From ecdeb9a97049b83cf179a632dc125d9b17e3e351 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Fri, 10 Feb 2023 11:22:00 +0100 Subject: [PATCH 1/2] C++: Revert `semmle.code.cpp.dataflow` to its old state While here make sure all queries and tests use IR dataflow when appropriate. --- config/identical-files.json | 22 +++++------ .../cpp/security/PrivateCleartextWrite.qll | 2 +- cpp/ql/lib/semmle/code/cpp/commons/Buffer.qll | 2 +- .../code/cpp/commons/NullTermination.qll | 2 +- .../lib/semmle/code/cpp/dataflow/DataFlow.qll | 15 ++++++- .../semmle/code/cpp/dataflow/DataFlow2.qll | 10 ++++- .../semmle/code/cpp/dataflow/DataFlow3.qll | 10 ++++- .../semmle/code/cpp/dataflow/DataFlow4.qll | 10 ++++- .../code/cpp/dataflow/TaintTracking.qll | 11 +++++- .../code/cpp/dataflow/TaintTracking2.qll | 8 +++- .../code/cpp/dataflow/TaintTracking3.qll | 14 ------- .../{old => }/internal/AddressFlow.qll | 0 .../{old => }/internal/DataFlowDispatch.qll | 0 .../{old => }/internal/DataFlowImpl.qll | 0 .../{old => }/internal/DataFlowImpl2.qll | 0 .../{old => }/internal/DataFlowImpl3.qll | 0 .../{old => }/internal/DataFlowImpl4.qll | 0 .../{old => }/internal/DataFlowImplCommon.qll | 0 .../internal/DataFlowImplConsistency.qll | 0 .../{old => }/internal/DataFlowImplLocal.qll | 0 .../internal/DataFlowImplSpecific.qll | 0 .../{old => }/internal/DataFlowPrivate.qll | 0 .../{old => }/internal/DataFlowUtil.qll | 0 .../dataflow/{old => }/internal/FlowVar.qll | 0 .../{old => }/internal/SubBasicBlocks.qll | 0 .../{old => }/internal/TaintTrackingUtil.qll | 0 .../tainttracking1/TaintTrackingImpl.qll | 0 .../tainttracking1/TaintTrackingParameter.qll | 5 +++ .../tainttracking2/TaintTrackingImpl.qll | 0 .../tainttracking2/TaintTrackingParameter.qll | 5 +++ .../semmle/code/cpp/dataflow/old/DataFlow.qll | 25 ------------ .../code/cpp/dataflow/old/DataFlow2.qll | 20 ---------- .../code/cpp/dataflow/old/DataFlow3.qll | 20 ---------- .../code/cpp/dataflow/old/DataFlow4.qll | 20 ---------- .../cpp/dataflow/old/RecursionPrevention.qll | 39 ------------------- .../code/cpp/dataflow/old/TaintTracking.qll | 27 ------------- .../code/cpp/dataflow/old/TaintTracking2.qll | 20 ---------- .../tainttracking1/TaintTrackingParameter.qll | 5 --- .../tainttracking2/TaintTrackingParameter.qll | 5 --- .../cpp/security/boostorg/asio/protocols.qll | 2 +- cpp/ql/src/Critical/MissingCheckScanf.ql | 2 +- cpp/ql/src/Critical/NewDelete.qll | 2 +- cpp/ql/src/Critical/OverflowCalculated.ql | 2 +- cpp/ql/src/Critical/OverflowStatic.ql | 1 + .../Conversion/CastArrayPointerArithmetic.ql | 2 +- .../Conversion/LossyFunctionResultCast.ql | 2 +- .../Likely Bugs/Format/NonConstantFormat.ql | 2 +- cpp/ql/src/Likely Bugs/Leap Year/LeapYear.qll | 2 +- .../Likely Typos/UsingStrcpyAsBoolean.ql | 2 +- .../Likely Typos/inconsistentLoopDirection.ql | 2 +- .../Memory Management/AllocaInLoop.ql | 2 +- .../Memory Management/NtohlArrayNoBound.qll | 2 +- .../ReturnCstrOfLocalStdString.ql | 2 +- .../CWE/CWE-020/ExternalAPIsSpecific.qll | 2 +- .../CWE/CWE-020/UntrustedDataToExternalAPI.ql | 2 +- .../CWE/CWE-131/NoSpaceForZeroTerminator.ql | 2 +- ...nsignedDifferenceExpressionComparedZero.ql | 2 +- .../CWE/CWE-295/SSLResultConflation.ql | 2 +- .../CWE/CWE-311/CleartextFileWrite.ql | 4 +- .../CWE/CWE-311/CleartextTransmission.ql | 6 +-- .../CWE/CWE-313/CleartextSqliteDatabase.ql | 2 +- cpp/ql/src/Security/CWE/CWE-319/UseOfHttp.ql | 2 +- .../CWE/CWE-428/UnsafeCreateProcessCall.ql | 4 +- .../CWE-732/UnsafeDaclSecurityDescriptor.ql | 4 +- .../CWE/CWE-020/NoCheckBeforeUnsafePutUser.ql | 2 +- .../CWE-190/AllocMultiplicationOverflow.ql | 2 +- .../Security/CWE/CWE-285/PamAuthorization.ql | 2 +- .../CWE-787/UnsignedToSignedPointerArith.ql | 2 +- ...moryLocationAfterEndOfBufferUsingStrlen.ql | 2 +- .../TestUtilities/dataflow/FlowTestCommon.qll | 2 +- .../standardFlow.ql | 2 +- .../withAdditionalFlow.ql | 2 +- .../dataflow-edge-tests/additionalEdges.ql | 2 +- .../dataflow-edge-tests/standardEdges.ql | 2 +- .../dataflow-tests/dataflow-consistency.ql | 2 +- .../dataflow/dataflow-tests/localFlow.ql | 2 +- .../dataflow-tests/test-number-of-outnodes.ql | 4 +- .../dataflow/dataflow-tests/test.ql | 2 +- .../dataflow/dataflow-tests/uninitialized.ql | 2 +- .../dataflow/fields/ASTConfiguration.qll | 2 +- .../library-tests/dataflow/fields/Nodes.qll | 2 +- .../dataflow/fields/dataflow-consistency.ql | 2 +- .../fields/partial-definition-diff.ql | 2 +- .../dataflow/fields/partial-definition.ql | 2 +- .../dataflow/fields/path-flow.ql | 2 +- .../partialdefinitions/partialdefinitions.ql | 2 +- .../dataflow/recursion/chained_use.ql | 13 +++---- .../dataflow/smart-pointers-taint/taint.ql | 2 +- .../dataflow/taint-tests/localTaint.ql | 2 +- .../dataflow/taint-tests/taint.ql | 2 +- .../library-tests/dataflow/variable/noInit.ql | 2 +- .../syntax-zoo/dataflow-consistency.ql | 2 +- 92 files changed, 145 insertions(+), 280 deletions(-) delete mode 100644 cpp/ql/lib/semmle/code/cpp/dataflow/TaintTracking3.qll rename cpp/ql/lib/semmle/code/cpp/dataflow/{old => }/internal/AddressFlow.qll (100%) rename cpp/ql/lib/semmle/code/cpp/dataflow/{old => }/internal/DataFlowDispatch.qll (100%) rename cpp/ql/lib/semmle/code/cpp/dataflow/{old => }/internal/DataFlowImpl.qll (100%) rename cpp/ql/lib/semmle/code/cpp/dataflow/{old => }/internal/DataFlowImpl2.qll (100%) rename cpp/ql/lib/semmle/code/cpp/dataflow/{old => }/internal/DataFlowImpl3.qll (100%) rename cpp/ql/lib/semmle/code/cpp/dataflow/{old => }/internal/DataFlowImpl4.qll (100%) rename cpp/ql/lib/semmle/code/cpp/dataflow/{old => }/internal/DataFlowImplCommon.qll (100%) rename cpp/ql/lib/semmle/code/cpp/dataflow/{old => }/internal/DataFlowImplConsistency.qll (100%) rename cpp/ql/lib/semmle/code/cpp/dataflow/{old => }/internal/DataFlowImplLocal.qll (100%) rename cpp/ql/lib/semmle/code/cpp/dataflow/{old => }/internal/DataFlowImplSpecific.qll (100%) rename cpp/ql/lib/semmle/code/cpp/dataflow/{old => }/internal/DataFlowPrivate.qll (100%) rename cpp/ql/lib/semmle/code/cpp/dataflow/{old => }/internal/DataFlowUtil.qll (100%) rename cpp/ql/lib/semmle/code/cpp/dataflow/{old => }/internal/FlowVar.qll (100%) rename cpp/ql/lib/semmle/code/cpp/dataflow/{old => }/internal/SubBasicBlocks.qll (100%) rename cpp/ql/lib/semmle/code/cpp/dataflow/{old => }/internal/TaintTrackingUtil.qll (100%) rename cpp/ql/lib/semmle/code/cpp/dataflow/{old => }/internal/tainttracking1/TaintTrackingImpl.qll (100%) create mode 100644 cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking1/TaintTrackingParameter.qll rename cpp/ql/lib/semmle/code/cpp/dataflow/{old => }/internal/tainttracking2/TaintTrackingImpl.qll (100%) create mode 100644 cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking2/TaintTrackingParameter.qll delete mode 100644 cpp/ql/lib/semmle/code/cpp/dataflow/old/DataFlow.qll delete mode 100644 cpp/ql/lib/semmle/code/cpp/dataflow/old/DataFlow2.qll delete mode 100644 cpp/ql/lib/semmle/code/cpp/dataflow/old/DataFlow3.qll delete mode 100644 cpp/ql/lib/semmle/code/cpp/dataflow/old/DataFlow4.qll delete mode 100644 cpp/ql/lib/semmle/code/cpp/dataflow/old/RecursionPrevention.qll delete mode 100644 cpp/ql/lib/semmle/code/cpp/dataflow/old/TaintTracking.qll delete mode 100644 cpp/ql/lib/semmle/code/cpp/dataflow/old/TaintTracking2.qll delete mode 100644 cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/tainttracking1/TaintTrackingParameter.qll delete mode 100644 cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/tainttracking2/TaintTrackingParameter.qll diff --git a/config/identical-files.json b/config/identical-files.json index 7cd82c72d26..c32bad48362 100644 --- a/config/identical-files.json +++ b/config/identical-files.json @@ -8,11 +8,11 @@ "java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl6.qll", "java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplForSerializability.qll", "java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplForOnActivityResult.qll", - "cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowImpl.qll", - "cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowImpl2.qll", - "cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowImpl3.qll", - "cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowImpl4.qll", - "cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowImplLocal.qll", + "cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll", + "cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl2.qll", + "cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl3.qll", + "cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl4.qll", + "cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplLocal.qll", "cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll", "cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl2.qll", "cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl3.qll", @@ -43,7 +43,7 @@ ], "DataFlow Java/C++/C#/Go/Python/Ruby/Swift Common": [ "java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplCommon.qll", - "cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowImplCommon.qll", + "cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplCommon.qll", "cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImplCommon.qll", "cpp/ql/lib/experimental/semmle/code/cpp/ir/dataflow/internal/DataFlowImplCommon.qll", "csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImplCommon.qll", @@ -52,9 +52,9 @@ "ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplCommon.qll", "swift/ql/lib/codeql/swift/dataflow/internal/DataFlowImplCommon.qll" ], -"TaintTracking::Configuration Java/C++/C#/Go/Python/Ruby/Swift": [ - "cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/tainttracking1/TaintTrackingImpl.qll", - "cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/tainttracking2/TaintTrackingImpl.qll", + "TaintTracking::Configuration Java/C++/C#/Go/Python/Ruby/Swift": [ + "cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking1/TaintTrackingImpl.qll", + "cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking2/TaintTrackingImpl.qll", "cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/tainttracking1/TaintTrackingImpl.qll", "cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/tainttracking2/TaintTrackingImpl.qll", "cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/tainttracking3/TaintTrackingImpl.qll", @@ -80,7 +80,7 @@ ], "DataFlow Java/C++/C#/Python/Ruby/Swift Consistency checks": [ "java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplConsistency.qll", - "cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowImplConsistency.qll", + "cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplConsistency.qll", "cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImplConsistency.qll", "cpp/ql/lib/experimental/semmle/code/cpp/ir/dataflow/internal/DataFlowImplConsistency.qll", "csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImplConsistency.qll", @@ -122,7 +122,7 @@ ], "C++ SubBasicBlocks": [ "cpp/ql/lib/semmle/code/cpp/controlflow/SubBasicBlocks.qll", - "cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/SubBasicBlocks.qll" + "cpp/ql/lib/semmle/code/cpp/dataflow/internal/SubBasicBlocks.qll" ], "IR Instruction": [ "cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/Instruction.qll", diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/security/PrivateCleartextWrite.qll b/cpp/ql/lib/experimental/semmle/code/cpp/security/PrivateCleartextWrite.qll index f82330f3fbd..fe1c6664280 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/security/PrivateCleartextWrite.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/security/PrivateCleartextWrite.qll @@ -3,7 +3,7 @@ */ import cpp -import semmle.code.cpp.dataflow.TaintTracking +import semmle.code.cpp.ir.dataflow.TaintTracking import semmle.code.cpp.security.PrivateData import semmle.code.cpp.security.FileWrite import semmle.code.cpp.security.BufferWrite diff --git a/cpp/ql/lib/semmle/code/cpp/commons/Buffer.qll b/cpp/ql/lib/semmle/code/cpp/commons/Buffer.qll index 45ebafd203e..1c557af797e 100644 --- a/cpp/ql/lib/semmle/code/cpp/commons/Buffer.qll +++ b/cpp/ql/lib/semmle/code/cpp/commons/Buffer.qll @@ -1,5 +1,5 @@ import cpp -import semmle.code.cpp.dataflow.DataFlow +private import semmle.code.cpp.ir.dataflow.DataFlow /** * Holds if `v` is a member variable of `c` that looks like it might be variable sized diff --git a/cpp/ql/lib/semmle/code/cpp/commons/NullTermination.qll b/cpp/ql/lib/semmle/code/cpp/commons/NullTermination.qll index d9fe287f11f..25341c25f6c 100644 --- a/cpp/ql/lib/semmle/code/cpp/commons/NullTermination.qll +++ b/cpp/ql/lib/semmle/code/cpp/commons/NullTermination.qll @@ -1,7 +1,7 @@ import cpp private import semmle.code.cpp.models.interfaces.ArrayFunction private import semmle.code.cpp.models.implementations.Strcat -import semmle.code.cpp.dataflow.DataFlow +private import semmle.code.cpp.ir.dataflow.DataFlow /** * Holds if the expression `e` assigns something including `va` to a diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/DataFlow.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/DataFlow.qll index 6377d423df3..5af92783e4a 100644 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/DataFlow.qll +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/DataFlow.qll @@ -4,7 +4,10 @@ * _sink_. * * Unless configured otherwise, _flow_ means that the exact value of - * the source may reach the sink. + * the source may reach the sink. We do not track flow across pointer + * dereferences or array indexing. To track these types of flow, where the + * exact value may not be preserved, import + * `semmle.code.cpp.dataflow.TaintTracking`. * * To use global (interprocedural) data flow, extend the class * `DataFlow::Configuration` as documented on that class. To use local @@ -14,4 +17,12 @@ * `DataFlow::Node`. */ -import semmle.code.cpp.ir.dataflow.DataFlow +import cpp + +/** + * Provides classes for performing local (intra-procedural) and + * global (inter-procedural) data flow analyses. + */ +module DataFlow { + import semmle.code.cpp.dataflow.internal.DataFlowImpl +} diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/DataFlow2.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/DataFlow2.qll index 4717047981c..6d9c38af545 100644 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/DataFlow2.qll +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/DataFlow2.qll @@ -9,4 +9,12 @@ * See `semmle.code.cpp.dataflow.DataFlow` for the full documentation. */ -import semmle.code.cpp.ir.dataflow.DataFlow2 +import cpp + +/** + * Provides classes for performing local (intra-procedural) and + * global (inter-procedural) data flow analyses. + */ +module DataFlow2 { + import semmle.code.cpp.dataflow.internal.DataFlowImpl2 +} diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/DataFlow3.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/DataFlow3.qll index e04f1933d06..c4e7a4906fc 100644 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/DataFlow3.qll +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/DataFlow3.qll @@ -9,4 +9,12 @@ * See `semmle.code.cpp.dataflow.DataFlow` for the full documentation. */ -import semmle.code.cpp.ir.dataflow.DataFlow3 +import cpp + +/** + * Provides classes for performing local (intra-procedural) and + * global (inter-procedural) data flow analyses. + */ +module DataFlow3 { + import semmle.code.cpp.dataflow.internal.DataFlowImpl3 +} diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/DataFlow4.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/DataFlow4.qll index 8ec397bc07d..8287ecf70fe 100644 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/DataFlow4.qll +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/DataFlow4.qll @@ -9,4 +9,12 @@ * See `semmle.code.cpp.dataflow.DataFlow` for the full documentation. */ -import semmle.code.cpp.ir.dataflow.DataFlow4 +import cpp + +/** + * Provides classes for performing local (intra-procedural) and + * global (inter-procedural) data flow analyses. + */ +module DataFlow4 { + import semmle.code.cpp.dataflow.internal.DataFlowImpl4 +} diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/TaintTracking.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/TaintTracking.qll index 6feb8cd5a13..b377fe4a33a 100644 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/TaintTracking.qll +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/TaintTracking.qll @@ -15,4 +15,13 @@ * `TaintTracking::localTaintStep` with arguments of type `DataFlow::Node`. */ -import semmle.code.cpp.ir.dataflow.TaintTracking +import semmle.code.cpp.dataflow.DataFlow +import semmle.code.cpp.dataflow.DataFlow2 + +/** + * Provides classes for performing local (intra-procedural) and + * global (inter-procedural) taint-tracking analyses. + */ +module TaintTracking { + import semmle.code.cpp.dataflow.internal.tainttracking1.TaintTrackingImpl +} diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/TaintTracking2.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/TaintTracking2.qll index 6c3f78b8ca3..a8f92ee1041 100644 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/TaintTracking2.qll +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/TaintTracking2.qll @@ -11,4 +11,10 @@ * See `semmle.code.cpp.dataflow.TaintTracking` for the full documentation. */ -import semmle.code.cpp.ir.dataflow.TaintTracking2 +/** + * Provides classes for performing local (intra-procedural) and + * global (inter-procedural) taint-tracking analyses. + */ +module TaintTracking2 { + import semmle.code.cpp.dataflow.internal.tainttracking2.TaintTrackingImpl +} diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/TaintTracking3.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/TaintTracking3.qll deleted file mode 100644 index b070297536a..00000000000 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/TaintTracking3.qll +++ /dev/null @@ -1,14 +0,0 @@ -/** - * Provides a `TaintTracking3` module, which is a copy of the `TaintTracking` - * module. Use this class when data-flow configurations or taint-tracking - * configurations must depend on each other. Two classes extending - * `DataFlow::Configuration` should never depend on each other, but one of them - * should instead depend on a `DataFlow2::Configuration`, a - * `DataFlow3::Configuration`, or a `DataFlow4::Configuration`. The - * `TaintTracking::Configuration` class extends `DataFlow::Configuration`, and - * `TaintTracking2::Configuration` extends `DataFlow2::Configuration`. - * - * See `semmle.code.cpp.dataflow.TaintTracking` for the full documentation. - */ - -import semmle.code.cpp.ir.dataflow.TaintTracking3 diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/AddressFlow.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/AddressFlow.qll similarity index 100% rename from cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/AddressFlow.qll rename to cpp/ql/lib/semmle/code/cpp/dataflow/internal/AddressFlow.qll diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowDispatch.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowDispatch.qll similarity index 100% rename from cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowDispatch.qll rename to cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowDispatch.qll diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowImpl.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll similarity index 100% rename from cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowImpl.qll rename to cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowImpl2.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl2.qll similarity index 100% rename from cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowImpl2.qll rename to cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl2.qll diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowImpl3.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl3.qll similarity index 100% rename from cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowImpl3.qll rename to cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl3.qll diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowImpl4.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl4.qll similarity index 100% rename from cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowImpl4.qll rename to cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl4.qll diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowImplCommon.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplCommon.qll similarity index 100% rename from cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowImplCommon.qll rename to cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplCommon.qll diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowImplConsistency.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplConsistency.qll similarity index 100% rename from cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowImplConsistency.qll rename to cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplConsistency.qll diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowImplLocal.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplLocal.qll similarity index 100% rename from cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowImplLocal.qll rename to cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplLocal.qll diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowImplSpecific.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplSpecific.qll similarity index 100% rename from cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowImplSpecific.qll rename to cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplSpecific.qll diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowPrivate.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowPrivate.qll similarity index 100% rename from cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowPrivate.qll rename to cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowPrivate.qll diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowUtil.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowUtil.qll similarity index 100% rename from cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/DataFlowUtil.qll rename to cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowUtil.qll diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/FlowVar.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/FlowVar.qll similarity index 100% rename from cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/FlowVar.qll rename to cpp/ql/lib/semmle/code/cpp/dataflow/internal/FlowVar.qll diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/SubBasicBlocks.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/SubBasicBlocks.qll similarity index 100% rename from cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/SubBasicBlocks.qll rename to cpp/ql/lib/semmle/code/cpp/dataflow/internal/SubBasicBlocks.qll diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/TaintTrackingUtil.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/TaintTrackingUtil.qll similarity index 100% rename from cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/TaintTrackingUtil.qll rename to cpp/ql/lib/semmle/code/cpp/dataflow/internal/TaintTrackingUtil.qll diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/tainttracking1/TaintTrackingImpl.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking1/TaintTrackingImpl.qll similarity index 100% rename from cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/tainttracking1/TaintTrackingImpl.qll rename to cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking1/TaintTrackingImpl.qll diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking1/TaintTrackingParameter.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking1/TaintTrackingParameter.qll new file mode 100644 index 00000000000..7fd632efb0e --- /dev/null +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking1/TaintTrackingParameter.qll @@ -0,0 +1,5 @@ +import semmle.code.cpp.dataflow.internal.TaintTrackingUtil as Public + +module Private { + import semmle.code.cpp.dataflow.DataFlow::DataFlow as DataFlow +} diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/tainttracking2/TaintTrackingImpl.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking2/TaintTrackingImpl.qll similarity index 100% rename from cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/tainttracking2/TaintTrackingImpl.qll rename to cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking2/TaintTrackingImpl.qll diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking2/TaintTrackingParameter.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking2/TaintTrackingParameter.qll new file mode 100644 index 00000000000..fb4862fd06b --- /dev/null +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/tainttracking2/TaintTrackingParameter.qll @@ -0,0 +1,5 @@ +import semmle.code.cpp.dataflow.internal.TaintTrackingUtil as Public + +module Private { + import semmle.code.cpp.dataflow.DataFlow2::DataFlow2 as DataFlow +} diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/old/DataFlow.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/old/DataFlow.qll deleted file mode 100644 index e119fa0e6f1..00000000000 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/old/DataFlow.qll +++ /dev/null @@ -1,25 +0,0 @@ -/** - * Provides a library for local (intra-procedural) and global (inter-procedural) - * data flow analysis: deciding whether data can flow from a _source_ to a - * _sink_. - * - * Unless configured otherwise, _flow_ means that the exact value of - * the source may reach the sink. - * - * To use global (interprocedural) data flow, extend the class - * `DataFlow::Configuration` as documented on that class. To use local - * (intraprocedural) data flow between expressions, call - * `DataFlow::localExprFlow`. For more general cases of local data flow, call - * `DataFlow::localFlow` or `DataFlow::localFlowStep` with arguments of type - * `DataFlow::Node`. - */ - -import cpp - -/** - * Provides classes for performing local (intra-procedural) and - * global (inter-procedural) data flow analyses. - */ -module DataFlow { - import semmle.code.cpp.dataflow.old.internal.DataFlowImpl -} diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/old/DataFlow2.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/old/DataFlow2.qll deleted file mode 100644 index 8e14ec9f701..00000000000 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/old/DataFlow2.qll +++ /dev/null @@ -1,20 +0,0 @@ -/** - * Provides a `DataFlow2` module, which is a copy of the `DataFlow` module. Use - * this class when data-flow configurations must depend on each other. Two - * classes extending `DataFlow::Configuration` should never depend on each - * other, but one of them should instead depend on a - * `DataFlow2::Configuration`, a `DataFlow3::Configuration`, or a - * `DataFlow4::Configuration`. - * - * See `semmle.code.cpp.dataflow.old.DataFlow` for the full documentation. - */ - -import cpp - -/** - * Provides classes for performing local (intra-procedural) and - * global (inter-procedural) data flow analyses. - */ -module DataFlow2 { - import semmle.code.cpp.dataflow.old.internal.DataFlowImpl2 -} diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/old/DataFlow3.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/old/DataFlow3.qll deleted file mode 100644 index 1e84b3cb0b0..00000000000 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/old/DataFlow3.qll +++ /dev/null @@ -1,20 +0,0 @@ -/** - * Provides a `DataFlow3` module, which is a copy of the `DataFlow` module. Use - * this class when data-flow configurations must depend on each other. Two - * classes extending `DataFlow::Configuration` should never depend on each - * other, but one of them should instead depend on a - * `DataFlow2::Configuration`, a `DataFlow3::Configuration`, or a - * `DataFlow4::Configuration`. - * - * See `semmle.code.cpp.dataflow.old.DataFlow` for the full documentation. - */ - -import cpp - -/** - * Provides classes for performing local (intra-procedural) and - * global (inter-procedural) data flow analyses. - */ -module DataFlow3 { - import semmle.code.cpp.dataflow.old.internal.DataFlowImpl3 -} diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/old/DataFlow4.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/old/DataFlow4.qll deleted file mode 100644 index 20aed9debb4..00000000000 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/old/DataFlow4.qll +++ /dev/null @@ -1,20 +0,0 @@ -/** - * Provides a `DataFlow4` module, which is a copy of the `DataFlow` module. Use - * this class when data-flow configurations must depend on each other. Two - * classes extending `DataFlow::Configuration` should never depend on each - * other, but one of them should instead depend on a - * `DataFlow2::Configuration`, a `DataFlow3::Configuration`, or a - * `DataFlow4::Configuration`. - * - * See `semmle.code.cpp.dataflow.old.DataFlow` for the full documentation. - */ - -import cpp - -/** - * Provides classes for performing local (intra-procedural) and - * global (inter-procedural) data flow analyses. - */ -module DataFlow4 { - import semmle.code.cpp.dataflow.old.internal.DataFlowImpl4 -} diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/old/RecursionPrevention.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/old/RecursionPrevention.qll deleted file mode 100644 index 2d8b52f8622..00000000000 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/old/RecursionPrevention.qll +++ /dev/null @@ -1,39 +0,0 @@ -/** - * DEPRECATED: Recursion through `DataFlow::Configuration` is impossible in - * any supported tooling. There is no need for this module because it's - * impossible to accidentally depend on recursion through - * `DataFlow::Configuration` in current releases. - * - * When this module is imported, recursive use of `DataFlow::Configuration` is - * disallowed. Importing this module will guarantee the absence of such - * recursion, which is unsupported and will be unconditionally disallowed in a - * future release. - * - * Recursive use of `DataFlow{2..4}::Configuration` is always disallowed, so no - * import is needed for those. - */ - -import cpp -private import semmle.code.cpp.dataflow.DataFlow - -/** - * This class exists to prevent mutual recursion between the user-overridden - * member predicates of `Configuration` and the rest of the data-flow library. - * Good performance cannot be guaranteed in the presence of such recursion, so - * it should be replaced by using more than one copy of the data flow library. - * Four copies are available: `DataFlow` through `DataFlow4`. - */ -abstract private class ConfigurationRecursionPrevention extends DataFlow::Configuration { - bindingset[this] - ConfigurationRecursionPrevention() { any() } - - override predicate hasFlow(DataFlow::Node source, DataFlow::Node sink) { - strictcount(DataFlow::Node n | this.isSource(n)) < 0 - or - strictcount(DataFlow::Node n | this.isSink(n)) < 0 - or - strictcount(DataFlow::Node n1, DataFlow::Node n2 | this.isAdditionalFlowStep(n1, n2)) < 0 - or - super.hasFlow(source, sink) - } -} diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/old/TaintTracking.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/old/TaintTracking.qll deleted file mode 100644 index b8427ff04be..00000000000 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/old/TaintTracking.qll +++ /dev/null @@ -1,27 +0,0 @@ -/** - * Provides classes for performing local (intra-procedural) and - * global (inter-procedural) taint-tracking analyses. - * - * We define _taint propagation_ informally to mean that a substantial part of - * the information from the source is preserved at the sink. For example, taint - * propagates from `x` to `x + 100`, but it does not propagate from `x` to `x > - * 100` since we consider a single bit of information to be too little. - * - * To use global (interprocedural) taint tracking, extend the class - * `TaintTracking::Configuration` as documented on that class. To use local - * (intraprocedural) taint tracking between expressions, call - * `TaintTracking::localExprTaint`. For more general cases of local taint - * tracking, call `TaintTracking::localTaint` or - * `TaintTracking::localTaintStep` with arguments of type `DataFlow::Node`. - */ - -import semmle.code.cpp.dataflow.old.DataFlow -import semmle.code.cpp.dataflow.old.DataFlow2 - -/** - * Provides classes for performing local (intra-procedural) and - * global (inter-procedural) taint-tracking analyses. - */ -module TaintTracking { - import semmle.code.cpp.dataflow.old.internal.tainttracking1.TaintTrackingImpl -} diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/old/TaintTracking2.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/old/TaintTracking2.qll deleted file mode 100644 index eb99335fa2f..00000000000 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/old/TaintTracking2.qll +++ /dev/null @@ -1,20 +0,0 @@ -/** - * Provides a `TaintTracking2` module, which is a copy of the `TaintTracking` - * module. Use this class when data-flow configurations or taint-tracking - * configurations must depend on each other. Two classes extending - * `DataFlow::Configuration` should never depend on each other, but one of them - * should instead depend on a `DataFlow2::Configuration`, a - * `DataFlow3::Configuration`, or a `DataFlow4::Configuration`. The - * `TaintTracking::Configuration` class extends `DataFlow::Configuration`, and - * `TaintTracking2::Configuration` extends `DataFlow2::Configuration`. - * - * See `semmle.code.cpp.dataflow.old.TaintTracking` for the full documentation. - */ - -/** - * Provides classes for performing local (intra-procedural) and - * global (inter-procedural) taint-tracking analyses. - */ -module TaintTracking2 { - import semmle.code.cpp.dataflow.old.internal.tainttracking2.TaintTrackingImpl -} diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/tainttracking1/TaintTrackingParameter.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/tainttracking1/TaintTrackingParameter.qll deleted file mode 100644 index e9eb7adad48..00000000000 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/tainttracking1/TaintTrackingParameter.qll +++ /dev/null @@ -1,5 +0,0 @@ -import semmle.code.cpp.dataflow.old.internal.TaintTrackingUtil as Public - -module Private { - import semmle.code.cpp.dataflow.old.DataFlow::DataFlow as DataFlow -} diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/tainttracking2/TaintTrackingParameter.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/tainttracking2/TaintTrackingParameter.qll deleted file mode 100644 index b8bc6ed0918..00000000000 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/old/internal/tainttracking2/TaintTrackingParameter.qll +++ /dev/null @@ -1,5 +0,0 @@ -import semmle.code.cpp.dataflow.old.internal.TaintTrackingUtil as Public - -module Private { - import semmle.code.cpp.dataflow.old.DataFlow2::DataFlow2 as DataFlow -} diff --git a/cpp/ql/lib/semmle/code/cpp/security/boostorg/asio/protocols.qll b/cpp/ql/lib/semmle/code/cpp/security/boostorg/asio/protocols.qll index c9d6b6613d8..e2327ecc380 100644 --- a/cpp/ql/lib/semmle/code/cpp/security/boostorg/asio/protocols.qll +++ b/cpp/ql/lib/semmle/code/cpp/security/boostorg/asio/protocols.qll @@ -1,5 +1,5 @@ import cpp -import semmle.code.cpp.dataflow.DataFlow +import semmle.code.cpp.ir.dataflow.DataFlow module BoostorgAsio { /** diff --git a/cpp/ql/src/Critical/MissingCheckScanf.ql b/cpp/ql/src/Critical/MissingCheckScanf.ql index d3171161f13..bca946641f9 100644 --- a/cpp/ql/src/Critical/MissingCheckScanf.ql +++ b/cpp/ql/src/Critical/MissingCheckScanf.ql @@ -16,7 +16,7 @@ import cpp import semmle.code.cpp.commons.Scanf import semmle.code.cpp.controlflow.Guards -import semmle.code.cpp.dataflow.DataFlow +import semmle.code.cpp.ir.dataflow.DataFlow import semmle.code.cpp.ir.IR import semmle.code.cpp.ir.ValueNumbering diff --git a/cpp/ql/src/Critical/NewDelete.qll b/cpp/ql/src/Critical/NewDelete.qll index a8cfd56b653..7c0b8b72193 100644 --- a/cpp/ql/src/Critical/NewDelete.qll +++ b/cpp/ql/src/Critical/NewDelete.qll @@ -4,7 +4,7 @@ import cpp import semmle.code.cpp.controlflow.SSA -import semmle.code.cpp.dataflow.DataFlow +import semmle.code.cpp.ir.dataflow.DataFlow /** * Holds if `alloc` is a use of `malloc` or `new`. `kind` is diff --git a/cpp/ql/src/Critical/OverflowCalculated.ql b/cpp/ql/src/Critical/OverflowCalculated.ql index d8a08cc6a69..8958da3b22f 100644 --- a/cpp/ql/src/Critical/OverflowCalculated.ql +++ b/cpp/ql/src/Critical/OverflowCalculated.ql @@ -12,7 +12,7 @@ */ import cpp -import semmle.code.cpp.dataflow.DataFlow +import semmle.code.cpp.ir.dataflow.DataFlow import semmle.code.cpp.models.interfaces.Allocation predicate spaceProblem(FunctionCall append, string msg) { diff --git a/cpp/ql/src/Critical/OverflowStatic.ql b/cpp/ql/src/Critical/OverflowStatic.ql index 63f84d78643..962d2ee89b0 100644 --- a/cpp/ql/src/Critical/OverflowStatic.ql +++ b/cpp/ql/src/Critical/OverflowStatic.ql @@ -15,6 +15,7 @@ import cpp import semmle.code.cpp.commons.Buffer +import semmle.code.cpp.ir.dataflow.DataFlow import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis import LoopBounds diff --git a/cpp/ql/src/Likely Bugs/Conversion/CastArrayPointerArithmetic.ql b/cpp/ql/src/Likely Bugs/Conversion/CastArrayPointerArithmetic.ql index 9a012775831..6301b0c8a9a 100644 --- a/cpp/ql/src/Likely Bugs/Conversion/CastArrayPointerArithmetic.ql +++ b/cpp/ql/src/Likely Bugs/Conversion/CastArrayPointerArithmetic.ql @@ -17,7 +17,7 @@ */ import cpp -import semmle.code.cpp.dataflow.DataFlow +import semmle.code.cpp.ir.dataflow.DataFlow import DataFlow::PathGraph Type getFullyConvertedType(DataFlow::Node node) { diff --git a/cpp/ql/src/Likely Bugs/Conversion/LossyFunctionResultCast.ql b/cpp/ql/src/Likely Bugs/Conversion/LossyFunctionResultCast.ql index ff775ae6110..906aa3da61e 100644 --- a/cpp/ql/src/Likely Bugs/Conversion/LossyFunctionResultCast.ql +++ b/cpp/ql/src/Likely Bugs/Conversion/LossyFunctionResultCast.ql @@ -10,7 +10,7 @@ */ import cpp -import semmle.code.cpp.dataflow.DataFlow +import semmle.code.cpp.ir.dataflow.DataFlow predicate whitelist(Function f) { f.getName() = diff --git a/cpp/ql/src/Likely Bugs/Format/NonConstantFormat.ql b/cpp/ql/src/Likely Bugs/Format/NonConstantFormat.ql index 050ea9db4d9..a385524fc38 100644 --- a/cpp/ql/src/Likely Bugs/Format/NonConstantFormat.ql +++ b/cpp/ql/src/Likely Bugs/Format/NonConstantFormat.ql @@ -15,7 +15,7 @@ * external/cwe/cwe-134 */ -import semmle.code.cpp.dataflow.TaintTracking +import semmle.code.cpp.ir.dataflow.TaintTracking import semmle.code.cpp.commons.Printf // For the following `...gettext` functions, we assume that diff --git a/cpp/ql/src/Likely Bugs/Leap Year/LeapYear.qll b/cpp/ql/src/Likely Bugs/Leap Year/LeapYear.qll index c758b956695..45a0710b8f4 100644 --- a/cpp/ql/src/Likely Bugs/Leap Year/LeapYear.qll +++ b/cpp/ql/src/Likely Bugs/Leap Year/LeapYear.qll @@ -3,7 +3,7 @@ */ import cpp -import semmle.code.cpp.dataflow.TaintTracking +import semmle.code.cpp.ir.dataflow.TaintTracking import semmle.code.cpp.commons.DateTime /** diff --git a/cpp/ql/src/Likely Bugs/Likely Typos/UsingStrcpyAsBoolean.ql b/cpp/ql/src/Likely Bugs/Likely Typos/UsingStrcpyAsBoolean.ql index 8770d249497..3e7cdbe43b9 100644 --- a/cpp/ql/src/Likely Bugs/Likely Typos/UsingStrcpyAsBoolean.ql +++ b/cpp/ql/src/Likely Bugs/Likely Typos/UsingStrcpyAsBoolean.ql @@ -12,7 +12,7 @@ import cpp import semmle.code.cpp.models.implementations.Strcpy -import semmle.code.cpp.dataflow.DataFlow +import semmle.code.cpp.ir.dataflow.DataFlow /** * A string copy function that returns a string, rather than an error code (for diff --git a/cpp/ql/src/Likely Bugs/Likely Typos/inconsistentLoopDirection.ql b/cpp/ql/src/Likely Bugs/Likely Typos/inconsistentLoopDirection.ql index ec6585a7b81..958d7aa3c55 100644 --- a/cpp/ql/src/Likely Bugs/Likely Typos/inconsistentLoopDirection.ql +++ b/cpp/ql/src/Likely Bugs/Likely Typos/inconsistentLoopDirection.ql @@ -12,7 +12,7 @@ import cpp import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis -import semmle.code.cpp.dataflow.DataFlow +import semmle.code.cpp.ir.dataflow.DataFlow /** * A `for` statement whose update is a crement operation on a variable. diff --git a/cpp/ql/src/Likely Bugs/Memory Management/AllocaInLoop.ql b/cpp/ql/src/Likely Bugs/Memory Management/AllocaInLoop.ql index 2ad96f995d7..e08f2a2a4c1 100644 --- a/cpp/ql/src/Likely Bugs/Memory Management/AllocaInLoop.ql +++ b/cpp/ql/src/Likely Bugs/Memory Management/AllocaInLoop.ql @@ -14,7 +14,7 @@ import cpp import semmle.code.cpp.rangeanalysis.RangeAnalysisUtils -import semmle.code.cpp.dataflow.DataFlow +import semmle.code.cpp.ir.dataflow.DataFlow /** Gets a loop that contains `e`. */ Loop getAnEnclosingLoopOfExpr(Expr e) { result = getAnEnclosingLoopOfStmt(e.getEnclosingStmt()) } diff --git a/cpp/ql/src/Likely Bugs/Memory Management/NtohlArrayNoBound.qll b/cpp/ql/src/Likely Bugs/Memory Management/NtohlArrayNoBound.qll index be780789fd5..c772aff233d 100644 --- a/cpp/ql/src/Likely Bugs/Memory Management/NtohlArrayNoBound.qll +++ b/cpp/ql/src/Likely Bugs/Memory Management/NtohlArrayNoBound.qll @@ -1,5 +1,5 @@ import cpp -import semmle.code.cpp.dataflow.DataFlow +import semmle.code.cpp.ir.dataflow.DataFlow import semmle.code.cpp.controlflow.Guards import semmle.code.cpp.valuenumbering.GlobalValueNumbering diff --git a/cpp/ql/src/Likely Bugs/Memory Management/ReturnCstrOfLocalStdString.ql b/cpp/ql/src/Likely Bugs/Memory Management/ReturnCstrOfLocalStdString.ql index 2de21eb8d65..feca6558ef6 100644 --- a/cpp/ql/src/Likely Bugs/Memory Management/ReturnCstrOfLocalStdString.ql +++ b/cpp/ql/src/Likely Bugs/Memory Management/ReturnCstrOfLocalStdString.ql @@ -14,7 +14,7 @@ import cpp import semmle.code.cpp.controlflow.SSA -import semmle.code.cpp.dataflow.DataFlow +import semmle.code.cpp.ir.dataflow.DataFlow /** The `std::string` class. */ class StdString extends Class { diff --git a/cpp/ql/src/Security/CWE/CWE-020/ExternalAPIsSpecific.qll b/cpp/ql/src/Security/CWE/CWE-020/ExternalAPIsSpecific.qll index db236b510b9..b2df197872c 100644 --- a/cpp/ql/src/Security/CWE/CWE-020/ExternalAPIsSpecific.qll +++ b/cpp/ql/src/Security/CWE/CWE-020/ExternalAPIsSpecific.qll @@ -2,7 +2,7 @@ * Provides AST-specific definitions for use in the `ExternalAPI` library. */ -import semmle.code.cpp.dataflow.TaintTracking +import semmle.code.cpp.ir.dataflow.TaintTracking import semmle.code.cpp.models.interfaces.FlowSource import semmle.code.cpp.models.interfaces.DataFlow import SafeExternalAPIFunction diff --git a/cpp/ql/src/Security/CWE/CWE-020/UntrustedDataToExternalAPI.ql b/cpp/ql/src/Security/CWE/CWE-020/UntrustedDataToExternalAPI.ql index 01067425190..f7c6a190a5b 100644 --- a/cpp/ql/src/Security/CWE/CWE-020/UntrustedDataToExternalAPI.ql +++ b/cpp/ql/src/Security/CWE/CWE-020/UntrustedDataToExternalAPI.ql @@ -10,7 +10,7 @@ */ import cpp -import semmle.code.cpp.dataflow.TaintTracking +import semmle.code.cpp.ir.dataflow.TaintTracking import ExternalAPIs import DataFlow::PathGraph diff --git a/cpp/ql/src/Security/CWE/CWE-131/NoSpaceForZeroTerminator.ql b/cpp/ql/src/Security/CWE/CWE-131/NoSpaceForZeroTerminator.ql index 8632bdee3ef..8e817cfafa5 100644 --- a/cpp/ql/src/Security/CWE/CWE-131/NoSpaceForZeroTerminator.ql +++ b/cpp/ql/src/Security/CWE/CWE-131/NoSpaceForZeroTerminator.ql @@ -16,7 +16,7 @@ */ import cpp -import semmle.code.cpp.dataflow.DataFlow +import semmle.code.cpp.ir.dataflow.DataFlow import semmle.code.cpp.models.interfaces.ArrayFunction import semmle.code.cpp.models.interfaces.Allocation import semmle.code.cpp.commons.NullTermination diff --git a/cpp/ql/src/Security/CWE/CWE-191/UnsignedDifferenceExpressionComparedZero.ql b/cpp/ql/src/Security/CWE/CWE-191/UnsignedDifferenceExpressionComparedZero.ql index fec9431ce29..5f7d88e9a71 100644 --- a/cpp/ql/src/Security/CWE/CWE-191/UnsignedDifferenceExpressionComparedZero.ql +++ b/cpp/ql/src/Security/CWE/CWE-191/UnsignedDifferenceExpressionComparedZero.ql @@ -16,7 +16,7 @@ import semmle.code.cpp.commons.Exclusions import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis import semmle.code.cpp.rangeanalysis.RangeAnalysisUtils import semmle.code.cpp.controlflow.Guards -import semmle.code.cpp.dataflow.DataFlow +import semmle.code.cpp.ir.dataflow.DataFlow /** * Holds if `sub` is guarded by a condition which ensures that diff --git a/cpp/ql/src/Security/CWE/CWE-295/SSLResultConflation.ql b/cpp/ql/src/Security/CWE/CWE-295/SSLResultConflation.ql index 0d706affd0b..3ed64eb573e 100644 --- a/cpp/ql/src/Security/CWE/CWE-295/SSLResultConflation.ql +++ b/cpp/ql/src/Security/CWE/CWE-295/SSLResultConflation.ql @@ -12,7 +12,7 @@ import cpp import semmle.code.cpp.controlflow.Guards -import semmle.code.cpp.dataflow.DataFlow +import semmle.code.cpp.ir.dataflow.DataFlow /** * A call to `SSL_get_verify_result`. diff --git a/cpp/ql/src/Security/CWE/CWE-311/CleartextFileWrite.ql b/cpp/ql/src/Security/CWE/CWE-311/CleartextFileWrite.ql index 0e3ec3bf998..03fc425d46b 100644 --- a/cpp/ql/src/Security/CWE/CWE-311/CleartextFileWrite.ql +++ b/cpp/ql/src/Security/CWE/CWE-311/CleartextFileWrite.ql @@ -15,9 +15,9 @@ import cpp import semmle.code.cpp.security.SensitiveExprs import semmle.code.cpp.security.FileWrite -import semmle.code.cpp.dataflow.DataFlow +import semmle.code.cpp.ir.dataflow.DataFlow import semmle.code.cpp.valuenumbering.GlobalValueNumbering -import semmle.code.cpp.dataflow.TaintTracking +import semmle.code.cpp.ir.dataflow.TaintTracking import DataFlow::PathGraph /** diff --git a/cpp/ql/src/Security/CWE/CWE-311/CleartextTransmission.ql b/cpp/ql/src/Security/CWE/CWE-311/CleartextTransmission.ql index 2181740f4a3..5a5bf526335 100644 --- a/cpp/ql/src/Security/CWE/CWE-311/CleartextTransmission.ql +++ b/cpp/ql/src/Security/CWE/CWE-311/CleartextTransmission.ql @@ -15,9 +15,9 @@ import cpp import semmle.code.cpp.security.SensitiveExprs import semmle.code.cpp.security.PrivateData -import semmle.code.cpp.dataflow.TaintTracking -import semmle.code.cpp.dataflow.TaintTracking2 -import semmle.code.cpp.dataflow.TaintTracking3 +import semmle.code.cpp.ir.dataflow.TaintTracking +import semmle.code.cpp.ir.dataflow.TaintTracking2 +import semmle.code.cpp.ir.dataflow.TaintTracking3 import semmle.code.cpp.models.interfaces.FlowSource import semmle.code.cpp.commons.File import DataFlow::PathGraph diff --git a/cpp/ql/src/Security/CWE/CWE-313/CleartextSqliteDatabase.ql b/cpp/ql/src/Security/CWE/CWE-313/CleartextSqliteDatabase.ql index 36106b16c9f..29cdaa2c749 100644 --- a/cpp/ql/src/Security/CWE/CWE-313/CleartextSqliteDatabase.ql +++ b/cpp/ql/src/Security/CWE/CWE-313/CleartextSqliteDatabase.ql @@ -13,7 +13,7 @@ import cpp import semmle.code.cpp.security.SensitiveExprs -import semmle.code.cpp.dataflow.TaintTracking +import semmle.code.cpp.ir.dataflow.TaintTracking import DataFlow::PathGraph class SqliteFunctionCall extends FunctionCall { diff --git a/cpp/ql/src/Security/CWE/CWE-319/UseOfHttp.ql b/cpp/ql/src/Security/CWE/CWE-319/UseOfHttp.ql index 240f07589f3..a602f22d4fe 100644 --- a/cpp/ql/src/Security/CWE/CWE-319/UseOfHttp.ql +++ b/cpp/ql/src/Security/CWE/CWE-319/UseOfHttp.ql @@ -12,7 +12,7 @@ */ import cpp -import semmle.code.cpp.dataflow.TaintTracking +import semmle.code.cpp.ir.dataflow.TaintTracking import semmle.code.cpp.valuenumbering.GlobalValueNumbering import DataFlow::PathGraph diff --git a/cpp/ql/src/Security/CWE/CWE-428/UnsafeCreateProcessCall.ql b/cpp/ql/src/Security/CWE/CWE-428/UnsafeCreateProcessCall.ql index f575b359ddf..0f66b877830 100644 --- a/cpp/ql/src/Security/CWE/CWE-428/UnsafeCreateProcessCall.ql +++ b/cpp/ql/src/Security/CWE/CWE-428/UnsafeCreateProcessCall.ql @@ -12,8 +12,8 @@ */ import cpp -import semmle.code.cpp.dataflow.DataFlow -import semmle.code.cpp.dataflow.DataFlow2 +import semmle.code.cpp.ir.dataflow.DataFlow +import semmle.code.cpp.ir.dataflow.DataFlow2 predicate isCreateProcessFunction(FunctionCall call, int applicationNameIndex, int commandLineIndex) { call.getTarget().hasGlobalName("CreateProcessA") and diff --git a/cpp/ql/src/Security/CWE/CWE-732/UnsafeDaclSecurityDescriptor.ql b/cpp/ql/src/Security/CWE/CWE-732/UnsafeDaclSecurityDescriptor.ql index d6cac657978..4cba2506441 100644 --- a/cpp/ql/src/Security/CWE/CWE-732/UnsafeDaclSecurityDescriptor.ql +++ b/cpp/ql/src/Security/CWE/CWE-732/UnsafeDaclSecurityDescriptor.ql @@ -14,8 +14,8 @@ */ import cpp -import semmle.code.cpp.dataflow.DataFlow -import semmle.code.cpp.dataflow.DataFlow2 +import semmle.code.cpp.ir.dataflow.DataFlow +import semmle.code.cpp.ir.dataflow.DataFlow2 /** * A function call to SetSecurityDescriptorDacl to set the ACL, specified by (2nd argument) bDaclPresent = TRUE diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-020/NoCheckBeforeUnsafePutUser.ql b/cpp/ql/src/experimental/Security/CWE/CWE-020/NoCheckBeforeUnsafePutUser.ql index 8a93e93476e..0be612e4e60 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-020/NoCheckBeforeUnsafePutUser.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-020/NoCheckBeforeUnsafePutUser.ql @@ -16,7 +16,7 @@ */ import cpp -import semmle.code.cpp.dataflow.DataFlow +import semmle.code.cpp.ir.dataflow.DataFlow /** * A Linux system call. diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-190/AllocMultiplicationOverflow.ql b/cpp/ql/src/experimental/Security/CWE/CWE-190/AllocMultiplicationOverflow.ql index 7de48c0d1e1..15e18c1255c 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-190/AllocMultiplicationOverflow.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-190/AllocMultiplicationOverflow.ql @@ -14,7 +14,7 @@ import cpp import semmle.code.cpp.models.interfaces.Allocation -import semmle.code.cpp.dataflow.DataFlow +import semmle.code.cpp.ir.dataflow.DataFlow import DataFlow::PathGraph class MultToAllocConfig extends DataFlow::Configuration { diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-285/PamAuthorization.ql b/cpp/ql/src/experimental/Security/CWE/CWE-285/PamAuthorization.ql index 59c4a68c92a..d605aa5e066 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-285/PamAuthorization.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-285/PamAuthorization.ql @@ -10,7 +10,7 @@ */ import cpp -import semmle.code.cpp.dataflow.DataFlow +import semmle.code.cpp.ir.dataflow.DataFlow import semmle.code.cpp.valuenumbering.GlobalValueNumbering private class PamAuthCall extends FunctionCall { diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-787/UnsignedToSignedPointerArith.ql b/cpp/ql/src/experimental/Security/CWE/CWE-787/UnsignedToSignedPointerArith.ql index 8cc1a1ec497..d0a362564b0 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-787/UnsignedToSignedPointerArith.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-787/UnsignedToSignedPointerArith.ql @@ -11,7 +11,7 @@ */ import cpp -import semmle.code.cpp.dataflow.DataFlow +import semmle.code.cpp.ir.dataflow.DataFlow import semmle.code.cpp.security.Overflow from FunctionCall call, Function f, Parameter p, DataFlow::Node sink, PointerArithmeticOperation pao diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-788/AccessOfMemoryLocationAfterEndOfBufferUsingStrlen.ql b/cpp/ql/src/experimental/Security/CWE/CWE-788/AccessOfMemoryLocationAfterEndOfBufferUsingStrlen.ql index 083d7b1a669..cfb60d7ca90 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-788/AccessOfMemoryLocationAfterEndOfBufferUsingStrlen.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-788/AccessOfMemoryLocationAfterEndOfBufferUsingStrlen.ql @@ -14,7 +14,7 @@ import cpp import semmle.code.cpp.valuenumbering.GlobalValueNumbering -import semmle.code.cpp.dataflow.DataFlow +import semmle.code.cpp.ir.dataflow.DataFlow from StrlenCall fc, AssignExpr expr, ArrayExpr exprarr where diff --git a/cpp/ql/test/TestUtilities/dataflow/FlowTestCommon.qll b/cpp/ql/test/TestUtilities/dataflow/FlowTestCommon.qll index 228ed95c4c8..c765ba89a00 100644 --- a/cpp/ql/test/TestUtilities/dataflow/FlowTestCommon.qll +++ b/cpp/ql/test/TestUtilities/dataflow/FlowTestCommon.qll @@ -13,7 +13,7 @@ import cpp private import semmle.code.cpp.ir.dataflow.DataFlow::DataFlow as IRDataFlow -private import semmle.code.cpp.dataflow.old.DataFlow::DataFlow as AstDataFlow +private import semmle.code.cpp.dataflow.DataFlow::DataFlow as AstDataFlow import TestUtilities.InlineExpectationsTest class IRFlowTest extends InlineExpectationsTest { diff --git a/cpp/ql/test/library-tests/dataflow/additional-flow-to-parameter/standardFlow.ql b/cpp/ql/test/library-tests/dataflow/additional-flow-to-parameter/standardFlow.ql index 58bbec1c780..1699cfdf3ed 100644 --- a/cpp/ql/test/library-tests/dataflow/additional-flow-to-parameter/standardFlow.ql +++ b/cpp/ql/test/library-tests/dataflow/additional-flow-to-parameter/standardFlow.ql @@ -1,5 +1,5 @@ import cpp -import semmle.code.cpp.dataflow.DataFlow +import semmle.code.cpp.ir.dataflow.DataFlow class TestConfig extends DataFlow::Configuration { TestConfig() { this = "TestConfig" } diff --git a/cpp/ql/test/library-tests/dataflow/additional-flow-to-parameter/withAdditionalFlow.ql b/cpp/ql/test/library-tests/dataflow/additional-flow-to-parameter/withAdditionalFlow.ql index a1ad99aeef0..040bdfc03dd 100644 --- a/cpp/ql/test/library-tests/dataflow/additional-flow-to-parameter/withAdditionalFlow.ql +++ b/cpp/ql/test/library-tests/dataflow/additional-flow-to-parameter/withAdditionalFlow.ql @@ -1,5 +1,5 @@ import cpp -import semmle.code.cpp.dataflow.DataFlow +import semmle.code.cpp.ir.dataflow.DataFlow class TestConfig extends DataFlow::Configuration { TestConfig() { this = "TestConfig" } diff --git a/cpp/ql/test/library-tests/dataflow/dataflow-edge-tests/additionalEdges.ql b/cpp/ql/test/library-tests/dataflow/dataflow-edge-tests/additionalEdges.ql index 6cf55c8f7f0..f83648c4267 100644 --- a/cpp/ql/test/library-tests/dataflow/dataflow-edge-tests/additionalEdges.ql +++ b/cpp/ql/test/library-tests/dataflow/dataflow-edge-tests/additionalEdges.ql @@ -1,5 +1,5 @@ import cpp -import semmle.code.cpp.dataflow.old.DataFlow +import semmle.code.cpp.dataflow.DataFlow class EdgeToExcept extends AdditionalControlFlowEdge { EdgeToExcept() { diff --git a/cpp/ql/test/library-tests/dataflow/dataflow-edge-tests/standardEdges.ql b/cpp/ql/test/library-tests/dataflow/dataflow-edge-tests/standardEdges.ql index a28a42eb51e..18edccf8e8e 100644 --- a/cpp/ql/test/library-tests/dataflow/dataflow-edge-tests/standardEdges.ql +++ b/cpp/ql/test/library-tests/dataflow/dataflow-edge-tests/standardEdges.ql @@ -1,5 +1,5 @@ import cpp -import semmle.code.cpp.dataflow.old.DataFlow +import semmle.code.cpp.dataflow.DataFlow from DataFlow::Node nodeFrom, DataFlow::Node nodeTo where DataFlow::localFlowStep(nodeFrom, nodeTo) diff --git a/cpp/ql/test/library-tests/dataflow/dataflow-tests/dataflow-consistency.ql b/cpp/ql/test/library-tests/dataflow/dataflow-tests/dataflow-consistency.ql index 8be64837905..4304a961abe 100644 --- a/cpp/ql/test/library-tests/dataflow/dataflow-tests/dataflow-consistency.ql +++ b/cpp/ql/test/library-tests/dataflow/dataflow-tests/dataflow-consistency.ql @@ -1 +1 @@ -import semmle.code.cpp.dataflow.old.internal.DataFlowImplConsistency::Consistency +import semmle.code.cpp.dataflow.internal.DataFlowImplConsistency::Consistency diff --git a/cpp/ql/test/library-tests/dataflow/dataflow-tests/localFlow.ql b/cpp/ql/test/library-tests/dataflow/dataflow-tests/localFlow.ql index 8ab434049a5..b052bb51151 100644 --- a/cpp/ql/test/library-tests/dataflow/dataflow-tests/localFlow.ql +++ b/cpp/ql/test/library-tests/dataflow/dataflow-tests/localFlow.ql @@ -1,5 +1,5 @@ import cpp -import semmle.code.cpp.dataflow.old.DataFlow +import semmle.code.cpp.dataflow.DataFlow from DataFlow::Node nodeFrom, DataFlow::Node nodeTo where diff --git a/cpp/ql/test/library-tests/dataflow/dataflow-tests/test-number-of-outnodes.ql b/cpp/ql/test/library-tests/dataflow/dataflow-tests/test-number-of-outnodes.ql index dbaf015630c..5fd92ba6fe2 100644 --- a/cpp/ql/test/library-tests/dataflow/dataflow-tests/test-number-of-outnodes.ql +++ b/cpp/ql/test/library-tests/dataflow/dataflow-tests/test-number-of-outnodes.ql @@ -2,8 +2,8 @@ import TestUtilities.InlineExpectationsTest import cpp module AstTest { - private import semmle.code.cpp.dataflow.old.DataFlow::DataFlow - private import semmle.code.cpp.dataflow.old.internal.DataFlowPrivate + private import semmle.code.cpp.dataflow.DataFlow::DataFlow + private import semmle.code.cpp.dataflow.internal.DataFlowPrivate class ASTMultipleOutNodesTest extends InlineExpectationsTest { ASTMultipleOutNodesTest() { this = "ASTMultipleOutNodesTest" } diff --git a/cpp/ql/test/library-tests/dataflow/dataflow-tests/test.ql b/cpp/ql/test/library-tests/dataflow/dataflow-tests/test.ql index 2b7927a3a15..8c3e0f53e41 100644 --- a/cpp/ql/test/library-tests/dataflow/dataflow-tests/test.ql +++ b/cpp/ql/test/library-tests/dataflow/dataflow-tests/test.ql @@ -1,7 +1,7 @@ import TestUtilities.dataflow.FlowTestCommon module AstTest { - private import semmle.code.cpp.dataflow.old.DataFlow + private import semmle.code.cpp.dataflow.DataFlow private import semmle.code.cpp.controlflow.Guards /** diff --git a/cpp/ql/test/library-tests/dataflow/dataflow-tests/uninitialized.ql b/cpp/ql/test/library-tests/dataflow/dataflow-tests/uninitialized.ql index 07c034715dc..71de17cbcf1 100644 --- a/cpp/ql/test/library-tests/dataflow/dataflow-tests/uninitialized.ql +++ b/cpp/ql/test/library-tests/dataflow/dataflow-tests/uninitialized.ql @@ -1,4 +1,4 @@ -import semmle.code.cpp.dataflow.old.internal.FlowVar +import semmle.code.cpp.dataflow.internal.FlowVar from Variable var, VariableAccess va where FlowVar_internal::mayBeUsedUninitialized(var, va) diff --git a/cpp/ql/test/library-tests/dataflow/fields/ASTConfiguration.qll b/cpp/ql/test/library-tests/dataflow/fields/ASTConfiguration.qll index a5c65b6e0b2..39d6cff3492 100644 --- a/cpp/ql/test/library-tests/dataflow/fields/ASTConfiguration.qll +++ b/cpp/ql/test/library-tests/dataflow/fields/ASTConfiguration.qll @@ -1,4 +1,4 @@ -private import semmle.code.cpp.dataflow.old.DataFlow +private import semmle.code.cpp.dataflow.DataFlow private import DataFlow class AstConf extends Configuration { diff --git a/cpp/ql/test/library-tests/dataflow/fields/Nodes.qll b/cpp/ql/test/library-tests/dataflow/fields/Nodes.qll index fb7338e63fe..2c3186b3dfa 100644 --- a/cpp/ql/test/library-tests/dataflow/fields/Nodes.qll +++ b/cpp/ql/test/library-tests/dataflow/fields/Nodes.qll @@ -1,5 +1,5 @@ private import semmle.code.cpp.ir.dataflow.DataFlow as IR -private import semmle.code.cpp.dataflow.old.DataFlow as AST +private import semmle.code.cpp.dataflow.DataFlow as AST private import cpp private newtype TNode = diff --git a/cpp/ql/test/library-tests/dataflow/fields/dataflow-consistency.ql b/cpp/ql/test/library-tests/dataflow/fields/dataflow-consistency.ql index 8be64837905..4304a961abe 100644 --- a/cpp/ql/test/library-tests/dataflow/fields/dataflow-consistency.ql +++ b/cpp/ql/test/library-tests/dataflow/fields/dataflow-consistency.ql @@ -1 +1 @@ -import semmle.code.cpp.dataflow.old.internal.DataFlowImplConsistency::Consistency +import semmle.code.cpp.dataflow.internal.DataFlowImplConsistency::Consistency diff --git a/cpp/ql/test/library-tests/dataflow/fields/partial-definition-diff.ql b/cpp/ql/test/library-tests/dataflow/fields/partial-definition-diff.ql index 218ef05a19a..3baba1a02ff 100644 --- a/cpp/ql/test/library-tests/dataflow/fields/partial-definition-diff.ql +++ b/cpp/ql/test/library-tests/dataflow/fields/partial-definition-diff.ql @@ -4,7 +4,7 @@ import cpp import semmle.code.cpp.ir.dataflow.DataFlow::DataFlow as IR -import semmle.code.cpp.dataflow.old.DataFlow::DataFlow as AST +import semmle.code.cpp.dataflow.DataFlow::DataFlow as AST import Nodes class AstPartialDefNode extends AstNode { diff --git a/cpp/ql/test/library-tests/dataflow/fields/partial-definition.ql b/cpp/ql/test/library-tests/dataflow/fields/partial-definition.ql index f552bd767aa..8acd1f3e5fe 100644 --- a/cpp/ql/test/library-tests/dataflow/fields/partial-definition.ql +++ b/cpp/ql/test/library-tests/dataflow/fields/partial-definition.ql @@ -3,6 +3,6 @@ */ import cpp -import semmle.code.cpp.dataflow.old.DataFlow::DataFlow +import semmle.code.cpp.dataflow.DataFlow::DataFlow select any(Node n).asPartialDefinition() diff --git a/cpp/ql/test/library-tests/dataflow/fields/path-flow.ql b/cpp/ql/test/library-tests/dataflow/fields/path-flow.ql index d78898beff7..7456e114712 100644 --- a/cpp/ql/test/library-tests/dataflow/fields/path-flow.ql +++ b/cpp/ql/test/library-tests/dataflow/fields/path-flow.ql @@ -2,7 +2,7 @@ * @kind path-problem */ -import semmle.code.cpp.dataflow.old.DataFlow +import semmle.code.cpp.dataflow.DataFlow import ASTConfiguration import DataFlow::PathGraph diff --git a/cpp/ql/test/library-tests/dataflow/partialdefinitions/partialdefinitions.ql b/cpp/ql/test/library-tests/dataflow/partialdefinitions/partialdefinitions.ql index b01ce0d42ae..0fa8c99fde1 100644 --- a/cpp/ql/test/library-tests/dataflow/partialdefinitions/partialdefinitions.ql +++ b/cpp/ql/test/library-tests/dataflow/partialdefinitions/partialdefinitions.ql @@ -1,4 +1,4 @@ -import semmle.code.cpp.dataflow.old.internal.FlowVar +import semmle.code.cpp.dataflow.internal.FlowVar from PartialDefinition def select def.getActualLocation().toString(), "partial def of " + def.toString(), def, diff --git a/cpp/ql/test/library-tests/dataflow/recursion/chained_use.ql b/cpp/ql/test/library-tests/dataflow/recursion/chained_use.ql index fb94b0144b0..f72965eb785 100644 --- a/cpp/ql/test/library-tests/dataflow/recursion/chained_use.ql +++ b/cpp/ql/test/library-tests/dataflow/recursion/chained_use.ql @@ -1,11 +1,10 @@ import cpp -import semmle.code.cpp.dataflow.DataFlow -import semmle.code.cpp.dataflow.DataFlow2 -import semmle.code.cpp.dataflow.DataFlow3 -import semmle.code.cpp.dataflow.DataFlow4 -import semmle.code.cpp.dataflow.TaintTracking -import semmle.code.cpp.dataflow.TaintTracking2 -import semmle.code.cpp.dataflow.RecursionPrevention +import semmle.code.cpp.ir.dataflow.DataFlow +import semmle.code.cpp.ir.dataflow.DataFlow2 +import semmle.code.cpp.ir.dataflow.DataFlow3 +import semmle.code.cpp.ir.dataflow.DataFlow4 +import semmle.code.cpp.ir.dataflow.TaintTracking +import semmle.code.cpp.ir.dataflow.TaintTracking2 class TestConf1 extends DataFlow::Configuration { TestConf1() { this = "TestConf1" } diff --git a/cpp/ql/test/library-tests/dataflow/smart-pointers-taint/taint.ql b/cpp/ql/test/library-tests/dataflow/smart-pointers-taint/taint.ql index 3936b775b2e..d16552d983d 100644 --- a/cpp/ql/test/library-tests/dataflow/smart-pointers-taint/taint.ql +++ b/cpp/ql/test/library-tests/dataflow/smart-pointers-taint/taint.ql @@ -1,7 +1,7 @@ import TestUtilities.dataflow.FlowTestCommon module AstTest { - private import semmle.code.cpp.dataflow.old.TaintTracking + private import semmle.code.cpp.dataflow.TaintTracking class AstSmartPointerTaintConfig extends TaintTracking::Configuration { AstSmartPointerTaintConfig() { this = "ASTSmartPointerTaintConfig" } diff --git a/cpp/ql/test/library-tests/dataflow/taint-tests/localTaint.ql b/cpp/ql/test/library-tests/dataflow/taint-tests/localTaint.ql index 526bf6aa4d2..3e9aabe5190 100644 --- a/cpp/ql/test/library-tests/dataflow/taint-tests/localTaint.ql +++ b/cpp/ql/test/library-tests/dataflow/taint-tests/localTaint.ql @@ -1,5 +1,5 @@ import cpp -import semmle.code.cpp.dataflow.old.TaintTracking +import semmle.code.cpp.dataflow.TaintTracking from DataFlow::Node nodeFrom, DataFlow::Node nodeTo, string msg where diff --git a/cpp/ql/test/library-tests/dataflow/taint-tests/taint.ql b/cpp/ql/test/library-tests/dataflow/taint-tests/taint.ql index 4060235bc7e..9aad42032d5 100644 --- a/cpp/ql/test/library-tests/dataflow/taint-tests/taint.ql +++ b/cpp/ql/test/library-tests/dataflow/taint-tests/taint.ql @@ -39,7 +39,7 @@ module TaintModels { } module AstTest { - private import semmle.code.cpp.dataflow.old.TaintTracking + private import semmle.code.cpp.dataflow.TaintTracking private import semmle.code.cpp.models.interfaces.Taint /** Common data flow configuration to be used by tests. */ diff --git a/cpp/ql/test/library-tests/dataflow/variable/noInit.ql b/cpp/ql/test/library-tests/dataflow/variable/noInit.ql index 07c034715dc..71de17cbcf1 100644 --- a/cpp/ql/test/library-tests/dataflow/variable/noInit.ql +++ b/cpp/ql/test/library-tests/dataflow/variable/noInit.ql @@ -1,4 +1,4 @@ -import semmle.code.cpp.dataflow.old.internal.FlowVar +import semmle.code.cpp.dataflow.internal.FlowVar from Variable var, VariableAccess va where FlowVar_internal::mayBeUsedUninitialized(var, va) diff --git a/cpp/ql/test/library-tests/syntax-zoo/dataflow-consistency.ql b/cpp/ql/test/library-tests/syntax-zoo/dataflow-consistency.ql index 8be64837905..4304a961abe 100644 --- a/cpp/ql/test/library-tests/syntax-zoo/dataflow-consistency.ql +++ b/cpp/ql/test/library-tests/syntax-zoo/dataflow-consistency.ql @@ -1 +1 @@ -import semmle.code.cpp.dataflow.old.internal.DataFlowImplConsistency::Consistency +import semmle.code.cpp.dataflow.internal.DataFlowImplConsistency::Consistency From 1a83b712a00d0a0f8602531e77c54354c45962d4 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Fri, 10 Feb 2023 15:27:49 +0100 Subject: [PATCH 2/2] C++: Add change note --- .../2023-02-10-buffer-and-nill-termination-dataflow.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 cpp/ql/lib/change-notes/2023-02-10-buffer-and-nill-termination-dataflow.md diff --git a/cpp/ql/lib/change-notes/2023-02-10-buffer-and-nill-termination-dataflow.md b/cpp/ql/lib/change-notes/2023-02-10-buffer-and-nill-termination-dataflow.md new file mode 100644 index 00000000000..adc00f952f9 --- /dev/null +++ b/cpp/ql/lib/change-notes/2023-02-10-buffer-and-nill-termination-dataflow.md @@ -0,0 +1,4 @@ +--- +category: breaking +--- +* The `semmle.code.cpp.commons.Buffer` and `semmle.code.cpp.commons.NullTermination` libraries no longer expose `semmle.code.cpp.dataflow.DataFlow`. Please import `semmle.code.cpp.dataflow.DataFlow` directly.