EntityFramework::EntityFramework import shared.FlowSummaries import semmle.code.csharp.dataflow.ExternalFlow as ExternalFlow -private class IncludeEFSummarizedCallable extends IncludeSummarizedCallable instanceof EFSummarizedCallable { -} +private class IncludeEFSummarizedCallable extends IncludeSummarizedCallable instanceof EFSummarizedCallable +{ } query predicate sourceNode(DataFlow::Node node, string kind) { ExternalFlow::sourceNode(node, kind) diff --git a/go/ql/lib/semmle/go/Files.qll b/go/ql/lib/semmle/go/Files.qll index 12f70bb4469..b261b935318 100644 --- a/go/ql/lib/semmle/go/Files.qll +++ b/go/ql/lib/semmle/go/Files.qll @@ -183,7 +183,8 @@ class Folder extends Container, @folder { /** Any file, including files that have not been extracted but are referred to as locations for errors. */ class ExtractedOrExternalFile extends Container, @file, Documentable, ExprParent, GoModExprParent, - DeclParent, ScopeNode { + DeclParent, ScopeNode +{ override Location getLocation() { has_location(this, result) } override string getAbsolutePath() { files(this, result) } diff --git a/go/ql/lib/semmle/go/StringOps.qll b/go/ql/lib/semmle/go/StringOps.qll index 00fd7d512e9..c3dc8fdb18d 100644 --- a/go/ql/lib/semmle/go/StringOps.qll +++ b/go/ql/lib/semmle/go/StringOps.qll @@ -228,7 +228,8 @@ module StringOps { * the receiver of a call to `strings.Replacer.Replace` or * `strings.Replacer.WriteString`. */ - private class StringsNewReplacerConfiguration extends DataFlowForStringsNewReplacer::Configuration { + private class StringsNewReplacerConfiguration extends DataFlowForStringsNewReplacer::Configuration + { StringsNewReplacerConfiguration() { this = "StringsNewReplacerConfiguration" } override predicate isSource(DataFlow::Node source) { diff --git a/go/ql/lib/semmle/go/dataflow/internal/tainttracking1/TaintTracking.qll b/go/ql/lib/semmle/go/dataflow/internal/tainttracking1/TaintTracking.qll index 7333264298e..7f96fe5e6fb 100644 --- a/go/ql/lib/semmle/go/dataflow/internal/tainttracking1/TaintTracking.qll +++ b/go/ql/lib/semmle/go/dataflow/internal/tainttracking1/TaintTracking.qll @@ -7,7 +7,8 @@ import TaintTrackingParameter::Public private import TaintTrackingParameter::Private private module AddTaintDefaults implements -DataFlowInternal::FullStateConfigSig { + DataFlowInternal::FullStateConfigSig +{ import Config predicate isBarrier(DataFlow::Node node) { diff --git a/go/ql/lib/semmle/go/frameworks/Chi.qll b/go/ql/lib/semmle/go/frameworks/Chi.qll index 89f1a41d350..d2dfee90ab0 100644 --- a/go/ql/lib/semmle/go/frameworks/Chi.qll +++ b/go/ql/lib/semmle/go/frameworks/Chi.qll @@ -21,7 +21,8 @@ private module Chi { * Methods that extract URL parameters, considered as a source of untrusted flow. */ private class UserControlledRequestMethod extends UntrustedFlowSource::Range, - DataFlow::MethodCallNode { + DataFlow::MethodCallNode + { UserControlledRequestMethod() { this.getTarget().hasQualifiedName(packagePath(), "Context", "URLParam") } diff --git a/go/ql/lib/semmle/go/frameworks/Encoding.qll b/go/ql/lib/semmle/go/frameworks/Encoding.qll index 34af4ce6ed7..0bb0152db83 100644 --- a/go/ql/lib/semmle/go/frameworks/Encoding.qll +++ b/go/ql/lib/semmle/go/frameworks/Encoding.qll @@ -9,7 +9,8 @@ private string packagePath() { result = package("github.com/json-iterator/go", " /** A model of json-iterator's `Unmarshal` function, propagating taint from the JSON input to the decoded object. */ private class JsonIteratorUnmarshalFunction extends TaintTracking::FunctionModel, - UnmarshalingFunction::Range { + UnmarshalingFunction::Range +{ JsonIteratorUnmarshalFunction() { this.hasQualifiedName(packagePath(), ["Unmarshal", "UnmarshalFromString"]) or diff --git a/go/ql/lib/semmle/go/frameworks/K8sIoApiCoreV1.qll b/go/ql/lib/semmle/go/frameworks/K8sIoApiCoreV1.qll index 9918274f166..ee860e762a2 100644 --- a/go/ql/lib/semmle/go/frameworks/K8sIoApiCoreV1.qll +++ b/go/ql/lib/semmle/go/frameworks/K8sIoApiCoreV1.qll @@ -28,7 +28,8 @@ module K8sIoApiCoreV1 { } private class SecretMarshal extends TaintTracking::FunctionModel, Method, - MarshalingFunction::Range { + MarshalingFunction::Range + { SecretMarshal() { this.hasQualifiedName(packagePath(), ["Secret", "SecretList"], "Marshal") } override DataFlow::FunctionInput getAnInput() { result.isReceiver() } @@ -43,7 +44,8 @@ module K8sIoApiCoreV1 { } private class SecretUnmarshal extends TaintTracking::FunctionModel, Method, - UnmarshalingFunction::Range { + UnmarshalingFunction::Range + { SecretUnmarshal() { this.hasQualifiedName(packagePath(), ["Secret", "SecretList"], "Unmarshal") } diff --git a/go/ql/lib/semmle/go/frameworks/K8sIoApimachineryPkgRuntime.qll b/go/ql/lib/semmle/go/frameworks/K8sIoApimachineryPkgRuntime.qll index 35ebb507f5e..081beebe9e9 100644 --- a/go/ql/lib/semmle/go/frameworks/K8sIoApimachineryPkgRuntime.qll +++ b/go/ql/lib/semmle/go/frameworks/K8sIoApimachineryPkgRuntime.qll @@ -85,7 +85,8 @@ module K8sIoApimachineryPkgRuntime { } private class CacheableObjectCacheEncode extends TaintTracking::FunctionModel, Method, - MarshalingFunction::Range { + MarshalingFunction::Range + { CacheableObjectCacheEncode() { this.implements(packagePath(), "CacheableObject", "CacheEncode") } @@ -113,7 +114,8 @@ module K8sIoApimachineryPkgRuntime { } private class DecoderDecode extends TaintTracking::FunctionModel, Method, - UnmarshalingFunction::Range { + UnmarshalingFunction::Range + { DecoderDecode() { this.implements(packagePath(), "Decoder", "Decode") or this.hasQualifiedName(packagePath(), "WithoutVersionDecoder", "Decode") @@ -134,7 +136,8 @@ module K8sIoApimachineryPkgRuntime { } private class EncoderEncode extends TaintTracking::FunctionModel, Method, - MarshalingFunction::Range { + MarshalingFunction::Range + { EncoderEncode() { this.implements(packagePath(), "Encoder", "Encode") or this.hasQualifiedName(packagePath(), "WithVersionEncoder", "Encode") @@ -240,7 +243,8 @@ module K8sIoApimachineryPkgRuntime { } private class ParameterCodecDecodeParameters extends TaintTracking::FunctionModel, Method, - UnmarshalingFunction::Range { + UnmarshalingFunction::Range + { ParameterCodecDecodeParameters() { this.implements(packagePath(), "ParameterCodec", "DecodeParameters") } @@ -260,7 +264,8 @@ module K8sIoApimachineryPkgRuntime { } private class ParameterCodecEncodeParameters extends TaintTracking::FunctionModel, Method, - MarshalingFunction::Range { + MarshalingFunction::Range + { ParameterCodecEncodeParameters() { this.implements(packagePath(), "ParameterCodec", "EncodeParameters") } @@ -280,7 +285,8 @@ module K8sIoApimachineryPkgRuntime { } private class ProtobufMarshallerMarshalTo extends TaintTracking::FunctionModel, Method, - MarshalingFunction::Range { + MarshalingFunction::Range + { ProtobufMarshallerMarshalTo() { this.implements(packagePath(), "ProtobufMarshaller", "MarshalTo") or this.implements(packagePath(), "ProtobufReverseMarshaller", "MarshalToSizedBuffer") @@ -316,7 +322,8 @@ module K8sIoApimachineryPkgRuntime { } private class RawExtensionMarshal extends TaintTracking::FunctionModel, Method, - MarshalingFunction::Range { + MarshalingFunction::Range + { RawExtensionMarshal() { this.hasQualifiedName(packagePath(), "RawExtension", "Marshal") } override DataFlow::FunctionInput getAnInput() { result.isReceiver() } @@ -331,7 +338,8 @@ module K8sIoApimachineryPkgRuntime { } private class RawExtensionUnmarshal extends TaintTracking::FunctionModel, Method, - UnmarshalingFunction::Range { + UnmarshalingFunction::Range + { RawExtensionUnmarshal() { this.hasQualifiedName(packagePath(), "RawExtension", "Unmarshal") } override DataFlow::FunctionInput getAnInput() { result.isReceiver() } @@ -364,7 +372,8 @@ module K8sIoApimachineryPkgRuntime { } private class UnknownMarshal extends TaintTracking::FunctionModel, Method, - MarshalingFunction::Range { + MarshalingFunction::Range + { string methodName; UnknownMarshal() { @@ -388,7 +397,8 @@ module K8sIoApimachineryPkgRuntime { } private class UnknownUnmarshal extends TaintTracking::FunctionModel, Method, - UnmarshalingFunction::Range { + UnmarshalingFunction::Range + { UnknownUnmarshal() { this.hasQualifiedName(packagePath(), "Unknown", "Unmarshal") } override DataFlow::FunctionInput getAnInput() { result.isReceiver() } diff --git a/go/ql/lib/semmle/go/frameworks/Revel.qll b/go/ql/lib/semmle/go/frameworks/Revel.qll index fbbe329564e..e5090a50caa 100644 --- a/go/ql/lib/semmle/go/frameworks/Revel.qll +++ b/go/ql/lib/semmle/go/frameworks/Revel.qll @@ -20,7 +20,8 @@ module Revel { } private class ParamsFixedSanitizer extends TaintTracking::DefaultTaintSanitizer, - DataFlow::FieldReadNode { + DataFlow::FieldReadNode + { ParamsFixedSanitizer() { exists(Field f | this.readsField(_, f) and @@ -48,7 +49,8 @@ module Revel { /** An access to an HTTP request field whose value may be controlled by an untrusted user. */ private class UserControlledRequestField extends UntrustedFlowSource::Range, - DataFlow::FieldReadNode { + DataFlow::FieldReadNode + { UserControlledRequestField() { exists(string fieldName | this.getField().hasQualifiedName(packagePath(), "Request", fieldName) @@ -61,7 +63,8 @@ module Revel { } private class UserControlledRequestMethod extends UntrustedFlowSource::Range, - DataFlow::MethodCallNode { + DataFlow::MethodCallNode + { UserControlledRequestMethod() { this.getTarget() .hasQualifiedName(packagePath(), "Request", diff --git a/go/ql/lib/semmle/go/frameworks/stdlib/NetHttp.qll b/go/ql/lib/semmle/go/frameworks/stdlib/NetHttp.qll index 12eee7079f7..965fbeca4fb 100644 --- a/go/ql/lib/semmle/go/frameworks/stdlib/NetHttp.qll +++ b/go/ql/lib/semmle/go/frameworks/stdlib/NetHttp.qll @@ -8,7 +8,8 @@ import go module NetHttp { /** An access to an HTTP request field whose value may be controlled by an untrusted user. */ private class UserControlledRequestField extends UntrustedFlowSource::Range, - DataFlow::FieldReadNode { + DataFlow::FieldReadNode + { UserControlledRequestField() { exists(string fieldName | this.getField().hasQualifiedName("net/http", "Request", fieldName) | fieldName = diff --git a/go/ql/lib/semmle/go/frameworks/stdlib/TextTemplate.qll b/go/ql/lib/semmle/go/frameworks/stdlib/TextTemplate.qll index 3e297bdcc25..dbb6dd195cb 100644 --- a/go/ql/lib/semmle/go/frameworks/stdlib/TextTemplate.qll +++ b/go/ql/lib/semmle/go/frameworks/stdlib/TextTemplate.qll @@ -25,7 +25,8 @@ module TextTemplate { } private class TextTemplateInstantiation extends TemplateInstantiation::Range, - DataFlow::MethodCallNode { + DataFlow::MethodCallNode + { int dataArg; TextTemplateInstantiation() { diff --git a/go/ql/lib/semmle/go/security/CleartextLoggingCustomizations.qll b/go/ql/lib/semmle/go/security/CleartextLoggingCustomizations.qll index d9e9039f5b3..17a7345b23e 100644 --- a/go/ql/lib/semmle/go/security/CleartextLoggingCustomizations.qll +++ b/go/ql/lib/semmle/go/security/CleartextLoggingCustomizations.qll @@ -183,7 +183,8 @@ module CleartextLogging { override string describe() { result = "HTTP request headers" } } - private class KubernetesSecretInterfaceSource extends Source, K8sIoClientGo::SecretInterfaceSource { + private class KubernetesSecretInterfaceSource extends Source, K8sIoClientGo::SecretInterfaceSource + { override string describe() { result = "Kubernetes Secret" } } diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/tainttracking1/TaintTracking.qll b/java/ql/lib/semmle/code/java/dataflow/internal/tainttracking1/TaintTracking.qll index 7333264298e..7f96fe5e6fb 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/tainttracking1/TaintTracking.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/tainttracking1/TaintTracking.qll @@ -7,7 +7,8 @@ import TaintTrackingParameter::Public private import TaintTrackingParameter::Private private module AddTaintDefaults implements -DataFlowInternal::FullStateConfigSig { + DataFlowInternal::FullStateConfigSig +{ import Config predicate isBarrier(DataFlow::Node node) { diff --git a/java/ql/lib/semmle/code/java/deadcode/DeadField.qll b/java/ql/lib/semmle/code/java/deadcode/DeadField.qll index 4499c6d63c8..32690d73626 100644 --- a/java/ql/lib/semmle/code/java/deadcode/DeadField.qll +++ b/java/ql/lib/semmle/code/java/deadcode/DeadField.qll @@ -138,7 +138,8 @@ class ClassReflectivelyReadField extends ReflectivelyReadField { * Consider all `JacksonSerializableField`s as reflectively read. */ class JacksonSerializableReflectivelyReadField extends ReflectivelyReadField, - JacksonSerializableField { } + JacksonSerializableField +{ } /** * A field that is used when applying Jackson mixins. diff --git a/java/ql/lib/semmle/code/java/deadcode/EntryPoints.qll b/java/ql/lib/semmle/code/java/deadcode/EntryPoints.qll index 81f5a2d765e..2213960222e 100644 --- a/java/ql/lib/semmle/code/java/deadcode/EntryPoints.qll +++ b/java/ql/lib/semmle/code/java/deadcode/EntryPoints.qll @@ -94,7 +94,8 @@ abstract class ReflectivelyConstructedClass extends EntryPoint, Class { /** * Classes that are deserialized by Jackson are reflectively constructed. */ -library class JacksonReflectivelyConstructedClass extends ReflectivelyConstructedClass instanceof JacksonDeserializableType { +library class JacksonReflectivelyConstructedClass extends ReflectivelyConstructedClass instanceof JacksonDeserializableType +{ override Callable getALiveCallable() { // Constructors may be called by Jackson, if they are a no-arg, they have a suitable annotation, // or inherit a suitable annotation through a mixin. @@ -308,8 +309,8 @@ class FacesAccessibleMethodEntryPoint extends CallableEntryPoint { * A Java Server Faces custom component, that is reflectively constructed by the framework when * used in a view (JSP or facelet). */ -class FacesComponentReflectivelyConstructedClass extends ReflectivelyConstructedClass instanceof FacesComponent { -} +class FacesComponentReflectivelyConstructedClass extends ReflectivelyConstructedClass instanceof FacesComponent +{ } /** * Entry point for EJB home interfaces. @@ -459,5 +460,5 @@ class ArbitraryXmlEntryPoint extends ReflectivelyConstructedClass { deprecated class ArbitraryXMLEntryPoint = ArbitraryXmlEntryPoint; /** A Selenium PageObject, created by a call to PageFactory.initElements(..). */ -class SeleniumPageObjectEntryPoint extends ReflectivelyConstructedClass instanceof SeleniumPageObject { -} +class SeleniumPageObjectEntryPoint extends ReflectivelyConstructedClass instanceof SeleniumPageObject +{ } diff --git a/java/ql/lib/semmle/code/java/deadcode/StrutsEntryPoints.qll b/java/ql/lib/semmle/code/java/deadcode/StrutsEntryPoints.qll index de2c0c44678..86910a921f8 100644 --- a/java/ql/lib/semmle/code/java/deadcode/StrutsEntryPoints.qll +++ b/java/ql/lib/semmle/code/java/deadcode/StrutsEntryPoints.qll @@ -33,8 +33,8 @@ class Struts1ActionEntryPoint extends EntryPoint, Class { /** * A struts 2 action class that is reflectively constructed. */ -class Struts2ReflectivelyConstructedAction extends ReflectivelyConstructedClass instanceof Struts2ActionClass { -} +class Struts2ReflectivelyConstructedAction extends ReflectivelyConstructedClass instanceof Struts2ActionClass +{ } /** * A method called on a struts 2 action class when the action is activated. diff --git a/java/ql/lib/semmle/code/java/deadcode/TestEntryPoints.qll b/java/ql/lib/semmle/code/java/deadcode/TestEntryPoints.qll index d659918e815..b8013d2947a 100644 --- a/java/ql/lib/semmle/code/java/deadcode/TestEntryPoints.qll +++ b/java/ql/lib/semmle/code/java/deadcode/TestEntryPoints.qll @@ -78,7 +78,8 @@ class JUnitCategory extends WhitelistedLiveClass { /** * A listener that will be reflectively constructed by TestNG. */ -class TestNGReflectivelyConstructedListener extends ReflectivelyConstructedClass instanceof TestNGListenerImpl { +class TestNGReflectivelyConstructedListener extends ReflectivelyConstructedClass instanceof TestNGListenerImpl +{ // Consider any class that implements a TestNG listener interface to be live. Listeners can be // specified on the command line, in `testng.xml` files and in Ant build files, so it is safest // to assume that all such listeners are live. diff --git a/java/ql/lib/semmle/code/java/frameworks/android/Intent.qll b/java/ql/lib/semmle/code/java/frameworks/android/Intent.qll index 4f6e9e3f5e4..104fd74b5f2 100644 --- a/java/ql/lib/semmle/code/java/frameworks/android/Intent.qll +++ b/java/ql/lib/semmle/code/java/frameworks/android/Intent.qll @@ -123,7 +123,8 @@ class StartServiceMethod extends Method { /** Specifies that if an `Intent` is tainted, then so are its synthetic fields. */ private class IntentFieldsInheritTaint extends DataFlow::SyntheticFieldContent, - TaintInheritingContent { + TaintInheritingContent +{ IntentFieldsInheritTaint() { this.getField().matches("android.content.Intent.%") } } diff --git a/java/ql/lib/semmle/code/java/frameworks/android/Slice.qll b/java/ql/lib/semmle/code/java/frameworks/android/Slice.qll index 33de1ea0d12..96ccb2a4401 100644 --- a/java/ql/lib/semmle/code/java/frameworks/android/Slice.qll +++ b/java/ql/lib/semmle/code/java/frameworks/android/Slice.qll @@ -35,6 +35,7 @@ private class SliceProviderLifecycleStep extends AdditionalValueStep { } private class SliceActionsInheritTaint extends DataFlow::SyntheticFieldContent, - TaintInheritingContent { + TaintInheritingContent +{ SliceActionsInheritTaint() { this.getField() = "androidx.slice.Slice.action" } } diff --git a/java/ql/lib/semmle/code/java/frameworks/google/GoogleHttpClientApi.qll b/java/ql/lib/semmle/code/java/frameworks/google/GoogleHttpClientApi.qll index d98967566e8..306970846d1 100644 --- a/java/ql/lib/semmle/code/java/frameworks/google/GoogleHttpClientApi.qll +++ b/java/ql/lib/semmle/code/java/frameworks/google/GoogleHttpClientApi.qll @@ -11,7 +11,8 @@ private class ParseAsMethod extends Method { } } -private class TypeLiteralToParseAsFlowConfiguration extends DataFlowForSerializability::Configuration { +private class TypeLiteralToParseAsFlowConfiguration extends DataFlowForSerializability::Configuration +{ TypeLiteralToParseAsFlowConfiguration() { this = "GoogleHttpClientApi::TypeLiteralToParseAsFlowConfiguration" } diff --git a/java/ql/lib/semmle/code/java/frameworks/jackson/JacksonSerializability.qll b/java/ql/lib/semmle/code/java/frameworks/jackson/JacksonSerializability.qll index 020c167fab7..4911c146442 100644 --- a/java/ql/lib/semmle/code/java/frameworks/jackson/JacksonSerializability.qll +++ b/java/ql/lib/semmle/code/java/frameworks/jackson/JacksonSerializability.qll @@ -91,7 +91,8 @@ private class FieldReferencedJacksonSerializableType extends JacksonSerializable /** A type whose values may be deserialized by the Jackson JSON framework. */ abstract class JacksonDeserializableType extends Type { } -private class TypeLiteralToJacksonDatabindFlowConfiguration extends DataFlowForSerializability::Configuration { +private class TypeLiteralToJacksonDatabindFlowConfiguration extends DataFlowForSerializability::Configuration +{ TypeLiteralToJacksonDatabindFlowConfiguration() { this = "TypeLiteralToJacksonDatabindFlowConfiguration" } diff --git a/java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJBRestrictions.qll b/java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJBRestrictions.qll index c56571624e6..8df603c5d6a 100644 --- a/java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJBRestrictions.qll +++ b/java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJBRestrictions.qll @@ -75,8 +75,8 @@ class ForbiddenSecurityConfigurationCallable extends ForbiddenCallable { } /** A method or constructor involving serialization that may not be called by an EJB. */ -class ForbiddenSerializationCallable extends ForbiddenCallable instanceof ForbiddenSerializationMethod { -} +class ForbiddenSerializationCallable extends ForbiddenCallable instanceof ForbiddenSerializationMethod +{ } /** A method or constructor involving network factory operations that may not be called by an EJB. */ class ForbiddenSetFactoryCallable extends ForbiddenCallable instanceof ForbiddenSetFactoryMethod { } diff --git a/java/ql/lib/semmle/code/java/os/OSCheck.qll b/java/ql/lib/semmle/code/java/os/OSCheck.qll index d43e2015705..eade97a6e53 100644 --- a/java/ql/lib/semmle/code/java/os/OSCheck.qll +++ b/java/ql/lib/semmle/code/java/os/OSCheck.qll @@ -115,7 +115,8 @@ private class IsWindowsFromApacheCommons extends IsWindowsGuard instanceof Field IsWindowsFromApacheCommons() { isOsFromApacheCommons(this, "IS\\_OS\\_WINDOWS") } } -private class IsSpecificWindowsVariantFromApacheCommons extends IsSpecificWindowsVariant instanceof FieldAccess { +private class IsSpecificWindowsVariantFromApacheCommons extends IsSpecificWindowsVariant instanceof FieldAccess +{ IsSpecificWindowsVariantFromApacheCommons() { isOsFromApacheCommons(this, "IS\\_OS\\_WINDOWS\\_%") } @@ -125,7 +126,8 @@ private class IsUnixFromApacheCommons extends IsUnixGuard instanceof FieldAccess IsUnixFromApacheCommons() { isOsFromApacheCommons(this, "IS\\_OS\\_UNIX") } } -private class IsSpecificUnixVariantFromApacheCommons extends IsSpecificUnixVariant instanceof FieldAccess { +private class IsSpecificUnixVariantFromApacheCommons extends IsSpecificUnixVariant instanceof FieldAccess +{ IsSpecificUnixVariantFromApacheCommons() { isOsFromApacheCommons(this, [ diff --git a/java/ql/lib/semmle/code/java/security/FragmentInjection.qll b/java/ql/lib/semmle/code/java/security/FragmentInjection.qll index 046993f6658..aa2a5f3dbfa 100644 --- a/java/ql/lib/semmle/code/java/security/FragmentInjection.qll +++ b/java/ql/lib/semmle/code/java/security/FragmentInjection.qll @@ -47,7 +47,8 @@ private class DefaultFragmentInjectionSink extends FragmentInjectionSink { DefaultFragmentInjectionSink() { sinkNode(this, "fragment-injection") } } -private class DefaultFragmentInjectionAdditionalTaintStep extends FragmentInjectionAdditionalTaintStep { +private class DefaultFragmentInjectionAdditionalTaintStep extends FragmentInjectionAdditionalTaintStep +{ override predicate step(DataFlow::Node n1, DataFlow::Node n2) { exists(ReflectiveClassIdentifierMethodAccess ma | ma.getArgument(0) = n1.asExpr() and ma = n2.asExpr() diff --git a/java/ql/lib/semmle/code/java/security/IntentUriPermissionManipulation.qll b/java/ql/lib/semmle/code/java/security/IntentUriPermissionManipulation.qll index 54a431e28dd..4842d36e86a 100644 --- a/java/ql/lib/semmle/code/java/security/IntentUriPermissionManipulation.qll +++ b/java/ql/lib/semmle/code/java/security/IntentUriPermissionManipulation.qll @@ -45,7 +45,8 @@ class IntentUriPermissionManipulationAdditionalTaintStep extends Unit { abstract predicate step(DataFlow::Node node1, DataFlow::Node node2); } -private class DefaultIntentUriPermissionManipulationSink extends IntentUriPermissionManipulationSink { +private class DefaultIntentUriPermissionManipulationSink extends IntentUriPermissionManipulationSink +{ DefaultIntentUriPermissionManipulationSink() { exists(MethodAccess ma | ma.getMethod() instanceof ActivitySetResultMethod | ma.getArgument(1) = this.asExpr() diff --git a/java/ql/lib/semmle/code/java/security/JWT.qll b/java/ql/lib/semmle/code/java/security/JWT.qll index 40569c49bd9..7056c7567f2 100644 --- a/java/ql/lib/semmle/code/java/security/JWT.qll +++ b/java/ql/lib/semmle/code/java/security/JWT.qll @@ -55,7 +55,8 @@ class JwtParserWithInsecureParseAdditionalFlowStep extends Unit { } /** A set of additional flow steps to consider when working with JWT parsing related data flows. */ -private class DefaultJwtParserWithInsecureParseAdditionalFlowStep extends JwtParserWithInsecureParseAdditionalFlowStep { +private class DefaultJwtParserWithInsecureParseAdditionalFlowStep extends JwtParserWithInsecureParseAdditionalFlowStep +{ override predicate step(DataFlow::Node node1, DataFlow::Node node2) { jwtParserStep(node1.asExpr(), node2.asExpr()) } diff --git a/java/ql/lib/semmle/code/java/security/RequestForgery.qll b/java/ql/lib/semmle/code/java/security/RequestForgery.qll index e6efc13c8a5..c454da5f035 100644 --- a/java/ql/lib/semmle/code/java/security/RequestForgery.qll +++ b/java/ql/lib/semmle/code/java/security/RequestForgery.qll @@ -34,7 +34,8 @@ private class DefaultRequestForgeryAdditionalTaintStep extends RequestForgeryAdd } } -private class TypePropertiesRequestForgeryAdditionalTaintStep extends RequestForgeryAdditionalTaintStep { +private class TypePropertiesRequestForgeryAdditionalTaintStep extends RequestForgeryAdditionalTaintStep +{ override predicate propagatesTaint(DataFlow::Node pred, DataFlow::Node succ) { exists(MethodAccess ma | // Properties props = new Properties(); diff --git a/java/ql/lib/semmle/code/java/security/SpelInjection.qll b/java/ql/lib/semmle/code/java/security/SpelInjection.qll index 55f526d72f4..bed4d313ff6 100644 --- a/java/ql/lib/semmle/code/java/security/SpelInjection.qll +++ b/java/ql/lib/semmle/code/java/security/SpelInjection.qll @@ -21,7 +21,8 @@ class SpelExpressionInjectionAdditionalTaintStep extends Unit { } /** A set of additional taint steps to consider when taint tracking SpEL related data flows. */ -private class DefaultSpelExpressionInjectionAdditionalTaintStep extends SpelExpressionInjectionAdditionalTaintStep { +private class DefaultSpelExpressionInjectionAdditionalTaintStep extends SpelExpressionInjectionAdditionalTaintStep +{ override predicate step(DataFlow::Node node1, DataFlow::Node node2) { expressionParsingStep(node1, node2) } diff --git a/java/ql/lib/semmle/code/java/security/TemplateInjection.qll b/java/ql/lib/semmle/code/java/security/TemplateInjection.qll index ce2bd9d217d..b8625556c7a 100644 --- a/java/ql/lib/semmle/code/java/security/TemplateInjection.qll +++ b/java/ql/lib/semmle/code/java/security/TemplateInjection.qll @@ -62,8 +62,8 @@ abstract class TemplateInjectionSanitizerWithState extends DataFlow::Node { abstract predicate hasState(DataFlow::FlowState state); } -private class DefaultTemplateInjectionSource extends TemplateInjectionSource instanceof RemoteFlowSource { -} +private class DefaultTemplateInjectionSource extends TemplateInjectionSource instanceof RemoteFlowSource +{ } private class DefaultTemplateInjectionSink extends TemplateInjectionSink { DefaultTemplateInjectionSink() { sinkNode(this, "ssti") } diff --git a/java/ql/lib/semmle/code/java/security/XSS.qll b/java/ql/lib/semmle/code/java/security/XSS.qll index fa94fe09cac..9d15d8edeb5 100644 --- a/java/ql/lib/semmle/code/java/security/XSS.qll +++ b/java/ql/lib/semmle/code/java/security/XSS.qll @@ -60,7 +60,8 @@ private class DefaultXssSanitizer extends XssSanitizer { } /** A configuration that tracks data from a servlet writer to an output method. */ -private class XssVulnerableWriterSourceToWritingMethodFlowConfig extends TaintTracking2::Configuration { +private class XssVulnerableWriterSourceToWritingMethodFlowConfig extends TaintTracking2::Configuration +{ XssVulnerableWriterSourceToWritingMethodFlowConfig() { this = "XSS::XssVulnerableWriterSourceToWritingMethodFlowConfig" } diff --git a/java/ql/lib/semmle/code/java/security/XmlParsers.qll b/java/ql/lib/semmle/code/java/security/XmlParsers.qll index 5882677c27d..8cdf962584d 100644 --- a/java/ql/lib/semmle/code/java/security/XmlParsers.qll +++ b/java/ql/lib/semmle/code/java/security/XmlParsers.qll @@ -198,7 +198,8 @@ private class DocumentBuilderConstruction extends MethodAccess { } } -private class SafeDocumentBuilderFactoryToDocumentBuilderConstructionFlowConfig extends DataFlow3::Configuration { +private class SafeDocumentBuilderFactoryToDocumentBuilderConstructionFlowConfig extends DataFlow3::Configuration +{ SafeDocumentBuilderFactoryToDocumentBuilderConstructionFlowConfig() { this = "XmlParsers::SafeDocumentBuilderFactoryToDocumentBuilderConstructionFlowConfig" } diff --git a/java/ql/lib/semmle/code/java/security/XsltInjectionQuery.qll b/java/ql/lib/semmle/code/java/security/XsltInjectionQuery.qll index 34e533c0040..3cfe91f7408 100644 --- a/java/ql/lib/semmle/code/java/security/XsltInjectionQuery.qll +++ b/java/ql/lib/semmle/code/java/security/XsltInjectionQuery.qll @@ -55,7 +55,8 @@ private predicate newTransformerOrTemplatesStep(DataFlow::Node n1, DataFlow::Nod /** * A data flow configuration for secure processing feature that is enabled on `TransformerFactory`. */ -private class TransformerFactoryWithSecureProcessingFeatureFlowConfig extends DataFlow2::Configuration { +private class TransformerFactoryWithSecureProcessingFeatureFlowConfig extends DataFlow2::Configuration +{ TransformerFactoryWithSecureProcessingFeatureFlowConfig() { this = "TransformerFactoryWithSecureProcessingFeatureFlowConfig" } diff --git a/java/ql/src/Security/CWE/CWE-113/NettyResponseSplitting.ql b/java/ql/src/Security/CWE/CWE-113/NettyResponseSplitting.ql index 35b85788221..7376aa51e58 100644 --- a/java/ql/src/Security/CWE/CWE-113/NettyResponseSplitting.ql +++ b/java/ql/src/Security/CWE/CWE-113/NettyResponseSplitting.ql @@ -27,25 +27,29 @@ abstract private class InsecureNettyObjectCreation extends ClassInstanceExpr { abstract string splittingType(); } -abstract private class RequestOrResponseSplittingInsecureNettyObjectCreation extends InsecureNettyObjectCreation { +abstract private class RequestOrResponseSplittingInsecureNettyObjectCreation extends InsecureNettyObjectCreation +{ override string splittingType() { result = "Request splitting or response splitting" } } /** * Request splitting can allowing an attacker to inject/smuggle an additional HTTP request into the socket connection. */ -abstract private class RequestSplittingInsecureNettyObjectCreation extends InsecureNettyObjectCreation { +abstract private class RequestSplittingInsecureNettyObjectCreation extends InsecureNettyObjectCreation +{ override string splittingType() { result = "Request splitting" } } /** * Response splitting can lead to HTTP vulnerabilities like XSS and cache poisoning. */ -abstract private class ResponseSplittingInsecureNettyObjectCreation extends InsecureNettyObjectCreation { +abstract private class ResponseSplittingInsecureNettyObjectCreation extends InsecureNettyObjectCreation +{ override string splittingType() { result = "Response splitting" } } -private class InsecureDefaultHttpHeadersClassInstantiation extends RequestOrResponseSplittingInsecureNettyObjectCreation { +private class InsecureDefaultHttpHeadersClassInstantiation extends RequestOrResponseSplittingInsecureNettyObjectCreation +{ InsecureDefaultHttpHeadersClassInstantiation() { this.getConstructedType() .hasQualifiedName("io.netty.handler.codec.http", @@ -54,21 +58,24 @@ private class InsecureDefaultHttpHeadersClassInstantiation extends RequestOrResp } } -private class InsecureDefaultHttpResponseClassInstantiation extends ResponseSplittingInsecureNettyObjectCreation { +private class InsecureDefaultHttpResponseClassInstantiation extends ResponseSplittingInsecureNettyObjectCreation +{ InsecureDefaultHttpResponseClassInstantiation() { this.getConstructedType().hasQualifiedName("io.netty.handler.codec.http", "DefaultHttpResponse") and vulnerableArgumentIndex = 2 } } -private class InsecureDefaultHttpRequestClassInstantiation extends RequestSplittingInsecureNettyObjectCreation { +private class InsecureDefaultHttpRequestClassInstantiation extends RequestSplittingInsecureNettyObjectCreation +{ InsecureDefaultHttpRequestClassInstantiation() { this.getConstructedType().hasQualifiedName("io.netty.handler.codec.http", "DefaultHttpRequest") and vulnerableArgumentIndex = 3 } } -private class InsecureDefaultFullHttpResponseClassInstantiation extends ResponseSplittingInsecureNettyObjectCreation { +private class InsecureDefaultFullHttpResponseClassInstantiation extends ResponseSplittingInsecureNettyObjectCreation +{ InsecureDefaultFullHttpResponseClassInstantiation() { this.getConstructedType() .hasQualifiedName("io.netty.handler.codec.http", "DefaultFullHttpResponse") and @@ -76,7 +83,8 @@ private class InsecureDefaultFullHttpResponseClassInstantiation extends Response } } -private class InsecureDefaultFullHttpRequestClassInstantiation extends RequestSplittingInsecureNettyObjectCreation { +private class InsecureDefaultFullHttpRequestClassInstantiation extends RequestSplittingInsecureNettyObjectCreation +{ InsecureDefaultFullHttpRequestClassInstantiation() { this.getConstructedType() .hasQualifiedName("io.netty.handler.codec.http", "DefaultFullHttpRequest") and diff --git a/java/ql/src/experimental/Security/CWE/CWE-348/ClientSuppliedIpUsedInSecurityCheckLib.qll b/java/ql/src/experimental/Security/CWE/CWE-348/ClientSuppliedIpUsedInSecurityCheckLib.qll index 39d27be133b..0e3d11420ba 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-348/ClientSuppliedIpUsedInSecurityCheckLib.qll +++ b/java/ql/src/experimental/Security/CWE/CWE-348/ClientSuppliedIpUsedInSecurityCheckLib.qll @@ -81,8 +81,8 @@ private class CompareSink extends ClientSuppliedIpUsedInSecurityCheckSink { } /** A data flow sink for sql operation. */ -private class SqlOperationSink extends ClientSuppliedIpUsedInSecurityCheckSink instanceof QueryInjectionSink { -} +private class SqlOperationSink extends ClientSuppliedIpUsedInSecurityCheckSink instanceof QueryInjectionSink +{ } /** A method that split string. */ class SplitMethod extends Method { diff --git a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointCharacteristics.qll b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointCharacteristics.qll index 25ac8ca402a..6bb2f29d05c 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointCharacteristics.qll +++ b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointCharacteristics.qll @@ -317,7 +317,8 @@ abstract class OtherModeledArgumentCharacteristic extends EndpointCharacteristic * A characteristic that is an indicator of not being a sink of any type, because it's an argument to a function of a * builtin object. */ -abstract private class ArgumentToBuiltinFunctionCharacteristic extends OtherModeledArgumentCharacteristic { +abstract private class ArgumentToBuiltinFunctionCharacteristic extends OtherModeledArgumentCharacteristic +{ bindingset[this] ArgumentToBuiltinFunctionCharacteristic() { any() } } @@ -358,7 +359,8 @@ abstract class LikelyNotASinkCharacteristic extends EndpointCharacteristic { } private class LodashUnderscoreCharacteristic extends NotASinkCharacteristic, - OtherModeledArgumentCharacteristic { + OtherModeledArgumentCharacteristic +{ LodashUnderscoreCharacteristic() { this = "LodashUnderscoreArgument" } override predicate appliesToEndpoint(DataFlow::Node n) { @@ -367,7 +369,8 @@ private class LodashUnderscoreCharacteristic extends NotASinkCharacteristic, } private class JQueryArgumentCharacteristic extends NotASinkCharacteristic, - OtherModeledArgumentCharacteristic { + OtherModeledArgumentCharacteristic +{ JQueryArgumentCharacteristic() { this = "JQueryArgument" } override predicate appliesToEndpoint(DataFlow::Node n) { @@ -376,7 +379,8 @@ private class JQueryArgumentCharacteristic extends NotASinkCharacteristic, } private class ClientRequestCharacteristic extends NotASinkCharacteristic, - OtherModeledArgumentCharacteristic { + OtherModeledArgumentCharacteristic +{ ClientRequestCharacteristic() { this = "ClientRequest" } override predicate appliesToEndpoint(DataFlow::Node n) { @@ -387,7 +391,8 @@ private class ClientRequestCharacteristic extends NotASinkCharacteristic, } private class PromiseDefinitionCharacteristic extends NotASinkCharacteristic, - OtherModeledArgumentCharacteristic { + OtherModeledArgumentCharacteristic +{ PromiseDefinitionCharacteristic() { this = "PromiseDefinition" } override predicate appliesToEndpoint(DataFlow::Node n) { @@ -398,14 +403,16 @@ private class PromiseDefinitionCharacteristic extends NotASinkCharacteristic, } private class CryptographicKeyCharacteristic extends NotASinkCharacteristic, - OtherModeledArgumentCharacteristic { + OtherModeledArgumentCharacteristic +{ CryptographicKeyCharacteristic() { this = "CryptographicKey" } override predicate appliesToEndpoint(DataFlow::Node n) { n instanceof CryptographicKey } } private class CryptographicOperationFlowCharacteristic extends NotASinkCharacteristic, - OtherModeledArgumentCharacteristic { + OtherModeledArgumentCharacteristic +{ CryptographicOperationFlowCharacteristic() { this = "CryptographicOperationFlow" } override predicate appliesToEndpoint(DataFlow::Node n) { @@ -414,7 +421,8 @@ private class CryptographicOperationFlowCharacteristic extends NotASinkCharacter } private class LoggerMethodCharacteristic extends NotASinkCharacteristic, - OtherModeledArgumentCharacteristic { + OtherModeledArgumentCharacteristic +{ LoggerMethodCharacteristic() { this = "LoggerMethod" } override predicate appliesToEndpoint(DataFlow::Node n) { @@ -425,7 +433,8 @@ private class LoggerMethodCharacteristic extends NotASinkCharacteristic, } private class TimeoutCharacteristic extends NotASinkCharacteristic, - OtherModeledArgumentCharacteristic { + OtherModeledArgumentCharacteristic +{ TimeoutCharacteristic() { this = "Timeout" } override predicate appliesToEndpoint(DataFlow::Node n) { @@ -436,7 +445,8 @@ private class TimeoutCharacteristic extends NotASinkCharacteristic, } private class ReceiverStorageCharacteristic extends NotASinkCharacteristic, - OtherModeledArgumentCharacteristic { + OtherModeledArgumentCharacteristic +{ ReceiverStorageCharacteristic() { this = "ReceiverStorage" } override predicate appliesToEndpoint(DataFlow::Node n) { @@ -447,7 +457,8 @@ private class ReceiverStorageCharacteristic extends NotASinkCharacteristic, } private class StringStartsWithCharacteristic extends NotASinkCharacteristic, - OtherModeledArgumentCharacteristic { + OtherModeledArgumentCharacteristic +{ StringStartsWithCharacteristic() { this = "StringStartsWith" } override predicate appliesToEndpoint(DataFlow::Node n) { @@ -458,7 +469,8 @@ private class StringStartsWithCharacteristic extends NotASinkCharacteristic, } private class StringEndsWithCharacteristic extends NotASinkCharacteristic, - OtherModeledArgumentCharacteristic { + OtherModeledArgumentCharacteristic +{ StringEndsWithCharacteristic() { this = "StringEndsWith" } override predicate appliesToEndpoint(DataFlow::Node n) { @@ -467,7 +479,8 @@ private class StringEndsWithCharacteristic extends NotASinkCharacteristic, } private class StringRegExpTestCharacteristic extends NotASinkCharacteristic, - OtherModeledArgumentCharacteristic { + OtherModeledArgumentCharacteristic +{ StringRegExpTestCharacteristic() { this = "StringRegExpTest" } override predicate appliesToEndpoint(DataFlow::Node n) { @@ -478,7 +491,8 @@ private class StringRegExpTestCharacteristic extends NotASinkCharacteristic, } private class EventRegistrationCharacteristic extends NotASinkCharacteristic, - OtherModeledArgumentCharacteristic { + OtherModeledArgumentCharacteristic +{ EventRegistrationCharacteristic() { this = "EventRegistration" } override predicate appliesToEndpoint(DataFlow::Node n) { @@ -487,7 +501,8 @@ private class EventRegistrationCharacteristic extends NotASinkCharacteristic, } private class EventDispatchCharacteristic extends NotASinkCharacteristic, - OtherModeledArgumentCharacteristic { + OtherModeledArgumentCharacteristic +{ EventDispatchCharacteristic() { this = "EventDispatch" } override predicate appliesToEndpoint(DataFlow::Node n) { @@ -496,7 +511,8 @@ private class EventDispatchCharacteristic extends NotASinkCharacteristic, } private class MembershipCandidateTestCharacteristic extends NotASinkCharacteristic, - OtherModeledArgumentCharacteristic { + OtherModeledArgumentCharacteristic +{ MembershipCandidateTestCharacteristic() { this = "MembershipCandidateTest" } override predicate appliesToEndpoint(DataFlow::Node n) { @@ -507,7 +523,8 @@ private class MembershipCandidateTestCharacteristic extends NotASinkCharacterist } private class FileSystemAccessCharacteristic extends NotASinkCharacteristic, - OtherModeledArgumentCharacteristic { + OtherModeledArgumentCharacteristic +{ FileSystemAccessCharacteristic() { this = "FileSystemAccess" } override predicate appliesToEndpoint(DataFlow::Node n) { @@ -516,7 +533,8 @@ private class FileSystemAccessCharacteristic extends NotASinkCharacteristic, } private class DatabaseAccessCharacteristic extends NotASinkCharacteristic, - OtherModeledArgumentCharacteristic { + OtherModeledArgumentCharacteristic +{ DatabaseAccessCharacteristic() { this = "DatabaseAccess" } override predicate appliesToEndpoint(DataFlow::Node n) { @@ -540,7 +558,8 @@ private class DomCharacteristic extends NotASinkCharacteristic, OtherModeledArgu } private class NextFunctionCallCharacteristic extends NotASinkCharacteristic, - OtherModeledArgumentCharacteristic { + OtherModeledArgumentCharacteristic +{ NextFunctionCallCharacteristic() { this = "NextFunctionCall" } override predicate appliesToEndpoint(DataFlow::Node n) { @@ -552,7 +571,8 @@ private class NextFunctionCallCharacteristic extends NotASinkCharacteristic, } private class DojoRequireCharacteristic extends NotASinkCharacteristic, - OtherModeledArgumentCharacteristic { + OtherModeledArgumentCharacteristic +{ DojoRequireCharacteristic() { this = "DojoRequire" } override predicate appliesToEndpoint(DataFlow::Node n) { @@ -563,7 +583,8 @@ private class DojoRequireCharacteristic extends NotASinkCharacteristic, } private class Base64ManipulationCharacteristic extends NotASinkCharacteristic, - OtherModeledArgumentCharacteristic { + OtherModeledArgumentCharacteristic +{ Base64ManipulationCharacteristic() { this = "Base64Manipulation" } override predicate appliesToEndpoint(DataFlow::Node n) { @@ -573,7 +594,8 @@ private class Base64ManipulationCharacteristic extends NotASinkCharacteristic, } private class ArgumentToArrayCharacteristic extends ArgumentToBuiltinFunctionCharacteristic, - LikelyNotASinkCharacteristic { + LikelyNotASinkCharacteristic +{ ArgumentToArrayCharacteristic() { this = "ArgumentToArray" } override predicate appliesToEndpoint(DataFlow::Node n) { @@ -588,7 +610,8 @@ private class ArgumentToArrayCharacteristic extends ArgumentToBuiltinFunctionCha } private class ArgumentToBuiltinGlobalVarRefCharacteristic extends ArgumentToBuiltinFunctionCharacteristic, - LikelyNotASinkCharacteristic { + LikelyNotASinkCharacteristic +{ ArgumentToBuiltinGlobalVarRefCharacteristic() { this = "ArgumentToBuiltinGlobalVarRef" } override predicate appliesToEndpoint(DataFlow::Node n) { @@ -607,7 +630,8 @@ private class ArgumentToBuiltinGlobalVarRefCharacteristic extends ArgumentToBuil } private class ConstantReceiverCharacteristic extends ArgumentToBuiltinFunctionCharacteristic, - NotASinkCharacteristic { + NotASinkCharacteristic +{ ConstantReceiverCharacteristic() { this = "ConstantReceiver" } override predicate appliesToEndpoint(DataFlow::Node n) { @@ -623,7 +647,8 @@ private class ConstantReceiverCharacteristic extends ArgumentToBuiltinFunctionCh } private class BuiltinCallNameCharacteristic extends ArgumentToBuiltinFunctionCharacteristic, - NotASinkCharacteristic { + NotASinkCharacteristic +{ BuiltinCallNameCharacteristic() { this = "BuiltinCallName" } override predicate appliesToEndpoint(DataFlow::Node n) { @@ -684,7 +709,8 @@ class IsArgumentToModeledFunctionCharacteristic extends StandardEndpointFilterCh } } -private class IsArgumentToSinklessLibraryCharacteristic extends StandardEndpointFilterCharacteristic { +private class IsArgumentToSinklessLibraryCharacteristic extends StandardEndpointFilterCharacteristic +{ IsArgumentToSinklessLibraryCharacteristic() { this = "argument to sinkless library" } override predicate appliesToEndpoint(DataFlow::Node n) { @@ -750,7 +776,8 @@ private class InIrrelevantFileCharacteristic extends StandardEndpointFilterChara } /** An EndpointFilterCharacteristic that indicates that an endpoint is unlikely to be a NoSQL injection sink. */ -abstract private class NosqlInjectionSinkEndpointFilterCharacteristic extends EndpointFilterCharacteristic { +abstract private class NosqlInjectionSinkEndpointFilterCharacteristic extends EndpointFilterCharacteristic +{ bindingset[this] NosqlInjectionSinkEndpointFilterCharacteristic() { any() } @@ -763,7 +790,8 @@ abstract private class NosqlInjectionSinkEndpointFilterCharacteristic extends En } } -private class DatabaseAccessCallHeuristicCharacteristic extends NosqlInjectionSinkEndpointFilterCharacteristic { +private class DatabaseAccessCallHeuristicCharacteristic extends NosqlInjectionSinkEndpointFilterCharacteristic +{ DatabaseAccessCallHeuristicCharacteristic() { this = "matches database access call heuristic" } override predicate appliesToEndpoint(DataFlow::Node n) { @@ -794,7 +822,8 @@ private class ModeledSinkCharacteristic extends NosqlInjectionSinkEndpointFilter } } -private class PredecessorInModeledFlowStepCharacteristic extends NosqlInjectionSinkEndpointFilterCharacteristic { +private class PredecessorInModeledFlowStepCharacteristic extends NosqlInjectionSinkEndpointFilterCharacteristic +{ PredecessorInModeledFlowStepCharacteristic() { this = "predecessor in a modeled flow step" } override predicate appliesToEndpoint(DataFlow::Node n) { @@ -805,7 +834,8 @@ private class PredecessorInModeledFlowStepCharacteristic extends NosqlInjectionS } } -private class ModeledDatabaseAccessCharacteristic extends NosqlInjectionSinkEndpointFilterCharacteristic { +private class ModeledDatabaseAccessCharacteristic extends NosqlInjectionSinkEndpointFilterCharacteristic +{ ModeledDatabaseAccessCharacteristic() { this = "modeled database access" } override predicate appliesToEndpoint(DataFlow::Node n) { @@ -818,7 +848,8 @@ private class ModeledDatabaseAccessCharacteristic extends NosqlInjectionSinkEndp } } -private class ReceiverIsHttpRequestExpressionCharacteristic extends NosqlInjectionSinkEndpointFilterCharacteristic { +private class ReceiverIsHttpRequestExpressionCharacteristic extends NosqlInjectionSinkEndpointFilterCharacteristic +{ ReceiverIsHttpRequestExpressionCharacteristic() { this = "receiver is a HTTP request expression" } override predicate appliesToEndpoint(DataFlow::Node n) { @@ -829,7 +860,8 @@ private class ReceiverIsHttpRequestExpressionCharacteristic extends NosqlInjecti } } -private class ReceiverIsHttpResponseExpressionCharacteristic extends NosqlInjectionSinkEndpointFilterCharacteristic { +private class ReceiverIsHttpResponseExpressionCharacteristic extends NosqlInjectionSinkEndpointFilterCharacteristic +{ ReceiverIsHttpResponseExpressionCharacteristic() { this = "receiver is a HTTP response expression" } @@ -842,7 +874,8 @@ private class ReceiverIsHttpResponseExpressionCharacteristic extends NosqlInject } } -private class NotDirectArgumentToLikelyExternalLibraryCallOrHeuristicSinkNosqlCharacteristic extends NosqlInjectionSinkEndpointFilterCharacteristic { +private class NotDirectArgumentToLikelyExternalLibraryCallOrHeuristicSinkNosqlCharacteristic extends NosqlInjectionSinkEndpointFilterCharacteristic +{ NotDirectArgumentToLikelyExternalLibraryCallOrHeuristicSinkNosqlCharacteristic() { this = "not a direct argument to a likely external library call or a heuristic sink (nosql)" } @@ -885,7 +918,8 @@ private class NotDirectArgumentToLikelyExternalLibraryCallOrHeuristicSinkNosqlCh } /** An EndpointFilterCharacteristic that indicates that an endpoint is unlikely to be a SQL injection sink. */ -abstract private class SqlInjectionSinkEndpointFilterCharacteristic extends EndpointFilterCharacteristic { +abstract private class SqlInjectionSinkEndpointFilterCharacteristic extends EndpointFilterCharacteristic +{ bindingset[this] SqlInjectionSinkEndpointFilterCharacteristic() { any() } @@ -898,7 +932,8 @@ abstract private class SqlInjectionSinkEndpointFilterCharacteristic extends Endp } } -private class PreparedSqlStatementCharacteristic extends SqlInjectionSinkEndpointFilterCharacteristic { +private class PreparedSqlStatementCharacteristic extends SqlInjectionSinkEndpointFilterCharacteristic +{ PreparedSqlStatementCharacteristic() { this = "prepared SQL statement" } override predicate appliesToEndpoint(DataFlow::Node n) { @@ -932,7 +967,8 @@ private class HtmlOrRenderingCharacteristic extends SqlInjectionSinkEndpointFilt } } -private class NotAnArgumentToLikelyExternalLibraryCallOrHeuristicSinkCharacteristic extends SqlInjectionSinkEndpointFilterCharacteristic { +private class NotAnArgumentToLikelyExternalLibraryCallOrHeuristicSinkCharacteristic extends SqlInjectionSinkEndpointFilterCharacteristic +{ NotAnArgumentToLikelyExternalLibraryCallOrHeuristicSinkCharacteristic() { this = "not an argument to a likely external library call or a heuristic sink" } @@ -956,7 +992,8 @@ private class NotAnArgumentToLikelyExternalLibraryCallOrHeuristicSinkCharacteris } /** An EndpointFilterCharacteristic that indicates that an endpoint is unlikely to be a tainted path injection sink. */ -abstract private class TaintedPathSinkEndpointFilterCharacteristic extends EndpointFilterCharacteristic { +abstract private class TaintedPathSinkEndpointFilterCharacteristic extends EndpointFilterCharacteristic +{ bindingset[this] TaintedPathSinkEndpointFilterCharacteristic() { any() } @@ -969,7 +1006,8 @@ abstract private class TaintedPathSinkEndpointFilterCharacteristic extends Endpo } } -private class NotDirectArgumentToLikelyExternalLibraryCallOrHeuristicSinkTaintedPathCharacteristic extends TaintedPathSinkEndpointFilterCharacteristic { +private class NotDirectArgumentToLikelyExternalLibraryCallOrHeuristicSinkTaintedPathCharacteristic extends TaintedPathSinkEndpointFilterCharacteristic +{ NotDirectArgumentToLikelyExternalLibraryCallOrHeuristicSinkTaintedPathCharacteristic() { this = "not a direct argument to a likely external library call or a heuristic sink (tainted path)" @@ -1021,7 +1059,8 @@ abstract private class XssSinkEndpointFilterCharacteristic extends EndpointFilte } } -private class SetStateCallsInReactApplicationsCharacteristic extends XssSinkEndpointFilterCharacteristic { +private class SetStateCallsInReactApplicationsCharacteristic extends XssSinkEndpointFilterCharacteristic +{ SetStateCallsInReactApplicationsCharacteristic() { this = "setState calls ought to be safe in react applications" } @@ -1031,7 +1070,8 @@ private class SetStateCallsInReactApplicationsCharacteristic extends XssSinkEndp } } -private class NotDirectArgumentToLikelyExternalLibraryCallOrHeuristicSinkXssCharacteristic extends XssSinkEndpointFilterCharacteristic { +private class NotDirectArgumentToLikelyExternalLibraryCallOrHeuristicSinkXssCharacteristic extends XssSinkEndpointFilterCharacteristic +{ NotDirectArgumentToLikelyExternalLibraryCallOrHeuristicSinkXssCharacteristic() { this = "not a direct argument to a likely external library call or a heuristic sink (xss)" } diff --git a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointFeatures.qll b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointFeatures.qll index 0ac74597478..8e34d714f18 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointFeatures.qll +++ b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointFeatures.qll @@ -204,7 +204,8 @@ class FileImports extends EndpointFeature, TFileImports { * will be treated by tokenization as if they were spaces. */ class ContextSurroundingFunctionParameters extends EndpointFeature, - TContextSurroundingFunctionParameters { + TContextSurroundingFunctionParameters +{ override string getName() { result = "contextSurroundingFunctionParameters" } Function getRelevantFunction(DataFlow::Node endpoint) { diff --git a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointTypes.qll b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointTypes.qll index ade9f9ed99d..452128083fa 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointTypes.qll +++ b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointTypes.qll @@ -64,7 +64,8 @@ class TaintedPathSinkType extends EndpointType, TTaintedPathSinkType { /** The `ShellCommandInjectionFromEnvironmentSink` class that can be predicted by endpoint scoring models. */ class ShellCommandInjectionFromEnvironmentSinkType extends EndpointType, - TShellCommandInjectionFromEnvironmentSinkType { + TShellCommandInjectionFromEnvironmentSinkType +{ override string getDescription() { result = "ShellCommandInjectionFromEnvironmentSink" } override int getEncoding() { result = 5 } diff --git a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/TaintedPathATM.qll b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/TaintedPathATM.qll index c494a7587d6..de5c9fab415 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/TaintedPathATM.qll +++ b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/TaintedPathATM.qll @@ -51,7 +51,8 @@ class TaintedPathAtmConfig extends AtmConfig { * of barrier guards, we port the barrier guards for the boosted query from the standard library to * sanitizer guards here. */ -private class BarrierGuardNodeAsSanitizerGuardNode extends TaintTracking::LabeledSanitizerGuardNode instanceof TaintedPath::BarrierGuardNode { +private class BarrierGuardNodeAsSanitizerGuardNode extends TaintTracking::LabeledSanitizerGuardNode instanceof TaintedPath::BarrierGuardNode +{ override predicate sanitizes(boolean outcome, Expr e) { blocks(outcome, e) or blocks(outcome, e, _) } diff --git a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/XssATM.qll b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/XssATM.qll index d28b669bf49..5daac270292 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/XssATM.qll +++ b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/XssATM.qll @@ -40,7 +40,8 @@ class DomBasedXssAtmConfig extends AtmConfig { private import semmle.javascript.security.dataflow.Xss::Shared as Shared private class PrefixStringSanitizerActivated extends TaintTracking::SanitizerGuardNode, - DomBasedXss::PrefixStringSanitizer { + DomBasedXss::PrefixStringSanitizer +{ PrefixStringSanitizerActivated() { this = this } } @@ -52,6 +53,7 @@ private class QuoteGuard extends TaintTracking::SanitizerGuardNode, Shared::Quot QuoteGuard() { this = this } } -private class ContainsHtmlGuard extends TaintTracking::SanitizerGuardNode, Shared::ContainsHtmlGuard { +private class ContainsHtmlGuard extends TaintTracking::SanitizerGuardNode, Shared::ContainsHtmlGuard +{ ContainsHtmlGuard() { this = this } } diff --git a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/XssThroughDomATM.qll b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/XssThroughDomATM.qll index 87d69a37165..e188da15a7e 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/XssThroughDomATM.qll +++ b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/XssThroughDomATM.qll @@ -71,7 +71,8 @@ class TypeTestGuard extends TaintTracking::SanitizerGuardNode, DataFlow::ValueNo private import semmle.javascript.security.dataflow.Xss::Shared as Shared private class PrefixStringSanitizer extends TaintTracking::SanitizerGuardNode, - DomBasedXss::PrefixStringSanitizer { + DomBasedXss::PrefixStringSanitizer +{ PrefixStringSanitizer() { this = this } } @@ -83,6 +84,7 @@ private class QuoteGuard extends TaintTracking::SanitizerGuardNode, Shared::Quot QuoteGuard() { this = this } } -private class ContainsHtmlGuard extends TaintTracking::SanitizerGuardNode, Shared::ContainsHtmlGuard { +private class ContainsHtmlGuard extends TaintTracking::SanitizerGuardNode, Shared::ContainsHtmlGuard +{ ContainsHtmlGuard() { this = this } } diff --git a/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/Queries.qll b/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/Queries.qll index a84872c4ee4..4f7260e7e62 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/Queries.qll +++ b/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/Queries.qll @@ -39,6 +39,7 @@ class XssThroughDomQuery extends Query, TXssThroughDomQuery { } class ShellCommandInjectionFromEnvironmentQuery extends Query, - TShellCommandInjectionFromEnvironmentQuery { + TShellCommandInjectionFromEnvironmentQuery +{ override string getName() { result = "ShellCommandInjectionFromEnvironment" } } diff --git a/javascript/ql/lib/semmle/javascript/Closure.qll b/javascript/ql/lib/semmle/javascript/Closure.qll index e27387255a1..c69363588cc 100644 --- a/javascript/ql/lib/semmle/javascript/Closure.qll +++ b/javascript/ql/lib/semmle/javascript/Closure.qll @@ -48,7 +48,8 @@ module Closure { * A call to a method on the `goog.` namespace, as a closure reference. */ abstract private class DefaultNamespaceRef extends DataFlow::MethodCallNode, - ClosureNamespaceRef::Range { + ClosureNamespaceRef::Range + { DefaultNamespaceRef() { this = DataFlow::globalVarRef("goog").getAMethodCall() } override string getClosureNamespace() { result = getArgument(0).getStringValue() } @@ -75,21 +76,22 @@ module Closure { /** * A top-level call to `goog.provide`. */ - class ClosureProvideCall extends ClosureNamespaceRef, DataFlow::MethodCallNode instanceof DefaultClosureProvideCall { - } + class ClosureProvideCall extends ClosureNamespaceRef, DataFlow::MethodCallNode instanceof DefaultClosureProvideCall + { } /** * A call to `goog.require`. */ - private class DefaultClosureRequireCall extends DefaultNamespaceRef, ClosureNamespaceAccess::Range { + private class DefaultClosureRequireCall extends DefaultNamespaceRef, ClosureNamespaceAccess::Range + { DefaultClosureRequireCall() { getMethodName() = "require" } } /** * A call to `goog.require`. */ - class ClosureRequireCall extends ClosureNamespaceAccess, DataFlow::MethodCallNode instanceof DefaultClosureRequireCall { - } + class ClosureRequireCall extends ClosureNamespaceAccess, DataFlow::MethodCallNode instanceof DefaultClosureRequireCall + { } /** * A top-level call to `goog.module` or `goog.declareModuleId`. @@ -104,8 +106,8 @@ module Closure { /** * A top-level call to `goog.module` or `goog.declareModuleId`. */ - class ClosureModuleDeclaration extends ClosureNamespaceRef, DataFlow::MethodCallNode instanceof DefaultClosureModuleDeclaration { - } + class ClosureModuleDeclaration extends ClosureNamespaceRef, DataFlow::MethodCallNode instanceof DefaultClosureModuleDeclaration + { } private GlobalVariable googVariable() { variables(result, "goog", any(GlobalScope sc)) } diff --git a/javascript/ql/lib/semmle/javascript/Concepts.qll b/javascript/ql/lib/semmle/javascript/Concepts.qll index 67cf325eb11..01970490374 100644 --- a/javascript/ql/lib/semmle/javascript/Concepts.qll +++ b/javascript/ql/lib/semmle/javascript/Concepts.qll @@ -124,7 +124,8 @@ module Cryptography { * Extend this class to refine existing API models. If you want to model new APIs, * extend `CryptographicOperation::Range` instead. */ - class CryptographicOperation extends SC::CryptographicOperation instanceof CryptographicOperation::Range { + class CryptographicOperation extends SC::CryptographicOperation instanceof CryptographicOperation::Range + { /** * DEPRECATED. This predicate has been renamed to `getAnInput`. * diff --git a/javascript/ql/lib/semmle/javascript/DOM.qll b/javascript/ql/lib/semmle/javascript/DOM.qll index 954ac8571e7..f06f43d5976 100644 --- a/javascript/ql/lib/semmle/javascript/DOM.qll +++ b/javascript/ql/lib/semmle/javascript/DOM.qll @@ -63,7 +63,8 @@ module DOM { /** * An HTML element, viewed as an `ElementDefinition`. */ - private class HtmlElementDefinition extends ElementDefinition, @xmlelement instanceof HTML::Element { + private class HtmlElementDefinition extends ElementDefinition, @xmlelement instanceof HTML::Element + { override string getName() { result = HTML::Element.super.getName() } override AttributeDefinition getAttribute(int i) { @@ -127,7 +128,8 @@ module DOM { /** * An HTML attribute, viewed as an `AttributeDefinition`. */ - private class HtmlAttributeDefinition extends AttributeDefinition, @xmlattribute instanceof HTML::Attribute { + private class HtmlAttributeDefinition extends AttributeDefinition, @xmlattribute instanceof HTML::Attribute + { override string getName() { result = HTML::Attribute.super.getName() } override string getStringValue() { result = super.getValue() } @@ -138,7 +140,8 @@ module DOM { /** * A JSX attribute, viewed as an `AttributeDefinition`. */ - private class JsxAttributeDefinition extends AttributeDefinition, @jsx_attribute instanceof JsxAttribute { + private class JsxAttributeDefinition extends AttributeDefinition, @jsx_attribute instanceof JsxAttribute + { override string getName() { result = JsxAttribute.super.getName() } override DataFlow::Node getValueNode() { diff --git a/javascript/ql/lib/semmle/javascript/Functions.qll b/javascript/ql/lib/semmle/javascript/Functions.qll index 62abdddaa69..b3731e512fe 100644 --- a/javascript/ql/lib/semmle/javascript/Functions.qll +++ b/javascript/ql/lib/semmle/javascript/Functions.qll @@ -37,7 +37,8 @@ import javascript * ``` */ class Function extends @function, Parameterized, TypeParameterized, StmtContainer, Documentable, - AST::ValueNode { + AST::ValueNode +{ /** Gets the `i`th parameter of this function. */ Parameter getParameter(int i) { result = this.getChildExpr(i) } diff --git a/javascript/ql/lib/semmle/javascript/GeneratedCode.qll b/javascript/ql/lib/semmle/javascript/GeneratedCode.qll index ea397a9c40d..e045a98f3b0 100644 --- a/javascript/ql/lib/semmle/javascript/GeneratedCode.qll +++ b/javascript/ql/lib/semmle/javascript/GeneratedCode.qll @@ -16,8 +16,8 @@ abstract class GeneratedCodeMarkerComment extends Comment { } /** * A source mapping comment, viewed as a marker comment indicating generated code. */ -private class SourceMappingCommentMarkerComment extends GeneratedCodeMarkerComment instanceof SourceMappingComment { -} +private class SourceMappingCommentMarkerComment extends GeneratedCodeMarkerComment instanceof SourceMappingComment +{ } /** * A marker comment left by a known code generator. diff --git a/javascript/ql/lib/semmle/javascript/MembershipCandidates.qll b/javascript/ql/lib/semmle/javascript/MembershipCandidates.qll index 0f9a8c33a37..21f4cc1b1c5 100644 --- a/javascript/ql/lib/semmle/javascript/MembershipCandidates.qll +++ b/javascript/ql/lib/semmle/javascript/MembershipCandidates.qll @@ -220,7 +220,8 @@ module MembershipCandidate { * A candidate that may be a property name of an object. */ class ObjectPropertyNameMembershipCandidate extends MembershipCandidate::Range, - DataFlow::ValueNode { + DataFlow::ValueNode + { Expr test; Expr membersNode; diff --git a/javascript/ql/lib/semmle/javascript/Promises.qll b/javascript/ql/lib/semmle/javascript/Promises.qll index f34885644e8..bb1ee9326d8 100644 --- a/javascript/ql/lib/semmle/javascript/Promises.qll +++ b/javascript/ql/lib/semmle/javascript/Promises.qll @@ -616,7 +616,8 @@ module Bluebird { } private class BluebirdCoroutineDefinitionAsPartialInvoke extends DataFlow::PartialInvokeNode::Range, - BluebirdCoroutineDefinition { + BluebirdCoroutineDefinition + { override DataFlow::SourceNode getBoundFunction(DataFlow::Node callback, int boundArgs) { boundArgs = 0 and callback = this.getArgument(0) and diff --git a/javascript/ql/lib/semmle/javascript/Routing.qll b/javascript/ql/lib/semmle/javascript/Routing.qll index c55069924fd..93e5cd24328 100644 --- a/javascript/ql/lib/semmle/javascript/Routing.qll +++ b/javascript/ql/lib/semmle/javascript/Routing.qll @@ -508,7 +508,8 @@ module Routing { /** * An array which has been determined to be a route node, seen as a route node with arguments. */ - private class ImpliedArrayRoute extends ValueNode::WithArguments, DataFlow::ArrayCreationNode instanceof ValueNode::UseSite { + private class ImpliedArrayRoute extends ValueNode::WithArguments, DataFlow::ArrayCreationNode instanceof ValueNode::UseSite + { override DataFlow::Node getArgumentNode(int n) { result = this.getElement(n) } } } diff --git a/javascript/ql/lib/semmle/javascript/StandardLibrary.qll b/javascript/ql/lib/semmle/javascript/StandardLibrary.qll index 9366c76d9cc..b40f10d9369 100644 --- a/javascript/ql/lib/semmle/javascript/StandardLibrary.qll +++ b/javascript/ql/lib/semmle/javascript/StandardLibrary.qll @@ -50,7 +50,8 @@ class DirectEval extends CallExpr { * argument as the receiver to the callback. */ private class ArrayIterationCallbackAsPartialInvoke extends DataFlow::PartialInvokeNode::Range, - DataFlow::MethodCallNode { + DataFlow::MethodCallNode +{ ArrayIterationCallbackAsPartialInvoke() { this.getNumArgument() = 2 and // Filter out library methods named 'forEach' etc diff --git a/javascript/ql/lib/semmle/javascript/TypeScript.qll b/javascript/ql/lib/semmle/javascript/TypeScript.qll index 5b8cd763dfe..4e0d61179d2 100644 --- a/javascript/ql/lib/semmle/javascript/TypeScript.qll +++ b/javascript/ql/lib/semmle/javascript/TypeScript.qll @@ -1470,7 +1470,8 @@ class NamespaceAccess extends TypeExpr, NamespaceRef, @namespace_access { * An identifier that refers to a namespace from inside a type annotation. */ class LocalNamespaceAccess extends NamespaceAccess, LexicalAccess, Identifier, - @local_namespace_access { + @local_namespace_access +{ override Identifier getIdentifier() { result = this } /** Gets the local name being accessed. */ diff --git a/javascript/ql/lib/semmle/javascript/dataflow/Refinements.qll b/javascript/ql/lib/semmle/javascript/dataflow/Refinements.qll index 91ed08e4a44..52a7f74719b 100644 --- a/javascript/ql/lib/semmle/javascript/dataflow/Refinements.qll +++ b/javascript/ql/lib/semmle/javascript/dataflow/Refinements.qll @@ -117,7 +117,8 @@ private class IntRefinement extends NumberRefinement, NumberLiteral { * A use of the global variable `undefined`, viewed as a refinement expression. */ private class UndefinedInRefinement extends RefinementCandidate, - SyntacticConstants::UndefinedConstant { + SyntacticConstants::UndefinedConstant +{ override SsaSourceVariable getARefinedVar() { none() } override RefinementValue eval(RefinementContext ctxt) { diff --git a/javascript/ql/lib/semmle/javascript/dataflow/TaintTracking.qll b/javascript/ql/lib/semmle/javascript/dataflow/TaintTracking.qll index 1e6a7044178..2e80990ac13 100644 --- a/javascript/ql/lib/semmle/javascript/dataflow/TaintTracking.qll +++ b/javascript/ql/lib/semmle/javascript/dataflow/TaintTracking.qll @@ -1005,7 +1005,8 @@ module TaintTracking { * Note that the `includes` method is covered by `MembershipTestSanitizer`. */ class WhitelistContainmentCallSanitizer extends AdditionalSanitizerGuardNode, - DataFlow::MethodCallNode { + DataFlow::MethodCallNode + { WhitelistContainmentCallSanitizer() { this.getMethodName() = ["contains", "has", "hasOwnProperty", "hasOwn"] } diff --git a/javascript/ql/lib/semmle/javascript/dataflow/internal/PropertyTypeInference.qll b/javascript/ql/lib/semmle/javascript/dataflow/internal/PropertyTypeInference.qll index 25b6cfdb2d9..26a8e34beee 100644 --- a/javascript/ql/lib/semmle/javascript/dataflow/internal/PropertyTypeInference.qll +++ b/javascript/ql/lib/semmle/javascript/dataflow/internal/PropertyTypeInference.qll @@ -120,7 +120,8 @@ abstract class AnalyzedPropertyWrite extends DataFlow::Node { /** * Flow analysis for property writes. */ -private class AnalyzedExplicitPropertyWrite extends AnalyzedPropertyWrite instanceof DataFlow::PropWrite { +private class AnalyzedExplicitPropertyWrite extends AnalyzedPropertyWrite instanceof DataFlow::PropWrite +{ override predicate writes(AbstractValue base, string prop, DataFlow::AnalyzedNode source) { explicitPropertyWrite(this, base, prop, source) } diff --git a/javascript/ql/lib/semmle/javascript/dataflow/internal/VariableTypeInference.qll b/javascript/ql/lib/semmle/javascript/dataflow/internal/VariableTypeInference.qll index 29a7b420513..c7f67e7a4f5 100644 --- a/javascript/ql/lib/semmle/javascript/dataflow/internal/VariableTypeInference.qll +++ b/javascript/ql/lib/semmle/javascript/dataflow/internal/VariableTypeInference.qll @@ -690,7 +690,8 @@ abstract private class CallWithAnalyzedParameters extends FunctionWithAnalyzedPa /** * Flow analysis for simple parameters of IIFEs. */ -private class IifeWithAnalyzedParameters extends CallWithAnalyzedParameters instanceof ImmediatelyInvokedFunctionExpr { +private class IifeWithAnalyzedParameters extends CallWithAnalyzedParameters instanceof ImmediatelyInvokedFunctionExpr +{ IifeWithAnalyzedParameters() { super.getInvocationKind() = "direct" } override DataFlow::InvokeNode getAnInvocation() { result = super.getInvocation().flow() } @@ -711,7 +712,8 @@ private class IifeWithAnalyzedParameters extends CallWithAnalyzedParameters inst /** * Enables inter-procedural type inference for `LocalFunction`. */ -private class LocalFunctionWithAnalyzedParameters extends CallWithAnalyzedParameters instanceof LocalFunction { +private class LocalFunctionWithAnalyzedParameters extends CallWithAnalyzedParameters instanceof LocalFunction +{ override DataFlow::InvokeNode getAnInvocation() { result = LocalFunction.super.getAnInvocation() } override predicate isIncomplete(DataFlow::Incompleteness cause) { none() } diff --git a/javascript/ql/lib/semmle/javascript/dependencies/Dependencies.qll b/javascript/ql/lib/semmle/javascript/dependencies/Dependencies.qll index f110f3d5f97..76a285ccd8c 100644 --- a/javascript/ql/lib/semmle/javascript/dependencies/Dependencies.qll +++ b/javascript/ql/lib/semmle/javascript/dependencies/Dependencies.qll @@ -226,7 +226,8 @@ abstract class ScriptDependency extends Dependency { /** * An embedded JavaScript library included inside a `