From 57a0c7a1ab5effb94f3b36514c8fa0465afabd82 Mon Sep 17 00:00:00 2001 From: Joe Farebrother Date: Mon, 2 Jun 2025 14:33:52 +0100 Subject: [PATCH 001/111] Performance fix - Use basic blocks instead of full cfg reachability. --- .../Resources/FileNotAlwaysClosedQuery.qll | 46 ++++++++++++------- .../FileNotAlwaysClosed/resources_test.py | 9 +++- 2 files changed, 37 insertions(+), 18 deletions(-) diff --git a/python/ql/src/Resources/FileNotAlwaysClosedQuery.qll b/python/ql/src/Resources/FileNotAlwaysClosedQuery.qll index af31ec6ea4f..e1ac5c25605 100644 --- a/python/ql/src/Resources/FileNotAlwaysClosedQuery.qll +++ b/python/ql/src/Resources/FileNotAlwaysClosedQuery.qll @@ -50,29 +50,32 @@ class FileWrapperCall extends DataFlow::CallCfgNode { /** A node where a file is closed. */ abstract class FileClose extends DataFlow::CfgNode { - /** Holds if this file close will occur if an exception is thrown at `raises`. */ + /** Holds if this file close will occur if an exception is raised at `raises`. */ predicate guardsExceptions(DataFlow::CfgNode raises) { - cfgGetASuccessorStar(raises.asCfgNode().getAnExceptionalSuccessor(), this.asCfgNode()) + // The close call occurs after an exception edge in the cfg (a catch or finally) + bbReachableRefl(raises.asCfgNode().getBasicBlock().getAnExceptionalSuccessor(), + this.asCfgNode().getBasicBlock()) or - // The expression is after the close call. - // This also covers the body of a `with` statement. - cfgGetASuccessorStar(this.asCfgNode(), raises.asCfgNode()) + // The exception is after the close call. + // A full cfg reachability check is not in general feasible for performance, so we approximate it with: + // - A basic block reachability check (here) that works if the expression and close call are in different basic blocks + // - A check (in the `WithStatement` override of `gaurdsExceptions`) for the case where the exception call + // is lexically contained in the body of a `with` statement that closes the file. + // This may cause FPs in a case such as: + // f.close() + // f.write("...") + // We presume this to not be very common. + bbReachableStrict(this.asCfgNode().getBasicBlock(), raises.asCfgNode().getBasicBlock()) } } -private predicate cfgGetASuccessor(ControlFlowNode src, ControlFlowNode sink) { - sink = src.getASuccessor() -} +private predicate bbSuccessor(BasicBlock src, BasicBlock sink) { sink = src.getASuccessor() } -pragma[inline] -private predicate cfgGetASuccessorPlus(ControlFlowNode src, ControlFlowNode sink) = - fastTC(cfgGetASuccessor/2)(src, sink) +private predicate bbReachableStrict(BasicBlock src, BasicBlock sink) = + fastTC(bbSuccessor/2)(src, sink) -pragma[inline] -private predicate cfgGetASuccessorStar(ControlFlowNode src, ControlFlowNode sink) { - src = sink - or - cfgGetASuccessorPlus(src, sink) +private predicate bbReachableRefl(BasicBlock src, BasicBlock sink) { + bbReachableStrict(src, sink) or src = sink } /** A call to the `.close()` method of a file object. */ @@ -87,7 +90,16 @@ class OsCloseCall extends FileClose { /** A `with` statement. */ class WithStatement extends FileClose { - WithStatement() { this.asExpr() = any(With w).getContextExpr() } + With w; + + WithStatement() { this.asExpr() = w.getContextExpr() } + + override predicate guardsExceptions(DataFlow::CfgNode raises) { + super.guardsExceptions(raises) + or + // Check whether the exception is raised in the body of the with statement. + raises.asExpr().getParent*() = w.getBody().getAnItem() + } } /** Holds if an exception may be raised at `raises` if `file` is a file object. */ diff --git a/python/ql/test/query-tests/Resources/FileNotAlwaysClosed/resources_test.py b/python/ql/test/query-tests/Resources/FileNotAlwaysClosed/resources_test.py index 598d54c892c..244c6f73c13 100644 --- a/python/ql/test/query-tests/Resources/FileNotAlwaysClosed/resources_test.py +++ b/python/ql/test/query-tests/Resources/FileNotAlwaysClosed/resources_test.py @@ -277,4 +277,11 @@ def closed28(path): try: f28.write("hi") finally: - f28.close() \ No newline at end of file + f28.close() + +def closed29(path): + # Due to an approximation in CFG reachability for performance, it is not detected that the `write` call that may raise occurs after the file has already been closed. + # We presume this case to be uncommon. + f28 = open(path) # $SPURIOUS:notClosedOnException + f28.close() + f28.write("already closed") \ No newline at end of file From 38072c78632a7136365fc6b40262eec961d838e3 Mon Sep 17 00:00:00 2001 From: Joe Farebrother Date: Mon, 2 Jun 2025 16:42:27 +0100 Subject: [PATCH 002/111] Fix typo Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- python/ql/src/Resources/FileNotAlwaysClosedQuery.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/python/ql/src/Resources/FileNotAlwaysClosedQuery.qll b/python/ql/src/Resources/FileNotAlwaysClosedQuery.qll index e1ac5c25605..0122344d370 100644 --- a/python/ql/src/Resources/FileNotAlwaysClosedQuery.qll +++ b/python/ql/src/Resources/FileNotAlwaysClosedQuery.qll @@ -59,7 +59,7 @@ abstract class FileClose extends DataFlow::CfgNode { // The exception is after the close call. // A full cfg reachability check is not in general feasible for performance, so we approximate it with: // - A basic block reachability check (here) that works if the expression and close call are in different basic blocks - // - A check (in the `WithStatement` override of `gaurdsExceptions`) for the case where the exception call + // - A check (in the `WithStatement` override of `guardsExceptions`) for the case where the exception call // is lexically contained in the body of a `with` statement that closes the file. // This may cause FPs in a case such as: // f.close() From da4fbfb4496492e830626217ab809176004e3992 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Fri, 30 May 2025 14:59:19 +0100 Subject: [PATCH 003/111] Rust: Placeholder new query. --- .../security/CWE-825/AccessAfterLifetime.ql | 19 +++++++++++++++++++ .../CWE-825/AccessAfterLifetime.expected | 10 ++++++++++ .../CWE-825/AccessAfterLifetime.qlref | 4 ++++ 3 files changed, 33 insertions(+) create mode 100644 rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql create mode 100644 rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected create mode 100644 rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.qlref diff --git a/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql b/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql new file mode 100644 index 00000000000..b2530e93fe0 --- /dev/null +++ b/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql @@ -0,0 +1,19 @@ +/** + * @name Access of a pointer after its lifetime has ended + * @description Dereferencing a pointer after the lifetime of its target has ended + * causes undefined behavior and may result in memory corruption. + * @kind path-problem + * @problem.severity error + * @security-severity TODO + * @precision high + * @id rust/access-after-lifetime-ended + * @tags reliability + * security + * external/cwe/cwe-825 + */ + +import rust + +from int n +where none() +select n diff --git a/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected b/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected new file mode 100644 index 00000000000..302f403e7cf --- /dev/null +++ b/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected @@ -0,0 +1,10 @@ +#select +testFailures +| deallocation.rs:20:36:20:54 | //... | Missing result: Source=dealloc | +| deallocation.rs:70:47:70:71 | //... | Missing result: Source=dealloc_array | +| deallocation.rs:112:44:112:59 | //... | Missing result: Source=free | +| deallocation.rs:123:45:123:64 | //... | Missing result: Source=dangling | +| deallocation.rs:124:47:124:70 | //... | Missing result: Source=dangling_mut | +| deallocation.rs:125:41:125:56 | //... | Missing result: Source=null | +| deallocation.rs:176:32:176:56 | //... | Missing result: Source=drop_in_place | +| deallocation.rs:242:33:242:57 | //... | Missing result: Source=drop_in_place | diff --git a/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.qlref b/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.qlref new file mode 100644 index 00000000000..d9249badc00 --- /dev/null +++ b/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.qlref @@ -0,0 +1,4 @@ +query: queries/security/CWE-825/AccessAfterLifetime.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql From 8e8374b9bcb55cce3fba289d1e22c605e8cac60e Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Fri, 30 May 2025 15:28:11 +0100 Subject: [PATCH 004/111] Rust: Label source annotations in the test properly. --- .../CWE-825/AccessAfterLifetime.expected | 10 --------- .../security/CWE-825/deallocation.rs | 22 +++++++++---------- 2 files changed, 11 insertions(+), 21 deletions(-) diff --git a/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected b/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected index 302f403e7cf..e69de29bb2d 100644 --- a/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected +++ b/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected @@ -1,10 +0,0 @@ -#select -testFailures -| deallocation.rs:20:36:20:54 | //... | Missing result: Source=dealloc | -| deallocation.rs:70:47:70:71 | //... | Missing result: Source=dealloc_array | -| deallocation.rs:112:44:112:59 | //... | Missing result: Source=free | -| deallocation.rs:123:45:123:64 | //... | Missing result: Source=dangling | -| deallocation.rs:124:47:124:70 | //... | Missing result: Source=dangling_mut | -| deallocation.rs:125:41:125:56 | //... | Missing result: Source=null | -| deallocation.rs:176:32:176:56 | //... | Missing result: Source=drop_in_place | -| deallocation.rs:242:33:242:57 | //... | Missing result: Source=drop_in_place | diff --git a/rust/ql/test/query-tests/security/CWE-825/deallocation.rs b/rust/ql/test/query-tests/security/CWE-825/deallocation.rs index 361f938e02c..6024ccd4871 100644 --- a/rust/ql/test/query-tests/security/CWE-825/deallocation.rs +++ b/rust/ql/test/query-tests/security/CWE-825/deallocation.rs @@ -17,7 +17,7 @@ pub fn test_alloc(mode: i32) { println!(" v3 = {v3}"); println!(" v4 = {v4}"); - std::alloc::dealloc(m1, layout); // $ Source=dealloc + std::alloc::dealloc(m1, layout); // $ Source[rust/access-invalid-pointer]=dealloc // (m1, m2 are now dangling) match mode { @@ -67,7 +67,7 @@ pub fn test_alloc_array(mode: i32) { println!(" v1 = {v1}"); println!(" v2 = {v2}"); - std::alloc::dealloc(m2 as *mut u8, layout); // $ Source=dealloc_array + std::alloc::dealloc(m2 as *mut u8, layout); // $ Source[rust/access-invalid-pointer]=dealloc_array // m1, m2 are now dangling match mode { @@ -109,7 +109,7 @@ pub fn test_libc() { let v1 = *my_ptr; // GOOD println!(" v1 = {v1}"); - libc::free(my_ptr as *mut libc::c_void); // $ Source=free + libc::free(my_ptr as *mut libc::c_void); // $ Source[rust/access-invalid-pointer]=free // (my_ptr is now dangling) let v2 = *my_ptr; // $ Alert[rust/access-invalid-pointer]=free @@ -120,9 +120,9 @@ pub fn test_libc() { // --- std::ptr --- pub fn test_ptr_invalid(mode: i32) { - let p1: *const i64 = std::ptr::dangling(); // $ Source=dangling - let p2: *mut i64 = std::ptr::dangling_mut(); // $ Source=dangling_mut - let p3: *const i64 = std::ptr::null(); // $ Source=null + let p1: *const i64 = std::ptr::dangling(); // $ Source[rust/access-invalid-pointer]=dangling + let p2: *mut i64 = std::ptr::dangling_mut(); // $ Source[rust/access-invalid-pointer]=dangling_mut + let p3: *const i64 = std::ptr::null(); // $ Source[rust/access-invalid-pointer]=null if mode == 120 { unsafe { @@ -173,7 +173,7 @@ pub fn test_ptr_drop(mode: i32) { println!(" v1 = {v1}"); println!(" v2 = {v2}"); - std::ptr::drop_in_place(p1); // $ Source=drop_in_place + std::ptr::drop_in_place(p1); // $ Source[rust/access-invalid-pointer]=drop_in_place // explicitly destructs the pointed-to `m2` if mode == 1 { @@ -212,7 +212,7 @@ impl Drop for MyDropBuffer { unsafe { _ = *self.ptr; - drop(*self.ptr); // $ MISSING: Source=drop + drop(*self.ptr); // $ MISSING: Source[rust/access-invalid-pointer]=drop _ = *self.ptr; // $ MISSING: Alert[rust/access-invalid-pointer]=drop std::alloc::dealloc(self.ptr, layout); } @@ -239,7 +239,7 @@ fn test_qhelp_example_good(ptr: *mut String) { fn test_qhelp_example_bad(ptr: *mut String) { unsafe { - std::ptr::drop_in_place(ptr); // $ Source=drop_in_place + std::ptr::drop_in_place(ptr); // $ Source[rust/access-invalid-pointer]=drop_in_place } // ... @@ -280,7 +280,7 @@ pub fn test_vec_reserve() { println!(" v1 = {}", v1); } - vec1.reserve(1000); // $ MISSING: Source=reserve + vec1.reserve(1000); // $ MISSING: Source[rust/access-invalid-pointer]=reserve // (may invalidate the pointer) unsafe { @@ -300,7 +300,7 @@ pub fn test_vec_reserve() { } for _i in 0..1000 { - vec2.push(0); // $ MISSING: Source=push + vec2.push(0); // $ MISSING: Source[rust/access-invalid-pointer]=push // (may invalidate the pointer) } From 43cb98ad157423aed5d73090ed6a8dad01089d9d Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Fri, 30 May 2025 16:12:31 +0100 Subject: [PATCH 005/111] Rust: Fix some warnings in the existing test. --- rust/ql/test/query-tests/security/CWE-825/deallocation.rs | 4 ++-- rust/ql/test/query-tests/security/CWE-825/lifetime.rs | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/rust/ql/test/query-tests/security/CWE-825/deallocation.rs b/rust/ql/test/query-tests/security/CWE-825/deallocation.rs index 6024ccd4871..89ef0470e99 100644 --- a/rust/ql/test/query-tests/security/CWE-825/deallocation.rs +++ b/rust/ql/test/query-tests/security/CWE-825/deallocation.rs @@ -29,8 +29,8 @@ pub fn test_alloc(mode: i32) { println!(" v6 = {v6} (!)"); // corrupt in practice // test repeat reads (we don't want lots of very similar results for the same dealloc) - let v5b = *m1; - let v5c = *m1; + let _v5b = *m1; + let _v5c = *m1; }, 100 => { // more reads diff --git a/rust/ql/test/query-tests/security/CWE-825/lifetime.rs b/rust/ql/test/query-tests/security/CWE-825/lifetime.rs index d7fd8204993..3d1cb78b20d 100644 --- a/rust/ql/test/query-tests/security/CWE-825/lifetime.rs +++ b/rust/ql/test/query-tests/security/CWE-825/lifetime.rs @@ -96,7 +96,7 @@ fn use_pointers(p1: *const i64, p2: *mut i64, mode: i32) { use_the_stack(); unsafe { - if (mode == 0) { + if mode == 0 { // reads let v1 = *p1; // GOOD let v2 = *p2; // GOOD @@ -105,7 +105,7 @@ fn use_pointers(p1: *const i64, p2: *mut i64, mode: i32) { println!(" v2 = {v2}"); println!(" v3 = {v3}"); } - if (mode == 200) { + if mode == 200 { // writes *p2 = 2; // GOOD } @@ -142,14 +142,14 @@ pub fn test_static(mode: i32) { use_the_stack(); unsafe { - if (mode == 0) { + if mode == 0 { // reads let v1 = *p1; // GOOD let v2 = *p2; // GOOD println!(" v1 = {v1}"); println!(" v2 = {v2}"); } - if (mode == 210) { + if mode == 210 { // writes *p2 = 3; // GOOD } From ae19ecc674b16e7636a38d632ef7e99d2c21d4b4 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Fri, 30 May 2025 16:04:35 +0100 Subject: [PATCH 006/111] Rust: Add test cases involving lifetimes + closures and async blocks. --- .../query-tests/security/CWE-825/lifetime.rs | 90 +++++++++++++++++++ .../test/query-tests/security/CWE-825/main.rs | 6 ++ .../query-tests/security/CWE-825/options.yml | 1 + 3 files changed, 97 insertions(+) diff --git a/rust/ql/test/query-tests/security/CWE-825/lifetime.rs b/rust/ql/test/query-tests/security/CWE-825/lifetime.rs index 3d1cb78b20d..d98c7ef8e9d 100644 --- a/rust/ql/test/query-tests/security/CWE-825/lifetime.rs +++ b/rust/ql/test/query-tests/security/CWE-825/lifetime.rs @@ -441,3 +441,93 @@ pub fn test_rc() { // note: simialar things are likely possible with Ref, RefMut, RefCell, // Vec and others. } + +// --- closures --- + +fn get_closure(p3: *const i64, p4: *const i64) -> impl FnOnce() { + let my_local1: i64 = 1; + let my_local2: i64 = 2; + let p1: *const i64 = &my_local1; + + return move || { // captures `my_local2`, `p1`, `p3`, `p4` by value (due to `move`) + let p2: *const i64 = &my_local2; + + unsafe { + let v1 = *p1; // $ MISSING: Alert + let v2 = *p2; // GOOD + let v3 = *p3; // GOOD + let v4 = *p4; // $ MISSING: Alert + println!(" v1 = {v1} (!)"); // corrupt in practice + println!(" v2 = {v2}"); + println!(" v3 = {v3}"); + println!(" v4 = {v4} (!)"); + } + }; +} // (`my_local1` goes out of scope, thus `p1` is dangling) + +fn with_closure(ptr: *const i64, closure: fn(*const i64, *const i64)) { + let my_local5: i64 = 5; + + closure(ptr, + &my_local5); +} + +pub fn test_closures() { + let closure; + let my_local3: i64 = 3; + { + let my_local4: i64 = 4; + closure = get_closure( &my_local3, + &my_local4); + } // (`my_local4` goes out of scope, so `p4` is dangling) + + use_the_stack(); + + closure(); + + with_closure(&my_local3, |p1, p2| { + unsafe { + let v5 = *p1; // GOOD + let v6 = *p2; // GOOD + println!(" v5 = {v5}"); + println!(" v6 = {v6}"); + } + }); +} + +// --- async --- + +fn get_async_closure(p3: *const i64, p4: *const i64) -> impl std::future::Future { + let my_local1: i64 = 1; + let my_local2: i64 = 2; + let p1: *const i64 = &my_local1; + + return async move { // captures `my_local2`, `p1`, `p3`, `p4` by value (due to `move`) + let p2: *const i64 = &my_local2; + + unsafe { + let v1 = *p1; // $ MISSING: Alert + let v2 = *p2; // GOOD + let v3 = *p3; // GOOD + let v4 = *p4; // $ MISSING: Alert + println!(" v1 = {v1} (!)"); // corrupt in practice + println!(" v2 = {v2}"); + println!(" v3 = {v3}"); + println!(" v4 = {v4} (!)"); + } + }; +} // (`my_local1` goes out of scope, thus `p1` is dangling) + +pub fn test_async() { + let async_closure; + let my_local3: i64 = 3; + { + let my_local4: i64 = 4; + async_closure = get_async_closure(&my_local3, + &my_local4); + } // (`my_local4` goes out of scope, so `p4` is dangling) + + use_the_stack(); + + futures::executor::block_on(async_closure); +} diff --git a/rust/ql/test/query-tests/security/CWE-825/main.rs b/rust/ql/test/query-tests/security/CWE-825/main.rs index ec135011f70..81f6161f70c 100644 --- a/rust/ql/test/query-tests/security/CWE-825/main.rs +++ b/rust/ql/test/query-tests/security/CWE-825/main.rs @@ -165,4 +165,10 @@ fn main() { println!("test_rc:"); test_rc(); + + println!("test_closures:"); + test_closures(); + + println!("test_async:"); + test_async(); } diff --git a/rust/ql/test/query-tests/security/CWE-825/options.yml b/rust/ql/test/query-tests/security/CWE-825/options.yml index 95a17a53b43..90a51f61a43 100644 --- a/rust/ql/test/query-tests/security/CWE-825/options.yml +++ b/rust/ql/test/query-tests/security/CWE-825/options.yml @@ -1,3 +1,4 @@ qltest_cargo_check: true qltest_dependencies: - libc = { version = "0.2.11" } + - futures = { version = "0.3" } From e2fb1d3892f6e60c8ba4a3c66c420b8768e0810f Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Fri, 30 May 2025 17:50:08 +0100 Subject: [PATCH 007/111] Rust: Add test cases involving lifetimes + lifetime annotations. --- .../query-tests/security/CWE-825/lifetime.rs | 49 +++++++++++++++++++ .../test/query-tests/security/CWE-825/main.rs | 3 ++ 2 files changed, 52 insertions(+) diff --git a/rust/ql/test/query-tests/security/CWE-825/lifetime.rs b/rust/ql/test/query-tests/security/CWE-825/lifetime.rs index d98c7ef8e9d..ddf8badd350 100644 --- a/rust/ql/test/query-tests/security/CWE-825/lifetime.rs +++ b/rust/ql/test/query-tests/security/CWE-825/lifetime.rs @@ -531,3 +531,52 @@ pub fn test_async() { futures::executor::block_on(async_closure); } + +// --- lifetime annotations --- + +fn select_str<'a>(cond: bool, a: &'a str, b: &'a str) -> &'a str { + if cond { a } else { b } +} + +struct MyRefStr<'a> { + ref_str: &'a str, +} + +pub fn test_lifetime_annotations() { + let str1: *const str; + { + let foo = String::from("foo"); + let bar = String::from("bar"); + str1 = select_str(true, foo.as_str(), bar.as_str()); + + unsafe { + let v1 = &*str1; // GOOD + println!(" v1 = {v1}"); + } + } // (`foo`, `bar` go out of scope, the return value of `select_str` has the same lifetime, thus `str1` is dangling) + + unsafe { + let v2 = &*str1; // $ MISSING: Alert + println!(" v2 = {v2} (!)"); // corrupt in practice + } + + let my_ref; + let str2: *const str; + { + let baz = String::from("baz"); + my_ref = MyRefStr { ref_str: baz.as_str() }; + str2 = &*my_ref.ref_str; + + unsafe { + let v3 = &*str2; // GOOD + println!(" v3 = {v3}"); + } + } // (`baz` goes out of scope, `ref_str` has the same lifetime, thus `str2` is dangling) + + use_the_stack(); + + unsafe { + let v4 = &*str2; // $ MISSING: Alert + println!(" v4 = {v4} (!)"); // corrupt in practice + } +} diff --git a/rust/ql/test/query-tests/security/CWE-825/main.rs b/rust/ql/test/query-tests/security/CWE-825/main.rs index 81f6161f70c..a3493497bec 100644 --- a/rust/ql/test/query-tests/security/CWE-825/main.rs +++ b/rust/ql/test/query-tests/security/CWE-825/main.rs @@ -171,4 +171,7 @@ fn main() { println!("test_async:"); test_async(); + + println!("test_lifetime_annotations:"); + test_lifetime_annotations(); } From 66c1e2caceb801c8eb19993ecc3e269048bcdffc Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Mon, 2 Jun 2025 23:10:39 +0100 Subject: [PATCH 008/111] Rust: Add test cases for implicit dereferences and more pointer/enum mixes (inspired by early real world results). --- .../query-tests/security/CWE-825/lifetime.rs | 132 +++++++++++++++--- .../test/query-tests/security/CWE-825/main.rs | 10 +- 2 files changed, 118 insertions(+), 24 deletions(-) diff --git a/rust/ql/test/query-tests/security/CWE-825/lifetime.rs b/rust/ql/test/query-tests/security/CWE-825/lifetime.rs index ddf8badd350..3dc74b97830 100644 --- a/rust/ql/test/query-tests/security/CWE-825/lifetime.rs +++ b/rust/ql/test/query-tests/security/CWE-825/lifetime.rs @@ -257,41 +257,103 @@ pub fn test_loop() { } } -// --- enum --- +// --- enums --- enum MyEnum { Value(i64), } -impl Drop for MyEnum { - fn drop(&mut self) { - println!(" drop MyEnum"); - } +enum MyEnum2 { + Pointer(*const i64), } -pub fn test_enum() { +pub fn get_pointer_to_enum() -> *const MyEnum { + let e1 = MyEnum::Value(1); + let result: *const MyEnum = &e1; // $ MISSING: Source[rust/access-after-lifetime-ended]=e1 + + result +} // (e1 goes out of scope, so result is dangling) + +pub fn get_pointer_in_enum() -> MyEnum2 { + let v2 = 2; + let e2 = MyEnum2::Pointer(&v2); // $ MISSING: Source[rust/access-after-lifetime-ended]=v2 + + e2 +} // (v2 goes out of scope, so the contained pointer is dangling) + +pub fn get_pointer_from_enum() -> *const i64 { + let e3 = MyEnum::Value(3); let result: *const i64; - { - let e1 = MyEnum::Value(1); - - result = match e1 { - MyEnum::Value(x) => { &x } - }; // (x goes out of scope, so result is dangling, I think; seen in real world code) - - use_the_stack(); - - unsafe { - let v1 = *result; // $ MISSING: Alert - println!(" v1 = {v1}"); - } - } // (e1 goes out of scope, so result is definitely dangling now) + result = match e3 { + MyEnum::Value(x) => { &x } // $ MISSING: Source[rust/access-after-lifetime-ended]=match_x + }; // (x goes out of scope, so result is possibly dangling already) use_the_stack(); unsafe { - let v2 = *result; // $ MISSING: Alert - println!(" v2 = {v2}"); // dropped in practice + let v0 = *result; // ? + println!(" v0 = {v0} (?)"); + } + + result +} // (e3 goes out of scope, so result is definitely dangling now) + +pub fn test_enums() { + let e1 = get_pointer_to_enum(); + let e2 = get_pointer_in_enum(); + let result = get_pointer_from_enum(); + + use_the_stack(); + + unsafe { + if let MyEnum::Value(v1) = *e1 { // $ MISSING: Alert[rust/access-after-lifetime-ended]=e1 + println!(" v1 = {v1} (!)"); // corrupt in practice + } + if let MyEnum2::Pointer(p2) = e2 { + let v2 = unsafe { *p2 }; // $ MISSING: Alert[rust/access-after-lifetime-ended]=v2 + println!(" v2 = {v2} (!)"); // corrupt in practice + } + let v3 = *result; // $ MISSING: Alert[rust/access-after-lifetime-ended]=match_x + println!(" v3 = {v3} (!)"); // corrupt in practice + } +} + +// --- recursive enum --- + +enum RecursiveEnum { + Wrapper(Box), + Pointer(*const i64), +} + +pub fn get_recursive_enum() -> Box { + let v1 = 1; + let enum1 = RecursiveEnum::Wrapper(Box::new(RecursiveEnum::Pointer(&v1))); // Source[rust/access-after-lifetime-ended]=v1 + let mut ref1 = &enum1; + + while let RecursiveEnum::Wrapper(inner) = ref1 { + println!(" wrapper"); + ref1 = &inner; + } + if let RecursiveEnum::Pointer(ptr) = ref1 { + let v2: i64 = unsafe { **ptr }; // GOOD + println!(" v2 = {v2}"); + } + + return Box::new(enum1); +} // (v1 goes out of scope, thus the contained pointer is dangling) + +pub fn test_recursive_enums() { + let enum1 = *get_recursive_enum(); + let mut ref1 = &enum1; + + while let RecursiveEnum::Wrapper(inner) = ref1 { + println!(" wrapper"); + ref1 = &inner; + } + if let RecursiveEnum::Pointer(ptr) = ref1 { + let v3: i64 = unsafe { **ptr }; // Alert[rust/access-after-lifetime-ended]=v1 + println!(" v3 = {v3} (!)"); // corrupt in practice } } @@ -580,3 +642,29 @@ pub fn test_lifetime_annotations() { println!(" v4 = {v4} (!)"); // corrupt in practice } } + +// --- implicit dereferences --- + +pub fn test_implicit_derefs() { + let ref1; + { + let str2; + { + let str1 = "bar"; + str2 = "foo".to_string() + &str1; // $ MISSING: Source[rust/access-after-lifetime-ended]=str1 + ref1 = &raw const str2; // $ MISSING: Source[rust/access-after-lifetime-ended]=str2 + } // (str1 goes out of scope, but it's been copied into str2) + + unsafe { + let v1 = &*ref1; // GOOD + println!(" v1 = {v1}"); + } + } // (str2 goes out of scope, thus ref1 is dangling) + + use_the_stack(); + + unsafe { + let v2 = &*ref1; // $ MISSING: Alert[rust/access-after-lifetime-ended]=str2 + println!(" v2 = {v2} (!)"); // corrupt in practice + } +} diff --git a/rust/ql/test/query-tests/security/CWE-825/main.rs b/rust/ql/test/query-tests/security/CWE-825/main.rs index a3493497bec..d2316fea79b 100644 --- a/rust/ql/test/query-tests/security/CWE-825/main.rs +++ b/rust/ql/test/query-tests/security/CWE-825/main.rs @@ -154,8 +154,11 @@ fn main() { println!("test_loop:"); test_loop(); - println!("test_enum:"); - test_enum(); + println!("test_enums:"); + test_enums(); + + println!("test_recursive_enums:"); + test_recursive_enums(); println!("test_ptr_to_struct:"); test_ptr_to_struct(mode); @@ -174,4 +177,7 @@ fn main() { println!("test_lifetime_annotations:"); test_lifetime_annotations(); + + println!("test_implicit_derefs:"); + test_implicit_derefs(); } From 96dc34e36d91bc7313af78a94b0ff3541797c153 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Thu, 5 Jun 2025 16:23:38 +0100 Subject: [PATCH 009/111] Rust: Even more test cases (inspired by real world results). --- .../query-tests/security/CWE-825/lifetime.rs | 57 ++++++++++++++++++- .../test/query-tests/security/CWE-825/main.rs | 6 ++ 2 files changed, 62 insertions(+), 1 deletion(-) diff --git a/rust/ql/test/query-tests/security/CWE-825/lifetime.rs b/rust/ql/test/query-tests/security/CWE-825/lifetime.rs index 3dc74b97830..25aedb5eb44 100644 --- a/rust/ql/test/query-tests/security/CWE-825/lifetime.rs +++ b/rust/ql/test/query-tests/security/CWE-825/lifetime.rs @@ -491,7 +491,7 @@ pub fn test_rc() { println!(" v3 = {v3}"); println!(" v4 = {v4}"); } - } // rc1 go out of scope, the reference count is 0, so p1, p2 are dangling + } // rc1 goes out of scope, the reference count is 0, so p1, p2 are dangling unsafe { let v5 = *p1; // $ MISSING: Alert @@ -668,3 +668,58 @@ pub fn test_implicit_derefs() { println!(" v2 = {v2} (!)"); // corrupt in practice } } + +// --- members --- + +struct MyType { + value: i64, +} + +impl MyType { + fn test(&self) { + let r1 = unsafe { + let v1 = &self; + &v1.value + }; + let (r2, r3) = unsafe { + let v2 = &self; + (&v2.value, + &self.value) + }; + + use_the_stack(); + + let v1 = *r1; + let v2 = *r2; + let v3 = *r3; + println!(" v1 = {v1}"); + println!(" v2 = {v2}"); + println!(" v3 = {v3}"); + } +} + +pub fn test_members() { + let mt = MyType { value: 1 }; + mt.test(); +} + +// --- macros --- + +macro_rules! my_macro { + () => { + let ptr: *const i64; + { + let val: i64 = 1; + ptr = &val; + } + + unsafe { + let v = *ptr; + println!(" v = {v}"); + } + }; +} + +pub fn test_macros() { + my_macro!(); +} diff --git a/rust/ql/test/query-tests/security/CWE-825/main.rs b/rust/ql/test/query-tests/security/CWE-825/main.rs index d2316fea79b..5450dcd6b20 100644 --- a/rust/ql/test/query-tests/security/CWE-825/main.rs +++ b/rust/ql/test/query-tests/security/CWE-825/main.rs @@ -180,4 +180,10 @@ fn main() { println!("test_implicit_derefs:"); test_implicit_derefs(); + + println!("test_members:"); + test_members(); + + println!("test_macros:"); + test_macros(); } From 526620ca41a413b171a9e21d0a5a760d1d4cd4e8 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Fri, 30 May 2025 18:34:39 +0100 Subject: [PATCH 010/111] Rust: Add some helper predicates for finding enclosing blocks. --- .../lib/codeql/rust/elements/internal/AstNodeImpl.qll | 11 +++++++++++ .../codeql/rust/elements/internal/VariableImpl.qll | 4 ++++ 2 files changed, 15 insertions(+) diff --git a/rust/ql/lib/codeql/rust/elements/internal/AstNodeImpl.qll b/rust/ql/lib/codeql/rust/elements/internal/AstNodeImpl.qll index b80da6d7084..163af5da899 100644 --- a/rust/ql/lib/codeql/rust/elements/internal/AstNodeImpl.qll +++ b/rust/ql/lib/codeql/rust/elements/internal/AstNodeImpl.qll @@ -59,6 +59,17 @@ module Impl { ) } + /** Gets the block that encloses this node, if any. */ + cached + BlockExpr getEnclosingBlock() { + exists(AstNode p | p = this.getParentNode() | + result = p + or + not p instanceof BlockExpr and + result = p.getEnclosingBlock() + ) + } + /** Holds if this node is inside a macro expansion. */ predicate isInMacroExpansion() { MacroCallImpl::isInMacroExpansion(_, this) } diff --git a/rust/ql/lib/codeql/rust/elements/internal/VariableImpl.qll b/rust/ql/lib/codeql/rust/elements/internal/VariableImpl.qll index 790186bf2c9..697672bbaf3 100644 --- a/rust/ql/lib/codeql/rust/elements/internal/VariableImpl.qll +++ b/rust/ql/lib/codeql/rust/elements/internal/VariableImpl.qll @@ -127,6 +127,10 @@ module Impl { */ Name getName() { variableDecl(definingNode, result, text) } + /** Gets the block that encloses this variable, if any. */ + cached + BlockExpr getEnclosingBlock() { result = definingNode.getEnclosingBlock() } + /** Gets the `self` parameter that declares this variable, if any. */ SelfParam getSelfParam() { result.getName() = this.getName() } From bf4ea02dd22a9628979d83ac19e4f4bd77f5e87c Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Fri, 30 May 2025 17:55:20 +0100 Subject: [PATCH 011/111] Rust: Implement the query. --- .../AccessAfterLifetimeExtensions.qll | 93 ++++ .../security/CWE-825/AccessAfterLifetime.ql | 32 +- .../CWE-825/AccessAfterLifetime.expected | 447 ++++++++++++++++++ .../query-tests/security/CWE-825/lifetime.rs | 107 ++--- 4 files changed, 623 insertions(+), 56 deletions(-) create mode 100644 rust/ql/lib/codeql/rust/security/AccessAfterLifetimeExtensions.qll diff --git a/rust/ql/lib/codeql/rust/security/AccessAfterLifetimeExtensions.qll b/rust/ql/lib/codeql/rust/security/AccessAfterLifetimeExtensions.qll new file mode 100644 index 00000000000..e2b0643d969 --- /dev/null +++ b/rust/ql/lib/codeql/rust/security/AccessAfterLifetimeExtensions.qll @@ -0,0 +1,93 @@ +/** + * Provides classes and predicates for reasoning about accesses to a pointer + * after its lifetime has ended. + */ + +import rust +private import codeql.rust.dataflow.DataFlow +private import codeql.rust.security.AccessInvalidPointerExtensions + +/** + * Provides default sources, sinks and barriers for detecting accesses to a + * pointer after its lifetime has ended, as well as extension points for + * adding your own. Note that a particular `(source, sink)` pair must be + * checked with `dereferenceAfterLifetime` to determine if it is a result. + */ +module AccessAfterLifetime { + /** + * A data flow source for accesses to a pointer after its lifetime has ended, + * that is, creation of a pointer or reference. + */ + abstract class Source extends DataFlow::Node { + /** + * Gets the value this pointer or reference points to. + */ + abstract Expr getTargetValue(); + } + + /** + * A data flow sink for accesses to a pointer after its lifetime has ended, + * that is, a dereference. We re-use the same sinks as for the accesses to + * invalid pointers query. + */ + class Sink = AccessInvalidPointer::Sink; + + /** + * A barrier for accesses to a pointer after its lifetime has ended. + */ + abstract class Barrier extends DataFlow::Node { } + + /** + * Holds if the pair `(source, sink)` that represents a flow from a + * pointer or reference to a dereference of that pointer or reference, + * and the dereference is outside the lifetime of the target value. + */ + bindingset[source, sink] + predicate dereferenceAfterLifetime(Source source, Sink sink) { + exists(BlockExpr valueScope, BlockExpr accessScope | + valueScope(source.getTargetValue(), valueScope) and + accessScope = sink.asExpr().getExpr().getEnclosingBlock() and + not maybeOnStack(valueScope, accessScope) + ) + } + + /** + * Holds if `value` accesses a variable with scope `scope`. + */ + private predicate valueScope(Expr value, BlockExpr scope) { + // variable access + scope = value.(VariableAccess).getVariable().getEnclosingBlock() + or + // field access + valueScope(value.(FieldExpr).getContainer(), scope) + } + + /** + * Holds if block `a` contains block `b`, in the sense that a variable in + * `a` may be on the stack during execution of `b`. This is interprocedural, + * but is an overapproximation that doesn't accurately track call contexts + * (for example if `f` and `g` both call `b`, then then depending on the + * caller a variable in `f` or `g` may or may-not be on the stack during `b`). + */ + private predicate maybeOnStack(BlockExpr a, BlockExpr b) { + // `b` is a child of `a` + a = b.getEnclosingBlock*() + or + // propagate through function calls + exists(CallExprBase ce | + maybeOnStack(a, ce.getEnclosingBlock()) and + ce.getStaticTarget() = b.getEnclosingCallable() + ) + } + + /** + * A source that is a `RefExpr`. + */ + private class RefExprSource extends Source { + Expr targetValue; + + RefExprSource() { this.asExpr().getExpr().(RefExpr).getExpr() = targetValue } + + override Expr getTargetValue() { result = targetValue } + } +} diff --git a/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql b/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql index b2530e93fe0..b49d8b59df3 100644 --- a/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql +++ b/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql @@ -13,7 +13,33 @@ */ import rust +import codeql.rust.dataflow.DataFlow +import codeql.rust.dataflow.TaintTracking +import codeql.rust.security.AccessAfterLifetimeExtensions +import AccessAfterLifetimeFlow::PathGraph -from int n -where none() -select n +/** + * A data flow configuration for detecting accesses to a pointer after its + * lifetime has ended. + */ +module AccessAfterLifetimeConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node node) { node instanceof AccessAfterLifetime::Source } + + predicate isSink(DataFlow::Node node) { node instanceof AccessAfterLifetime::Sink } + + predicate isBarrier(DataFlow::Node barrier) { barrier instanceof AccessAfterLifetime::Barrier } +} + +module AccessAfterLifetimeFlow = TaintTracking::Global; + +from + AccessAfterLifetimeFlow::PathNode sourceNode, AccessAfterLifetimeFlow::PathNode sinkNode, + Expr targetValue +where + // flow from a pointer or reference to the dereference + AccessAfterLifetimeFlow::flowPath(sourceNode, sinkNode) and + targetValue = sourceNode.getNode().(AccessAfterLifetime::Source).getTargetValue() and + // check that the dereference is outside the lifetime of the target + AccessAfterLifetime::dereferenceAfterLifetime(sourceNode.getNode(), sinkNode.getNode()) +select sinkNode.getNode(), sourceNode, sinkNode, + "Access of a pointer to $@ after it's lifetime has ended.", targetValue, targetValue.toString() diff --git a/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected b/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected index e69de29bb2d..9e12cf83794 100644 --- a/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected +++ b/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected @@ -0,0 +1,447 @@ +#select +| lifetime.rs:69:13:69:14 | p1 | lifetime.rs:21:9:21:18 | &my_local1 | lifetime.rs:69:13:69:14 | p1 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:21:10:21:18 | my_local1 | my_local1 | +| lifetime.rs:70:13:70:14 | p2 | lifetime.rs:27:9:27:22 | &mut my_local2 | lifetime.rs:70:13:70:14 | p2 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:27:14:27:22 | my_local2 | my_local2 | +| lifetime.rs:71:13:71:14 | p3 | lifetime.rs:33:9:33:28 | &raw const my_local3 | lifetime.rs:71:13:71:14 | p3 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:33:20:33:28 | my_local3 | my_local3 | +| lifetime.rs:72:13:72:14 | p4 | lifetime.rs:39:9:39:26 | &raw mut my_local4 | lifetime.rs:72:13:72:14 | p4 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:39:18:39:26 | my_local4 | my_local4 | +| lifetime.rs:74:13:74:14 | p6 | lifetime.rs:50:9:50:18 | &... | lifetime.rs:74:13:74:14 | p6 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:50:10:50:18 | val.value | val.value | +| lifetime.rs:75:13:75:14 | p7 | lifetime.rs:63:8:63:27 | &raw const my_local7 | lifetime.rs:75:13:75:14 | p7 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:63:19:63:27 | my_local7 | my_local7 | +| lifetime.rs:76:4:76:5 | p2 | lifetime.rs:27:9:27:22 | &mut my_local2 | lifetime.rs:76:4:76:5 | p2 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:27:14:27:22 | my_local2 | my_local2 | +| lifetime.rs:77:4:77:5 | p4 | lifetime.rs:39:9:39:26 | &raw mut my_local4 | lifetime.rs:77:4:77:5 | p4 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:39:18:39:26 | my_local4 | my_local4 | +| lifetime.rs:172:13:172:15 | ptr | lifetime.rs:187:12:187:21 | &my_local1 | lifetime.rs:172:13:172:15 | ptr | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:187:13:187:21 | my_local1 | my_local1 | +| lifetime.rs:255:14:255:17 | prev | lifetime.rs:251:10:251:19 | &my_local2 | lifetime.rs:255:14:255:17 | prev | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:251:11:251:19 | my_local2 | my_local2 | +| lifetime.rs:310:31:310:32 | e1 | lifetime.rs:272:30:272:32 | &e1 | lifetime.rs:310:31:310:32 | e1 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:272:31:272:32 | e1 | e1 | +| lifetime.rs:317:13:317:18 | result | lifetime.rs:289:25:289:26 | &x | lifetime.rs:317:13:317:18 | result | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:289:26:289:26 | x | x | +| lifetime.rs:411:16:411:17 | p1 | lifetime.rs:383:31:383:37 | &raw mut my_pair | lifetime.rs:411:16:411:17 | p1 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:383:31:383:37 | my_pair | my_pair | +| lifetime.rs:416:16:416:17 | p1 | lifetime.rs:383:31:383:37 | &raw mut my_pair | lifetime.rs:416:16:416:17 | p1 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:383:31:383:37 | my_pair | my_pair | +| lifetime.rs:428:7:428:8 | p1 | lifetime.rs:383:31:383:37 | &raw mut my_pair | lifetime.rs:428:7:428:8 | p1 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:383:31:383:37 | my_pair | my_pair | +| lifetime.rs:433:7:433:8 | p1 | lifetime.rs:383:31:383:37 | &raw mut my_pair | lifetime.rs:433:7:433:8 | p1 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:383:31:383:37 | my_pair | my_pair | +| lifetime.rs:459:13:459:14 | p1 | lifetime.rs:442:17:442:23 | &my_val | lifetime.rs:459:13:459:14 | p1 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:442:18:442:23 | my_val | my_val | +| lifetime.rs:460:13:460:31 | get_ptr_from_ref(...) | lifetime.rs:442:17:442:23 | &my_val | lifetime.rs:460:13:460:31 | get_ptr_from_ref(...) | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:442:18:442:23 | my_val | my_val | +| lifetime.rs:520:14:520:15 | p3 | lifetime.rs:542:26:542:35 | &my_local3 | lifetime.rs:520:14:520:15 | p3 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:542:27:542:35 | my_local3 | my_local3 | +| lifetime.rs:521:14:521:15 | p4 | lifetime.rs:543:4:543:13 | &my_local4 | lifetime.rs:521:14:521:15 | p4 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:543:5:543:13 | my_local4 | my_local4 | +| lifetime.rs:553:14:553:15 | p2 | lifetime.rs:534:3:534:12 | &my_local5 | lifetime.rs:553:14:553:15 | p2 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:534:4:534:12 | my_local5 | my_local5 | +| lifetime.rs:659:15:659:18 | ref1 | lifetime.rs:654:31:654:35 | &str1 | lifetime.rs:659:15:659:18 | ref1 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:654:32:654:35 | str1 | str1 | +| lifetime.rs:667:14:667:17 | ref1 | lifetime.rs:654:31:654:35 | &str1 | lifetime.rs:667:14:667:17 | ref1 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:654:32:654:35 | str1 | str1 | +| lifetime.rs:667:14:667:17 | ref1 | lifetime.rs:655:11:655:25 | &raw const str2 | lifetime.rs:667:14:667:17 | ref1 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:655:22:655:25 | str2 | str2 | +| lifetime.rs:692:13:692:14 | r1 | lifetime.rs:682:4:682:12 | &... | lifetime.rs:692:13:692:14 | r1 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:682:5:682:12 | v1.value | v1.value | +| lifetime.rs:693:13:693:14 | r2 | lifetime.rs:686:5:686:13 | &... | lifetime.rs:693:13:693:14 | r2 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:686:6:686:13 | v2.value | v2.value | +| lifetime.rs:725:2:725:12 | ptr | lifetime.rs:724:2:724:12 | &val | lifetime.rs:725:2:725:12 | ptr | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:724:2:724:12 | val | val | +edges +| deallocation.rs:148:6:148:7 | p1 | deallocation.rs:151:14:151:15 | p1 | provenance | | +| deallocation.rs:148:6:148:7 | p1 | deallocation.rs:158:14:158:15 | p1 | provenance | | +| deallocation.rs:148:30:148:38 | &raw const my_buffer | deallocation.rs:148:6:148:7 | p1 | provenance | | +| deallocation.rs:228:28:228:43 | ...: ... | deallocation.rs:230:18:230:20 | ptr | provenance | | +| deallocation.rs:240:27:240:42 | ...: ... | deallocation.rs:248:18:248:20 | ptr | provenance | | +| deallocation.rs:257:7:257:10 | ptr1 | deallocation.rs:260:4:260:7 | ptr1 | provenance | | +| deallocation.rs:257:7:257:10 | ptr1 | deallocation.rs:260:4:260:7 | ptr1 | provenance | | +| deallocation.rs:257:14:257:33 | &raw mut ... | deallocation.rs:257:7:257:10 | ptr1 | provenance | | +| deallocation.rs:258:7:258:10 | ptr2 | deallocation.rs:261:4:261:7 | ptr2 | provenance | | +| deallocation.rs:258:7:258:10 | ptr2 | deallocation.rs:261:4:261:7 | ptr2 | provenance | | +| deallocation.rs:258:14:258:33 | &raw mut ... | deallocation.rs:258:7:258:10 | ptr2 | provenance | | +| deallocation.rs:260:4:260:7 | ptr1 | deallocation.rs:263:27:263:30 | ptr1 | provenance | | +| deallocation.rs:261:4:261:7 | ptr2 | deallocation.rs:265:26:265:29 | ptr2 | provenance | | +| deallocation.rs:263:27:263:30 | ptr1 | deallocation.rs:228:28:228:43 | ...: ... | provenance | | +| deallocation.rs:265:26:265:29 | ptr2 | deallocation.rs:240:27:240:42 | ...: ... | provenance | | +| deallocation.rs:276:6:276:9 | ptr1 | deallocation.rs:279:13:279:16 | ptr1 | provenance | | +| deallocation.rs:276:6:276:9 | ptr1 | deallocation.rs:287:13:287:16 | ptr1 | provenance | | +| deallocation.rs:276:13:276:28 | &raw mut ... | deallocation.rs:276:6:276:9 | ptr1 | provenance | | +| deallocation.rs:295:6:295:9 | ptr2 | deallocation.rs:298:13:298:16 | ptr2 | provenance | | +| deallocation.rs:295:6:295:9 | ptr2 | deallocation.rs:308:13:308:16 | ptr2 | provenance | | +| deallocation.rs:295:13:295:28 | &raw mut ... | deallocation.rs:295:6:295:9 | ptr2 | provenance | | +| lifetime.rs:21:2:21:18 | return ... | lifetime.rs:54:11:54:30 | get_local_dangling(...) | provenance | | +| lifetime.rs:21:9:21:18 | &my_local1 | lifetime.rs:21:2:21:18 | return ... | provenance | | +| lifetime.rs:27:2:27:22 | return ... | lifetime.rs:55:11:55:34 | get_local_dangling_mut(...) | provenance | | +| lifetime.rs:27:9:27:22 | &mut my_local2 | lifetime.rs:27:2:27:22 | return ... | provenance | | +| lifetime.rs:33:2:33:28 | return ... | lifetime.rs:56:11:56:40 | get_local_dangling_raw_const(...) | provenance | | +| lifetime.rs:33:9:33:28 | &raw const my_local3 | lifetime.rs:33:2:33:28 | return ... | provenance | | +| lifetime.rs:39:2:39:26 | return ... | lifetime.rs:57:11:57:38 | get_local_dangling_raw_mut(...) | provenance | | +| lifetime.rs:39:9:39:26 | &raw mut my_local4 | lifetime.rs:39:2:39:26 | return ... | provenance | | +| lifetime.rs:43:2:43:15 | return ... | lifetime.rs:58:11:58:31 | get_param_dangling(...) | provenance | | +| lifetime.rs:43:9:43:15 | ¶m5 | lifetime.rs:43:2:43:15 | return ... | provenance | | +| lifetime.rs:50:2:50:18 | return ... | lifetime.rs:59:11:59:36 | get_local_field_dangling(...) | provenance | | +| lifetime.rs:50:9:50:18 | &... | lifetime.rs:50:2:50:18 | return ... | provenance | | +| lifetime.rs:54:6:54:7 | p1 | lifetime.rs:69:13:69:14 | p1 | provenance | | +| lifetime.rs:54:11:54:30 | get_local_dangling(...) | lifetime.rs:54:6:54:7 | p1 | provenance | | +| lifetime.rs:55:6:55:7 | p2 | lifetime.rs:70:13:70:14 | p2 | provenance | | +| lifetime.rs:55:6:55:7 | p2 | lifetime.rs:76:4:76:5 | p2 | provenance | | +| lifetime.rs:55:11:55:34 | get_local_dangling_mut(...) | lifetime.rs:55:6:55:7 | p2 | provenance | | +| lifetime.rs:56:6:56:7 | p3 | lifetime.rs:71:13:71:14 | p3 | provenance | | +| lifetime.rs:56:11:56:40 | get_local_dangling_raw_const(...) | lifetime.rs:56:6:56:7 | p3 | provenance | | +| lifetime.rs:57:6:57:7 | p4 | lifetime.rs:72:13:72:14 | p4 | provenance | | +| lifetime.rs:57:6:57:7 | p4 | lifetime.rs:77:4:77:5 | p4 | provenance | | +| lifetime.rs:57:11:57:38 | get_local_dangling_raw_mut(...) | lifetime.rs:57:6:57:7 | p4 | provenance | | +| lifetime.rs:58:6:58:7 | p5 | lifetime.rs:73:13:73:14 | p5 | provenance | | +| lifetime.rs:58:11:58:31 | get_param_dangling(...) | lifetime.rs:58:6:58:7 | p5 | provenance | | +| lifetime.rs:59:6:59:7 | p6 | lifetime.rs:74:13:74:14 | p6 | provenance | | +| lifetime.rs:59:11:59:36 | get_local_field_dangling(...) | lifetime.rs:59:6:59:7 | p6 | provenance | | +| lifetime.rs:63:3:63:4 | p7 | lifetime.rs:75:13:75:14 | p7 | provenance | | +| lifetime.rs:63:8:63:27 | &raw const my_local7 | lifetime.rs:63:3:63:4 | p7 | provenance | | +| lifetime.rs:91:17:91:30 | ...: ... | lifetime.rs:101:14:101:15 | p1 | provenance | | +| lifetime.rs:91:33:91:44 | ...: ... | lifetime.rs:102:14:102:15 | p2 | provenance | | +| lifetime.rs:91:33:91:44 | ...: ... | lifetime.rs:110:5:110:6 | p2 | provenance | | +| lifetime.rs:94:2:94:3 | p3 | lifetime.rs:103:14:103:15 | p3 | provenance | | +| lifetime.rs:94:7:94:16 | &my_local1 | lifetime.rs:94:2:94:3 | p3 | provenance | | +| lifetime.rs:119:15:119:24 | &my_local3 | lifetime.rs:91:17:91:30 | ...: ... | provenance | | +| lifetime.rs:119:27:119:44 | &mut my_local_mut4 | lifetime.rs:91:33:91:44 | ...: ... | provenance | | +| lifetime.rs:127:2:127:24 | return ... | lifetime.rs:139:11:139:21 | get_const(...) | provenance | | +| lifetime.rs:127:9:127:24 | &MY_GLOBAL_CONST | lifetime.rs:127:2:127:24 | return ... | provenance | | +| lifetime.rs:134:3:134:30 | return ... | lifetime.rs:140:11:140:26 | get_static_mut(...) | provenance | | +| lifetime.rs:134:10:134:30 | &mut MY_GLOBAL_STATIC | lifetime.rs:134:3:134:30 | return ... | provenance | | +| lifetime.rs:139:6:139:7 | p1 | lifetime.rs:147:14:147:15 | p1 | provenance | | +| lifetime.rs:139:11:139:21 | get_const(...) | lifetime.rs:139:6:139:7 | p1 | provenance | | +| lifetime.rs:140:6:140:7 | p2 | lifetime.rs:148:14:148:15 | p2 | provenance | | +| lifetime.rs:140:6:140:7 | p2 | lifetime.rs:154:5:154:6 | p2 | provenance | | +| lifetime.rs:140:11:140:26 | get_static_mut(...) | lifetime.rs:140:6:140:7 | p2 | provenance | | +| lifetime.rs:161:17:161:31 | ...: ... | lifetime.rs:164:13:164:15 | ptr | provenance | | +| lifetime.rs:169:17:169:31 | ...: ... | lifetime.rs:172:13:172:15 | ptr | provenance | | +| lifetime.rs:177:17:177:31 | ...: ... | lifetime.rs:180:13:180:15 | ptr | provenance | | +| lifetime.rs:187:6:187:8 | ptr | lifetime.rs:189:15:189:17 | ptr | provenance | | +| lifetime.rs:187:6:187:8 | ptr | lifetime.rs:190:15:190:17 | ptr | provenance | | +| lifetime.rs:187:6:187:8 | ptr | lifetime.rs:192:2:192:11 | return ptr | provenance | | +| lifetime.rs:187:12:187:21 | &my_local1 | lifetime.rs:187:6:187:8 | ptr | provenance | | +| lifetime.rs:189:15:189:17 | ptr | lifetime.rs:161:17:161:31 | ...: ... | provenance | | +| lifetime.rs:190:15:190:17 | ptr | lifetime.rs:177:17:177:31 | ...: ... | provenance | | +| lifetime.rs:192:2:192:11 | return ptr | lifetime.rs:196:12:196:36 | access_and_get_dangling(...) | provenance | | +| lifetime.rs:196:6:196:8 | ptr | lifetime.rs:200:15:200:17 | ptr | provenance | | +| lifetime.rs:196:6:196:8 | ptr | lifetime.rs:201:15:201:17 | ptr | provenance | | +| lifetime.rs:196:12:196:36 | access_and_get_dangling(...) | lifetime.rs:196:6:196:8 | ptr | provenance | | +| lifetime.rs:200:15:200:17 | ptr | lifetime.rs:169:17:169:31 | ...: ... | provenance | | +| lifetime.rs:201:15:201:17 | ptr | lifetime.rs:177:17:177:31 | ...: ... | provenance | | +| lifetime.rs:206:19:206:36 | ...: ... | lifetime.rs:216:16:216:21 | ptr_up | provenance | | +| lifetime.rs:208:6:208:13 | ptr_ours | lifetime.rs:211:33:211:40 | ptr_ours | provenance | | +| lifetime.rs:208:6:208:13 | ptr_ours | lifetime.rs:217:18:217:25 | ptr_ours | provenance | | +| lifetime.rs:208:6:208:13 | ptr_ours | lifetime.rs:225:2:225:16 | return ptr_ours | provenance | | +| lifetime.rs:208:17:208:29 | &my_local_rec | lifetime.rs:208:6:208:13 | ptr_ours | provenance | | +| lifetime.rs:211:7:211:14 | ptr_down | lifetime.rs:218:18:218:25 | ptr_down | provenance | | +| lifetime.rs:211:18:211:52 | access_ptr_rec(...) | lifetime.rs:211:7:211:14 | ptr_down | provenance | | +| lifetime.rs:211:33:211:40 | ptr_ours | lifetime.rs:206:19:206:36 | ...: ... | provenance | | +| lifetime.rs:225:2:225:16 | return ptr_ours | lifetime.rs:211:18:211:52 | access_ptr_rec(...) | provenance | | +| lifetime.rs:230:6:230:14 | ptr_start | lifetime.rs:232:21:232:29 | ptr_start | provenance | | +| lifetime.rs:230:18:230:31 | &my_local_rec2 | lifetime.rs:230:6:230:14 | ptr_start | provenance | | +| lifetime.rs:232:21:232:29 | ptr_start | lifetime.rs:206:19:206:36 | ...: ... | provenance | | +| lifetime.rs:239:6:239:13 | mut prev | lifetime.rs:247:15:247:18 | prev | provenance | | +| lifetime.rs:239:6:239:13 | mut prev | lifetime.rs:255:14:255:17 | prev | provenance | | +| lifetime.rs:239:34:239:43 | &my_local1 | lifetime.rs:239:6:239:13 | mut prev | provenance | | +| lifetime.rs:251:3:251:6 | prev | lifetime.rs:247:15:247:18 | prev | provenance | | +| lifetime.rs:251:3:251:6 | prev | lifetime.rs:255:14:255:17 | prev | provenance | | +| lifetime.rs:251:10:251:19 | &my_local2 | lifetime.rs:251:3:251:6 | prev | provenance | | +| lifetime.rs:270:47:275:1 | { ... } | lifetime.rs:303:11:303:31 | get_pointer_to_enum(...) | provenance | | +| lifetime.rs:272:6:272:11 | result | lifetime.rs:270:47:275:1 | { ... } | provenance | | +| lifetime.rs:272:30:272:32 | &e1 | lifetime.rs:272:6:272:11 | result | provenance | | +| lifetime.rs:284:46:300:1 | { ... } | lifetime.rs:305:15:305:37 | get_pointer_from_enum(...) | provenance | | +| lifetime.rs:288:2:288:7 | result | lifetime.rs:284:46:300:1 | { ... } | provenance | | +| lifetime.rs:288:2:288:7 | result | lifetime.rs:295:13:295:18 | result | provenance | | +| lifetime.rs:289:25:289:26 | &x | lifetime.rs:288:2:288:7 | result | provenance | | +| lifetime.rs:303:6:303:7 | e1 | lifetime.rs:310:31:310:32 | e1 | provenance | | +| lifetime.rs:303:11:303:31 | get_pointer_to_enum(...) | lifetime.rs:303:6:303:7 | e1 | provenance | | +| lifetime.rs:305:6:305:11 | result | lifetime.rs:317:13:317:18 | result | provenance | | +| lifetime.rs:305:15:305:37 | get_pointer_from_enum(...) | lifetime.rs:305:6:305:11 | result | provenance | | +| lifetime.rs:383:3:383:4 | p1 | lifetime.rs:388:15:388:16 | p1 | provenance | | +| lifetime.rs:383:3:383:4 | p1 | lifetime.rs:391:15:391:16 | p1 | provenance | | +| lifetime.rs:383:3:383:4 | p1 | lifetime.rs:399:6:399:7 | p1 | provenance | | +| lifetime.rs:383:3:383:4 | p1 | lifetime.rs:401:6:401:7 | p1 | provenance | | +| lifetime.rs:383:3:383:4 | p1 | lifetime.rs:411:16:411:17 | p1 | provenance | | +| lifetime.rs:383:3:383:4 | p1 | lifetime.rs:416:16:416:17 | p1 | provenance | | +| lifetime.rs:383:3:383:4 | p1 | lifetime.rs:428:7:428:8 | p1 | provenance | | +| lifetime.rs:383:3:383:4 | p1 | lifetime.rs:433:7:433:8 | p1 | provenance | | +| lifetime.rs:383:31:383:37 | &raw mut my_pair | lifetime.rs:383:3:383:4 | p1 | provenance | | +| lifetime.rs:384:3:384:4 | p2 | lifetime.rs:394:14:394:15 | p2 | provenance | | +| lifetime.rs:384:3:384:4 | p2 | lifetime.rs:421:15:421:16 | p2 | provenance | | +| lifetime.rs:384:27:384:35 | &raw const ... | lifetime.rs:384:3:384:4 | p2 | provenance | | +| lifetime.rs:385:3:385:4 | p3 | lifetime.rs:395:14:395:15 | p3 | provenance | | +| lifetime.rs:385:3:385:4 | p3 | lifetime.rs:400:5:400:6 | p3 | provenance | | +| lifetime.rs:385:3:385:4 | p3 | lifetime.rs:400:5:400:6 | p3 | provenance | | +| lifetime.rs:385:31:385:39 | &raw mut ... | lifetime.rs:385:3:385:4 | p3 | provenance | | +| lifetime.rs:400:5:400:6 | p3 | lifetime.rs:422:15:422:16 | p3 | provenance | | +| lifetime.rs:400:5:400:6 | p3 | lifetime.rs:429:6:429:7 | p3 | provenance | | +| lifetime.rs:442:6:442:7 | r1 | lifetime.rs:443:42:443:43 | r1 | provenance | | +| lifetime.rs:442:17:442:23 | &my_val | lifetime.rs:442:6:442:7 | r1 | provenance | | +| lifetime.rs:443:6:443:7 | p1 | lifetime.rs:446:13:446:14 | p1 | provenance | | +| lifetime.rs:443:6:443:7 | p1 | lifetime.rs:450:2:450:10 | return p1 | provenance | | +| lifetime.rs:443:23:443:44 | ...::from_ref(...) | lifetime.rs:443:6:443:7 | p1 | provenance | | +| lifetime.rs:443:42:443:43 | r1 | lifetime.rs:443:23:443:44 | ...::from_ref(...) | provenance | MaD:1 | +| lifetime.rs:450:2:450:10 | return p1 | lifetime.rs:454:11:454:29 | get_ptr_from_ref(...) | provenance | | +| lifetime.rs:450:2:450:10 | return p1 | lifetime.rs:460:13:460:31 | get_ptr_from_ref(...) | provenance | | +| lifetime.rs:454:6:454:7 | p1 | lifetime.rs:459:13:459:14 | p1 | provenance | | +| lifetime.rs:454:11:454:29 | get_ptr_from_ref(...) | lifetime.rs:454:6:454:7 | p1 | provenance | | +| lifetime.rs:509:16:509:29 | ...: ... | lifetime.rs:514:2:527:2 | return ... [captured p3] | provenance | | +| lifetime.rs:509:32:509:45 | ...: ... | lifetime.rs:514:2:527:2 | return ... [captured p4] | provenance | | +| lifetime.rs:512:23:512:32 | &my_local1 | lifetime.rs:514:2:527:2 | return ... [captured p1] | provenance | | +| lifetime.rs:514:2:527:2 | return ... [captured p1] | lifetime.rs:542:13:543:14 | get_closure(...) [captured p1] | provenance | | +| lifetime.rs:515:7:515:8 | p2 | lifetime.rs:519:14:519:15 | p2 | provenance | | +| lifetime.rs:515:24:515:33 | &my_local2 | lifetime.rs:515:7:515:8 | p2 | provenance | | +| lifetime.rs:530:17:530:31 | ...: ... | lifetime.rs:533:10:533:12 | ptr | provenance | | +| lifetime.rs:533:10:533:12 | ptr | lifetime.rs:550:28:550:29 | ... | provenance | | +| lifetime.rs:534:3:534:12 | &my_local5 | lifetime.rs:550:32:550:33 | ... | provenance | | +| lifetime.rs:542:3:542:9 | closure [captured p1] | lifetime.rs:548:2:548:8 | closure [captured p1] | provenance | | +| lifetime.rs:542:3:542:9 | closure [captured p3] | lifetime.rs:548:2:548:8 | closure [captured p3] | provenance | | +| lifetime.rs:542:3:542:9 | closure [captured p4] | lifetime.rs:548:2:548:8 | closure [captured p4] | provenance | | +| lifetime.rs:542:13:543:14 | get_closure(...) [captured p1] | lifetime.rs:542:3:542:9 | closure [captured p1] | provenance | | +| lifetime.rs:542:13:543:14 | get_closure(...) [captured p3] | lifetime.rs:542:3:542:9 | closure [captured p3] | provenance | | +| lifetime.rs:542:13:543:14 | get_closure(...) [captured p4] | lifetime.rs:542:3:542:9 | closure [captured p4] | provenance | | +| lifetime.rs:542:26:542:35 | &my_local3 | lifetime.rs:509:16:509:29 | ...: ... | provenance | | +| lifetime.rs:542:26:542:35 | &my_local3 | lifetime.rs:542:13:543:14 | get_closure(...) [captured p3] | provenance | | +| lifetime.rs:543:4:543:13 | &my_local4 | lifetime.rs:509:32:509:45 | ...: ... | provenance | | +| lifetime.rs:543:4:543:13 | &my_local4 | lifetime.rs:542:13:543:14 | get_closure(...) [captured p4] | provenance | | +| lifetime.rs:548:2:548:8 | closure [captured p1] | lifetime.rs:518:14:518:15 | p1 | provenance | | +| lifetime.rs:548:2:548:8 | closure [captured p3] | lifetime.rs:520:14:520:15 | p3 | provenance | | +| lifetime.rs:548:2:548:8 | closure [captured p4] | lifetime.rs:521:14:521:15 | p4 | provenance | | +| lifetime.rs:550:15:550:24 | &my_local3 | lifetime.rs:530:17:530:31 | ...: ... | provenance | | +| lifetime.rs:550:28:550:29 | ... | lifetime.rs:552:14:552:15 | p1 | provenance | | +| lifetime.rs:550:32:550:33 | ... | lifetime.rs:553:14:553:15 | p2 | provenance | | +| lifetime.rs:568:7:568:8 | p2 | lifetime.rs:572:14:572:15 | p2 | provenance | | +| lifetime.rs:568:24:568:33 | &my_local2 | lifetime.rs:568:7:568:8 | p2 | provenance | | +| lifetime.rs:630:3:630:6 | str2 | lifetime.rs:633:15:633:18 | str2 | provenance | | +| lifetime.rs:630:3:630:6 | str2 | lifetime.rs:641:14:641:17 | str2 | provenance | | +| lifetime.rs:630:10:630:25 | &... | lifetime.rs:630:3:630:6 | str2 | provenance | | +| lifetime.rs:654:4:654:7 | str2 | lifetime.rs:655:22:655:25 | str2 | provenance | | +| lifetime.rs:654:31:654:35 | &str1 | lifetime.rs:654:4:654:7 | str2 | provenance | | +| lifetime.rs:655:4:655:7 | ref1 | lifetime.rs:659:15:659:18 | ref1 | provenance | | +| lifetime.rs:655:4:655:7 | ref1 | lifetime.rs:667:14:667:17 | ref1 | provenance | | +| lifetime.rs:655:4:655:7 | ref1 [&ref] | lifetime.rs:659:15:659:18 | ref1 | provenance | | +| lifetime.rs:655:4:655:7 | ref1 [&ref] | lifetime.rs:667:14:667:17 | ref1 | provenance | | +| lifetime.rs:655:11:655:25 | &raw const str2 | lifetime.rs:655:4:655:7 | ref1 | provenance | | +| lifetime.rs:655:11:655:25 | &raw const str2 [&ref] | lifetime.rs:655:4:655:7 | ref1 [&ref] | provenance | | +| lifetime.rs:655:22:655:25 | str2 | lifetime.rs:655:11:655:25 | &raw const str2 [&ref] | provenance | | +| lifetime.rs:680:7:680:8 | r1 | lifetime.rs:692:13:692:14 | r1 | provenance | | +| lifetime.rs:682:4:682:12 | &... | lifetime.rs:680:7:680:8 | r1 | provenance | | +| lifetime.rs:684:7:684:14 | TuplePat [tuple.0] | lifetime.rs:684:8:684:9 | r2 | provenance | | +| lifetime.rs:684:7:684:14 | TuplePat [tuple.1] | lifetime.rs:684:12:684:13 | r3 | provenance | | +| lifetime.rs:684:8:684:9 | r2 | lifetime.rs:693:13:693:14 | r2 | provenance | | +| lifetime.rs:684:12:684:13 | r3 | lifetime.rs:694:13:694:14 | r3 | provenance | | +| lifetime.rs:686:4:687:16 | TupleExpr [tuple.0] | lifetime.rs:684:7:684:14 | TuplePat [tuple.0] | provenance | | +| lifetime.rs:686:4:687:16 | TupleExpr [tuple.1] | lifetime.rs:684:7:684:14 | TuplePat [tuple.1] | provenance | | +| lifetime.rs:686:5:686:13 | &... | lifetime.rs:686:4:687:16 | TupleExpr [tuple.0] | provenance | | +| lifetime.rs:687:5:687:15 | &... | lifetime.rs:686:4:687:16 | TupleExpr [tuple.1] | provenance | | +| lifetime.rs:724:2:724:12 | &val | lifetime.rs:724:2:724:12 | ptr | provenance | | +| lifetime.rs:724:2:724:12 | ptr | lifetime.rs:725:2:725:12 | ptr | provenance | | +models +| 1 | Summary: lang:core; crate::ptr::from_ref; Argument[0]; ReturnValue; value | +nodes +| deallocation.rs:148:6:148:7 | p1 | semmle.label | p1 | +| deallocation.rs:148:30:148:38 | &raw const my_buffer | semmle.label | &raw const my_buffer | +| deallocation.rs:151:14:151:15 | p1 | semmle.label | p1 | +| deallocation.rs:158:14:158:15 | p1 | semmle.label | p1 | +| deallocation.rs:228:28:228:43 | ...: ... | semmle.label | ...: ... | +| deallocation.rs:230:18:230:20 | ptr | semmle.label | ptr | +| deallocation.rs:240:27:240:42 | ...: ... | semmle.label | ...: ... | +| deallocation.rs:248:18:248:20 | ptr | semmle.label | ptr | +| deallocation.rs:257:7:257:10 | ptr1 | semmle.label | ptr1 | +| deallocation.rs:257:14:257:33 | &raw mut ... | semmle.label | &raw mut ... | +| deallocation.rs:258:7:258:10 | ptr2 | semmle.label | ptr2 | +| deallocation.rs:258:14:258:33 | &raw mut ... | semmle.label | &raw mut ... | +| deallocation.rs:260:4:260:7 | ptr1 | semmle.label | ptr1 | +| deallocation.rs:260:4:260:7 | ptr1 | semmle.label | ptr1 | +| deallocation.rs:261:4:261:7 | ptr2 | semmle.label | ptr2 | +| deallocation.rs:261:4:261:7 | ptr2 | semmle.label | ptr2 | +| deallocation.rs:263:27:263:30 | ptr1 | semmle.label | ptr1 | +| deallocation.rs:265:26:265:29 | ptr2 | semmle.label | ptr2 | +| deallocation.rs:276:6:276:9 | ptr1 | semmle.label | ptr1 | +| deallocation.rs:276:13:276:28 | &raw mut ... | semmle.label | &raw mut ... | +| deallocation.rs:279:13:279:16 | ptr1 | semmle.label | ptr1 | +| deallocation.rs:287:13:287:16 | ptr1 | semmle.label | ptr1 | +| deallocation.rs:295:6:295:9 | ptr2 | semmle.label | ptr2 | +| deallocation.rs:295:13:295:28 | &raw mut ... | semmle.label | &raw mut ... | +| deallocation.rs:298:13:298:16 | ptr2 | semmle.label | ptr2 | +| deallocation.rs:308:13:308:16 | ptr2 | semmle.label | ptr2 | +| lifetime.rs:21:2:21:18 | return ... | semmle.label | return ... | +| lifetime.rs:21:9:21:18 | &my_local1 | semmle.label | &my_local1 | +| lifetime.rs:27:2:27:22 | return ... | semmle.label | return ... | +| lifetime.rs:27:9:27:22 | &mut my_local2 | semmle.label | &mut my_local2 | +| lifetime.rs:33:2:33:28 | return ... | semmle.label | return ... | +| lifetime.rs:33:9:33:28 | &raw const my_local3 | semmle.label | &raw const my_local3 | +| lifetime.rs:39:2:39:26 | return ... | semmle.label | return ... | +| lifetime.rs:39:9:39:26 | &raw mut my_local4 | semmle.label | &raw mut my_local4 | +| lifetime.rs:43:2:43:15 | return ... | semmle.label | return ... | +| lifetime.rs:43:9:43:15 | ¶m5 | semmle.label | ¶m5 | +| lifetime.rs:50:2:50:18 | return ... | semmle.label | return ... | +| lifetime.rs:50:9:50:18 | &... | semmle.label | &... | +| lifetime.rs:54:6:54:7 | p1 | semmle.label | p1 | +| lifetime.rs:54:11:54:30 | get_local_dangling(...) | semmle.label | get_local_dangling(...) | +| lifetime.rs:55:6:55:7 | p2 | semmle.label | p2 | +| lifetime.rs:55:11:55:34 | get_local_dangling_mut(...) | semmle.label | get_local_dangling_mut(...) | +| lifetime.rs:56:6:56:7 | p3 | semmle.label | p3 | +| lifetime.rs:56:11:56:40 | get_local_dangling_raw_const(...) | semmle.label | get_local_dangling_raw_const(...) | +| lifetime.rs:57:6:57:7 | p4 | semmle.label | p4 | +| lifetime.rs:57:11:57:38 | get_local_dangling_raw_mut(...) | semmle.label | get_local_dangling_raw_mut(...) | +| lifetime.rs:58:6:58:7 | p5 | semmle.label | p5 | +| lifetime.rs:58:11:58:31 | get_param_dangling(...) | semmle.label | get_param_dangling(...) | +| lifetime.rs:59:6:59:7 | p6 | semmle.label | p6 | +| lifetime.rs:59:11:59:36 | get_local_field_dangling(...) | semmle.label | get_local_field_dangling(...) | +| lifetime.rs:63:3:63:4 | p7 | semmle.label | p7 | +| lifetime.rs:63:8:63:27 | &raw const my_local7 | semmle.label | &raw const my_local7 | +| lifetime.rs:69:13:69:14 | p1 | semmle.label | p1 | +| lifetime.rs:70:13:70:14 | p2 | semmle.label | p2 | +| lifetime.rs:71:13:71:14 | p3 | semmle.label | p3 | +| lifetime.rs:72:13:72:14 | p4 | semmle.label | p4 | +| lifetime.rs:73:13:73:14 | p5 | semmle.label | p5 | +| lifetime.rs:74:13:74:14 | p6 | semmle.label | p6 | +| lifetime.rs:75:13:75:14 | p7 | semmle.label | p7 | +| lifetime.rs:76:4:76:5 | p2 | semmle.label | p2 | +| lifetime.rs:77:4:77:5 | p4 | semmle.label | p4 | +| lifetime.rs:91:17:91:30 | ...: ... | semmle.label | ...: ... | +| lifetime.rs:91:33:91:44 | ...: ... | semmle.label | ...: ... | +| lifetime.rs:94:2:94:3 | p3 | semmle.label | p3 | +| lifetime.rs:94:7:94:16 | &my_local1 | semmle.label | &my_local1 | +| lifetime.rs:101:14:101:15 | p1 | semmle.label | p1 | +| lifetime.rs:102:14:102:15 | p2 | semmle.label | p2 | +| lifetime.rs:103:14:103:15 | p3 | semmle.label | p3 | +| lifetime.rs:110:5:110:6 | p2 | semmle.label | p2 | +| lifetime.rs:119:15:119:24 | &my_local3 | semmle.label | &my_local3 | +| lifetime.rs:119:27:119:44 | &mut my_local_mut4 | semmle.label | &mut my_local_mut4 | +| lifetime.rs:127:2:127:24 | return ... | semmle.label | return ... | +| lifetime.rs:127:9:127:24 | &MY_GLOBAL_CONST | semmle.label | &MY_GLOBAL_CONST | +| lifetime.rs:134:3:134:30 | return ... | semmle.label | return ... | +| lifetime.rs:134:10:134:30 | &mut MY_GLOBAL_STATIC | semmle.label | &mut MY_GLOBAL_STATIC | +| lifetime.rs:139:6:139:7 | p1 | semmle.label | p1 | +| lifetime.rs:139:11:139:21 | get_const(...) | semmle.label | get_const(...) | +| lifetime.rs:140:6:140:7 | p2 | semmle.label | p2 | +| lifetime.rs:140:11:140:26 | get_static_mut(...) | semmle.label | get_static_mut(...) | +| lifetime.rs:147:14:147:15 | p1 | semmle.label | p1 | +| lifetime.rs:148:14:148:15 | p2 | semmle.label | p2 | +| lifetime.rs:154:5:154:6 | p2 | semmle.label | p2 | +| lifetime.rs:161:17:161:31 | ...: ... | semmle.label | ...: ... | +| lifetime.rs:164:13:164:15 | ptr | semmle.label | ptr | +| lifetime.rs:169:17:169:31 | ...: ... | semmle.label | ...: ... | +| lifetime.rs:172:13:172:15 | ptr | semmle.label | ptr | +| lifetime.rs:177:17:177:31 | ...: ... | semmle.label | ...: ... | +| lifetime.rs:180:13:180:15 | ptr | semmle.label | ptr | +| lifetime.rs:187:6:187:8 | ptr | semmle.label | ptr | +| lifetime.rs:187:12:187:21 | &my_local1 | semmle.label | &my_local1 | +| lifetime.rs:189:15:189:17 | ptr | semmle.label | ptr | +| lifetime.rs:190:15:190:17 | ptr | semmle.label | ptr | +| lifetime.rs:192:2:192:11 | return ptr | semmle.label | return ptr | +| lifetime.rs:196:6:196:8 | ptr | semmle.label | ptr | +| lifetime.rs:196:12:196:36 | access_and_get_dangling(...) | semmle.label | access_and_get_dangling(...) | +| lifetime.rs:200:15:200:17 | ptr | semmle.label | ptr | +| lifetime.rs:201:15:201:17 | ptr | semmle.label | ptr | +| lifetime.rs:206:19:206:36 | ...: ... | semmle.label | ...: ... | +| lifetime.rs:208:6:208:13 | ptr_ours | semmle.label | ptr_ours | +| lifetime.rs:208:17:208:29 | &my_local_rec | semmle.label | &my_local_rec | +| lifetime.rs:211:7:211:14 | ptr_down | semmle.label | ptr_down | +| lifetime.rs:211:18:211:52 | access_ptr_rec(...) | semmle.label | access_ptr_rec(...) | +| lifetime.rs:211:33:211:40 | ptr_ours | semmle.label | ptr_ours | +| lifetime.rs:216:16:216:21 | ptr_up | semmle.label | ptr_up | +| lifetime.rs:217:18:217:25 | ptr_ours | semmle.label | ptr_ours | +| lifetime.rs:218:18:218:25 | ptr_down | semmle.label | ptr_down | +| lifetime.rs:225:2:225:16 | return ptr_ours | semmle.label | return ptr_ours | +| lifetime.rs:230:6:230:14 | ptr_start | semmle.label | ptr_start | +| lifetime.rs:230:18:230:31 | &my_local_rec2 | semmle.label | &my_local_rec2 | +| lifetime.rs:232:21:232:29 | ptr_start | semmle.label | ptr_start | +| lifetime.rs:239:6:239:13 | mut prev | semmle.label | mut prev | +| lifetime.rs:239:34:239:43 | &my_local1 | semmle.label | &my_local1 | +| lifetime.rs:247:15:247:18 | prev | semmle.label | prev | +| lifetime.rs:251:3:251:6 | prev | semmle.label | prev | +| lifetime.rs:251:10:251:19 | &my_local2 | semmle.label | &my_local2 | +| lifetime.rs:255:14:255:17 | prev | semmle.label | prev | +| lifetime.rs:270:47:275:1 | { ... } | semmle.label | { ... } | +| lifetime.rs:272:6:272:11 | result | semmle.label | result | +| lifetime.rs:272:30:272:32 | &e1 | semmle.label | &e1 | +| lifetime.rs:284:46:300:1 | { ... } | semmle.label | { ... } | +| lifetime.rs:288:2:288:7 | result | semmle.label | result | +| lifetime.rs:289:25:289:26 | &x | semmle.label | &x | +| lifetime.rs:295:13:295:18 | result | semmle.label | result | +| lifetime.rs:303:6:303:7 | e1 | semmle.label | e1 | +| lifetime.rs:303:11:303:31 | get_pointer_to_enum(...) | semmle.label | get_pointer_to_enum(...) | +| lifetime.rs:305:6:305:11 | result | semmle.label | result | +| lifetime.rs:305:15:305:37 | get_pointer_from_enum(...) | semmle.label | get_pointer_from_enum(...) | +| lifetime.rs:310:31:310:32 | e1 | semmle.label | e1 | +| lifetime.rs:317:13:317:18 | result | semmle.label | result | +| lifetime.rs:383:3:383:4 | p1 | semmle.label | p1 | +| lifetime.rs:383:31:383:37 | &raw mut my_pair | semmle.label | &raw mut my_pair | +| lifetime.rs:384:3:384:4 | p2 | semmle.label | p2 | +| lifetime.rs:384:27:384:35 | &raw const ... | semmle.label | &raw const ... | +| lifetime.rs:385:3:385:4 | p3 | semmle.label | p3 | +| lifetime.rs:385:31:385:39 | &raw mut ... | semmle.label | &raw mut ... | +| lifetime.rs:388:15:388:16 | p1 | semmle.label | p1 | +| lifetime.rs:391:15:391:16 | p1 | semmle.label | p1 | +| lifetime.rs:394:14:394:15 | p2 | semmle.label | p2 | +| lifetime.rs:395:14:395:15 | p3 | semmle.label | p3 | +| lifetime.rs:399:6:399:7 | p1 | semmle.label | p1 | +| lifetime.rs:400:5:400:6 | p3 | semmle.label | p3 | +| lifetime.rs:400:5:400:6 | p3 | semmle.label | p3 | +| lifetime.rs:401:6:401:7 | p1 | semmle.label | p1 | +| lifetime.rs:411:16:411:17 | p1 | semmle.label | p1 | +| lifetime.rs:416:16:416:17 | p1 | semmle.label | p1 | +| lifetime.rs:421:15:421:16 | p2 | semmle.label | p2 | +| lifetime.rs:422:15:422:16 | p3 | semmle.label | p3 | +| lifetime.rs:428:7:428:8 | p1 | semmle.label | p1 | +| lifetime.rs:429:6:429:7 | p3 | semmle.label | p3 | +| lifetime.rs:433:7:433:8 | p1 | semmle.label | p1 | +| lifetime.rs:442:6:442:7 | r1 | semmle.label | r1 | +| lifetime.rs:442:17:442:23 | &my_val | semmle.label | &my_val | +| lifetime.rs:443:6:443:7 | p1 | semmle.label | p1 | +| lifetime.rs:443:23:443:44 | ...::from_ref(...) | semmle.label | ...::from_ref(...) | +| lifetime.rs:443:42:443:43 | r1 | semmle.label | r1 | +| lifetime.rs:446:13:446:14 | p1 | semmle.label | p1 | +| lifetime.rs:450:2:450:10 | return p1 | semmle.label | return p1 | +| lifetime.rs:454:6:454:7 | p1 | semmle.label | p1 | +| lifetime.rs:454:11:454:29 | get_ptr_from_ref(...) | semmle.label | get_ptr_from_ref(...) | +| lifetime.rs:459:13:459:14 | p1 | semmle.label | p1 | +| lifetime.rs:460:13:460:31 | get_ptr_from_ref(...) | semmle.label | get_ptr_from_ref(...) | +| lifetime.rs:509:16:509:29 | ...: ... | semmle.label | ...: ... | +| lifetime.rs:509:32:509:45 | ...: ... | semmle.label | ...: ... | +| lifetime.rs:512:23:512:32 | &my_local1 | semmle.label | &my_local1 | +| lifetime.rs:514:2:527:2 | return ... [captured p1] | semmle.label | return ... [captured p1] | +| lifetime.rs:514:2:527:2 | return ... [captured p3] | semmle.label | return ... [captured p3] | +| lifetime.rs:514:2:527:2 | return ... [captured p4] | semmle.label | return ... [captured p4] | +| lifetime.rs:515:7:515:8 | p2 | semmle.label | p2 | +| lifetime.rs:515:24:515:33 | &my_local2 | semmle.label | &my_local2 | +| lifetime.rs:518:14:518:15 | p1 | semmle.label | p1 | +| lifetime.rs:519:14:519:15 | p2 | semmle.label | p2 | +| lifetime.rs:520:14:520:15 | p3 | semmle.label | p3 | +| lifetime.rs:521:14:521:15 | p4 | semmle.label | p4 | +| lifetime.rs:530:17:530:31 | ...: ... | semmle.label | ...: ... | +| lifetime.rs:533:10:533:12 | ptr | semmle.label | ptr | +| lifetime.rs:534:3:534:12 | &my_local5 | semmle.label | &my_local5 | +| lifetime.rs:542:3:542:9 | closure [captured p1] | semmle.label | closure [captured p1] | +| lifetime.rs:542:3:542:9 | closure [captured p3] | semmle.label | closure [captured p3] | +| lifetime.rs:542:3:542:9 | closure [captured p4] | semmle.label | closure [captured p4] | +| lifetime.rs:542:13:543:14 | get_closure(...) [captured p1] | semmle.label | get_closure(...) [captured p1] | +| lifetime.rs:542:13:543:14 | get_closure(...) [captured p3] | semmle.label | get_closure(...) [captured p3] | +| lifetime.rs:542:13:543:14 | get_closure(...) [captured p4] | semmle.label | get_closure(...) [captured p4] | +| lifetime.rs:542:26:542:35 | &my_local3 | semmle.label | &my_local3 | +| lifetime.rs:543:4:543:13 | &my_local4 | semmle.label | &my_local4 | +| lifetime.rs:548:2:548:8 | closure [captured p1] | semmle.label | closure [captured p1] | +| lifetime.rs:548:2:548:8 | closure [captured p3] | semmle.label | closure [captured p3] | +| lifetime.rs:548:2:548:8 | closure [captured p4] | semmle.label | closure [captured p4] | +| lifetime.rs:550:15:550:24 | &my_local3 | semmle.label | &my_local3 | +| lifetime.rs:550:28:550:29 | ... | semmle.label | ... | +| lifetime.rs:550:32:550:33 | ... | semmle.label | ... | +| lifetime.rs:552:14:552:15 | p1 | semmle.label | p1 | +| lifetime.rs:553:14:553:15 | p2 | semmle.label | p2 | +| lifetime.rs:568:7:568:8 | p2 | semmle.label | p2 | +| lifetime.rs:568:24:568:33 | &my_local2 | semmle.label | &my_local2 | +| lifetime.rs:572:14:572:15 | p2 | semmle.label | p2 | +| lifetime.rs:630:3:630:6 | str2 | semmle.label | str2 | +| lifetime.rs:630:10:630:25 | &... | semmle.label | &... | +| lifetime.rs:633:15:633:18 | str2 | semmle.label | str2 | +| lifetime.rs:641:14:641:17 | str2 | semmle.label | str2 | +| lifetime.rs:654:4:654:7 | str2 | semmle.label | str2 | +| lifetime.rs:654:31:654:35 | &str1 | semmle.label | &str1 | +| lifetime.rs:655:4:655:7 | ref1 | semmle.label | ref1 | +| lifetime.rs:655:4:655:7 | ref1 [&ref] | semmle.label | ref1 [&ref] | +| lifetime.rs:655:11:655:25 | &raw const str2 | semmle.label | &raw const str2 | +| lifetime.rs:655:11:655:25 | &raw const str2 [&ref] | semmle.label | &raw const str2 [&ref] | +| lifetime.rs:655:22:655:25 | str2 | semmle.label | str2 | +| lifetime.rs:659:15:659:18 | ref1 | semmle.label | ref1 | +| lifetime.rs:667:14:667:17 | ref1 | semmle.label | ref1 | +| lifetime.rs:680:7:680:8 | r1 | semmle.label | r1 | +| lifetime.rs:682:4:682:12 | &... | semmle.label | &... | +| lifetime.rs:684:7:684:14 | TuplePat [tuple.0] | semmle.label | TuplePat [tuple.0] | +| lifetime.rs:684:7:684:14 | TuplePat [tuple.1] | semmle.label | TuplePat [tuple.1] | +| lifetime.rs:684:8:684:9 | r2 | semmle.label | r2 | +| lifetime.rs:684:12:684:13 | r3 | semmle.label | r3 | +| lifetime.rs:686:4:687:16 | TupleExpr [tuple.0] | semmle.label | TupleExpr [tuple.0] | +| lifetime.rs:686:4:687:16 | TupleExpr [tuple.1] | semmle.label | TupleExpr [tuple.1] | +| lifetime.rs:686:5:686:13 | &... | semmle.label | &... | +| lifetime.rs:687:5:687:15 | &... | semmle.label | &... | +| lifetime.rs:692:13:692:14 | r1 | semmle.label | r1 | +| lifetime.rs:693:13:693:14 | r2 | semmle.label | r2 | +| lifetime.rs:694:13:694:14 | r3 | semmle.label | r3 | +| lifetime.rs:724:2:724:12 | &val | semmle.label | &val | +| lifetime.rs:724:2:724:12 | ptr | semmle.label | ptr | +| lifetime.rs:725:2:725:12 | ptr | semmle.label | ptr | +subpaths +| lifetime.rs:542:26:542:35 | &my_local3 | lifetime.rs:509:16:509:29 | ...: ... | lifetime.rs:514:2:527:2 | return ... [captured p3] | lifetime.rs:542:13:543:14 | get_closure(...) [captured p3] | +| lifetime.rs:543:4:543:13 | &my_local4 | lifetime.rs:509:32:509:45 | ...: ... | lifetime.rs:514:2:527:2 | return ... [captured p4] | lifetime.rs:542:13:543:14 | get_closure(...) [captured p4] | diff --git a/rust/ql/test/query-tests/security/CWE-825/lifetime.rs b/rust/ql/test/query-tests/security/CWE-825/lifetime.rs index 25aedb5eb44..05a994bceb3 100644 --- a/rust/ql/test/query-tests/security/CWE-825/lifetime.rs +++ b/rust/ql/test/query-tests/security/CWE-825/lifetime.rs @@ -18,36 +18,36 @@ impl Drop for MyValue { fn get_local_dangling() -> *const i64 { let my_local1: i64 = 1; - return &my_local1; + return &my_local1; // $ Source[rust/access-after-lifetime-ended]=local1 } // (return value immediately becomes dangling) fn get_local_dangling_mut() -> *mut i64 { let mut my_local2: i64 = 2; - return &mut my_local2; + return &mut my_local2; // $ Source[rust/access-after-lifetime-ended]=local2 } // (return value immediately becomes dangling) fn get_local_dangling_raw_const() -> *const i64 { let my_local3: i64 = 3; - return &raw const my_local3; + return &raw const my_local3; // $ Source[rust/access-after-lifetime-ended]=local3 } // (return value immediately becomes dangling) fn get_local_dangling_raw_mut() -> *mut i64 { let mut my_local4: i64 = 4; - return &raw mut my_local4; + return &raw mut my_local4; // $ Source[rust/access-after-lifetime-ended]=local4 } // (return value immediately becomes dangling) fn get_param_dangling(param5: i64) -> *const i64 { - return ¶m5; + return ¶m5; // $ MISSING: Source[rust/access-after-lifetime-ended]=param5 } // (return value immediately becomes dangling) fn get_local_field_dangling() -> *const i64 { let val: MyValue; val = MyValue { value: 6 }; - return &val.value; + return &val.value; // $ Source[rust/access-after-lifetime-ended]=localfield } pub fn test_local_dangling() { @@ -60,21 +60,21 @@ pub fn test_local_dangling() { let p7: *const i64; { let my_local7 = 7; - p7 = &raw const my_local7; + p7 = &raw const my_local7; // $ Source[rust/access-after-lifetime-ended]=local7 } // (my_local goes out of scope, thus p7 is dangling) use_the_stack(); unsafe { - let v1 = *p1; // $ MISSING: Alert - let v2 = *p2; // $ MISSING: Alert - let v3 = *p3; // $ MISSING: Alert - let v4 = *p4; // $ MISSING: Alert - let v5 = *p5; // $ MISSING: Alert - let v6 = *p6; // $ MISSING: Alert - let v7 = *p7; // $ MISSING: Alert - *p2 = 8; // $ MISSING: Alert - *p4 = 9; // $ MISSING: Alert + let v1 = *p1; // $ Alert[rust/access-after-lifetime-ended]=local1 + let v2 = *p2; // $ Alert[rust/access-after-lifetime-ended]=local2 + let v3 = *p3; // $ Alert[rust/access-after-lifetime-ended]=local3 + let v4 = *p4; // $ Alert[rust/access-after-lifetime-ended]=local4 + let v5 = *p5; // $ MISSING: Alert[rust/access-after-lifetime-ended]=param5 + let v6 = *p6; // $ Alert[rust/access-after-lifetime-ended]=localfield + let v7 = *p7; // $ Alert[rust/access-after-lifetime-ended]=local7 + *p2 = 8; // $ Alert[rust/access-after-lifetime-ended]=local2 + *p4 = 9; // $ Alert[rust/access-after-lifetime-ended]=local4 println!(" v1 = {v1} (!)"); // corrupt in practice println!(" v2 = {v2} (!)"); // corrupt in practice @@ -169,7 +169,7 @@ fn access_ptr_1(ptr: *const i64) { fn access_ptr_2(ptr: *const i64) { // only called with `ptr` dangling unsafe { - let v2 = *ptr; // $ MISSING: Alert + let v2 = *ptr; // $ Alert[rust/access-after-lifetime-ended]=local1 println!(" v2 = {v2} (!)"); // corrupt in practice } } @@ -184,7 +184,7 @@ fn access_ptr_3(ptr: *const i64) { fn access_and_get_dangling() -> *const i64 { let my_local1 = 1; - let ptr = &my_local1; + let ptr = &my_local1; // $ Source[rust/access-after-lifetime-ended]=local1 access_ptr_1(ptr); access_ptr_3(ptr); @@ -244,15 +244,15 @@ pub fn test_loop() { use_the_stack(); unsafe { - let v1 = (*prev)[0]; // $ MISSING: Alert + let v1 = (*prev)[0]; // $ MISSING: Alert[rust/access-after-lifetime-ended]=local2 println!(" v1 = {v1} (!)"); // incorrect values in practice (except first iteration) } - prev = &my_local2; + prev = &my_local2; // $ Source[rust/access-after-lifetime-ended]=local2 } // (my_local2 goes out of scope, thus prev is dangling) unsafe { - let v2 = (*prev)[0]; // $ MISSING: Alert + let v2 = (*prev)[0]; // $ Alert[rust/access-after-lifetime-ended]=local2 println!(" v2 = {v2} (!)"); // corrupt in practice } } @@ -269,7 +269,7 @@ enum MyEnum2 { pub fn get_pointer_to_enum() -> *const MyEnum { let e1 = MyEnum::Value(1); - let result: *const MyEnum = &e1; // $ MISSING: Source[rust/access-after-lifetime-ended]=e1 + let result: *const MyEnum = &e1; // $ Source[rust/access-after-lifetime-ended]=e1 result } // (e1 goes out of scope, so result is dangling) @@ -286,7 +286,7 @@ pub fn get_pointer_from_enum() -> *const i64 { let result: *const i64; result = match e3 { - MyEnum::Value(x) => { &x } // $ MISSING: Source[rust/access-after-lifetime-ended]=match_x + MyEnum::Value(x) => { &x } // $ Source[rust/access-after-lifetime-ended]=match_x }; // (x goes out of scope, so result is possibly dangling already) use_the_stack(); @@ -307,14 +307,14 @@ pub fn test_enums() { use_the_stack(); unsafe { - if let MyEnum::Value(v1) = *e1 { // $ MISSING: Alert[rust/access-after-lifetime-ended]=e1 + if let MyEnum::Value(v1) = *e1 { // $ Alert[rust/access-after-lifetime-ended]=e1 println!(" v1 = {v1} (!)"); // corrupt in practice } if let MyEnum2::Pointer(p2) = e2 { let v2 = unsafe { *p2 }; // $ MISSING: Alert[rust/access-after-lifetime-ended]=v2 println!(" v2 = {v2} (!)"); // corrupt in practice } - let v3 = *result; // $ MISSING: Alert[rust/access-after-lifetime-ended]=match_x + let v3 = *result; // $ Alert[rust/access-after-lifetime-ended]=match_x println!(" v3 = {v3} (!)"); // corrupt in practice } } @@ -380,9 +380,9 @@ pub fn test_ptr_to_struct(mode: i32) { { let mut my_pair = MyPair { a: 1, b: 2}; - p1 = std::ptr::addr_of_mut!(my_pair); - p2 = std::ptr::addr_of!(my_pair.a); - p3 = std::ptr::addr_of_mut!(my_pair.b); + p1 = std::ptr::addr_of_mut!(my_pair); // $ Source[rust/access-after-lifetime-ended]=my_pair + p2 = std::ptr::addr_of!(my_pair.a); // $ MISSING: Source[rust/access-after-lifetime-ended]=my_pair_a + p3 = std::ptr::addr_of_mut!(my_pair.b); // $ MISSING: Source[rust/access-after-lifetime-ended]=my_pair_b unsafe { let v1 = (*p1).a; // GOOD @@ -408,12 +408,12 @@ pub fn test_ptr_to_struct(mode: i32) { match mode { 0 => { // read - let v5 = (*p1).a; // $ MISSING: Alert + let v5 = (*p1).a; // $ Alert[rust/access-after-lifetime-ended]=my_pair println!(" v5 = {v5} (!)"); // dropped in practice }, 220 => { // another read - let v6 = (*p1).b; // $ MISSING: Alert + let v6 = (*p1).b; // $ Alert[rust/access-after-lifetime-ended]=my_pair println!(" v6 = {v6} (!)"); // dropped in practice }, 221 => { @@ -425,12 +425,12 @@ pub fn test_ptr_to_struct(mode: i32) { }, 222 => { // writes - (*p1).a = 6; // $ MISSING: Alert + (*p1).a = 6; // $ Alert[rust/access-after-lifetime-ended]=my_pair *p3 = 7; // $ MISSING: Alert }, 223 => { // another write - (*p1).b = 8; // $ MISSING: Alert + (*p1).b = 8; // $ Alert[rust/access-after-lifetime-ended]=my_pair }, _ => {} } @@ -439,7 +439,7 @@ pub fn test_ptr_to_struct(mode: i32) { fn get_ptr_from_ref(val: i32) -> *const i32 { let my_val = val; - let r1: &i32 = &my_val; + let r1: &i32 = &my_val; // $ Source[rust/access-after-lifetime-ended]=my_val let p1: *const i32 = std::ptr::from_ref(r1); unsafe { @@ -456,8 +456,8 @@ pub fn test_ptr_from_ref() { use_the_stack(); unsafe { - let v2 = *p1; // $ MISSING: Alert - let v3 = *get_ptr_from_ref(2); // $ MISSING: Alert + let v2 = *p1; // $ Alert[rust/access-after-lifetime-ended]=my_val + let v3 = *get_ptr_from_ref(2); // $ Alert[rust/access-after-lifetime-ended]=my_val println!(" v2 = {v2} (!)"); // corrupt in practice println!(" v3 = {v3} (!)"); } @@ -509,16 +509,16 @@ pub fn test_rc() { fn get_closure(p3: *const i64, p4: *const i64) -> impl FnOnce() { let my_local1: i64 = 1; let my_local2: i64 = 2; - let p1: *const i64 = &my_local1; + let p1: *const i64 = &my_local1; // $ MISSING: Source[rust/access-after-lifetime-ended]=local1 return move || { // captures `my_local2`, `p1`, `p3`, `p4` by value (due to `move`) let p2: *const i64 = &my_local2; unsafe { - let v1 = *p1; // $ MISSING: Alert + let v1 = *p1; // $ MISSING: Alert[rust/access-after-lifetime-ended]=local1 let v2 = *p2; // GOOD - let v3 = *p3; // GOOD - let v4 = *p4; // $ MISSING: Alert + let v3 = *p3; // $ SPURIOUS: Alert[rust/access-after-lifetime-ended]=local3 + let v4 = *p4; // $ Alert[rust/access-after-lifetime-ended]=local4 println!(" v1 = {v1} (!)"); // corrupt in practice println!(" v2 = {v2}"); println!(" v3 = {v3}"); @@ -531,7 +531,7 @@ fn with_closure(ptr: *const i64, closure: fn(*const i64, *const i64)) { let my_local5: i64 = 5; closure(ptr, - &my_local5); + &my_local5); // $ SPURIOUS: Source[rust/access-after-lifetime-ended]=local5 } pub fn test_closures() { @@ -539,8 +539,8 @@ pub fn test_closures() { let my_local3: i64 = 3; { let my_local4: i64 = 4; - closure = get_closure( &my_local3, - &my_local4); + closure = get_closure( &my_local3, // $ SPURIOUS: Source[rust/access-after-lifetime-ended]=local3 + &my_local4); // $ Source[rust/access-after-lifetime-ended]=local4 } // (`my_local4` goes out of scope, so `p4` is dangling) use_the_stack(); @@ -550,7 +550,7 @@ pub fn test_closures() { with_closure(&my_local3, |p1, p2| { unsafe { let v5 = *p1; // GOOD - let v6 = *p2; // GOOD + let v6 = *p2; // $ SPURIOUS: Alert[rust/access-after-lifetime-ended]=local5 println!(" v5 = {v5}"); println!(" v6 = {v6}"); } @@ -651,12 +651,12 @@ pub fn test_implicit_derefs() { let str2; { let str1 = "bar"; - str2 = "foo".to_string() + &str1; // $ MISSING: Source[rust/access-after-lifetime-ended]=str1 - ref1 = &raw const str2; // $ MISSING: Source[rust/access-after-lifetime-ended]=str2 + str2 = "foo".to_string() + &str1; // $ Source[rust/access-after-lifetime-ended]=str1 + ref1 = &raw const str2; // $ Source[rust/access-after-lifetime-ended]=str2 } // (str1 goes out of scope, but it's been copied into str2) unsafe { - let v1 = &*ref1; // GOOD + let v1 = &*ref1; // $ SPURIOUS: Alert[rust/access-after-lifetime-ended]=str1 println!(" v1 = {v1}"); } } // (str2 goes out of scope, thus ref1 is dangling) @@ -664,7 +664,7 @@ pub fn test_implicit_derefs() { use_the_stack(); unsafe { - let v2 = &*ref1; // $ MISSING: Alert[rust/access-after-lifetime-ended]=str2 + let v2 = &*ref1; // $ Alert[rust/access-after-lifetime-ended]=str2 SPURIOUS: Alert[rust/access-after-lifetime-ended]=str1 println!(" v2 = {v2} (!)"); // corrupt in practice } } @@ -679,18 +679,18 @@ impl MyType { fn test(&self) { let r1 = unsafe { let v1 = &self; - &v1.value + &v1.value // $ SPURIOUS: Source[rust/access-after-lifetime-ended]=v1 }; let (r2, r3) = unsafe { let v2 = &self; - (&v2.value, + (&v2.value, // $ SPURIOUS: Source[rust/access-after-lifetime-ended]=v2 &self.value) }; use_the_stack(); - let v1 = *r1; - let v2 = *r2; + let v1 = *r1; // $ SPURIOUS: Alert[rust/access-after-lifetime-ended]=v1 + let v2 = *r2; // $ SPURIOUS: Alert[rust/access-after-lifetime-ended]=v2 let v3 = *r3; println!(" v1 = {v1}"); println!(" v2 = {v2}"); @@ -717,9 +717,10 @@ macro_rules! my_macro { let v = *ptr; println!(" v = {v}"); } - }; + } } pub fn test_macros() { - my_macro!(); + my_macro!(); // $ SPURIOUS: Source[rust/access-after-lifetime-ended] + my_macro!(); // $ SPURIOUS: Alert[rust/access-after-lifetime-ended] } From 79f8584efb66b84aaa5f33f1021c23ee7b9b2793 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Mon, 2 Jun 2025 17:57:07 +0100 Subject: [PATCH 012/111] Rust: Fix spurious results involving closures. --- .../rust/security/AccessAfterLifetimeExtensions.qll | 5 ++++- .../security/CWE-825/AccessAfterLifetime.expected | 3 --- .../ql/test/query-tests/security/CWE-825/lifetime.rs | 12 ++++++------ 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/rust/ql/lib/codeql/rust/security/AccessAfterLifetimeExtensions.qll b/rust/ql/lib/codeql/rust/security/AccessAfterLifetimeExtensions.qll index e2b0643d969..63041eaf9c4 100644 --- a/rust/ql/lib/codeql/rust/security/AccessAfterLifetimeExtensions.qll +++ b/rust/ql/lib/codeql/rust/security/AccessAfterLifetimeExtensions.qll @@ -47,7 +47,10 @@ module AccessAfterLifetime { exists(BlockExpr valueScope, BlockExpr accessScope | valueScope(source.getTargetValue(), valueScope) and accessScope = sink.asExpr().getExpr().getEnclosingBlock() and - not maybeOnStack(valueScope, accessScope) + not maybeOnStack(valueScope, accessScope) and + // exclude results where the access is in a closure, since we don't + // model where a closure is actually called here. + not accessScope.getEnclosingBlock*() = any(ClosureExpr ce).getBody() ) } diff --git a/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected b/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected index 9e12cf83794..aef7b45d26e 100644 --- a/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected +++ b/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected @@ -17,9 +17,6 @@ | lifetime.rs:433:7:433:8 | p1 | lifetime.rs:383:31:383:37 | &raw mut my_pair | lifetime.rs:433:7:433:8 | p1 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:383:31:383:37 | my_pair | my_pair | | lifetime.rs:459:13:459:14 | p1 | lifetime.rs:442:17:442:23 | &my_val | lifetime.rs:459:13:459:14 | p1 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:442:18:442:23 | my_val | my_val | | lifetime.rs:460:13:460:31 | get_ptr_from_ref(...) | lifetime.rs:442:17:442:23 | &my_val | lifetime.rs:460:13:460:31 | get_ptr_from_ref(...) | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:442:18:442:23 | my_val | my_val | -| lifetime.rs:520:14:520:15 | p3 | lifetime.rs:542:26:542:35 | &my_local3 | lifetime.rs:520:14:520:15 | p3 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:542:27:542:35 | my_local3 | my_local3 | -| lifetime.rs:521:14:521:15 | p4 | lifetime.rs:543:4:543:13 | &my_local4 | lifetime.rs:521:14:521:15 | p4 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:543:5:543:13 | my_local4 | my_local4 | -| lifetime.rs:553:14:553:15 | p2 | lifetime.rs:534:3:534:12 | &my_local5 | lifetime.rs:553:14:553:15 | p2 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:534:4:534:12 | my_local5 | my_local5 | | lifetime.rs:659:15:659:18 | ref1 | lifetime.rs:654:31:654:35 | &str1 | lifetime.rs:659:15:659:18 | ref1 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:654:32:654:35 | str1 | str1 | | lifetime.rs:667:14:667:17 | ref1 | lifetime.rs:654:31:654:35 | &str1 | lifetime.rs:667:14:667:17 | ref1 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:654:32:654:35 | str1 | str1 | | lifetime.rs:667:14:667:17 | ref1 | lifetime.rs:655:11:655:25 | &raw const str2 | lifetime.rs:667:14:667:17 | ref1 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:655:22:655:25 | str2 | str2 | diff --git a/rust/ql/test/query-tests/security/CWE-825/lifetime.rs b/rust/ql/test/query-tests/security/CWE-825/lifetime.rs index 05a994bceb3..52e65d9bcda 100644 --- a/rust/ql/test/query-tests/security/CWE-825/lifetime.rs +++ b/rust/ql/test/query-tests/security/CWE-825/lifetime.rs @@ -517,8 +517,8 @@ fn get_closure(p3: *const i64, p4: *const i64) -> impl FnOnce() { unsafe { let v1 = *p1; // $ MISSING: Alert[rust/access-after-lifetime-ended]=local1 let v2 = *p2; // GOOD - let v3 = *p3; // $ SPURIOUS: Alert[rust/access-after-lifetime-ended]=local3 - let v4 = *p4; // $ Alert[rust/access-after-lifetime-ended]=local4 + let v3 = *p3; // GOOD + let v4 = *p4; // $ MISSING: Alert[rust/access-after-lifetime-ended]=local4 println!(" v1 = {v1} (!)"); // corrupt in practice println!(" v2 = {v2}"); println!(" v3 = {v3}"); @@ -531,7 +531,7 @@ fn with_closure(ptr: *const i64, closure: fn(*const i64, *const i64)) { let my_local5: i64 = 5; closure(ptr, - &my_local5); // $ SPURIOUS: Source[rust/access-after-lifetime-ended]=local5 + &my_local5); } pub fn test_closures() { @@ -539,8 +539,8 @@ pub fn test_closures() { let my_local3: i64 = 3; { let my_local4: i64 = 4; - closure = get_closure( &my_local3, // $ SPURIOUS: Source[rust/access-after-lifetime-ended]=local3 - &my_local4); // $ Source[rust/access-after-lifetime-ended]=local4 + closure = get_closure( &my_local3, + &my_local4); // $ MISSING: Source[rust/access-after-lifetime-ended]=local4 } // (`my_local4` goes out of scope, so `p4` is dangling) use_the_stack(); @@ -550,7 +550,7 @@ pub fn test_closures() { with_closure(&my_local3, |p1, p2| { unsafe { let v5 = *p1; // GOOD - let v6 = *p2; // $ SPURIOUS: Alert[rust/access-after-lifetime-ended]=local5 + let v6 = *p2; // $ GOOD println!(" v5 = {v5}"); println!(" v6 = {v6}"); } From 21b4baeb4251c85fc97cad342fb18b68ff5475c7 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Mon, 2 Jun 2025 19:33:49 +0100 Subject: [PATCH 013/111] Rust: Have the alert message cite the variable, so it's easier to understand whether the alert is correct. --- .../AccessAfterLifetimeExtensions.qll | 23 +++++----- .../security/CWE-825/AccessAfterLifetime.ql | 7 ++- .../CWE-825/AccessAfterLifetime.expected | 46 +++++++++---------- 3 files changed, 38 insertions(+), 38 deletions(-) diff --git a/rust/ql/lib/codeql/rust/security/AccessAfterLifetimeExtensions.qll b/rust/ql/lib/codeql/rust/security/AccessAfterLifetimeExtensions.qll index 63041eaf9c4..630763b9e36 100644 --- a/rust/ql/lib/codeql/rust/security/AccessAfterLifetimeExtensions.qll +++ b/rust/ql/lib/codeql/rust/security/AccessAfterLifetimeExtensions.qll @@ -22,7 +22,7 @@ module AccessAfterLifetime { /** * Gets the value this pointer or reference points to. */ - abstract Expr getTargetValue(); + abstract Expr getTarget(); } /** @@ -38,14 +38,14 @@ module AccessAfterLifetime { abstract class Barrier extends DataFlow::Node { } /** - * Holds if the pair `(source, sink)` that represents a flow from a - * pointer or reference to a dereference of that pointer or reference, - * and the dereference is outside the lifetime of the target value. + * Holds if the pair `(source, sink)`, that represents a flow from a + * pointer or reference to a dereference, has its dereference outside the + * lifetime of the target variable `target`. */ bindingset[source, sink] - predicate dereferenceAfterLifetime(Source source, Sink sink) { + predicate dereferenceAfterLifetime(Source source, Sink sink, Variable target) { exists(BlockExpr valueScope, BlockExpr accessScope | - valueScope(source.getTargetValue(), valueScope) and + valueScope(source.getTarget(), target, valueScope) and accessScope = sink.asExpr().getExpr().getEnclosingBlock() and not maybeOnStack(valueScope, accessScope) and // exclude results where the access is in a closure, since we don't @@ -55,14 +55,15 @@ module AccessAfterLifetime { } /** - * Holds if `value` accesses a variable with scope `scope`. + * Holds if `value` accesses a variable `target` with scope `scope`. */ - private predicate valueScope(Expr value, BlockExpr scope) { + private predicate valueScope(Expr value, Variable target, BlockExpr scope) { // variable access - scope = value.(VariableAccess).getVariable().getEnclosingBlock() + target = value.(VariableAccess).getVariable() and + scope = target.getEnclosingBlock() or // field access - valueScope(value.(FieldExpr).getContainer(), scope) + valueScope(value.(FieldExpr).getContainer(), target, scope) } /** @@ -91,6 +92,6 @@ module AccessAfterLifetime { RefExprSource() { this.asExpr().getExpr().(RefExpr).getExpr() = targetValue } - override Expr getTargetValue() { result = targetValue } + override Expr getTarget() { result = targetValue } } } diff --git a/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql b/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql index b49d8b59df3..a7f9da34783 100644 --- a/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql +++ b/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql @@ -34,12 +34,11 @@ module AccessAfterLifetimeFlow = TaintTracking::Global Date: Mon, 2 Jun 2025 19:57:16 +0100 Subject: [PATCH 014/111] Rust: More robust fix for closures. --- .../AccessAfterLifetimeExtensions.qll | 13 +++-- .../CWE-825/AccessAfterLifetime.expected | 58 ------------------- 2 files changed, 9 insertions(+), 62 deletions(-) diff --git a/rust/ql/lib/codeql/rust/security/AccessAfterLifetimeExtensions.qll b/rust/ql/lib/codeql/rust/security/AccessAfterLifetimeExtensions.qll index 630763b9e36..2534a5acdb3 100644 --- a/rust/ql/lib/codeql/rust/security/AccessAfterLifetimeExtensions.qll +++ b/rust/ql/lib/codeql/rust/security/AccessAfterLifetimeExtensions.qll @@ -47,10 +47,7 @@ module AccessAfterLifetime { exists(BlockExpr valueScope, BlockExpr accessScope | valueScope(source.getTarget(), target, valueScope) and accessScope = sink.asExpr().getExpr().getEnclosingBlock() and - not maybeOnStack(valueScope, accessScope) and - // exclude results where the access is in a closure, since we don't - // model where a closure is actually called here. - not accessScope.getEnclosingBlock*() = any(ClosureExpr ce).getBody() + not maybeOnStack(valueScope, accessScope) ) } @@ -94,4 +91,12 @@ module AccessAfterLifetime { override Expr getTarget() { result = targetValue } } + + /** + * A barrier for nodes inside closures, as we don't model lifetimes of + * variables through closures properly. + */ + private class ClosureBarrier extends Barrier { + ClosureBarrier() { this.asExpr().getExpr().getEnclosingCallable() instanceof ClosureExpr } + } } diff --git a/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected b/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected index e6479ca141a..50e450af058 100644 --- a/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected +++ b/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected @@ -161,31 +161,6 @@ edges | lifetime.rs:450:2:450:10 | return p1 | lifetime.rs:460:13:460:31 | get_ptr_from_ref(...) | provenance | | | lifetime.rs:454:6:454:7 | p1 | lifetime.rs:459:13:459:14 | p1 | provenance | | | lifetime.rs:454:11:454:29 | get_ptr_from_ref(...) | lifetime.rs:454:6:454:7 | p1 | provenance | | -| lifetime.rs:509:16:509:29 | ...: ... | lifetime.rs:514:2:527:2 | return ... [captured p3] | provenance | | -| lifetime.rs:509:32:509:45 | ...: ... | lifetime.rs:514:2:527:2 | return ... [captured p4] | provenance | | -| lifetime.rs:512:23:512:32 | &my_local1 | lifetime.rs:514:2:527:2 | return ... [captured p1] | provenance | | -| lifetime.rs:514:2:527:2 | return ... [captured p1] | lifetime.rs:542:13:543:14 | get_closure(...) [captured p1] | provenance | | -| lifetime.rs:515:7:515:8 | p2 | lifetime.rs:519:14:519:15 | p2 | provenance | | -| lifetime.rs:515:24:515:33 | &my_local2 | lifetime.rs:515:7:515:8 | p2 | provenance | | -| lifetime.rs:530:17:530:31 | ...: ... | lifetime.rs:533:10:533:12 | ptr | provenance | | -| lifetime.rs:533:10:533:12 | ptr | lifetime.rs:550:28:550:29 | ... | provenance | | -| lifetime.rs:534:3:534:12 | &my_local5 | lifetime.rs:550:32:550:33 | ... | provenance | | -| lifetime.rs:542:3:542:9 | closure [captured p1] | lifetime.rs:548:2:548:8 | closure [captured p1] | provenance | | -| lifetime.rs:542:3:542:9 | closure [captured p3] | lifetime.rs:548:2:548:8 | closure [captured p3] | provenance | | -| lifetime.rs:542:3:542:9 | closure [captured p4] | lifetime.rs:548:2:548:8 | closure [captured p4] | provenance | | -| lifetime.rs:542:13:543:14 | get_closure(...) [captured p1] | lifetime.rs:542:3:542:9 | closure [captured p1] | provenance | | -| lifetime.rs:542:13:543:14 | get_closure(...) [captured p3] | lifetime.rs:542:3:542:9 | closure [captured p3] | provenance | | -| lifetime.rs:542:13:543:14 | get_closure(...) [captured p4] | lifetime.rs:542:3:542:9 | closure [captured p4] | provenance | | -| lifetime.rs:542:26:542:35 | &my_local3 | lifetime.rs:509:16:509:29 | ...: ... | provenance | | -| lifetime.rs:542:26:542:35 | &my_local3 | lifetime.rs:542:13:543:14 | get_closure(...) [captured p3] | provenance | | -| lifetime.rs:543:4:543:13 | &my_local4 | lifetime.rs:509:32:509:45 | ...: ... | provenance | | -| lifetime.rs:543:4:543:13 | &my_local4 | lifetime.rs:542:13:543:14 | get_closure(...) [captured p4] | provenance | | -| lifetime.rs:548:2:548:8 | closure [captured p1] | lifetime.rs:518:14:518:15 | p1 | provenance | | -| lifetime.rs:548:2:548:8 | closure [captured p3] | lifetime.rs:520:14:520:15 | p3 | provenance | | -| lifetime.rs:548:2:548:8 | closure [captured p4] | lifetime.rs:521:14:521:15 | p4 | provenance | | -| lifetime.rs:550:15:550:24 | &my_local3 | lifetime.rs:530:17:530:31 | ...: ... | provenance | | -| lifetime.rs:550:28:550:29 | ... | lifetime.rs:552:14:552:15 | p1 | provenance | | -| lifetime.rs:550:32:550:33 | ... | lifetime.rs:553:14:553:15 | p2 | provenance | | | lifetime.rs:568:7:568:8 | p2 | lifetime.rs:572:14:572:15 | p2 | provenance | | | lifetime.rs:568:24:568:33 | &my_local2 | lifetime.rs:568:7:568:8 | p2 | provenance | | | lifetime.rs:630:3:630:6 | str2 | lifetime.rs:633:15:633:18 | str2 | provenance | | @@ -376,37 +351,6 @@ nodes | lifetime.rs:454:11:454:29 | get_ptr_from_ref(...) | semmle.label | get_ptr_from_ref(...) | | lifetime.rs:459:13:459:14 | p1 | semmle.label | p1 | | lifetime.rs:460:13:460:31 | get_ptr_from_ref(...) | semmle.label | get_ptr_from_ref(...) | -| lifetime.rs:509:16:509:29 | ...: ... | semmle.label | ...: ... | -| lifetime.rs:509:32:509:45 | ...: ... | semmle.label | ...: ... | -| lifetime.rs:512:23:512:32 | &my_local1 | semmle.label | &my_local1 | -| lifetime.rs:514:2:527:2 | return ... [captured p1] | semmle.label | return ... [captured p1] | -| lifetime.rs:514:2:527:2 | return ... [captured p3] | semmle.label | return ... [captured p3] | -| lifetime.rs:514:2:527:2 | return ... [captured p4] | semmle.label | return ... [captured p4] | -| lifetime.rs:515:7:515:8 | p2 | semmle.label | p2 | -| lifetime.rs:515:24:515:33 | &my_local2 | semmle.label | &my_local2 | -| lifetime.rs:518:14:518:15 | p1 | semmle.label | p1 | -| lifetime.rs:519:14:519:15 | p2 | semmle.label | p2 | -| lifetime.rs:520:14:520:15 | p3 | semmle.label | p3 | -| lifetime.rs:521:14:521:15 | p4 | semmle.label | p4 | -| lifetime.rs:530:17:530:31 | ...: ... | semmle.label | ...: ... | -| lifetime.rs:533:10:533:12 | ptr | semmle.label | ptr | -| lifetime.rs:534:3:534:12 | &my_local5 | semmle.label | &my_local5 | -| lifetime.rs:542:3:542:9 | closure [captured p1] | semmle.label | closure [captured p1] | -| lifetime.rs:542:3:542:9 | closure [captured p3] | semmle.label | closure [captured p3] | -| lifetime.rs:542:3:542:9 | closure [captured p4] | semmle.label | closure [captured p4] | -| lifetime.rs:542:13:543:14 | get_closure(...) [captured p1] | semmle.label | get_closure(...) [captured p1] | -| lifetime.rs:542:13:543:14 | get_closure(...) [captured p3] | semmle.label | get_closure(...) [captured p3] | -| lifetime.rs:542:13:543:14 | get_closure(...) [captured p4] | semmle.label | get_closure(...) [captured p4] | -| lifetime.rs:542:26:542:35 | &my_local3 | semmle.label | &my_local3 | -| lifetime.rs:543:4:543:13 | &my_local4 | semmle.label | &my_local4 | -| lifetime.rs:548:2:548:8 | closure [captured p1] | semmle.label | closure [captured p1] | -| lifetime.rs:548:2:548:8 | closure [captured p3] | semmle.label | closure [captured p3] | -| lifetime.rs:548:2:548:8 | closure [captured p4] | semmle.label | closure [captured p4] | -| lifetime.rs:550:15:550:24 | &my_local3 | semmle.label | &my_local3 | -| lifetime.rs:550:28:550:29 | ... | semmle.label | ... | -| lifetime.rs:550:32:550:33 | ... | semmle.label | ... | -| lifetime.rs:552:14:552:15 | p1 | semmle.label | p1 | -| lifetime.rs:553:14:553:15 | p2 | semmle.label | p2 | | lifetime.rs:568:7:568:8 | p2 | semmle.label | p2 | | lifetime.rs:568:24:568:33 | &my_local2 | semmle.label | &my_local2 | | lifetime.rs:572:14:572:15 | p2 | semmle.label | p2 | @@ -440,5 +384,3 @@ nodes | lifetime.rs:724:2:724:12 | ptr | semmle.label | ptr | | lifetime.rs:725:2:725:12 | ptr | semmle.label | ptr | subpaths -| lifetime.rs:542:26:542:35 | &my_local3 | lifetime.rs:509:16:509:29 | ...: ... | lifetime.rs:514:2:527:2 | return ... [captured p3] | lifetime.rs:542:13:543:14 | get_closure(...) [captured p3] | -| lifetime.rs:543:4:543:13 | &my_local4 | lifetime.rs:509:32:509:45 | ...: ... | lifetime.rs:514:2:527:2 | return ... [captured p4] | lifetime.rs:542:13:543:14 | get_closure(...) [captured p4] | From 26f85585fd555e5ab7b14261385a3608cdeec7f3 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Tue, 3 Jun 2025 17:40:16 +0100 Subject: [PATCH 015/111] Rust: Add qhelp, examples, and examples as tests. --- .../CWE-825/AccessAfterLifetime.qhelp | 50 +++++++++++++++++++ .../CWE-825/AccessAfterLifetimeBad.rs | 19 +++++++ .../CWE-825/AccessAfterLifetimeGood.rs | 17 +++++++ .../CWE-825/AccessAfterLifetime.expected | 10 ++++ .../query-tests/security/CWE-825/lifetime.rs | 38 ++++++++++++++ .../test/query-tests/security/CWE-825/main.rs | 6 +++ 6 files changed, 140 insertions(+) create mode 100644 rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.qhelp create mode 100644 rust/ql/src/queries/security/CWE-825/AccessAfterLifetimeBad.rs create mode 100644 rust/ql/src/queries/security/CWE-825/AccessAfterLifetimeGood.rs diff --git a/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.qhelp b/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.qhelp new file mode 100644 index 00000000000..41d62af44e3 --- /dev/null +++ b/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.qhelp @@ -0,0 +1,50 @@ + + + + +

+Dereferencing a pointer after the lifetime of its target has ended causes undefined behavior. Memory +may be corrupted causing the program to crash or behave incorrectly, in some cases exposing the program +to potential attacks. +

+ + + + +

+When dereferencing a pointer in unsafe code, take care that the pointer is still valid +at the time it is dereferenced. Code may need to be rearranged or changed to extend lifetimes. If +possible, rewrite the code using safe Rust types to avoid this kind of problem altogether. +

+ + + + +

+In the following example, val is local to get_pointer so its lifetime +ends when that function returns. However, a pointer to val is returned and dereferenced +after that lifetime has ended, causing undefined behavior: +

+ + + +

+One way to fix this is to change the return type of the function from a pointer to a Box, +which ensures that the value it points to remains on the heap for the lifetime of the Box +itself. Notice that there is no longer a need for an unsafe block as the code no longer +handles pointers directly: +

+ + + + + + +
  • Rust Documentation: Behavior considered undefined >> Dangling pointers.
    • +
  • Rust Documentation: Module ptr - Safety.
    • +
  • Massachusetts Institute of Technology: Unsafe Rust - Dereferencing a Raw Pointer.
    • + +     +     diff --git a/rust/ql/src/queries/security/CWE-825/AccessAfterLifetimeBad.rs b/rust/ql/src/queries/security/CWE-825/AccessAfterLifetimeBad.rs new file mode 100644 index 00000000000..61f981e4019 --- /dev/null +++ b/rust/ql/src/queries/security/CWE-825/AccessAfterLifetimeBad.rs @@ -0,0 +1,19 @@ + +fn get_pointer() -> *const i64 { + let val = 123; + + return &val; +} // lifetime of `val` ends here, the pointer becomes dangling + +fn example() { + let ptr = get_pointer(); + let val; + + // ... + + unsafe { + val = *ptr; // BAD: dereferences `ptr` after the lifetime of `val` has ended + } + + // ... +} diff --git a/rust/ql/src/queries/security/CWE-825/AccessAfterLifetimeGood.rs b/rust/ql/src/queries/security/CWE-825/AccessAfterLifetimeGood.rs new file mode 100644 index 00000000000..e8d0017d007 --- /dev/null +++ b/rust/ql/src/queries/security/CWE-825/AccessAfterLifetimeGood.rs @@ -0,0 +1,17 @@ + +fn get_box() -> Box { + let val = 123; + + return Box::new(val); // copies `val` onto the heap, where it remains for the lifetime of the `Box`. +} + +fn example() { + let ptr = get_box(); + let val; + + // ... + + val = *ptr; // GOOD + + // ... +} diff --git a/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected b/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected index 50e450af058..c54369b8c73 100644 --- a/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected +++ b/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected @@ -23,6 +23,7 @@ | lifetime.rs:692:13:692:14 | r1 | lifetime.rs:682:4:682:12 | &... | lifetime.rs:692:13:692:14 | r1 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:681:8:681:9 | v1 | v1 | | lifetime.rs:693:13:693:14 | r2 | lifetime.rs:686:5:686:13 | &... | lifetime.rs:693:13:693:14 | r2 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:685:8:685:9 | v2 | v2 | | lifetime.rs:725:2:725:12 | ptr | lifetime.rs:724:2:724:12 | &val | lifetime.rs:725:2:725:12 | ptr | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:724:2:724:12 | val | val | +| lifetime.rs:743:10:743:12 | ptr | lifetime.rs:733:9:733:12 | &val | lifetime.rs:743:10:743:12 | ptr | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:731:6:731:8 | val | val | edges | deallocation.rs:148:6:148:7 | p1 | deallocation.rs:151:14:151:15 | p1 | provenance | | | deallocation.rs:148:6:148:7 | p1 | deallocation.rs:158:14:158:15 | p1 | provenance | | @@ -187,6 +188,10 @@ edges | lifetime.rs:687:5:687:15 | &... | lifetime.rs:686:4:687:16 | TupleExpr [tuple.1] | provenance | | | lifetime.rs:724:2:724:12 | &val | lifetime.rs:724:2:724:12 | ptr | provenance | | | lifetime.rs:724:2:724:12 | ptr | lifetime.rs:725:2:725:12 | ptr | provenance | | +| lifetime.rs:733:2:733:12 | return ... | lifetime.rs:737:12:737:24 | get_pointer(...) | provenance | | +| lifetime.rs:733:9:733:12 | &val | lifetime.rs:733:2:733:12 | return ... | provenance | | +| lifetime.rs:737:6:737:8 | ptr | lifetime.rs:743:10:743:12 | ptr | provenance | | +| lifetime.rs:737:12:737:24 | get_pointer(...) | lifetime.rs:737:6:737:8 | ptr | provenance | | models | 1 | Summary: lang:core; crate::ptr::from_ref; Argument[0]; ReturnValue; value | nodes @@ -383,4 +388,9 @@ nodes | lifetime.rs:724:2:724:12 | &val | semmle.label | &val | | lifetime.rs:724:2:724:12 | ptr | semmle.label | ptr | | lifetime.rs:725:2:725:12 | ptr | semmle.label | ptr | +| lifetime.rs:733:2:733:12 | return ... | semmle.label | return ... | +| lifetime.rs:733:9:733:12 | &val | semmle.label | &val | +| lifetime.rs:737:6:737:8 | ptr | semmle.label | ptr | +| lifetime.rs:737:12:737:24 | get_pointer(...) | semmle.label | get_pointer(...) | +| lifetime.rs:743:10:743:12 | ptr | semmle.label | ptr | subpaths diff --git a/rust/ql/test/query-tests/security/CWE-825/lifetime.rs b/rust/ql/test/query-tests/security/CWE-825/lifetime.rs index 52e65d9bcda..1ef7bb5e292 100644 --- a/rust/ql/test/query-tests/security/CWE-825/lifetime.rs +++ b/rust/ql/test/query-tests/security/CWE-825/lifetime.rs @@ -724,3 +724,41 @@ pub fn test_macros() { my_macro!(); // $ SPURIOUS: Source[rust/access-after-lifetime-ended] my_macro!(); // $ SPURIOUS: Alert[rust/access-after-lifetime-ended] } + +// --- examples from qhelp --- + +fn get_pointer() -> *const i64 { + let val = 123; + + return &val; // $ Source[rust/access-after-lifetime-ended]=val +} // lifetime of `val` ends here, the pointer becomes dangling + +pub fn test_lifetimes_example_bad() { + let ptr = get_pointer(); + let val; + + use_the_stack(); + + unsafe { + val = *ptr; // $ Alert[rust/access-after-lifetime-ended]=val + } + + println!(" val = {val} (!)"); // corrupt in practice +} + +fn get_box() -> Box { + let val = 123; + + return Box::new(val); +} + +pub fn test_lifetimes_example_good() { + let ptr = get_box(); + let val; + + use_the_stack(); + + val = *ptr; // GOOD + + println!(" val = {val}"); +} diff --git a/rust/ql/test/query-tests/security/CWE-825/main.rs b/rust/ql/test/query-tests/security/CWE-825/main.rs index 5450dcd6b20..5c1afa0fd11 100644 --- a/rust/ql/test/query-tests/security/CWE-825/main.rs +++ b/rust/ql/test/query-tests/security/CWE-825/main.rs @@ -186,4 +186,10 @@ fn main() { println!("test_macros:"); test_macros(); + + println!("test_lifetimes_example_bad:"); + test_lifetimes_example_bad(); + + println!("test_lifetimes_example_good:"); + test_lifetimes_example_good(); } From 7bae451af375dc2c4163aee9d03919157a37cdb5 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Thu, 5 Jun 2025 14:15:38 +0100 Subject: [PATCH 016/111] Rust: Exclude results in macro invocations. --- rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql | 4 +++- .../query-tests/security/CWE-825/AccessAfterLifetime.expected | 1 - rust/ql/test/query-tests/security/CWE-825/lifetime.rs | 4 ++-- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql b/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql index a7f9da34783..570039a1a4a 100644 --- a/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql +++ b/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql @@ -39,6 +39,8 @@ where // flow from a pointer or reference to the dereference AccessAfterLifetimeFlow::flowPath(sourceNode, sinkNode) and // check that the dereference is outside the lifetime of the target - AccessAfterLifetime::dereferenceAfterLifetime(sourceNode.getNode(), sinkNode.getNode(), target) + AccessAfterLifetime::dereferenceAfterLifetime(sourceNode.getNode(), sinkNode.getNode(), target) and + // exclude sinks in macros, since these results are difficult to interpret + not sinkNode.getNode().asExpr().getExpr().isFromMacroExpansion() select sinkNode.getNode(), sourceNode, sinkNode, "Access of a pointer to $@ after it's lifetime has ended.", target, target.toString() diff --git a/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected b/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected index c54369b8c73..677c2fd506b 100644 --- a/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected +++ b/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected @@ -22,7 +22,6 @@ | lifetime.rs:667:14:667:17 | ref1 | lifetime.rs:655:11:655:25 | &raw const str2 | lifetime.rs:667:14:667:17 | ref1 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:651:7:651:10 | str2 | str2 | | lifetime.rs:692:13:692:14 | r1 | lifetime.rs:682:4:682:12 | &... | lifetime.rs:692:13:692:14 | r1 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:681:8:681:9 | v1 | v1 | | lifetime.rs:693:13:693:14 | r2 | lifetime.rs:686:5:686:13 | &... | lifetime.rs:693:13:693:14 | r2 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:685:8:685:9 | v2 | v2 | -| lifetime.rs:725:2:725:12 | ptr | lifetime.rs:724:2:724:12 | &val | lifetime.rs:725:2:725:12 | ptr | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:724:2:724:12 | val | val | | lifetime.rs:743:10:743:12 | ptr | lifetime.rs:733:9:733:12 | &val | lifetime.rs:743:10:743:12 | ptr | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:731:6:731:8 | val | val | edges | deallocation.rs:148:6:148:7 | p1 | deallocation.rs:151:14:151:15 | p1 | provenance | | diff --git a/rust/ql/test/query-tests/security/CWE-825/lifetime.rs b/rust/ql/test/query-tests/security/CWE-825/lifetime.rs index 1ef7bb5e292..97d76d8757d 100644 --- a/rust/ql/test/query-tests/security/CWE-825/lifetime.rs +++ b/rust/ql/test/query-tests/security/CWE-825/lifetime.rs @@ -721,8 +721,8 @@ macro_rules! my_macro { } pub fn test_macros() { - my_macro!(); // $ SPURIOUS: Source[rust/access-after-lifetime-ended] - my_macro!(); // $ SPURIOUS: Alert[rust/access-after-lifetime-ended] + my_macro!(); + my_macro!(); } // --- examples from qhelp --- From 858eec390da752b624881478e2bae9764421fbb1 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Mon, 9 Jun 2025 14:47:41 +0100 Subject: [PATCH 017/111] Rust: Exclude results where the source is a reference. --- .../rust/security/AccessAfterLifetimeExtensions.qll | 7 +++++-- .../security/CWE-825/AccessAfterLifetime.expected | 2 -- rust/ql/test/query-tests/security/CWE-825/lifetime.rs | 8 ++++---- 3 files changed, 9 insertions(+), 8 deletions(-) diff --git a/rust/ql/lib/codeql/rust/security/AccessAfterLifetimeExtensions.qll b/rust/ql/lib/codeql/rust/security/AccessAfterLifetimeExtensions.qll index 2534a5acdb3..919b534dee5 100644 --- a/rust/ql/lib/codeql/rust/security/AccessAfterLifetimeExtensions.qll +++ b/rust/ql/lib/codeql/rust/security/AccessAfterLifetimeExtensions.qll @@ -6,6 +6,8 @@ import rust private import codeql.rust.dataflow.DataFlow private import codeql.rust.security.AccessInvalidPointerExtensions +private import codeql.rust.internal.Type +private import codeql.rust.internal.TypeInference as TypeInference /** * Provides default sources, sinks and barriers for detecting accesses to a @@ -55,9 +57,10 @@ module AccessAfterLifetime { * Holds if `value` accesses a variable `target` with scope `scope`. */ private predicate valueScope(Expr value, Variable target, BlockExpr scope) { - // variable access + // variable access (to a non-reference) target = value.(VariableAccess).getVariable() and - scope = target.getEnclosingBlock() + scope = target.getEnclosingBlock() and + not TypeInference::inferType(value) instanceof RefType or // field access valueScope(value.(FieldExpr).getContainer(), target, scope) diff --git a/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected b/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected index 677c2fd506b..f9f3683baf6 100644 --- a/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected +++ b/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected @@ -20,8 +20,6 @@ | lifetime.rs:659:15:659:18 | ref1 | lifetime.rs:654:31:654:35 | &str1 | lifetime.rs:659:15:659:18 | ref1 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:653:8:653:11 | str1 | str1 | | lifetime.rs:667:14:667:17 | ref1 | lifetime.rs:654:31:654:35 | &str1 | lifetime.rs:667:14:667:17 | ref1 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:653:8:653:11 | str1 | str1 | | lifetime.rs:667:14:667:17 | ref1 | lifetime.rs:655:11:655:25 | &raw const str2 | lifetime.rs:667:14:667:17 | ref1 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:651:7:651:10 | str2 | str2 | -| lifetime.rs:692:13:692:14 | r1 | lifetime.rs:682:4:682:12 | &... | lifetime.rs:692:13:692:14 | r1 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:681:8:681:9 | v1 | v1 | -| lifetime.rs:693:13:693:14 | r2 | lifetime.rs:686:5:686:13 | &... | lifetime.rs:693:13:693:14 | r2 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:685:8:685:9 | v2 | v2 | | lifetime.rs:743:10:743:12 | ptr | lifetime.rs:733:9:733:12 | &val | lifetime.rs:743:10:743:12 | ptr | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:731:6:731:8 | val | val | edges | deallocation.rs:148:6:148:7 | p1 | deallocation.rs:151:14:151:15 | p1 | provenance | | diff --git a/rust/ql/test/query-tests/security/CWE-825/lifetime.rs b/rust/ql/test/query-tests/security/CWE-825/lifetime.rs index 97d76d8757d..36c0001b98e 100644 --- a/rust/ql/test/query-tests/security/CWE-825/lifetime.rs +++ b/rust/ql/test/query-tests/security/CWE-825/lifetime.rs @@ -679,18 +679,18 @@ impl MyType { fn test(&self) { let r1 = unsafe { let v1 = &self; - &v1.value // $ SPURIOUS: Source[rust/access-after-lifetime-ended]=v1 + &v1.value }; let (r2, r3) = unsafe { let v2 = &self; - (&v2.value, // $ SPURIOUS: Source[rust/access-after-lifetime-ended]=v2 + (&v2.value, &self.value) }; use_the_stack(); - let v1 = *r1; // $ SPURIOUS: Alert[rust/access-after-lifetime-ended]=v1 - let v2 = *r2; // $ SPURIOUS: Alert[rust/access-after-lifetime-ended]=v2 + let v1 = *r1; + let v2 = *r2; let v3 = *r3; println!(" v1 = {v1}"); println!(" v2 = {v2}"); From d3d0a533b515eb4b55a08e77e2c535ac0c256b55 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Mon, 9 Jun 2025 16:16:54 +0100 Subject: [PATCH 018/111] Rust: Add test showing yet another spurious result. --- .../CWE-825/AccessAfterLifetime.expected | 42 ++++++++++++------- .../query-tests/security/CWE-825/lifetime.rs | 32 ++++++++++++++ .../test/query-tests/security/CWE-825/main.rs | 3 ++ 3 files changed, 62 insertions(+), 15 deletions(-) diff --git a/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected b/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected index f9f3683baf6..584cf156fd1 100644 --- a/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected +++ b/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected @@ -20,7 +20,8 @@ | lifetime.rs:659:15:659:18 | ref1 | lifetime.rs:654:31:654:35 | &str1 | lifetime.rs:659:15:659:18 | ref1 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:653:8:653:11 | str1 | str1 | | lifetime.rs:667:14:667:17 | ref1 | lifetime.rs:654:31:654:35 | &str1 | lifetime.rs:667:14:667:17 | ref1 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:653:8:653:11 | str1 | str1 | | lifetime.rs:667:14:667:17 | ref1 | lifetime.rs:655:11:655:25 | &raw const str2 | lifetime.rs:667:14:667:17 | ref1 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:651:7:651:10 | str2 | str2 | -| lifetime.rs:743:10:743:12 | ptr | lifetime.rs:733:9:733:12 | &val | lifetime.rs:743:10:743:12 | ptr | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:731:6:731:8 | val | val | +| lifetime.rs:734:12:734:13 | r1 | lifetime.rs:719:26:719:34 | &... | lifetime.rs:734:12:734:13 | r1 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:719:19:719:20 | v2 | v2 | +| lifetime.rs:775:10:775:12 | ptr | lifetime.rs:765:9:765:12 | &val | lifetime.rs:775:10:775:12 | ptr | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:763:6:763:8 | val | val | edges | deallocation.rs:148:6:148:7 | p1 | deallocation.rs:151:14:151:15 | p1 | provenance | | | deallocation.rs:148:6:148:7 | p1 | deallocation.rs:158:14:158:15 | p1 | provenance | | @@ -183,12 +184,17 @@ edges | lifetime.rs:686:4:687:16 | TupleExpr [tuple.1] | lifetime.rs:684:7:684:14 | TuplePat [tuple.1] | provenance | | | lifetime.rs:686:5:686:13 | &... | lifetime.rs:686:4:687:16 | TupleExpr [tuple.0] | provenance | | | lifetime.rs:687:5:687:15 | &... | lifetime.rs:686:4:687:16 | TupleExpr [tuple.1] | provenance | | -| lifetime.rs:724:2:724:12 | &val | lifetime.rs:724:2:724:12 | ptr | provenance | | -| lifetime.rs:724:2:724:12 | ptr | lifetime.rs:725:2:725:12 | ptr | provenance | | -| lifetime.rs:733:2:733:12 | return ... | lifetime.rs:737:12:737:24 | get_pointer(...) | provenance | | -| lifetime.rs:733:9:733:12 | &val | lifetime.rs:733:2:733:12 | return ... | provenance | | -| lifetime.rs:737:6:737:8 | ptr | lifetime.rs:743:10:743:12 | ptr | provenance | | -| lifetime.rs:737:12:737:24 | get_pointer(...) | lifetime.rs:737:6:737:8 | ptr | provenance | | +| lifetime.rs:717:35:723:2 | { ... } | lifetime.rs:730:11:730:25 | e1.test_match() | provenance | | +| lifetime.rs:718:7:718:8 | r1 | lifetime.rs:717:35:723:2 | { ... } | provenance | | +| lifetime.rs:719:26:719:34 | &... | lifetime.rs:718:7:718:8 | r1 | provenance | | +| lifetime.rs:730:6:730:7 | r1 | lifetime.rs:734:12:734:13 | r1 | provenance | | +| lifetime.rs:730:11:730:25 | e1.test_match() | lifetime.rs:730:6:730:7 | r1 | provenance | | +| lifetime.rs:756:2:756:12 | &val | lifetime.rs:756:2:756:12 | ptr | provenance | | +| lifetime.rs:756:2:756:12 | ptr | lifetime.rs:757:2:757:12 | ptr | provenance | | +| lifetime.rs:765:2:765:12 | return ... | lifetime.rs:769:12:769:24 | get_pointer(...) | provenance | | +| lifetime.rs:765:9:765:12 | &val | lifetime.rs:765:2:765:12 | return ... | provenance | | +| lifetime.rs:769:6:769:8 | ptr | lifetime.rs:775:10:775:12 | ptr | provenance | | +| lifetime.rs:769:12:769:24 | get_pointer(...) | lifetime.rs:769:6:769:8 | ptr | provenance | | models | 1 | Summary: lang:core; crate::ptr::from_ref; Argument[0]; ReturnValue; value | nodes @@ -382,12 +388,18 @@ nodes | lifetime.rs:692:13:692:14 | r1 | semmle.label | r1 | | lifetime.rs:693:13:693:14 | r2 | semmle.label | r2 | | lifetime.rs:694:13:694:14 | r3 | semmle.label | r3 | -| lifetime.rs:724:2:724:12 | &val | semmle.label | &val | -| lifetime.rs:724:2:724:12 | ptr | semmle.label | ptr | -| lifetime.rs:725:2:725:12 | ptr | semmle.label | ptr | -| lifetime.rs:733:2:733:12 | return ... | semmle.label | return ... | -| lifetime.rs:733:9:733:12 | &val | semmle.label | &val | -| lifetime.rs:737:6:737:8 | ptr | semmle.label | ptr | -| lifetime.rs:737:12:737:24 | get_pointer(...) | semmle.label | get_pointer(...) | -| lifetime.rs:743:10:743:12 | ptr | semmle.label | ptr | +| lifetime.rs:717:35:723:2 | { ... } | semmle.label | { ... } | +| lifetime.rs:718:7:718:8 | r1 | semmle.label | r1 | +| lifetime.rs:719:26:719:34 | &... | semmle.label | &... | +| lifetime.rs:730:6:730:7 | r1 | semmle.label | r1 | +| lifetime.rs:730:11:730:25 | e1.test_match() | semmle.label | e1.test_match() | +| lifetime.rs:734:12:734:13 | r1 | semmle.label | r1 | +| lifetime.rs:756:2:756:12 | &val | semmle.label | &val | +| lifetime.rs:756:2:756:12 | ptr | semmle.label | ptr | +| lifetime.rs:757:2:757:12 | ptr | semmle.label | ptr | +| lifetime.rs:765:2:765:12 | return ... | semmle.label | return ... | +| lifetime.rs:765:9:765:12 | &val | semmle.label | &val | +| lifetime.rs:769:6:769:8 | ptr | semmle.label | ptr | +| lifetime.rs:769:12:769:24 | get_pointer(...) | semmle.label | get_pointer(...) | +| lifetime.rs:775:10:775:12 | ptr | semmle.label | ptr | subpaths diff --git a/rust/ql/test/query-tests/security/CWE-825/lifetime.rs b/rust/ql/test/query-tests/security/CWE-825/lifetime.rs index 36c0001b98e..d43004807e0 100644 --- a/rust/ql/test/query-tests/security/CWE-825/lifetime.rs +++ b/rust/ql/test/query-tests/security/CWE-825/lifetime.rs @@ -703,6 +703,38 @@ pub fn test_members() { mt.test(); } +// --- enum members --- + +struct MyValue2 { + value: i64 +} + +enum MyEnum3 { + Value(MyValue2), +} + +impl MyEnum3 { + pub fn test_match(&self) -> &i64 { + let r1 = match self { + MyEnum3::Value(v2) => &v2.value, // $ SPURIOUS: Source[rust/access-after-lifetime-ended]=v2_value + }; + + r1 + } +} + +pub fn test_enum_members() { + let v1 = MyValue2 { value: 1 }; + let e1 = MyEnum3::Value(v1); + + let r1 = e1.test_match(); + + use_the_stack(); + + let v3 = *r1; // $ SPURIOUS: Alert[rust/access-after-lifetime-ended]=v2_value + println!(" v3 = {v3}"); +} + // --- macros --- macro_rules! my_macro { diff --git a/rust/ql/test/query-tests/security/CWE-825/main.rs b/rust/ql/test/query-tests/security/CWE-825/main.rs index 5c1afa0fd11..e134c212ba0 100644 --- a/rust/ql/test/query-tests/security/CWE-825/main.rs +++ b/rust/ql/test/query-tests/security/CWE-825/main.rs @@ -184,6 +184,9 @@ fn main() { println!("test_members:"); test_members(); + println!("test_enum_members:"); + test_enum_members(); + println!("test_macros:"); test_macros(); From b3330b56361730d8827b2074c5f7d1678b1b1de2 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Mon, 9 Jun 2025 17:22:32 +0100 Subject: [PATCH 019/111] Rust: Allow parameter accesses as sources. --- .../security/AccessAfterLifetimeExtensions.qll | 16 +++++++++++++++- .../CWE-825/AccessAfterLifetime.expected | 1 + .../query-tests/security/CWE-825/lifetime.rs | 4 ++-- 3 files changed, 18 insertions(+), 3 deletions(-) diff --git a/rust/ql/lib/codeql/rust/security/AccessAfterLifetimeExtensions.qll b/rust/ql/lib/codeql/rust/security/AccessAfterLifetimeExtensions.qll index 919b534dee5..aaab0c30992 100644 --- a/rust/ql/lib/codeql/rust/security/AccessAfterLifetimeExtensions.qll +++ b/rust/ql/lib/codeql/rust/security/AccessAfterLifetimeExtensions.qll @@ -53,13 +53,27 @@ module AccessAfterLifetime { ) } + /** + * Holds if `var` has scope `scope`. + */ + private predicate variableScope(Variable var, BlockExpr scope) { + // local variable + scope = var.getEnclosingBlock() + or + // parameter + exists(Callable c | + var.getParameter().getEnclosingCallable() = c and + scope.getParentNode() = c + ) + } + /** * Holds if `value` accesses a variable `target` with scope `scope`. */ private predicate valueScope(Expr value, Variable target, BlockExpr scope) { // variable access (to a non-reference) target = value.(VariableAccess).getVariable() and - scope = target.getEnclosingBlock() and + variableScope(target, scope) and not TypeInference::inferType(value) instanceof RefType or // field access diff --git a/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected b/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected index 584cf156fd1..b28c3fa2292 100644 --- a/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected +++ b/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected @@ -3,6 +3,7 @@ | lifetime.rs:70:13:70:14 | p2 | lifetime.rs:27:9:27:22 | &mut my_local2 | lifetime.rs:70:13:70:14 | p2 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:25:10:25:18 | my_local2 | my_local2 | | lifetime.rs:71:13:71:14 | p3 | lifetime.rs:33:9:33:28 | &raw const my_local3 | lifetime.rs:71:13:71:14 | p3 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:31:6:31:14 | my_local3 | my_local3 | | lifetime.rs:72:13:72:14 | p4 | lifetime.rs:39:9:39:26 | &raw mut my_local4 | lifetime.rs:72:13:72:14 | p4 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:37:10:37:18 | my_local4 | my_local4 | +| lifetime.rs:73:13:73:14 | p5 | lifetime.rs:43:9:43:15 | ¶m5 | lifetime.rs:73:13:73:14 | p5 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:42:23:42:28 | param5 | param5 | | lifetime.rs:74:13:74:14 | p6 | lifetime.rs:50:9:50:18 | &... | lifetime.rs:74:13:74:14 | p6 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:47:6:47:8 | val | val | | lifetime.rs:75:13:75:14 | p7 | lifetime.rs:63:8:63:27 | &raw const my_local7 | lifetime.rs:75:13:75:14 | p7 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:62:7:62:15 | my_local7 | my_local7 | | lifetime.rs:76:4:76:5 | p2 | lifetime.rs:27:9:27:22 | &mut my_local2 | lifetime.rs:76:4:76:5 | p2 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:25:10:25:18 | my_local2 | my_local2 | diff --git a/rust/ql/test/query-tests/security/CWE-825/lifetime.rs b/rust/ql/test/query-tests/security/CWE-825/lifetime.rs index d43004807e0..656d7c692f8 100644 --- a/rust/ql/test/query-tests/security/CWE-825/lifetime.rs +++ b/rust/ql/test/query-tests/security/CWE-825/lifetime.rs @@ -40,7 +40,7 @@ fn get_local_dangling_raw_mut() -> *mut i64 { } // (return value immediately becomes dangling) fn get_param_dangling(param5: i64) -> *const i64 { - return ¶m5; // $ MISSING: Source[rust/access-after-lifetime-ended]=param5 + return ¶m5; // $ Source[rust/access-after-lifetime-ended]=param5 } // (return value immediately becomes dangling) fn get_local_field_dangling() -> *const i64 { @@ -70,7 +70,7 @@ pub fn test_local_dangling() { let v2 = *p2; // $ Alert[rust/access-after-lifetime-ended]=local2 let v3 = *p3; // $ Alert[rust/access-after-lifetime-ended]=local3 let v4 = *p4; // $ Alert[rust/access-after-lifetime-ended]=local4 - let v5 = *p5; // $ MISSING: Alert[rust/access-after-lifetime-ended]=param5 + let v5 = *p5; // $ Alert[rust/access-after-lifetime-ended]=param5 let v6 = *p6; // $ Alert[rust/access-after-lifetime-ended]=localfield let v7 = *p7; // $ Alert[rust/access-after-lifetime-ended]=local7 *p2 = 8; // $ Alert[rust/access-after-lifetime-ended]=local2 From 9b0ee8fb9f693f466beeb24ec83a539d5c580e9b Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Mon, 9 Jun 2025 17:32:29 +0100 Subject: [PATCH 020/111] Rust: Add security-severity tag and reduce precision to medium for now. precis --- rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql b/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql index 570039a1a4a..4bfc4249d26 100644 --- a/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql +++ b/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql @@ -4,8 +4,8 @@ * causes undefined behavior and may result in memory corruption. * @kind path-problem * @problem.severity error - * @security-severity TODO - * @precision high + * @security-severity 9.8 + * @precision medium * @id rust/access-after-lifetime-ended * @tags reliability * security From e7945e16cb0d616796844544c03c28c7ac93ca90 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Mon, 9 Jun 2025 19:06:34 +0100 Subject: [PATCH 021/111] Rust: Accept the query in suite listings. --- .../query-suite/rust-security-and-quality.qls.expected | 1 + .../query-suite/rust-security-extended.qls.expected | 1 + 2 files changed, 2 insertions(+) diff --git a/rust/ql/integration-tests/query-suite/rust-security-and-quality.qls.expected b/rust/ql/integration-tests/query-suite/rust-security-and-quality.qls.expected index c21b79749d1..650bf316941 100644 --- a/rust/ql/integration-tests/query-suite/rust-security-and-quality.qls.expected +++ b/rust/ql/integration-tests/query-suite/rust-security-and-quality.qls.expected @@ -16,6 +16,7 @@ ql/rust/ql/src/queries/security/CWE-327/BrokenCryptoAlgorithm.ql ql/rust/ql/src/queries/security/CWE-328/WeakSensitiveDataHashing.ql ql/rust/ql/src/queries/security/CWE-696/BadCtorInitialization.ql ql/rust/ql/src/queries/security/CWE-770/UncontrolledAllocationSize.ql +ql/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql ql/rust/ql/src/queries/security/CWE-825/AccessInvalidPointer.ql ql/rust/ql/src/queries/summary/LinesOfCode.ql ql/rust/ql/src/queries/summary/LinesOfUserCode.ql diff --git a/rust/ql/integration-tests/query-suite/rust-security-extended.qls.expected b/rust/ql/integration-tests/query-suite/rust-security-extended.qls.expected index b3683f02d92..b5df88f96ec 100644 --- a/rust/ql/integration-tests/query-suite/rust-security-extended.qls.expected +++ b/rust/ql/integration-tests/query-suite/rust-security-extended.qls.expected @@ -15,6 +15,7 @@ ql/rust/ql/src/queries/security/CWE-312/CleartextLogging.ql ql/rust/ql/src/queries/security/CWE-327/BrokenCryptoAlgorithm.ql ql/rust/ql/src/queries/security/CWE-328/WeakSensitiveDataHashing.ql ql/rust/ql/src/queries/security/CWE-770/UncontrolledAllocationSize.ql +ql/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql ql/rust/ql/src/queries/security/CWE-825/AccessInvalidPointer.ql ql/rust/ql/src/queries/summary/LinesOfCode.ql ql/rust/ql/src/queries/summary/LinesOfUserCode.ql From 74ce4e81056f48f678468cf40f50b165a11dc91e Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Mon, 9 Jun 2025 19:10:39 +0100 Subject: [PATCH 022/111] Update rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql b/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql index 4bfc4249d26..e874b0eba8a 100644 --- a/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql +++ b/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql @@ -43,4 +43,4 @@ where // exclude sinks in macros, since these results are difficult to interpret not sinkNode.getNode().asExpr().getExpr().isFromMacroExpansion() select sinkNode.getNode(), sourceNode, sinkNode, - "Access of a pointer to $@ after it's lifetime has ended.", target, target.toString() + "Access of a pointer to $@ after its lifetime has ended.", target, target.toString() From a9d5d8b2b3dbba050dd34d066ae2c22db9ed5976 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Mon, 9 Jun 2025 19:14:14 +0100 Subject: [PATCH 023/111] Rust: Accept the new alert message in tests. --- .../CWE-825/AccessAfterLifetime.expected | 48 +++++++++---------- 1 file changed, 24 insertions(+), 24 deletions(-) diff --git a/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected b/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected index b28c3fa2292..998a63b8f77 100644 --- a/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected +++ b/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected @@ -1,28 +1,28 @@ #select -| lifetime.rs:69:13:69:14 | p1 | lifetime.rs:21:9:21:18 | &my_local1 | lifetime.rs:69:13:69:14 | p1 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:19:6:19:14 | my_local1 | my_local1 | -| lifetime.rs:70:13:70:14 | p2 | lifetime.rs:27:9:27:22 | &mut my_local2 | lifetime.rs:70:13:70:14 | p2 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:25:10:25:18 | my_local2 | my_local2 | -| lifetime.rs:71:13:71:14 | p3 | lifetime.rs:33:9:33:28 | &raw const my_local3 | lifetime.rs:71:13:71:14 | p3 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:31:6:31:14 | my_local3 | my_local3 | -| lifetime.rs:72:13:72:14 | p4 | lifetime.rs:39:9:39:26 | &raw mut my_local4 | lifetime.rs:72:13:72:14 | p4 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:37:10:37:18 | my_local4 | my_local4 | -| lifetime.rs:73:13:73:14 | p5 | lifetime.rs:43:9:43:15 | ¶m5 | lifetime.rs:73:13:73:14 | p5 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:42:23:42:28 | param5 | param5 | -| lifetime.rs:74:13:74:14 | p6 | lifetime.rs:50:9:50:18 | &... | lifetime.rs:74:13:74:14 | p6 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:47:6:47:8 | val | val | -| lifetime.rs:75:13:75:14 | p7 | lifetime.rs:63:8:63:27 | &raw const my_local7 | lifetime.rs:75:13:75:14 | p7 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:62:7:62:15 | my_local7 | my_local7 | -| lifetime.rs:76:4:76:5 | p2 | lifetime.rs:27:9:27:22 | &mut my_local2 | lifetime.rs:76:4:76:5 | p2 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:25:10:25:18 | my_local2 | my_local2 | -| lifetime.rs:77:4:77:5 | p4 | lifetime.rs:39:9:39:26 | &raw mut my_local4 | lifetime.rs:77:4:77:5 | p4 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:37:10:37:18 | my_local4 | my_local4 | -| lifetime.rs:172:13:172:15 | ptr | lifetime.rs:187:12:187:21 | &my_local1 | lifetime.rs:172:13:172:15 | ptr | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:186:6:186:14 | my_local1 | my_local1 | -| lifetime.rs:255:14:255:17 | prev | lifetime.rs:251:10:251:19 | &my_local2 | lifetime.rs:255:14:255:17 | prev | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:242:7:242:15 | my_local2 | my_local2 | -| lifetime.rs:310:31:310:32 | e1 | lifetime.rs:272:30:272:32 | &e1 | lifetime.rs:310:31:310:32 | e1 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:271:6:271:7 | e1 | e1 | -| lifetime.rs:317:13:317:18 | result | lifetime.rs:289:25:289:26 | &x | lifetime.rs:317:13:317:18 | result | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:289:17:289:17 | x | x | -| lifetime.rs:411:16:411:17 | p1 | lifetime.rs:383:31:383:37 | &raw mut my_pair | lifetime.rs:411:16:411:17 | p1 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:382:11:382:17 | my_pair | my_pair | -| lifetime.rs:416:16:416:17 | p1 | lifetime.rs:383:31:383:37 | &raw mut my_pair | lifetime.rs:416:16:416:17 | p1 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:382:11:382:17 | my_pair | my_pair | -| lifetime.rs:428:7:428:8 | p1 | lifetime.rs:383:31:383:37 | &raw mut my_pair | lifetime.rs:428:7:428:8 | p1 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:382:11:382:17 | my_pair | my_pair | -| lifetime.rs:433:7:433:8 | p1 | lifetime.rs:383:31:383:37 | &raw mut my_pair | lifetime.rs:433:7:433:8 | p1 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:382:11:382:17 | my_pair | my_pair | -| lifetime.rs:459:13:459:14 | p1 | lifetime.rs:442:17:442:23 | &my_val | lifetime.rs:459:13:459:14 | p1 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:441:6:441:11 | my_val | my_val | -| lifetime.rs:460:13:460:31 | get_ptr_from_ref(...) | lifetime.rs:442:17:442:23 | &my_val | lifetime.rs:460:13:460:31 | get_ptr_from_ref(...) | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:441:6:441:11 | my_val | my_val | -| lifetime.rs:659:15:659:18 | ref1 | lifetime.rs:654:31:654:35 | &str1 | lifetime.rs:659:15:659:18 | ref1 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:653:8:653:11 | str1 | str1 | -| lifetime.rs:667:14:667:17 | ref1 | lifetime.rs:654:31:654:35 | &str1 | lifetime.rs:667:14:667:17 | ref1 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:653:8:653:11 | str1 | str1 | -| lifetime.rs:667:14:667:17 | ref1 | lifetime.rs:655:11:655:25 | &raw const str2 | lifetime.rs:667:14:667:17 | ref1 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:651:7:651:10 | str2 | str2 | -| lifetime.rs:734:12:734:13 | r1 | lifetime.rs:719:26:719:34 | &... | lifetime.rs:734:12:734:13 | r1 | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:719:19:719:20 | v2 | v2 | -| lifetime.rs:775:10:775:12 | ptr | lifetime.rs:765:9:765:12 | &val | lifetime.rs:775:10:775:12 | ptr | Access of a pointer to $@ after it's lifetime has ended. | lifetime.rs:763:6:763:8 | val | val | +| lifetime.rs:69:13:69:14 | p1 | lifetime.rs:21:9:21:18 | &my_local1 | lifetime.rs:69:13:69:14 | p1 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:19:6:19:14 | my_local1 | my_local1 | +| lifetime.rs:70:13:70:14 | p2 | lifetime.rs:27:9:27:22 | &mut my_local2 | lifetime.rs:70:13:70:14 | p2 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:25:10:25:18 | my_local2 | my_local2 | +| lifetime.rs:71:13:71:14 | p3 | lifetime.rs:33:9:33:28 | &raw const my_local3 | lifetime.rs:71:13:71:14 | p3 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:31:6:31:14 | my_local3 | my_local3 | +| lifetime.rs:72:13:72:14 | p4 | lifetime.rs:39:9:39:26 | &raw mut my_local4 | lifetime.rs:72:13:72:14 | p4 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:37:10:37:18 | my_local4 | my_local4 | +| lifetime.rs:73:13:73:14 | p5 | lifetime.rs:43:9:43:15 | ¶m5 | lifetime.rs:73:13:73:14 | p5 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:42:23:42:28 | param5 | param5 | +| lifetime.rs:74:13:74:14 | p6 | lifetime.rs:50:9:50:18 | &... | lifetime.rs:74:13:74:14 | p6 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:47:6:47:8 | val | val | +| lifetime.rs:75:13:75:14 | p7 | lifetime.rs:63:8:63:27 | &raw const my_local7 | lifetime.rs:75:13:75:14 | p7 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:62:7:62:15 | my_local7 | my_local7 | +| lifetime.rs:76:4:76:5 | p2 | lifetime.rs:27:9:27:22 | &mut my_local2 | lifetime.rs:76:4:76:5 | p2 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:25:10:25:18 | my_local2 | my_local2 | +| lifetime.rs:77:4:77:5 | p4 | lifetime.rs:39:9:39:26 | &raw mut my_local4 | lifetime.rs:77:4:77:5 | p4 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:37:10:37:18 | my_local4 | my_local4 | +| lifetime.rs:172:13:172:15 | ptr | lifetime.rs:187:12:187:21 | &my_local1 | lifetime.rs:172:13:172:15 | ptr | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:186:6:186:14 | my_local1 | my_local1 | +| lifetime.rs:255:14:255:17 | prev | lifetime.rs:251:10:251:19 | &my_local2 | lifetime.rs:255:14:255:17 | prev | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:242:7:242:15 | my_local2 | my_local2 | +| lifetime.rs:310:31:310:32 | e1 | lifetime.rs:272:30:272:32 | &e1 | lifetime.rs:310:31:310:32 | e1 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:271:6:271:7 | e1 | e1 | +| lifetime.rs:317:13:317:18 | result | lifetime.rs:289:25:289:26 | &x | lifetime.rs:317:13:317:18 | result | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:289:17:289:17 | x | x | +| lifetime.rs:411:16:411:17 | p1 | lifetime.rs:383:31:383:37 | &raw mut my_pair | lifetime.rs:411:16:411:17 | p1 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:382:11:382:17 | my_pair | my_pair | +| lifetime.rs:416:16:416:17 | p1 | lifetime.rs:383:31:383:37 | &raw mut my_pair | lifetime.rs:416:16:416:17 | p1 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:382:11:382:17 | my_pair | my_pair | +| lifetime.rs:428:7:428:8 | p1 | lifetime.rs:383:31:383:37 | &raw mut my_pair | lifetime.rs:428:7:428:8 | p1 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:382:11:382:17 | my_pair | my_pair | +| lifetime.rs:433:7:433:8 | p1 | lifetime.rs:383:31:383:37 | &raw mut my_pair | lifetime.rs:433:7:433:8 | p1 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:382:11:382:17 | my_pair | my_pair | +| lifetime.rs:459:13:459:14 | p1 | lifetime.rs:442:17:442:23 | &my_val | lifetime.rs:459:13:459:14 | p1 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:441:6:441:11 | my_val | my_val | +| lifetime.rs:460:13:460:31 | get_ptr_from_ref(...) | lifetime.rs:442:17:442:23 | &my_val | lifetime.rs:460:13:460:31 | get_ptr_from_ref(...) | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:441:6:441:11 | my_val | my_val | +| lifetime.rs:659:15:659:18 | ref1 | lifetime.rs:654:31:654:35 | &str1 | lifetime.rs:659:15:659:18 | ref1 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:653:8:653:11 | str1 | str1 | +| lifetime.rs:667:14:667:17 | ref1 | lifetime.rs:654:31:654:35 | &str1 | lifetime.rs:667:14:667:17 | ref1 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:653:8:653:11 | str1 | str1 | +| lifetime.rs:667:14:667:17 | ref1 | lifetime.rs:655:11:655:25 | &raw const str2 | lifetime.rs:667:14:667:17 | ref1 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:651:7:651:10 | str2 | str2 | +| lifetime.rs:734:12:734:13 | r1 | lifetime.rs:719:26:719:34 | &... | lifetime.rs:734:12:734:13 | r1 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:719:19:719:20 | v2 | v2 | +| lifetime.rs:775:10:775:12 | ptr | lifetime.rs:765:9:765:12 | &val | lifetime.rs:775:10:775:12 | ptr | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:763:6:763:8 | val | val | edges | deallocation.rs:148:6:148:7 | p1 | deallocation.rs:151:14:151:15 | p1 | provenance | | | deallocation.rs:148:6:148:7 | p1 | deallocation.rs:158:14:158:15 | p1 | provenance | | From ecac0dbe699f4a6304c337d7ee2c2b98f55aa196 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Wed, 11 Jun 2025 08:52:52 +0100 Subject: [PATCH 024/111] Rust: Accept consistency check failures. --- .../security/CWE-825/CONSISTENCY/SsaConsistency.expected | 6 ++++++ .../CWE-825/CONSISTENCY/VariableCaptureConsistency.expected | 5 +++++ 2 files changed, 11 insertions(+) create mode 100644 rust/ql/test/query-tests/security/CWE-825/CONSISTENCY/SsaConsistency.expected create mode 100644 rust/ql/test/query-tests/security/CWE-825/CONSISTENCY/VariableCaptureConsistency.expected diff --git a/rust/ql/test/query-tests/security/CWE-825/CONSISTENCY/SsaConsistency.expected b/rust/ql/test/query-tests/security/CWE-825/CONSISTENCY/SsaConsistency.expected new file mode 100644 index 00000000000..c2944252116 --- /dev/null +++ b/rust/ql/test/query-tests/security/CWE-825/CONSISTENCY/SsaConsistency.expected @@ -0,0 +1,6 @@ +readWithoutDef +| lifetime.rs:511:6:511:14 | my_local2 | lifetime.rs:514:9:527:2 | enter \|...\| ... | 2 | +| lifetime.rs:564:6:564:14 | my_local2 | lifetime.rs:567:9:580:2 | enter { ... } | 2 | +readWithoutPriorRef +| lifetime.rs:511:6:511:14 | my_local2 | lifetime.rs:514:9:527:2 | enter \|...\| ... | 2 | +| lifetime.rs:564:6:564:14 | my_local2 | lifetime.rs:567:9:580:2 | enter { ... } | 2 | diff --git a/rust/ql/test/query-tests/security/CWE-825/CONSISTENCY/VariableCaptureConsistency.expected b/rust/ql/test/query-tests/security/CWE-825/CONSISTENCY/VariableCaptureConsistency.expected new file mode 100644 index 00000000000..64126531311 --- /dev/null +++ b/rust/ql/test/query-tests/security/CWE-825/CONSISTENCY/VariableCaptureConsistency.expected @@ -0,0 +1,5 @@ +variableIsCaptured +| lifetime.rs:511:6:511:14 | my_local2 | CapturedVariable is not captured | +| lifetime.rs:564:6:564:14 | my_local2 | CapturedVariable is not captured | +consistencyOverview +| CapturedVariable is not captured | 2 | From b29deed919ea85f42404bd51c0318aada4a71bd5 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Wed, 11 Jun 2025 18:09:22 +0100 Subject: [PATCH 025/111] Rust: Accept changes in an unrelated test reported by CI. --- rust/ql/test/extractor-tests/crate_graph/crates.expected | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/rust/ql/test/extractor-tests/crate_graph/crates.expected b/rust/ql/test/extractor-tests/crate_graph/crates.expected index acc8aa3dec8..f934618db9c 100644 --- a/rust/ql/test/extractor-tests/crate_graph/crates.expected +++ b/rust/ql/test/extractor-tests/crate_graph/crates.expected @@ -18,7 +18,7 @@ #-----| core -> Crate(core@0.0.0) #-----| compiler_builtins -> Crate(compiler_builtins@0.1.140) -#-----| Crate(cfg_if@1.0.0) +#-----| Crate(cfg_if@1.0.1) #-----| proc_macro -> Crate(proc_macro@0.0.0) #-----| alloc -> Crate(alloc@0.0.0) #-----| core -> Crate(core@0.0.0) @@ -89,7 +89,7 @@ main.rs: #-----| core -> Crate(core@0.0.0) #-----| std -> Crate(std@0.0.0) #-----| test -> Crate(test@0.0.0) -#-----| cfg_if -> Crate(cfg_if@1.0.0) +#-----| cfg_if -> Crate(cfg_if@1.0.1) #-----| digest -> Crate(digest@0.10.7) #-----| Crate(md5@0.7.0) From 168246005cc60d3132c87816ecfeb4337f6868b5 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Wed, 11 Jun 2025 18:33:59 +0100 Subject: [PATCH 026/111] Rust: Extend tests based on cases found in DCA. --- .../CWE-825/AccessAfterLifetime.expected | 36 +++++++++++-------- .../query-tests/security/CWE-825/lifetime.rs | 22 ++++++++++-- 2 files changed, 41 insertions(+), 17 deletions(-) diff --git a/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected b/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected index 998a63b8f77..f0e454879ce 100644 --- a/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected +++ b/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected @@ -22,7 +22,8 @@ | lifetime.rs:667:14:667:17 | ref1 | lifetime.rs:654:31:654:35 | &str1 | lifetime.rs:667:14:667:17 | ref1 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:653:8:653:11 | str1 | str1 | | lifetime.rs:667:14:667:17 | ref1 | lifetime.rs:655:11:655:25 | &raw const str2 | lifetime.rs:667:14:667:17 | ref1 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:651:7:651:10 | str2 | str2 | | lifetime.rs:734:12:734:13 | r1 | lifetime.rs:719:26:719:34 | &... | lifetime.rs:734:12:734:13 | r1 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:719:19:719:20 | v2 | v2 | -| lifetime.rs:775:10:775:12 | ptr | lifetime.rs:765:9:765:12 | &val | lifetime.rs:775:10:775:12 | ptr | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:763:6:763:8 | val | val | +| lifetime.rs:771:12:771:14 | ptr | lifetime.rs:769:12:769:23 | &val | lifetime.rs:771:12:771:14 | ptr | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:769:12:769:23 | val | val | +| lifetime.rs:791:10:791:12 | ptr | lifetime.rs:781:9:781:12 | &val | lifetime.rs:791:10:791:12 | ptr | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:779:6:779:8 | val | val | edges | deallocation.rs:148:6:148:7 | p1 | deallocation.rs:151:14:151:15 | p1 | provenance | | | deallocation.rs:148:6:148:7 | p1 | deallocation.rs:158:14:158:15 | p1 | provenance | | @@ -190,12 +191,15 @@ edges | lifetime.rs:719:26:719:34 | &... | lifetime.rs:718:7:718:8 | r1 | provenance | | | lifetime.rs:730:6:730:7 | r1 | lifetime.rs:734:12:734:13 | r1 | provenance | | | lifetime.rs:730:11:730:25 | e1.test_match() | lifetime.rs:730:6:730:7 | r1 | provenance | | -| lifetime.rs:756:2:756:12 | &val | lifetime.rs:756:2:756:12 | ptr | provenance | | -| lifetime.rs:756:2:756:12 | ptr | lifetime.rs:757:2:757:12 | ptr | provenance | | -| lifetime.rs:765:2:765:12 | return ... | lifetime.rs:769:12:769:24 | get_pointer(...) | provenance | | -| lifetime.rs:765:9:765:12 | &val | lifetime.rs:765:2:765:12 | return ... | provenance | | -| lifetime.rs:769:6:769:8 | ptr | lifetime.rs:775:10:775:12 | ptr | provenance | | -| lifetime.rs:769:12:769:24 | get_pointer(...) | lifetime.rs:769:6:769:8 | ptr | provenance | | +| lifetime.rs:766:2:766:13 | &val | lifetime.rs:766:2:766:13 | ptr | provenance | | +| lifetime.rs:766:2:766:13 | ptr | lifetime.rs:767:2:767:13 | ptr | provenance | | +| lifetime.rs:769:6:769:8 | ptr | lifetime.rs:771:12:771:14 | ptr | provenance | | +| lifetime.rs:769:12:769:23 | &val | lifetime.rs:769:12:769:23 | ptr | provenance | | +| lifetime.rs:769:12:769:23 | ptr | lifetime.rs:769:6:769:8 | ptr | provenance | | +| lifetime.rs:781:2:781:12 | return ... | lifetime.rs:785:12:785:24 | get_pointer(...) | provenance | | +| lifetime.rs:781:9:781:12 | &val | lifetime.rs:781:2:781:12 | return ... | provenance | | +| lifetime.rs:785:6:785:8 | ptr | lifetime.rs:791:10:791:12 | ptr | provenance | | +| lifetime.rs:785:12:785:24 | get_pointer(...) | lifetime.rs:785:6:785:8 | ptr | provenance | | models | 1 | Summary: lang:core; crate::ptr::from_ref; Argument[0]; ReturnValue; value | nodes @@ -395,12 +399,16 @@ nodes | lifetime.rs:730:6:730:7 | r1 | semmle.label | r1 | | lifetime.rs:730:11:730:25 | e1.test_match() | semmle.label | e1.test_match() | | lifetime.rs:734:12:734:13 | r1 | semmle.label | r1 | -| lifetime.rs:756:2:756:12 | &val | semmle.label | &val | -| lifetime.rs:756:2:756:12 | ptr | semmle.label | ptr | -| lifetime.rs:757:2:757:12 | ptr | semmle.label | ptr | -| lifetime.rs:765:2:765:12 | return ... | semmle.label | return ... | -| lifetime.rs:765:9:765:12 | &val | semmle.label | &val | +| lifetime.rs:766:2:766:13 | &val | semmle.label | &val | +| lifetime.rs:766:2:766:13 | ptr | semmle.label | ptr | +| lifetime.rs:767:2:767:13 | ptr | semmle.label | ptr | | lifetime.rs:769:6:769:8 | ptr | semmle.label | ptr | -| lifetime.rs:769:12:769:24 | get_pointer(...) | semmle.label | get_pointer(...) | -| lifetime.rs:775:10:775:12 | ptr | semmle.label | ptr | +| lifetime.rs:769:12:769:23 | &val | semmle.label | &val | +| lifetime.rs:769:12:769:23 | ptr | semmle.label | ptr | +| lifetime.rs:771:12:771:14 | ptr | semmle.label | ptr | +| lifetime.rs:781:2:781:12 | return ... | semmle.label | return ... | +| lifetime.rs:781:9:781:12 | &val | semmle.label | &val | +| lifetime.rs:785:6:785:8 | ptr | semmle.label | ptr | +| lifetime.rs:785:12:785:24 | get_pointer(...) | semmle.label | get_pointer(...) | +| lifetime.rs:791:10:791:12 | ptr | semmle.label | ptr | subpaths diff --git a/rust/ql/test/query-tests/security/CWE-825/lifetime.rs b/rust/ql/test/query-tests/security/CWE-825/lifetime.rs index 656d7c692f8..386601f71fd 100644 --- a/rust/ql/test/query-tests/security/CWE-825/lifetime.rs +++ b/rust/ql/test/query-tests/security/CWE-825/lifetime.rs @@ -737,7 +737,7 @@ pub fn test_enum_members() { // --- macros --- -macro_rules! my_macro { +macro_rules! my_macro1 { () => { let ptr: *const i64; { @@ -752,9 +752,25 @@ macro_rules! my_macro { } } +macro_rules! my_macro2 { + () => { + { + let val: i64 = 1; + let ptr: *const i64 = &val; + ptr + } + } +} + pub fn test_macros() { - my_macro!(); - my_macro!(); + my_macro1!(); + my_macro1!(); + + let ptr = my_macro2!(); // $ SPURIOUS: Source[rust/access-after-lifetime-ended]=ptr + unsafe { + let v = *ptr; // $ SPURIOUS: Alert[rust/access-after-lifetime-ended]=ptr + println!(" v = {v}"); + } } // --- examples from qhelp --- From 087e66665858d784dcc8f08e9bc3e5299a8f439e Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Wed, 11 Jun 2025 18:48:23 +0100 Subject: [PATCH 027/111] Rust: Exclude sources in macro expansions. --- rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql | 3 ++- .../query-tests/security/CWE-825/AccessAfterLifetime.expected | 1 - rust/ql/test/query-tests/security/CWE-825/lifetime.rs | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql b/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql index e874b0eba8a..0661932a41f 100644 --- a/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql +++ b/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql @@ -40,7 +40,8 @@ where AccessAfterLifetimeFlow::flowPath(sourceNode, sinkNode) and // check that the dereference is outside the lifetime of the target AccessAfterLifetime::dereferenceAfterLifetime(sourceNode.getNode(), sinkNode.getNode(), target) and - // exclude sinks in macros, since these results are difficult to interpret + // exclude cases with sources / sinks in macros, since these results are difficult to interpret + not sourceNode.getNode().asExpr().getExpr().isFromMacroExpansion() and not sinkNode.getNode().asExpr().getExpr().isFromMacroExpansion() select sinkNode.getNode(), sourceNode, sinkNode, "Access of a pointer to $@ after its lifetime has ended.", target, target.toString() diff --git a/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected b/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected index f0e454879ce..f99bb399fd4 100644 --- a/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected +++ b/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected @@ -22,7 +22,6 @@ | lifetime.rs:667:14:667:17 | ref1 | lifetime.rs:654:31:654:35 | &str1 | lifetime.rs:667:14:667:17 | ref1 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:653:8:653:11 | str1 | str1 | | lifetime.rs:667:14:667:17 | ref1 | lifetime.rs:655:11:655:25 | &raw const str2 | lifetime.rs:667:14:667:17 | ref1 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:651:7:651:10 | str2 | str2 | | lifetime.rs:734:12:734:13 | r1 | lifetime.rs:719:26:719:34 | &... | lifetime.rs:734:12:734:13 | r1 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:719:19:719:20 | v2 | v2 | -| lifetime.rs:771:12:771:14 | ptr | lifetime.rs:769:12:769:23 | &val | lifetime.rs:771:12:771:14 | ptr | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:769:12:769:23 | val | val | | lifetime.rs:791:10:791:12 | ptr | lifetime.rs:781:9:781:12 | &val | lifetime.rs:791:10:791:12 | ptr | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:779:6:779:8 | val | val | edges | deallocation.rs:148:6:148:7 | p1 | deallocation.rs:151:14:151:15 | p1 | provenance | | diff --git a/rust/ql/test/query-tests/security/CWE-825/lifetime.rs b/rust/ql/test/query-tests/security/CWE-825/lifetime.rs index 386601f71fd..fc5d6426316 100644 --- a/rust/ql/test/query-tests/security/CWE-825/lifetime.rs +++ b/rust/ql/test/query-tests/security/CWE-825/lifetime.rs @@ -766,9 +766,9 @@ pub fn test_macros() { my_macro1!(); my_macro1!(); - let ptr = my_macro2!(); // $ SPURIOUS: Source[rust/access-after-lifetime-ended]=ptr + let ptr = my_macro2!(); unsafe { - let v = *ptr; // $ SPURIOUS: Alert[rust/access-after-lifetime-ended]=ptr + let v = *ptr; println!(" v = {v}"); } } From 14b75a968bad11f70cde492724ecfed09cd0df15 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Fri, 13 Jun 2025 14:09:49 +0100 Subject: [PATCH 028/111] Apply suggestions from code review Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com> --- .../ql/src/queries/security/CWE-825/AccessAfterLifetime.qhelp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.qhelp b/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.qhelp index 41d62af44e3..fe5dd64a270 100644 --- a/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.qhelp +++ b/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.qhelp @@ -6,7 +6,7 @@

    Dereferencing a pointer after the lifetime of its target has ended causes undefined behavior. Memory -may be corrupted causing the program to crash or behave incorrectly, in some cases exposing the program +may be corrupted, causing the program to crash or behave incorrectly, in some cases exposing the program to potential attacks.

    @@ -33,7 +33,7 @@ after that lifetime has ended, causing undefined behavior:

    One way to fix this is to change the return type of the function from a pointer to a Box, which ensures that the value it points to remains on the heap for the lifetime of the Box -itself. Notice that there is no longer a need for an unsafe block as the code no longer +itself. Note that there is no longer a need for an unsafe block as the code no longer handles pointers directly:

    From 4ea53773b9a0921beb161dd089ceedd7d406dcd0 Mon Sep 17 00:00:00 2001 From: Vasco-jofra <11303847+Vasco-jofra@users.noreply.github.com> Date: Fri, 13 Jun 2025 15:35:46 +0200 Subject: [PATCH 029/111] Model the TypeORM Repository API --- .../experimental/semmle/javascript/SQL.qll | 33 ++++++++++++++++++- .../ql/test/experimental/TypeOrm/test.ts | 7 +++- .../test/experimental/TypeOrm/tests.expected | 1 + 3 files changed, 39 insertions(+), 2 deletions(-) diff --git a/javascript/ql/src/experimental/semmle/javascript/SQL.qll b/javascript/ql/src/experimental/semmle/javascript/SQL.qll index 3581106e2f8..5127881085d 100644 --- a/javascript/ql/src/experimental/semmle/javascript/SQL.qll +++ b/javascript/ql/src/experimental/semmle/javascript/SQL.qll @@ -146,11 +146,42 @@ module ExperimentalSql { override DataFlow::Node getAQueryArgument() { result = this.getArgument(0) } } + /** + * A call to a TypeORM `Repository` (https://orkhan.gitbook.io/typeorm/docs/repository-api) + */ + private class RepositoryCall extends DatabaseAccess { + API::Node repository; + + RepositoryCall() { + ( + repository = API::moduleImport("typeorm").getMember("Repository").getInstance() or + repository = dataSource().getMember("getRepository").getReturn() + ) and + this = repository.getMember(_).asSource() + } + + override DataFlow::Node getAResult() { + result = + repository + .getMember([ + "find", "findBy", "findOne", "findOneBy", "findOneOrFail", "findOneByOrFail", + "findAndCount", "findAndCountBy" + ]) + .getReturn() + .asSource() + } + + override DataFlow::Node getAQueryArgument() { + result = repository.getMember("query").getParameter(0).asSink() + } + } + /** An expression that is passed to the `query` function and hence interpreted as SQL. */ class QueryString extends SQL::SqlString { QueryString() { this = any(QueryRunner qr).getAQueryArgument() or - this = any(QueryBuilderCall qb).getAQueryArgument() + this = any(QueryBuilderCall qb).getAQueryArgument() or + this = any(RepositoryCall rc).getAQueryArgument() } } } diff --git a/javascript/ql/test/experimental/TypeOrm/test.ts b/javascript/ql/test/experimental/TypeOrm/test.ts index 39e4dbb6ec3..3e0f6b3a717 100644 --- a/javascript/ql/test/experimental/TypeOrm/test.ts +++ b/javascript/ql/test/experimental/TypeOrm/test.ts @@ -72,7 +72,7 @@ function makePaginationQuery(q: SelectQueryBuilder): SelectQueryBuilder AppDataSource.initialize().then(async () => { const BadInput = "A user controllable Remote Source like `' 1=1 --` " - + // Active record await UserActiveRecord.findByName(BadInput, "Saw") @@ -217,4 +217,9 @@ AppDataSource.initialize().then(async () => { qb.where(BadInput).orWhere(BadInput) // test: SQLInjectionPoint }), ).getMany() + + // Repository.query sink + await AppDataSource.getRepository(User2) + .query(BadInput) // test: SQLInjectionPoint + }).catch(error => console.log(error)) diff --git a/javascript/ql/test/experimental/TypeOrm/tests.expected b/javascript/ql/test/experimental/TypeOrm/tests.expected index a8f092c33e3..cbcf7785c78 100644 --- a/javascript/ql/test/experimental/TypeOrm/tests.expected +++ b/javascript/ql/test/experimental/TypeOrm/tests.expected @@ -29,4 +29,5 @@ passingPositiveTests | PASSED | SQLInjectionPoint | test.ts:210:28:210:53 | // test ... onPoint | | PASSED | SQLInjectionPoint | test.ts:213:56:213:81 | // test ... onPoint | | PASSED | SQLInjectionPoint | test.ts:217:56:217:81 | // test ... onPoint | +| PASSED | SQLInjectionPoint | test.ts:223:29:223:54 | // test ... onPoint | failingPositiveTests From ddf77a0b728ee712dc592178006fe03c5e4590dc Mon Sep 17 00:00:00 2001 From: Vasco-jofra <11303847+Vasco-jofra@users.noreply.github.com> Date: Fri, 13 Jun 2025 15:37:27 +0200 Subject: [PATCH 030/111] Remove unnecessary spaces --- javascript/ql/test/experimental/TypeOrm/test.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/javascript/ql/test/experimental/TypeOrm/test.ts b/javascript/ql/test/experimental/TypeOrm/test.ts index 3e0f6b3a717..3f6cd54d22d 100644 --- a/javascript/ql/test/experimental/TypeOrm/test.ts +++ b/javascript/ql/test/experimental/TypeOrm/test.ts @@ -72,7 +72,7 @@ function makePaginationQuery(q: SelectQueryBuilder): SelectQueryBuilder AppDataSource.initialize().then(async () => { const BadInput = "A user controllable Remote Source like `' 1=1 --` " - + // Active record await UserActiveRecord.findByName(BadInput, "Saw") From baf0d3ef227a40d541219b8873c4ecf6e7c1bd83 Mon Sep 17 00:00:00 2001 From: Vasco-jofra <11303847+Vasco-jofra@users.noreply.github.com> Date: Sat, 14 Jun 2025 23:27:49 +0200 Subject: [PATCH 031/111] Model NestJS middlewares as sources --- .../lib/semmle/javascript/frameworks/Nest.qll | 55 +++++++++++++++++++ .../frameworks/Nest/local/middleware.ts | 12 ++++ .../frameworks/Nest/test.expected | 4 ++ 3 files changed, 71 insertions(+) create mode 100644 javascript/ql/test/library-tests/frameworks/Nest/local/middleware.ts diff --git a/javascript/ql/lib/semmle/javascript/frameworks/Nest.qll b/javascript/ql/lib/semmle/javascript/frameworks/Nest.qll index d6bcb9ddd40..80f16e6c1cc 100644 --- a/javascript/ql/lib/semmle/javascript/frameworks/Nest.qll +++ b/javascript/ql/lib/semmle/javascript/frameworks/Nest.qll @@ -447,6 +447,61 @@ module NestJS { } } + /** + * A NestJS Middleware Class + */ + private class NestMiddlewareClass extends DataFlow::ClassNode { + NestMiddlewareClass() { + exists(ClassDefinition cls | + this = cls.flow() and + cls.getASuperInterface().hasUnderlyingType("@nestjs/common", "NestMiddleware") + ) + } + + DataFlow::FunctionNode getUseFunction() { result = this.getInstanceMethod("use") } + } + + /** + * A NestJS Middleware Class route handler (the `use` method) + */ + private class MiddlewareRouteHandler extends Http::RouteHandler, DataFlow::FunctionNode { + MiddlewareRouteHandler() { this = any(NestMiddlewareClass m).getUseFunction() } + + override Http::HeaderDefinition getAResponseHeader(string name) { none() } + + /** + * Gets the request object used by this route + */ + DataFlow::ParameterNode getRequest() { result = this.getParameter(0) } + + /** + * Gets the response object used by this route + */ + DataFlow::ParameterNode getResponse() { result = this.getParameter(1) } + } + + /** + * A source of `express` request objects for NestJS middlewares + */ + private class MiddlewareRequestSource extends Express::RequestSource { + MiddlewareRouteHandler middlewareRouteHandler; + + MiddlewareRequestSource() { this = middlewareRouteHandler.getRequest() } + + override Http::RouteHandler getRouteHandler() { result = middlewareRouteHandler } + } + + /** + * A source of `express` response objects for NestJS middlewares + */ + private class MiddlewareResponseSource extends Express::ResponseSource { + MiddlewareRouteHandler middlewareRouteHandler; + + MiddlewareResponseSource() { this = middlewareRouteHandler.getResponse() } + + override Http::RouteHandler getRouteHandler() { result = middlewareRouteHandler } + } + /** * A value passed in the `providers` array in: * ```js diff --git a/javascript/ql/test/library-tests/frameworks/Nest/local/middleware.ts b/javascript/ql/test/library-tests/frameworks/Nest/local/middleware.ts new file mode 100644 index 00000000000..f7f7104c68c --- /dev/null +++ b/javascript/ql/test/library-tests/frameworks/Nest/local/middleware.ts @@ -0,0 +1,12 @@ +import { Injectable, NestMiddleware } from '@nestjs/common'; +import { Response, NextFunction } from 'express'; +import { CustomRequest } from '@randomPackage/request'; + +@Injectable() +export class LoggerMiddleware implements NestMiddleware { + // The request can be a custom type that extends the express Request + use(req: CustomRequest, res: Response, next: NextFunction) { + console.log(req.query.abc); + next(); + } +} \ No newline at end of file diff --git a/javascript/ql/test/library-tests/frameworks/Nest/test.expected b/javascript/ql/test/library-tests/frameworks/Nest/test.expected index db49fc95eba..6a10a942e2d 100644 --- a/javascript/ql/test/library-tests/frameworks/Nest/test.expected +++ b/javascript/ql/test/library-tests/frameworks/Nest/test.expected @@ -10,6 +10,7 @@ routeHandler | local/customPipe.ts:36:5:38:5 | propaga ... K\\n } | | local/customPipe.ts:41:5:43:5 | propaga ... K\\n } | | local/customPipe.ts:47:5:49:5 | propaga ... K\\n } | +| local/middleware.ts:8:3:11:3 | use(req ... ();\\n } | | local/routes.ts:6:3:8:3 | getFoo( ... o';\\n } | | local/routes.ts:11:3:13:3 | postFoo ... o';\\n } | | local/routes.ts:16:3:18:3 | getRoot ... o';\\n } | @@ -29,9 +30,11 @@ routeHandler | local/validation.ts:42:3:45:3 | route6( ... OK\\n } | requestSource | local/customDecorator.ts:5:21:5:51 | ctx.swi ... quest() | +| local/middleware.ts:8:7:8:9 | req | | local/routes.ts:30:12:30:14 | req | | local/routes.ts:61:23:61:25 | req | responseSource +| local/middleware.ts:8:27:8:29 | res | | local/routes.ts:61:35:61:37 | res | | local/routes.ts:62:5:62:25 | res.sen ... uery.x) | requestInputAccess @@ -44,6 +47,7 @@ requestInputAccess | parameter | local/customDecorator.ts:6:12:6:41 | request ... ryParam | | parameter | local/customPipe.ts:5:15:5:19 | value | | parameter | local/customPipe.ts:13:15:13:19 | value | +| parameter | local/middleware.ts:9:17:9:29 | req.query.abc | | parameter | local/routes.ts:27:17:27:17 | x | | parameter | local/routes.ts:28:14:28:21 | queryObj | | parameter | local/routes.ts:29:20:29:23 | name | From 2b143c86acc60cf74dc78ea072aa07991cf4e0e1 Mon Sep 17 00:00:00 2001 From: Vasco-jofra <11303847+Vasco-jofra@users.noreply.github.com> Date: Sun, 15 Jun 2025 00:09:07 +0200 Subject: [PATCH 032/111] NestJS dependency Injection support useFactory provider --- .../lib/semmle/javascript/frameworks/Nest.qll | 10 +++++++++- .../frameworks/Nest/global/app.module.ts | 19 +++++++++++++------ .../frameworks/Nest/global/foo.impl.ts | 8 +++++++- .../frameworks/Nest/global/foo.interface.ts | 4 ++++ .../frameworks/Nest/global/validation.ts | 5 +++-- .../frameworks/Nest/test.expected | 2 +- 6 files changed, 37 insertions(+), 11 deletions(-) diff --git a/javascript/ql/lib/semmle/javascript/frameworks/Nest.qll b/javascript/ql/lib/semmle/javascript/frameworks/Nest.qll index 80f16e6c1cc..35900ef765f 100644 --- a/javascript/ql/lib/semmle/javascript/frameworks/Nest.qll +++ b/javascript/ql/lib/semmle/javascript/frameworks/Nest.qll @@ -519,12 +519,20 @@ module NestJS { .(DataFlow::ArrayCreationNode) .getAnElement() } + private DataFlow::Node getConcreteClassFromProviderTuple(DataFlow::SourceNode tuple) { + result = tuple.getAPropertyWrite("useClass").getRhs() + or + exists(DataFlow::FunctionNode f | + f = tuple.getAPropertyWrite("useFactory").getRhs().getALocalSource() and + result.getAstNode() = f.getFunction().getAReturnedExpr().getType().(ClassType).getClass() + ) + } private predicate providerPair(DataFlow::Node interface, DataFlow::Node concreteClass) { exists(DataFlow::SourceNode tuple | tuple = providerTuple().getALocalSource() and interface = tuple.getAPropertyWrite("provide").getRhs() and - concreteClass = tuple.getAPropertyWrite("useClass").getRhs() + concreteClass = getConcreteClassFromProviderTuple(tuple) ) } diff --git a/javascript/ql/test/library-tests/frameworks/Nest/global/app.module.ts b/javascript/ql/test/library-tests/frameworks/Nest/global/app.module.ts index 2c230821a63..1523b320136 100644 --- a/javascript/ql/test/library-tests/frameworks/Nest/global/app.module.ts +++ b/javascript/ql/test/library-tests/frameworks/Nest/global/app.module.ts @@ -1,12 +1,19 @@ import { Module } from '@nestjs/common'; import { Controller } from './validation'; -import { Foo } from './foo.interface'; -import { FooImpl } from './foo.impl'; +import { Foo, Foo2 } from './foo.interface'; +import { FooImpl, Foo2Impl } from './foo.impl'; @Module({ - controllers: [Controller], - providers: [{ - provide: Foo, useClass: FooImpl - }], + controllers: [Controller], + providers: [ + { + provide: Foo, + useClass: FooImpl + }, + { + provide: Foo2, + useFactory: () => new Foo2Impl() + } + ], }) export class AppModule { } diff --git a/javascript/ql/test/library-tests/frameworks/Nest/global/foo.impl.ts b/javascript/ql/test/library-tests/frameworks/Nest/global/foo.impl.ts index 979389a3804..f4f591d230d 100644 --- a/javascript/ql/test/library-tests/frameworks/Nest/global/foo.impl.ts +++ b/javascript/ql/test/library-tests/frameworks/Nest/global/foo.impl.ts @@ -1,7 +1,13 @@ -import { Foo } from "./foo.interface"; +import { Foo , Foo2 } from "./foo.interface"; export class FooImpl extends Foo { fooMethod(x: string) { sink(x); // $ hasValueFlow=x } } + +export class Foo2Impl extends Foo2 { + fooMethod(x: string) { + sink(x); // $ hasValueFlow=x + } +} \ No newline at end of file diff --git a/javascript/ql/test/library-tests/frameworks/Nest/global/foo.interface.ts b/javascript/ql/test/library-tests/frameworks/Nest/global/foo.interface.ts index f22529c2d18..db460642655 100644 --- a/javascript/ql/test/library-tests/frameworks/Nest/global/foo.interface.ts +++ b/javascript/ql/test/library-tests/frameworks/Nest/global/foo.interface.ts @@ -1,3 +1,7 @@ export abstract class Foo { abstract fooMethod(x: string): void; } + +export abstract class Foo2 { + abstract fooMethod(x: string): void; +} diff --git a/javascript/ql/test/library-tests/frameworks/Nest/global/validation.ts b/javascript/ql/test/library-tests/frameworks/Nest/global/validation.ts index 1872b5a51b7..b0470b70d1e 100644 --- a/javascript/ql/test/library-tests/frameworks/Nest/global/validation.ts +++ b/javascript/ql/test/library-tests/frameworks/Nest/global/validation.ts @@ -1,10 +1,10 @@ import { Get, Query } from '@nestjs/common'; import { IsIn } from 'class-validator'; -import { Foo } from './foo.interface'; +import { Foo, Foo2 } from './foo.interface'; export class Controller { constructor( - private readonly foo: Foo + private readonly foo: Foo, private readonly foo2: Foo2 ) { } @Get() @@ -16,6 +16,7 @@ export class Controller { @Get() route2(@Query('x') x: string) { this.foo.fooMethod(x); + this.foo2.fooMethod(x); } } diff --git a/javascript/ql/test/library-tests/frameworks/Nest/test.expected b/javascript/ql/test/library-tests/frameworks/Nest/test.expected index 6a10a942e2d..53b34ecef94 100644 --- a/javascript/ql/test/library-tests/frameworks/Nest/test.expected +++ b/javascript/ql/test/library-tests/frameworks/Nest/test.expected @@ -1,7 +1,7 @@ testFailures routeHandler | global/validation.ts:11:3:14:3 | route1( ... OK\\n } | -| global/validation.ts:17:3:19:3 | route2( ... x);\\n } | +| global/validation.ts:17:3:20:3 | route2( ... x);\\n } | | local/customDecorator.ts:18:3:20:3 | sneaky( ... OK\\n } | | local/customDecorator.ts:23:3:25:3 | safe(@S ... OK\\n } | | local/customPipe.ts:20:5:22:5 | sanitiz ... K\\n } | From 477f32c7ff807bf1b01555d365d37069f7ae8cd4 Mon Sep 17 00:00:00 2001 From: Vasco-jofra <11303847+Vasco-jofra@users.noreply.github.com> Date: Sun, 15 Jun 2025 00:21:38 +0200 Subject: [PATCH 033/111] NestJS dependency injection support useValue provider --- .../ql/lib/semmle/javascript/frameworks/Nest.qll | 3 +++ .../library-tests/frameworks/Nest/global/app.module.ts | 10 ++++++++-- .../library-tests/frameworks/Nest/global/foo.impl.ts | 6 ++++++ .../frameworks/Nest/global/foo.interface.ts | 4 ++++ .../library-tests/frameworks/Nest/global/validation.ts | 5 +++-- .../test/library-tests/frameworks/Nest/test.expected | 2 +- 6 files changed, 25 insertions(+), 5 deletions(-) diff --git a/javascript/ql/lib/semmle/javascript/frameworks/Nest.qll b/javascript/ql/lib/semmle/javascript/frameworks/Nest.qll index 35900ef765f..ff3c7920247 100644 --- a/javascript/ql/lib/semmle/javascript/frameworks/Nest.qll +++ b/javascript/ql/lib/semmle/javascript/frameworks/Nest.qll @@ -526,6 +526,9 @@ module NestJS { f = tuple.getAPropertyWrite("useFactory").getRhs().getALocalSource() and result.getAstNode() = f.getFunction().getAReturnedExpr().getType().(ClassType).getClass() ) + or + result.getAstNode() = + tuple.getAPropertyWrite("useValue").getRhs().asExpr().getType().(ClassType).getClass() } private predicate providerPair(DataFlow::Node interface, DataFlow::Node concreteClass) { diff --git a/javascript/ql/test/library-tests/frameworks/Nest/global/app.module.ts b/javascript/ql/test/library-tests/frameworks/Nest/global/app.module.ts index 1523b320136..39c17fcc1d2 100644 --- a/javascript/ql/test/library-tests/frameworks/Nest/global/app.module.ts +++ b/javascript/ql/test/library-tests/frameworks/Nest/global/app.module.ts @@ -1,7 +1,9 @@ import { Module } from '@nestjs/common'; import { Controller } from './validation'; -import { Foo, Foo2 } from './foo.interface'; -import { FooImpl, Foo2Impl } from './foo.impl'; +import { Foo, Foo2, Foo3 } from './foo.interface'; +import { FooImpl, Foo2Impl, Foo3Impl } from './foo.impl'; + +const foo3 = new Foo3Impl() @Module({ controllers: [Controller], @@ -13,6 +15,10 @@ import { FooImpl, Foo2Impl } from './foo.impl'; { provide: Foo2, useFactory: () => new Foo2Impl() + }, + { + provide: Foo3, + useValue: foo3 } ], }) diff --git a/javascript/ql/test/library-tests/frameworks/Nest/global/foo.impl.ts b/javascript/ql/test/library-tests/frameworks/Nest/global/foo.impl.ts index f4f591d230d..ebc2fa36084 100644 --- a/javascript/ql/test/library-tests/frameworks/Nest/global/foo.impl.ts +++ b/javascript/ql/test/library-tests/frameworks/Nest/global/foo.impl.ts @@ -10,4 +10,10 @@ export class Foo2Impl extends Foo2 { fooMethod(x: string) { sink(x); // $ hasValueFlow=x } +} + +export class Foo3Impl extends Foo2 { + fooMethod(x: string) { + sink(x); // $ hasValueFlow=x + } } \ No newline at end of file diff --git a/javascript/ql/test/library-tests/frameworks/Nest/global/foo.interface.ts b/javascript/ql/test/library-tests/frameworks/Nest/global/foo.interface.ts index db460642655..f2f48b60cd2 100644 --- a/javascript/ql/test/library-tests/frameworks/Nest/global/foo.interface.ts +++ b/javascript/ql/test/library-tests/frameworks/Nest/global/foo.interface.ts @@ -5,3 +5,7 @@ export abstract class Foo { export abstract class Foo2 { abstract fooMethod(x: string): void; } + +export abstract class Foo3 { + abstract fooMethod(x: string): void; +} diff --git a/javascript/ql/test/library-tests/frameworks/Nest/global/validation.ts b/javascript/ql/test/library-tests/frameworks/Nest/global/validation.ts index b0470b70d1e..d9a85fdaa8c 100644 --- a/javascript/ql/test/library-tests/frameworks/Nest/global/validation.ts +++ b/javascript/ql/test/library-tests/frameworks/Nest/global/validation.ts @@ -1,10 +1,10 @@ import { Get, Query } from '@nestjs/common'; import { IsIn } from 'class-validator'; -import { Foo, Foo2 } from './foo.interface'; +import { Foo, Foo2, Foo3 } from './foo.interface'; export class Controller { constructor( - private readonly foo: Foo, private readonly foo2: Foo2 + private readonly foo: Foo, private readonly foo2: Foo2, private readonly foo3: Foo3 ) { } @Get() @@ -17,6 +17,7 @@ export class Controller { route2(@Query('x') x: string) { this.foo.fooMethod(x); this.foo2.fooMethod(x); + this.foo3.fooMethod(x); } } diff --git a/javascript/ql/test/library-tests/frameworks/Nest/test.expected b/javascript/ql/test/library-tests/frameworks/Nest/test.expected index 53b34ecef94..c2e8455e03c 100644 --- a/javascript/ql/test/library-tests/frameworks/Nest/test.expected +++ b/javascript/ql/test/library-tests/frameworks/Nest/test.expected @@ -1,7 +1,7 @@ testFailures routeHandler | global/validation.ts:11:3:14:3 | route1( ... OK\\n } | -| global/validation.ts:17:3:20:3 | route2( ... x);\\n } | +| global/validation.ts:17:3:21:3 | route2( ... x);\\n } | | local/customDecorator.ts:18:3:20:3 | sneaky( ... OK\\n } | | local/customDecorator.ts:23:3:25:3 | safe(@S ... OK\\n } | | local/customPipe.ts:20:5:22:5 | sanitiz ... K\\n } | From 9019879d9926dcfd4e241cced6cc667aad3cb2b4 Mon Sep 17 00:00:00 2001 From: Vasco-jofra <11303847+Vasco-jofra@users.noreply.github.com> Date: Sun, 15 Jun 2025 00:32:26 +0200 Subject: [PATCH 034/111] Improve useFactory inter file function detection --- javascript/ql/lib/semmle/javascript/frameworks/Nest.qll | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/javascript/ql/lib/semmle/javascript/frameworks/Nest.qll b/javascript/ql/lib/semmle/javascript/frameworks/Nest.qll index ff3c7920247..b6af7f37e64 100644 --- a/javascript/ql/lib/semmle/javascript/frameworks/Nest.qll +++ b/javascript/ql/lib/semmle/javascript/frameworks/Nest.qll @@ -523,10 +523,10 @@ module NestJS { result = tuple.getAPropertyWrite("useClass").getRhs() or exists(DataFlow::FunctionNode f | - f = tuple.getAPropertyWrite("useFactory").getRhs().getALocalSource() and + f = tuple.getAPropertyWrite("useFactory").getRhs().getAFunctionValue() and result.getAstNode() = f.getFunction().getAReturnedExpr().getType().(ClassType).getClass() ) - or + or result.getAstNode() = tuple.getAPropertyWrite("useValue").getRhs().asExpr().getType().(ClassType).getClass() } From 69204300734501a2566a608b2adb3f647e295c89 Mon Sep 17 00:00:00 2001 From: Vasco-jofra <11303847+Vasco-jofra@users.noreply.github.com> Date: Sun, 15 Jun 2025 00:47:34 +0200 Subject: [PATCH 035/111] Improve dependency injection through import function calls --- .../lib/semmle/javascript/frameworks/Nest.qll | 37 +++++++++++++++---- .../frameworks/Nest/global/app.module.ts | 2 + .../frameworks/Nest/global/foo.impl.ts | 10 ++++- .../frameworks/Nest/global/foo.interface.ts | 4 ++ .../frameworks/Nest/global/imports.ts | 16 ++++++++ .../frameworks/Nest/global/validation.ts | 5 ++- 6 files changed, 62 insertions(+), 12 deletions(-) create mode 100644 javascript/ql/test/library-tests/frameworks/Nest/global/imports.ts diff --git a/javascript/ql/lib/semmle/javascript/frameworks/Nest.qll b/javascript/ql/lib/semmle/javascript/frameworks/Nest.qll index b6af7f37e64..fcd8da5c893 100644 --- a/javascript/ql/lib/semmle/javascript/frameworks/Nest.qll +++ b/javascript/ql/lib/semmle/javascript/frameworks/Nest.qll @@ -510,15 +510,36 @@ module NestJS { * ``` */ private DataFlow::Node providerTuple() { - result = - DataFlow::moduleImport("@nestjs/common") - .getAPropertyRead("Module") - .getACall() - .getOptionArgument(0, "providers") - .getALocalSource() - .(DataFlow::ArrayCreationNode) - .getAnElement() + exists(DataFlow::CallNode moduleCall | + moduleCall = DataFlow::moduleImport("@nestjs/common").getAPropertyRead("Module").getACall() and + result = providerTupleAux(moduleCall.getArgument(0).getALocalSource()) + ) } + + private DataFlow::Node providerTupleAux(DataFlow::ObjectLiteralNode o) { + ( + result = + o.getAPropertyWrite("providers") + .getRhs() + .getALocalSource() + .(DataFlow::ArrayCreationNode) + .getAnElement() + or + result = + providerTupleAux(o.getAPropertyWrite("imports") + .getRhs() + .getALocalSource() + .(DataFlow::ArrayCreationNode) + .getAnElement() + .(DataFlow::CallNode) + .getCalleeNode() + .getAFunctionValue() + .getFunction() + .getAReturnedExpr() + .flow()) + ) + } + private DataFlow::Node getConcreteClassFromProviderTuple(DataFlow::SourceNode tuple) { result = tuple.getAPropertyWrite("useClass").getRhs() or diff --git a/javascript/ql/test/library-tests/frameworks/Nest/global/app.module.ts b/javascript/ql/test/library-tests/frameworks/Nest/global/app.module.ts index 39c17fcc1d2..b8793dc5789 100644 --- a/javascript/ql/test/library-tests/frameworks/Nest/global/app.module.ts +++ b/javascript/ql/test/library-tests/frameworks/Nest/global/app.module.ts @@ -1,5 +1,6 @@ import { Module } from '@nestjs/common'; import { Controller } from './validation'; +import { Imports } from './imports'; import { Foo, Foo2, Foo3 } from './foo.interface'; import { FooImpl, Foo2Impl, Foo3Impl } from './foo.impl'; @@ -7,6 +8,7 @@ const foo3 = new Foo3Impl() @Module({ controllers: [Controller], + imports: [Imports.forRoot()], providers: [ { provide: Foo, diff --git a/javascript/ql/test/library-tests/frameworks/Nest/global/foo.impl.ts b/javascript/ql/test/library-tests/frameworks/Nest/global/foo.impl.ts index ebc2fa36084..9e54bc4774e 100644 --- a/javascript/ql/test/library-tests/frameworks/Nest/global/foo.impl.ts +++ b/javascript/ql/test/library-tests/frameworks/Nest/global/foo.impl.ts @@ -1,4 +1,4 @@ -import { Foo , Foo2 } from "./foo.interface"; +import { Foo, Foo2, Foo3, Foo4 } from "./foo.interface"; export class FooImpl extends Foo { fooMethod(x: string) { @@ -12,7 +12,13 @@ export class Foo2Impl extends Foo2 { } } -export class Foo3Impl extends Foo2 { +export class Foo3Impl extends Foo3 { + fooMethod(x: string) { + sink(x); // $ hasValueFlow=x + } +} + +export class Foo4Impl extends Foo4 { fooMethod(x: string) { sink(x); // $ hasValueFlow=x } diff --git a/javascript/ql/test/library-tests/frameworks/Nest/global/foo.interface.ts b/javascript/ql/test/library-tests/frameworks/Nest/global/foo.interface.ts index f2f48b60cd2..b3d18f2749a 100644 --- a/javascript/ql/test/library-tests/frameworks/Nest/global/foo.interface.ts +++ b/javascript/ql/test/library-tests/frameworks/Nest/global/foo.interface.ts @@ -9,3 +9,7 @@ export abstract class Foo2 { export abstract class Foo3 { abstract fooMethod(x: string): void; } + +export abstract class Foo4 { + abstract fooMethod(x: string): void; +} diff --git a/javascript/ql/test/library-tests/frameworks/Nest/global/imports.ts b/javascript/ql/test/library-tests/frameworks/Nest/global/imports.ts new file mode 100644 index 00000000000..1df36111161 --- /dev/null +++ b/javascript/ql/test/library-tests/frameworks/Nest/global/imports.ts @@ -0,0 +1,16 @@ +import { DynamicModule } from '@nestjs/common'; +import { Foo4Impl } from './foo.impl'; +import { Foo4 } from './foo.interface'; + +export class Imports { + static forRoot(): DynamicModule { + return { + providers: [ + { + provide: Foo4, + useClass: Foo4Impl, + }, + ], + }; + } +} diff --git a/javascript/ql/test/library-tests/frameworks/Nest/global/validation.ts b/javascript/ql/test/library-tests/frameworks/Nest/global/validation.ts index d9a85fdaa8c..f6046e4651a 100644 --- a/javascript/ql/test/library-tests/frameworks/Nest/global/validation.ts +++ b/javascript/ql/test/library-tests/frameworks/Nest/global/validation.ts @@ -1,10 +1,10 @@ import { Get, Query } from '@nestjs/common'; import { IsIn } from 'class-validator'; -import { Foo, Foo2, Foo3 } from './foo.interface'; +import { Foo, Foo2, Foo3, Foo4 } from './foo.interface'; export class Controller { constructor( - private readonly foo: Foo, private readonly foo2: Foo2, private readonly foo3: Foo3 + private readonly foo: Foo, private readonly foo2: Foo2, private readonly foo3: Foo3, private readonly foo4: Foo4 ) { } @Get() @@ -18,6 +18,7 @@ export class Controller { this.foo.fooMethod(x); this.foo2.fooMethod(x); this.foo3.fooMethod(x); + this.foo4.fooMethod(x); } } From e2eca5bbff46785737a8e1ee55c1c14d2c73c7a4 Mon Sep 17 00:00:00 2001 From: Vasco-jofra <11303847+Vasco-jofra@users.noreply.github.com> Date: Sun, 15 Jun 2025 12:12:12 +0200 Subject: [PATCH 036/111] Update test.expected --- javascript/ql/test/library-tests/frameworks/Nest/test.expected | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/javascript/ql/test/library-tests/frameworks/Nest/test.expected b/javascript/ql/test/library-tests/frameworks/Nest/test.expected index c2e8455e03c..ea74b306b36 100644 --- a/javascript/ql/test/library-tests/frameworks/Nest/test.expected +++ b/javascript/ql/test/library-tests/frameworks/Nest/test.expected @@ -1,7 +1,7 @@ testFailures routeHandler | global/validation.ts:11:3:14:3 | route1( ... OK\\n } | -| global/validation.ts:17:3:21:3 | route2( ... x);\\n } | +| global/validation.ts:17:3:22:3 | route2( ... x);\\n } | | local/customDecorator.ts:18:3:20:3 | sneaky( ... OK\\n } | | local/customDecorator.ts:23:3:25:3 | safe(@S ... OK\\n } | | local/customPipe.ts:20:5:22:5 | sanitiz ... K\\n } | From df221ea8f8d3803695b00509fac681c37d2f1862 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Tue, 17 Jun 2025 23:17:17 +0100 Subject: [PATCH 037/111] Rust: Remove excess 'cached' annotation. --- rust/ql/lib/codeql/rust/elements/internal/VariableImpl.qll | 1 - 1 file changed, 1 deletion(-) diff --git a/rust/ql/lib/codeql/rust/elements/internal/VariableImpl.qll b/rust/ql/lib/codeql/rust/elements/internal/VariableImpl.qll index 697672bbaf3..3c50487edd8 100644 --- a/rust/ql/lib/codeql/rust/elements/internal/VariableImpl.qll +++ b/rust/ql/lib/codeql/rust/elements/internal/VariableImpl.qll @@ -128,7 +128,6 @@ module Impl { Name getName() { variableDecl(definingNode, result, text) } /** Gets the block that encloses this variable, if any. */ - cached BlockExpr getEnclosingBlock() { result = definingNode.getEnclosingBlock() } /** Gets the `self` parameter that declares this variable, if any. */ From 5bf799e7172ccc78527d737c66bad1786a9827b6 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Wed, 18 Jun 2025 11:52:02 +0100 Subject: [PATCH 038/111] Apply suggestions from code review Co-authored-by: Simon Friis Vindum --- .../codeql/rust/security/AccessAfterLifetimeExtensions.qll | 6 +++--- .../src/queries/security/CWE-825/AccessAfterLifetimeBad.rs | 2 +- .../src/queries/security/CWE-825/AccessAfterLifetimeGood.rs | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/rust/ql/lib/codeql/rust/security/AccessAfterLifetimeExtensions.qll b/rust/ql/lib/codeql/rust/security/AccessAfterLifetimeExtensions.qll index aaab0c30992..63ab070dac1 100644 --- a/rust/ql/lib/codeql/rust/security/AccessAfterLifetimeExtensions.qll +++ b/rust/ql/lib/codeql/rust/security/AccessAfterLifetimeExtensions.qll @@ -81,13 +81,13 @@ module AccessAfterLifetime { } /** - * Holds if block `a` contains block `b`, in the sense that a variable in - * `a` may be on the stack during execution of `b`. This is interprocedural, + * Holds if block `a` contains block `b`, in the sense that a stack allocated variable in + * `a` may still be on the stack during execution of `b`. This is interprocedural, * but is an overapproximation that doesn't accurately track call contexts * (for example if `f` and `g` both call `b`, then then depending on the * caller a variable in `f` or `g` may or may-not be on the stack during `b`). */ - private predicate maybeOnStack(BlockExpr a, BlockExpr b) { + private predicate blockStackEnclosing(BlockExpr a, BlockExpr b) { // `b` is a child of `a` a = b.getEnclosingBlock*() or diff --git a/rust/ql/src/queries/security/CWE-825/AccessAfterLifetimeBad.rs b/rust/ql/src/queries/security/CWE-825/AccessAfterLifetimeBad.rs index 61f981e4019..c5f5cf607d1 100644 --- a/rust/ql/src/queries/security/CWE-825/AccessAfterLifetimeBad.rs +++ b/rust/ql/src/queries/security/CWE-825/AccessAfterLifetimeBad.rs @@ -2,7 +2,7 @@ fn get_pointer() -> *const i64 { let val = 123; - return &val; + &val } // lifetime of `val` ends here, the pointer becomes dangling fn example() { diff --git a/rust/ql/src/queries/security/CWE-825/AccessAfterLifetimeGood.rs b/rust/ql/src/queries/security/CWE-825/AccessAfterLifetimeGood.rs index e8d0017d007..944f6905b70 100644 --- a/rust/ql/src/queries/security/CWE-825/AccessAfterLifetimeGood.rs +++ b/rust/ql/src/queries/security/CWE-825/AccessAfterLifetimeGood.rs @@ -2,7 +2,7 @@ fn get_box() -> Box { let val = 123; - return Box::new(val); // copies `val` onto the heap, where it remains for the lifetime of the `Box`. + Box::new(val) // copies `val` onto the heap, where it remains for the lifetime of the `Box`. } fn example() { From 79cedc25863d343051d2e772cb07a90da163d4b8 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Wed, 18 Jun 2025 11:56:04 +0100 Subject: [PATCH 039/111] Rust: Rename predicate again. --- .../codeql/rust/security/AccessAfterLifetimeExtensions.qll | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/rust/ql/lib/codeql/rust/security/AccessAfterLifetimeExtensions.qll b/rust/ql/lib/codeql/rust/security/AccessAfterLifetimeExtensions.qll index 63ab070dac1..4b3177c9df9 100644 --- a/rust/ql/lib/codeql/rust/security/AccessAfterLifetimeExtensions.qll +++ b/rust/ql/lib/codeql/rust/security/AccessAfterLifetimeExtensions.qll @@ -49,7 +49,7 @@ module AccessAfterLifetime { exists(BlockExpr valueScope, BlockExpr accessScope | valueScope(source.getTarget(), target, valueScope) and accessScope = sink.asExpr().getExpr().getEnclosingBlock() and - not maybeOnStack(valueScope, accessScope) + not mayEncloseOnStack(valueScope, accessScope) ) } @@ -87,13 +87,13 @@ module AccessAfterLifetime { * (for example if `f` and `g` both call `b`, then then depending on the * caller a variable in `f` or `g` may or may-not be on the stack during `b`). */ - private predicate blockStackEnclosing(BlockExpr a, BlockExpr b) { + private predicate mayEncloseOnStack(BlockExpr a, BlockExpr b) { // `b` is a child of `a` a = b.getEnclosingBlock*() or // propagate through function calls exists(CallExprBase ce | - maybeOnStack(a, ce.getEnclosingBlock()) and + mayEncloseOnStack(a, ce.getEnclosingBlock()) and ce.getStaticTarget() = b.getEnclosingCallable() ) } From dbde8418bb7036189315647b76b426f56720f05f Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Wed, 18 Jun 2025 13:55:04 +0100 Subject: [PATCH 040/111] Rust: Another test case (unsafe function). --- .../CWE-825/AccessAfterLifetime.expected | 30 ++++++++++++------- .../query-tests/security/CWE-825/lifetime.rs | 17 +++++++++++ .../test/query-tests/security/CWE-825/main.rs | 5 ++++ 3 files changed, 42 insertions(+), 10 deletions(-) diff --git a/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected b/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected index f99bb399fd4..06010d93003 100644 --- a/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected +++ b/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected @@ -22,7 +22,8 @@ | lifetime.rs:667:14:667:17 | ref1 | lifetime.rs:654:31:654:35 | &str1 | lifetime.rs:667:14:667:17 | ref1 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:653:8:653:11 | str1 | str1 | | lifetime.rs:667:14:667:17 | ref1 | lifetime.rs:655:11:655:25 | &raw const str2 | lifetime.rs:667:14:667:17 | ref1 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:651:7:651:10 | str2 | str2 | | lifetime.rs:734:12:734:13 | r1 | lifetime.rs:719:26:719:34 | &... | lifetime.rs:734:12:734:13 | r1 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:719:19:719:20 | v2 | v2 | -| lifetime.rs:791:10:791:12 | ptr | lifetime.rs:781:9:781:12 | &val | lifetime.rs:791:10:791:12 | ptr | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:779:6:779:8 | val | val | +| lifetime.rs:789:12:789:13 | p1 | lifetime.rs:781:9:781:19 | &my_local10 | lifetime.rs:789:12:789:13 | p1 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:779:6:779:15 | my_local10 | my_local10 | +| lifetime.rs:808:10:808:12 | ptr | lifetime.rs:798:9:798:12 | &val | lifetime.rs:808:10:808:12 | ptr | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:796:6:796:8 | val | val | edges | deallocation.rs:148:6:148:7 | p1 | deallocation.rs:151:14:151:15 | p1 | provenance | | | deallocation.rs:148:6:148:7 | p1 | deallocation.rs:158:14:158:15 | p1 | provenance | | @@ -195,10 +196,14 @@ edges | lifetime.rs:769:6:769:8 | ptr | lifetime.rs:771:12:771:14 | ptr | provenance | | | lifetime.rs:769:12:769:23 | &val | lifetime.rs:769:12:769:23 | ptr | provenance | | | lifetime.rs:769:12:769:23 | ptr | lifetime.rs:769:6:769:8 | ptr | provenance | | -| lifetime.rs:781:2:781:12 | return ... | lifetime.rs:785:12:785:24 | get_pointer(...) | provenance | | -| lifetime.rs:781:9:781:12 | &val | lifetime.rs:781:2:781:12 | return ... | provenance | | -| lifetime.rs:785:6:785:8 | ptr | lifetime.rs:791:10:791:12 | ptr | provenance | | -| lifetime.rs:785:12:785:24 | get_pointer(...) | lifetime.rs:785:6:785:8 | ptr | provenance | | +| lifetime.rs:781:2:781:19 | return ... | lifetime.rs:785:11:785:41 | get_local_for_unsafe_function(...) | provenance | | +| lifetime.rs:781:9:781:19 | &my_local10 | lifetime.rs:781:2:781:19 | return ... | provenance | | +| lifetime.rs:785:6:785:7 | p1 | lifetime.rs:789:12:789:13 | p1 | provenance | | +| lifetime.rs:785:11:785:41 | get_local_for_unsafe_function(...) | lifetime.rs:785:6:785:7 | p1 | provenance | | +| lifetime.rs:798:2:798:12 | return ... | lifetime.rs:802:12:802:24 | get_pointer(...) | provenance | | +| lifetime.rs:798:9:798:12 | &val | lifetime.rs:798:2:798:12 | return ... | provenance | | +| lifetime.rs:802:6:802:8 | ptr | lifetime.rs:808:10:808:12 | ptr | provenance | | +| lifetime.rs:802:12:802:24 | get_pointer(...) | lifetime.rs:802:6:802:8 | ptr | provenance | | models | 1 | Summary: lang:core; crate::ptr::from_ref; Argument[0]; ReturnValue; value | nodes @@ -405,9 +410,14 @@ nodes | lifetime.rs:769:12:769:23 | &val | semmle.label | &val | | lifetime.rs:769:12:769:23 | ptr | semmle.label | ptr | | lifetime.rs:771:12:771:14 | ptr | semmle.label | ptr | -| lifetime.rs:781:2:781:12 | return ... | semmle.label | return ... | -| lifetime.rs:781:9:781:12 | &val | semmle.label | &val | -| lifetime.rs:785:6:785:8 | ptr | semmle.label | ptr | -| lifetime.rs:785:12:785:24 | get_pointer(...) | semmle.label | get_pointer(...) | -| lifetime.rs:791:10:791:12 | ptr | semmle.label | ptr | +| lifetime.rs:781:2:781:19 | return ... | semmle.label | return ... | +| lifetime.rs:781:9:781:19 | &my_local10 | semmle.label | &my_local10 | +| lifetime.rs:785:6:785:7 | p1 | semmle.label | p1 | +| lifetime.rs:785:11:785:41 | get_local_for_unsafe_function(...) | semmle.label | get_local_for_unsafe_function(...) | +| lifetime.rs:789:12:789:13 | p1 | semmle.label | p1 | +| lifetime.rs:798:2:798:12 | return ... | semmle.label | return ... | +| lifetime.rs:798:9:798:12 | &val | semmle.label | &val | +| lifetime.rs:802:6:802:8 | ptr | semmle.label | ptr | +| lifetime.rs:802:12:802:24 | get_pointer(...) | semmle.label | get_pointer(...) | +| lifetime.rs:808:10:808:12 | ptr | semmle.label | ptr | subpaths diff --git a/rust/ql/test/query-tests/security/CWE-825/lifetime.rs b/rust/ql/test/query-tests/security/CWE-825/lifetime.rs index fc5d6426316..22ae67b543c 100644 --- a/rust/ql/test/query-tests/security/CWE-825/lifetime.rs +++ b/rust/ql/test/query-tests/security/CWE-825/lifetime.rs @@ -773,6 +773,23 @@ pub fn test_macros() { } } +// --- unsafe function --- + +fn get_local_for_unsafe_function() -> *const f64 { + let my_local10: f64 = 1.23; + + return &my_local10; // $ Source[rust/access-after-lifetime-ended]=local10 +} // (return value immediately becomes dangling) + +pub unsafe fn test_unsafe_function() { + let p1 = get_local_for_unsafe_function(); + + use_the_stack(); + + let v1 = *p1; // $ Alert[rust/access-after-lifetime-ended]=local10 + println!(" v1 = {v1} (!)"); // corrupt in practice +} + // --- examples from qhelp --- fn get_pointer() -> *const i64 { diff --git a/rust/ql/test/query-tests/security/CWE-825/main.rs b/rust/ql/test/query-tests/security/CWE-825/main.rs index e134c212ba0..5f66313ae85 100644 --- a/rust/ql/test/query-tests/security/CWE-825/main.rs +++ b/rust/ql/test/query-tests/security/CWE-825/main.rs @@ -190,6 +190,11 @@ fn main() { println!("test_macros:"); test_macros(); + println!("test_unsafe_function:"); + unsafe { + test_unsafe_function(); + } + println!("test_lifetimes_example_bad:"); test_lifetimes_example_bad(); From 5edd6e85e7782aeabb4b43782f6f9d8f5ae063a9 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Wed, 18 Jun 2025 13:45:58 +0100 Subject: [PATCH 041/111] Rust: Restrict results to 'unsafe' blocks. --- rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql | 5 +++++ .../security/CWE-825/AccessAfterLifetime.expected | 1 - rust/ql/test/query-tests/security/CWE-825/lifetime.rs | 4 ++-- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql b/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql index 0661932a41f..b4f652668b7 100644 --- a/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql +++ b/rust/ql/src/queries/security/CWE-825/AccessAfterLifetime.ql @@ -40,6 +40,11 @@ where AccessAfterLifetimeFlow::flowPath(sourceNode, sinkNode) and // check that the dereference is outside the lifetime of the target AccessAfterLifetime::dereferenceAfterLifetime(sourceNode.getNode(), sinkNode.getNode(), target) and + // include only results inside `unsafe` blocks, as other results tend to be false positives + ( + sinkNode.getNode().asExpr().getExpr().getEnclosingBlock*().isUnsafe() or + sinkNode.getNode().asExpr().getExpr().getEnclosingCallable().(Function).isUnsafe() + ) and // exclude cases with sources / sinks in macros, since these results are difficult to interpret not sourceNode.getNode().asExpr().getExpr().isFromMacroExpansion() and not sinkNode.getNode().asExpr().getExpr().isFromMacroExpansion() diff --git a/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected b/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected index 06010d93003..c4f00465654 100644 --- a/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected +++ b/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected @@ -21,7 +21,6 @@ | lifetime.rs:659:15:659:18 | ref1 | lifetime.rs:654:31:654:35 | &str1 | lifetime.rs:659:15:659:18 | ref1 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:653:8:653:11 | str1 | str1 | | lifetime.rs:667:14:667:17 | ref1 | lifetime.rs:654:31:654:35 | &str1 | lifetime.rs:667:14:667:17 | ref1 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:653:8:653:11 | str1 | str1 | | lifetime.rs:667:14:667:17 | ref1 | lifetime.rs:655:11:655:25 | &raw const str2 | lifetime.rs:667:14:667:17 | ref1 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:651:7:651:10 | str2 | str2 | -| lifetime.rs:734:12:734:13 | r1 | lifetime.rs:719:26:719:34 | &... | lifetime.rs:734:12:734:13 | r1 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:719:19:719:20 | v2 | v2 | | lifetime.rs:789:12:789:13 | p1 | lifetime.rs:781:9:781:19 | &my_local10 | lifetime.rs:789:12:789:13 | p1 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:779:6:779:15 | my_local10 | my_local10 | | lifetime.rs:808:10:808:12 | ptr | lifetime.rs:798:9:798:12 | &val | lifetime.rs:808:10:808:12 | ptr | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:796:6:796:8 | val | val | edges diff --git a/rust/ql/test/query-tests/security/CWE-825/lifetime.rs b/rust/ql/test/query-tests/security/CWE-825/lifetime.rs index 22ae67b543c..559b2d96bf2 100644 --- a/rust/ql/test/query-tests/security/CWE-825/lifetime.rs +++ b/rust/ql/test/query-tests/security/CWE-825/lifetime.rs @@ -716,7 +716,7 @@ enum MyEnum3 { impl MyEnum3 { pub fn test_match(&self) -> &i64 { let r1 = match self { - MyEnum3::Value(v2) => &v2.value, // $ SPURIOUS: Source[rust/access-after-lifetime-ended]=v2_value + MyEnum3::Value(v2) => &v2.value, }; r1 @@ -731,7 +731,7 @@ pub fn test_enum_members() { use_the_stack(); - let v3 = *r1; // $ SPURIOUS: Alert[rust/access-after-lifetime-ended]=v2_value + let v3 = *r1; println!(" v3 = {v3}"); } From 8ee03e48cae8dd1c2154d85461fb706fc8738e5f Mon Sep 17 00:00:00 2001 From: "REDMOND\\brodes" Date: Wed, 18 Jun 2025 11:04:27 -0400 Subject: [PATCH 042/111] Crypto: Fix cpp-specific code scanning alert failure --- cpp/ql/lib/experimental/quantum/Language.qll | 7 +++--- .../AlgorithmInstances/AlgToAVCFlow.qll | 14 ++++++------ .../BlockAlgorithmInstance.qll | 20 ++++++++--------- .../HashAlgorithmInstance.qll | 22 +++++++++---------- .../KnownAlgorithmConstants.qll | 5 +++-- .../PaddingAlgorithmInstance.qll | 16 +++++++------- .../DirectAlgorithmValueConsumer.qll | 8 +++---- .../HashAlgorithmValueConsumer.qll | 2 +- .../OpenSSL/Operations/EVPCipherOperation.qll | 4 +++- 9 files changed, 50 insertions(+), 48 deletions(-) diff --git a/cpp/ql/lib/experimental/quantum/Language.qll b/cpp/ql/lib/experimental/quantum/Language.qll index 168c25cdfaa..26325b09f4c 100644 --- a/cpp/ql/lib/experimental/quantum/Language.qll +++ b/cpp/ql/lib/experimental/quantum/Language.qll @@ -56,7 +56,7 @@ module ArtifactFlowConfig implements DataFlow::ConfigSig { module ArtifactFlow = DataFlow::Global; /** - * Artifact output to node input configuration + * An artifact output to node input configuration */ abstract class AdditionalFlowInputStep extends DataFlow::Node { abstract DataFlow::Node getOutput(); @@ -91,9 +91,8 @@ module GenericDataSourceFlowConfig implements DataFlow::ConfigSig { module GenericDataSourceFlow = TaintTracking::Global; -private class ConstantDataSource extends Crypto::GenericConstantSourceInstance instanceof Literal { - ConstantDataSource() { this instanceof OpenSslGenericSourceCandidateLiteral } - +private class ConstantDataSource extends Crypto::GenericConstantSourceInstance instanceof OpenSslGenericSourceCandidateLiteral +{ override DataFlow::Node getOutputNode() { result.asExpr() = this } override predicate flowsTo(Crypto::FlowAwareElement other) { diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/AlgToAVCFlow.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/AlgToAVCFlow.qll index d46c2f69191..f802e58d0a7 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/AlgToAVCFlow.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/AlgToAVCFlow.qll @@ -48,7 +48,7 @@ module KnownOpenSslAlgorithmToAlgorithmValueConsumerConfig implements DataFlow:: module KnownOpenSslAlgorithmToAlgorithmValueConsumerFlow = DataFlow::Global; -module RSAPaddingAlgorithmToPaddingAlgorithmValueConsumerConfig implements DataFlow::ConfigSig { +module RsaPaddingAlgorithmToPaddingAlgorithmValueConsumerConfig implements DataFlow::ConfigSig { predicate isSource(DataFlow::Node source) { source.asExpr() instanceof OpenSslPaddingLiteral } predicate isSink(DataFlow::Node sink) { @@ -60,8 +60,8 @@ module RSAPaddingAlgorithmToPaddingAlgorithmValueConsumerConfig implements DataF } } -module RSAPaddingAlgorithmToPaddingAlgorithmValueConsumerFlow = - DataFlow::Global; +module RsaPaddingAlgorithmToPaddingAlgorithmValueConsumerFlow = + DataFlow::Global; class OpenSslAlgorithmAdditionalFlowStep extends AdditionalFlowInputStep { OpenSslAlgorithmAdditionalFlowStep() { exists(AlgorithmPassthroughCall c | c.getInNode() = this) } @@ -114,11 +114,11 @@ class CopyAndDupAlgorithmPassthroughCall extends AlgorithmPassthroughCall { override DataFlow::Node getOutNode() { result = outNode } } -class NIDToPointerPassthroughCall extends AlgorithmPassthroughCall { +class NidToPointerPassthroughCall extends AlgorithmPassthroughCall { DataFlow::Node inNode; DataFlow::Node outNode; - NIDToPointerPassthroughCall() { + NidToPointerPassthroughCall() { this.getTarget().getName() in ["OBJ_nid2obj", "OBJ_nid2ln", "OBJ_nid2sn"] and inNode.asExpr() = this.getArgument(0) and outNode.asExpr() = this @@ -150,11 +150,11 @@ class PointerToPointerPassthroughCall extends AlgorithmPassthroughCall { override DataFlow::Node getOutNode() { result = outNode } } -class PointerToNIDPassthroughCall extends AlgorithmPassthroughCall { +class PointerToNidPassthroughCall extends AlgorithmPassthroughCall { DataFlow::Node inNode; DataFlow::Node outNode; - PointerToNIDPassthroughCall() { + PointerToNidPassthroughCall() { this.getTarget().getName() in ["OBJ_obj2nid", "OBJ_ln2nid", "OBJ_sn2nid", "OBJ_txt2nid"] and ( inNode.asIndirectExpr() = this.getArgument(0) diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/BlockAlgorithmInstance.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/BlockAlgorithmInstance.qll index ba5f65a2203..04369523a45 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/BlockAlgorithmInstance.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/BlockAlgorithmInstance.qll @@ -16,25 +16,25 @@ predicate knownOpenSslConstantToBlockModeFamilyType( exists(string name | name = e.(KnownOpenSslAlgorithmExpr).getNormalizedName() and ( - name.matches("CBC") and type instanceof Crypto::CBC + name = "CBC" and type instanceof Crypto::CBC or - name.matches("CFB%") and type instanceof Crypto::CFB + name = "CFB%" and type instanceof Crypto::CFB or - name.matches("CTR") and type instanceof Crypto::CTR + name = "CTR" and type instanceof Crypto::CTR or - name.matches("GCM") and type instanceof Crypto::GCM + name = "GCM" and type instanceof Crypto::GCM or - name.matches("OFB") and type instanceof Crypto::OFB + name = "OFB" and type instanceof Crypto::OFB or - name.matches("XTS") and type instanceof Crypto::XTS + name = "XTS" and type instanceof Crypto::XTS or - name.matches("CCM") and type instanceof Crypto::CCM + name = "CCM" and type instanceof Crypto::CCM or - name.matches("GCM") and type instanceof Crypto::GCM + name = "GCM" and type instanceof Crypto::GCM or - name.matches("CCM") and type instanceof Crypto::CCM + name = "CCM" and type instanceof Crypto::CCM or - name.matches("ECB") and type instanceof Crypto::ECB + name = "ECB" and type instanceof Crypto::ECB ) ) } diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/HashAlgorithmInstance.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/HashAlgorithmInstance.qll index 0cc8e24f0a6..489b56f2004 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/HashAlgorithmInstance.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/HashAlgorithmInstance.qll @@ -11,21 +11,21 @@ predicate knownOpenSslConstantToHashFamilyType( exists(string name | name = e.(KnownOpenSslAlgorithmExpr).getNormalizedName() and ( - name.matches("BLAKE2B") and type instanceof Crypto::BLAKE2B + name = "BLAKE2B" and type instanceof Crypto::BLAKE2B or - name.matches("BLAKE2S") and type instanceof Crypto::BLAKE2S + name = "BLAKE2S" and type instanceof Crypto::BLAKE2S or name.matches("GOST%") and type instanceof Crypto::GOSTHash or - name.matches("MD2") and type instanceof Crypto::MD2 + name = "MD2" and type instanceof Crypto::MD2 or - name.matches("MD4") and type instanceof Crypto::MD4 + name = "MD4" and type instanceof Crypto::MD4 or - name.matches("MD5") and type instanceof Crypto::MD5 + name = "MD5" and type instanceof Crypto::MD5 or - name.matches("MDC2") and type instanceof Crypto::MDC2 + name = "MDC2" and type instanceof Crypto::MDC2 or - name.matches("POLY1305") and type instanceof Crypto::POLY1305 + name = "POLY1305" and type instanceof Crypto::POLY1305 or name.matches(["SHA", "SHA1"]) and type instanceof Crypto::SHA1 or @@ -33,13 +33,13 @@ predicate knownOpenSslConstantToHashFamilyType( or name.matches("SHA3-%") and type instanceof Crypto::SHA3 or - name.matches(["SHAKE"]) and type instanceof Crypto::SHAKE + name = "SHAKE" and type instanceof Crypto::SHAKE or - name.matches("SM3") and type instanceof Crypto::SM3 + name = "SM3" and type instanceof Crypto::SM3 or - name.matches("RIPEMD160") and type instanceof Crypto::RIPEMD160 + name = "RIPEMD160" and type instanceof Crypto::RIPEMD160 or - name.matches("WHIRLPOOL") and type instanceof Crypto::WHIRLPOOL + name = "WHIRLPOOL" and type instanceof Crypto::WHIRLPOOL ) ) } diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/KnownAlgorithmConstants.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/KnownAlgorithmConstants.qll index 9d60547a45a..aa3ce0cc21c 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/KnownAlgorithmConstants.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/KnownAlgorithmConstants.qll @@ -210,7 +210,8 @@ string getAlgorithmAlias(string alias) { } /** - * Finds aliases of known alagorithms defined by users (through obj_name_add and various macros pointing to this function) + * Holds for aliases of known alagorithms defined by users + * (through obj_name_add and various macros pointing to this function). * * The `target` and `alias` are converted to lowercase to be of a standard form. */ @@ -222,7 +223,7 @@ predicate customAliases(string target, string alias) { } /** - * A hard-coded mapping of known algorithm aliases in OpenSsl. + * Holds for a hard-coded mapping of known algorithm aliases in OpenSsl. * This was derived by applying the same kind of logic foun din `customAliases` to the * OpenSsl code base directly. * diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/PaddingAlgorithmInstance.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/PaddingAlgorithmInstance.qll index 7a34b69ddf5..e794b84b8f8 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/PaddingAlgorithmInstance.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/PaddingAlgorithmInstance.qll @@ -33,13 +33,13 @@ predicate knownOpenSslConstantToPaddingFamilyType( exists(string name | name = e.(KnownOpenSslAlgorithmExpr).getNormalizedName() and ( - name.matches("OAEP") and type = Crypto::OAEP() + name = "OAEP" and type = Crypto::OAEP() or - name.matches("PSS") and type = Crypto::PSS() + name = "PSS" and type = Crypto::PSS() or - name.matches("PKCS7") and type = Crypto::PKCS7() + name = "PKCS7" and type = Crypto::PKCS7() or - name.matches("PKCS1V15") and type = Crypto::PKCS1_v1_5() + name = "PKCS1V15" and type = Crypto::PKCS1_v1_5() ) ) } @@ -85,7 +85,7 @@ class KnownOpenSslPaddingConstantAlgorithmInstance extends OpenSslAlgorithmInsta // Source is `this` src.asExpr() = this and // This traces to a padding-specific consumer - RSAPaddingAlgorithmToPaddingAlgorithmValueConsumerFlow::flow(src, sink) + RsaPaddingAlgorithmToPaddingAlgorithmValueConsumerFlow::flow(src, sink) ) and isPaddingSpecificConsumer = true } @@ -143,7 +143,7 @@ class KnownOpenSslPaddingConstantAlgorithmInstance extends OpenSslAlgorithmInsta // this instanceof Literal and // this.getValue().toInt() in [0, 1, 3, 4, 5, 6, 7, 8] // // TODO: trace to padding-specific consumers -// RSAPaddingAlgorithmToPaddingAlgorithmValueConsumerFlow +// RsaPaddingAlgorithmToPaddingAlgorithmValueConsumerFlow // } // override string getRawPaddingAlgorithmName() { result = this.(Literal).getValue().toString() } // override Crypto::TPaddingType getPaddingType() { @@ -161,10 +161,10 @@ class KnownOpenSslPaddingConstantAlgorithmInstance extends OpenSslAlgorithmInsta // else result = Crypto::OtherPadding() // } // } -class OAEPPaddingAlgorithmInstance extends Crypto::OAEPPaddingAlgorithmInstance, +class OaepPaddingAlgorithmInstance extends Crypto::OAEPPaddingAlgorithmInstance, KnownOpenSslPaddingConstantAlgorithmInstance { - OAEPPaddingAlgorithmInstance() { + OaepPaddingAlgorithmInstance() { this.(Crypto::PaddingAlgorithmInstance).getPaddingType() = Crypto::OAEP() } diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmValueConsumers/DirectAlgorithmValueConsumer.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmValueConsumers/DirectAlgorithmValueConsumer.qll index a4a65ead63d..d200cf2a096 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmValueConsumers/DirectAlgorithmValueConsumer.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmValueConsumers/DirectAlgorithmValueConsumer.qll @@ -4,10 +4,10 @@ private import experimental.quantum.OpenSSL.AlgorithmInstances.KnownAlgorithmCon private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumerBase /** - * Cases like EVP_MD5(), - * there is no input, rather it directly gets an algorithm - * and returns it. - * Also includes operations directly using an algorithm + * A call that is considered to inherently 'consume' an algorithm value. + * E.g., cases like EVP_MD5(), + * where there is no input, rather it directly gets an algorithm + * and returns it. Also includes operations directly using an algorithm * like AES_encrypt(). */ class DirectAlgorithmValueConsumer extends OpenSslAlgorithmValueConsumer instanceof OpenSslAlgorithmCall diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmValueConsumers/HashAlgorithmValueConsumer.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmValueConsumers/HashAlgorithmValueConsumer.qll index a03114b276d..114cf78a112 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmValueConsumers/HashAlgorithmValueConsumer.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmValueConsumers/HashAlgorithmValueConsumer.qll @@ -7,7 +7,7 @@ private import experimental.quantum.OpenSSL.AlgorithmInstances.OpenSSLAlgorithmI abstract class HashAlgorithmValueConsumer extends OpenSslAlgorithmValueConsumer { } /** - * EVP_Q_Digest directly consumes algorithm constant values + * An EVP_Q_Digest directly consumes algorithm constant values */ class Evp_Q_Digest_Algorithm_Consumer extends HashAlgorithmValueConsumer { Evp_Q_Digest_Algorithm_Consumer() { this.(Call).getTarget().getName() = "EVP_Q_digest" } diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPCipherOperation.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPCipherOperation.qll index 1f5bf9e442c..2a2cf00b462 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPCipherOperation.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPCipherOperation.qll @@ -91,7 +91,8 @@ class Evp_Cipher_Update_Call extends EvpUpdate { } /** - * see: https://docs.openssl.org/master/man3/EVP_EncryptInit/#synopsis + * The EVP Cipher operations. + * See: https://docs.openssl.org/master/man3/EVP_EncryptInit/#synopsis * Base configuration for all EVP cipher operations. */ abstract class Evp_Cipher_Operation extends EvpOperation, Crypto::KeyOperationInstance { @@ -163,6 +164,7 @@ class Evp_Cipher_Final_Call extends EvpFinal, Evp_Cipher_Operation { } /** + * The EVP encryption/decryption operations. * https://docs.openssl.org/3.2/man3/EVP_PKEY_decrypt/ * https://docs.openssl.org/3.2/man3/EVP_PKEY_encrypt */ From 36cf4b613e332dd2249def2a4efa4a984b4716d4 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Wed, 18 Jun 2025 17:32:20 +0100 Subject: [PATCH 043/111] Rust: Accept consistency changes. --- .../CWE-825/CONSISTENCY/PathResolutionConsistency.expected | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/rust/ql/test/query-tests/security/CWE-825/CONSISTENCY/PathResolutionConsistency.expected b/rust/ql/test/query-tests/security/CWE-825/CONSISTENCY/PathResolutionConsistency.expected index 804c13f6434..b92e3920e3c 100644 --- a/rust/ql/test/query-tests/security/CWE-825/CONSISTENCY/PathResolutionConsistency.expected +++ b/rust/ql/test/query-tests/security/CWE-825/CONSISTENCY/PathResolutionConsistency.expected @@ -1,11 +1,11 @@ multiplePathResolutions | deallocation.rs:106:16:106:19 | libc | file://:0:0:0:0 | Crate(libc@0.2.171) | -| deallocation.rs:106:16:106:19 | libc | file://:0:0:0:0 | Crate(libc@0.2.172) | +| deallocation.rs:106:16:106:19 | libc | file://:0:0:0:0 | Crate(libc@0.2.174) | | deallocation.rs:106:16:106:27 | ...::malloc | file://:0:0:0:0 | fn malloc | | deallocation.rs:106:16:106:27 | ...::malloc | file://:0:0:0:0 | fn malloc | | deallocation.rs:112:3:112:6 | libc | file://:0:0:0:0 | Crate(libc@0.2.171) | -| deallocation.rs:112:3:112:6 | libc | file://:0:0:0:0 | Crate(libc@0.2.172) | +| deallocation.rs:112:3:112:6 | libc | file://:0:0:0:0 | Crate(libc@0.2.174) | | deallocation.rs:112:3:112:12 | ...::free | file://:0:0:0:0 | fn free | | deallocation.rs:112:3:112:12 | ...::free | file://:0:0:0:0 | fn free | | deallocation.rs:112:29:112:32 | libc | file://:0:0:0:0 | Crate(libc@0.2.171) | -| deallocation.rs:112:29:112:32 | libc | file://:0:0:0:0 | Crate(libc@0.2.172) | +| deallocation.rs:112:29:112:32 | libc | file://:0:0:0:0 | Crate(libc@0.2.174) | From 32464a8995313745599540e67f1351e31bb8b69f Mon Sep 17 00:00:00 2001 From: Eric Bickle <2086875+ebickle@users.noreply.github.com> Date: Fri, 20 Jun 2025 06:05:24 -0700 Subject: [PATCH 044/111] C++: Support SQL Injection sinks for Oracle Call Interface (OCI) --- .../2025-06-20-oracle-oci-models.md | 4 ++ cpp/ql/lib/ext/Oracle.oci.model.yml | 8 ++++ cpp/ql/src/Security/CWE/CWE-089/SqlTainted.ql | 3 ++ .../2025-06-20-sql-injection-models.md | 4 ++ .../CWE-089/SqlTainted/SqlTainted.expected | 5 +++ .../Security/CWE/CWE-089/SqlTainted/test.c | 37 +++++++++++++++++++ 6 files changed, 61 insertions(+) create mode 100644 cpp/ql/lib/change-notes/2025-06-20-oracle-oci-models.md create mode 100644 cpp/ql/lib/ext/Oracle.oci.model.yml create mode 100644 cpp/ql/src/change-notes/2025-06-20-sql-injection-models.md diff --git a/cpp/ql/lib/change-notes/2025-06-20-oracle-oci-models.md b/cpp/ql/lib/change-notes/2025-06-20-oracle-oci-models.md new file mode 100644 index 00000000000..09661e61938 --- /dev/null +++ b/cpp/ql/lib/change-notes/2025-06-20-oracle-oci-models.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Added `sql-injection` sink models for the Oracle Call Interface (OCI) database library functions `OCIStmtPrepare` and `OCIStmtPrepare2`. diff --git a/cpp/ql/lib/ext/Oracle.oci.model.yml b/cpp/ql/lib/ext/Oracle.oci.model.yml new file mode 100644 index 00000000000..eb172fcdb59 --- /dev/null +++ b/cpp/ql/lib/ext/Oracle.oci.model.yml @@ -0,0 +1,8 @@ +# partial model of the Oracle Call Interface (OCI) library +extensions: + - addsTo: + pack: codeql/cpp-all + extensible: sinkModel + data: # namespace, type, subtypes, name, signature, ext, input, kind, provenance + - ["", "", False, "OCIStmtPrepare", "", "", "Argument[*2]", "sql-injection", "manual"] + - ["", "", False, "OCIStmtPrepare2", "", "", "Argument[*3]", "sql-injection", "manual"] diff --git a/cpp/ql/src/Security/CWE/CWE-089/SqlTainted.ql b/cpp/ql/src/Security/CWE/CWE-089/SqlTainted.ql index 2ea1cb02465..069b2e25d21 100644 --- a/cpp/ql/src/Security/CWE/CWE-089/SqlTainted.ql +++ b/cpp/ql/src/Security/CWE/CWE-089/SqlTainted.ql @@ -38,6 +38,9 @@ module SqlTaintedConfig implements DataFlow::ConfigSig { predicate isSink(DataFlow::Node node) { exists(SqlLikeFunction runSql | runSql.outermostWrapperFunctionCall(asSinkExpr(node), _)) + or + // sink defined using models-as-data + sinkNode(node, "sql-injection") } predicate isBarrier(DataFlow::Node node) { diff --git a/cpp/ql/src/change-notes/2025-06-20-sql-injection-models.md b/cpp/ql/src/change-notes/2025-06-20-sql-injection-models.md new file mode 100644 index 00000000000..ebb517d0a39 --- /dev/null +++ b/cpp/ql/src/change-notes/2025-06-20-sql-injection-models.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* The query `cpp/sql-injection` now can be extended using the `sql-injection` Models as Data (MaD) sink kind. \ No newline at end of file diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-089/SqlTainted/SqlTainted.expected b/cpp/ql/test/query-tests/Security/CWE/CWE-089/SqlTainted/SqlTainted.expected index 0a554d96f6d..58c919f7f8f 100644 --- a/cpp/ql/test/query-tests/Security/CWE/CWE-089/SqlTainted/SqlTainted.expected +++ b/cpp/ql/test/query-tests/Security/CWE/CWE-089/SqlTainted/SqlTainted.expected @@ -9,6 +9,8 @@ edges | test.c:48:20:48:33 | *globalUsername | test.c:51:18:51:23 | *query1 | provenance | TaintFunction | | test.c:75:8:75:16 | gets output argument | test.c:76:17:76:25 | *userInput | provenance | | | test.c:75:8:75:16 | gets output argument | test.c:77:20:77:28 | *userInput | provenance | | +| test.c:101:8:101:16 | gets output argument | test.c:106:24:106:29 | *query1 | provenance | TaintFunction Sink:MaD:325 | +| test.c:101:8:101:16 | gets output argument | test.c:107:28:107:33 | *query1 | provenance | TaintFunction Sink:MaD:326 | | test.cpp:39:27:39:30 | **argv | test.cpp:43:27:43:33 | *access to array | provenance | | nodes | test.c:14:27:14:30 | **argv | semmle.label | **argv | @@ -23,6 +25,9 @@ nodes | test.c:75:8:75:16 | gets output argument | semmle.label | gets output argument | | test.c:76:17:76:25 | *userInput | semmle.label | *userInput | | test.c:77:20:77:28 | *userInput | semmle.label | *userInput | +| test.c:101:8:101:16 | gets output argument | semmle.label | gets output argument | +| test.c:106:24:106:29 | *query1 | semmle.label | *query1 | +| test.c:107:28:107:33 | *query1 | semmle.label | *query1 | | test.cpp:39:27:39:30 | **argv | semmle.label | **argv | | test.cpp:43:27:43:33 | *access to array | semmle.label | *access to array | subpaths diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-089/SqlTainted/test.c b/cpp/ql/test/query-tests/Security/CWE/CWE-089/SqlTainted/test.c index 9e9a4dcc836..ad0fc710f40 100644 --- a/cpp/ql/test/query-tests/Security/CWE/CWE-089/SqlTainted/test.c +++ b/cpp/ql/test/query-tests/Security/CWE/CWE-089/SqlTainted/test.c @@ -75,4 +75,41 @@ void ODBCTests(){ gets(userInput); SQLPrepare(0, userInput, 100); // BAD SQLExecDirect(0, userInput, 100); // BAD +} + +// Oracle Call Interface (OCI) Routines +int OCIStmtPrepare( + void *arg0, + void *arg1, + const unsigned char *sql, + unsigned int arg3, + unsigned int arg4, + unsigned int arg5); +int OCIStmtPrepare2( + void *arg0, + void **arg1, + void *arg2, + const unsigned char *sql, + unsigned int arg4, + const unsigned char *arg5, + unsigned int arg6, + unsigned int arg7, + unsigned int arg8); + +void OCITests(){ + char userInput[100]; + gets(userInput); + + // a string from the user is injected directly into an SQL query. + char query1[1000] = {0}; + snprintf(query1, 1000, "SELECT UID FROM USERS where name = \"%s\"", userInput); + OCIStmtPrepare(0, 0, query1, 0, 0, 0); // BAD + OCIStmtPrepare2(0, 0, 0, query1, 0, 0, 0, 0, 0); // BAD + + // an integer from the user is injected into an SQL query. + int userNumber = atoi(userInput); + char query2[1000] = {0}; + snprintf(query2, 1000, "SELECT UID FROM USERS where number = \"%i\"", userNumber); + OCIStmtPrepare(0, 0, query2, 0, 0, 0); // GOOD + OCIStmtPrepare2(0, 0, 0, query2, 0, 0, 0, 0, 0); // GOOD } \ No newline at end of file From 60e726bdf2cde5ca182e1efbc5da4d414bed58de Mon Sep 17 00:00:00 2001 From: Tamas Vajk Date: Mon, 23 Jun 2025 11:59:55 +0200 Subject: [PATCH 045/111] Java: Add `java/javautilconcurrentscheduledthreadpoolexecutor` query for zero thread pool size --- .../java-code-quality-extended.qls.expected | 1 + .../java-code-quality.qls.expected | 1 + .../ScheduledThreadPoolExecutorZeroThread.md | 24 +++++++++++++ .../ScheduledThreadPoolExecutorZeroThread.ql | 35 +++++++++++++++++++ ...duledThreadPoolExecutorZeroThread.expected | 3 ++ ...cheduledThreadPoolExecutorZeroThread.qlref | 2 ++ .../Test.java | 11 ++++++ 7 files changed, 77 insertions(+) create mode 100644 java/ql/src/Likely Bugs/Concurrency/ScheduledThreadPoolExecutorZeroThread.md create mode 100644 java/ql/src/Likely Bugs/Concurrency/ScheduledThreadPoolExecutorZeroThread.ql create mode 100644 java/ql/test/query-tests/ScheduledThreadPoolExecutorZeroThread/ScheduledThreadPoolExecutorZeroThread.expected create mode 100644 java/ql/test/query-tests/ScheduledThreadPoolExecutorZeroThread/ScheduledThreadPoolExecutorZeroThread.qlref create mode 100644 java/ql/test/query-tests/ScheduledThreadPoolExecutorZeroThread/Test.java diff --git a/java/ql/integration-tests/java/query-suite/java-code-quality-extended.qls.expected b/java/ql/integration-tests/java/query-suite/java-code-quality-extended.qls.expected index dd15d7f3bdd..cb7de0844dc 100644 --- a/java/ql/integration-tests/java/query-suite/java-code-quality-extended.qls.expected +++ b/java/ql/integration-tests/java/query-suite/java-code-quality-extended.qls.expected @@ -33,6 +33,7 @@ ql/java/ql/src/Likely Bugs/Concurrency/CallsToRunnableRun.ql ql/java/ql/src/Likely Bugs/Concurrency/DoubleCheckedLocking.ql ql/java/ql/src/Likely Bugs/Concurrency/DoubleCheckedLockingWithInitRace.ql ql/java/ql/src/Likely Bugs/Concurrency/NonSynchronizedOverride.ql +ql/java/ql/src/Likely Bugs/Concurrency/ScheduledThreadPoolExecutorZeroThread.ql ql/java/ql/src/Likely Bugs/Concurrency/SynchOnBoxedType.ql ql/java/ql/src/Likely Bugs/Concurrency/SynchSetUnsynchGet.ql ql/java/ql/src/Likely Bugs/Frameworks/JUnit/JUnit5MissingNestedAnnotation.ql diff --git a/java/ql/integration-tests/java/query-suite/java-code-quality.qls.expected b/java/ql/integration-tests/java/query-suite/java-code-quality.qls.expected index 589041ac7b3..815575bac35 100644 --- a/java/ql/integration-tests/java/query-suite/java-code-quality.qls.expected +++ b/java/ql/integration-tests/java/query-suite/java-code-quality.qls.expected @@ -31,6 +31,7 @@ ql/java/ql/src/Likely Bugs/Concurrency/CallsToRunnableRun.ql ql/java/ql/src/Likely Bugs/Concurrency/DoubleCheckedLocking.ql ql/java/ql/src/Likely Bugs/Concurrency/DoubleCheckedLockingWithInitRace.ql ql/java/ql/src/Likely Bugs/Concurrency/NonSynchronizedOverride.ql +ql/java/ql/src/Likely Bugs/Concurrency/ScheduledThreadPoolExecutorZeroThread.ql ql/java/ql/src/Likely Bugs/Concurrency/SynchOnBoxedType.ql ql/java/ql/src/Likely Bugs/Concurrency/SynchSetUnsynchGet.ql ql/java/ql/src/Likely Bugs/Frameworks/JUnit/JUnit5MissingNestedAnnotation.ql diff --git a/java/ql/src/Likely Bugs/Concurrency/ScheduledThreadPoolExecutorZeroThread.md b/java/ql/src/Likely Bugs/Concurrency/ScheduledThreadPoolExecutorZeroThread.md new file mode 100644 index 00000000000..428414b8f1a --- /dev/null +++ b/java/ql/src/Likely Bugs/Concurrency/ScheduledThreadPoolExecutorZeroThread.md @@ -0,0 +1,24 @@ +## Overview + +According the Java documentation on `ScheduledThreadPoolExecutor`, it is not a good idea to set `corePoolSize` to zero, since doing so indicates the executor to keep 0 threads in its pool and the executor will serve no purpose. + +## Recommendation + +Set the `ScheduledThreadPoolExecutor` to have 1 or more threads in its thread pool and use the class's other methods to create a thread execution schedule. + +## Example + +```java +public class Test { + void f() { + int i = 0; + ScheduledThreadPoolExecutor s = new ScheduledThreadPoolExecutor(1); // COMPLIANT + ScheduledThreadPoolExecutor s1 = new ScheduledThreadPoolExecutor(0); // NON_COMPLIANT + s.setCorePoolSize(0); // NON_COMPLIANT + s.setCorePoolSize(i); // NON_COMPLIANT + } +} +``` + +## References +- [ScheduledThreadPoolExecutor](https://docs.oracle.com/en/java/javase/20/docs/api/java.base/java/util/concurrent/ScheduledThreadPoolExecutor.html) diff --git a/java/ql/src/Likely Bugs/Concurrency/ScheduledThreadPoolExecutorZeroThread.ql b/java/ql/src/Likely Bugs/Concurrency/ScheduledThreadPoolExecutorZeroThread.ql new file mode 100644 index 00000000000..cb6928a5b80 --- /dev/null +++ b/java/ql/src/Likely Bugs/Concurrency/ScheduledThreadPoolExecutorZeroThread.ql @@ -0,0 +1,35 @@ +/** + * @id java/javautilconcurrentscheduledthreadpoolexecutor + * @name Zero threads set for `java.util.concurrent.ScheduledThreadPoolExecutor` + * @description Setting `java.util.concurrent.ScheduledThreadPoolExecutor` to have 0 threads serves + * no purpose and may indicate programmer error. + * @kind problem + * @precision very-high + * @problem.severity recommendation + * @tags quality + * reliability + * correctness + * concurrency + */ + +import java +import semmle.code.java.dataflow.DataFlow + +/** + * A `Call` that has the ability to set or modify the `corePoolSize` of the `java.util.concurrent.ScheduledThreadPoolExecutor` type. + */ +class Sink extends Call { + Sink() { + this.getCallee() + .hasQualifiedName("java.util.concurrent", "ThreadPoolExecutor", "setCorePoolSize") or + this.getCallee() + .hasQualifiedName("java.util.concurrent", "ScheduledThreadPoolExecutor", + "ScheduledThreadPoolExecutor") + } +} + +from IntegerLiteral zero, Sink set +where + DataFlow::localFlow(DataFlow::exprNode(zero), DataFlow::exprNode(set.getArgument(0))) and + zero.getIntValue() = 0 +select set, "ScheduledThreadPoolExecutor.corePoolSize is set to have 0 threads." diff --git a/java/ql/test/query-tests/ScheduledThreadPoolExecutorZeroThread/ScheduledThreadPoolExecutorZeroThread.expected b/java/ql/test/query-tests/ScheduledThreadPoolExecutorZeroThread/ScheduledThreadPoolExecutorZeroThread.expected new file mode 100644 index 00000000000..038f2d1d998 --- /dev/null +++ b/java/ql/test/query-tests/ScheduledThreadPoolExecutorZeroThread/ScheduledThreadPoolExecutorZeroThread.expected @@ -0,0 +1,3 @@ +| Test.java:7:42:7:75 | new ScheduledThreadPoolExecutor(...) | ScheduledThreadPoolExecutor.corePoolSize is set to have 0 threads. | +| Test.java:8:9:8:28 | setCorePoolSize(...) | ScheduledThreadPoolExecutor.corePoolSize is set to have 0 threads. | +| Test.java:9:9:9:28 | setCorePoolSize(...) | ScheduledThreadPoolExecutor.corePoolSize is set to have 0 threads. | diff --git a/java/ql/test/query-tests/ScheduledThreadPoolExecutorZeroThread/ScheduledThreadPoolExecutorZeroThread.qlref b/java/ql/test/query-tests/ScheduledThreadPoolExecutorZeroThread/ScheduledThreadPoolExecutorZeroThread.qlref new file mode 100644 index 00000000000..e0089e4cf02 --- /dev/null +++ b/java/ql/test/query-tests/ScheduledThreadPoolExecutorZeroThread/ScheduledThreadPoolExecutorZeroThread.qlref @@ -0,0 +1,2 @@ +query: Likely Bugs/Concurrency/ScheduledThreadPoolExecutorZeroThread.ql +postprocess: utils/test/InlineExpectationsTestQuery.ql diff --git a/java/ql/test/query-tests/ScheduledThreadPoolExecutorZeroThread/Test.java b/java/ql/test/query-tests/ScheduledThreadPoolExecutorZeroThread/Test.java new file mode 100644 index 00000000000..d02e6a3403e --- /dev/null +++ b/java/ql/test/query-tests/ScheduledThreadPoolExecutorZeroThread/Test.java @@ -0,0 +1,11 @@ +import java.util.concurrent.ScheduledThreadPoolExecutor; + +public class Test { + void f() { + int i = 0; + ScheduledThreadPoolExecutor s = new ScheduledThreadPoolExecutor(1); // Compliant + ScheduledThreadPoolExecutor s1 = new ScheduledThreadPoolExecutor(0); // $ Alert + s.setCorePoolSize(0); // $ Alert + s.setCorePoolSize(i); // $ Alert + } +} From b82a7ab7452d750c1d3ca00cee0dd23b15d6e421 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Mon, 23 Jun 2025 16:18:51 +0100 Subject: [PATCH 046/111] Rust: Update variable name in examples. --- .../security/CWE-825/AccessAfterLifetimeBad.rs | 4 ++-- .../security/CWE-825/AccessAfterLifetimeGood.rs | 4 ++-- .../security/CWE-825/AccessAfterLifetime.expected | 6 +++--- .../ql/test/query-tests/security/CWE-825/lifetime.rs | 12 ++++++------ 4 files changed, 13 insertions(+), 13 deletions(-) diff --git a/rust/ql/src/queries/security/CWE-825/AccessAfterLifetimeBad.rs b/rust/ql/src/queries/security/CWE-825/AccessAfterLifetimeBad.rs index c5f5cf607d1..b2512f9424f 100644 --- a/rust/ql/src/queries/security/CWE-825/AccessAfterLifetimeBad.rs +++ b/rust/ql/src/queries/security/CWE-825/AccessAfterLifetimeBad.rs @@ -7,12 +7,12 @@ fn get_pointer() -> *const i64 { fn example() { let ptr = get_pointer(); - let val; + let dereferenced_ptr; // ... unsafe { - val = *ptr; // BAD: dereferences `ptr` after the lifetime of `val` has ended + dereferenced_ptr = *ptr; // BAD: dereferences `ptr` after the lifetime of `val` has ended } // ... diff --git a/rust/ql/src/queries/security/CWE-825/AccessAfterLifetimeGood.rs b/rust/ql/src/queries/security/CWE-825/AccessAfterLifetimeGood.rs index 944f6905b70..84f19a8a6c9 100644 --- a/rust/ql/src/queries/security/CWE-825/AccessAfterLifetimeGood.rs +++ b/rust/ql/src/queries/security/CWE-825/AccessAfterLifetimeGood.rs @@ -7,11 +7,11 @@ fn get_box() -> Box { fn example() { let ptr = get_box(); - let val; + let dereferenced_ptr; // ... - val = *ptr; // GOOD + dereferenced_ptr = *ptr; // GOOD // ... } diff --git a/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected b/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected index c4f00465654..2f4c38e4f36 100644 --- a/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected +++ b/rust/ql/test/query-tests/security/CWE-825/AccessAfterLifetime.expected @@ -22,7 +22,7 @@ | lifetime.rs:667:14:667:17 | ref1 | lifetime.rs:654:31:654:35 | &str1 | lifetime.rs:667:14:667:17 | ref1 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:653:8:653:11 | str1 | str1 | | lifetime.rs:667:14:667:17 | ref1 | lifetime.rs:655:11:655:25 | &raw const str2 | lifetime.rs:667:14:667:17 | ref1 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:651:7:651:10 | str2 | str2 | | lifetime.rs:789:12:789:13 | p1 | lifetime.rs:781:9:781:19 | &my_local10 | lifetime.rs:789:12:789:13 | p1 | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:779:6:779:15 | my_local10 | my_local10 | -| lifetime.rs:808:10:808:12 | ptr | lifetime.rs:798:9:798:12 | &val | lifetime.rs:808:10:808:12 | ptr | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:796:6:796:8 | val | val | +| lifetime.rs:808:23:808:25 | ptr | lifetime.rs:798:9:798:12 | &val | lifetime.rs:808:23:808:25 | ptr | Access of a pointer to $@ after its lifetime has ended. | lifetime.rs:796:6:796:8 | val | val | edges | deallocation.rs:148:6:148:7 | p1 | deallocation.rs:151:14:151:15 | p1 | provenance | | | deallocation.rs:148:6:148:7 | p1 | deallocation.rs:158:14:158:15 | p1 | provenance | | @@ -201,7 +201,7 @@ edges | lifetime.rs:785:11:785:41 | get_local_for_unsafe_function(...) | lifetime.rs:785:6:785:7 | p1 | provenance | | | lifetime.rs:798:2:798:12 | return ... | lifetime.rs:802:12:802:24 | get_pointer(...) | provenance | | | lifetime.rs:798:9:798:12 | &val | lifetime.rs:798:2:798:12 | return ... | provenance | | -| lifetime.rs:802:6:802:8 | ptr | lifetime.rs:808:10:808:12 | ptr | provenance | | +| lifetime.rs:802:6:802:8 | ptr | lifetime.rs:808:23:808:25 | ptr | provenance | | | lifetime.rs:802:12:802:24 | get_pointer(...) | lifetime.rs:802:6:802:8 | ptr | provenance | | models | 1 | Summary: lang:core; crate::ptr::from_ref; Argument[0]; ReturnValue; value | @@ -418,5 +418,5 @@ nodes | lifetime.rs:798:9:798:12 | &val | semmle.label | &val | | lifetime.rs:802:6:802:8 | ptr | semmle.label | ptr | | lifetime.rs:802:12:802:24 | get_pointer(...) | semmle.label | get_pointer(...) | -| lifetime.rs:808:10:808:12 | ptr | semmle.label | ptr | +| lifetime.rs:808:23:808:25 | ptr | semmle.label | ptr | subpaths diff --git a/rust/ql/test/query-tests/security/CWE-825/lifetime.rs b/rust/ql/test/query-tests/security/CWE-825/lifetime.rs index 559b2d96bf2..f388aff5aaf 100644 --- a/rust/ql/test/query-tests/security/CWE-825/lifetime.rs +++ b/rust/ql/test/query-tests/security/CWE-825/lifetime.rs @@ -800,15 +800,15 @@ fn get_pointer() -> *const i64 { pub fn test_lifetimes_example_bad() { let ptr = get_pointer(); - let val; + let dereferenced_ptr; use_the_stack(); unsafe { - val = *ptr; // $ Alert[rust/access-after-lifetime-ended]=val + dereferenced_ptr = *ptr; // $ Alert[rust/access-after-lifetime-ended]=val } - println!(" val = {val} (!)"); // corrupt in practice + println!(" val = {dereferenced_ptr} (!)"); // corrupt in practice } fn get_box() -> Box { @@ -819,11 +819,11 @@ fn get_box() -> Box { pub fn test_lifetimes_example_good() { let ptr = get_box(); - let val; + let dereferenced_ptr; use_the_stack(); - val = *ptr; // GOOD + dereferenced_ptr = *ptr; // GOOD - println!(" val = {val}"); + println!(" val = {dereferenced_ptr}"); } From c207cfdeb76e03e427fde1e07755b170c865cf37 Mon Sep 17 00:00:00 2001 From: Kasper Svendsen Date: Mon, 16 Jun 2025 13:06:31 +0200 Subject: [PATCH 047/111] Overlay: Add overlay annotations to Java & shared libraries --- java/ql/lib/Customizations.qll | 2 ++ java/ql/lib/IDEContextual.qll | 2 ++ java/ql/lib/default.qll | 2 ++ java/ql/lib/definitions.qll | 2 ++ java/ql/lib/experimental/quantum/JCA.qll | 3 +++ java/ql/lib/experimental/quantum/Language.qll | 3 +++ java/ql/lib/external/ExternalArtifact.qll | 3 +++ java/ql/lib/java.qll | 2 ++ java/ql/lib/semmle/code/FileSystem.qll | 2 ++ java/ql/lib/semmle/code/Location.qll | 2 ++ java/ql/lib/semmle/code/SMAP.qll | 2 ++ java/ql/lib/semmle/code/Unit.qll | 2 ++ java/ql/lib/semmle/code/configfiles/ConfigFiles.qll | 2 ++ java/ql/lib/semmle/code/java/Annotation.qll | 2 ++ java/ql/lib/semmle/code/java/Collections.qll | 2 ++ java/ql/lib/semmle/code/java/Compilation.qll | 2 ++ java/ql/lib/semmle/code/java/CompilationUnit.qll | 2 ++ java/ql/lib/semmle/code/java/Completion.qll | 2 ++ java/ql/lib/semmle/code/java/Concurrency.qll | 3 +++ java/ql/lib/semmle/code/java/Constants.qll | 2 ++ java/ql/lib/semmle/code/java/ControlFlowGraph.qll | 2 ++ java/ql/lib/semmle/code/java/Conversions.qll | 2 ++ java/ql/lib/semmle/code/java/Dependency.qll | 2 ++ java/ql/lib/semmle/code/java/DependencyCounts.qll | 2 ++ java/ql/lib/semmle/code/java/Diagnostics.qll | 2 ++ java/ql/lib/semmle/code/java/Element.qll | 2 ++ java/ql/lib/semmle/code/java/Exception.qll | 2 ++ java/ql/lib/semmle/code/java/Expr.qll | 2 ++ java/ql/lib/semmle/code/java/GeneratedFiles.qll | 2 ++ java/ql/lib/semmle/code/java/Generics.qll | 2 ++ java/ql/lib/semmle/code/java/Import.qll | 2 ++ java/ql/lib/semmle/code/java/J2EE.qll | 2 ++ java/ql/lib/semmle/code/java/JDK.qll | 2 ++ java/ql/lib/semmle/code/java/JDKAnnotations.qll | 2 ++ java/ql/lib/semmle/code/java/JMX.qll | 2 ++ java/ql/lib/semmle/code/java/Javadoc.qll | 2 ++ java/ql/lib/semmle/code/java/KotlinType.qll | 2 ++ java/ql/lib/semmle/code/java/Maps.qll | 2 ++ java/ql/lib/semmle/code/java/Member.qll | 2 ++ java/ql/lib/semmle/code/java/Modifier.qll | 2 ++ java/ql/lib/semmle/code/java/Modules.qll | 2 ++ java/ql/lib/semmle/code/java/NumberFormatException.qll | 2 ++ java/ql/lib/semmle/code/java/Package.qll | 2 ++ java/ql/lib/semmle/code/java/PrettyPrintAst.qll | 2 ++ java/ql/lib/semmle/code/java/PrintAst.qll | 2 ++ java/ql/lib/semmle/code/java/Reflection.qll | 2 ++ java/ql/lib/semmle/code/java/Serializability.qll | 2 ++ java/ql/lib/semmle/code/java/Statement.qll | 2 ++ java/ql/lib/semmle/code/java/StringFormat.qll | 2 ++ java/ql/lib/semmle/code/java/Type.qll | 4 ++++ java/ql/lib/semmle/code/java/UnitTests.qll | 2 ++ java/ql/lib/semmle/code/java/Variable.qll | 2 ++ java/ql/lib/semmle/code/java/arithmetic/Overflow.qll | 3 +++ java/ql/lib/semmle/code/java/comparison/Comparison.qll | 3 +++ java/ql/lib/semmle/code/java/controlflow/BasicBlocks.qll | 2 ++ java/ql/lib/semmle/code/java/controlflow/Dominance.qll | 6 ++++++ java/ql/lib/semmle/code/java/controlflow/Guards.qll | 2 ++ java/ql/lib/semmle/code/java/controlflow/Paths.qll | 2 ++ .../ql/lib/semmle/code/java/controlflow/SuccessorType.qll | 2 ++ .../semmle/code/java/controlflow/UnreachableBlocks.qll | 2 ++ .../semmle/code/java/controlflow/internal/GuardsLogic.qll | 2 ++ .../code/java/controlflow/internal/Preconditions.qll | 2 ++ .../semmle/code/java/controlflow/internal/SwitchCases.qll | 2 ++ .../ExcludeDebuggingProfilingLogging.qll | 3 +++ java/ql/lib/semmle/code/java/dataflow/ApiSinks.qll | 2 ++ java/ql/lib/semmle/code/java/dataflow/ApiSources.qll | 2 ++ java/ql/lib/semmle/code/java/dataflow/Bound.qll | 2 ++ java/ql/lib/semmle/code/java/dataflow/DataFlow.qll | 2 ++ java/ql/lib/semmle/code/java/dataflow/DefUse.qll | 2 ++ java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll | 2 ++ java/ql/lib/semmle/code/java/dataflow/FlowSinks.qll | 2 ++ java/ql/lib/semmle/code/java/dataflow/FlowSources.qll | 2 ++ java/ql/lib/semmle/code/java/dataflow/FlowSteps.qll | 2 ++ java/ql/lib/semmle/code/java/dataflow/FlowSummary.qll | 2 ++ java/ql/lib/semmle/code/java/dataflow/InstanceAccess.qll | 2 ++ java/ql/lib/semmle/code/java/dataflow/IntegerGuards.qll | 2 ++ java/ql/lib/semmle/code/java/dataflow/ModulusAnalysis.qll | 2 ++ java/ql/lib/semmle/code/java/dataflow/NullGuards.qll | 2 ++ java/ql/lib/semmle/code/java/dataflow/Nullness.qll | 2 ++ java/ql/lib/semmle/code/java/dataflow/RangeAnalysis.qll | 2 ++ java/ql/lib/semmle/code/java/dataflow/RangeUtils.qll | 2 ++ java/ql/lib/semmle/code/java/dataflow/SSA.qll | 2 ++ java/ql/lib/semmle/code/java/dataflow/SignAnalysis.qll | 2 ++ java/ql/lib/semmle/code/java/dataflow/StringPrefixes.qll | 2 ++ java/ql/lib/semmle/code/java/dataflow/TaintTracking.qll | 2 ++ java/ql/lib/semmle/code/java/dataflow/TypeFlow.qll | 2 ++ .../ql/lib/semmle/code/java/dataflow/internal/BaseSSA.qll | 2 ++ .../semmle/code/java/dataflow/internal/ContainerFlow.qll | 3 +++ .../code/java/dataflow/internal/ContentDataFlow.qll | 3 +++ .../code/java/dataflow/internal/DataFlowDispatch.qll | 4 ++++ .../semmle/code/java/dataflow/internal/DataFlowImpl.qll | 3 +++ .../code/java/dataflow/internal/DataFlowImplCommon.qll | 3 +++ .../java/dataflow/internal/DataFlowImplConsistency.qll | 2 ++ .../code/java/dataflow/internal/DataFlowImplSpecific.qll | 2 ++ .../semmle/code/java/dataflow/internal/DataFlowNodes.qll | 3 +++ .../code/java/dataflow/internal/DataFlowPrivate.qll | 3 +++ .../semmle/code/java/dataflow/internal/DataFlowUtil.qll | 4 ++++ .../java/dataflow/internal/ExternalFlowExtensions.qll | 2 ++ .../code/java/dataflow/internal/FlowSummaryImpl.qll | 2 ++ .../code/java/dataflow/internal/ModelExclusions.qll | 2 ++ .../ql/lib/semmle/code/java/dataflow/internal/SsaImpl.qll | 3 +++ .../java/dataflow/internal/TaintTrackingImplSpecific.qll | 2 ++ .../code/java/dataflow/internal/TaintTrackingUtil.qll | 7 +++++++ .../dataflow/internal/rangeanalysis/BoundSpecific.qll | 2 ++ .../internal/rangeanalysis/ModulusAnalysisSpecific.qll | 3 +++ .../code/java/dataflow/internal/rangeanalysis/Sign.qll | 3 +++ .../internal/rangeanalysis/SignAnalysisCommon.qll | 2 ++ .../internal/rangeanalysis/SignAnalysisSpecific.qll | 3 +++ .../internal/rangeanalysis/SsaReadPositionCommon.qll | 2 ++ .../internal/rangeanalysis/SsaReadPositionSpecific.qll | 2 ++ java/ql/lib/semmle/code/java/deadcode/DeadCode.qll | 3 +++ .../ql/lib/semmle/code/java/deadcode/DeadEnumConstant.qll | 3 +++ java/ql/lib/semmle/code/java/deadcode/DeadField.qll | 3 +++ java/ql/lib/semmle/code/java/deadcode/EntryPoints.qll | 3 +++ .../lib/semmle/code/java/deadcode/SpringEntryPoints.qll | 3 +++ .../lib/semmle/code/java/deadcode/StrutsEntryPoints.qll | 3 +++ java/ql/lib/semmle/code/java/deadcode/TestEntryPoints.qll | 3 +++ java/ql/lib/semmle/code/java/deadcode/WebEntryPoints.qll | 3 +++ .../code/java/deadcode/frameworks/CamelEntryPoints.qll | 2 ++ .../code/java/deadcode/frameworks/FitNesseEntryPoints.qll | 3 +++ .../java/deadcode/frameworks/GigaSpacesXAPEntryPoints.qll | 2 ++ java/ql/lib/semmle/code/java/dispatch/DispatchFlow.qll | 2 ++ java/ql/lib/semmle/code/java/dispatch/ObjFlow.qll | 2 ++ java/ql/lib/semmle/code/java/dispatch/VirtualDispatch.qll | 2 ++ .../lib/semmle/code/java/dispatch/WrappedInvocation.qll | 2 ++ .../semmle/code/java/dispatch/internal/Unification.qll | 2 ++ .../lib/semmle/code/java/environment/SystemProperty.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/ApacheHttp.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/ApacheLdap.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/Assertions.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/Camel.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/Castor.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/Cucumber.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/FastJson.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/Flexjson.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/Guice.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/HessianBurlap.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/Hibernate.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/InputStream.qll | 2 ++ .../ql/lib/semmle/code/java/frameworks/IoJsonWebToken.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/JAXB.qll | 2 ++ .../lib/semmle/code/java/frameworks/JUnitAnnotations.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/JYaml.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/Jabsorb.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/Jackson.qll | 2 ++ .../lib/semmle/code/java/frameworks/JavaxAnnotations.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/JaxWS.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/Jdbc.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/Jms.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/Jndi.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/JoddJson.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/JsonIo.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/Kryo.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/Lombok.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/Mail.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/Mockito.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/MyBatis.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/Netty.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/Networking.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/OpenSaml.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/Properties.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/Protobuf.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/Regex.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/Rmi.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/Selenium.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/Servlets.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/SnakeYaml.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/SpringJdbc.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/SpringLdap.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/SpringWeb.qll | 3 +++ java/ql/lib/semmle/code/java/frameworks/Stream.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/ThreadLocal.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/Thrift.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/UnboundId.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/XStream.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/YamlBeans.qll | 2 ++ .../lib/semmle/code/java/frameworks/android/Android.qll | 2 ++ .../lib/semmle/code/java/frameworks/android/AsyncTask.qll | 2 ++ .../lib/semmle/code/java/frameworks/android/Compose.qll | 2 ++ .../code/java/frameworks/android/ContentProviders.qll | 2 ++ .../code/java/frameworks/android/ExternalStorage.qll | 2 ++ .../lib/semmle/code/java/frameworks/android/Fragment.qll | 2 ++ .../ql/lib/semmle/code/java/frameworks/android/Intent.qll | 3 +++ .../ql/lib/semmle/code/java/frameworks/android/Layout.qll | 2 ++ .../java/frameworks/android/OnActivityResultSource.qll | 2 ++ .../semmle/code/java/frameworks/android/PendingIntent.qll | 2 ++ .../ql/lib/semmle/code/java/frameworks/android/SQLite.qll | 2 ++ .../code/java/frameworks/android/SharedPreferences.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/android/Slice.qll | 2 ++ .../lib/semmle/code/java/frameworks/android/WebView.qll | 3 +++ .../ql/lib/semmle/code/java/frameworks/android/Widget.qll | 2 ++ .../semmle/code/java/frameworks/android/XmlParsing.qll | 3 +++ .../semmle/code/java/frameworks/apache/Collections.qll | 2 ++ .../lib/semmle/code/java/frameworks/apache/CommonsXml.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/apache/Lang.qll | 2 ++ .../code/java/frameworks/camel/CamelJavaAnnotations.qll | 2 ++ .../semmle/code/java/frameworks/camel/CamelJavaDSL.qll | 2 ++ .../semmle/code/java/frameworks/gigaspaces/GigaSpaces.qll | 2 ++ .../code/java/frameworks/google/GoogleHttpClientApi.qll | 3 +++ java/ql/lib/semmle/code/java/frameworks/google/Gson.qll | 2 ++ .../code/java/frameworks/google/GsonSerializability.qll | 2 ++ .../lib/semmle/code/java/frameworks/guava/Collections.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/guava/Guava.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/gwt/GWT.qll | 2 ++ .../lib/semmle/code/java/frameworks/gwt/GwtUiBinder.qll | 2 ++ .../semmle/code/java/frameworks/gwt/GwtUiBinderXml.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/gwt/GwtXml.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/hudson/Hudson.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/j2objc/J2ObjC.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/jOOQ.qll | 2 ++ .../java/frameworks/jackson/JacksonSerializability.qll | 2 ++ .../code/java/frameworks/javaee/JavaServerFaces.qll | 2 ++ .../semmle/code/java/frameworks/javaee/Persistence.qll | 2 ++ .../semmle/code/java/frameworks/javaee/PersistenceXML.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/javaee/Xml.qll | 2 ++ .../ql/lib/semmle/code/java/frameworks/javaee/ejb/EJB.qll | 2 ++ .../semmle/code/java/frameworks/javaee/ejb/EJBJarXML.qll | 2 ++ .../code/java/frameworks/javaee/ejb/EJBRestrictions.qll | 2 ++ .../code/java/frameworks/javaee/jsf/JSFAnnotations.qll | 2 ++ .../java/frameworks/javaee/jsf/JSFFacesContextXML.qll | 2 ++ .../code/java/frameworks/javaee/jsf/JSFRenderer.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/javase/Beans.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/javase/Http.qll | 2 ++ .../lib/semmle/code/java/frameworks/javase/WebSocket.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/kotlin/IO.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/kotlin/Kotlin.qll | 2 ++ .../semmle/code/java/frameworks/kotlin/Serialization.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/kotlin/Text.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/mdht/MdhtXml.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/owasp/Esapi.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/play/Play.qll | 2 ++ .../semmle/code/java/frameworks/ratpack/RatpackExec.qll | 2 ++ .../semmle/code/java/frameworks/rundeck/RundeckXml.qll | 2 ++ java/ql/lib/semmle/code/java/frameworks/spring/Spring.qll | 3 +++ .../code/java/frameworks/spring/SpringAbstractRef.qll | 3 +++ .../semmle/code/java/frameworks/spring/SpringAlias.qll | 3 +++ .../semmle/code/java/frameworks/spring/SpringArgType.qll | 3 +++ .../code/java/frameworks/spring/SpringAttribute.qll | 3 +++ .../semmle/code/java/frameworks/spring/SpringAutowire.qll | 2 ++ .../lib/semmle/code/java/frameworks/spring/SpringBean.qll | 3 +++ .../semmle/code/java/frameworks/spring/SpringBeanFile.qll | 3 +++ .../code/java/frameworks/spring/SpringBeanRefType.qll | 3 +++ .../lib/semmle/code/java/frameworks/spring/SpringBoot.qll | 2 ++ .../semmle/code/java/frameworks/spring/SpringCamel.qll | 2 ++ .../code/java/frameworks/spring/SpringComponentScan.qll | 3 +++ .../code/java/frameworks/spring/SpringConstructorArg.qll | 3 +++ .../code/java/frameworks/spring/SpringController.qll | 3 +++ .../code/java/frameworks/spring/SpringDescription.qll | 3 +++ .../semmle/code/java/frameworks/spring/SpringEntry.qll | 3 +++ .../code/java/frameworks/spring/SpringExpression.qll | 2 ++ .../lib/semmle/code/java/frameworks/spring/SpringFlex.qll | 2 ++ .../lib/semmle/code/java/frameworks/spring/SpringHttp.qll | 2 ++ .../semmle/code/java/frameworks/spring/SpringIdRef.qll | 3 +++ .../semmle/code/java/frameworks/spring/SpringImport.qll | 3 +++ .../java/frameworks/spring/SpringInitializingBean.qll | 3 +++ .../lib/semmle/code/java/frameworks/spring/SpringKey.qll | 3 +++ .../lib/semmle/code/java/frameworks/spring/SpringList.qll | 3 +++ .../code/java/frameworks/spring/SpringListOrSet.qll | 3 +++ .../code/java/frameworks/spring/SpringLookupMethod.qll | 3 +++ .../lib/semmle/code/java/frameworks/spring/SpringMap.qll | 3 +++ .../semmle/code/java/frameworks/spring/SpringMergable.qll | 3 +++ .../lib/semmle/code/java/frameworks/spring/SpringMeta.qll | 3 +++ .../lib/semmle/code/java/frameworks/spring/SpringNull.qll | 3 +++ .../semmle/code/java/frameworks/spring/SpringProfile.qll | 3 +++ .../lib/semmle/code/java/frameworks/spring/SpringProp.qll | 3 +++ .../semmle/code/java/frameworks/spring/SpringProperty.qll | 3 +++ .../semmle/code/java/frameworks/spring/SpringProps.qll | 3 +++ .../code/java/frameworks/spring/SpringQualifier.qll | 3 +++ .../lib/semmle/code/java/frameworks/spring/SpringRef.qll | 3 +++ .../code/java/frameworks/spring/SpringReplacedMethod.qll | 3 +++ .../semmle/code/java/frameworks/spring/SpringSecurity.qll | 2 ++ .../lib/semmle/code/java/frameworks/spring/SpringSet.qll | 3 +++ .../semmle/code/java/frameworks/spring/SpringValue.qll | 3 +++ .../lib/semmle/code/java/frameworks/spring/SpringWeb.qll | 2 ++ .../code/java/frameworks/spring/SpringWebClient.qll | 2 ++ .../code/java/frameworks/spring/SpringXMLElement.qll | 3 +++ .../java/frameworks/spring/metrics/MetricSpringBean.qll | 3 +++ .../frameworks/spring/metrics/MetricSpringBeanFile.qll | 3 +++ .../lib/semmle/code/java/frameworks/stapler/Stapler.qll | 2 ++ .../java/frameworks/struts/Struts2Serializability.qll | 2 ++ .../semmle/code/java/frameworks/struts/StrutsActions.qll | 3 +++ .../code/java/frameworks/struts/StrutsAnnotations.qll | 3 +++ .../code/java/frameworks/struts/StrutsConventions.qll | 3 +++ .../lib/semmle/code/java/frameworks/struts/StrutsXML.qll | 3 +++ java/ql/lib/semmle/code/java/metrics/MetricCallable.qll | 2 ++ java/ql/lib/semmle/code/java/metrics/MetricElement.qll | 2 ++ java/ql/lib/semmle/code/java/metrics/MetricField.qll | 2 ++ java/ql/lib/semmle/code/java/metrics/MetricPackage.qll | 2 ++ java/ql/lib/semmle/code/java/metrics/MetricRefType.qll | 2 ++ java/ql/lib/semmle/code/java/metrics/MetricStmt.qll | 2 ++ java/ql/lib/semmle/code/java/os/OSCheck.qll | 2 ++ java/ql/lib/semmle/code/java/regex/RegexFlowConfigs.qll | 2 ++ java/ql/lib/semmle/code/java/regex/RegexTreeView.qll | 2 ++ java/ql/lib/semmle/code/java/regex/regex.qll | 2 ++ .../code/java/security/AndroidIntentRedirection.qll | 2 ++ .../semmle/code/java/security/AndroidLocalAuthQuery.qll | 2 ++ .../security/AndroidWebViewCertificateValidationQuery.qll | 2 ++ .../code/java/security/ArbitraryApkInstallation.qll | 2 ++ .../ql/lib/semmle/code/java/security/ArithmeticCommon.qll | 2 ++ .../ql/lib/semmle/code/java/security/CommandArguments.qll | 2 ++ .../ql/lib/semmle/code/java/security/ControlledString.qll | 2 ++ java/ql/lib/semmle/code/java/security/Cookies.qll | 2 ++ java/ql/lib/semmle/code/java/security/Encryption.qll | 2 ++ java/ql/lib/semmle/code/java/security/ExternalAPIs.qll | 2 ++ java/ql/lib/semmle/code/java/security/ExternalProcess.qll | 2 ++ java/ql/lib/semmle/code/java/security/FileReadWrite.qll | 3 +++ java/ql/lib/semmle/code/java/security/FileWritable.qll | 3 +++ .../lib/semmle/code/java/security/FragmentInjection.qll | 2 ++ java/ql/lib/semmle/code/java/security/GroovyInjection.qll | 2 ++ .../semmle/code/java/security/HardcodedCredentials.qll | 2 ++ .../code/java/security/HardcodedCredentialsComparison.qll | 2 ++ .../semmle/code/java/security/HardcodedPasswordField.qll | 2 ++ java/ql/lib/semmle/code/java/security/HttpsUrls.qll | 2 ++ .../semmle/code/java/security/ImplicitPendingIntents.qll | 2 ++ .../code/java/security/ImplicitPendingIntentsQuery.qll | 2 ++ .../java/security/ImplicitlyExportedAndroidComponent.qll | 2 ++ java/ql/lib/semmle/code/java/security/InformationLeak.qll | 2 ++ .../lib/semmle/code/java/security/InsecureBasicAuth.qll | 2 ++ .../ql/lib/semmle/code/java/security/InsecureLdapAuth.qll | 2 ++ .../semmle/code/java/security/InsecureTrustManager.qll | 2 ++ .../lib/semmle/code/java/security/InsufficientKeySize.qll | 2 ++ .../code/java/security/InsufficientKeySizeQuery.qll | 2 ++ .../java/security/IntentUriPermissionManipulation.qll | 2 ++ java/ql/lib/semmle/code/java/security/JWT.qll | 2 ++ java/ql/lib/semmle/code/java/security/JndiInjection.qll | 2 ++ java/ql/lib/semmle/code/java/security/LdapInjection.qll | 2 ++ .../code/java/security/ListOfConstantsSanitizer.qll | 2 ++ java/ql/lib/semmle/code/java/security/LogInjection.qll | 2 ++ java/ql/lib/semmle/code/java/security/Mail.qll | 2 ++ java/ql/lib/semmle/code/java/security/MvelInjection.qll | 2 ++ java/ql/lib/semmle/code/java/security/OgnlInjection.qll | 2 ++ .../semmle/code/java/security/PartialPathTraversal.qll | 2 ++ java/ql/lib/semmle/code/java/security/PathSanitizer.qll | 2 ++ java/ql/lib/semmle/code/java/security/QueryInjection.qll | 2 ++ .../ql/lib/semmle/code/java/security/RandomDataSource.qll | 2 ++ java/ql/lib/semmle/code/java/security/RelativePaths.qll | 2 ++ java/ql/lib/semmle/code/java/security/RequestForgery.qll | 2 ++ .../lib/semmle/code/java/security/ResponseSplitting.qll | 2 ++ java/ql/lib/semmle/code/java/security/Sanitizers.qll | 2 ++ java/ql/lib/semmle/code/java/security/SecurityFlag.qll | 2 ++ java/ql/lib/semmle/code/java/security/SecurityTests.qll | 2 ++ .../ql/lib/semmle/code/java/security/SensitiveActions.qll | 2 ++ java/ql/lib/semmle/code/java/security/SensitiveApi.qll | 2 ++ java/ql/lib/semmle/code/java/security/SpelInjection.qll | 2 ++ .../code/java/security/SpringBootActuatorsQuery.qll | 2 ++ .../semmle/code/java/security/SpringCsrfProtection.qll | 2 ++ .../lib/semmle/code/java/security/SqlConcatenatedLib.qll | 2 ++ java/ql/lib/semmle/code/java/security/TempDirUtils.qll | 2 ++ .../lib/semmle/code/java/security/TemplateInjection.qll | 2 ++ .../lib/semmle/code/java/security/UnsafeAndroidAccess.qll | 2 ++ java/ql/lib/semmle/code/java/security/UnsafeCertTrust.qll | 2 ++ .../code/java/security/UnsafeContentUriResolution.qll | 2 ++ java/ql/lib/semmle/code/java/security/UrlRedirect.qll | 2 ++ java/ql/lib/semmle/code/java/security/Validation.qll | 3 +++ java/ql/lib/semmle/code/java/security/XPath.qll | 2 ++ java/ql/lib/semmle/code/java/security/XSS.qll | 2 ++ java/ql/lib/semmle/code/java/security/XmlParsers.qll | 2 ++ java/ql/lib/semmle/code/java/security/XsltInjection.qll | 2 ++ java/ql/lib/semmle/code/java/security/Xxe.qll | 2 ++ .../semmle/code/java/security/internal/ArraySizing.qll | 2 ++ .../semmle/code/java/security/internal/BoundingChecks.qll | 2 ++ .../code/java/security/internal/EncryptionKeySizes.qll | 2 ++ .../semmle/code/java/security/regexp/RegexInjection.qll | 2 ++ java/ql/lib/semmle/code/xml/AndroidManifest.qll | 2 ++ java/ql/lib/semmle/code/xml/Ant.qll | 2 ++ java/ql/lib/semmle/code/xml/MavenPom.qll | 2 ++ java/ql/lib/semmle/code/xml/WebXML.qll | 3 +++ java/ql/lib/semmle/code/xml/XML.qll | 2 ++ java/ql/lib/semmle/files/FileSystem.qll | 2 ++ .../utils/test/internal/InlineExpectationsTestImpl.qll | 3 +++ shared/controlflow/codeql/controlflow/BasicBlock.qll | 2 ++ shared/controlflow/codeql/controlflow/Cfg.qll | 2 ++ shared/dataflow/codeql/dataflow/DataFlow.qll | 2 ++ shared/dataflow/codeql/dataflow/TaintTracking.qll | 2 ++ shared/dataflow/codeql/dataflow/VariableCapture.qll | 2 ++ .../codeql/dataflow/internal/AccessPathSyntax.qll | 2 ++ .../codeql/dataflow/internal/ContentDataFlowImpl.qll | 2 ++ shared/dataflow/codeql/dataflow/internal/DataFlowImpl.qll | 5 +++++ .../codeql/dataflow/internal/DataFlowImplCommon.qll | 8 ++++++++ .../codeql/dataflow/internal/DataFlowImplConsistency.qll | 2 ++ .../codeql/dataflow/internal/DataFlowImplStage1.qll | 3 +++ .../dataflow/codeql/dataflow/internal/FlowSummaryImpl.qll | 2 ++ .../dataflow/codeql/dataflow/test/ProvenancePathGraph.qll | 2 ++ shared/mad/codeql/mad/ModelValidation.qll | 2 ++ shared/mad/codeql/mad/dynamic/GraphExport.qll | 2 ++ .../mad/modelgenerator/internal/ModelGeneratorImpl.qll | 2 ++ .../codeql/mad/modelgenerator/internal/ModelPrinting.qll | 3 +++ shared/quantum/codeql/quantum/experimental/Model.qll | 2 ++ .../codeql/rangeanalysis/ModulusAnalysis.qll | 2 ++ .../rangeanalysis/codeql/rangeanalysis/RangeAnalysis.qll | 2 ++ .../codeql/rangeanalysis/internal/RangeUtils.qll | 3 +++ shared/regex/codeql/regex/HostnameRegexp.qll | 2 ++ shared/regex/codeql/regex/MissingRegExpAnchor.qll | 2 ++ shared/regex/codeql/regex/OverlyLargeRangeQuery.qll | 2 ++ shared/regex/codeql/regex/RegexTreeView.qll | 2 ++ shared/regex/codeql/regex/nfa/BadTagFilterQuery.qll | 2 ++ shared/regex/codeql/regex/nfa/ExponentialBackTracking.qll | 2 ++ shared/regex/codeql/regex/nfa/NfaUtils.qll | 2 ++ shared/regex/codeql/regex/nfa/RegexpMatching.qll | 2 ++ shared/regex/codeql/regex/nfa/SuperlinearBackTracking.qll | 3 +++ shared/ssa/codeql/ssa/Ssa.qll | 2 ++ shared/threat-models/codeql/threatmodels/ThreatModels.qll | 2 ++ shared/typeflow/codeql/typeflow/TypeFlow.qll | 2 ++ shared/typeflow/codeql/typeflow/UniversalFlow.qll | 2 ++ shared/typeflow/codeql/typeflow/internal/TypeFlowImpl.qll | 3 +++ .../codeql/typeinference/internal/TypeInference.qll | 4 ++++ shared/typetracking/codeql/typetracking/TypeTracking.qll | 2 ++ .../codeql/typetracking/internal/SummaryTypeTracker.qll | 2 ++ .../codeql/typetracking/internal/TypeTrackingImpl.qll | 4 ++++ shared/typos/codeql/typos/TypoDatabase.qll | 3 +++ shared/util/codeql/util/AlertFiltering.qll | 2 ++ shared/util/codeql/util/Boolean.qll | 2 ++ shared/util/codeql/util/DenseRank.qll | 2 ++ shared/util/codeql/util/Either.qll | 2 ++ shared/util/codeql/util/FilePath.qll | 2 ++ shared/util/codeql/util/FileSystem.qll | 2 ++ shared/util/codeql/util/Location.qll | 2 ++ shared/util/codeql/util/Numbers.qll | 2 ++ shared/util/codeql/util/Option.qll | 2 ++ shared/util/codeql/util/ReportStats.qll | 1 + shared/util/codeql/util/Strings.qll | 3 +++ shared/util/codeql/util/Unit.qll | 2 ++ shared/util/codeql/util/Void.qll | 2 ++ shared/util/codeql/util/suppression/AlertSuppression.qll | 3 +++ .../codeql/util/test/ExternalLocationPostProcessing.qll | 1 + shared/xml/codeql/xml/Xml.qll | 2 ++ shared/yaml/codeql/serverless/ServerLess.qll | 2 ++ shared/yaml/codeql/yaml/Yaml.qll | 2 ++ 428 files changed, 966 insertions(+) diff --git a/java/ql/lib/Customizations.qll b/java/ql/lib/Customizations.qll index 1f5716726e3..f083e086450 100644 --- a/java/ql/lib/Customizations.qll +++ b/java/ql/lib/Customizations.qll @@ -8,5 +8,7 @@ * the `RemoteFlowSource` and `AdditionalTaintStep` classes associated with the security queries * to model frameworks that are not covered by the standard library. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/IDEContextual.qll b/java/ql/lib/IDEContextual.qll index f26956bcca0..e74d51898e8 100644 --- a/java/ql/lib/IDEContextual.qll +++ b/java/ql/lib/IDEContextual.qll @@ -1,6 +1,8 @@ /** * Provides shared predicates related to contextual queries in the code viewer. */ +overlay[local?] +module; import semmle.files.FileSystem private import codeql.util.FileSystem diff --git a/java/ql/lib/default.qll b/java/ql/lib/default.qll index 79ed05a7c37..66060273e96 100644 --- a/java/ql/lib/default.qll +++ b/java/ql/lib/default.qll @@ -1,3 +1,5 @@ /** DEPRECATED: use `java.qll` instead. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/definitions.qll b/java/ql/lib/definitions.qll index aa5de3eb401..f0a4e859b08 100644 --- a/java/ql/lib/definitions.qll +++ b/java/ql/lib/definitions.qll @@ -2,6 +2,8 @@ * Provides classes and predicates related to jump-to-definition links * in the code viewer. */ +overlay[local?] +module; import java import IDEContextual diff --git a/java/ql/lib/experimental/quantum/JCA.qll b/java/ql/lib/experimental/quantum/JCA.qll index 16afa26347f..113f031f55b 100644 --- a/java/ql/lib/experimental/quantum/JCA.qll +++ b/java/ql/lib/experimental/quantum/JCA.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.dataflow.DataFlow import semmle.code.java.dataflow.TaintTracking diff --git a/java/ql/lib/experimental/quantum/Language.qll b/java/ql/lib/experimental/quantum/Language.qll index 59164901c10..975a8ad8e1f 100644 --- a/java/ql/lib/experimental/quantum/Language.qll +++ b/java/ql/lib/experimental/quantum/Language.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + private import java as Language private import semmle.code.java.security.InsecureRandomnessQuery private import semmle.code.java.security.RandomQuery diff --git a/java/ql/lib/external/ExternalArtifact.qll b/java/ql/lib/external/ExternalArtifact.qll index 2e782a6a4da..cdba653062a 100644 --- a/java/ql/lib/external/ExternalArtifact.qll +++ b/java/ql/lib/external/ExternalArtifact.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java class ExternalData extends @externalDataElement { diff --git a/java/ql/lib/java.qll b/java/ql/lib/java.qll index ce0905184f4..9644343e93b 100644 --- a/java/ql/lib/java.qll +++ b/java/ql/lib/java.qll @@ -1,4 +1,6 @@ /** Provides all default Java QL imports. */ +overlay[local?] +module; import Customizations import semmle.code.FileSystem diff --git a/java/ql/lib/semmle/code/FileSystem.qll b/java/ql/lib/semmle/code/FileSystem.qll index a7c38b41ca5..92c888304ff 100644 --- a/java/ql/lib/semmle/code/FileSystem.qll +++ b/java/ql/lib/semmle/code/FileSystem.qll @@ -1,4 +1,6 @@ /** Provides classes for working with files and folders. */ +overlay[local?] +module; import Location private import codeql.util.FileSystem diff --git a/java/ql/lib/semmle/code/Location.qll b/java/ql/lib/semmle/code/Location.qll index abc1d19d0f8..14fc7a99532 100644 --- a/java/ql/lib/semmle/code/Location.qll +++ b/java/ql/lib/semmle/code/Location.qll @@ -3,6 +3,8 @@ * * Locations represent parts of files and are used to map elements to their source location. */ +overlay[local?] +module; import FileSystem import semmle.code.java.Element diff --git a/java/ql/lib/semmle/code/SMAP.qll b/java/ql/lib/semmle/code/SMAP.qll index 575d54f92de..96243a78d7b 100644 --- a/java/ql/lib/semmle/code/SMAP.qll +++ b/java/ql/lib/semmle/code/SMAP.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with SMAP files (see JSR-045). */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/Unit.qll b/java/ql/lib/semmle/code/Unit.qll index 83a4a03321d..e31457eae1a 100644 --- a/java/ql/lib/semmle/code/Unit.qll +++ b/java/ql/lib/semmle/code/Unit.qll @@ -1,3 +1,5 @@ /** Provides the `Unit` class. */ +overlay[local?] +module; import codeql.util.Unit diff --git a/java/ql/lib/semmle/code/configfiles/ConfigFiles.qll b/java/ql/lib/semmle/code/configfiles/ConfigFiles.qll index 282f1c1228a..0c69f45c56f 100644 --- a/java/ql/lib/semmle/code/configfiles/ConfigFiles.qll +++ b/java/ql/lib/semmle/code/configfiles/ConfigFiles.qll @@ -2,6 +2,8 @@ * Provides classes and predicates for working with configuration files, such * as Java `.properties` or `.ini` files. */ +overlay[local?] +module; import semmle.code.Location diff --git a/java/ql/lib/semmle/code/java/Annotation.qll b/java/ql/lib/semmle/code/java/Annotation.qll index f39b1f3420a..ba5ce65daac 100644 --- a/java/ql/lib/semmle/code/java/Annotation.qll +++ b/java/ql/lib/semmle/code/java/Annotation.qll @@ -8,6 +8,8 @@ * Each annotation type has zero or more annotation elements that contain a * name and possibly a value. */ +overlay[local?] +module; import Element import Expr diff --git a/java/ql/lib/semmle/code/java/Collections.qll b/java/ql/lib/semmle/code/java/Collections.qll index 9fd64dc60ee..d121512c319 100644 --- a/java/ql/lib/semmle/code/java/Collections.qll +++ b/java/ql/lib/semmle/code/java/Collections.qll @@ -2,6 +2,8 @@ * Provides classes and predicates for reasoning about instances of * `java.util.Collection` and their methods. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/Compilation.qll b/java/ql/lib/semmle/code/java/Compilation.qll index c52f308e8e3..83550539046 100644 --- a/java/ql/lib/semmle/code/java/Compilation.qll +++ b/java/ql/lib/semmle/code/java/Compilation.qll @@ -1,6 +1,8 @@ /** * Provides a class representing individual compiler invocations that occurred during the build. */ +overlay[local?] +module; import semmle.code.FileSystem diff --git a/java/ql/lib/semmle/code/java/CompilationUnit.qll b/java/ql/lib/semmle/code/java/CompilationUnit.qll index 9b4b58e9a9b..546c3d26ea3 100644 --- a/java/ql/lib/semmle/code/java/CompilationUnit.qll +++ b/java/ql/lib/semmle/code/java/CompilationUnit.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with Java compilation units. */ +overlay[local?] +module; import Element import Package diff --git a/java/ql/lib/semmle/code/java/Completion.qll b/java/ql/lib/semmle/code/java/Completion.qll index 6ccdb16df72..35d3c83e2ee 100644 --- a/java/ql/lib/semmle/code/java/Completion.qll +++ b/java/ql/lib/semmle/code/java/Completion.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for representing completions. */ +overlay[local?] +module; /* * A completion represents how a statement or expression terminates. diff --git a/java/ql/lib/semmle/code/java/Concurrency.qll b/java/ql/lib/semmle/code/java/Concurrency.qll index 61e76525ec8..0e510db3443 100644 --- a/java/ql/lib/semmle/code/java/Concurrency.qll +++ b/java/ql/lib/semmle/code/java/Concurrency.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java /** diff --git a/java/ql/lib/semmle/code/java/Constants.qll b/java/ql/lib/semmle/code/java/Constants.qll index 9e35a925be3..0cad92b7fc6 100644 --- a/java/ql/lib/semmle/code/java/Constants.qll +++ b/java/ql/lib/semmle/code/java/Constants.qll @@ -1,6 +1,8 @@ /** * Provdides a module to calculate constant integer and boolean values. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/ControlFlowGraph.qll b/java/ql/lib/semmle/code/java/ControlFlowGraph.qll index 0d9d685cc71..25ec9dc9ef4 100644 --- a/java/ql/lib/semmle/code/java/ControlFlowGraph.qll +++ b/java/ql/lib/semmle/code/java/ControlFlowGraph.qll @@ -7,6 +7,8 @@ * statement, an expression, or an exit node for a callable, indicating that * execution of the callable terminates. */ +overlay[local?] +module; /* * The implementation is centered around the concept of a _completion_, which diff --git a/java/ql/lib/semmle/code/java/Conversions.qll b/java/ql/lib/semmle/code/java/Conversions.qll index f3deb311a3d..76b74fd1eb7 100644 --- a/java/ql/lib/semmle/code/java/Conversions.qll +++ b/java/ql/lib/semmle/code/java/Conversions.qll @@ -4,6 +4,8 @@ * * See the Java Language Specification, Section 5, for details. */ +overlay[local?] +module; import java import semmle.code.java.arithmetic.Overflow diff --git a/java/ql/lib/semmle/code/java/Dependency.qll b/java/ql/lib/semmle/code/java/Dependency.qll index 8514bcb466a..138ab7523a4 100644 --- a/java/ql/lib/semmle/code/java/Dependency.qll +++ b/java/ql/lib/semmle/code/java/Dependency.qll @@ -1,6 +1,8 @@ /** * Provides utility predicates for representing dependencies between types. */ +overlay[local?] +module; import Type import Generics diff --git a/java/ql/lib/semmle/code/java/DependencyCounts.qll b/java/ql/lib/semmle/code/java/DependencyCounts.qll index 4cb958373a9..13709ebaf29 100644 --- a/java/ql/lib/semmle/code/java/DependencyCounts.qll +++ b/java/ql/lib/semmle/code/java/DependencyCounts.qll @@ -1,6 +1,8 @@ /** * This library provides utility predicates for representing the number of dependencies between types. */ +overlay[local?] +module; import Type import Generics diff --git a/java/ql/lib/semmle/code/java/Diagnostics.qll b/java/ql/lib/semmle/code/java/Diagnostics.qll index 0134b32c5c0..c93e6850b3d 100644 --- a/java/ql/lib/semmle/code/java/Diagnostics.qll +++ b/java/ql/lib/semmle/code/java/Diagnostics.qll @@ -1,6 +1,8 @@ /** * Provides classes representing warnings generated during compilation. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/Element.qll b/java/ql/lib/semmle/code/java/Element.qll index 2032d72ee5f..dca3c8d91eb 100644 --- a/java/ql/lib/semmle/code/java/Element.qll +++ b/java/ql/lib/semmle/code/java/Element.qll @@ -1,6 +1,8 @@ /** * Provides a class that represents named elements in Java programs. */ +overlay[local?] +module; import CompilationUnit import semmle.code.Location diff --git a/java/ql/lib/semmle/code/java/Exception.qll b/java/ql/lib/semmle/code/java/Exception.qll index 0b92975a580..abd93499462 100644 --- a/java/ql/lib/semmle/code/java/Exception.qll +++ b/java/ql/lib/semmle/code/java/Exception.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with Java exceptions. */ +overlay[local?] +module; import Element import Type diff --git a/java/ql/lib/semmle/code/java/Expr.qll b/java/ql/lib/semmle/code/java/Expr.qll index e7dd817cecd..182bf5b7001 100644 --- a/java/ql/lib/semmle/code/java/Expr.qll +++ b/java/ql/lib/semmle/code/java/Expr.qll @@ -1,6 +1,8 @@ /** * Provides classes for working with Java expressions. */ +overlay[local?] +module; import java private import semmle.code.java.frameworks.android.Compose diff --git a/java/ql/lib/semmle/code/java/GeneratedFiles.qll b/java/ql/lib/semmle/code/java/GeneratedFiles.qll index 31a229f507f..7c4a6d4cbb5 100644 --- a/java/ql/lib/semmle/code/java/GeneratedFiles.qll +++ b/java/ql/lib/semmle/code/java/GeneratedFiles.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with the most common types of generated files. */ +overlay[local?] +module; import Type private import semmle.code.java.frameworks.JavaxAnnotations diff --git a/java/ql/lib/semmle/code/java/Generics.qll b/java/ql/lib/semmle/code/java/Generics.qll index a50dcabe224..e0204b1beac 100644 --- a/java/ql/lib/semmle/code/java/Generics.qll +++ b/java/ql/lib/semmle/code/java/Generics.qll @@ -30,6 +30,8 @@ * * The terminology for generic methods is analogous. */ +overlay[local?] +module; import Type diff --git a/java/ql/lib/semmle/code/java/Import.qll b/java/ql/lib/semmle/code/java/Import.qll index cef66c34ae1..aed04115555 100644 --- a/java/ql/lib/semmle/code/java/Import.qll +++ b/java/ql/lib/semmle/code/java/Import.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with Java imports. */ +overlay[local?] +module; import semmle.code.Location import CompilationUnit diff --git a/java/ql/lib/semmle/code/java/J2EE.qll b/java/ql/lib/semmle/code/java/J2EE.qll index 70c207a3579..4412b3715e3 100644 --- a/java/ql/lib/semmle/code/java/J2EE.qll +++ b/java/ql/lib/semmle/code/java/J2EE.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with J2EE bean types. */ +overlay[local?] +module; import Type diff --git a/java/ql/lib/semmle/code/java/JDK.qll b/java/ql/lib/semmle/code/java/JDK.qll index 27a8b2a9ca7..897e857ba10 100644 --- a/java/ql/lib/semmle/code/java/JDK.qll +++ b/java/ql/lib/semmle/code/java/JDK.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with standard classes and methods from the JDK. */ +overlay[local?] +module; import Member import semmle.code.java.security.ExternalProcess diff --git a/java/ql/lib/semmle/code/java/JDKAnnotations.qll b/java/ql/lib/semmle/code/java/JDKAnnotations.qll index 5f3e7068855..aac7242ad4f 100644 --- a/java/ql/lib/semmle/code/java/JDKAnnotations.qll +++ b/java/ql/lib/semmle/code/java/JDKAnnotations.qll @@ -1,6 +1,8 @@ /** * Provides classes that represent standard annotations from the JDK. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/JMX.qll b/java/ql/lib/semmle/code/java/JMX.qll index 11849be0bee..3f18e0ecf3d 100644 --- a/java/ql/lib/semmle/code/java/JMX.qll +++ b/java/ql/lib/semmle/code/java/JMX.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with JMX bean types. */ +overlay[local?] +module; import Type diff --git a/java/ql/lib/semmle/code/java/Javadoc.qll b/java/ql/lib/semmle/code/java/Javadoc.qll index f14d8776ddc..ef8f77bf9ba 100644 --- a/java/ql/lib/semmle/code/java/Javadoc.qll +++ b/java/ql/lib/semmle/code/java/Javadoc.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with Javadoc documentation. */ +overlay[local?] +module; import semmle.code.Location diff --git a/java/ql/lib/semmle/code/java/KotlinType.qll b/java/ql/lib/semmle/code/java/KotlinType.qll index 3e5597c5579..9d29f3b441e 100644 --- a/java/ql/lib/semmle/code/java/KotlinType.qll +++ b/java/ql/lib/semmle/code/java/KotlinType.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with Kotlin types. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/Maps.qll b/java/ql/lib/semmle/code/java/Maps.qll index 1089e892415..25c8659f2c9 100644 --- a/java/ql/lib/semmle/code/java/Maps.qll +++ b/java/ql/lib/semmle/code/java/Maps.qll @@ -2,6 +2,8 @@ * Provides classes and predicates for reasoning about instances of * `java.util.Map` and their methods. */ +overlay[local?] +module; import java import Collections diff --git a/java/ql/lib/semmle/code/java/Member.qll b/java/ql/lib/semmle/code/java/Member.qll index f6f4ca56f92..662eab06bd1 100644 --- a/java/ql/lib/semmle/code/java/Member.qll +++ b/java/ql/lib/semmle/code/java/Member.qll @@ -2,6 +2,8 @@ * Provides classes and predicates for working with members of Java classes and interfaces, * that is, methods, constructors, fields and nested types. */ +overlay[local?] +module; import Element import Type diff --git a/java/ql/lib/semmle/code/java/Modifier.qll b/java/ql/lib/semmle/code/java/Modifier.qll index 150b65be671..864691bf835 100644 --- a/java/ql/lib/semmle/code/java/Modifier.qll +++ b/java/ql/lib/semmle/code/java/Modifier.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with Java modifiers. */ +overlay[local?] +module; import Element diff --git a/java/ql/lib/semmle/code/java/Modules.qll b/java/ql/lib/semmle/code/java/Modules.qll index c8aed33a0fc..a1bceb72e0b 100644 --- a/java/ql/lib/semmle/code/java/Modules.qll +++ b/java/ql/lib/semmle/code/java/Modules.qll @@ -1,6 +1,8 @@ /** * Provides classes for working with Java modules. */ +overlay[local?] +module; import CompilationUnit diff --git a/java/ql/lib/semmle/code/java/NumberFormatException.qll b/java/ql/lib/semmle/code/java/NumberFormatException.qll index 841d64b0098..83f66d1a709 100644 --- a/java/ql/lib/semmle/code/java/NumberFormatException.qll +++ b/java/ql/lib/semmle/code/java/NumberFormatException.qll @@ -1,4 +1,6 @@ /** Provides classes and predicates for reasoning about `java.lang.NumberFormatException`. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/Package.qll b/java/ql/lib/semmle/code/java/Package.qll index 466c97e561d..e0621f4de54 100644 --- a/java/ql/lib/semmle/code/java/Package.qll +++ b/java/ql/lib/semmle/code/java/Package.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with Java packages. */ +overlay[local?] +module; import Element import Type diff --git a/java/ql/lib/semmle/code/java/PrettyPrintAst.qll b/java/ql/lib/semmle/code/java/PrettyPrintAst.qll index de1bf3100a3..3d907a5a099 100644 --- a/java/ql/lib/semmle/code/java/PrettyPrintAst.qll +++ b/java/ql/lib/semmle/code/java/PrettyPrintAst.qll @@ -2,6 +2,8 @@ * Provides pretty-printed representations of the AST, in particular top-level * classes and interfaces. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/PrintAst.qll b/java/ql/lib/semmle/code/java/PrintAst.qll index 0af012234bb..52d344401d7 100644 --- a/java/ql/lib/semmle/code/java/PrintAst.qll +++ b/java/ql/lib/semmle/code/java/PrintAst.qll @@ -5,6 +5,8 @@ * extend `PrintAstConfiguration` and override `shouldPrint` to hold for only the elements * you wish to view the AST for. */ +overlay[local?] +module; import java import semmle.code.java.regex.RegexTreeView as RegexTreeView diff --git a/java/ql/lib/semmle/code/java/Reflection.qll b/java/ql/lib/semmle/code/java/Reflection.qll index da287387e17..e37187231b9 100644 --- a/java/ql/lib/semmle/code/java/Reflection.qll +++ b/java/ql/lib/semmle/code/java/Reflection.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with Java Reflection. */ +overlay[local?] +module; import java import JDKAnnotations diff --git a/java/ql/lib/semmle/code/java/Serializability.qll b/java/ql/lib/semmle/code/java/Serializability.qll index 479d1d8cdb0..639cc0c18eb 100644 --- a/java/ql/lib/semmle/code/java/Serializability.qll +++ b/java/ql/lib/semmle/code/java/Serializability.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with Java Serialization. */ +overlay[local?] +module; import java private import frameworks.jackson.JacksonSerializability diff --git a/java/ql/lib/semmle/code/java/Statement.qll b/java/ql/lib/semmle/code/java/Statement.qll index da9621f9ce3..73b0aac5cbd 100644 --- a/java/ql/lib/semmle/code/java/Statement.qll +++ b/java/ql/lib/semmle/code/java/Statement.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with Java statements. */ +overlay[local?] +module; import Expr import metrics.MetricStmt diff --git a/java/ql/lib/semmle/code/java/StringFormat.qll b/java/ql/lib/semmle/code/java/StringFormat.qll index 4ed39c02a84..da69a5b9b8f 100644 --- a/java/ql/lib/semmle/code/java/StringFormat.qll +++ b/java/ql/lib/semmle/code/java/StringFormat.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for reasoning about string formatting. */ +overlay[local?] +module; import java import dataflow.DefUse diff --git a/java/ql/lib/semmle/code/java/Type.qll b/java/ql/lib/semmle/code/java/Type.qll index 5036bbea622..95e4ecc7ff7 100644 --- a/java/ql/lib/semmle/code/java/Type.qll +++ b/java/ql/lib/semmle/code/java/Type.qll @@ -9,6 +9,8 @@ * Classes and interfaces can also be local (`LocalClassOrInterface`, `LocalClass`) or anonymous (`AnonymousClass`). * Enumerated types (`EnumType`) and records (`Record`) are special kinds of classes. */ +overlay[local?] +module; import Member import Modifier @@ -668,6 +670,7 @@ class RefType extends Type, Annotatable, Modifiable, @reftype { * * For the definition of the notion of *erasure* see JLS v8, section 4.6 (Type Erasure). */ + overlay[caller] pragma[inline] RefType commonSubtype(RefType other) { result.getASourceSupertype*() = erase(this) and @@ -1257,6 +1260,7 @@ private Type erase(Type t) { * * For the definition of the notion of *erasure* see JLS v8, section 4.6 (Type Erasure). */ +overlay[caller] pragma[inline] predicate haveIntersection(RefType t1, RefType t2) { exists(RefType e1, RefType e2 | e1 = erase(t1) and e2 = erase(t2) | diff --git a/java/ql/lib/semmle/code/java/UnitTests.qll b/java/ql/lib/semmle/code/java/UnitTests.qll index f229440e4ee..6c05fecab01 100644 --- a/java/ql/lib/semmle/code/java/UnitTests.qll +++ b/java/ql/lib/semmle/code/java/UnitTests.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with test classes and methods. */ +overlay[local?] +module; import Type import Member diff --git a/java/ql/lib/semmle/code/java/Variable.qll b/java/ql/lib/semmle/code/java/Variable.qll index a4cf09df055..50fd7a06484 100644 --- a/java/ql/lib/semmle/code/java/Variable.qll +++ b/java/ql/lib/semmle/code/java/Variable.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with Java variables and their declarations. */ +overlay[local?] +module; import Element diff --git a/java/ql/lib/semmle/code/java/arithmetic/Overflow.qll b/java/ql/lib/semmle/code/java/arithmetic/Overflow.qll index e92d8352fe9..471f271eb86 100644 --- a/java/ql/lib/semmle/code/java/arithmetic/Overflow.qll +++ b/java/ql/lib/semmle/code/java/arithmetic/Overflow.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java /** A subclass of `PrimitiveType` with width-based ordering methods. */ diff --git a/java/ql/lib/semmle/code/java/comparison/Comparison.qll b/java/ql/lib/semmle/code/java/comparison/Comparison.qll index 27ed9271e99..7aea0f6fb25 100644 --- a/java/ql/lib/semmle/code/java/comparison/Comparison.qll +++ b/java/ql/lib/semmle/code/java/comparison/Comparison.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java /** diff --git a/java/ql/lib/semmle/code/java/controlflow/BasicBlocks.qll b/java/ql/lib/semmle/code/java/controlflow/BasicBlocks.qll index 284ee1dad0c..4e65001d7f2 100644 --- a/java/ql/lib/semmle/code/java/controlflow/BasicBlocks.qll +++ b/java/ql/lib/semmle/code/java/controlflow/BasicBlocks.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with basic blocks in Java. */ +overlay[local?] +module; import java import Dominance diff --git a/java/ql/lib/semmle/code/java/controlflow/Dominance.qll b/java/ql/lib/semmle/code/java/controlflow/Dominance.qll index 6f0cb3d255c..8f53a554d48 100644 --- a/java/ql/lib/semmle/code/java/controlflow/Dominance.qll +++ b/java/ql/lib/semmle/code/java/controlflow/Dominance.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for control-flow graph dominance. */ +overlay[local?] +module; import java @@ -93,6 +95,7 @@ predicate iDominates(ControlFlowNode dominator, ControlFlowNode node) { } /** Holds if `dom` strictly dominates `node`. */ +overlay[caller] pragma[inline] predicate strictlyDominates(ControlFlowNode dom, ControlFlowNode node) { // This predicate is gigantic, so it must be inlined. @@ -102,6 +105,7 @@ predicate strictlyDominates(ControlFlowNode dom, ControlFlowNode node) { } /** Holds if `dom` dominates `node`. (This is reflexive.) */ +overlay[caller] pragma[inline] predicate dominates(ControlFlowNode dom, ControlFlowNode node) { // This predicate is gigantic, so it must be inlined. @@ -111,6 +115,7 @@ predicate dominates(ControlFlowNode dom, ControlFlowNode node) { } /** Holds if `dom` strictly post-dominates `node`. */ +overlay[caller] pragma[inline] predicate strictlyPostDominates(ControlFlowNode dom, ControlFlowNode node) { // This predicate is gigantic, so it must be inlined. @@ -120,6 +125,7 @@ predicate strictlyPostDominates(ControlFlowNode dom, ControlFlowNode node) { } /** Holds if `dom` post-dominates `node`. (This is reflexive.) */ +overlay[caller] pragma[inline] predicate postDominates(ControlFlowNode dom, ControlFlowNode node) { // This predicate is gigantic, so it must be inlined. diff --git a/java/ql/lib/semmle/code/java/controlflow/Guards.qll b/java/ql/lib/semmle/code/java/controlflow/Guards.qll index 4042e7b2962..9395e6dd8cc 100644 --- a/java/ql/lib/semmle/code/java/controlflow/Guards.qll +++ b/java/ql/lib/semmle/code/java/controlflow/Guards.qll @@ -2,6 +2,8 @@ * Provides classes and predicates for reasoning about guards and the control * flow elements controlled by those guards. */ +overlay[local?] +module; import java private import semmle.code.java.controlflow.Dominance diff --git a/java/ql/lib/semmle/code/java/controlflow/Paths.qll b/java/ql/lib/semmle/code/java/controlflow/Paths.qll index 8f87e19404a..fb14c226484 100644 --- a/java/ql/lib/semmle/code/java/controlflow/Paths.qll +++ b/java/ql/lib/semmle/code/java/controlflow/Paths.qll @@ -2,6 +2,8 @@ * This library provides predicates for reasoning about the set of all paths * through a callable. */ +overlay[local?] +module; import java import semmle.code.java.dispatch.VirtualDispatch diff --git a/java/ql/lib/semmle/code/java/controlflow/SuccessorType.qll b/java/ql/lib/semmle/code/java/controlflow/SuccessorType.qll index f03e4690a95..feabc47552f 100644 --- a/java/ql/lib/semmle/code/java/controlflow/SuccessorType.qll +++ b/java/ql/lib/semmle/code/java/controlflow/SuccessorType.qll @@ -1,6 +1,8 @@ /** * Provides different types of control flow successor types. */ +overlay[local?] +module; import java private import codeql.util.Boolean diff --git a/java/ql/lib/semmle/code/java/controlflow/UnreachableBlocks.qll b/java/ql/lib/semmle/code/java/controlflow/UnreachableBlocks.qll index 0ade780bc00..0247417c6bb 100644 --- a/java/ql/lib/semmle/code/java/controlflow/UnreachableBlocks.qll +++ b/java/ql/lib/semmle/code/java/controlflow/UnreachableBlocks.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for identifying unreachable blocks under a "closed-world" assumption. */ +overlay[local?] +module; import java import semmle.code.java.controlflow.Guards diff --git a/java/ql/lib/semmle/code/java/controlflow/internal/GuardsLogic.qll b/java/ql/lib/semmle/code/java/controlflow/internal/GuardsLogic.qll index 4cb3bc74f97..d5dc39d9e14 100644 --- a/java/ql/lib/semmle/code/java/controlflow/internal/GuardsLogic.qll +++ b/java/ql/lib/semmle/code/java/controlflow/internal/GuardsLogic.qll @@ -2,6 +2,8 @@ * Provides predicates for working with the internal logic of the `Guards` * library. */ +overlay[local?] +module; import java import semmle.code.java.controlflow.Guards diff --git a/java/ql/lib/semmle/code/java/controlflow/internal/Preconditions.qll b/java/ql/lib/semmle/code/java/controlflow/internal/Preconditions.qll index 6e6c5ec47f9..a0d2e4ef03e 100644 --- a/java/ql/lib/semmle/code/java/controlflow/internal/Preconditions.qll +++ b/java/ql/lib/semmle/code/java/controlflow/internal/Preconditions.qll @@ -3,6 +3,8 @@ * `com.google.common.base.Preconditions` and * `org.apache.commons.lang3.Validate`. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/controlflow/internal/SwitchCases.qll b/java/ql/lib/semmle/code/java/controlflow/internal/SwitchCases.qll index 1d94f075abb..5366fa78a53 100644 --- a/java/ql/lib/semmle/code/java/controlflow/internal/SwitchCases.qll +++ b/java/ql/lib/semmle/code/java/controlflow/internal/SwitchCases.qll @@ -1,4 +1,6 @@ /** Provides utility predicates relating to switch cases. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/controlflow/unreachableblocks/ExcludeDebuggingProfilingLogging.qll b/java/ql/lib/semmle/code/java/controlflow/unreachableblocks/ExcludeDebuggingProfilingLogging.qll index 7b7a5943f6c..bda7f9bee74 100644 --- a/java/ql/lib/semmle/code/java/controlflow/unreachableblocks/ExcludeDebuggingProfilingLogging.qll +++ b/java/ql/lib/semmle/code/java/controlflow/unreachableblocks/ExcludeDebuggingProfilingLogging.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.controlflow.UnreachableBlocks diff --git a/java/ql/lib/semmle/code/java/dataflow/ApiSinks.qll b/java/ql/lib/semmle/code/java/dataflow/ApiSinks.qll index c600bb1672d..56027a4507c 100644 --- a/java/ql/lib/semmle/code/java/dataflow/ApiSinks.qll +++ b/java/ql/lib/semmle/code/java/dataflow/ApiSinks.qll @@ -1,4 +1,6 @@ /** Provides classes representing various flow sinks for data flow / taint tracking. */ +overlay[local?] +module; private import semmle.code.java.dataflow.FlowSinks as FlowSinks diff --git a/java/ql/lib/semmle/code/java/dataflow/ApiSources.qll b/java/ql/lib/semmle/code/java/dataflow/ApiSources.qll index 8649b5cf830..add0ec0d9a5 100644 --- a/java/ql/lib/semmle/code/java/dataflow/ApiSources.qll +++ b/java/ql/lib/semmle/code/java/dataflow/ApiSources.qll @@ -1,4 +1,6 @@ /** Provides classes representing various flow sources for data flow / taint tracking. */ +overlay[local?] +module; private import semmle.code.java.dataflow.FlowSources as FlowSources diff --git a/java/ql/lib/semmle/code/java/dataflow/Bound.qll b/java/ql/lib/semmle/code/java/dataflow/Bound.qll index 08826b7ae8f..65af6fb13a8 100644 --- a/java/ql/lib/semmle/code/java/dataflow/Bound.qll +++ b/java/ql/lib/semmle/code/java/dataflow/Bound.qll @@ -1,6 +1,8 @@ /** * Provides classes for representing abstract bounds for use in, for example, range analysis. */ +overlay[local?] +module; private import internal.rangeanalysis.BoundSpecific diff --git a/java/ql/lib/semmle/code/java/dataflow/DataFlow.qll b/java/ql/lib/semmle/code/java/dataflow/DataFlow.qll index ab48577c02e..54eb809c7b9 100644 --- a/java/ql/lib/semmle/code/java/dataflow/DataFlow.qll +++ b/java/ql/lib/semmle/code/java/dataflow/DataFlow.qll @@ -2,6 +2,8 @@ * Provides classes for performing local (intra-procedural) and * global (inter-procedural) data flow analyses. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/dataflow/DefUse.qll b/java/ql/lib/semmle/code/java/dataflow/DefUse.qll index 9fa08d62c27..a93f2e30b46 100644 --- a/java/ql/lib/semmle/code/java/dataflow/DefUse.qll +++ b/java/ql/lib/semmle/code/java/dataflow/DefUse.qll @@ -2,6 +2,8 @@ * Provides classes and predicates for def-use and use-use pairs. Built on top of the SSA library for * maximal precision. */ +overlay[local?] +module; import java private import SSA diff --git a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll index a38e54f0513..d1849df0f3e 100644 --- a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll +++ b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll @@ -86,6 +86,8 @@ * This information is used in a heuristic for dataflow analysis to determine, if a * model or source code should be used for determining flow. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.DataFlow::DataFlow diff --git a/java/ql/lib/semmle/code/java/dataflow/FlowSinks.qll b/java/ql/lib/semmle/code/java/dataflow/FlowSinks.qll index 72cd96f6745..61066774e52 100644 --- a/java/ql/lib/semmle/code/java/dataflow/FlowSinks.qll +++ b/java/ql/lib/semmle/code/java/dataflow/FlowSinks.qll @@ -1,4 +1,6 @@ /** Provides classes representing various flow sinks for data flow / taint tracking. */ +overlay[local?] +module; private import java private import semmle.code.java.dataflow.ExternalFlow diff --git a/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll b/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll index f63eae183c4..8c6ac60eb24 100644 --- a/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll +++ b/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll @@ -1,6 +1,8 @@ /** * Provides classes representing various flow sources for taint tracking. */ +overlay[local?] +module; import java import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/dataflow/FlowSteps.qll b/java/ql/lib/semmle/code/java/dataflow/FlowSteps.qll index d081a6289ec..8bf2a468392 100644 --- a/java/ql/lib/semmle/code/java/dataflow/FlowSteps.qll +++ b/java/ql/lib/semmle/code/java/dataflow/FlowSteps.qll @@ -1,6 +1,8 @@ /** * Provides classes representing various flow steps for taint tracking. */ +overlay[local?] +module; private import java private import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/dataflow/FlowSummary.qll b/java/ql/lib/semmle/code/java/dataflow/FlowSummary.qll index acea2a10784..d038851d837 100644 --- a/java/ql/lib/semmle/code/java/dataflow/FlowSummary.qll +++ b/java/ql/lib/semmle/code/java/dataflow/FlowSummary.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for defining flow summaries. */ +overlay[local?] +module; import java private import internal.FlowSummaryImpl as Impl diff --git a/java/ql/lib/semmle/code/java/dataflow/InstanceAccess.qll b/java/ql/lib/semmle/code/java/dataflow/InstanceAccess.qll index 0bae1b5e9c1..feeb0d100c6 100644 --- a/java/ql/lib/semmle/code/java/dataflow/InstanceAccess.qll +++ b/java/ql/lib/semmle/code/java/dataflow/InstanceAccess.qll @@ -2,6 +2,8 @@ * Provides classes and predicates for reasoning about explicit and implicit * instance accesses. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/dataflow/IntegerGuards.qll b/java/ql/lib/semmle/code/java/dataflow/IntegerGuards.qll index 58d77b64978..817fa17d6a6 100644 --- a/java/ql/lib/semmle/code/java/dataflow/IntegerGuards.qll +++ b/java/ql/lib/semmle/code/java/dataflow/IntegerGuards.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for integer guards. */ +overlay[local?] +module; import java private import SSA diff --git a/java/ql/lib/semmle/code/java/dataflow/ModulusAnalysis.qll b/java/ql/lib/semmle/code/java/dataflow/ModulusAnalysis.qll index 3e5a45da247..1451a605cdb 100644 --- a/java/ql/lib/semmle/code/java/dataflow/ModulusAnalysis.qll +++ b/java/ql/lib/semmle/code/java/dataflow/ModulusAnalysis.qll @@ -3,6 +3,8 @@ * an expression, `b` is a `Bound` (typically zero or the value of an SSA * variable), and `v` is an integer in the range `[0 .. m-1]`. */ +overlay[local?] +module; private import internal.rangeanalysis.ModulusAnalysisSpecific::Private private import Bound diff --git a/java/ql/lib/semmle/code/java/dataflow/NullGuards.qll b/java/ql/lib/semmle/code/java/dataflow/NullGuards.qll index 2dd72d78a2e..5c6cdb919ef 100644 --- a/java/ql/lib/semmle/code/java/dataflow/NullGuards.qll +++ b/java/ql/lib/semmle/code/java/dataflow/NullGuards.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for null guards. */ +overlay[local?] +module; import java import SSA diff --git a/java/ql/lib/semmle/code/java/dataflow/Nullness.qll b/java/ql/lib/semmle/code/java/dataflow/Nullness.qll index 36ad96c497f..f3912277b33 100644 --- a/java/ql/lib/semmle/code/java/dataflow/Nullness.qll +++ b/java/ql/lib/semmle/code/java/dataflow/Nullness.qll @@ -6,6 +6,8 @@ * hold, so results guarded by, for example, `assert x != null;` or * `if (x == null) { assert false; }` are excluded. */ +overlay[local?] +module; /* * Implementation details: diff --git a/java/ql/lib/semmle/code/java/dataflow/RangeAnalysis.qll b/java/ql/lib/semmle/code/java/dataflow/RangeAnalysis.qll index 64f68b9c075..49ce242e4a4 100644 --- a/java/ql/lib/semmle/code/java/dataflow/RangeAnalysis.qll +++ b/java/ql/lib/semmle/code/java/dataflow/RangeAnalysis.qll @@ -8,6 +8,8 @@ * If an inferred bound relies directly on a condition, then this condition is * reported as the reason for the bound. */ +overlay[local?] +module; /* * This library tackles range analysis as a flow problem. Consider e.g.: diff --git a/java/ql/lib/semmle/code/java/dataflow/RangeUtils.qll b/java/ql/lib/semmle/code/java/dataflow/RangeUtils.qll index 444fec8f865..7d38d83b096 100644 --- a/java/ql/lib/semmle/code/java/dataflow/RangeUtils.qll +++ b/java/ql/lib/semmle/code/java/dataflow/RangeUtils.qll @@ -1,6 +1,8 @@ /** * Provides utility predicates for range analysis. */ +overlay[local?] +module; import java private import SSA diff --git a/java/ql/lib/semmle/code/java/dataflow/SSA.qll b/java/ql/lib/semmle/code/java/dataflow/SSA.qll index 680088b7c55..dd902b70e35 100644 --- a/java/ql/lib/semmle/code/java/dataflow/SSA.qll +++ b/java/ql/lib/semmle/code/java/dataflow/SSA.qll @@ -10,6 +10,8 @@ * of the field in case the field is not amenable to a non-trivial SSA * representation. */ +overlay[local?] +module; import java private import internal.SsaImpl diff --git a/java/ql/lib/semmle/code/java/dataflow/SignAnalysis.qll b/java/ql/lib/semmle/code/java/dataflow/SignAnalysis.qll index 9cd629f4ef9..568bc8b6d58 100644 --- a/java/ql/lib/semmle/code/java/dataflow/SignAnalysis.qll +++ b/java/ql/lib/semmle/code/java/dataflow/SignAnalysis.qll @@ -5,5 +5,7 @@ * The analysis is implemented as an abstract interpretation over the * three-valued domain `{negative, zero, positive}`. */ +overlay[local?] +module; import semmle.code.java.dataflow.internal.rangeanalysis.SignAnalysisCommon diff --git a/java/ql/lib/semmle/code/java/dataflow/StringPrefixes.qll b/java/ql/lib/semmle/code/java/dataflow/StringPrefixes.qll index ed10d8aa4bb..4b1bd0131bd 100644 --- a/java/ql/lib/semmle/code/java/dataflow/StringPrefixes.qll +++ b/java/ql/lib/semmle/code/java/dataflow/StringPrefixes.qll @@ -25,6 +25,8 @@ * String.format("%sfoo:%s", notSuffix, suffix4); * ``` */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.TaintTracking diff --git a/java/ql/lib/semmle/code/java/dataflow/TaintTracking.qll b/java/ql/lib/semmle/code/java/dataflow/TaintTracking.qll index e62850fbc38..159604a95bd 100644 --- a/java/ql/lib/semmle/code/java/dataflow/TaintTracking.qll +++ b/java/ql/lib/semmle/code/java/dataflow/TaintTracking.qll @@ -2,6 +2,8 @@ * Provides classes for performing local (intra-procedural) and * global (inter-procedural) taint-tracking analyses. */ +overlay[local?] +module; import semmle.code.java.dataflow.DataFlow import semmle.code.java.dataflow.internal.TaintTrackingUtil::StringBuilderVarModule diff --git a/java/ql/lib/semmle/code/java/dataflow/TypeFlow.qll b/java/ql/lib/semmle/code/java/dataflow/TypeFlow.qll index f2fcbc5951d..8ce9b1b9120 100644 --- a/java/ql/lib/semmle/code/java/dataflow/TypeFlow.qll +++ b/java/ql/lib/semmle/code/java/dataflow/TypeFlow.qll @@ -7,6 +7,8 @@ * type has a subtype or if an inferred upper bound passed through at least one * explicit or implicit cast that lost type information. */ +overlay[local?] +module; import java as J private import semmle.code.java.dispatch.VirtualDispatch diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/BaseSSA.qll b/java/ql/lib/semmle/code/java/dataflow/internal/BaseSSA.qll index 874aca87183..e01525eda8c 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/BaseSSA.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/BaseSSA.qll @@ -10,6 +10,8 @@ * This is a restricted version of SSA.qll that only handles `LocalScopeVariable`s * in order to not depend on virtual dispatch. */ +overlay[local?] +module; import java private import codeql.ssa.Ssa as SsaImplCommon diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/ContainerFlow.qll b/java/ql/lib/semmle/code/java/dataflow/internal/ContainerFlow.qll index e007ecd85ae..f9313959226 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/ContainerFlow.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/ContainerFlow.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.Collections import semmle.code.java.Maps diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/ContentDataFlow.qll b/java/ql/lib/semmle/code/java/dataflow/internal/ContentDataFlow.qll index 2c9b1217044..ec14f494dd9 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/ContentDataFlow.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/ContentDataFlow.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + private import java private import DataFlowImplSpecific private import codeql.dataflow.internal.ContentDataFlowImpl diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowDispatch.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowDispatch.qll index f63df6ad09e..9a1be72209a 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowDispatch.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowDispatch.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + private import java private import DataFlowPrivate private import DataFlowUtil @@ -210,6 +213,7 @@ private module DispatchImpl { } /** Holds if arguments at position `apos` match parameters at position `ppos`. */ + overlay[caller] pragma[inline] predicate parameterMatch(ParameterPosition ppos, ArgumentPosition apos) { ppos = apos } } diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll index 689e58daab8..1917c2007fe 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + private import DataFlowImplSpecific private import codeql.dataflow.internal.DataFlowImpl private import semmle.code.Location diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplCommon.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplCommon.qll index 00f388dfdf3..d9a6a98b459 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplCommon.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplCommon.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + private import DataFlowImplSpecific private import semmle.code.Location private import codeql.dataflow.internal.DataFlowImplCommon diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplConsistency.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplConsistency.qll index 0272af417ac..164bc9abbbd 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplConsistency.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplConsistency.qll @@ -2,6 +2,8 @@ * Provides consistency queries for checking invariants in the language-specific * data-flow classes and predicates. */ +overlay[local?] +module; private import java private import DataFlowImplSpecific diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplSpecific.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplSpecific.qll index 95b2baeab1c..65034ee08b9 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplSpecific.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplSpecific.qll @@ -1,6 +1,8 @@ /** * Provides Java-specific definitions for use in the data flow library. */ +overlay[local?] +module; private import semmle.code.Location private import codeql.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowNodes.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowNodes.qll index 7778f6ebc35..61063498b9e 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowNodes.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowNodes.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + private import java private import semmle.code.java.dataflow.InstanceAccess private import semmle.code.java.dataflow.ExternalFlow diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowPrivate.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowPrivate.qll index 9e924df1278..164e2d8aa26 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowPrivate.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowPrivate.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + private import java private import DataFlowUtil private import DataFlowImplCommon diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowUtil.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowUtil.qll index 6000c37c6cd..27cbefa8092 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowUtil.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowUtil.qll @@ -1,6 +1,8 @@ /** * Basic definitions for use in the data flow library. */ +overlay[local?] +module; private import java private import DataFlowPrivate @@ -77,6 +79,7 @@ private module ThisFlow { * Holds if data can flow from `node1` to `node2` in zero or more * local (intra-procedural) steps. */ +overlay[caller] pragma[inline] predicate localFlow(Node node1, Node node2) { node1 = node2 or localFlowStepPlus(node1, node2) } @@ -86,6 +89,7 @@ private predicate localFlowStepPlus(Node node1, Node node2) = fastTC(localFlowSt * Holds if data can flow from `e1` to `e2` in zero or more * local (intra-procedural) steps. */ +overlay[caller] pragma[inline] predicate localExprFlow(Expr e1, Expr e2) { localFlow(exprNode(e1), exprNode(e2)) } diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/ExternalFlowExtensions.qll b/java/ql/lib/semmle/code/java/dataflow/internal/ExternalFlowExtensions.qll index ff931cbc5ce..32b5d289e28 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/ExternalFlowExtensions.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/ExternalFlowExtensions.qll @@ -1,6 +1,8 @@ /** * This module provides extensible predicates for defining MaD models. */ +overlay[local?] +module; /** * Holds if a source model exists for the given parameters. diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll b/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll index bbb40785d6b..a2d25cadd88 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for defining flow summaries. */ +overlay[local?] +module; private import java private import codeql.dataflow.internal.FlowSummaryImpl diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/ModelExclusions.qll b/java/ql/lib/semmle/code/java/dataflow/internal/ModelExclusions.qll index cc95a2b5c1f..9635592476f 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/ModelExclusions.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/ModelExclusions.qll @@ -1,4 +1,6 @@ /** Provides classes and predicates for exclusions related to MaD models. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/SsaImpl.qll b/java/ql/lib/semmle/code/java/dataflow/internal/SsaImpl.qll index 2a1ea8b0e06..45ad9d0a73b 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/SsaImpl.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/SsaImpl.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java private import codeql.ssa.Ssa as SsaImplCommon private import semmle.code.java.dataflow.SSA diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/TaintTrackingImplSpecific.qll b/java/ql/lib/semmle/code/java/dataflow/internal/TaintTrackingImplSpecific.qll index 0f756200abe..1ac2c7c60fe 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/TaintTrackingImplSpecific.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/TaintTrackingImplSpecific.qll @@ -1,6 +1,8 @@ /** * Provides Java-specific definitions for use in the taint tracking library. */ +overlay[local?] +module; private import codeql.dataflow.TaintTracking private import DataFlowImplSpecific diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll b/java/ql/lib/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll index d4890b96f8e..ed0163d13a7 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + private import java private import semmle.code.java.dataflow.DataFlow private import semmle.code.java.Collections @@ -20,6 +23,7 @@ private import semmle.code.java.frameworks.JaxWS * Holds if taint can flow from `src` to `sink` in zero or more * local (intra-procedural) steps. */ +overlay[caller] pragma[inline] predicate localTaint(DataFlow::Node src, DataFlow::Node sink) { localTaintStep*(src, sink) } @@ -27,6 +31,7 @@ predicate localTaint(DataFlow::Node src, DataFlow::Node sink) { localTaintStep*( * Holds if taint can flow from `src` to `sink` in zero or more * local (intra-procedural) steps. */ +overlay[caller] pragma[inline] predicate localExprTaint(Expr src, Expr sink) { localTaint(DataFlow::exprNode(src), DataFlow::exprNode(sink)) @@ -69,6 +74,7 @@ module LocalTaintFlow { * (intra-procedural) steps that are restricted to be part of a path between * `source` and `sink`. */ + overlay[caller] pragma[inline] predicate hasFlow(DataFlow::Node n1, DataFlow::Node n2) { step*(n1, n2) } @@ -77,6 +83,7 @@ module LocalTaintFlow { * (intra-procedural) steps that are restricted to be part of a path between * `source` and `sink`. */ + overlay[caller] pragma[inline] predicate hasExprFlow(Expr n1, Expr n2) { hasFlow(DataFlow::exprNode(n1), DataFlow::exprNode(n2)) diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/BoundSpecific.qll b/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/BoundSpecific.qll index 0af549f1f7e..a1c690b7df4 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/BoundSpecific.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/BoundSpecific.qll @@ -1,6 +1,8 @@ /** * Provides Java-specific definitions for bounds. */ +overlay[local?] +module; private import java as J private import semmle.code.java.dataflow.SSA as Ssa diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/ModulusAnalysisSpecific.qll b/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/ModulusAnalysisSpecific.qll index b639947793b..ae77ab7ea01 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/ModulusAnalysisSpecific.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/ModulusAnalysisSpecific.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + module Private { private import java as J private import semmle.code.java.dataflow.SSA as Ssa diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/Sign.qll b/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/Sign.qll index 30cc089f30b..a8b71564832 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/Sign.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/Sign.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + newtype TSign = TNeg() or TZero() or diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/SignAnalysisCommon.qll b/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/SignAnalysisCommon.qll index 6f0067517f9..8f8d884c956 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/SignAnalysisCommon.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/SignAnalysisCommon.qll @@ -5,6 +5,8 @@ * The analysis is implemented as an abstract interpretation over the * three-valued domain `{negative, zero, positive}`. */ +overlay[local?] +module; private import SignAnalysisSpecific::Private private import SsaReadPositionCommon diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/SignAnalysisSpecific.qll b/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/SignAnalysisSpecific.qll index 04e896b2601..10026e0a53d 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/SignAnalysisSpecific.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/SignAnalysisSpecific.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + /** * Provides Java-specific definitions for use in sign analysis. */ diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/SsaReadPositionCommon.qll b/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/SsaReadPositionCommon.qll index 08335f6680d..1e3c4db95be 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/SsaReadPositionCommon.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/SsaReadPositionCommon.qll @@ -1,6 +1,8 @@ /** * Provides classes for representing a position at which an SSA variable is read. */ +overlay[local?] +module; private import SsaReadPositionSpecific import SsaReadPositionSpecific::Public diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/SsaReadPositionSpecific.qll b/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/SsaReadPositionSpecific.qll index 9b081150e89..dbd7736acde 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/SsaReadPositionSpecific.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/SsaReadPositionSpecific.qll @@ -1,6 +1,8 @@ /** * Provides Java-specific definitions for use in the `SsaReadPosition`. */ +overlay[local?] +module; private import semmle.code.java.dataflow.SSA as Ssa private import semmle.code.java.controlflow.BasicBlocks as BB diff --git a/java/ql/lib/semmle/code/java/deadcode/DeadCode.qll b/java/ql/lib/semmle/code/java/deadcode/DeadCode.qll index cab159b1804..140d5e9e2c8 100644 --- a/java/ql/lib/semmle/code/java/deadcode/DeadCode.qll +++ b/java/ql/lib/semmle/code/java/deadcode/DeadCode.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.deadcode.DeadEnumConstant import semmle.code.java.deadcode.DeadCodeCustomizations diff --git a/java/ql/lib/semmle/code/java/deadcode/DeadEnumConstant.qll b/java/ql/lib/semmle/code/java/deadcode/DeadEnumConstant.qll index e87671dba71..3a8491b8428 100644 --- a/java/ql/lib/semmle/code/java/deadcode/DeadEnumConstant.qll +++ b/java/ql/lib/semmle/code/java/deadcode/DeadEnumConstant.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java /** diff --git a/java/ql/lib/semmle/code/java/deadcode/DeadField.qll b/java/ql/lib/semmle/code/java/deadcode/DeadField.qll index 2dcbb96f3b5..016350f23ec 100644 --- a/java/ql/lib/semmle/code/java/deadcode/DeadField.qll +++ b/java/ql/lib/semmle/code/java/deadcode/DeadField.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.deadcode.DeadCode import semmle.code.java.frameworks.javaee.Persistence diff --git a/java/ql/lib/semmle/code/java/deadcode/EntryPoints.qll b/java/ql/lib/semmle/code/java/deadcode/EntryPoints.qll index 7c0a2fdc2d3..ec8ad6e2d4f 100644 --- a/java/ql/lib/semmle/code/java/deadcode/EntryPoints.qll +++ b/java/ql/lib/semmle/code/java/deadcode/EntryPoints.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.deadcode.DeadCode import semmle.code.java.deadcode.frameworks.CamelEntryPoints diff --git a/java/ql/lib/semmle/code/java/deadcode/SpringEntryPoints.qll b/java/ql/lib/semmle/code/java/deadcode/SpringEntryPoints.qll index f280d9bf828..7ee7416cecc 100644 --- a/java/ql/lib/semmle/code/java/deadcode/SpringEntryPoints.qll +++ b/java/ql/lib/semmle/code/java/deadcode/SpringEntryPoints.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.deadcode.DeadCode import semmle.code.java.frameworks.spring.Spring diff --git a/java/ql/lib/semmle/code/java/deadcode/StrutsEntryPoints.qll b/java/ql/lib/semmle/code/java/deadcode/StrutsEntryPoints.qll index 86910a921f8..a40417debcb 100644 --- a/java/ql/lib/semmle/code/java/deadcode/StrutsEntryPoints.qll +++ b/java/ql/lib/semmle/code/java/deadcode/StrutsEntryPoints.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.deadcode.DeadCode import semmle.code.java.frameworks.struts.StrutsActions diff --git a/java/ql/lib/semmle/code/java/deadcode/TestEntryPoints.qll b/java/ql/lib/semmle/code/java/deadcode/TestEntryPoints.qll index b8013d2947a..d8674817b17 100644 --- a/java/ql/lib/semmle/code/java/deadcode/TestEntryPoints.qll +++ b/java/ql/lib/semmle/code/java/deadcode/TestEntryPoints.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.deadcode.DeadCode import semmle.code.java.frameworks.Cucumber diff --git a/java/ql/lib/semmle/code/java/deadcode/WebEntryPoints.qll b/java/ql/lib/semmle/code/java/deadcode/WebEntryPoints.qll index fc2d5f69df9..df9ef0a7b7c 100644 --- a/java/ql/lib/semmle/code/java/deadcode/WebEntryPoints.qll +++ b/java/ql/lib/semmle/code/java/deadcode/WebEntryPoints.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.deadcode.DeadCode import semmle.code.java.frameworks.gwt.GWT diff --git a/java/ql/lib/semmle/code/java/deadcode/frameworks/CamelEntryPoints.qll b/java/ql/lib/semmle/code/java/deadcode/frameworks/CamelEntryPoints.qll index a96565c606e..453d75e179b 100644 --- a/java/ql/lib/semmle/code/java/deadcode/frameworks/CamelEntryPoints.qll +++ b/java/ql/lib/semmle/code/java/deadcode/frameworks/CamelEntryPoints.qll @@ -1,6 +1,8 @@ /** * Apache Camel is a messaging framework, which can integrate with Spring. */ +overlay[local?] +module; import java import semmle.code.java.deadcode.DeadCode diff --git a/java/ql/lib/semmle/code/java/deadcode/frameworks/FitNesseEntryPoints.qll b/java/ql/lib/semmle/code/java/deadcode/frameworks/FitNesseEntryPoints.qll index a829ccef7d2..c817a9b7dac 100644 --- a/java/ql/lib/semmle/code/java/deadcode/frameworks/FitNesseEntryPoints.qll +++ b/java/ql/lib/semmle/code/java/deadcode/frameworks/FitNesseEntryPoints.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import default import semmle.code.java.deadcode.DeadCode import external.ExternalArtifact diff --git a/java/ql/lib/semmle/code/java/deadcode/frameworks/GigaSpacesXAPEntryPoints.qll b/java/ql/lib/semmle/code/java/deadcode/frameworks/GigaSpacesXAPEntryPoints.qll index 39cb18db80a..3e231e23fc3 100644 --- a/java/ql/lib/semmle/code/java/deadcode/frameworks/GigaSpacesXAPEntryPoints.qll +++ b/java/ql/lib/semmle/code/java/deadcode/frameworks/GigaSpacesXAPEntryPoints.qll @@ -1,6 +1,8 @@ /** * GigaSpaces XAP (eXtreme Application Platform) is a distributed in-memory "datagrid". */ +overlay[local?] +module; import java import semmle.code.java.deadcode.DeadCode diff --git a/java/ql/lib/semmle/code/java/dispatch/DispatchFlow.qll b/java/ql/lib/semmle/code/java/dispatch/DispatchFlow.qll index bd293eed6b3..a9988e920c6 100644 --- a/java/ql/lib/semmle/code/java/dispatch/DispatchFlow.qll +++ b/java/ql/lib/semmle/code/java/dispatch/DispatchFlow.qll @@ -5,6 +5,8 @@ * data flow check for lambdas, anonymous classes, and other sufficiently * private classes where all object instantiations are accounted for. */ +overlay[local?] +module; import java private import VirtualDispatch diff --git a/java/ql/lib/semmle/code/java/dispatch/ObjFlow.qll b/java/ql/lib/semmle/code/java/dispatch/ObjFlow.qll index 293ba894fdf..12fe1cba5e9 100644 --- a/java/ql/lib/semmle/code/java/dispatch/ObjFlow.qll +++ b/java/ql/lib/semmle/code/java/dispatch/ObjFlow.qll @@ -6,6 +6,8 @@ * The set of dispatch targets for `Object.toString()` calls are reduced based * on possible data flow from objects of more specific types to the qualifier. */ +overlay[local?] +module; import java private import VirtualDispatch diff --git a/java/ql/lib/semmle/code/java/dispatch/VirtualDispatch.qll b/java/ql/lib/semmle/code/java/dispatch/VirtualDispatch.qll index 78bf1ad0bdc..877a62fb945 100644 --- a/java/ql/lib/semmle/code/java/dispatch/VirtualDispatch.qll +++ b/java/ql/lib/semmle/code/java/dispatch/VirtualDispatch.qll @@ -2,6 +2,8 @@ * Provides predicates for reasoning about runtime call targets through virtual * dispatch. */ +overlay[local?] +module; import java import semmle.code.java.dataflow.TypeFlow diff --git a/java/ql/lib/semmle/code/java/dispatch/WrappedInvocation.qll b/java/ql/lib/semmle/code/java/dispatch/WrappedInvocation.qll index f7840f19785..e76c252662a 100644 --- a/java/ql/lib/semmle/code/java/dispatch/WrappedInvocation.qll +++ b/java/ql/lib/semmle/code/java/dispatch/WrappedInvocation.qll @@ -2,6 +2,8 @@ * Provides classes and predicates for reasoning about calls that may invoke one * of their arguments. */ +overlay[local?] +module; import java import VirtualDispatch diff --git a/java/ql/lib/semmle/code/java/dispatch/internal/Unification.qll b/java/ql/lib/semmle/code/java/dispatch/internal/Unification.qll index 6c92f7298d9..cd585de58e4 100644 --- a/java/ql/lib/semmle/code/java/dispatch/internal/Unification.qll +++ b/java/ql/lib/semmle/code/java/dispatch/internal/Unification.qll @@ -1,6 +1,8 @@ /** * Provides a module to check whether two `ParameterizedType`s are unifiable. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/environment/SystemProperty.qll b/java/ql/lib/semmle/code/java/environment/SystemProperty.qll index bee91d7c6b7..add93ee56c3 100644 --- a/java/ql/lib/semmle/code/java/environment/SystemProperty.qll +++ b/java/ql/lib/semmle/code/java/environment/SystemProperty.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with java system properties. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/frameworks/ApacheHttp.qll b/java/ql/lib/semmle/code/java/frameworks/ApacheHttp.qll index 61f6aa9a34e..73078c1da83 100644 --- a/java/ql/lib/semmle/code/java/frameworks/ApacheHttp.qll +++ b/java/ql/lib/semmle/code/java/frameworks/ApacheHttp.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates related to `org.apache.http.*` and `org.apache.hc.*`. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.FlowSteps diff --git a/java/ql/lib/semmle/code/java/frameworks/ApacheLdap.qll b/java/ql/lib/semmle/code/java/frameworks/ApacheLdap.qll index 8bcba2f044e..6d76caf36d5 100644 --- a/java/ql/lib/semmle/code/java/frameworks/ApacheLdap.qll +++ b/java/ql/lib/semmle/code/java/frameworks/ApacheLdap.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with the Apache LDAP API. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/Assertions.qll b/java/ql/lib/semmle/code/java/frameworks/Assertions.qll index e1601c854e4..9849be5f360 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Assertions.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Assertions.qll @@ -5,6 +5,8 @@ * `org.junit.jupiter.api.Assertions`, `com.google.common.base.Preconditions`, * and `java.util.Objects`. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/Camel.qll b/java/ql/lib/semmle/code/java/frameworks/Camel.qll index 381ee3cb28e..137855b5fa1 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Camel.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Camel.qll @@ -1,6 +1,8 @@ /** * Apache Camel messaging framework. */ +overlay[local?] +module; import java import semmle.code.java.frameworks.spring.SpringCamel diff --git a/java/ql/lib/semmle/code/java/frameworks/Castor.qll b/java/ql/lib/semmle/code/java/frameworks/Castor.qll index f1e1b825725..2becb2fbf17 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Castor.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Castor.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with the Castor framework. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/Cucumber.qll b/java/ql/lib/semmle/code/java/frameworks/Cucumber.qll index 9bcfb24bae5..15e71a25f89 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Cucumber.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Cucumber.qll @@ -1,6 +1,8 @@ /** * Cucumber is an open-source project for writing executable acceptance tests in human-readable `.feature` files. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/FastJson.qll b/java/ql/lib/semmle/code/java/frameworks/FastJson.qll index c9f7d9e8b89..305f795017a 100644 --- a/java/ql/lib/semmle/code/java/frameworks/FastJson.qll +++ b/java/ql/lib/semmle/code/java/frameworks/FastJson.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with the FastJson framework. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/Flexjson.qll b/java/ql/lib/semmle/code/java/frameworks/Flexjson.qll index 55a8e262438..2e5cb2ce959 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Flexjson.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Flexjson.qll @@ -1,6 +1,8 @@ /** * Provides classes for working with the Flexjson framework. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/Guice.qll b/java/ql/lib/semmle/code/java/frameworks/Guice.qll index 8dfb6398398..bf6a3d5467c 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Guice.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Guice.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with the Guice framework. */ +overlay[local?] +module; import java import semmle.code.java.dataflow.FlowSteps diff --git a/java/ql/lib/semmle/code/java/frameworks/HessianBurlap.qll b/java/ql/lib/semmle/code/java/frameworks/HessianBurlap.qll index e3c5269e5b2..3a10b75a2a6 100644 --- a/java/ql/lib/semmle/code/java/frameworks/HessianBurlap.qll +++ b/java/ql/lib/semmle/code/java/frameworks/HessianBurlap.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with the HessianBurlap framework. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/Hibernate.qll b/java/ql/lib/semmle/code/java/frameworks/Hibernate.qll index 28b28101454..4e5050b412c 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Hibernate.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Hibernate.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with the Hibernate framework. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/InputStream.qll b/java/ql/lib/semmle/code/java/frameworks/InputStream.qll index 8f37ecc24ea..f6097e8c449 100644 --- a/java/ql/lib/semmle/code/java/frameworks/InputStream.qll +++ b/java/ql/lib/semmle/code/java/frameworks/InputStream.qll @@ -1,4 +1,6 @@ /** Provides definitions related to `java.io.InputStream`. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/frameworks/IoJsonWebToken.qll b/java/ql/lib/semmle/code/java/frameworks/IoJsonWebToken.qll index 3da90bb7e67..b4573013295 100644 --- a/java/ql/lib/semmle/code/java/frameworks/IoJsonWebToken.qll +++ b/java/ql/lib/semmle/code/java/frameworks/IoJsonWebToken.qll @@ -1,4 +1,6 @@ /** Predicates and classes to reason about the `io.jsonwebtoken` library. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/frameworks/JAXB.qll b/java/ql/lib/semmle/code/java/frameworks/JAXB.qll index e25add17ccb..96075bbccf3 100644 --- a/java/ql/lib/semmle/code/java/frameworks/JAXB.qll +++ b/java/ql/lib/semmle/code/java/frameworks/JAXB.qll @@ -1,4 +1,6 @@ /** Definitions related to JAXB. */ +overlay[local?] +module; import semmle.code.java.Type diff --git a/java/ql/lib/semmle/code/java/frameworks/JUnitAnnotations.qll b/java/ql/lib/semmle/code/java/frameworks/JUnitAnnotations.qll index d74fe683f06..ad58cd486e1 100644 --- a/java/ql/lib/semmle/code/java/frameworks/JUnitAnnotations.qll +++ b/java/ql/lib/semmle/code/java/frameworks/JUnitAnnotations.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with annotations from the `JUnit` framework. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/JYaml.qll b/java/ql/lib/semmle/code/java/frameworks/JYaml.qll index 9d77b86f6c1..cd9414521c4 100644 --- a/java/ql/lib/semmle/code/java/frameworks/JYaml.qll +++ b/java/ql/lib/semmle/code/java/frameworks/JYaml.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with the JYaml framework. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/Jabsorb.qll b/java/ql/lib/semmle/code/java/frameworks/Jabsorb.qll index eede97b411c..e8bb82f156f 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Jabsorb.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Jabsorb.qll @@ -1,6 +1,8 @@ /** * Provides classes for working with the Jabsorb JSON-RPC ORB framework. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/Jackson.qll b/java/ql/lib/semmle/code/java/frameworks/Jackson.qll index 605370ec594..5c1d0275923 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Jackson.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Jackson.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with the Jackson serialization framework. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/frameworks/JavaxAnnotations.qll b/java/ql/lib/semmle/code/java/frameworks/JavaxAnnotations.qll index 0f5da6c39ea..22f33d346df 100644 --- a/java/ql/lib/semmle/code/java/frameworks/JavaxAnnotations.qll +++ b/java/ql/lib/semmle/code/java/frameworks/JavaxAnnotations.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with annotations in the `javax` package. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/JaxWS.qll b/java/ql/lib/semmle/code/java/frameworks/JaxWS.qll index a0f891fd36e..62289f737c0 100644 --- a/java/ql/lib/semmle/code/java/frameworks/JaxWS.qll +++ b/java/ql/lib/semmle/code/java/frameworks/JaxWS.qll @@ -2,6 +2,8 @@ * Definitions relating to JAX-WS (Java/Jakarta API for XML Web Services) and JAX-RS * (Java/Jakarta API for RESTful Web Services). */ +overlay[local?] +module; import java private import semmle.code.java.frameworks.Networking diff --git a/java/ql/lib/semmle/code/java/frameworks/Jdbc.qll b/java/ql/lib/semmle/code/java/frameworks/Jdbc.qll index 37be7dcf09a..c7172527d1f 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Jdbc.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Jdbc.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with the Java JDBC API. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/Jms.qll b/java/ql/lib/semmle/code/java/frameworks/Jms.qll index 653582100bd..3cc76771a77 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Jms.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Jms.qll @@ -1,4 +1,6 @@ /** Provides definitions for working with the JMS library. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/Jndi.qll b/java/ql/lib/semmle/code/java/frameworks/Jndi.qll index 267cdcd59dc..0d7d481dc1d 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Jndi.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Jndi.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with the Java JNDI API. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/JoddJson.qll b/java/ql/lib/semmle/code/java/frameworks/JoddJson.qll index d92b80ca32b..3f28b2e8c7e 100644 --- a/java/ql/lib/semmle/code/java/frameworks/JoddJson.qll +++ b/java/ql/lib/semmle/code/java/frameworks/JoddJson.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with the Jodd JSON framework. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/JsonIo.qll b/java/ql/lib/semmle/code/java/frameworks/JsonIo.qll index 85f3a5ef06b..433277a6472 100644 --- a/java/ql/lib/semmle/code/java/frameworks/JsonIo.qll +++ b/java/ql/lib/semmle/code/java/frameworks/JsonIo.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with the Json-io framework. */ +overlay[local?] +module; import java import semmle.code.java.Maps diff --git a/java/ql/lib/semmle/code/java/frameworks/Kryo.qll b/java/ql/lib/semmle/code/java/frameworks/Kryo.qll index 7dde62c4ba4..77a423a8a9e 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Kryo.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Kryo.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with the Kryo serialization framework. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/frameworks/Lombok.qll b/java/ql/lib/semmle/code/java/frameworks/Lombok.qll index 39ee7c5393d..84a890c498f 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Lombok.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Lombok.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for identifying use of the Lombok framework. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/Mail.qll b/java/ql/lib/semmle/code/java/frameworks/Mail.qll index eeb9665dc2e..c61e5ae34f9 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Mail.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Mail.qll @@ -1,4 +1,6 @@ /** Provides classes and predicates to work with email */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/Mockito.qll b/java/ql/lib/semmle/code/java/frameworks/Mockito.qll index 0f5971a68ac..1a8d987a38e 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Mockito.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Mockito.qll @@ -3,6 +3,8 @@ * * QL classes are provided for detecting uses of Mockito annotations on fields. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/MyBatis.qll b/java/ql/lib/semmle/code/java/frameworks/MyBatis.qll index c7fc09a33b4..e3f89186821 100644 --- a/java/ql/lib/semmle/code/java/frameworks/MyBatis.qll +++ b/java/ql/lib/semmle/code/java/frameworks/MyBatis.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with the MyBatis framework. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/frameworks/Netty.qll b/java/ql/lib/semmle/code/java/frameworks/Netty.qll index 9a72c7f6404..caaa429d69e 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Netty.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Netty.qll @@ -1,4 +1,6 @@ /** Provides definitions related to the Netty framework. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/Networking.qll b/java/ql/lib/semmle/code/java/frameworks/Networking.qll index 1139d0d0062..6eeb5aa9024 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Networking.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Networking.qll @@ -1,6 +1,8 @@ /** * Definitions related to `java.net.*`. */ +overlay[local?] +module; import semmle.code.java.Type private import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/frameworks/OpenSaml.qll b/java/ql/lib/semmle/code/java/frameworks/OpenSaml.qll index c8b9a320ec1..5327db3af86 100644 --- a/java/ql/lib/semmle/code/java/frameworks/OpenSaml.qll +++ b/java/ql/lib/semmle/code/java/frameworks/OpenSaml.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with the OpenSAML libraries. */ +overlay[local?] +module; import java private import semmle.code.java.security.InsecureRandomnessQuery diff --git a/java/ql/lib/semmle/code/java/frameworks/Properties.qll b/java/ql/lib/semmle/code/java/frameworks/Properties.qll index 15e7b687885..50a13c23674 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Properties.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Properties.qll @@ -1,4 +1,6 @@ /** Definitions related to `java.util.Properties`. */ +overlay[local?] +module; import semmle.code.java.Type private import semmle.code.java.dataflow.FlowSteps diff --git a/java/ql/lib/semmle/code/java/frameworks/Protobuf.qll b/java/ql/lib/semmle/code/java/frameworks/Protobuf.qll index 14224bc148d..bbaa56f4611 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Protobuf.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Protobuf.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with the Protobuf framework. */ +overlay[local?] +module; import java import semmle.code.java.dataflow.FlowSteps diff --git a/java/ql/lib/semmle/code/java/frameworks/Regex.qll b/java/ql/lib/semmle/code/java/frameworks/Regex.qll index 780dec48b92..f63f46c3878 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Regex.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Regex.qll @@ -1,4 +1,6 @@ /** Definitions related to `java.util.regex`. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/Rmi.qll b/java/ql/lib/semmle/code/java/frameworks/Rmi.qll index 922f90bccb6..03ea238982d 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Rmi.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Rmi.qll @@ -1,4 +1,6 @@ /** Remote Method Invocation. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/Selenium.qll b/java/ql/lib/semmle/code/java/frameworks/Selenium.qll index 0ea61ae0ecf..6a85d5b0915 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Selenium.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Selenium.qll @@ -2,6 +2,8 @@ * Provides classes and predicates for identifying classes reflectively constructed by Selenium using the * `PageFactory.initElements(...)` method. */ +overlay[local?] +module; import default import semmle.code.java.Reflection diff --git a/java/ql/lib/semmle/code/java/frameworks/Servlets.qll b/java/ql/lib/semmle/code/java/frameworks/Servlets.qll index 80e80c019b0..7d7beb74fc3 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Servlets.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Servlets.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with the Java Servlet API. */ +overlay[local?] +module; import semmle.code.java.Type diff --git a/java/ql/lib/semmle/code/java/frameworks/SnakeYaml.qll b/java/ql/lib/semmle/code/java/frameworks/SnakeYaml.qll index 3bde3291218..0edbad2196e 100644 --- a/java/ql/lib/semmle/code/java/frameworks/SnakeYaml.qll +++ b/java/ql/lib/semmle/code/java/frameworks/SnakeYaml.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with the SnakeYaml serialization framework. */ +overlay[local?] +module; import java import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/frameworks/SpringJdbc.qll b/java/ql/lib/semmle/code/java/frameworks/SpringJdbc.qll index 82eedca44e8..192e579a4f6 100644 --- a/java/ql/lib/semmle/code/java/frameworks/SpringJdbc.qll +++ b/java/ql/lib/semmle/code/java/frameworks/SpringJdbc.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with the Spring JDBC framework. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/SpringLdap.qll b/java/ql/lib/semmle/code/java/frameworks/SpringLdap.qll index da40caf3744..79c3739dde4 100644 --- a/java/ql/lib/semmle/code/java/frameworks/SpringLdap.qll +++ b/java/ql/lib/semmle/code/java/frameworks/SpringLdap.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with the Spring LDAP API. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/SpringWeb.qll b/java/ql/lib/semmle/code/java/frameworks/SpringWeb.qll index a011af98cd5..9bb856e2260 100644 --- a/java/ql/lib/semmle/code/java/frameworks/SpringWeb.qll +++ b/java/ql/lib/semmle/code/java/frameworks/SpringWeb.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import spring.SpringController import spring.SpringWeb diff --git a/java/ql/lib/semmle/code/java/frameworks/Stream.qll b/java/ql/lib/semmle/code/java/frameworks/Stream.qll index a449f8bd99a..8927355d637 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Stream.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Stream.qll @@ -1,4 +1,6 @@ /** Definitions related to `java.util.stream`. */ +overlay[local?] +module; private import semmle.code.java.dataflow.FlowSummary diff --git a/java/ql/lib/semmle/code/java/frameworks/ThreadLocal.qll b/java/ql/lib/semmle/code/java/frameworks/ThreadLocal.qll index 826eed8dffc..c813c0383eb 100644 --- a/java/ql/lib/semmle/code/java/frameworks/ThreadLocal.qll +++ b/java/ql/lib/semmle/code/java/frameworks/ThreadLocal.qll @@ -1,4 +1,6 @@ /** Definitions related to `java.lang.ThreadLocal`. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/frameworks/Thrift.qll b/java/ql/lib/semmle/code/java/frameworks/Thrift.qll index 4e07a2730dc..5272745b4e9 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Thrift.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Thrift.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with the Apache Thrift framework. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/UnboundId.qll b/java/ql/lib/semmle/code/java/frameworks/UnboundId.qll index bfb7a660424..6359fbf2afb 100644 --- a/java/ql/lib/semmle/code/java/frameworks/UnboundId.qll +++ b/java/ql/lib/semmle/code/java/frameworks/UnboundId.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with the UnboundID API. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/XStream.qll b/java/ql/lib/semmle/code/java/frameworks/XStream.qll index 0e62459e13d..aca6117023e 100644 --- a/java/ql/lib/semmle/code/java/frameworks/XStream.qll +++ b/java/ql/lib/semmle/code/java/frameworks/XStream.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with the XStream XML serialization framework. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/YamlBeans.qll b/java/ql/lib/semmle/code/java/frameworks/YamlBeans.qll index b5db59926be..040ae60fc71 100644 --- a/java/ql/lib/semmle/code/java/frameworks/YamlBeans.qll +++ b/java/ql/lib/semmle/code/java/frameworks/YamlBeans.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with the YamlBeans framework. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/android/Android.qll b/java/ql/lib/semmle/code/java/frameworks/android/Android.qll index befcc036205..85df4366ec2 100644 --- a/java/ql/lib/semmle/code/java/frameworks/android/Android.qll +++ b/java/ql/lib/semmle/code/java/frameworks/android/Android.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with Android components. */ +overlay[local?] +module; import java private import semmle.code.xml.AndroidManifest diff --git a/java/ql/lib/semmle/code/java/frameworks/android/AsyncTask.qll b/java/ql/lib/semmle/code/java/frameworks/android/AsyncTask.qll index 226a8070945..1aba64a4c7e 100644 --- a/java/ql/lib/semmle/code/java/frameworks/android/AsyncTask.qll +++ b/java/ql/lib/semmle/code/java/frameworks/android/AsyncTask.qll @@ -1,4 +1,6 @@ /** Provides classes and predicates to reason about `AsyncTask`s in Android. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/frameworks/android/Compose.qll b/java/ql/lib/semmle/code/java/frameworks/android/Compose.qll index 0e6399cba1f..9123600d4e4 100644 --- a/java/ql/lib/semmle/code/java/frameworks/android/Compose.qll +++ b/java/ql/lib/semmle/code/java/frameworks/android/Compose.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with components generated by the Android's Jetpack Compose compiler. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/android/ContentProviders.qll b/java/ql/lib/semmle/code/java/frameworks/android/ContentProviders.qll index 7bcd4baa3e5..f344377b9cd 100644 --- a/java/ql/lib/semmle/code/java/frameworks/android/ContentProviders.qll +++ b/java/ql/lib/semmle/code/java/frameworks/android/ContentProviders.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with Content Providers. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/android/ExternalStorage.qll b/java/ql/lib/semmle/code/java/frameworks/android/ExternalStorage.qll index 7eb088a9514..c07ddea6dba 100644 --- a/java/ql/lib/semmle/code/java/frameworks/android/ExternalStorage.qll +++ b/java/ql/lib/semmle/code/java/frameworks/android/ExternalStorage.qll @@ -1,4 +1,6 @@ /** Provides definitions for working with uses of Android external storage */ +overlay[local?] +module; import java private import semmle.code.java.security.FileReadWrite diff --git a/java/ql/lib/semmle/code/java/frameworks/android/Fragment.qll b/java/ql/lib/semmle/code/java/frameworks/android/Fragment.qll index debdd69e194..64c92955ee7 100644 --- a/java/ql/lib/semmle/code/java/frameworks/android/Fragment.qll +++ b/java/ql/lib/semmle/code/java/frameworks/android/Fragment.qll @@ -1,4 +1,6 @@ /** Provides classes and predicates to track Android fragments. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/android/Intent.qll b/java/ql/lib/semmle/code/java/frameworks/android/Intent.qll index 6e321b0ad90..c3b58873d1f 100644 --- a/java/ql/lib/semmle/code/java/frameworks/android/Intent.qll +++ b/java/ql/lib/semmle/code/java/frameworks/android/Intent.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java private import semmle.code.java.frameworks.android.Android private import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/frameworks/android/Layout.qll b/java/ql/lib/semmle/code/java/frameworks/android/Layout.qll index ee430b62d57..0f6f5d845b8 100644 --- a/java/ql/lib/semmle/code/java/frameworks/android/Layout.qll +++ b/java/ql/lib/semmle/code/java/frameworks/android/Layout.qll @@ -1,4 +1,6 @@ /** Provides classes and predicates for working with Android layouts and UI elements. */ +overlay[local?] +module; import java import semmle.code.xml.AndroidManifest diff --git a/java/ql/lib/semmle/code/java/frameworks/android/OnActivityResultSource.qll b/java/ql/lib/semmle/code/java/frameworks/android/OnActivityResultSource.qll index 5253526f0fd..5a1a9bf8c7a 100644 --- a/java/ql/lib/semmle/code/java/frameworks/android/OnActivityResultSource.qll +++ b/java/ql/lib/semmle/code/java/frameworks/android/OnActivityResultSource.qll @@ -1,4 +1,6 @@ /** Provides a remote flow source for Android's `Activity.onActivityResult` method. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/frameworks/android/PendingIntent.qll b/java/ql/lib/semmle/code/java/frameworks/android/PendingIntent.qll index 1c17d3c9b8d..720be6dce03 100644 --- a/java/ql/lib/semmle/code/java/frameworks/android/PendingIntent.qll +++ b/java/ql/lib/semmle/code/java/frameworks/android/PendingIntent.qll @@ -1,4 +1,6 @@ /** Provides classes and predicates related to the class `PendingIntent`. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/android/SQLite.qll b/java/ql/lib/semmle/code/java/frameworks/android/SQLite.qll index 2898b6aee54..f46f4e0e51d 100644 --- a/java/ql/lib/semmle/code/java/frameworks/android/SQLite.qll +++ b/java/ql/lib/semmle/code/java/frameworks/android/SQLite.qll @@ -1,4 +1,6 @@ /** Provides classes and predicates for working with SQLite databases. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.FlowSteps diff --git a/java/ql/lib/semmle/code/java/frameworks/android/SharedPreferences.qll b/java/ql/lib/semmle/code/java/frameworks/android/SharedPreferences.qll index a3298fd70d8..a11857e9f1f 100644 --- a/java/ql/lib/semmle/code/java/frameworks/android/SharedPreferences.qll +++ b/java/ql/lib/semmle/code/java/frameworks/android/SharedPreferences.qll @@ -1,4 +1,6 @@ /** Provides classes related to `android.content.SharedPreferences`. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/android/Slice.qll b/java/ql/lib/semmle/code/java/frameworks/android/Slice.qll index 96ccb2a4401..60811d9bc2d 100644 --- a/java/ql/lib/semmle/code/java/frameworks/android/Slice.qll +++ b/java/ql/lib/semmle/code/java/frameworks/android/Slice.qll @@ -1,4 +1,6 @@ /** Provides classes and predicates related to `androidx.slice`. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/frameworks/android/WebView.qll b/java/ql/lib/semmle/code/java/frameworks/android/WebView.qll index 78eeae4bdf2..8fa804f5279 100644 --- a/java/ql/lib/semmle/code/java/frameworks/android/WebView.qll +++ b/java/ql/lib/semmle/code/java/frameworks/android/WebView.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java /** The class `android.webkit.WebView`. */ diff --git a/java/ql/lib/semmle/code/java/frameworks/android/Widget.qll b/java/ql/lib/semmle/code/java/frameworks/android/Widget.qll index 9a2729f5b79..7b277a797f9 100644 --- a/java/ql/lib/semmle/code/java/frameworks/android/Widget.qll +++ b/java/ql/lib/semmle/code/java/frameworks/android/Widget.qll @@ -1,4 +1,6 @@ /** Provides classes and predicates for working with Android widgets. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.ExternalFlow diff --git a/java/ql/lib/semmle/code/java/frameworks/android/XmlParsing.qll b/java/ql/lib/semmle/code/java/frameworks/android/XmlParsing.qll index 4e6c39f2575..2235bc5eaec 100644 --- a/java/ql/lib/semmle/code/java/frameworks/android/XmlParsing.qll +++ b/java/ql/lib/semmle/code/java/frameworks/android/XmlParsing.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java class XmlPullParser extends Interface { diff --git a/java/ql/lib/semmle/code/java/frameworks/apache/Collections.qll b/java/ql/lib/semmle/code/java/frameworks/apache/Collections.qll index 24030e35045..97d51fc2cbc 100644 --- a/java/ql/lib/semmle/code/java/frameworks/apache/Collections.qll +++ b/java/ql/lib/semmle/code/java/frameworks/apache/Collections.qll @@ -1,4 +1,6 @@ /** Definitions related to the Apache Commons Collections library. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.FlowSteps diff --git a/java/ql/lib/semmle/code/java/frameworks/apache/CommonsXml.qll b/java/ql/lib/semmle/code/java/frameworks/apache/CommonsXml.qll index 5e72b26e009..163bd773dad 100644 --- a/java/ql/lib/semmle/code/java/frameworks/apache/CommonsXml.qll +++ b/java/ql/lib/semmle/code/java/frameworks/apache/CommonsXml.qll @@ -1,4 +1,6 @@ /** Provides XML definitions related to the `org.apache.commons` package. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.RangeUtils diff --git a/java/ql/lib/semmle/code/java/frameworks/apache/Lang.qll b/java/ql/lib/semmle/code/java/frameworks/apache/Lang.qll index 9ea2400b871..27c7f9530ad 100644 --- a/java/ql/lib/semmle/code/java/frameworks/apache/Lang.qll +++ b/java/ql/lib/semmle/code/java/frameworks/apache/Lang.qll @@ -1,4 +1,6 @@ /** Definitions related to the Apache Commons Lang library. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.FlowSteps diff --git a/java/ql/lib/semmle/code/java/frameworks/camel/CamelJavaAnnotations.qll b/java/ql/lib/semmle/code/java/frameworks/camel/CamelJavaAnnotations.qll index 1d42bd4c94b..b1637038b99 100644 --- a/java/ql/lib/semmle/code/java/frameworks/camel/CamelJavaAnnotations.qll +++ b/java/ql/lib/semmle/code/java/frameworks/camel/CamelJavaAnnotations.qll @@ -14,6 +14,8 @@ * * This creates a route to the `ConsumeMdb` class for messages sent to "activemq:queue:sayhello". */ +overlay[local?] +module; import java import semmle.code.java.Reflection diff --git a/java/ql/lib/semmle/code/java/frameworks/camel/CamelJavaDSL.qll b/java/ql/lib/semmle/code/java/frameworks/camel/CamelJavaDSL.qll index ed09baf8ead..df890326659 100644 --- a/java/ql/lib/semmle/code/java/frameworks/camel/CamelJavaDSL.qll +++ b/java/ql/lib/semmle/code/java/frameworks/camel/CamelJavaDSL.qll @@ -13,6 +13,8 @@ * * This creates a route to the `TargetBean` class for messages sent to "direct.start". */ +overlay[local?] +module; import java import semmle.code.java.Reflection diff --git a/java/ql/lib/semmle/code/java/frameworks/gigaspaces/GigaSpaces.qll b/java/ql/lib/semmle/code/java/frameworks/gigaspaces/GigaSpaces.qll index 2b99e0fcff0..a03ed1c5266 100644 --- a/java/ql/lib/semmle/code/java/frameworks/gigaspaces/GigaSpaces.qll +++ b/java/ql/lib/semmle/code/java/frameworks/gigaspaces/GigaSpaces.qll @@ -1,6 +1,8 @@ /** * GigaSpaces XAP (eXtreme Application Platform) is a distributed in-memory "datagrid". */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/google/GoogleHttpClientApi.qll b/java/ql/lib/semmle/code/java/frameworks/google/GoogleHttpClientApi.qll index db8bc2574c1..5e0304ca7b2 100644 --- a/java/ql/lib/semmle/code/java/frameworks/google/GoogleHttpClientApi.qll +++ b/java/ql/lib/semmle/code/java/frameworks/google/GoogleHttpClientApi.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.Serializability import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/frameworks/google/Gson.qll b/java/ql/lib/semmle/code/java/frameworks/google/Gson.qll index 9dc38a52941..7185c87b09f 100644 --- a/java/ql/lib/semmle/code/java/frameworks/google/Gson.qll +++ b/java/ql/lib/semmle/code/java/frameworks/google/Gson.qll @@ -1,6 +1,8 @@ /** * Provides classes for working with the Gson framework. */ +overlay[local?] +module; import java import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll b/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll index 6abaee8ff72..bd8973b0adb 100644 --- a/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll +++ b/java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll @@ -2,6 +2,8 @@ * Provides classes and predicates for working with Java Serialization in the context of * the `com.google.gson` JSON processing framework. */ +overlay[local?] +module; import java private import semmle.code.java.Serializability diff --git a/java/ql/lib/semmle/code/java/frameworks/guava/Collections.qll b/java/ql/lib/semmle/code/java/frameworks/guava/Collections.qll index 94dd356f62d..aebdb22f42a 100644 --- a/java/ql/lib/semmle/code/java/frameworks/guava/Collections.qll +++ b/java/ql/lib/semmle/code/java/frameworks/guava/Collections.qll @@ -1,4 +1,6 @@ /** Definitions of flow steps through the collection types in the Guava framework */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/frameworks/guava/Guava.qll b/java/ql/lib/semmle/code/java/frameworks/guava/Guava.qll index 5dd8aaa18ee..545aae763d5 100644 --- a/java/ql/lib/semmle/code/java/frameworks/guava/Guava.qll +++ b/java/ql/lib/semmle/code/java/frameworks/guava/Guava.qll @@ -1,6 +1,8 @@ /** * Definitions for tracking taint steps through the Guava framework. */ +overlay[local?] +module; import java import Collections diff --git a/java/ql/lib/semmle/code/java/frameworks/gwt/GWT.qll b/java/ql/lib/semmle/code/java/frameworks/gwt/GWT.qll index 6780a9261b9..a58e49aa76f 100644 --- a/java/ql/lib/semmle/code/java/frameworks/gwt/GWT.qll +++ b/java/ql/lib/semmle/code/java/frameworks/gwt/GWT.qll @@ -1,4 +1,6 @@ /** Provides classes and predicates for working with the GWT framework. */ +overlay[local?] +module; import java import GwtXml diff --git a/java/ql/lib/semmle/code/java/frameworks/gwt/GwtUiBinder.qll b/java/ql/lib/semmle/code/java/frameworks/gwt/GwtUiBinder.qll index 8532cc81bb3..d692740f40e 100644 --- a/java/ql/lib/semmle/code/java/frameworks/gwt/GwtUiBinder.qll +++ b/java/ql/lib/semmle/code/java/frameworks/gwt/GwtUiBinder.qll @@ -4,6 +4,8 @@ * The UiBinder framework allows the specification of user interfaces in XML template files. These * can then be interacted with programmatically by writing an associated owner class. */ +overlay[local?] +module; import java import GwtUiBinderXml diff --git a/java/ql/lib/semmle/code/java/frameworks/gwt/GwtUiBinderXml.qll b/java/ql/lib/semmle/code/java/frameworks/gwt/GwtUiBinderXml.qll index 0fb8ed3cd70..fef34f1bc44 100644 --- a/java/ql/lib/semmle/code/java/frameworks/gwt/GwtUiBinderXml.qll +++ b/java/ql/lib/semmle/code/java/frameworks/gwt/GwtUiBinderXml.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for identifying GWT UiBinder framework XML templates. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/gwt/GwtXml.qll b/java/ql/lib/semmle/code/java/frameworks/gwt/GwtXml.qll index e143d06cccb..b3682454300 100644 --- a/java/ql/lib/semmle/code/java/frameworks/gwt/GwtXml.qll +++ b/java/ql/lib/semmle/code/java/frameworks/gwt/GwtXml.qll @@ -1,4 +1,6 @@ /** Provides classes and predicates for working with `*.gwt.xml` files. */ +overlay[local?] +module; import semmle.code.xml.XML diff --git a/java/ql/lib/semmle/code/java/frameworks/hudson/Hudson.qll b/java/ql/lib/semmle/code/java/frameworks/hudson/Hudson.qll index ae316cf649e..44752f94576 100644 --- a/java/ql/lib/semmle/code/java/frameworks/hudson/Hudson.qll +++ b/java/ql/lib/semmle/code/java/frameworks/hudson/Hudson.qll @@ -1,4 +1,6 @@ /** Provides classes and predicates related to the Hudson framework. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.FlowSources diff --git a/java/ql/lib/semmle/code/java/frameworks/j2objc/J2ObjC.qll b/java/ql/lib/semmle/code/java/frameworks/j2objc/J2ObjC.qll index 2e9b04d6a8c..abb24b909e9 100644 --- a/java/ql/lib/semmle/code/java/frameworks/j2objc/J2ObjC.qll +++ b/java/ql/lib/semmle/code/java/frameworks/j2objc/J2ObjC.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with OCNI (Objective-C Native Interface). */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/jOOQ.qll b/java/ql/lib/semmle/code/java/frameworks/jOOQ.qll index 2aa78e9425d..e5bad7435d5 100644 --- a/java/ql/lib/semmle/code/java/frameworks/jOOQ.qll +++ b/java/ql/lib/semmle/code/java/frameworks/jOOQ.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with the jOOQ framework. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/jackson/JacksonSerializability.qll b/java/ql/lib/semmle/code/java/frameworks/jackson/JacksonSerializability.qll index 8e1077d8bc0..aa7da753f43 100644 --- a/java/ql/lib/semmle/code/java/frameworks/jackson/JacksonSerializability.qll +++ b/java/ql/lib/semmle/code/java/frameworks/jackson/JacksonSerializability.qll @@ -2,6 +2,8 @@ * Provides classes and predicates for working with Java Serialization in the context of * the `com.fasterxml.jackson` JSON processing framework. */ +overlay[local?] +module; import java import semmle.code.java.Serializability diff --git a/java/ql/lib/semmle/code/java/frameworks/javaee/JavaServerFaces.qll b/java/ql/lib/semmle/code/java/frameworks/javaee/JavaServerFaces.qll index b4ae1b1c19c..2f749962e94 100644 --- a/java/ql/lib/semmle/code/java/frameworks/javaee/JavaServerFaces.qll +++ b/java/ql/lib/semmle/code/java/frameworks/javaee/JavaServerFaces.qll @@ -1,4 +1,6 @@ /** Provides classes and predicates for working with Java Server Faces. */ +overlay[local?] +module; import default import semmle.code.java.frameworks.javaee.jsf.JSFAnnotations diff --git a/java/ql/lib/semmle/code/java/frameworks/javaee/Persistence.qll b/java/ql/lib/semmle/code/java/frameworks/javaee/Persistence.qll index b38cba889e0..b5031d7dff0 100644 --- a/java/ql/lib/semmle/code/java/frameworks/javaee/Persistence.qll +++ b/java/ql/lib/semmle/code/java/frameworks/javaee/Persistence.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with the JavaEE Persistence API. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/javaee/PersistenceXML.qll b/java/ql/lib/semmle/code/java/frameworks/javaee/PersistenceXML.qll index 7564dafa37e..e6ada894fc6 100644 --- a/java/ql/lib/semmle/code/java/frameworks/javaee/PersistenceXML.qll +++ b/java/ql/lib/semmle/code/java/frameworks/javaee/PersistenceXML.qll @@ -2,6 +2,8 @@ * Provides classes and predicates for working with JavaEE * persistence configuration XML files (`persistence.xml`). */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/javaee/Xml.qll b/java/ql/lib/semmle/code/java/frameworks/javaee/Xml.qll index c1a0b08d8e7..222b778ba58 100644 --- a/java/ql/lib/semmle/code/java/frameworks/javaee/Xml.qll +++ b/java/ql/lib/semmle/code/java/frameworks/javaee/Xml.qll @@ -1,4 +1,6 @@ /** Provides definitions related to the `javax.xml` package. */ +overlay[local?] +module; import java private import semmle.code.java.security.XmlParsers diff --git a/java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJB.qll b/java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJB.qll index d165370d139..2b003b3c94e 100644 --- a/java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJB.qll +++ b/java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJB.qll @@ -1,4 +1,6 @@ /** Provides classes and predicates for working with Enterprise Java Beans. */ +overlay[local?] +module; import java import EJBJarXML diff --git a/java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJBJarXML.qll b/java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJBJarXML.qll index f44d77d89bd..dc465ddc4c6 100644 --- a/java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJBJarXML.qll +++ b/java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJBJarXML.qll @@ -2,6 +2,8 @@ * Provides classes and predicates for working with * EJB deployment descriptor XML files (`ejb-jar.xml`). */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJBRestrictions.qll b/java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJBRestrictions.qll index f5a52490768..2f5a88ba5c8 100644 --- a/java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJBRestrictions.qll +++ b/java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJBRestrictions.qll @@ -2,6 +2,8 @@ * Provides classes and predicates for modeling * EJB Programming Restrictions (see EJB 3.0 specification, section 21.1.2). */ +overlay[local?] +module; import java import EJB diff --git a/java/ql/lib/semmle/code/java/frameworks/javaee/jsf/JSFAnnotations.qll b/java/ql/lib/semmle/code/java/frameworks/javaee/jsf/JSFAnnotations.qll index 1db82875ad9..3338fa840ab 100644 --- a/java/ql/lib/semmle/code/java/frameworks/javaee/jsf/JSFAnnotations.qll +++ b/java/ql/lib/semmle/code/java/frameworks/javaee/jsf/JSFAnnotations.qll @@ -1,4 +1,6 @@ /** Provides classes and predicates for working with Java Server Faces annotations. */ +overlay[local?] +module; import default diff --git a/java/ql/lib/semmle/code/java/frameworks/javaee/jsf/JSFFacesContextXML.qll b/java/ql/lib/semmle/code/java/frameworks/javaee/jsf/JSFFacesContextXML.qll index 13ed765638d..060398f648c 100644 --- a/java/ql/lib/semmle/code/java/frameworks/javaee/jsf/JSFFacesContextXML.qll +++ b/java/ql/lib/semmle/code/java/frameworks/javaee/jsf/JSFFacesContextXML.qll @@ -1,6 +1,8 @@ /** * Provides classes for JSF "Application Configuration Resources File", usually called `faces-config.xml`. */ +overlay[local?] +module; import default diff --git a/java/ql/lib/semmle/code/java/frameworks/javaee/jsf/JSFRenderer.qll b/java/ql/lib/semmle/code/java/frameworks/javaee/jsf/JSFRenderer.qll index 546d3be6983..df646e8a9a2 100644 --- a/java/ql/lib/semmle/code/java/frameworks/javaee/jsf/JSFRenderer.qll +++ b/java/ql/lib/semmle/code/java/frameworks/javaee/jsf/JSFRenderer.qll @@ -1,4 +1,6 @@ /** Provides classes and predicates for working with JavaServer Faces renderer. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/javase/Beans.qll b/java/ql/lib/semmle/code/java/frameworks/javase/Beans.qll index dbdaf6960f3..1aa39c63828 100644 --- a/java/ql/lib/semmle/code/java/frameworks/javase/Beans.qll +++ b/java/ql/lib/semmle/code/java/frameworks/javase/Beans.qll @@ -1,4 +1,6 @@ /** Provides definitions related to the `java.beans` package. */ +overlay[local?] +module; import java private import semmle.code.java.security.XmlParsers diff --git a/java/ql/lib/semmle/code/java/frameworks/javase/Http.qll b/java/ql/lib/semmle/code/java/frameworks/javase/Http.qll index 5f03c0b190f..addc4a576bd 100644 --- a/java/ql/lib/semmle/code/java/frameworks/javase/Http.qll +++ b/java/ql/lib/semmle/code/java/frameworks/javase/Http.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates related to `java.net.http.*`. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/javase/WebSocket.qll b/java/ql/lib/semmle/code/java/frameworks/javase/WebSocket.qll index 17d3d4579d2..2ea26630619 100644 --- a/java/ql/lib/semmle/code/java/frameworks/javase/WebSocket.qll +++ b/java/ql/lib/semmle/code/java/frameworks/javase/WebSocket.qll @@ -1,6 +1,8 @@ /** * Provides classes for identifying methods called by the Java SE WebSocket package. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/kotlin/IO.qll b/java/ql/lib/semmle/code/java/frameworks/kotlin/IO.qll index 38af34bc690..1c8181206f5 100644 --- a/java/ql/lib/semmle/code/java/frameworks/kotlin/IO.qll +++ b/java/ql/lib/semmle/code/java/frameworks/kotlin/IO.qll @@ -1,4 +1,6 @@ /** Provides classes and predicates related to `kotlin.io`. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/kotlin/Kotlin.qll b/java/ql/lib/semmle/code/java/frameworks/kotlin/Kotlin.qll index 206996af321..3f4d0e04c69 100644 --- a/java/ql/lib/semmle/code/java/frameworks/kotlin/Kotlin.qll +++ b/java/ql/lib/semmle/code/java/frameworks/kotlin/Kotlin.qll @@ -1,4 +1,6 @@ /** Provides classes and predicates related to `kotlin`. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/kotlin/Serialization.qll b/java/ql/lib/semmle/code/java/frameworks/kotlin/Serialization.qll index c0269266a59..1dc22be1a8b 100644 --- a/java/ql/lib/semmle/code/java/frameworks/kotlin/Serialization.qll +++ b/java/ql/lib/semmle/code/java/frameworks/kotlin/Serialization.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with the `kotlinx.serialization` plugin. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/kotlin/Text.qll b/java/ql/lib/semmle/code/java/frameworks/kotlin/Text.qll index 8521b284784..1b576251f87 100644 --- a/java/ql/lib/semmle/code/java/frameworks/kotlin/Text.qll +++ b/java/ql/lib/semmle/code/java/frameworks/kotlin/Text.qll @@ -1,4 +1,6 @@ /** Provides classes and predicates related to `kotlin.text`. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/mdht/MdhtXml.qll b/java/ql/lib/semmle/code/java/frameworks/mdht/MdhtXml.qll index b762fbcc863..dc5ea680994 100644 --- a/java/ql/lib/semmle/code/java/frameworks/mdht/MdhtXml.qll +++ b/java/ql/lib/semmle/code/java/frameworks/mdht/MdhtXml.qll @@ -1,4 +1,6 @@ /** Provides definitions related to XML parsing in Model-Driven Health Tools. */ +overlay[local?] +module; import java private import semmle.code.java.security.XmlParsers diff --git a/java/ql/lib/semmle/code/java/frameworks/owasp/Esapi.qll b/java/ql/lib/semmle/code/java/frameworks/owasp/Esapi.qll index 19cabda7073..fe95cd0d39d 100644 --- a/java/ql/lib/semmle/code/java/frameworks/owasp/Esapi.qll +++ b/java/ql/lib/semmle/code/java/frameworks/owasp/Esapi.qll @@ -1,4 +1,6 @@ /** Classes and predicates for reasoning about the `owasp.easpi` package. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/play/Play.qll b/java/ql/lib/semmle/code/java/frameworks/play/Play.qll index 7b99b23704e..bbf6385fc0a 100644 --- a/java/ql/lib/semmle/code/java/frameworks/play/Play.qll +++ b/java/ql/lib/semmle/code/java/frameworks/play/Play.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with the Play framework. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/ratpack/RatpackExec.qll b/java/ql/lib/semmle/code/java/frameworks/ratpack/RatpackExec.qll index 7efa72c3164..f8259e95a2e 100644 --- a/java/ql/lib/semmle/code/java/frameworks/ratpack/RatpackExec.qll +++ b/java/ql/lib/semmle/code/java/frameworks/ratpack/RatpackExec.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates related to `ratpack.exec.*`. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/frameworks/rundeck/RundeckXml.qll b/java/ql/lib/semmle/code/java/frameworks/rundeck/RundeckXml.qll index 0f271e073e6..78e7fbf30a9 100644 --- a/java/ql/lib/semmle/code/java/frameworks/rundeck/RundeckXml.qll +++ b/java/ql/lib/semmle/code/java/frameworks/rundeck/RundeckXml.qll @@ -1,4 +1,6 @@ /** Provides definitions related to XML parsing in Rundeck. */ +overlay[local?] +module; import java private import semmle.code.java.security.XmlParsers diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/Spring.qll b/java/ql/lib/semmle/code/java/frameworks/spring/Spring.qll index 2b09288610e..1c9c67838d4 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/Spring.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/Spring.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.frameworks.spring.SpringAbstractRef import semmle.code.java.frameworks.spring.SpringAlias diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringAbstractRef.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringAbstractRef.qll index 4dd4b0ab947..23ea64bd898 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringAbstractRef.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringAbstractRef.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.frameworks.spring.SpringXMLElement import semmle.code.java.frameworks.spring.SpringBean diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringAlias.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringAlias.qll index cbc4f025dac..aab0bba6be2 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringAlias.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringAlias.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.frameworks.spring.SpringXMLElement import semmle.code.java.frameworks.spring.SpringBean diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringArgType.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringArgType.qll index bddf5f01f9e..37a162cc890 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringArgType.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringArgType.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.frameworks.spring.SpringXMLElement diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringAttribute.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringAttribute.qll index a20eef4d0d7..d99a28c5618 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringAttribute.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringAttribute.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.frameworks.spring.SpringXMLElement diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringAutowire.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringAutowire.qll index 966db95afce..e758811b368 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringAutowire.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringAutowire.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for identifying methods and constructors called by Spring injection. */ +overlay[local?] +module; import java import SpringComponentScan diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringBean.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringBean.qll index a53cbf67090..ec06e9f2890 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringBean.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringBean.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.frameworks.spring.SpringXMLElement import semmle.code.java.frameworks.spring.SpringBeanRefType diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringBeanFile.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringBeanFile.qll index d96f264b91f..810182d8f1f 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringBeanFile.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringBeanFile.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.frameworks.spring.SpringBean diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringBeanRefType.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringBeanRefType.qll index 4d85a56ab2b..490fe3e0561 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringBeanRefType.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringBeanRefType.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.frameworks.spring.SpringBean diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringBoot.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringBoot.qll index d77e4549e4e..155afd41ba5 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringBoot.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringBoot.qll @@ -2,6 +2,8 @@ * Provides classes for working with Spring classes and interfaces from * `org.springframework.boot.*`. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringCamel.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringCamel.qll index 6fec620ccd5..28108865af4 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringCamel.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringCamel.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for identifying Spring integration for the Apache Camel messaging framework. */ +overlay[local?] +module; import java import semmle.code.java.frameworks.spring.SpringXMLElement diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringComponentScan.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringComponentScan.qll index d285e9d0e6a..b5b3e9834c0 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringComponentScan.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringComponentScan.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.frameworks.spring.SpringAutowire import semmle.code.java.frameworks.spring.SpringXMLElement diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringConstructorArg.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringConstructorArg.qll index e434e53ca3d..3f0cc6a25af 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringConstructorArg.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringConstructorArg.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.frameworks.spring.SpringXMLElement import semmle.code.java.frameworks.spring.SpringBean diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringController.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringController.qll index c93993336d9..ee00433da12 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringController.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringController.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.Maps import SpringWeb diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringDescription.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringDescription.qll index 34cf13a9571..5bcc2e896eb 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringDescription.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringDescription.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.frameworks.spring.SpringXMLElement diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringEntry.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringEntry.qll index e2ce38ea44e..a568a6ee8c7 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringEntry.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringEntry.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.frameworks.spring.SpringXMLElement import semmle.code.java.frameworks.spring.SpringBean diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringExpression.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringExpression.qll index 49ec6e1fd8a..aa02643d698 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringExpression.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringExpression.qll @@ -1,6 +1,8 @@ /** * Provides classes for working with the Spring Expression Language (SpEL). */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringFlex.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringFlex.qll index af0afa91f4c..a7b1b655693 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringFlex.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringFlex.qll @@ -2,6 +2,8 @@ * Provides classes and predicates for the Spring BlazeDS integration. BlazeDS allows Java applications to integrate with * Apache Flex applications, which are ultimately deployed as Adobe Flash applications. */ +overlay[local?] +module; import java import semmle.code.java.frameworks.spring.SpringBean diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringHttp.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringHttp.qll index e12e2b2643a..5f9271c0149 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringHttp.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringHttp.qll @@ -2,6 +2,8 @@ * Provides classes for working with Spring classes and interfaces from * `org.springframework.http`. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringIdRef.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringIdRef.qll index 0b8b3e3a87b..6dc2b313841 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringIdRef.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringIdRef.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.frameworks.spring.SpringAbstractRef diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringImport.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringImport.qll index 688a14da32e..1081b157d22 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringImport.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringImport.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.frameworks.spring.SpringXMLElement diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringInitializingBean.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringInitializingBean.qll index 216333da38a..2766df0b8bc 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringInitializingBean.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringInitializingBean.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java /** diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringKey.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringKey.qll index 5f07b227706..b48834dc738 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringKey.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringKey.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.frameworks.spring.SpringXMLElement diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringList.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringList.qll index 455fb956eb1..7e9b3423f88 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringList.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringList.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.frameworks.spring.SpringListOrSet diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringListOrSet.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringListOrSet.qll index 521795d8b22..075cf7b7d8b 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringListOrSet.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringListOrSet.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.frameworks.spring.SpringMergable diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringLookupMethod.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringLookupMethod.qll index 4b17c23612a..7371991cdaa 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringLookupMethod.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringLookupMethod.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.frameworks.spring.SpringXMLElement import semmle.code.java.frameworks.spring.SpringBean diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringMap.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringMap.qll index 19b2cfffdac..a5766d7c711 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringMap.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringMap.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.frameworks.spring.SpringMergable diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringMergable.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringMergable.qll index baef7d3b91a..94402918b8e 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringMergable.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringMergable.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.frameworks.spring.SpringXMLElement diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringMeta.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringMeta.qll index 640305b313a..d4a524c3502 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringMeta.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringMeta.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.frameworks.spring.SpringXMLElement diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringNull.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringNull.qll index c3f2c00a2b7..f08746dae5a 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringNull.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringNull.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.frameworks.spring.SpringXMLElement diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringProfile.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringProfile.qll index 48a2b367990..2d8a4577e56 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringProfile.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringProfile.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.frameworks.spring.SpringComponentScan diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringProp.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringProp.qll index 771370a3e7a..96da7fa271c 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringProp.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringProp.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.frameworks.spring.SpringXMLElement diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringProperty.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringProperty.qll index a83eeed13fa..aec85de58d4 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringProperty.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringProperty.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.frameworks.spring.SpringXMLElement import semmle.code.java.frameworks.spring.SpringBean diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringProps.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringProps.qll index 59a094f6761..00e7e8e5253 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringProps.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringProps.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.frameworks.spring.SpringMergable diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringQualifier.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringQualifier.qll index eb57b37efe0..ad927f48cbb 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringQualifier.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringQualifier.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.frameworks.spring.SpringXMLElement diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringRef.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringRef.qll index 89d58ff47fc..8b799d632c2 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringRef.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringRef.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.frameworks.spring.SpringAbstractRef diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringReplacedMethod.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringReplacedMethod.qll index 47e8d182898..cf32c940f86 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringReplacedMethod.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringReplacedMethod.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.frameworks.spring.SpringXMLElement import semmle.code.java.frameworks.spring.SpringBean diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringSecurity.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringSecurity.qll index 835b679d50a..694dae05773 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringSecurity.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringSecurity.qll @@ -2,6 +2,8 @@ * Provides classes for working with Spring classes and interfaces from * `org.springframework.security.*`. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringSet.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringSet.qll index 21aca5ff54e..4f75d08401b 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringSet.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringSet.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.frameworks.spring.SpringListOrSet diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringValue.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringValue.qll index 55854d60f9c..68cdfa7efcc 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringValue.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringValue.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.frameworks.spring.SpringXMLElement diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringWeb.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringWeb.qll index 88db87e7e21..362d4b32364 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringWeb.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringWeb.qll @@ -1,6 +1,8 @@ /** * Provides classes for working with Spring web requests. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringWebClient.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringWebClient.qll index e8410839470..0580415a344 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringWebClient.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringWebClient.qll @@ -1,6 +1,8 @@ /** * Provides classes for working with Spring web clients. */ +overlay[local?] +module; import java import SpringHttp diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringXMLElement.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringXMLElement.qll index 312cd659b39..21bea51cd22 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringXMLElement.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringXMLElement.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.frameworks.spring.SpringBeanFile import semmle.code.java.frameworks.spring.SpringBean diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/metrics/MetricSpringBean.qll b/java/ql/lib/semmle/code/java/frameworks/spring/metrics/MetricSpringBean.qll index ffbc5c9e5ec..7624d466571 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/metrics/MetricSpringBean.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/metrics/MetricSpringBean.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import semmle.code.java.frameworks.spring.SpringBean import semmle.code.java.frameworks.spring.SpringBeanFile import semmle.code.java.frameworks.spring.SpringEntry diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/metrics/MetricSpringBeanFile.qll b/java/ql/lib/semmle/code/java/frameworks/spring/metrics/MetricSpringBeanFile.qll index 999e34d1cea..45d43284883 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/metrics/MetricSpringBeanFile.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/metrics/MetricSpringBeanFile.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import semmle.code.java.frameworks.spring.SpringBean import semmle.code.java.frameworks.spring.SpringBeanFile import semmle.code.java.frameworks.spring.metrics.MetricSpringBean diff --git a/java/ql/lib/semmle/code/java/frameworks/stapler/Stapler.qll b/java/ql/lib/semmle/code/java/frameworks/stapler/Stapler.qll index 599a08094dd..28ca95b5541 100644 --- a/java/ql/lib/semmle/code/java/frameworks/stapler/Stapler.qll +++ b/java/ql/lib/semmle/code/java/frameworks/stapler/Stapler.qll @@ -1,4 +1,6 @@ /** Provides classes and predicates related to the Stapler framework. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/frameworks/struts/Struts2Serializability.qll b/java/ql/lib/semmle/code/java/frameworks/struts/Struts2Serializability.qll index cb8b876be7a..f9981a30393 100644 --- a/java/ql/lib/semmle/code/java/frameworks/struts/Struts2Serializability.qll +++ b/java/ql/lib/semmle/code/java/frameworks/struts/Struts2Serializability.qll @@ -2,6 +2,8 @@ * Provides classes and predicates for working with objects bound from Http requests in the context of * the Struts2 web framework. */ +overlay[local?] +module; import java private import semmle.code.java.Serializability diff --git a/java/ql/lib/semmle/code/java/frameworks/struts/StrutsActions.qll b/java/ql/lib/semmle/code/java/frameworks/struts/StrutsActions.qll index 4200e83d4db..6c5799d0275 100644 --- a/java/ql/lib/semmle/code/java/frameworks/struts/StrutsActions.qll +++ b/java/ql/lib/semmle/code/java/frameworks/struts/StrutsActions.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.frameworks.struts.StrutsConventions import semmle.code.java.frameworks.struts.StrutsXML diff --git a/java/ql/lib/semmle/code/java/frameworks/struts/StrutsAnnotations.qll b/java/ql/lib/semmle/code/java/frameworks/struts/StrutsAnnotations.qll index d97415354b3..823951b1d3c 100644 --- a/java/ql/lib/semmle/code/java/frameworks/struts/StrutsAnnotations.qll +++ b/java/ql/lib/semmle/code/java/frameworks/struts/StrutsAnnotations.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java /** diff --git a/java/ql/lib/semmle/code/java/frameworks/struts/StrutsConventions.qll b/java/ql/lib/semmle/code/java/frameworks/struts/StrutsConventions.qll index 17ff3537194..3e2fd5c0b97 100644 --- a/java/ql/lib/semmle/code/java/frameworks/struts/StrutsConventions.qll +++ b/java/ql/lib/semmle/code/java/frameworks/struts/StrutsConventions.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java import semmle.code.java.frameworks.struts.StrutsAnnotations import semmle.code.java.frameworks.struts.StrutsXML diff --git a/java/ql/lib/semmle/code/java/frameworks/struts/StrutsXML.qll b/java/ql/lib/semmle/code/java/frameworks/struts/StrutsXML.qll index 273034978d1..33131a1641d 100644 --- a/java/ql/lib/semmle/code/java/frameworks/struts/StrutsXML.qll +++ b/java/ql/lib/semmle/code/java/frameworks/struts/StrutsXML.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java /** diff --git a/java/ql/lib/semmle/code/java/metrics/MetricCallable.qll b/java/ql/lib/semmle/code/java/metrics/MetricCallable.qll index d3dca781e54..e6fa5d9e5c2 100644 --- a/java/ql/lib/semmle/code/java/metrics/MetricCallable.qll +++ b/java/ql/lib/semmle/code/java/metrics/MetricCallable.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for computing metrics on Java methods and constructors. */ +overlay[local?] +module; import semmle.code.java.Member diff --git a/java/ql/lib/semmle/code/java/metrics/MetricElement.qll b/java/ql/lib/semmle/code/java/metrics/MetricElement.qll index 086389e143c..f9d57df7f80 100644 --- a/java/ql/lib/semmle/code/java/metrics/MetricElement.qll +++ b/java/ql/lib/semmle/code/java/metrics/MetricElement.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for computing metrics on Java elements. */ +overlay[local?] +module; import semmle.code.java.Element import semmle.code.java.Type diff --git a/java/ql/lib/semmle/code/java/metrics/MetricField.qll b/java/ql/lib/semmle/code/java/metrics/MetricField.qll index ef8e692ba5f..32e3b263c28 100644 --- a/java/ql/lib/semmle/code/java/metrics/MetricField.qll +++ b/java/ql/lib/semmle/code/java/metrics/MetricField.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for computing metrics on Java fields. */ +overlay[local?] +module; import semmle.code.java.Member diff --git a/java/ql/lib/semmle/code/java/metrics/MetricPackage.qll b/java/ql/lib/semmle/code/java/metrics/MetricPackage.qll index eafdd57dd8a..fa755631642 100644 --- a/java/ql/lib/semmle/code/java/metrics/MetricPackage.qll +++ b/java/ql/lib/semmle/code/java/metrics/MetricPackage.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for computing metrics on Java packages. */ +overlay[local?] +module; import semmle.code.java.Package import MetricElement diff --git a/java/ql/lib/semmle/code/java/metrics/MetricRefType.qll b/java/ql/lib/semmle/code/java/metrics/MetricRefType.qll index 17271394b2e..1652a120070 100644 --- a/java/ql/lib/semmle/code/java/metrics/MetricRefType.qll +++ b/java/ql/lib/semmle/code/java/metrics/MetricRefType.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for computing metrics on Java classes and interfaces. */ +overlay[local?] +module; import semmle.code.java.Type import MetricElement diff --git a/java/ql/lib/semmle/code/java/metrics/MetricStmt.qll b/java/ql/lib/semmle/code/java/metrics/MetricStmt.qll index b818c30edf6..bc2cf5ae107 100644 --- a/java/ql/lib/semmle/code/java/metrics/MetricStmt.qll +++ b/java/ql/lib/semmle/code/java/metrics/MetricStmt.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for computing metrics on Java statements. */ +overlay[local?] +module; import semmle.code.java.Statement diff --git a/java/ql/lib/semmle/code/java/os/OSCheck.qll b/java/ql/lib/semmle/code/java/os/OSCheck.qll index e3b3e56f72c..97ad27c83df 100644 --- a/java/ql/lib/semmle/code/java/os/OSCheck.qll +++ b/java/ql/lib/semmle/code/java/os/OSCheck.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for guards that check for the current OS. */ +overlay[local?] +module; import java import semmle.code.java.controlflow.Guards diff --git a/java/ql/lib/semmle/code/java/regex/RegexFlowConfigs.qll b/java/ql/lib/semmle/code/java/regex/RegexFlowConfigs.qll index 763b96f5a02..6a934bdd578 100644 --- a/java/ql/lib/semmle/code/java/regex/RegexFlowConfigs.qll +++ b/java/ql/lib/semmle/code/java/regex/RegexFlowConfigs.qll @@ -1,6 +1,8 @@ /** * Defines configurations and steps for handling regexes */ +overlay[local?] +module; import java import semmle.code.java.dataflow.ExternalFlow diff --git a/java/ql/lib/semmle/code/java/regex/RegexTreeView.qll b/java/ql/lib/semmle/code/java/regex/RegexTreeView.qll index a07d7c741fa..0fe4b47ec48 100644 --- a/java/ql/lib/semmle/code/java/regex/RegexTreeView.qll +++ b/java/ql/lib/semmle/code/java/regex/RegexTreeView.qll @@ -1,4 +1,6 @@ /** Provides a class hierarchy corresponding to a parse tree of regular expressions. */ +overlay[local?] +module; private import semmle.code.java.regex.regex as RE // importing under a namescape to avoid naming conflict for `Top`. private import codeql.regex.nfa.NfaUtils as NfaUtils diff --git a/java/ql/lib/semmle/code/java/regex/regex.qll b/java/ql/lib/semmle/code/java/regex/regex.qll index f0336c2d023..13f39869966 100644 --- a/java/ql/lib/semmle/code/java/regex/regex.qll +++ b/java/ql/lib/semmle/code/java/regex/regex.qll @@ -1,6 +1,8 @@ /** * Definitions for parsing regular expressions. */ +overlay[local?] +module; import java private import RegexFlowConfigs diff --git a/java/ql/lib/semmle/code/java/security/AndroidIntentRedirection.qll b/java/ql/lib/semmle/code/java/security/AndroidIntentRedirection.qll index 56c45611b14..08a86092afb 100644 --- a/java/ql/lib/semmle/code/java/security/AndroidIntentRedirection.qll +++ b/java/ql/lib/semmle/code/java/security/AndroidIntentRedirection.qll @@ -1,4 +1,6 @@ /** Provides classes to reason about Android Intent redirect vulnerabilities. */ +overlay[local?] +module; import java private import semmle.code.java.controlflow.Guards diff --git a/java/ql/lib/semmle/code/java/security/AndroidLocalAuthQuery.qll b/java/ql/lib/semmle/code/java/security/AndroidLocalAuthQuery.qll index 4a31dc2568d..aaa7dbc562b 100644 --- a/java/ql/lib/semmle/code/java/security/AndroidLocalAuthQuery.qll +++ b/java/ql/lib/semmle/code/java/security/AndroidLocalAuthQuery.qll @@ -1,4 +1,6 @@ /** Definitions for the insecure local authentication query. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/security/AndroidWebViewCertificateValidationQuery.qll b/java/ql/lib/semmle/code/java/security/AndroidWebViewCertificateValidationQuery.qll index 8d53766e008..728eca0eaf1 100644 --- a/java/ql/lib/semmle/code/java/security/AndroidWebViewCertificateValidationQuery.qll +++ b/java/ql/lib/semmle/code/java/security/AndroidWebViewCertificateValidationQuery.qll @@ -1,4 +1,6 @@ /** Definitions for the web view certificate validation query */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/security/ArbitraryApkInstallation.qll b/java/ql/lib/semmle/code/java/security/ArbitraryApkInstallation.qll index 0402aca6987..8600ecda7ad 100644 --- a/java/ql/lib/semmle/code/java/security/ArbitraryApkInstallation.qll +++ b/java/ql/lib/semmle/code/java/security/ArbitraryApkInstallation.qll @@ -1,4 +1,6 @@ /** Provide classes to reason about Android Intents that can install APKs. */ +overlay[local?] +module; import java import semmle.code.java.frameworks.android.Intent diff --git a/java/ql/lib/semmle/code/java/security/ArithmeticCommon.qll b/java/ql/lib/semmle/code/java/security/ArithmeticCommon.qll index 785dce3da7e..5a8b5e97508 100644 --- a/java/ql/lib/semmle/code/java/security/ArithmeticCommon.qll +++ b/java/ql/lib/semmle/code/java/security/ArithmeticCommon.qll @@ -1,4 +1,6 @@ /** Provides guards and predicates to reason about arithmetic. */ +overlay[local?] +module; import semmle.code.java.arithmetic.Overflow import semmle.code.java.controlflow.Guards diff --git a/java/ql/lib/semmle/code/java/security/CommandArguments.qll b/java/ql/lib/semmle/code/java/security/CommandArguments.qll index eb4f589ac7f..f161a83d17b 100644 --- a/java/ql/lib/semmle/code/java/security/CommandArguments.qll +++ b/java/ql/lib/semmle/code/java/security/CommandArguments.qll @@ -1,6 +1,8 @@ /** * Definitions for reasoning about lists and arrays that are to be used as arguments to an external process. */ +overlay[local?] +module; import java import semmle.code.java.dataflow.SSA diff --git a/java/ql/lib/semmle/code/java/security/ControlledString.qll b/java/ql/lib/semmle/code/java/security/ControlledString.qll index c760bf14e85..fa201b2e8b6 100644 --- a/java/ql/lib/semmle/code/java/security/ControlledString.qll +++ b/java/ql/lib/semmle/code/java/security/ControlledString.qll @@ -3,6 +3,8 @@ * There is positive evidence that they are fully controlled by * the program source code. */ +overlay[local?] +module; import semmle.code.java.Expr import semmle.code.java.security.Validation diff --git a/java/ql/lib/semmle/code/java/security/Cookies.qll b/java/ql/lib/semmle/code/java/security/Cookies.qll index 202f18921ca..b4db1b8fe46 100644 --- a/java/ql/lib/semmle/code/java/security/Cookies.qll +++ b/java/ql/lib/semmle/code/java/security/Cookies.qll @@ -1,4 +1,6 @@ /** Provides definitions to reason about HTTP cookies. */ +overlay[local?] +module; import java private import semmle.code.java.frameworks.Netty diff --git a/java/ql/lib/semmle/code/java/security/Encryption.qll b/java/ql/lib/semmle/code/java/security/Encryption.qll index ee8c1f5fbed..b948a94962c 100644 --- a/java/ql/lib/semmle/code/java/security/Encryption.qll +++ b/java/ql/lib/semmle/code/java/security/Encryption.qll @@ -1,6 +1,8 @@ /** * Provides predicates and classes relating to encryption in Java. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/security/ExternalAPIs.qll b/java/ql/lib/semmle/code/java/security/ExternalAPIs.qll index 360493e2635..809f45aa45a 100644 --- a/java/ql/lib/semmle/code/java/security/ExternalAPIs.qll +++ b/java/ql/lib/semmle/code/java/security/ExternalAPIs.qll @@ -2,6 +2,8 @@ * Definitions for reasoning about untrusted data used in APIs defined outside the * database. */ +overlay[local?] +module; import java import semmle.code.java.dataflow.FlowSources diff --git a/java/ql/lib/semmle/code/java/security/ExternalProcess.qll b/java/ql/lib/semmle/code/java/security/ExternalProcess.qll index 58f7457e9e3..600a45e509a 100644 --- a/java/ql/lib/semmle/code/java/security/ExternalProcess.qll +++ b/java/ql/lib/semmle/code/java/security/ExternalProcess.qll @@ -1,4 +1,6 @@ /** Definitions related to external processes. */ +overlay[local?] +module; import semmle.code.java.Member private import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/security/FileReadWrite.qll b/java/ql/lib/semmle/code/java/security/FileReadWrite.qll index 34d7ca1f201..ae1b3f025a1 100644 --- a/java/ql/lib/semmle/code/java/security/FileReadWrite.qll +++ b/java/ql/lib/semmle/code/java/security/FileReadWrite.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java /** diff --git a/java/ql/lib/semmle/code/java/security/FileWritable.qll b/java/ql/lib/semmle/code/java/security/FileWritable.qll index bb5d952802d..d1833bf64d4 100644 --- a/java/ql/lib/semmle/code/java/security/FileWritable.qll +++ b/java/ql/lib/semmle/code/java/security/FileWritable.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java /** diff --git a/java/ql/lib/semmle/code/java/security/FragmentInjection.qll b/java/ql/lib/semmle/code/java/security/FragmentInjection.qll index a22fad4d85e..8cd5e32a5ec 100644 --- a/java/ql/lib/semmle/code/java/security/FragmentInjection.qll +++ b/java/ql/lib/semmle/code/java/security/FragmentInjection.qll @@ -1,4 +1,6 @@ /** Provides classes and predicates to reason about Android Fragment injection vulnerabilities. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.TaintTracking diff --git a/java/ql/lib/semmle/code/java/security/GroovyInjection.qll b/java/ql/lib/semmle/code/java/security/GroovyInjection.qll index ea688a26f6e..45d66489777 100644 --- a/java/ql/lib/semmle/code/java/security/GroovyInjection.qll +++ b/java/ql/lib/semmle/code/java/security/GroovyInjection.qll @@ -1,4 +1,6 @@ /** Provides classes to reason about Groovy code injection attacks. */ +overlay[local?] +module; private import semmle.code.java.dataflow.DataFlow private import semmle.code.java.dataflow.ExternalFlow diff --git a/java/ql/lib/semmle/code/java/security/HardcodedCredentials.qll b/java/ql/lib/semmle/code/java/security/HardcodedCredentials.qll index 0b373fa27f8..f7e0b995485 100644 --- a/java/ql/lib/semmle/code/java/security/HardcodedCredentials.qll +++ b/java/ql/lib/semmle/code/java/security/HardcodedCredentials.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates relating to hardcoded credentials. */ +overlay[local?] +module; import java import SensitiveApi diff --git a/java/ql/lib/semmle/code/java/security/HardcodedCredentialsComparison.qll b/java/ql/lib/semmle/code/java/security/HardcodedCredentialsComparison.qll index d15d9d05d30..c6ad9458ba9 100644 --- a/java/ql/lib/semmle/code/java/security/HardcodedCredentialsComparison.qll +++ b/java/ql/lib/semmle/code/java/security/HardcodedCredentialsComparison.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates to detect comparing a parameter to a hard-coded credential. */ +overlay[local?] +module; import java import HardcodedCredentials diff --git a/java/ql/lib/semmle/code/java/security/HardcodedPasswordField.qll b/java/ql/lib/semmle/code/java/security/HardcodedPasswordField.qll index 995428b8e94..03b3f750080 100644 --- a/java/ql/lib/semmle/code/java/security/HardcodedPasswordField.qll +++ b/java/ql/lib/semmle/code/java/security/HardcodedPasswordField.qll @@ -1,6 +1,8 @@ /** * Provides a predicate identifying assignments of harcoded values to password fields. */ +overlay[local?] +module; import java import HardcodedCredentials diff --git a/java/ql/lib/semmle/code/java/security/HttpsUrls.qll b/java/ql/lib/semmle/code/java/security/HttpsUrls.qll index b56b8ba9c9f..071f95b4990 100644 --- a/java/ql/lib/semmle/code/java/security/HttpsUrls.qll +++ b/java/ql/lib/semmle/code/java/security/HttpsUrls.qll @@ -1,4 +1,6 @@ /** Provides classes and predicates to reason about plaintext HTTP vulnerabilities. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/security/ImplicitPendingIntents.qll b/java/ql/lib/semmle/code/java/security/ImplicitPendingIntents.qll index 650527e88e4..94951c10c53 100644 --- a/java/ql/lib/semmle/code/java/security/ImplicitPendingIntents.qll +++ b/java/ql/lib/semmle/code/java/security/ImplicitPendingIntents.qll @@ -1,4 +1,6 @@ /** Provides classes and predicates for working with implicit `PendingIntent`s. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.ExternalFlow diff --git a/java/ql/lib/semmle/code/java/security/ImplicitPendingIntentsQuery.qll b/java/ql/lib/semmle/code/java/security/ImplicitPendingIntentsQuery.qll index a57f643d817..f66309c97be 100644 --- a/java/ql/lib/semmle/code/java/security/ImplicitPendingIntentsQuery.qll +++ b/java/ql/lib/semmle/code/java/security/ImplicitPendingIntentsQuery.qll @@ -1,4 +1,6 @@ /** Provides taint tracking configurations to be used in queries related to implicit `PendingIntent`s. */ +overlay[local?] +module; import java import semmle.code.java.dataflow.TaintTracking diff --git a/java/ql/lib/semmle/code/java/security/ImplicitlyExportedAndroidComponent.qll b/java/ql/lib/semmle/code/java/security/ImplicitlyExportedAndroidComponent.qll index 4aa21c4a260..11cfcb1c6e5 100644 --- a/java/ql/lib/semmle/code/java/security/ImplicitlyExportedAndroidComponent.qll +++ b/java/ql/lib/semmle/code/java/security/ImplicitlyExportedAndroidComponent.qll @@ -1,4 +1,6 @@ /** Provides a class to identify implicitly exported Android components. */ +overlay[local?] +module; private import semmle.code.xml.AndroidManifest diff --git a/java/ql/lib/semmle/code/java/security/InformationLeak.qll b/java/ql/lib/semmle/code/java/security/InformationLeak.qll index 8fe7d215165..ba7a7a52a70 100644 --- a/java/ql/lib/semmle/code/java/security/InformationLeak.qll +++ b/java/ql/lib/semmle/code/java/security/InformationLeak.qll @@ -1,4 +1,6 @@ /** Provides classes to reason about System Information Leak vulnerabilities. */ +overlay[local?] +module; import java import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/security/InsecureBasicAuth.qll b/java/ql/lib/semmle/code/java/security/InsecureBasicAuth.qll index b21492406ad..9d26077396b 100644 --- a/java/ql/lib/semmle/code/java/security/InsecureBasicAuth.qll +++ b/java/ql/lib/semmle/code/java/security/InsecureBasicAuth.qll @@ -1,4 +1,6 @@ /** Provides classes and predicates to reason about Insecure Basic Authentication vulnerabilities. */ +overlay[local?] +module; import java import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/security/InsecureLdapAuth.qll b/java/ql/lib/semmle/code/java/security/InsecureLdapAuth.qll index 52d58afc9e7..117484b0241 100644 --- a/java/ql/lib/semmle/code/java/security/InsecureLdapAuth.qll +++ b/java/ql/lib/semmle/code/java/security/InsecureLdapAuth.qll @@ -1,4 +1,6 @@ /** Provides classes to reason about insecure LDAP authentication. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/security/InsecureTrustManager.qll b/java/ql/lib/semmle/code/java/security/InsecureTrustManager.qll index 41d8f28573c..54e2b00b8f4 100644 --- a/java/ql/lib/semmle/code/java/security/InsecureTrustManager.qll +++ b/java/ql/lib/semmle/code/java/security/InsecureTrustManager.qll @@ -1,4 +1,6 @@ /** Provides classes and predicates to reason about insecure `TrustManager`s. */ +overlay[local?] +module; import java private import semmle.code.java.controlflow.Guards diff --git a/java/ql/lib/semmle/code/java/security/InsufficientKeySize.qll b/java/ql/lib/semmle/code/java/security/InsufficientKeySize.qll index 1f80136fdf1..6d28a124b85 100644 --- a/java/ql/lib/semmle/code/java/security/InsufficientKeySize.qll +++ b/java/ql/lib/semmle/code/java/security/InsufficientKeySize.qll @@ -1,4 +1,6 @@ /** Provides classes and predicates related to insufficient key sizes in Java. */ +overlay[local?] +module; private import semmle.code.java.security.Encryption private import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/security/InsufficientKeySizeQuery.qll b/java/ql/lib/semmle/code/java/security/InsufficientKeySizeQuery.qll index 876b2efd840..d105db33610 100644 --- a/java/ql/lib/semmle/code/java/security/InsufficientKeySizeQuery.qll +++ b/java/ql/lib/semmle/code/java/security/InsufficientKeySizeQuery.qll @@ -1,4 +1,6 @@ /** Provides data flow configurations to be used in queries related to insufficient key sizes. */ +overlay[local?] +module; import semmle.code.java.dataflow.DataFlow import semmle.code.java.security.InsufficientKeySize diff --git a/java/ql/lib/semmle/code/java/security/IntentUriPermissionManipulation.qll b/java/ql/lib/semmle/code/java/security/IntentUriPermissionManipulation.qll index 2f9470f2bb9..5ba3a672346 100644 --- a/java/ql/lib/semmle/code/java/security/IntentUriPermissionManipulation.qll +++ b/java/ql/lib/semmle/code/java/security/IntentUriPermissionManipulation.qll @@ -2,6 +2,8 @@ * Provides classes and predicates to reason about Intent URI permission manipulation * vulnerabilities on Android. */ +overlay[local?] +module; import java private import semmle.code.java.controlflow.Guards diff --git a/java/ql/lib/semmle/code/java/security/JWT.qll b/java/ql/lib/semmle/code/java/security/JWT.qll index c282d32ea09..3f546d4edc0 100644 --- a/java/ql/lib/semmle/code/java/security/JWT.qll +++ b/java/ql/lib/semmle/code/java/security/JWT.qll @@ -1,4 +1,6 @@ /** Provides classes for working with JSON Web Token (JWT) libraries. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.FlowSinks diff --git a/java/ql/lib/semmle/code/java/security/JndiInjection.qll b/java/ql/lib/semmle/code/java/security/JndiInjection.qll index 3df8d6df378..0e61a53c0ab 100644 --- a/java/ql/lib/semmle/code/java/security/JndiInjection.qll +++ b/java/ql/lib/semmle/code/java/security/JndiInjection.qll @@ -1,4 +1,6 @@ /** Provides classes to reason about JNDI injection vulnerabilities. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/security/LdapInjection.qll b/java/ql/lib/semmle/code/java/security/LdapInjection.qll index 54c8e28ba63..ff92d40cf55 100644 --- a/java/ql/lib/semmle/code/java/security/LdapInjection.qll +++ b/java/ql/lib/semmle/code/java/security/LdapInjection.qll @@ -1,4 +1,6 @@ /** Provides classes to reason about LDAP injection attacks. */ +overlay[local?] +module; import java import semmle.code.java.dataflow.TaintTracking diff --git a/java/ql/lib/semmle/code/java/security/ListOfConstantsSanitizer.qll b/java/ql/lib/semmle/code/java/security/ListOfConstantsSanitizer.qll index cc57fbce648..4294ac84f68 100644 --- a/java/ql/lib/semmle/code/java/security/ListOfConstantsSanitizer.qll +++ b/java/ql/lib/semmle/code/java/security/ListOfConstantsSanitizer.qll @@ -2,6 +2,8 @@ * Provides a default taint sanitizer identifying comparisons against lists of * compile-time constants. */ +overlay[local?] +module; import java private import codeql.typeflow.UniversalFlow as UniversalFlow diff --git a/java/ql/lib/semmle/code/java/security/LogInjection.qll b/java/ql/lib/semmle/code/java/security/LogInjection.qll index 554aa8e4ebc..da5a1dc73a0 100644 --- a/java/ql/lib/semmle/code/java/security/LogInjection.qll +++ b/java/ql/lib/semmle/code/java/security/LogInjection.qll @@ -1,4 +1,6 @@ /** Provides classes and predicates related to Log Injection vulnerabilities. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/security/Mail.qll b/java/ql/lib/semmle/code/java/security/Mail.qll index 64bc22e4622..5c68355ec3e 100644 --- a/java/ql/lib/semmle/code/java/security/Mail.qll +++ b/java/ql/lib/semmle/code/java/security/Mail.qll @@ -1,4 +1,6 @@ /** Provides classes and predicates to reason about email vulnerabilities. */ +overlay[local?] +module; import java import semmle.code.java.frameworks.Mail diff --git a/java/ql/lib/semmle/code/java/security/MvelInjection.qll b/java/ql/lib/semmle/code/java/security/MvelInjection.qll index a9773ffe186..dc804d4a185 100644 --- a/java/ql/lib/semmle/code/java/security/MvelInjection.qll +++ b/java/ql/lib/semmle/code/java/security/MvelInjection.qll @@ -1,4 +1,6 @@ /** Provides classes to reason about MVEL injection attacks. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/security/OgnlInjection.qll b/java/ql/lib/semmle/code/java/security/OgnlInjection.qll index 37f31618fc3..e3f93b39ece 100644 --- a/java/ql/lib/semmle/code/java/security/OgnlInjection.qll +++ b/java/ql/lib/semmle/code/java/security/OgnlInjection.qll @@ -1,4 +1,6 @@ /** Provides classes to reason about OGNL injection vulnerabilities. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/security/PartialPathTraversal.qll b/java/ql/lib/semmle/code/java/security/PartialPathTraversal.qll index aaf578a6225..63ffb62ef63 100644 --- a/java/ql/lib/semmle/code/java/security/PartialPathTraversal.qll +++ b/java/ql/lib/semmle/code/java/security/PartialPathTraversal.qll @@ -1,4 +1,6 @@ /** Provides classes to reason about partial path traversal vulnerabilities. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/security/PathSanitizer.qll b/java/ql/lib/semmle/code/java/security/PathSanitizer.qll index f3385c94646..ed0761f6869 100644 --- a/java/ql/lib/semmle/code/java/security/PathSanitizer.qll +++ b/java/ql/lib/semmle/code/java/security/PathSanitizer.qll @@ -1,4 +1,6 @@ /** Provides classes and predicates to reason about sanitization of path injection vulnerabilities. */ +overlay[local?] +module; import java private import semmle.code.java.controlflow.Guards diff --git a/java/ql/lib/semmle/code/java/security/QueryInjection.qll b/java/ql/lib/semmle/code/java/security/QueryInjection.qll index df316155ba1..583a41ce933 100644 --- a/java/ql/lib/semmle/code/java/security/QueryInjection.qll +++ b/java/ql/lib/semmle/code/java/security/QueryInjection.qll @@ -1,4 +1,6 @@ /** Provides classes to reason about database query language injection vulnerabilities. */ +overlay[local?] +module; import java import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/security/RandomDataSource.qll b/java/ql/lib/semmle/code/java/security/RandomDataSource.qll index b44bcc07efe..f040c858d9c 100644 --- a/java/ql/lib/semmle/code/java/security/RandomDataSource.qll +++ b/java/ql/lib/semmle/code/java/security/RandomDataSource.qll @@ -1,6 +1,8 @@ /** * Defines classes representing random data sources. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.TypeFlow diff --git a/java/ql/lib/semmle/code/java/security/RelativePaths.qll b/java/ql/lib/semmle/code/java/security/RelativePaths.qll index 458bb7aea5d..0c9e145268b 100644 --- a/java/ql/lib/semmle/code/java/security/RelativePaths.qll +++ b/java/ql/lib/semmle/code/java/security/RelativePaths.qll @@ -1,4 +1,6 @@ /** Detection of strings and arrays of strings containing relative paths. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/security/RequestForgery.qll b/java/ql/lib/semmle/code/java/security/RequestForgery.qll index 1f3ce61406f..5eb35c05cd4 100644 --- a/java/ql/lib/semmle/code/java/security/RequestForgery.qll +++ b/java/ql/lib/semmle/code/java/security/RequestForgery.qll @@ -1,4 +1,6 @@ /** Provides classes to reason about server-side request forgery (SSRF) attacks. */ +overlay[local?] +module; import java import semmle.code.java.frameworks.Networking diff --git a/java/ql/lib/semmle/code/java/security/ResponseSplitting.qll b/java/ql/lib/semmle/code/java/security/ResponseSplitting.qll index 340f696db62..1238793ffd7 100644 --- a/java/ql/lib/semmle/code/java/security/ResponseSplitting.qll +++ b/java/ql/lib/semmle/code/java/security/ResponseSplitting.qll @@ -1,4 +1,6 @@ /** Provides classes to reason about header splitting attacks. */ +overlay[local?] +module; import java import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/security/Sanitizers.qll b/java/ql/lib/semmle/code/java/security/Sanitizers.qll index 5340ba34482..21e7ccf264f 100644 --- a/java/ql/lib/semmle/code/java/security/Sanitizers.qll +++ b/java/ql/lib/semmle/code/java/security/Sanitizers.qll @@ -1,4 +1,6 @@ /** Classes to represent sanitizers commonly used in dataflow and taint tracking configurations. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/security/SecurityFlag.qll b/java/ql/lib/semmle/code/java/security/SecurityFlag.qll index dab5d52bcb2..30718e3300f 100644 --- a/java/ql/lib/semmle/code/java/security/SecurityFlag.qll +++ b/java/ql/lib/semmle/code/java/security/SecurityFlag.qll @@ -1,6 +1,8 @@ /** * Provides utility predicates to spot variable names, parameter names, and string literals that suggest deliberately insecure settings. */ +overlay[local?] +module; import java import semmle.code.java.controlflow.Guards diff --git a/java/ql/lib/semmle/code/java/security/SecurityTests.qll b/java/ql/lib/semmle/code/java/security/SecurityTests.qll index d2260de22a1..d8b714c18a1 100644 --- a/java/ql/lib/semmle/code/java/security/SecurityTests.qll +++ b/java/ql/lib/semmle/code/java/security/SecurityTests.qll @@ -1,4 +1,6 @@ /** Test detection for the security pack. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/security/SensitiveActions.qll b/java/ql/lib/semmle/code/java/security/SensitiveActions.qll index 2320afb8eef..6733219a8d5 100644 --- a/java/ql/lib/semmle/code/java/security/SensitiveActions.qll +++ b/java/ql/lib/semmle/code/java/security/SensitiveActions.qll @@ -10,6 +10,8 @@ * in a fashion that the user can control. This includes authorization * methods such as logins, and sending of data, etc. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/security/SensitiveApi.qll b/java/ql/lib/semmle/code/java/security/SensitiveApi.qll index 559919f792e..408fe73f904 100644 --- a/java/ql/lib/semmle/code/java/security/SensitiveApi.qll +++ b/java/ql/lib/semmle/code/java/security/SensitiveApi.qll @@ -1,6 +1,8 @@ /** * Provides predicates defining methods that consume sensitive data, such as usernames and passwords. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/security/SpelInjection.qll b/java/ql/lib/semmle/code/java/security/SpelInjection.qll index 13eb195eae4..3c36b207ac0 100644 --- a/java/ql/lib/semmle/code/java/security/SpelInjection.qll +++ b/java/ql/lib/semmle/code/java/security/SpelInjection.qll @@ -1,4 +1,6 @@ /** Provides classes to reason about SpEL injection attacks. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/security/SpringBootActuatorsQuery.qll b/java/ql/lib/semmle/code/java/security/SpringBootActuatorsQuery.qll index 68c20adabdd..9fb4e753aab 100644 --- a/java/ql/lib/semmle/code/java/security/SpringBootActuatorsQuery.qll +++ b/java/ql/lib/semmle/code/java/security/SpringBootActuatorsQuery.qll @@ -1,4 +1,6 @@ /** Provides classes and predicates to reason about exposed actuators in Spring Boot. */ +overlay[local?] +module; import java private import semmle.code.java.frameworks.spring.SpringSecurity diff --git a/java/ql/lib/semmle/code/java/security/SpringCsrfProtection.qll b/java/ql/lib/semmle/code/java/security/SpringCsrfProtection.qll index c4259ee5b9d..88a53ef13e7 100644 --- a/java/ql/lib/semmle/code/java/security/SpringCsrfProtection.qll +++ b/java/ql/lib/semmle/code/java/security/SpringCsrfProtection.qll @@ -1,4 +1,6 @@ /** Provides predicates to reason about disabling CSRF protection in Spring. */ +overlay[local?] +module; import java diff --git a/java/ql/lib/semmle/code/java/security/SqlConcatenatedLib.qll b/java/ql/lib/semmle/code/java/security/SqlConcatenatedLib.qll index 5d3b1c803d2..2d59b18fa90 100644 --- a/java/ql/lib/semmle/code/java/security/SqlConcatenatedLib.qll +++ b/java/ql/lib/semmle/code/java/security/SqlConcatenatedLib.qll @@ -1,4 +1,6 @@ /** Definitions used by `SqlConcatenated.ql`. */ +overlay[local?] +module; import semmle.code.java.security.ControlledString import semmle.code.java.dataflow.TaintTracking diff --git a/java/ql/lib/semmle/code/java/security/TempDirUtils.qll b/java/ql/lib/semmle/code/java/security/TempDirUtils.qll index 33b6c46b916..3d1623fa334 100644 --- a/java/ql/lib/semmle/code/java/security/TempDirUtils.qll +++ b/java/ql/lib/semmle/code/java/security/TempDirUtils.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for reasoning about temporary file/directory creations. */ +overlay[local?] +module; import java private import semmle.code.java.environment.SystemProperty diff --git a/java/ql/lib/semmle/code/java/security/TemplateInjection.qll b/java/ql/lib/semmle/code/java/security/TemplateInjection.qll index 0b703780a03..58c48bb7f22 100644 --- a/java/ql/lib/semmle/code/java/security/TemplateInjection.qll +++ b/java/ql/lib/semmle/code/java/security/TemplateInjection.qll @@ -1,4 +1,6 @@ /** Definitions related to the server-side template injection (SST) query. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.FlowSources diff --git a/java/ql/lib/semmle/code/java/security/UnsafeAndroidAccess.qll b/java/ql/lib/semmle/code/java/security/UnsafeAndroidAccess.qll index afd3af221be..3137ad423e0 100644 --- a/java/ql/lib/semmle/code/java/security/UnsafeAndroidAccess.qll +++ b/java/ql/lib/semmle/code/java/security/UnsafeAndroidAccess.qll @@ -1,6 +1,8 @@ /** * Provides classes to reason about Unsafe Resource Fetching vulnerabilities in Android. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/security/UnsafeCertTrust.qll b/java/ql/lib/semmle/code/java/security/UnsafeCertTrust.qll index 60f0cef8384..61a76afecc8 100644 --- a/java/ql/lib/semmle/code/java/security/UnsafeCertTrust.qll +++ b/java/ql/lib/semmle/code/java/security/UnsafeCertTrust.qll @@ -1,4 +1,6 @@ /** Provides classes and predicates to reason about unsafe certificate trust vulnerablities. */ +overlay[local?] +module; import java private import semmle.code.java.frameworks.Networking diff --git a/java/ql/lib/semmle/code/java/security/UnsafeContentUriResolution.qll b/java/ql/lib/semmle/code/java/security/UnsafeContentUriResolution.qll index b19d06bbf88..7cd10142a1e 100644 --- a/java/ql/lib/semmle/code/java/security/UnsafeContentUriResolution.qll +++ b/java/ql/lib/semmle/code/java/security/UnsafeContentUriResolution.qll @@ -1,4 +1,6 @@ /** Provides classes to reason about vulnerabilites related to content URIs. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.FlowSinks diff --git a/java/ql/lib/semmle/code/java/security/UrlRedirect.qll b/java/ql/lib/semmle/code/java/security/UrlRedirect.qll index 02f66e3f0e9..be6addfa252 100644 --- a/java/ql/lib/semmle/code/java/security/UrlRedirect.qll +++ b/java/ql/lib/semmle/code/java/security/UrlRedirect.qll @@ -1,4 +1,6 @@ /** Provides classes to reason about URL redirect attacks. */ +overlay[local?] +module; import java import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/security/Validation.qll b/java/ql/lib/semmle/code/java/security/Validation.qll index 664c55e70d8..69f57474317 100644 --- a/java/ql/lib/semmle/code/java/security/Validation.qll +++ b/java/ql/lib/semmle/code/java/security/Validation.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import semmle.code.java.Expr import semmle.code.java.dataflow.SSA import semmle.code.java.controlflow.Guards diff --git a/java/ql/lib/semmle/code/java/security/XPath.qll b/java/ql/lib/semmle/code/java/security/XPath.qll index c2992fdc272..cc3fde30091 100644 --- a/java/ql/lib/semmle/code/java/security/XPath.qll +++ b/java/ql/lib/semmle/code/java/security/XPath.qll @@ -1,4 +1,6 @@ /** Provides classes to reason about XPath vulnerabilities. */ +overlay[local?] +module; import java import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/security/XSS.qll b/java/ql/lib/semmle/code/java/security/XSS.qll index 9aafcd15f68..990371cc8cf 100644 --- a/java/ql/lib/semmle/code/java/security/XSS.qll +++ b/java/ql/lib/semmle/code/java/security/XSS.qll @@ -1,4 +1,6 @@ /** Provides classes to reason about Cross-site scripting (XSS) vulnerabilities. */ +overlay[local?] +module; import java import semmle.code.java.frameworks.Servlets diff --git a/java/ql/lib/semmle/code/java/security/XmlParsers.qll b/java/ql/lib/semmle/code/java/security/XmlParsers.qll index 5ca1dd95f99..8bb2a015a14 100644 --- a/java/ql/lib/semmle/code/java/security/XmlParsers.qll +++ b/java/ql/lib/semmle/code/java/security/XmlParsers.qll @@ -1,4 +1,6 @@ /** Provides classes and predicates for modeling XML parsers in Java. */ +overlay[local?] +module; import java import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/security/XsltInjection.qll b/java/ql/lib/semmle/code/java/security/XsltInjection.qll index 56affafa202..d54e9206644 100644 --- a/java/ql/lib/semmle/code/java/security/XsltInjection.qll +++ b/java/ql/lib/semmle/code/java/security/XsltInjection.qll @@ -1,4 +1,6 @@ /** Provides classes to reason about XSLT injection vulnerabilities. */ +overlay[local?] +module; import java import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/security/Xxe.qll b/java/ql/lib/semmle/code/java/security/Xxe.qll index cf30b3c19c0..5c3d075bfb1 100644 --- a/java/ql/lib/semmle/code/java/security/Xxe.qll +++ b/java/ql/lib/semmle/code/java/security/Xxe.qll @@ -1,4 +1,6 @@ /** Provides classes to reason about XML eXternal Entity (XXE) vulnerabilities. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/security/internal/ArraySizing.qll b/java/ql/lib/semmle/code/java/security/internal/ArraySizing.qll index 29c4d0e5e3d..185b1b8a46e 100644 --- a/java/ql/lib/semmle/code/java/security/internal/ArraySizing.qll +++ b/java/ql/lib/semmle/code/java/security/internal/ArraySizing.qll @@ -1,4 +1,6 @@ /** Provides predicates and classes to reason about the sizing and indexing of arrays. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/java/security/internal/BoundingChecks.qll b/java/ql/lib/semmle/code/java/security/internal/BoundingChecks.qll index 88dec6c2bb7..81bf8727e4f 100644 --- a/java/ql/lib/semmle/code/java/security/internal/BoundingChecks.qll +++ b/java/ql/lib/semmle/code/java/security/internal/BoundingChecks.qll @@ -2,6 +2,8 @@ * Provides classes and predicates for determining upper and lower bounds on a value determined by bounding checks that * have been made on dominant paths. */ +overlay[local?] +module; import java private import semmle.code.java.controlflow.Guards diff --git a/java/ql/lib/semmle/code/java/security/internal/EncryptionKeySizes.qll b/java/ql/lib/semmle/code/java/security/internal/EncryptionKeySizes.qll index 46df3a3ca7b..f42e31b2d7e 100644 --- a/java/ql/lib/semmle/code/java/security/internal/EncryptionKeySizes.qll +++ b/java/ql/lib/semmle/code/java/security/internal/EncryptionKeySizes.qll @@ -4,6 +4,8 @@ * Provides predicates for recommended encryption key sizes. * Such that we can share this logic across our CodeQL analysis of different languages. */ +overlay[local?] +module; /** Returns the minimum recommended key size for RSA. */ int minSecureKeySizeRsa() { result = 2048 } diff --git a/java/ql/lib/semmle/code/java/security/regexp/RegexInjection.qll b/java/ql/lib/semmle/code/java/security/regexp/RegexInjection.qll index 92d5dab5289..eb27ec87375 100644 --- a/java/ql/lib/semmle/code/java/security/regexp/RegexInjection.qll +++ b/java/ql/lib/semmle/code/java/security/regexp/RegexInjection.qll @@ -1,4 +1,6 @@ /** Provides classes and predicates related to regex injection in Java. */ +overlay[local?] +module; import java private import semmle.code.java.dataflow.DataFlow diff --git a/java/ql/lib/semmle/code/xml/AndroidManifest.qll b/java/ql/lib/semmle/code/xml/AndroidManifest.qll index ad69546a414..d20165a031f 100644 --- a/java/ql/lib/semmle/code/xml/AndroidManifest.qll +++ b/java/ql/lib/semmle/code/xml/AndroidManifest.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with Android manifest files. */ +overlay[local?] +module; import XML diff --git a/java/ql/lib/semmle/code/xml/Ant.qll b/java/ql/lib/semmle/code/xml/Ant.qll index 59cd2889096..84d6ea927f7 100644 --- a/java/ql/lib/semmle/code/xml/Ant.qll +++ b/java/ql/lib/semmle/code/xml/Ant.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with targets in Apache Ant build files. */ +overlay[local?] +module; import XML diff --git a/java/ql/lib/semmle/code/xml/MavenPom.qll b/java/ql/lib/semmle/code/xml/MavenPom.qll index 313a0e08bd8..68c81c4ab90 100644 --- a/java/ql/lib/semmle/code/xml/MavenPom.qll +++ b/java/ql/lib/semmle/code/xml/MavenPom.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with Maven POM files and their content. */ +overlay[local?] +module; import XML diff --git a/java/ql/lib/semmle/code/xml/WebXML.qll b/java/ql/lib/semmle/code/xml/WebXML.qll index c356081c95f..c741ce7c66b 100644 --- a/java/ql/lib/semmle/code/xml/WebXML.qll +++ b/java/ql/lib/semmle/code/xml/WebXML.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + import java /** diff --git a/java/ql/lib/semmle/code/xml/XML.qll b/java/ql/lib/semmle/code/xml/XML.qll index 54157809260..e4073362fc6 100644 --- a/java/ql/lib/semmle/code/xml/XML.qll +++ b/java/ql/lib/semmle/code/xml/XML.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with XML files and their content. */ +overlay[local?] +module; import semmle.files.FileSystem private import codeql.xml.Xml diff --git a/java/ql/lib/semmle/files/FileSystem.qll b/java/ql/lib/semmle/files/FileSystem.qll index f56d5486614..bb55214dcd3 100644 --- a/java/ql/lib/semmle/files/FileSystem.qll +++ b/java/ql/lib/semmle/files/FileSystem.qll @@ -1,3 +1,5 @@ /** Provides classes for working with files and folders. */ +overlay[local?] +module; import semmle.code.FileSystem diff --git a/java/ql/lib/utils/test/internal/InlineExpectationsTestImpl.qll b/java/ql/lib/utils/test/internal/InlineExpectationsTestImpl.qll index cd62fdb757e..446b6a544c3 100644 --- a/java/ql/lib/utils/test/internal/InlineExpectationsTestImpl.qll +++ b/java/ql/lib/utils/test/internal/InlineExpectationsTestImpl.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + private import java as J private import codeql.util.test.InlineExpectationsTest diff --git a/shared/controlflow/codeql/controlflow/BasicBlock.qll b/shared/controlflow/codeql/controlflow/BasicBlock.qll index 9c26b18c093..132920e329f 100644 --- a/shared/controlflow/codeql/controlflow/BasicBlock.qll +++ b/shared/controlflow/codeql/controlflow/BasicBlock.qll @@ -5,6 +5,8 @@ * INTERNAL use only. This is an experimental API subject to change without * notice. */ +overlay[local?] +module; private import codeql.util.Location diff --git a/shared/controlflow/codeql/controlflow/Cfg.qll b/shared/controlflow/codeql/controlflow/Cfg.qll index bb49cc8d8ae..c9d7d414734 100644 --- a/shared/controlflow/codeql/controlflow/Cfg.qll +++ b/shared/controlflow/codeql/controlflow/Cfg.qll @@ -2,6 +2,8 @@ * Provides a shared interface and implementation for constructing control-flow graphs * (CFGs) from abstract syntax trees (ASTs). */ +overlay[local?] +module; private import codeql.util.Location private import codeql.util.FileSystem diff --git a/shared/dataflow/codeql/dataflow/DataFlow.qll b/shared/dataflow/codeql/dataflow/DataFlow.qll index 93327f5ad6a..3483287e3b3 100644 --- a/shared/dataflow/codeql/dataflow/DataFlow.qll +++ b/shared/dataflow/codeql/dataflow/DataFlow.qll @@ -3,6 +3,8 @@ * adds a global analysis, mainly exposed through the `Global` and `GlobalWithState` * modules. */ +overlay[local?] +module; private import codeql.util.Location diff --git a/shared/dataflow/codeql/dataflow/TaintTracking.qll b/shared/dataflow/codeql/dataflow/TaintTracking.qll index 24aea44320e..bd4b4ecd6ca 100644 --- a/shared/dataflow/codeql/dataflow/TaintTracking.qll +++ b/shared/dataflow/codeql/dataflow/TaintTracking.qll @@ -2,6 +2,8 @@ * Provides modules for performing local (intra-procedural) and * global (inter-procedural) taint-tracking analyses. */ +overlay[local?] +module; private import DataFlow as DF private import internal.DataFlowImpl diff --git a/shared/dataflow/codeql/dataflow/VariableCapture.qll b/shared/dataflow/codeql/dataflow/VariableCapture.qll index c2c84b7f0f8..4df415f90ad 100644 --- a/shared/dataflow/codeql/dataflow/VariableCapture.qll +++ b/shared/dataflow/codeql/dataflow/VariableCapture.qll @@ -2,6 +2,8 @@ * Provides a module for synthesizing data-flow nodes and related step relations * for supporting flow through captured variables. */ +overlay[local?] +module; private import codeql.util.Boolean private import codeql.util.Unit diff --git a/shared/dataflow/codeql/dataflow/internal/AccessPathSyntax.qll b/shared/dataflow/codeql/dataflow/internal/AccessPathSyntax.qll index 17b979e42a6..78b6db4090a 100644 --- a/shared/dataflow/codeql/dataflow/internal/AccessPathSyntax.qll +++ b/shared/dataflow/codeql/dataflow/internal/AccessPathSyntax.qll @@ -5,6 +5,8 @@ * This file is used by the shared data flow library and by the JavaScript libraries * (which does not use the shared data flow libraries). */ +overlay[local?] +module; /** * Convenience-predicate for extracting two capture groups at once. diff --git a/shared/dataflow/codeql/dataflow/internal/ContentDataFlowImpl.qll b/shared/dataflow/codeql/dataflow/internal/ContentDataFlowImpl.qll index 1eaa8450541..baf473efff1 100644 --- a/shared/dataflow/codeql/dataflow/internal/ContentDataFlowImpl.qll +++ b/shared/dataflow/codeql/dataflow/internal/ContentDataFlowImpl.qll @@ -22,6 +22,8 @@ * steps, followed by 0 or more stores, with value-preserving steps allowed in * between all other steps. */ +overlay[local?] +module; private import codeql.dataflow.DataFlow private import codeql.util.Boolean diff --git a/shared/dataflow/codeql/dataflow/internal/DataFlowImpl.qll b/shared/dataflow/codeql/dataflow/internal/DataFlowImpl.qll index a13c71f554c..9b0e353dc09 100644 --- a/shared/dataflow/codeql/dataflow/internal/DataFlowImpl.qll +++ b/shared/dataflow/codeql/dataflow/internal/DataFlowImpl.qll @@ -3,6 +3,8 @@ * * Provides an implementation of global (interprocedural) data flow. */ +overlay[local?] +module; private import codeql.util.Unit private import codeql.util.Option @@ -792,6 +794,7 @@ module MakeImpl Lang> { innercc = getCallContextCall(call, inner) } + overlay[caller] pragma[inline] predicate fwdFlowIn( Call call, ArgNd arg, Callable inner, ParamNd p, Cc outercc, CcCall innercc, @@ -2321,6 +2324,7 @@ module MakeImpl Lang> { * For more information, see * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). */ + overlay[caller] pragma[inline] deprecated final predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn @@ -2524,6 +2528,7 @@ module MakeImpl Lang> { class ApHeadContent = Unit; + overlay[caller] pragma[inline] ApHeadContent getHeadContent(Ap ap) { exists(result) and ap = true } diff --git a/shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll b/shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll index 845da27aae7..b2bdc0c12e6 100644 --- a/shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll +++ b/shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + private import codeql.dataflow.DataFlow private import codeql.typetracking.TypeTracking as Tt private import codeql.util.Location @@ -674,6 +677,7 @@ module MakeImplCommon Lang> { class CcCall = CallContextCall; + overlay[caller] pragma[inline] predicate matchesCall(CcCall cc, Call call) { cc = Input2::getSpecificCallContextCall(call, _) or @@ -885,6 +889,7 @@ module MakeImplCommon Lang> { pragma[nomagic] private Callable getEnclosingCallable0() { nodeEnclosingCallable(this.projectToNode(), result) } + overlay[caller] pragma[inline] Callable getEnclosingCallable() { pragma[only_bind_out](this).getEnclosingCallable0() = pragma[only_bind_into](result) @@ -899,6 +904,7 @@ module MakeImplCommon Lang> { isTopType(result) and this.isImplicitReadNode(_) } + overlay[caller] pragma[inline] Type getType() { pragma[only_bind_out](this).getType0() = pragma[only_bind_into](result) } @@ -2410,12 +2416,14 @@ module MakeImplCommon Lang> { * predicate ensures that joins go from `n` to the result instead of the other * way around. */ + overlay[caller] pragma[inline] Callable getNodeEnclosingCallable(Node n) { nodeEnclosingCallable(pragma[only_bind_out](n), pragma[only_bind_into](result)) } /** Gets the type of `n` used for type pruning. */ + overlay[caller] pragma[inline] Type getNodeDataFlowType(Node n) { nodeType(pragma[only_bind_out](n), pragma[only_bind_into](result)) diff --git a/shared/dataflow/codeql/dataflow/internal/DataFlowImplConsistency.qll b/shared/dataflow/codeql/dataflow/internal/DataFlowImplConsistency.qll index 7721a5df044..83abd41f5e6 100644 --- a/shared/dataflow/codeql/dataflow/internal/DataFlowImplConsistency.qll +++ b/shared/dataflow/codeql/dataflow/internal/DataFlowImplConsistency.qll @@ -2,6 +2,8 @@ * Provides consistency queries for checking invariants in the language-specific * data-flow classes and predicates. */ +overlay[local?] +module; private import codeql.dataflow.DataFlow as DF private import codeql.dataflow.TaintTracking as TT diff --git a/shared/dataflow/codeql/dataflow/internal/DataFlowImplStage1.qll b/shared/dataflow/codeql/dataflow/internal/DataFlowImplStage1.qll index f9eaea566cd..07147fc5667 100644 --- a/shared/dataflow/codeql/dataflow/internal/DataFlowImplStage1.qll +++ b/shared/dataflow/codeql/dataflow/internal/DataFlowImplStage1.qll @@ -4,6 +4,8 @@ * Provides an implementation of a fast initial pruning of global * (interprocedural) data flow reachability (Stage 1). */ +overlay[local?] +module; private import codeql.util.Unit private import codeql.util.Location @@ -1784,6 +1786,7 @@ module MakeImplStage1 Lang> { * For more information, see * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). */ + overlay[caller] pragma[inline] deprecated predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn diff --git a/shared/dataflow/codeql/dataflow/internal/FlowSummaryImpl.qll b/shared/dataflow/codeql/dataflow/internal/FlowSummaryImpl.qll index e6da5d3a37f..3eda6709517 100644 --- a/shared/dataflow/codeql/dataflow/internal/FlowSummaryImpl.qll +++ b/shared/dataflow/codeql/dataflow/internal/FlowSummaryImpl.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for defining flow summaries. */ +overlay[local?] +module; private import codeql.dataflow.DataFlow as DF private import codeql.util.Location diff --git a/shared/dataflow/codeql/dataflow/test/ProvenancePathGraph.qll b/shared/dataflow/codeql/dataflow/test/ProvenancePathGraph.qll index 2171c909643..4a5e92fd589 100644 --- a/shared/dataflow/codeql/dataflow/test/ProvenancePathGraph.qll +++ b/shared/dataflow/codeql/dataflow/test/ProvenancePathGraph.qll @@ -5,6 +5,8 @@ * In addition to the `PathGraph`, a `query predicate models` is provided to * list the contents of the referenced MaD rows. */ +overlay[local?] +module; private import codeql.dataflow.DataFlow as DF diff --git a/shared/mad/codeql/mad/ModelValidation.qll b/shared/mad/codeql/mad/ModelValidation.qll index 4c1d6793d65..98b2a212c31 100644 --- a/shared/mad/codeql/mad/ModelValidation.qll +++ b/shared/mad/codeql/mad/ModelValidation.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates related to validating models-as-data rows. */ +overlay[local?] +module; /** Provides predicates for determining if a model exists for a given `kind`. */ signature module KindValidationConfigSig { diff --git a/shared/mad/codeql/mad/dynamic/GraphExport.qll b/shared/mad/codeql/mad/dynamic/GraphExport.qll index e28c82f47ab..b666a96fb67 100644 --- a/shared/mad/codeql/mad/dynamic/GraphExport.qll +++ b/shared/mad/codeql/mad/dynamic/GraphExport.qll @@ -1,6 +1,8 @@ /** * Contains predicates for converting an arbitrary graph to a set of `typeModel` rows. */ +overlay[local?] +module; private import codeql.util.Location diff --git a/shared/mad/codeql/mad/modelgenerator/internal/ModelGeneratorImpl.qll b/shared/mad/codeql/mad/modelgenerator/internal/ModelGeneratorImpl.qll index 829bf267c22..51dafc2cc96 100644 --- a/shared/mad/codeql/mad/modelgenerator/internal/ModelGeneratorImpl.qll +++ b/shared/mad/codeql/mad/modelgenerator/internal/ModelGeneratorImpl.qll @@ -4,6 +4,8 @@ * Provides classes and predicates related to capturing summary, source, * and sink models of the Standard or a 3rd party library. */ +overlay[local?] +module; private import codeql.dataflow.DataFlow private import codeql.dataflow.TaintTracking as Tt diff --git a/shared/mad/codeql/mad/modelgenerator/internal/ModelPrinting.qll b/shared/mad/codeql/mad/modelgenerator/internal/ModelPrinting.qll index d4fbd9062b6..a5f9145714b 100644 --- a/shared/mad/codeql/mad/modelgenerator/internal/ModelPrinting.qll +++ b/shared/mad/codeql/mad/modelgenerator/internal/ModelPrinting.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + signature module ModelPrintingLangSig { /** * A class of callables. diff --git a/shared/quantum/codeql/quantum/experimental/Model.qll b/shared/quantum/codeql/quantum/experimental/Model.qll index d4a900f9bca..e3ed4aea5d7 100644 --- a/shared/quantum/codeql/quantum/experimental/Model.qll +++ b/shared/quantum/codeql/quantum/experimental/Model.qll @@ -1,6 +1,8 @@ /** * A language-independent library for reasoning about cryptography. */ +overlay[local?] +module; import codeql.util.Location diff --git a/shared/rangeanalysis/codeql/rangeanalysis/ModulusAnalysis.qll b/shared/rangeanalysis/codeql/rangeanalysis/ModulusAnalysis.qll index db3377ff3cc..f7864a01f44 100644 --- a/shared/rangeanalysis/codeql/rangeanalysis/ModulusAnalysis.qll +++ b/shared/rangeanalysis/codeql/rangeanalysis/ModulusAnalysis.qll @@ -3,6 +3,8 @@ * an expression, `b` is a `Bound` (typically zero or the value of an SSA * variable), and `v` is an integer in the range `[0 .. m-1]`. */ +overlay[local?] +module; /* * The main recursion has base cases in both `ssaModulus` (for guarded reads) and `exprModulus` diff --git a/shared/rangeanalysis/codeql/rangeanalysis/RangeAnalysis.qll b/shared/rangeanalysis/codeql/rangeanalysis/RangeAnalysis.qll index 445ec9f0b8d..1d17ad8346c 100644 --- a/shared/rangeanalysis/codeql/rangeanalysis/RangeAnalysis.qll +++ b/shared/rangeanalysis/codeql/rangeanalysis/RangeAnalysis.qll @@ -8,6 +8,8 @@ * If an inferred bound relies directly on a condition, then this condition is * reported as the reason for the bound. */ +overlay[local?] +module; /* * This library tackles range analysis as a flow problem. Consider e.g.: diff --git a/shared/rangeanalysis/codeql/rangeanalysis/internal/RangeUtils.qll b/shared/rangeanalysis/codeql/rangeanalysis/internal/RangeUtils.qll index d6eeb781f39..1592102bc8e 100644 --- a/shared/rangeanalysis/codeql/rangeanalysis/internal/RangeUtils.qll +++ b/shared/rangeanalysis/codeql/rangeanalysis/internal/RangeUtils.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + private import codeql.rangeanalysis.RangeAnalysis private import codeql.util.Location diff --git a/shared/regex/codeql/regex/HostnameRegexp.qll b/shared/regex/codeql/regex/HostnameRegexp.qll index fc77b9b56e2..7d97d71ccef 100644 --- a/shared/regex/codeql/regex/HostnameRegexp.qll +++ b/shared/regex/codeql/regex/HostnameRegexp.qll @@ -2,6 +2,8 @@ * Provides predicates for reasoning about regular expressions * that match URLs and hostname patterns. */ +overlay[local?] +module; private import RegexTreeView diff --git a/shared/regex/codeql/regex/MissingRegExpAnchor.qll b/shared/regex/codeql/regex/MissingRegExpAnchor.qll index c4fe642b790..722d1baafd6 100644 --- a/shared/regex/codeql/regex/MissingRegExpAnchor.qll +++ b/shared/regex/codeql/regex/MissingRegExpAnchor.qll @@ -2,6 +2,8 @@ * Provides predicates for reasoning about regular expressions * without anchors. */ +overlay[local?] +module; private import RegexTreeView import HostnameRegexp as HostnameShared diff --git a/shared/regex/codeql/regex/OverlyLargeRangeQuery.qll b/shared/regex/codeql/regex/OverlyLargeRangeQuery.qll index 57d7d365611..88645a2abde 100644 --- a/shared/regex/codeql/regex/OverlyLargeRangeQuery.qll +++ b/shared/regex/codeql/regex/OverlyLargeRangeQuery.qll @@ -1,6 +1,8 @@ /** * Classes and predicates for working with suspicious character ranges. */ +overlay[local?] +module; private import RegexTreeView diff --git a/shared/regex/codeql/regex/RegexTreeView.qll b/shared/regex/codeql/regex/RegexTreeView.qll index 03d8fcfcbcd..7a37a2eaceb 100644 --- a/shared/regex/codeql/regex/RegexTreeView.qll +++ b/shared/regex/codeql/regex/RegexTreeView.qll @@ -1,6 +1,8 @@ /** * This file contains a `RegexTreeViewSig` module describing the syntax tree of regular expressions. */ +overlay[local?] +module; /** * A signature describing the syntax tree of regular expressions. diff --git a/shared/regex/codeql/regex/nfa/BadTagFilterQuery.qll b/shared/regex/codeql/regex/nfa/BadTagFilterQuery.qll index 0d040bc6f64..a38229da497 100644 --- a/shared/regex/codeql/regex/nfa/BadTagFilterQuery.qll +++ b/shared/regex/codeql/regex/nfa/BadTagFilterQuery.qll @@ -1,6 +1,8 @@ /** * Provides predicates for reasoning about bad tag filter vulnerabilities. */ +overlay[local?] +module; private import NfaUtils as NfaUtils private import RegexpMatching as RM diff --git a/shared/regex/codeql/regex/nfa/ExponentialBackTracking.qll b/shared/regex/codeql/regex/nfa/ExponentialBackTracking.qll index 450ee807089..23f76497371 100644 --- a/shared/regex/codeql/regex/nfa/ExponentialBackTracking.qll +++ b/shared/regex/codeql/regex/nfa/ExponentialBackTracking.qll @@ -61,6 +61,8 @@ * * Lastly we ensure that any state reached by repeating `n` copies of `w` has * a suffix `x` (possible empty) that is most likely __not__ accepted. */ +overlay[local?] +module; private import NfaUtils as NfaUtils private import codeql.regex.RegexTreeView diff --git a/shared/regex/codeql/regex/nfa/NfaUtils.qll b/shared/regex/codeql/regex/nfa/NfaUtils.qll index d074081b6ac..e1be49796e0 100644 --- a/shared/regex/codeql/regex/nfa/NfaUtils.qll +++ b/shared/regex/codeql/regex/nfa/NfaUtils.qll @@ -1,6 +1,8 @@ /** * A shared library for creating and reasoning about NFA's. */ +overlay[local?] +module; private import codeql.regex.RegexTreeView private import codeql.util.Numbers diff --git a/shared/regex/codeql/regex/nfa/RegexpMatching.qll b/shared/regex/codeql/regex/nfa/RegexpMatching.qll index fae1cea5f8c..85c21b355a4 100644 --- a/shared/regex/codeql/regex/nfa/RegexpMatching.qll +++ b/shared/regex/codeql/regex/nfa/RegexpMatching.qll @@ -2,6 +2,8 @@ * Provides predicates for reasoning about which strings are matched by a regular expression, * and for testing which capture groups are filled when a particular regexp matches a string. */ +overlay[local?] +module; private import NfaUtils as NfaUtils private import codeql.regex.RegexTreeView diff --git a/shared/regex/codeql/regex/nfa/SuperlinearBackTracking.qll b/shared/regex/codeql/regex/nfa/SuperlinearBackTracking.qll index 6eb18aeeebc..2faac9b0211 100644 --- a/shared/regex/codeql/regex/nfa/SuperlinearBackTracking.qll +++ b/shared/regex/codeql/regex/nfa/SuperlinearBackTracking.qll @@ -34,6 +34,8 @@ * It has the same suffix detection issue as the `js/redos` query, which can cause false positives. * It also doesn't find all transitions in the product automaton, which can cause false negatives. */ +overlay[local?] +module; private import NfaUtils as NfaUtils private import codeql.regex.RegexTreeView @@ -99,6 +101,7 @@ module Make { /** * Holds if the tuple `(r1, r2, r3)` might be on path from a start-state to an end-state in the product automaton. */ + overlay[caller] pragma[inline] predicate isFeasibleTuple(State r1, State r2, State r3) { // The first element is either inside a repetition (or the start state itself) diff --git a/shared/ssa/codeql/ssa/Ssa.qll b/shared/ssa/codeql/ssa/Ssa.qll index 4734cf7e414..d9a01792017 100644 --- a/shared/ssa/codeql/ssa/Ssa.qll +++ b/shared/ssa/codeql/ssa/Ssa.qll @@ -2,6 +2,8 @@ * Provides a language-independent implementation of static single assignment * (SSA) form. */ +overlay[local?] +module; private import codeql.util.Location private import codeql.util.Unit diff --git a/shared/threat-models/codeql/threatmodels/ThreatModels.qll b/shared/threat-models/codeql/threatmodels/ThreatModels.qll index 19dfd0d1a65..dbb220c46e6 100644 --- a/shared/threat-models/codeql/threatmodels/ThreatModels.qll +++ b/shared/threat-models/codeql/threatmodels/ThreatModels.qll @@ -4,6 +4,8 @@ * This module provides extensible predicates for configuring which kinds of MaD models * are applicable to generic queries. */ +overlay[local?] +module; /** * Holds configuration entries to specify which threat models are enabled. diff --git a/shared/typeflow/codeql/typeflow/TypeFlow.qll b/shared/typeflow/codeql/typeflow/TypeFlow.qll index a2ae213ecb7..52a91197409 100644 --- a/shared/typeflow/codeql/typeflow/TypeFlow.qll +++ b/shared/typeflow/codeql/typeflow/TypeFlow.qll @@ -7,6 +7,8 @@ * type has a subtype or if an inferred upper bound passed through at least one * explicit or implicit cast that lost type information. */ +overlay[local?] +module; private import codeql.util.Location diff --git a/shared/typeflow/codeql/typeflow/UniversalFlow.qll b/shared/typeflow/codeql/typeflow/UniversalFlow.qll index 75b210f8ceb..e5f07690a18 100644 --- a/shared/typeflow/codeql/typeflow/UniversalFlow.qll +++ b/shared/typeflow/codeql/typeflow/UniversalFlow.qll @@ -25,6 +25,8 @@ * that subsequently calculated properties hold under the assumption that the * value is not null. */ +overlay[local?] +module; private import codeql.util.Location private import codeql.util.Unit diff --git a/shared/typeflow/codeql/typeflow/internal/TypeFlowImpl.qll b/shared/typeflow/codeql/typeflow/internal/TypeFlowImpl.qll index f17b809ca32..437e1ab3199 100644 --- a/shared/typeflow/codeql/typeflow/internal/TypeFlowImpl.qll +++ b/shared/typeflow/codeql/typeflow/internal/TypeFlowImpl.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + private import codeql.typeflow.TypeFlow private import codeql.typeflow.UniversalFlow as UniversalFlow private import codeql.util.Location diff --git a/shared/typeinference/codeql/typeinference/internal/TypeInference.qll b/shared/typeinference/codeql/typeinference/internal/TypeInference.qll index 108f4d40be2..a8ac489487c 100644 --- a/shared/typeinference/codeql/typeinference/internal/TypeInference.qll +++ b/shared/typeinference/codeql/typeinference/internal/TypeInference.qll @@ -122,6 +122,8 @@ * } * ``` */ +overlay[local?] +module; private import codeql.util.Location @@ -849,6 +851,7 @@ module Make1 Input1> { ) } + overlay[caller] pragma[inline] predicate baseTypeMentionHasNonTypeParameterAt( Type sub, TypeMention baseMention, TypePath path, Type t @@ -856,6 +859,7 @@ module Make1 Input1> { not t = sub.getATypeParameter() and baseTypeMentionHasTypeAt(sub, baseMention, path, t) } + overlay[caller] pragma[inline] predicate baseTypeMentionHasTypeParameterAt( Type sub, TypeMention baseMention, TypePath path, TypeParameter tp diff --git a/shared/typetracking/codeql/typetracking/TypeTracking.qll b/shared/typetracking/codeql/typetracking/TypeTracking.qll index 7a411adb633..da5b129241a 100644 --- a/shared/typetracking/codeql/typetracking/TypeTracking.qll +++ b/shared/typetracking/codeql/typetracking/TypeTracking.qll @@ -2,6 +2,8 @@ * Provides classes and predicates for simple data-flow reachability suitable * for tracking types. */ +overlay[local?] +module; private import codeql.util.Location diff --git a/shared/typetracking/codeql/typetracking/internal/SummaryTypeTracker.qll b/shared/typetracking/codeql/typetracking/internal/SummaryTypeTracker.qll index b942446d43b..36dce0d081e 100644 --- a/shared/typetracking/codeql/typetracking/internal/SummaryTypeTracker.qll +++ b/shared/typetracking/codeql/typetracking/internal/SummaryTypeTracker.qll @@ -3,6 +3,8 @@ * To use this, you must implement the `Input` signature. You can then use the predicates in the `Output` * signature to implement the predicates of the same names inside `TypeTrackerSpecific.qll`. */ +overlay[local?] +module; /** The classes and predicates needed to generate type-tracking steps from summaries. */ signature module Input { diff --git a/shared/typetracking/codeql/typetracking/internal/TypeTrackingImpl.qll b/shared/typetracking/codeql/typetracking/internal/TypeTrackingImpl.qll index b36edca04e7..b74f803131f 100644 --- a/shared/typetracking/codeql/typetracking/internal/TypeTrackingImpl.qll +++ b/shared/typetracking/codeql/typetracking/internal/TypeTrackingImpl.qll @@ -2,6 +2,8 @@ * Provides classes and predicates for simple data-flow reachability suitable * for tracking types. */ +overlay[local?] +module; private import codeql.util.Boolean private import codeql.util.Option @@ -510,6 +512,7 @@ module TypeTracking I> { * } * ``` */ + overlay[caller] pragma[inline] TypeTracker smallstep(Node nodeFrom, Node nodeTo) { result = this.smallstepNoSimpleLocalFlowStep(nodeFrom, nodeTo) @@ -654,6 +657,7 @@ module TypeTracking I> { * } * ``` */ + overlay[caller] pragma[inline] TypeBackTracker smallstep(Node nodeFrom, Node nodeTo) { result = this.smallstepNoSimpleLocalFlowStep(nodeFrom, nodeTo) diff --git a/shared/typos/codeql/typos/TypoDatabase.qll b/shared/typos/codeql/typos/TypoDatabase.qll index a41f003a8c0..7f1a8c2a3e7 100644 --- a/shared/typos/codeql/typos/TypoDatabase.qll +++ b/shared/typos/codeql/typos/TypoDatabase.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + /** * Holds if `wrong` is a common misspelling of `right`. * diff --git a/shared/util/codeql/util/AlertFiltering.qll b/shared/util/codeql/util/AlertFiltering.qll index 97acd803f01..1bc366c0416 100644 --- a/shared/util/codeql/util/AlertFiltering.qll +++ b/shared/util/codeql/util/AlertFiltering.qll @@ -2,6 +2,8 @@ * Provides the `restrictAlertsTo` extensible predicate to restrict alerts to specific source * locations, and the `AlertFilteringImpl` parameterized module to apply the filtering. */ +overlay[local?] +module; private import codeql.util.Location diff --git a/shared/util/codeql/util/Boolean.qll b/shared/util/codeql/util/Boolean.qll index b58dc9a308f..0f35421c408 100644 --- a/shared/util/codeql/util/Boolean.qll +++ b/shared/util/codeql/util/Boolean.qll @@ -1,4 +1,6 @@ /** Provides the `Boolean` class. */ +overlay[local?] +module; /** * A utility class that is equivalent to `boolean`. diff --git a/shared/util/codeql/util/DenseRank.qll b/shared/util/codeql/util/DenseRank.qll index 0dccbbd4880..89ab865e959 100644 --- a/shared/util/codeql/util/DenseRank.qll +++ b/shared/util/codeql/util/DenseRank.qll @@ -2,6 +2,8 @@ * Provides modules for computing dense `rank`s. See the `DenseRank` module * below for a more detailed explanation. */ +overlay[local?] +module; /** Provides the input to `DenseRank`. */ signature module DenseRankInputSig { diff --git a/shared/util/codeql/util/Either.qll b/shared/util/codeql/util/Either.qll index d514b9eaed5..a6796f99f38 100644 --- a/shared/util/codeql/util/Either.qll +++ b/shared/util/codeql/util/Either.qll @@ -1,4 +1,6 @@ /** Provides a module for constructing a union `Either` type. */ +overlay[local?] +module; /** A type with `toString`. */ private signature class TypeWithToString { diff --git a/shared/util/codeql/util/FilePath.qll b/shared/util/codeql/util/FilePath.qll index 1b047f3c91c..ff62ce6ee5e 100644 --- a/shared/util/codeql/util/FilePath.qll +++ b/shared/util/codeql/util/FilePath.qll @@ -1,4 +1,6 @@ /** Provides a utility for normalizing filepaths. */ +overlay[local?] +module; /** * A filepath that should be normalized. diff --git a/shared/util/codeql/util/FileSystem.qll b/shared/util/codeql/util/FileSystem.qll index 2b120faaace..fe724190f74 100644 --- a/shared/util/codeql/util/FileSystem.qll +++ b/shared/util/codeql/util/FileSystem.qll @@ -1,4 +1,6 @@ /** Provides classes for working with files and folders. */ +overlay[local?] +module; /** Provides the input specification of the files and folders implementation. */ signature module InputSig { diff --git a/shared/util/codeql/util/Location.qll b/shared/util/codeql/util/Location.qll index 8faa1ee4eeb..c592f2c5556 100644 --- a/shared/util/codeql/util/Location.qll +++ b/shared/util/codeql/util/Location.qll @@ -1,4 +1,6 @@ /** Provides classes for working with locations. */ +overlay[local?] +module; /** * A location as given by a file, a start line, a start column, diff --git a/shared/util/codeql/util/Numbers.qll b/shared/util/codeql/util/Numbers.qll index 050f3c023f1..126307d41b4 100644 --- a/shared/util/codeql/util/Numbers.qll +++ b/shared/util/codeql/util/Numbers.qll @@ -2,6 +2,8 @@ * Provides predicates for working with numeric values and their string * representations. */ +overlay[local?] +module; /** * Gets the integer value of `binary` when interpreted as binary. `binary` must diff --git a/shared/util/codeql/util/Option.qll b/shared/util/codeql/util/Option.qll index 8ba4d8e840b..65a5e872452 100644 --- a/shared/util/codeql/util/Option.qll +++ b/shared/util/codeql/util/Option.qll @@ -1,4 +1,6 @@ /** Provides a module for constructing optional versions of types. */ +overlay[local?] +module; /** A type with `toString`. */ private signature class TypeWithToString { diff --git a/shared/util/codeql/util/ReportStats.qll b/shared/util/codeql/util/ReportStats.qll index 03f381b5b9b..947eff548e7 100644 --- a/shared/util/codeql/util/ReportStats.qll +++ b/shared/util/codeql/util/ReportStats.qll @@ -1,6 +1,7 @@ /** * Provides the `ReportStats` module for reporting database quality statistics. */ +overlay[local?] module; signature module StatsSig { diff --git a/shared/util/codeql/util/Strings.qll b/shared/util/codeql/util/Strings.qll index 6b8b6f2fb1d..c82c23a9988 100644 --- a/shared/util/codeql/util/Strings.qll +++ b/shared/util/codeql/util/Strings.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + private import Numbers /** diff --git a/shared/util/codeql/util/Unit.qll b/shared/util/codeql/util/Unit.qll index a0db9d7030f..27e890788ff 100644 --- a/shared/util/codeql/util/Unit.qll +++ b/shared/util/codeql/util/Unit.qll @@ -1,4 +1,6 @@ /** Provides the `Unit` class. */ +overlay[local?] +module; /** The unit type. */ private newtype TUnit = TMkUnit() diff --git a/shared/util/codeql/util/Void.qll b/shared/util/codeql/util/Void.qll index 886687b5460..28501cb9aca 100644 --- a/shared/util/codeql/util/Void.qll +++ b/shared/util/codeql/util/Void.qll @@ -1,4 +1,6 @@ /** Provides the empty `Void` class. */ +overlay[local?] +module; /** The empty void type. */ private newtype TVoid = TMkVoid() { none() } diff --git a/shared/util/codeql/util/suppression/AlertSuppression.qll b/shared/util/codeql/util/suppression/AlertSuppression.qll index fad8d96566c..72279114867 100644 --- a/shared/util/codeql/util/suppression/AlertSuppression.qll +++ b/shared/util/codeql/util/suppression/AlertSuppression.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + signature class AstNode { predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn diff --git a/shared/util/codeql/util/test/ExternalLocationPostProcessing.qll b/shared/util/codeql/util/test/ExternalLocationPostProcessing.qll index 2ebd2b45282..4515bdabc79 100644 --- a/shared/util/codeql/util/test/ExternalLocationPostProcessing.qll +++ b/shared/util/codeql/util/test/ExternalLocationPostProcessing.qll @@ -6,6 +6,7 @@ * VS Code, but prevents the "Location is outside of test directory" warning * when executed through `codeql test run`. */ +overlay[local?] module; external private predicate queryResults(string relation, int row, int column, string data); diff --git a/shared/xml/codeql/xml/Xml.qll b/shared/xml/codeql/xml/Xml.qll index 02d0ffc66fd..9620b156719 100644 --- a/shared/xml/codeql/xml/Xml.qll +++ b/shared/xml/codeql/xml/Xml.qll @@ -1,6 +1,8 @@ /** * Provides classes and predicates for working with XML files and their content. */ +overlay[local?] +module; private import codeql.util.Location private import codeql.util.FileSystem diff --git a/shared/yaml/codeql/serverless/ServerLess.qll b/shared/yaml/codeql/serverless/ServerLess.qll index a0322ad47a1..009b50c7d1c 100644 --- a/shared/yaml/codeql/serverless/ServerLess.qll +++ b/shared/yaml/codeql/serverless/ServerLess.qll @@ -2,6 +2,8 @@ * Provides classes and predicates for working with serverless handlers. * E.g. [AWS](https://docs.aws.amazon.com/lambda/latest/dg/nodejs-handler.html) or [serverless](https://npmjs.com/package/serverless) */ +overlay[local?] +module; /** * Provides the input for the `ServerLess` module. diff --git a/shared/yaml/codeql/yaml/Yaml.qll b/shared/yaml/codeql/yaml/Yaml.qll index 1467fd09d13..153ff5979c8 100644 --- a/shared/yaml/codeql/yaml/Yaml.qll +++ b/shared/yaml/codeql/yaml/Yaml.qll @@ -4,6 +4,8 @@ * YAML documents are represented as abstract syntax trees whose nodes * are either YAML values or alias nodes referring to another YAML value. */ +overlay[local?] +module; /** Provides the input specification of YAML implementation. */ signature module InputSig { From 2da8d61984227a2e5f1fea801c2ecd6109ed32ff Mon Sep 17 00:00:00 2001 From: Kasper Svendsen Date: Mon, 16 Jun 2025 13:28:31 +0200 Subject: [PATCH 048/111] Run config/sync-files.py --- csharp/ql/lib/semmle/code/csharp/dataflow/Bound.qll | 2 ++ csharp/ql/lib/semmle/code/csharp/dataflow/ModulusAnalysis.qll | 2 ++ .../code/csharp/dataflow/internal/rangeanalysis/Sign.qll | 3 +++ .../dataflow/internal/rangeanalysis/SignAnalysisCommon.qll | 2 ++ .../dataflow/internal/rangeanalysis/SsaReadPositionCommon.qll | 2 ++ .../lib/semmle/python/security/internal/EncryptionKeySizes.qll | 2 ++ 6 files changed, 13 insertions(+) diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/Bound.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/Bound.qll index 08826b7ae8f..65af6fb13a8 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/Bound.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/Bound.qll @@ -1,6 +1,8 @@ /** * Provides classes for representing abstract bounds for use in, for example, range analysis. */ +overlay[local?] +module; private import internal.rangeanalysis.BoundSpecific diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/ModulusAnalysis.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/ModulusAnalysis.qll index 3e5a45da247..1451a605cdb 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/ModulusAnalysis.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/ModulusAnalysis.qll @@ -3,6 +3,8 @@ * an expression, `b` is a `Bound` (typically zero or the value of an SSA * variable), and `v` is an integer in the range `[0 .. m-1]`. */ +overlay[local?] +module; private import internal.rangeanalysis.ModulusAnalysisSpecific::Private private import Bound diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/Sign.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/Sign.qll index 30cc089f30b..a8b71564832 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/Sign.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/Sign.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + newtype TSign = TNeg() or TZero() or diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/SignAnalysisCommon.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/SignAnalysisCommon.qll index 6f0067517f9..8f8d884c956 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/SignAnalysisCommon.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/SignAnalysisCommon.qll @@ -5,6 +5,8 @@ * The analysis is implemented as an abstract interpretation over the * three-valued domain `{negative, zero, positive}`. */ +overlay[local?] +module; private import SignAnalysisSpecific::Private private import SsaReadPositionCommon diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/SsaReadPositionCommon.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/SsaReadPositionCommon.qll index 08335f6680d..1e3c4db95be 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/SsaReadPositionCommon.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/SsaReadPositionCommon.qll @@ -1,6 +1,8 @@ /** * Provides classes for representing a position at which an SSA variable is read. */ +overlay[local?] +module; private import SsaReadPositionSpecific import SsaReadPositionSpecific::Public diff --git a/python/ql/lib/semmle/python/security/internal/EncryptionKeySizes.qll b/python/ql/lib/semmle/python/security/internal/EncryptionKeySizes.qll index 46df3a3ca7b..f42e31b2d7e 100644 --- a/python/ql/lib/semmle/python/security/internal/EncryptionKeySizes.qll +++ b/python/ql/lib/semmle/python/security/internal/EncryptionKeySizes.qll @@ -4,6 +4,8 @@ * Provides predicates for recommended encryption key sizes. * Such that we can share this logic across our CodeQL analysis of different languages. */ +overlay[local?] +module; /** Returns the minimum recommended key size for RSA. */ int minSecureKeySizeRsa() { result = 2048 } From 81b677a2d910f3bf3299254e32f4e745ab5dc9fd Mon Sep 17 00:00:00 2001 From: Kasper Svendsen Date: Fri, 20 Jun 2025 13:20:01 +0200 Subject: [PATCH 049/111] rename overlay[caller] to overlay[caller?] --- java/ql/lib/semmle/code/java/Type.qll | 4 ++-- java/ql/lib/semmle/code/java/controlflow/Dominance.qll | 8 ++++---- .../code/java/dataflow/internal/DataFlowDispatch.qll | 2 +- .../code/java/dataflow/internal/DataFlowUtil.qll | 4 ++-- .../code/java/dataflow/internal/TaintTrackingUtil.qll | 8 ++++---- .../dataflow/codeql/dataflow/internal/DataFlowImpl.qll | 6 +++--- .../codeql/dataflow/internal/DataFlowImplCommon.qll | 10 +++++----- .../codeql/dataflow/internal/DataFlowImplStage1.qll | 2 +- .../regex/codeql/regex/nfa/SuperlinearBackTracking.qll | 2 +- .../codeql/typeinference/internal/TypeInference.qll | 4 ++-- .../codeql/typetracking/internal/TypeTrackingImpl.qll | 4 ++-- 11 files changed, 27 insertions(+), 27 deletions(-) diff --git a/java/ql/lib/semmle/code/java/Type.qll b/java/ql/lib/semmle/code/java/Type.qll index 95e4ecc7ff7..c30dd7012bf 100644 --- a/java/ql/lib/semmle/code/java/Type.qll +++ b/java/ql/lib/semmle/code/java/Type.qll @@ -670,7 +670,7 @@ class RefType extends Type, Annotatable, Modifiable, @reftype { * * For the definition of the notion of *erasure* see JLS v8, section 4.6 (Type Erasure). */ - overlay[caller] + overlay[caller?] pragma[inline] RefType commonSubtype(RefType other) { result.getASourceSupertype*() = erase(this) and @@ -1260,7 +1260,7 @@ private Type erase(Type t) { * * For the definition of the notion of *erasure* see JLS v8, section 4.6 (Type Erasure). */ -overlay[caller] +overlay[caller?] pragma[inline] predicate haveIntersection(RefType t1, RefType t2) { exists(RefType e1, RefType e2 | e1 = erase(t1) and e2 = erase(t2) | diff --git a/java/ql/lib/semmle/code/java/controlflow/Dominance.qll b/java/ql/lib/semmle/code/java/controlflow/Dominance.qll index 8f53a554d48..e2a50ba06df 100644 --- a/java/ql/lib/semmle/code/java/controlflow/Dominance.qll +++ b/java/ql/lib/semmle/code/java/controlflow/Dominance.qll @@ -95,7 +95,7 @@ predicate iDominates(ControlFlowNode dominator, ControlFlowNode node) { } /** Holds if `dom` strictly dominates `node`. */ -overlay[caller] +overlay[caller?] pragma[inline] predicate strictlyDominates(ControlFlowNode dom, ControlFlowNode node) { // This predicate is gigantic, so it must be inlined. @@ -105,7 +105,7 @@ predicate strictlyDominates(ControlFlowNode dom, ControlFlowNode node) { } /** Holds if `dom` dominates `node`. (This is reflexive.) */ -overlay[caller] +overlay[caller?] pragma[inline] predicate dominates(ControlFlowNode dom, ControlFlowNode node) { // This predicate is gigantic, so it must be inlined. @@ -115,7 +115,7 @@ predicate dominates(ControlFlowNode dom, ControlFlowNode node) { } /** Holds if `dom` strictly post-dominates `node`. */ -overlay[caller] +overlay[caller?] pragma[inline] predicate strictlyPostDominates(ControlFlowNode dom, ControlFlowNode node) { // This predicate is gigantic, so it must be inlined. @@ -125,7 +125,7 @@ predicate strictlyPostDominates(ControlFlowNode dom, ControlFlowNode node) { } /** Holds if `dom` post-dominates `node`. (This is reflexive.) */ -overlay[caller] +overlay[caller?] pragma[inline] predicate postDominates(ControlFlowNode dom, ControlFlowNode node) { // This predicate is gigantic, so it must be inlined. diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowDispatch.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowDispatch.qll index 9a1be72209a..dc58529ed26 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowDispatch.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowDispatch.qll @@ -213,7 +213,7 @@ private module DispatchImpl { } /** Holds if arguments at position `apos` match parameters at position `ppos`. */ - overlay[caller] + overlay[caller?] pragma[inline] predicate parameterMatch(ParameterPosition ppos, ArgumentPosition apos) { ppos = apos } } diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowUtil.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowUtil.qll index 27cbefa8092..ab2f7f89cb4 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowUtil.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowUtil.qll @@ -79,7 +79,7 @@ private module ThisFlow { * Holds if data can flow from `node1` to `node2` in zero or more * local (intra-procedural) steps. */ -overlay[caller] +overlay[caller?] pragma[inline] predicate localFlow(Node node1, Node node2) { node1 = node2 or localFlowStepPlus(node1, node2) } @@ -89,7 +89,7 @@ private predicate localFlowStepPlus(Node node1, Node node2) = fastTC(localFlowSt * Holds if data can flow from `e1` to `e2` in zero or more * local (intra-procedural) steps. */ -overlay[caller] +overlay[caller?] pragma[inline] predicate localExprFlow(Expr e1, Expr e2) { localFlow(exprNode(e1), exprNode(e2)) } diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll b/java/ql/lib/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll index ed0163d13a7..40e361ed158 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll @@ -23,7 +23,7 @@ private import semmle.code.java.frameworks.JaxWS * Holds if taint can flow from `src` to `sink` in zero or more * local (intra-procedural) steps. */ -overlay[caller] +overlay[caller?] pragma[inline] predicate localTaint(DataFlow::Node src, DataFlow::Node sink) { localTaintStep*(src, sink) } @@ -31,7 +31,7 @@ predicate localTaint(DataFlow::Node src, DataFlow::Node sink) { localTaintStep*( * Holds if taint can flow from `src` to `sink` in zero or more * local (intra-procedural) steps. */ -overlay[caller] +overlay[caller?] pragma[inline] predicate localExprTaint(Expr src, Expr sink) { localTaint(DataFlow::exprNode(src), DataFlow::exprNode(sink)) @@ -74,7 +74,7 @@ module LocalTaintFlow { * (intra-procedural) steps that are restricted to be part of a path between * `source` and `sink`. */ - overlay[caller] + overlay[caller?] pragma[inline] predicate hasFlow(DataFlow::Node n1, DataFlow::Node n2) { step*(n1, n2) } @@ -83,7 +83,7 @@ module LocalTaintFlow { * (intra-procedural) steps that are restricted to be part of a path between * `source` and `sink`. */ - overlay[caller] + overlay[caller?] pragma[inline] predicate hasExprFlow(Expr n1, Expr n2) { hasFlow(DataFlow::exprNode(n1), DataFlow::exprNode(n2)) diff --git a/shared/dataflow/codeql/dataflow/internal/DataFlowImpl.qll b/shared/dataflow/codeql/dataflow/internal/DataFlowImpl.qll index 9b0e353dc09..a7e0736432a 100644 --- a/shared/dataflow/codeql/dataflow/internal/DataFlowImpl.qll +++ b/shared/dataflow/codeql/dataflow/internal/DataFlowImpl.qll @@ -794,7 +794,7 @@ module MakeImpl Lang> { innercc = getCallContextCall(call, inner) } - overlay[caller] + overlay[caller?] pragma[inline] predicate fwdFlowIn( Call call, ArgNd arg, Callable inner, ParamNd p, Cc outercc, CcCall innercc, @@ -2324,7 +2324,7 @@ module MakeImpl Lang> { * For more information, see * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). */ - overlay[caller] + overlay[caller?] pragma[inline] deprecated final predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn @@ -2528,7 +2528,7 @@ module MakeImpl Lang> { class ApHeadContent = Unit; - overlay[caller] + overlay[caller?] pragma[inline] ApHeadContent getHeadContent(Ap ap) { exists(result) and ap = true } diff --git a/shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll b/shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll index b2bdc0c12e6..5cb92d7ba8d 100644 --- a/shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll +++ b/shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll @@ -677,7 +677,7 @@ module MakeImplCommon Lang> { class CcCall = CallContextCall; - overlay[caller] + overlay[caller?] pragma[inline] predicate matchesCall(CcCall cc, Call call) { cc = Input2::getSpecificCallContextCall(call, _) or @@ -889,7 +889,7 @@ module MakeImplCommon Lang> { pragma[nomagic] private Callable getEnclosingCallable0() { nodeEnclosingCallable(this.projectToNode(), result) } - overlay[caller] + overlay[caller?] pragma[inline] Callable getEnclosingCallable() { pragma[only_bind_out](this).getEnclosingCallable0() = pragma[only_bind_into](result) @@ -904,7 +904,7 @@ module MakeImplCommon Lang> { isTopType(result) and this.isImplicitReadNode(_) } - overlay[caller] + overlay[caller?] pragma[inline] Type getType() { pragma[only_bind_out](this).getType0() = pragma[only_bind_into](result) } @@ -2416,14 +2416,14 @@ module MakeImplCommon Lang> { * predicate ensures that joins go from `n` to the result instead of the other * way around. */ - overlay[caller] + overlay[caller?] pragma[inline] Callable getNodeEnclosingCallable(Node n) { nodeEnclosingCallable(pragma[only_bind_out](n), pragma[only_bind_into](result)) } /** Gets the type of `n` used for type pruning. */ - overlay[caller] + overlay[caller?] pragma[inline] Type getNodeDataFlowType(Node n) { nodeType(pragma[only_bind_out](n), pragma[only_bind_into](result)) diff --git a/shared/dataflow/codeql/dataflow/internal/DataFlowImplStage1.qll b/shared/dataflow/codeql/dataflow/internal/DataFlowImplStage1.qll index 07147fc5667..c7883df0de1 100644 --- a/shared/dataflow/codeql/dataflow/internal/DataFlowImplStage1.qll +++ b/shared/dataflow/codeql/dataflow/internal/DataFlowImplStage1.qll @@ -1786,7 +1786,7 @@ module MakeImplStage1 Lang> { * For more information, see * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). */ - overlay[caller] + overlay[caller?] pragma[inline] deprecated predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn diff --git a/shared/regex/codeql/regex/nfa/SuperlinearBackTracking.qll b/shared/regex/codeql/regex/nfa/SuperlinearBackTracking.qll index 2faac9b0211..fca1641207d 100644 --- a/shared/regex/codeql/regex/nfa/SuperlinearBackTracking.qll +++ b/shared/regex/codeql/regex/nfa/SuperlinearBackTracking.qll @@ -101,7 +101,7 @@ module Make { /** * Holds if the tuple `(r1, r2, r3)` might be on path from a start-state to an end-state in the product automaton. */ - overlay[caller] + overlay[caller?] pragma[inline] predicate isFeasibleTuple(State r1, State r2, State r3) { // The first element is either inside a repetition (or the start state itself) diff --git a/shared/typeinference/codeql/typeinference/internal/TypeInference.qll b/shared/typeinference/codeql/typeinference/internal/TypeInference.qll index a8ac489487c..a97d9166161 100644 --- a/shared/typeinference/codeql/typeinference/internal/TypeInference.qll +++ b/shared/typeinference/codeql/typeinference/internal/TypeInference.qll @@ -851,7 +851,7 @@ module Make1 Input1> { ) } - overlay[caller] + overlay[caller?] pragma[inline] predicate baseTypeMentionHasNonTypeParameterAt( Type sub, TypeMention baseMention, TypePath path, Type t @@ -859,7 +859,7 @@ module Make1 Input1> { not t = sub.getATypeParameter() and baseTypeMentionHasTypeAt(sub, baseMention, path, t) } - overlay[caller] + overlay[caller?] pragma[inline] predicate baseTypeMentionHasTypeParameterAt( Type sub, TypeMention baseMention, TypePath path, TypeParameter tp diff --git a/shared/typetracking/codeql/typetracking/internal/TypeTrackingImpl.qll b/shared/typetracking/codeql/typetracking/internal/TypeTrackingImpl.qll index b74f803131f..fcfcfe9ecd1 100644 --- a/shared/typetracking/codeql/typetracking/internal/TypeTrackingImpl.qll +++ b/shared/typetracking/codeql/typetracking/internal/TypeTrackingImpl.qll @@ -512,7 +512,7 @@ module TypeTracking I> { * } * ``` */ - overlay[caller] + overlay[caller?] pragma[inline] TypeTracker smallstep(Node nodeFrom, Node nodeTo) { result = this.smallstepNoSimpleLocalFlowStep(nodeFrom, nodeTo) @@ -657,7 +657,7 @@ module TypeTracking I> { * } * ``` */ - overlay[caller] + overlay[caller?] pragma[inline] TypeBackTracker smallstep(Node nodeFrom, Node nodeTo) { result = this.smallstepNoSimpleLocalFlowStep(nodeFrom, nodeTo) From c2b317783fd0727afe4c8c1922052a7a7bc9da73 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Mon, 23 Jun 2025 18:47:07 +0100 Subject: [PATCH 050/111] C++: Fix for SQL query. --- cpp/ql/src/Security/CWE/CWE-089/SqlTainted.ql | 18 +++++++++++++----- .../CWE/CWE-089/SqlTainted/SqlTainted.expected | 2 ++ 2 files changed, 15 insertions(+), 5 deletions(-) diff --git a/cpp/ql/src/Security/CWE/CWE-089/SqlTainted.ql b/cpp/ql/src/Security/CWE/CWE-089/SqlTainted.ql index 069b2e25d21..0ea4ce2e95f 100644 --- a/cpp/ql/src/Security/CWE/CWE-089/SqlTainted.ql +++ b/cpp/ql/src/Security/CWE/CWE-089/SqlTainted.ql @@ -59,13 +59,21 @@ module SqlTaintedConfig implements DataFlow::ConfigSig { module SqlTainted = TaintTracking::Global; from - SqlLikeFunction runSql, Expr taintedArg, FlowSource taintSource, SqlTainted::PathNode sourceNode, - SqlTainted::PathNode sinkNode, string callChain + Expr taintedArg, FlowSource taintSource, SqlTainted::PathNode sourceNode, + SqlTainted::PathNode sinkNode, string extraText where - runSql.outermostWrapperFunctionCall(taintedArg, callChain) and + ( + exists(SqlLikeFunction runSql, string callChain | + runSql.outermostWrapperFunctionCall(taintedArg, callChain) and + extraText = " and then passed to " + callChain + ) + or + sinkNode(sinkNode.getNode(), "sql-injection") and + extraText = "" + ) and SqlTainted::flowPath(sourceNode, sinkNode) and taintedArg = asSinkExpr(sinkNode.getNode()) and taintSource = sourceNode.getNode() select taintedArg, sourceNode, sinkNode, - "This argument to a SQL query function is derived from $@ and then passed to " + callChain + ".", - taintSource, "user input (" + taintSource.getSourceType() + ")" + "This argument to a SQL query function is derived from $@" + extraText + ".", taintSource, + "user input (" + taintSource.getSourceType() + ")" diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-089/SqlTainted/SqlTainted.expected b/cpp/ql/test/query-tests/Security/CWE/CWE-089/SqlTainted/SqlTainted.expected index 58c919f7f8f..7883e1ee5ae 100644 --- a/cpp/ql/test/query-tests/Security/CWE/CWE-089/SqlTainted/SqlTainted.expected +++ b/cpp/ql/test/query-tests/Security/CWE/CWE-089/SqlTainted/SqlTainted.expected @@ -36,4 +36,6 @@ subpaths | test.c:51:18:51:23 | query1 | test.c:14:27:14:30 | **argv | test.c:51:18:51:23 | *query1 | This argument to a SQL query function is derived from $@ and then passed to mysql_query(sqlArg). | test.c:14:27:14:30 | **argv | user input (a command-line argument) | | test.c:76:17:76:25 | userInput | test.c:75:8:75:16 | gets output argument | test.c:76:17:76:25 | *userInput | This argument to a SQL query function is derived from $@ and then passed to SQLPrepare(StatementText). | test.c:75:8:75:16 | gets output argument | user input (string read by gets) | | test.c:77:20:77:28 | userInput | test.c:75:8:75:16 | gets output argument | test.c:77:20:77:28 | *userInput | This argument to a SQL query function is derived from $@ and then passed to SQLExecDirect(StatementText). | test.c:75:8:75:16 | gets output argument | user input (string read by gets) | +| test.c:106:24:106:29 | query1 | test.c:101:8:101:16 | gets output argument | test.c:106:24:106:29 | *query1 | This argument to a SQL query function is derived from $@. | test.c:101:8:101:16 | gets output argument | user input (string read by gets) | +| test.c:107:28:107:33 | query1 | test.c:101:8:101:16 | gets output argument | test.c:107:28:107:33 | *query1 | This argument to a SQL query function is derived from $@. | test.c:101:8:101:16 | gets output argument | user input (string read by gets) | | test.cpp:43:27:43:33 | access to array | test.cpp:39:27:39:30 | **argv | test.cpp:43:27:43:33 | *access to array | This argument to a SQL query function is derived from $@ and then passed to pqxx::work::exec1((unnamed parameter 0)). | test.cpp:39:27:39:30 | **argv | user input (a command-line argument) | From b6e56f26c7509a041ce92bdda13db0a09da886e3 Mon Sep 17 00:00:00 2001 From: Kasper Svendsen Date: Wed, 15 Jan 2025 08:42:29 +0100 Subject: [PATCH 051/111] Java: Add manual overlay annotations --- .../src/experimental/Security/CWE/CWE-020/Log4jJndiInjection.ql | 1 + java/ql/src/experimental/Security/CWE/CWE-036/OpenStream.ql | 1 + .../src/experimental/Security/CWE/CWE-073/FilePathInjection.ql | 1 + java/ql/src/experimental/Security/CWE/CWE-078/ExecTainted.ql | 1 + .../Security/CWE/CWE-200/AndroidWebResourceResponse.qll | 1 + .../experimental/Security/CWE/CWE-400/ThreadResourceAbuse.qll | 1 + .../Security/CWE/CWE-625/PermissiveDotRegexQuery.qll | 1 + shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll | 1 + 8 files changed, 8 insertions(+) diff --git a/java/ql/src/experimental/Security/CWE/CWE-020/Log4jJndiInjection.ql b/java/ql/src/experimental/Security/CWE/CWE-020/Log4jJndiInjection.ql index 84c4bb01c12..3abaa7bdcfa 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-020/Log4jJndiInjection.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-020/Log4jJndiInjection.ql @@ -22,6 +22,7 @@ import semmle.code.java.dataflow.ExternalFlow private import semmle.code.java.security.Sanitizers import Log4jInjectionFlow::PathGraph +overlay[local?] deprecated private class ActivateModels extends ActiveExperimentalModels { ActivateModels() { this = "log4j-injection" } } diff --git a/java/ql/src/experimental/Security/CWE/CWE-036/OpenStream.ql b/java/ql/src/experimental/Security/CWE/CWE-036/OpenStream.ql index c84037719da..0929ca3eb80 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-036/OpenStream.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-036/OpenStream.ql @@ -17,6 +17,7 @@ import semmle.code.java.dataflow.FlowSources import semmle.code.java.dataflow.ExternalFlow import RemoteUrlToOpenStreamFlow::PathGraph +overlay[local?] deprecated private class ActivateModels extends ActiveExperimentalModels { ActivateModels() { this = "openstream-called-on-tainted-url" } } diff --git a/java/ql/src/experimental/Security/CWE/CWE-073/FilePathInjection.ql b/java/ql/src/experimental/Security/CWE/CWE-073/FilePathInjection.ql index c8709745852..11bb600ffe8 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-073/FilePathInjection.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-073/FilePathInjection.ql @@ -22,6 +22,7 @@ import semmle.code.java.security.PathSanitizer private import semmle.code.java.security.Sanitizers import InjectFilePathFlow::PathGraph +overlay[local?] deprecated private class ActivateModels extends ActiveExperimentalModels { ActivateModels() { this = "file-path-injection" } } diff --git a/java/ql/src/experimental/Security/CWE/CWE-078/ExecTainted.ql b/java/ql/src/experimental/Security/CWE/CWE-078/ExecTainted.ql index 08f7631af82..c13bc3bb245 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-078/ExecTainted.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-078/ExecTainted.ql @@ -18,6 +18,7 @@ import semmle.code.java.security.CommandLineQuery import InputToArgumentToExecFlow::PathGraph private import semmle.code.java.dataflow.ExternalFlow +overlay[local?] deprecated private class ActivateModels extends ActiveExperimentalModels { ActivateModels() { this = "jsch-os-injection" } } diff --git a/java/ql/src/experimental/Security/CWE/CWE-200/AndroidWebResourceResponse.qll b/java/ql/src/experimental/Security/CWE/CWE-200/AndroidWebResourceResponse.qll index bd898df205a..b988398e4c2 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-200/AndroidWebResourceResponse.qll +++ b/java/ql/src/experimental/Security/CWE/CWE-200/AndroidWebResourceResponse.qll @@ -7,6 +7,7 @@ private import semmle.code.java.dataflow.ExternalFlow private import semmle.code.java.dataflow.FlowSteps private import semmle.code.java.frameworks.android.WebView +overlay[local?] private class ActivateModels extends ActiveExperimentalModels { ActivateModels() { this = "android-web-resource-response" } } diff --git a/java/ql/src/experimental/Security/CWE/CWE-400/ThreadResourceAbuse.qll b/java/ql/src/experimental/Security/CWE/CWE-400/ThreadResourceAbuse.qll index ce6de1a0679..12ba6769f74 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-400/ThreadResourceAbuse.qll +++ b/java/ql/src/experimental/Security/CWE/CWE-400/ThreadResourceAbuse.qll @@ -8,6 +8,7 @@ import semmle.code.java.arithmetic.Overflow import semmle.code.java.dataflow.FlowSteps import semmle.code.java.controlflow.Guards +overlay[local?] private class ActivateModels extends ActiveExperimentalModels { ActivateModels() { this = "thread-resource-abuse" } } diff --git a/java/ql/src/experimental/Security/CWE/CWE-625/PermissiveDotRegexQuery.qll b/java/ql/src/experimental/Security/CWE/CWE-625/PermissiveDotRegexQuery.qll index 8fe997793f4..f8e32890250 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-625/PermissiveDotRegexQuery.qll +++ b/java/ql/src/experimental/Security/CWE/CWE-625/PermissiveDotRegexQuery.qll @@ -9,6 +9,7 @@ import semmle.code.java.controlflow.Guards import semmle.code.java.security.UrlRedirect import Regex +overlay[local?] private class ActivateModels extends ActiveExperimentalModels { ActivateModels() { this = "permissive-dot-regex-query" } } diff --git a/shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll b/shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll index 5cb92d7ba8d..288814c4c51 100644 --- a/shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll +++ b/shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll @@ -291,6 +291,7 @@ module MakeImplCommon Lang> { * to `lambdaCall`, if any. That is, `lastCall` is able to target the enclosing * callable of `lambdaCall`. */ + overlay[global] pragma[nomagic] predicate revLambdaFlow( Call lambdaCall, LambdaCallKind kind, Node node, Type t, boolean toReturn, boolean toJump, From 6e92d7e24771c7376874d3bd0e2a047df902a114 Mon Sep 17 00:00:00 2001 From: Kasper Svendsen Date: Thu, 9 Jan 2025 09:35:56 +0100 Subject: [PATCH 052/111] Java: Add entity discard predicates --- java/ql/lib/semmle/code/Location.qll | 14 ++++++++ java/ql/lib/semmle/code/java/Expr.qll | 13 ++++++++ java/ql/lib/semmle/code/java/Javadoc.qll | 13 ++++++++ java/ql/lib/semmle/code/java/Member.qll | 31 ++++++++++++++++++ java/ql/lib/semmle/code/java/Overlay.qll | 37 ++++++++++++++++++++++ java/ql/lib/semmle/code/java/Statement.qll | 13 ++++++++ java/ql/lib/semmle/code/java/Variable.qll | 13 ++++++++ 7 files changed, 134 insertions(+) create mode 100644 java/ql/lib/semmle/code/java/Overlay.qll diff --git a/java/ql/lib/semmle/code/Location.qll b/java/ql/lib/semmle/code/Location.qll index 14fc7a99532..7265164e8e1 100644 --- a/java/ql/lib/semmle/code/Location.qll +++ b/java/ql/lib/semmle/code/Location.qll @@ -8,6 +8,7 @@ module; import FileSystem import semmle.code.java.Element +private import semmle.code.java.Overlay private import semmle.code.SMAP /** Holds if element `e` has name `name`. */ @@ -221,3 +222,16 @@ private predicate fixedHasLocation(Top l, Location loc, File f) { not hasSourceLocation(l, _, _) and locations_default(loc, f, _, _, _, _) } + +overlay[local] +private predicate discardableLocation(string file, @location l) { + not isOverlay() and + file = getRawFileForLoc(l) and + not exists(@file f | hasLocation(f, l)) +} + +/** Discard base locations in files fully extracted in the overlay. */ +overlay[discard_entity] +private predicate discardLocation(@location l) { + exists(string file | discardableLocation(file, l) and extractedInOverlay(file)) +} diff --git a/java/ql/lib/semmle/code/java/Expr.qll b/java/ql/lib/semmle/code/java/Expr.qll index 182bf5b7001..cafffae52bd 100644 --- a/java/ql/lib/semmle/code/java/Expr.qll +++ b/java/ql/lib/semmle/code/java/Expr.qll @@ -7,6 +7,7 @@ module; import java private import semmle.code.java.frameworks.android.Compose private import semmle.code.java.Constants +private import semmle.code.java.Overlay /** A common super-class that represents all kinds of expressions. */ class Expr extends ExprParent, @expr { @@ -2701,3 +2702,15 @@ class RecordPatternExpr extends Expr, @recordpatternexpr { ) } } + +overlay[local] +private predicate discardableExpr(string file, @expr e) { + not isOverlay() and + file = getRawFile(e) +} + +/** Discard base expressions in files fully extracted in the overlay. */ +overlay[discard_entity] +private predicate discardExpr(@expr e) { + exists(string file | discardableExpr(file, e) and extractedInOverlay(file)) +} diff --git a/java/ql/lib/semmle/code/java/Javadoc.qll b/java/ql/lib/semmle/code/java/Javadoc.qll index ef8f77bf9ba..101bab2723e 100644 --- a/java/ql/lib/semmle/code/java/Javadoc.qll +++ b/java/ql/lib/semmle/code/java/Javadoc.qll @@ -5,6 +5,7 @@ overlay[local?] module; import semmle.code.Location +private import semmle.code.java.Overlay /** A Javadoc parent is an element whose child can be some Javadoc documentation. */ class JavadocParent extends @javadocParent, Top { @@ -196,3 +197,15 @@ class KtCommentSection extends @ktcommentsection { /** Gets the string representation of this section. */ string toString() { result = this.getContent() } } + +overlay[local] +private predicate discardableJavadoc(string file, @javadoc d) { + not isOverlay() and + exists(@member m | file = getRawFile(m) and hasJavadoc(m, d)) +} + +/** Discard javadoc entities in files fully extracted in the overlay. */ +overlay[discard_entity] +private predicate discardJavadoc(@javadoc d) { + exists(string file | discardableJavadoc(file, d) and extractedInOverlay(file)) +} diff --git a/java/ql/lib/semmle/code/java/Member.qll b/java/ql/lib/semmle/code/java/Member.qll index 662eab06bd1..596158f9ab8 100644 --- a/java/ql/lib/semmle/code/java/Member.qll +++ b/java/ql/lib/semmle/code/java/Member.qll @@ -11,6 +11,7 @@ import Annotation import Exception import metrics.MetricField private import dispatch.VirtualDispatch +private import semmle.code.java.Overlay /** * A common abstraction for type member declarations, @@ -897,3 +898,33 @@ class ExtensionMethod extends Method { else result = 0 } } + +overlay[local] +private predicate discardableMethod(string file, @method m) { + not isOverlay() and + file = getRawFile(m) and + exists(@classorinterface c | methods(m, _, _, _, c, _) and isAnonymClass(c, _)) +} + +/** Discard base methods on anonymous classes in files fully extracted in the overlay. */ +overlay[discard_entity] +private predicate discardAnonMethod(@method m) { + exists(string file | discardableMethod(file, m) and extractedInOverlay(file)) +} + +overlay[local] +private predicate discardableBaseMethod(string file, @method m) { + not isOverlay() and + file = getRawFile(m) +} + +overlay[local] +private predicate usedOverlayMethod(@method m) { isOverlay() and methods(m, _, _, _, _, _) } + +/** Discard base methods in files fully extracted in the overlay that were not extracted in the overlay. */ +overlay[discard_entity] +private predicate discardMethod(@method m) { + exists(string file | + discardableBaseMethod(file, m) and extractedInOverlay(file) and not usedOverlayMethod(m) + ) +} diff --git a/java/ql/lib/semmle/code/java/Overlay.qll b/java/ql/lib/semmle/code/java/Overlay.qll new file mode 100644 index 00000000000..4ed0c185fb5 --- /dev/null +++ b/java/ql/lib/semmle/code/java/Overlay.qll @@ -0,0 +1,37 @@ +overlay[local?] +module; + +import java + +/** + * A local predicate that always holds for the overlay variant and + * never holds for the base variant. This is used to define local + * predicates that behave differently for the base and overlay variant. + */ +overlay[local] +predicate isOverlay() { databaseMetadata("isOverlay", "true") } + +/** Gets the raw file for a locatable. */ +overlay[local] +string getRawFile(@locatable el) { + exists(@location loc, @file file | + hasLocation(el, loc) and + locations_default(loc, file, _, _, _, _) and + files(file, result) + ) +} + +/** Gets the raw file for a location. */ +overlay[local] +string getRawFileForLoc(@location l) { + exists(@file f | locations_default(l, f, _, _, _, _) and files(f, result)) +} + +/** Holds for files fully extracted in the overlay. */ +overlay[local] +predicate extractedInOverlay(string file) { + isOverlay() and + // numlines is used to restrict attention to fully extracted files and + // ignore skeleton extracted files in the overlay + exists(@locatable l | numlines(l, _, _, _) and file = getRawFile(l)) +} diff --git a/java/ql/lib/semmle/code/java/Statement.qll b/java/ql/lib/semmle/code/java/Statement.qll index 73b0aac5cbd..d1e7e748bc3 100644 --- a/java/ql/lib/semmle/code/java/Statement.qll +++ b/java/ql/lib/semmle/code/java/Statement.qll @@ -6,6 +6,7 @@ module; import Expr import metrics.MetricStmt +private import semmle.code.java.Overlay /** A common super-class of all statements. */ class Stmt extends StmtParent, ExprParent, @stmt { @@ -987,3 +988,15 @@ class SuperConstructorInvocationStmt extends Stmt, ConstructorCall, @superconstr override string getAPrimaryQlClass() { result = "SuperConstructorInvocationStmt" } } + +overlay[local] +private predicate discardableStmt(string file, @stmt s) { + not isOverlay() and + file = getRawFile(s) +} + +/** Discard base statements in files fully extracted in the overlay. */ +overlay[discard_entity] +private predicate discardStmt(@stmt s) { + exists(string file | discardableStmt(file, s) and extractedInOverlay(file)) +} diff --git a/java/ql/lib/semmle/code/java/Variable.qll b/java/ql/lib/semmle/code/java/Variable.qll index 50fd7a06484..9b8b42b71fb 100644 --- a/java/ql/lib/semmle/code/java/Variable.qll +++ b/java/ql/lib/semmle/code/java/Variable.qll @@ -5,6 +5,7 @@ overlay[local?] module; import Element +private import semmle.code.java.Overlay /** A variable is a field, a local variable or a parameter. */ class Variable extends @variable, Annotatable, Element, Modifiable { @@ -133,3 +134,15 @@ class Parameter extends Element, @param, LocalScopeVariable { /** Holds if this is an anonymous parameter, `_` */ predicate isAnonymous() { this.getName() = "" } } + +overlay[local] +private predicate discardableLocalVarDecl(string file, @localscopevariable l) { + not isOverlay() and + file = getRawFile(l) +} + +/** Discard base local scoped variables in files fully extracted in the overlay. */ +overlay[discard_entity] +private predicate discardLocalVarDecl(@localscopevariable l) { + exists(string file | discardableLocalVarDecl(file, l) and extractedInOverlay(file)) +} From 0ee6a78a4a760e01d50f8400ce086128b60224c9 Mon Sep 17 00:00:00 2001 From: Kasper Svendsen Date: Tue, 14 Jan 2025 12:24:14 +0100 Subject: [PATCH 053/111] Java: Allow methods with empty bodies for overlay --- java/ql/lib/semmle/code/java/Member.qll | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/java/ql/lib/semmle/code/java/Member.qll b/java/ql/lib/semmle/code/java/Member.qll index 596158f9ab8..805ab0bf940 100644 --- a/java/ql/lib/semmle/code/java/Member.qll +++ b/java/ql/lib/semmle/code/java/Member.qll @@ -624,7 +624,13 @@ class SrcMethod extends Method { then implementsInterfaceMethod(result, this) else result.getASourceOverriddenMethod*() = this ) and - (exists(result.getBody()) or result.hasModifier("native")) + ( + // We allow empty method bodies for the local overlay variant to allow + // calls to methods only fully extracted in base. + isOverlay() or + exists(result.getBody()) or + result.hasModifier("native") + ) } } From 869c974745eb371ece5d9d19db6fda5d94da1698 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Tue, 24 Jun 2025 11:34:54 +0100 Subject: [PATCH 054/111] Rust: Change note. --- .../change-notes/2025-06-24-access-after-lifetime-ended.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 rust/ql/src/change-notes/2025-06-24-access-after-lifetime-ended.md diff --git a/rust/ql/src/change-notes/2025-06-24-access-after-lifetime-ended.md b/rust/ql/src/change-notes/2025-06-24-access-after-lifetime-ended.md new file mode 100644 index 00000000000..7b92a3de78b --- /dev/null +++ b/rust/ql/src/change-notes/2025-06-24-access-after-lifetime-ended.md @@ -0,0 +1,4 @@ +--- +category: newQuery +--- +* Added a new query, `rust/access-after-lifetime-ended`, for detecting pointer dereferences after the lifetime of the pointed-to object has ended. From bd0efbe48c2ae7ee226dea0b87f8d4723d43f910 Mon Sep 17 00:00:00 2001 From: "REDMOND\\brodes" Date: Tue, 24 Jun 2025 16:03:25 -0400 Subject: [PATCH 055/111] Crypto: Overhaul of EVP final/init/update to now use a more general 'OperationStep' mechanic. --- .../MACAlgorithmInstance.qll | 12 +- .../experimental/quantum/OpenSSL/CtxFlow.qll | 221 ----- .../experimental/quantum/OpenSSL/CtxTypes.qll | 69 ++ .../OpenSSL/GetInstanceToInitOrUseFlow.qll | 185 ++++ .../OpenSSL/Operations/CipherOperation.qll | 275 ++++++ .../OpenSSL/Operations/ECKeyGenOperation.qll | 33 - .../OpenSSL/Operations/EVPCipherOperation.qll | 181 ---- .../OpenSSL/Operations/EVPHashOperation.qll | 106 --- .../OpenSSL/Operations/EVPKeyGenOperation.qll | 96 --- .../Operations/EVPPKeyCtxInitializer.qll | 187 ++-- .../Operations/EVPSignatureOperation.qll | 200 ----- .../OpenSSL/Operations/HashOperation.qll | 141 ++++ .../OpenSSL/Operations/KeyGenOperation.qll | 203 +++++ .../Operations/OpenSSLOperationBase.qll | 799 +++++++++++------- .../Operations/OpenSSLOperationBase_bak.qll | 316 +++++++ .../OpenSSL/Operations/OpenSSLOperations.qll | 9 +- .../OpenSSL/Operations/SignatureOperation.qll | 263 ++++++ .../codeql/quantum/experimental/Model.qll | 13 + 18 files changed, 2100 insertions(+), 1209 deletions(-) delete mode 100644 cpp/ql/lib/experimental/quantum/OpenSSL/CtxFlow.qll create mode 100644 cpp/ql/lib/experimental/quantum/OpenSSL/CtxTypes.qll create mode 100644 cpp/ql/lib/experimental/quantum/OpenSSL/GetInstanceToInitOrUseFlow.qll create mode 100644 cpp/ql/lib/experimental/quantum/OpenSSL/Operations/CipherOperation.qll delete mode 100644 cpp/ql/lib/experimental/quantum/OpenSSL/Operations/ECKeyGenOperation.qll delete mode 100644 cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPCipherOperation.qll delete mode 100644 cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPHashOperation.qll delete mode 100644 cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPKeyGenOperation.qll delete mode 100644 cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPSignatureOperation.qll create mode 100644 cpp/ql/lib/experimental/quantum/OpenSSL/Operations/HashOperation.qll create mode 100644 cpp/ql/lib/experimental/quantum/OpenSSL/Operations/KeyGenOperation.qll create mode 100644 cpp/ql/lib/experimental/quantum/OpenSSL/Operations/OpenSSLOperationBase_bak.qll create mode 100644 cpp/ql/lib/experimental/quantum/OpenSSL/Operations/SignatureOperation.qll diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/MACAlgorithmInstance.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/MACAlgorithmInstance.qll index 2e476824316..1da7dde4f96 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/MACAlgorithmInstance.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/MACAlgorithmInstance.qll @@ -56,11 +56,13 @@ class KnownOpenSslHMacConstantAlgorithmInstance extends Crypto::HMACAlgorithmIns // and we can simply grab that model's AVC exists(OpenSslAlgorithmInstance inst | inst.getAvc() = result and inst = this) else - // ASSUMPTION: If no explicit algorithm is given, then it is assumed to be configured by - // a signature operation - exists(Crypto::SignatureOperationInstance s | - s.getHashAlgorithmValueConsumer() = result and - s.getAnAlgorithmValueConsumer() = this.getAvc() + // ASSUMPTION: If no explicit algorithm is given, then find + // where the current AVC traces to a HashAlgorithmIO consuming operation step. + // TODO: need to consider getting reset values, tracing down to the first set for now + exists(OperationStep s, AvcContextCreationStep avc | + avc = this.getAvc() and + avc.flowsToOperationStep(s) and + s.getAlgorithmValueConsumerForInput(HashAlgorithmIO()) = result ) } } diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/CtxFlow.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/CtxFlow.qll deleted file mode 100644 index 63ec3e18132..00000000000 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/CtxFlow.qll +++ /dev/null @@ -1,221 +0,0 @@ -//TODO: model as data on open APIs should be able to get common flows, and obviate some of this -// e.g., copy/dup calls, need to ingest those models for openSSL and refactor. -/** - * In OpenSSL, flow between 'context' parameters is often used to - * store state/config of how an operation will eventually be performed. - * Tracing algorithms and configurations to operations therefore - * requires tracing context parameters for many OpenSSL apis. - * - * This library provides a dataflow analysis to track context parameters - * between any two functions accepting openssl context parameters. - * The dataflow takes into consideration flowing through duplication and copy calls - * as well as flow through flow killers (free/reset calls). - * - * TODO: we may need to revisit 'free' as a dataflow killer, depending on how - * we want to model use after frees. - * - * This library also provides classes to represent context Types and relevant - * arguments/expressions. - */ - -import semmle.code.cpp.dataflow.new.DataFlow - -/** - * An openSSL CTX type, which is type for which the stripped underlying type - * matches the pattern 'evp_%ctx_%st'. - * This includes types like: - * - EVP_CIPHER_CTX - * - EVP_MD_CTX - * - EVP_PKEY_CTX - */ -class CtxType extends Type { - CtxType() { - // It is possible for users to use the underlying type of the CTX variables - // these have a name matching 'evp_%ctx_%st - this.getUnspecifiedType().stripType().getName().matches("evp_%ctx_%st") - or - // In principal the above check should be sufficient, but in case of build mode none issues - // i.e., if a typedef cannot be resolved, - // or issues with properly stubbing test cases, we also explicitly check for the wrapping type defs - // i.e., patterns matching 'EVP_%_CTX' - exists(Type base | base = this or base = this.(DerivedType).getBaseType() | - base.getName().matches("EVP_%_CTX") - ) - } -} - -/** - * A pointer to a CtxType - */ -class CtxPointerExpr extends Expr { - CtxPointerExpr() { - this.getType() instanceof CtxType and - this.getType() instanceof PointerType - } -} - -/** - * A call argument of type CtxPointerExpr. - */ -class CtxPointerArgument extends CtxPointerExpr { - CtxPointerArgument() { exists(Call c | c.getAnArgument() = this) } - - Call getCall() { result.getAnArgument() = this } -} - -/** - * A call returning a CtxPointerExpr. - */ -private class CtxPointerReturn extends CtxPointerExpr instanceof Call { - Call getCall() { result = this } -} - -/** - * A call whose target contains 'free' or 'reset' and has an argument of type - * CtxPointerArgument. - */ -private class CtxClearCall extends Call { - CtxClearCall() { - this.getTarget().getName().toLowerCase().matches(["%free%", "%reset%"]) and - this.getAnArgument() instanceof CtxPointerArgument - } -} - -abstract private class CtxPassThroughCall extends Call { - abstract DataFlow::Node getNode1(); - - abstract DataFlow::Node getNode2(); -} - -/** - * A call whose target contains 'copy' and has an argument of type - * CtxPointerArgument. - */ -private class CtxCopyOutArgCall extends CtxPassThroughCall { - DataFlow::Node n1; - DataFlow::Node n2; - - CtxCopyOutArgCall() { - this.getTarget().getName().toLowerCase().matches("%copy%") and - n1.asExpr() = this.getAnArgument() and - n1.getType() instanceof CtxType and - n2.asDefiningArgument() = this.getAnArgument() and - n2.getType() instanceof CtxType and - n1.asDefiningArgument() != n2.asExpr() - } - - override DataFlow::Node getNode1() { result = n1 } - - override DataFlow::Node getNode2() { result = n2 } -} - -/** - * A call whose target contains 'dup' and has an argument of type - * CtxPointerArgument. - */ -private class CtxCopyReturnCall extends CtxPassThroughCall, CtxPointerExpr { - DataFlow::Node n1; - - CtxCopyReturnCall() { - this.getTarget().getName().toLowerCase().matches("%dup%") and - n1.asExpr() = this.getAnArgument() and - n1.getType() instanceof CtxType - } - - override DataFlow::Node getNode1() { result = n1 } - - override DataFlow::Node getNode2() { result.asExpr() = this } -} - -/** - * A call to `EVP_PKEY_paramgen` acts as a kind of pass through. - * It's output pkey is eventually used in a new operation generating - * a fresh context pointer (e.g., `EVP_PKEY_CTX_new`). - * It is easier to model this as a pass through - * than to model the flow from the paramgen to the new key generation. - */ -private class CtxParamGenCall extends CtxPassThroughCall { - DataFlow::Node n1; - DataFlow::Node n2; - - CtxParamGenCall() { - this.getTarget().getName() = "EVP_PKEY_paramgen" and - n1.asExpr() = this.getArgument(0) and - ( - n2.asExpr() = this.getArgument(1) - or - n2.asDefiningArgument() = this.getArgument(1) - ) - } - - override DataFlow::Node getNode1() { result = n1 } - - override DataFlow::Node getNode2() { result = n2 } -} - -/** - * If the current node gets is an argument to a function - * that returns a pointer type, immediately flow through. - * NOTE: this passthrough is required if we allow - * intermediate steps to go into variables that are not a CTX type. - * See for example `CtxParamGenCall`. - */ -private class CallArgToCtxRet extends CtxPassThroughCall, CtxPointerExpr { - DataFlow::Node n1; - DataFlow::Node n2; - - CallArgToCtxRet() { - this.getAnArgument() = n1.asExpr() and - n2.asExpr() = this - } - - override DataFlow::Node getNode1() { result = n1 } - - override DataFlow::Node getNode2() { result = n2 } -} - -/** - * A source Ctx of interest is any argument or return of type CtxPointerExpr. - */ -class CtxPointerSource extends CtxPointerExpr { - CtxPointerSource() { - this instanceof CtxPointerReturn or - this instanceof CtxPointerArgument - } - - DataFlow::Node asNode() { - result.asExpr() = this - or - result.asDefiningArgument() = this - } -} - -/** - * Flow from any CtxPointerSource to other CtxPointerSource. - */ -module OpenSslCtxSourceToSourceFlowConfig implements DataFlow::ConfigSig { - predicate isSource(DataFlow::Node source) { exists(CtxPointerSource s | s.asNode() = source) } - - predicate isSink(DataFlow::Node sink) { exists(CtxPointerSource s | s.asNode() = sink) } - - predicate isBarrier(DataFlow::Node node) { - exists(CtxClearCall c | c.getAnArgument() = node.asExpr()) - } - - predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) { - exists(CtxPassThroughCall c | c.getNode1() = node1 and c.getNode2() = node2) - } -} - -module OpenSslCtxSourceToArgumentFlow = DataFlow::Global; - -/** - * Holds if there is a context flow from the source to the sink. - */ -predicate ctxSrcToSrcFlow(CtxPointerSource source, CtxPointerSource sink) { - exists(DataFlow::Node a, DataFlow::Node b | - OpenSslCtxSourceToArgumentFlow::flow(a, b) and - a = source.asNode() and - b = sink.asNode() - ) -} diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/CtxTypes.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/CtxTypes.qll new file mode 100644 index 00000000000..f0362ef02c2 --- /dev/null +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/CtxTypes.qll @@ -0,0 +1,69 @@ +/** + * In OpenSSL, flow between 'context' parameters is often used to + * store state/config of how an operation will eventually be performed. + * Tracing algorithms and configurations to operations therefore + * requires tracing context parameters for many OpenSSL apis. + * + * This library provides a dataflow analysis to track context parameters + * between any two functions accepting openssl context parameters. + * The dataflow takes into consideration flowing through duplication and copy calls + * as well as flow through flow killers (free/reset calls). + * + * TODO: we may need to revisit 'free' as a dataflow killer, depending on how + * we want to model use after frees. + * + * This library also provides classes to represent context Types and relevant + * arguments/expressions. + */ + +import semmle.code.cpp.dataflow.new.DataFlow + +/** + * An openSSL CTX type, which is type for which the stripped underlying type + * matches the pattern 'evp_%ctx_%st'. + * This includes types like: + * - EVP_CIPHER_CTX + * - EVP_MD_CTX + * - EVP_PKEY_CTX + */ +class CtxType extends Type { + CtxType() { + // It is possible for users to use the underlying type of the CTX variables + // these have a name matching 'evp_%ctx_%st + this.getUnspecifiedType().stripType().getName().matches("evp_%ctx_%st") + or + // In principal the above check should be sufficient, but in case of build mode none issues + // i.e., if a typedef cannot be resolved, + // or issues with properly stubbing test cases, we also explicitly check for the wrapping type defs + // i.e., patterns matching 'EVP_%_CTX' + exists(Type base | base = this or base = this.(DerivedType).getBaseType() | + base.getName().matches("EVP_%_CTX") + ) + } +} + +/** + * A pointer to a CtxType + */ +class CtxPointerExpr extends Expr { + CtxPointerExpr() { + this.getType() instanceof CtxType and + this.getType() instanceof PointerType + } +} + +/** + * A call argument of type CtxPointerExpr. + */ +class CtxPointerArgument extends CtxPointerExpr { + CtxPointerArgument() { exists(Call c | c.getAnArgument() = this) } + + Call getCall() { result.getAnArgument() = this } +} + +/** + * A call returning a CtxPointerExpr. + */ +private class CtxPointerReturn extends CtxPointerExpr instanceof Call { + Call getCall() { result = this } +} diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/GetInstanceToInitOrUseFlow.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/GetInstanceToInitOrUseFlow.qll new file mode 100644 index 00000000000..6c6ff0807b6 --- /dev/null +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/GetInstanceToInitOrUseFlow.qll @@ -0,0 +1,185 @@ +// import semmle.code.cpp.dataflow.new.DataFlow +// signature class GetInstanceCallSig instanceof Call; +// signature class InitCallSig instanceof Call; +// signature class UseCallSig instanceof Call { +// /** +// * Holds if the use is not a final use, such as an `update()` call before `doFinal()` +// */ +// predicate isIntermediate(); +// } +// module GetInstanceInitUseFlowAnalysis< +// GetInstanceCallSig GetInstance, InitCallSig Init, UseCallSig Uses> +// { +newtype TFlowState = + TUninitialized() or + TInitialized(Init call) or + TIntermediateUse(Use call) + +abstract class InitFlowState extends TFlowState { + string toString() { + this = TUninitialized() and result = "Uninitialized" + or + this = TInitialized(_) and result = "Initialized" + // TODO: add intermediate use + } +} + +class UninitializedFlowState extends InitFlowState, TUninitialized { } + +class InitializedFlowState extends InitFlowState, TInitialized { + Init call; + DataFlow::Node node1; + DataFlow::Node node2; + + InitializedFlowState() { + this = TInitialized(call) and + node2.asExpr() = call.(Call).getQualifier() and + DataFlow::localFlowStep(node1, node2) and + node1 != node2 + } + + Init getInitCall() { result = call } + + DataFlow::Node getFstNode() { result = node1 } + + DataFlow::Node getSndNode() { result = node2 } +} + +class IntermediateUseState extends InitFlowState, TIntermediateUse { + Uses call; + DataFlow::Node node1; + DataFlow::Node node2; + + IntermediateUseState() { + this = TIntermediateUse(call) and + call.isIntermediate() and + node1.asExpr() = call.(Call).getQualifier() and + node2 = node1 + } + + Use getUseCall() { result = call } + + DataFlow::Node getFstNode() { result = node1 } + + DataFlow::Node getSndNode() { result = node2 } +} + +/** + * A flow config from a `GetInstance` to the `Init` or `Use` through any + * intermediate uses or inits. + */ +module GetInstanceToInitOrUseConfig implements DataFlow::StateConfigSig { + class FlowState = InitFlowState; + + predicate isSource(DataFlow::Node src, FlowState state) { + state instanceof UninitializedFlowState and + src.asExpr() instanceof GetInstance + or + src = state.(InitializedFlowState).getSndNode() + or + src = state.(IntermediateUseState).getSndNode() + } + + // TODO: document this, but this is intentional (avoid cross products?) + predicate isSink(DataFlow::Node sink, FlowState state) { none() } + + predicate isSink(DataFlow::Node sink) { + none() + // exists(Init c | c.(Call).getQualifier() = sink.asExpr()) + // or + // exists(Use c | not c.isIntermediate() and c.(Call).getQualifier() = sink.asExpr()) + } + + predicate isAdditionalFlowStep( + DataFlow::Node node1, FlowState state1, DataFlow::Node node2, FlowState state2 + ) { + state1 = state1 and + ( + node1 = state2.(InitializedFlowState).getFstNode() and + node2 = state2.(InitializedFlowState).getSndNode() + or + node1 = state2.(IntermediateUseState).getFstNode() and + node2 = state2.(IntermediateUseState).getSndNode() + ) + } + + predicate isBarrier(DataFlow::Node node, FlowState state) { + // exists(CipherInitCall call | node.asExpr() = call.getQualifier() | + // state instanceof UninitializedFlowState + // or + // state.(InitializedFlowState).getInitCall() != call + // ) + none() + } +} +// module GetInstanceToInitToUseFlow = DataFlow::GlobalWithState; +// GetInstance getInstantiationFromUse( +// Use use, GetInstanceToInitToUseFlow::PathNode src, GetInstanceToInitToUseFlow::PathNode sink +// ) { +// src.getNode().asExpr() = result and +// sink.getNode().asExpr() = use.( Call).getQualifier() and +// GetInstanceToInitToUseFlow::flowPath(src, sink) +// } +// GetInstance getInstantiationFromInit( +// Init init, GetInstanceToInitToUseFlow::PathNode src, GetInstanceToInitToUseFlow::PathNode sink +// ) { +// src.getNode().asExpr() = result and +// sink.getNode().asExpr() = init.( Call).getQualifier() and +// GetInstanceToInitToUseFlow::flowPath(src, sink) +// } +// Init getInitFromUse( +// Use use, GetInstanceToInitToUseFlow::PathNode src, GetInstanceToInitToUseFlow::PathNode sink +// ) { +// src.getNode().asExpr() = result.( Call).getQualifier() and +// sink.getNode().asExpr() = use.( Call).getQualifier() and +// GetInstanceToInitToUseFlow::flowPath(src, sink) +// } +// predicate hasInit(Use use) { exists(getInitFromUse(use, _, _)) } +// Use getAnIntermediateUseFromFinalUse( +// Use final, GetInstanceToInitToUseFlow::PathNode src, GetInstanceToInitToUseFlow::PathNode sink +// ) { +// not final.isIntermediate() and +// result.isIntermediate() and +// src.getNode().asExpr() = result.( Call).getQualifier() and +// sink.getNode().asExpr() = final.( Call).getQualifier() and +// GetInstanceToInitToUseFlow::flowPath(src, sink) +// } +// } +// module GetInstanceToInitToUseConfig implements DataFlow::StateConfigSig { +// class FlowState = InitFlowState; +// predicate isSource(DataFlow::Node src, FlowState state) { +// state instanceof UninitializedFlowState and +// src.asExpr() instanceof GetInstance +// or +// src = state.(InitializedFlowState).getSndNode() +// or +// src = state.(IntermediateUseState).getSndNode() +// } +// // TODO: document this, but this is intentional (avoid cross products?) +// predicate isSink(DataFlow::Node sink, FlowState state) { none() } +// predicate isSink(DataFlow::Node sink) { +// exists(Init c | c.( Call).getQualifier() = sink.asExpr()) +// or +// exists(Use c | not c.isIntermediate() and c.( Call).getQualifier() = sink.asExpr()) +// } +// predicate isAdditionalFlowStep( +// DataFlow::Node node1, FlowState state1, DataFlow::Node node2, FlowState state2 +// ) { +// state1 = state1 and +// ( +// node1 = state2.(InitializedFlowState).getFstNode() and +// node2 = state2.(InitializedFlowState).getSndNode() +// or +// node1 = state2.(IntermediateUseState).getFstNode() and +// node2 = state2.(IntermediateUseState).getSndNode() +// ) +// } +// predicate isBarrier(DataFlow::Node node, FlowState state) { +// exists(CipherInitCall call | node.asExpr() = call.getQualifier() | +// state instanceof UninitializedFlowState +// or +// state.(InitializedFlowState).getInitCall() != call +// ) +// } +// } +// module GetInstanceToInitToUseFlow = DataFlow::GlobalWithState; diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/CipherOperation.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/CipherOperation.qll new file mode 100644 index 00000000000..c8b329d402d --- /dev/null +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/CipherOperation.qll @@ -0,0 +1,275 @@ +import experimental.quantum.Language +private import OpenSSLOperationBase +private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumers +import EVPPKeyCtxInitializer + +/** + * A base class for all EVP cipher operations. + */ +abstract class EvpCipherInitializer extends OperationStep { + override DataFlow::Node getInput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + or + result.asExpr() = this.getArgument(1) and + type = PrimaryAlgorithmIO() and + // Null for the algorithm indicates the algorithm is not actually set + // This pattern can occur during a multi-step initialization + // TODO/Note: not flowing 0 to the sink, assuming a direct use of NULL for now + (exists(result.asExpr().getValue()) implies result.asExpr().getValue().toInt() != 0) + } + + override DataFlow::Node getOutput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + } + + override OperationStepType getStepType() { result = InitializerStep() } +} + +/** + * A base class for EVP cipher/decrypt/encrypt 'ex' operations. + */ +abstract class EvpEXInitializer extends EvpCipherInitializer { + override DataFlow::Node getInput(IOType type) { + result = super.getInput(type) + or + ( + // Null key or nonce indicates the key/nonce is not actually set + // This pattern can occur during a multi-step initialization + // TODO/Note: not flowing 0 to the sink, assuming a direct use of NULL for now + result.asExpr() = this.getArgument(3) and type = KeyIO() + or + result.asExpr() = this.getArgument(4) and type = IVorNonceIO() + ) and + (exists(result.asExpr().getValue()) implies result.asExpr().getValue().toInt() != 0) + } +} + +/** + * A base class for EVP cipher/decrypt/encrypt 'ex2' operations. + */ +abstract class EvpEX2Initializer extends EvpCipherInitializer { + override DataFlow::Node getInput(IOType type) { + result = super.getInput(type) + or + result.asExpr() = this.getArgument(2) and type = KeyIO() + or + result.asExpr() = this.getArgument(3) and type = IVorNonceIO() + } +} + +/** + * A Call to an EVP Cipher/Encrypt/Decrypt initialization operation. + */ +class EvpCipherEXInitCall extends EvpEXInitializer { + EvpCipherEXInitCall() { + this.getTarget().getName() in ["EVP_EncryptInit_ex", "EVP_DecryptInit_ex", "EVP_CipherInit_ex"] + } + + override DataFlow::Node getInput(IOType type) { + result = super.getInput(type) + or + // NOTE: for EncryptInit and DecryptInit there is no subtype arg + // the subtype is determined automatically by the initializer based on the operation name + this.getTarget().getName().toLowerCase().matches("%cipherinit%") and + result.asExpr() = this.getArgument(5) and + type = KeyOperationSubtypeIO() + } +} + +class Evp_Cipher_EX2_or_Simple_Init_Call extends EvpEX2Initializer { + Evp_Cipher_EX2_or_Simple_Init_Call() { + this.getTarget().getName() in [ + "EVP_EncryptInit_ex2", "EVP_DecryptInit_ex2", "EVP_CipherInit_ex2", "EVP_EncryptInit", + "EVP_DecryptInit", "EVP_CipherInit" + ] + } + + override DataFlow::Node getInput(IOType type) { + result = super.getInput(type) + or + this.getTarget().getName().toLowerCase().matches("%cipherinit%") and + result.asExpr() = this.getArgument(4) and + type = KeyOperationSubtypeIO() + } +} + +/** + * A call to EVP_Pkey_encrypt_init, EVP_Pkey_decrypt_init, or their 'ex' variants. + */ +class EvpPkeyEncryptDecryptInit extends OperationStep { + EvpPkeyEncryptDecryptInit() { + this.getTarget().getName() in [ + "EVP_PKEY_encrypt_init", "EVP_PKEY_encrypt_init_ex", "EVP_PKEY_decrypt_init", + "EVP_PKEY_decrypt_init_ex" + ] + } + + override DataFlow::Node getInput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + or + result.asExpr() = this.getArgument(1) and type = OsslParamIO() + } + + override DataFlow::Node getOutput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + } + + override OperationStepType getStepType() { result = InitializerStep() } +} + +class EvpCipherInitSKeyCall extends EvpEX2Initializer { + EvpCipherInitSKeyCall() { this.getTarget().getName() = "EVP_CipherInit_SKEY" } + + override DataFlow::Node getInput(IOType type) { + result = super.getInput(type) + or + result.asExpr() = this.getArgument(5) and + type = KeyOperationSubtypeIO() + } +} + +//EVP_PKEY_encrypt_init +/** + * A Call to EVP_Cipher/Encrypt/DecryptUpdate. + * https://docs.openssl.org/3.2/man3/EVP_CipherUpdate + */ +class EvpCipherUpdateCall extends OperationStep { + EvpCipherUpdateCall() { + this.getTarget().getName() in ["EVP_EncryptUpdate", "EVP_DecryptUpdate", "EVP_CipherUpdate"] + } + + override DataFlow::Node getInput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + or + result.asExpr() = this.getArgument(3) and type = PlaintextIO() + } + + override DataFlow::Node getOutput(IOType type) { + result.asExpr() = this.getArgument(1) and type = CiphertextIO() + or + result.asExpr() = this.getArgument(0) and type = ContextIO() + } + + override OperationStepType getStepType() { result = UpdateStep() } +} + +/** + * see: https://docs.openssl.org/master/man3/EVP_EncryptInit/#synopsis + * Base configuration for all EVP cipher operations. + */ +abstract class EvpCipherOperationFinalStep extends OperationStep { + override DataFlow::Node getInput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + } + + override DataFlow::Node getOutput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + } + + override OperationStepType getStepType() { result = FinalStep() } +} + +/** + * A Call to EVP_Cipher. + */ +class EvpCipherCall extends EvpCipherOperationFinalStep { + EvpCipherCall() { this.getTarget().getName() = "EVP_Cipher" } + + override DataFlow::Node getInput(IOType type) { + super.getInput(type) = result + or + result.asExpr() = this.getArgument(2) and type = PlaintextIO() + } + + override DataFlow::Node getOutput(IOType type) { + super.getInput(type) = result + or + result.asExpr() = this.getArgument(1) and type = CiphertextIO() + } +} + +/** + * A Call to an EVP Cipher/Encrypt/Decrypt final operation. + */ +class EvpCipherFinalCall extends EvpCipherOperationFinalStep { + EvpCipherFinalCall() { + this.getTarget().getName() in [ + "EVP_EncryptFinal_ex", "EVP_DecryptFinal_ex", "EVP_CipherFinal_ex", "EVP_EncryptFinal", + "EVP_DecryptFinal", "EVP_CipherFinal" + ] + } + + override DataFlow::Node getOutput(IOType type) { + super.getInput(type) = result + or + result.asDefiningArgument() = this.getArgument(1) and + type = CiphertextIO() + // TODO: could indicate text lengths here, as well + } +} + +/** + * A call to a PKEY_encrypt or PKEY_decrypt operation. + * https://docs.openssl.org/3.2/man3/EVP_PKEY_decrypt/ + * https://docs.openssl.org/3.2/man3/EVP_PKEY_encrypt + */ +class EvpPKeyCipherOperation extends EvpCipherOperationFinalStep { + EvpPKeyCipherOperation() { + this.getTarget().getName() in ["EVP_PKEY_encrypt", "EVP_PKEY_decrypt"] + } + + override DataFlow::Node getInput(IOType type) { + super.getInput(type) = result + or + result.asExpr() = this.getArgument(3) and type = PlaintextIO() + } + + override DataFlow::Node getOutput(IOType type) { + super.getInput(type) = result + or + result.asExpr() = this.getArgument(1) and type = CiphertextIO() + // TODO: could indicate text lengths here, as well + } +} + +/** + * An EVP cipher operation instance. + * Any operation step that is a final operation step for EVP cipher operation steps. + */ +class EvpCipherOperationInstance extends Crypto::KeyOperationInstance instanceof EvpCipherOperationFinalStep +{ + override Crypto::AlgorithmValueConsumer getAnAlgorithmValueConsumer() { + super.getPrimaryAlgorithmValueConsumer() = result + } + + override Crypto::KeyOperationSubtype getKeyOperationSubtype() { + result instanceof Crypto::TEncryptMode and + super.getTarget().getName().toLowerCase().matches("%encrypt%") + or + result instanceof Crypto::TDecryptMode and + super.getTarget().getName().toLowerCase().matches("%decrypt%") + or + super.getTarget().getName().toLowerCase().matches("%cipher%") and + resolveKeyOperationSubTypeOperationStep(super + .getDominatingInitializersToStep(KeyOperationSubtypeIO())) = result + } + + override Crypto::ConsumerInputDataFlowNode getNonceConsumer() { + super.getDominatingInitializersToStep(IVorNonceIO()).getInput(IVorNonceIO()) = result + } + + override Crypto::ConsumerInputDataFlowNode getKeyConsumer() { + super.getDominatingInitializersToStep(KeyIO()).getInput(KeyIO()) = result + } + + override Crypto::ArtifactOutputDataFlowNode getOutputArtifact() { + exists(OperationStep s | + s.flowsToOperationStep(this) and + result = s.getOutput(CiphertextIO()) + ) + } + + override Crypto::ConsumerInputDataFlowNode getInputConsumer() { + super.getDominatingInitializersToStep(PlaintextIO()).getInput(PlaintextIO()) = result + } +} diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/ECKeyGenOperation.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/ECKeyGenOperation.qll deleted file mode 100644 index 65eebae585b..00000000000 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/ECKeyGenOperation.qll +++ /dev/null @@ -1,33 +0,0 @@ -private import experimental.quantum.Language -private import OpenSSLOperationBase -private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumers -private import semmle.code.cpp.dataflow.new.DataFlow - -class ECKeyGenOperation extends OpenSslOperation, Crypto::KeyGenerationOperationInstance { - ECKeyGenOperation() { this.(Call).getTarget().getName() = "EC_KEY_generate_key" } - - override Expr getAlgorithmArg() { result = this.(Call).getArgument(0) } - - override Crypto::KeyArtifactType getOutputKeyType() { result = Crypto::TAsymmetricKeyType() } - - override Crypto::ArtifactOutputDataFlowNode getOutputKeyArtifact() { - result.asExpr() = this.(Call).getArgument(0) - } - - override Crypto::ConsumerInputDataFlowNode getKeySizeConsumer() { - none() // no explicit key size, inferred from algorithm - } - - override int getKeySizeFixed() { - none() - // TODO: marked as none as the operation itself has no key size, it - // comes from the algorithm source, but note we could grab the - // algorithm source and get the key size (see below). - // We may need to reconsider what is the best approach here. - // result = - // this.getAnAlgorithmValueConsumer() - // .getAKnownAlgorithmSource() - // .(Crypto::EllipticCurveInstance) - // .getKeySize() - } -} diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPCipherOperation.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPCipherOperation.qll deleted file mode 100644 index 1f5bf9e442c..00000000000 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPCipherOperation.qll +++ /dev/null @@ -1,181 +0,0 @@ -private import experimental.quantum.Language -private import experimental.quantum.OpenSSL.CtxFlow -private import OpenSSLOperationBase -private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumers - -// TODO: need to add key consumer -abstract class Evp_Cipher_Initializer extends EvpKeyOperationSubtypeInitializer, - EvpPrimaryAlgorithmInitializer, EvpKeyInitializer, EvpIVInitializer -{ - override CtxPointerSource getContext() { result = this.(Call).getArgument(0) } - - override Expr getAlgorithmArg() { result = this.(Call).getArgument(1) } -} - -abstract class Evp_EX_Initializer extends Evp_Cipher_Initializer { - override Expr getKeyArg() { - // Null key indicates the key is not actually set - // This pattern can occur during a multi-step initialization - // TODO/Note: not flowing 0 to the sink, assuming a direct use of NULL for now - result = this.(Call).getArgument(3) and - (exists(result.getValue()) implies result.getValue().toInt() != 0) - } - - override Expr getIVArg() { - // Null IV indicates the IV is not actually set - // This occurs given that setting the IV sometimes requires first setting the IV size. - // TODO/Note: not flowing 0 to the sink, assuming a direct use of NULL for now - result = this.(Call).getArgument(4) and - (exists(result.getValue()) implies result.getValue().toInt() != 0) - } -} - -abstract class Evp_EX2_Initializer extends Evp_Cipher_Initializer { - override Expr getKeyArg() { result = this.(Call).getArgument(2) } - - override Expr getIVArg() { result = this.(Call).getArgument(3) } -} - -class EvpCipherEXInitCall extends Evp_EX_Initializer { - EvpCipherEXInitCall() { - this.(Call).getTarget().getName() in [ - "EVP_EncryptInit_ex", "EVP_DecryptInit_ex", "EVP_CipherInit_ex" - ] - } - - override Expr getKeyOperationSubtypeArg() { - // NOTE: for EncryptInit and DecryptInit there is no subtype arg - // the subtype is determined automatically by the initializer based on the operation name - this.(Call).getTarget().getName().toLowerCase().matches("%cipherinit%") and - result = this.(Call).getArgument(5) - } -} - -// if this.(Call).getTarget().getName().toLowerCase().matches("%encrypt%") -// then result instanceof Crypto::TEncryptMode -// else -// if this.(Call).getTarget().getName().toLowerCase().matches("%decrypt%") -// then result instanceof Crypto::TDecryptMode -class Evp_Cipher_EX2_or_Simple_Init_Call extends Evp_EX2_Initializer { - Evp_Cipher_EX2_or_Simple_Init_Call() { - this.(Call).getTarget().getName() in [ - "EVP_EncryptInit_ex2", "EVP_DecryptInit_ex2", "EVP_CipherInit_ex2", "EVP_EncryptInit", - "EVP_DecryptInit", "EVP_CipherInit" - ] - } - - override Expr getKeyOperationSubtypeArg() { - this.(Call).getTarget().getName().toLowerCase().matches("%cipherinit%") and - result = this.(Call).getArgument(4) - } -} - -class Evp_CipherInit_SKey_Call extends Evp_EX2_Initializer { - Evp_CipherInit_SKey_Call() { this.(Call).getTarget().getName() = "EVP_CipherInit_SKEY" } - - override Expr getKeyOperationSubtypeArg() { result = this.(Call).getArgument(5) } -} - -class Evp_Cipher_Update_Call extends EvpUpdate { - Evp_Cipher_Update_Call() { - this.(Call).getTarget().getName() in [ - "EVP_EncryptUpdate", "EVP_DecryptUpdate", "EVP_CipherUpdate" - ] - } - - override CtxPointerSource getContext() { result = this.(Call).getArgument(0) } - - override Expr getInputArg() { result = this.(Call).getArgument(3) } - - override Expr getOutputArg() { result = this.(Call).getArgument(1) } -} - -/** - * see: https://docs.openssl.org/master/man3/EVP_EncryptInit/#synopsis - * Base configuration for all EVP cipher operations. - */ -abstract class Evp_Cipher_Operation extends EvpOperation, Crypto::KeyOperationInstance { - override Expr getOutputArg() { result = this.(Call).getArgument(1) } - - override Crypto::KeyOperationSubtype getKeyOperationSubtype() { - result instanceof Crypto::TEncryptMode and - this.(Call).getTarget().getName().toLowerCase().matches("%encrypt%") - or - result instanceof Crypto::TDecryptMode and - this.(Call).getTarget().getName().toLowerCase().matches("%decrypt%") - or - result = this.getInitCall().(EvpKeyOperationSubtypeInitializer).getKeyOperationSubtype() and - this.(Call).getTarget().getName().toLowerCase().matches("%cipher%") - } - - override Crypto::ConsumerInputDataFlowNode getNonceConsumer() { - this.getInitCall().(EvpIVInitializer).getIVArg() = result.asExpr() - } - - override Crypto::ConsumerInputDataFlowNode getKeyConsumer() { - this.getInitCall().(EvpKeyInitializer).getKeyArg() = result.asExpr() - // todo: or track to the EVP_PKEY_CTX_new - } - - override Crypto::ArtifactOutputDataFlowNode getOutputArtifact() { - result = EvpOperation.super.getOutputArtifact() - } - - override Crypto::ConsumerInputDataFlowNode getInputConsumer() { - result = EvpOperation.super.getInputConsumer() - } -} - -class Evp_Cipher_Call extends EvpOperation, Evp_Cipher_Operation { - Evp_Cipher_Call() { this.(Call).getTarget().getName() = "EVP_Cipher" } - - override Expr getInputArg() { result = this.(Call).getArgument(2) } - - override Expr getAlgorithmArg() { - result = this.getInitCall().(EvpPrimaryAlgorithmInitializer).getAlgorithmArg() - } - - override CtxPointerSource getContext() { result = this.(Call).getArgument(0) } -} - -class Evp_Cipher_Final_Call extends EvpFinal, Evp_Cipher_Operation { - Evp_Cipher_Final_Call() { - this.(Call).getTarget().getName() in [ - "EVP_EncryptFinal_ex", "EVP_DecryptFinal_ex", "EVP_CipherFinal_ex", "EVP_EncryptFinal", - "EVP_DecryptFinal", "EVP_CipherFinal" - ] - } - - /** - * Output is both from update calls and from the final call. - */ - override Expr getOutputArg() { - result = EvpFinal.super.getOutputArg() - or - result = Evp_Cipher_Operation.super.getOutputArg() - } - - override Expr getAlgorithmArg() { - result = this.getInitCall().(EvpPrimaryAlgorithmInitializer).getAlgorithmArg() - } - - override CtxPointerSource getContext() { result = this.(Call).getArgument(0) } -} - -/** - * https://docs.openssl.org/3.2/man3/EVP_PKEY_decrypt/ - * https://docs.openssl.org/3.2/man3/EVP_PKEY_encrypt - */ -class Evp_PKey_Cipher_Operation extends Evp_Cipher_Operation { - Evp_PKey_Cipher_Operation() { - this.(Call).getTarget().getName() in ["EVP_PKEY_encrypt", "EVP_PKEY_decrypt"] - } - - override Expr getInputArg() { result = this.(Call).getArgument(3) } - - override CtxPointerSource getContext() { result = this.(Call).getArgument(0) } - - override Expr getAlgorithmArg() { - result = this.getInitCall().(EvpPrimaryAlgorithmInitializer).getAlgorithmArg() - } -} diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPHashOperation.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPHashOperation.qll deleted file mode 100644 index b99c5432a1a..00000000000 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPHashOperation.qll +++ /dev/null @@ -1,106 +0,0 @@ -/** - * https://docs.openssl.org/3.0/man3/EVP_DigestInit/#synopsis - */ - -private import experimental.quantum.Language -private import experimental.quantum.OpenSSL.CtxFlow -private import OpenSSLOperationBase -private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumers - -class Evp_DigestInit_Variant_Calls extends EvpPrimaryAlgorithmInitializer { - Evp_DigestInit_Variant_Calls() { - this.(Call).getTarget().getName() in [ - "EVP_DigestInit", "EVP_DigestInit_ex", "EVP_DigestInit_ex2" - ] - } - - override Expr getAlgorithmArg() { result = this.(Call).getArgument(1) } - - override CtxPointerSource getContext() { result = this.(Call).getArgument(0) } -} - -class Evp_Digest_Update_Call extends EvpUpdate { - Evp_Digest_Update_Call() { this.(Call).getTarget().getName() = "EVP_DigestUpdate" } - - override Expr getInputArg() { result = this.(Call).getArgument(1) } - - override CtxPointerSource getContext() { result = this.(Call).getArgument(0) } -} - -//https://docs.openssl.org/3.0/man3/EVP_DigestInit/#synopsis -class Evp_Q_Digest_Operation extends EvpOperation, Crypto::HashOperationInstance { - Evp_Q_Digest_Operation() { this.(Call).getTarget().getName() = "EVP_Q_digest" } - - override Expr getAlgorithmArg() { result = this.(Call).getArgument(1) } - - override EvpInitializer getInitCall() { - // This variant of digest does not use an init - // and even if it were used, the init would be ignored/undefined - none() - } - - override Expr getInputArg() { result = this.(Call).getArgument(3) } - - override Expr getOutputArg() { result = this.(Call).getArgument(5) } - - override Crypto::ArtifactOutputDataFlowNode getOutputArtifact() { - result = EvpOperation.super.getOutputArtifact() - } - - override Crypto::ConsumerInputDataFlowNode getInputConsumer() { - result = EvpOperation.super.getInputConsumer() - } - - override CtxPointerSource getContext() { result = this.(Call).getArgument(0) } -} - -class Evp_Digest_Operation extends EvpOperation, Crypto::HashOperationInstance { - Evp_Digest_Operation() { this.(Call).getTarget().getName() = "EVP_Digest" } - - // There is no context argument for this function - override CtxPointerSource getContext() { none() } - - override Expr getAlgorithmArg() { result = this.(Call).getArgument(4) } - - override EvpPrimaryAlgorithmInitializer getInitCall() { - // This variant of digest does not use an init - // and even if it were used, the init would be ignored/undefined - none() - } - - override Expr getInputArg() { result = this.(Call).getArgument(0) } - - override Expr getOutputArg() { result = this.(Call).getArgument(2) } - - override Crypto::ArtifactOutputDataFlowNode getOutputArtifact() { - result = EvpOperation.super.getOutputArtifact() - } - - override Crypto::ConsumerInputDataFlowNode getInputConsumer() { - result = EvpOperation.super.getInputConsumer() - } -} - -class Evp_Digest_Final_Call extends EvpFinal, Crypto::HashOperationInstance { - Evp_Digest_Final_Call() { - this.(Call).getTarget().getName() in [ - "EVP_DigestFinal", "EVP_DigestFinal_ex", "EVP_DigestFinalXOF" - ] - } - - override CtxPointerSource getContext() { result = this.(Call).getArgument(0) } - - override Expr getOutputArg() { result = this.(Call).getArgument(1) } - - override Crypto::ArtifactOutputDataFlowNode getOutputArtifact() { - result = EvpFinal.super.getOutputArtifact() - } - - override Crypto::ConsumerInputDataFlowNode getInputConsumer() { - result = EvpFinal.super.getInputConsumer() - } - - override Expr getAlgorithmArg() { - result = this.getInitCall().(EvpPrimaryAlgorithmInitializer).getAlgorithmArg() - } -} diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPKeyGenOperation.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPKeyGenOperation.qll deleted file mode 100644 index 47f341e17b1..00000000000 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPKeyGenOperation.qll +++ /dev/null @@ -1,96 +0,0 @@ -private import experimental.quantum.Language -private import experimental.quantum.OpenSSL.CtxFlow -private import OpenSSLOperationBase -private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumers - -class EvpKeyGenInitialize extends EvpPrimaryAlgorithmInitializer { - EvpKeyGenInitialize() { - this.(Call).getTarget().getName() in [ - "EVP_PKEY_keygen_init", - "EVP_PKEY_paramgen_init" - ] - } - - /** - * Gets the algorithm argument. - * In this case the algorithm is encoded through the context argument. - * The context may be directly created from an algorithm consumer, - * or from a new operation off of a prior key. Either way, - * we will treat this argument as the algorithm argument. - */ - override Expr getAlgorithmArg() { result = this.getContext() } - - override CtxPointerSource getContext() { result = this.(Call).getArgument(0) } -} - -class EvpKeyGenOperation extends EvpOperation, Crypto::KeyGenerationOperationInstance { - DataFlow::Node keyResultNode; - - EvpKeyGenOperation() { - this.(Call).getTarget().getName() in ["EVP_RSA_gen", "EVP_PKEY_Q_keygen"] and - keyResultNode.asExpr() = this - or - this.(Call).getTarget().getName() in ["EVP_PKEY_generate", "EVP_PKEY_keygen"] and - keyResultNode.asDefiningArgument() = this.(Call).getArgument(1) - } - - override CtxPointerSource getContext() { result = this.(Call).getArgument(0) } - - override Expr getAlgorithmArg() { - this.(Call).getTarget().getName() = "EVP_PKEY_Q_keygen" and - result = this.(Call).getArgument(0) - or - result = this.getInitCall().(EvpPrimaryAlgorithmInitializer).getAlgorithmArg() - } - - override Crypto::KeyArtifactType getOutputKeyType() { result = Crypto::TAsymmetricKeyType() } - - override Expr getInputArg() { none() } - - override Expr getOutputArg() { result = keyResultNode.asExpr() } - - override Crypto::ArtifactOutputDataFlowNode getOutputKeyArtifact() { result = keyResultNode } - - override Crypto::ConsumerInputDataFlowNode getKeySizeConsumer() { - this.(Call).getTarget().getName() = "EVP_PKEY_Q_keygen" and - result = DataFlow::exprNode(this.(Call).getArgument(3)) and - // Arg 3 (0 based) is only a key size if the 'type' parameter is RSA, however, - // as a crude approximation, assume that if the type of the argument is not a derived type - // the argument must specify a key size (this is to avoid tracing if "rsa" is in the type parameter) - not this.(Call).getArgument(3).getType().getUnderlyingType() instanceof DerivedType - or - this.(Call).getTarget().getName() = "EVP_RSA_gen" and - result = DataFlow::exprNode(this.(Call).getArgument(0)) - or - result = DataFlow::exprNode(this.getInitCall().(EvpKeySizeInitializer).getKeySizeArg()) - } -} - -/** - * A call to `EVP_PKEY_new_mac_key` that creatse a new generic MAC key. - * Signature: EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, const unsigned char *key, int keylen); - */ -class EvpNewMacKey extends EvpOperation, Crypto::KeyGenerationOperationInstance { - DataFlow::Node keyResultNode; - - EvpNewMacKey() { - this.(Call).getTarget().getName() = "EVP_PKEY_new_mac_key" and keyResultNode.asExpr() = this - } - - override CtxPointerSource getContext() { none() } - - override Crypto::KeyArtifactType getOutputKeyType() { result = Crypto::TSymmetricKeyType() } - - override Expr getOutputArg() { result = keyResultNode.asExpr() } - - override Crypto::ArtifactOutputDataFlowNode getOutputKeyArtifact() { result = keyResultNode } - - override Expr getInputArg() { none() } - - override Expr getAlgorithmArg() { result = this.(Call).getArgument(0) } - - override Crypto::ConsumerInputDataFlowNode getKeySizeConsumer() { - result = DataFlow::exprNode(this.(Call).getArgument(3)) - } -} -/// TODO: https://docs.openssl.org/3.0/man3/EVP_PKEY_new/#synopsis diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPPKeyCtxInitializer.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPPKeyCtxInitializer.qll index d7060931317..d4282400f2a 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPPKeyCtxInitializer.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPPKeyCtxInitializer.qll @@ -6,7 +6,6 @@ */ import cpp -private import experimental.quantum.OpenSSL.CtxFlow private import OpenSSLOperations /** @@ -14,49 +13,66 @@ private import OpenSSLOperations * These calls initialize the context from a prior key. * The key may be generated previously, or merely had it's * parameters set (e.g., `EVP_PKEY_paramgen`). - * NOTE: for the case of `EVP_PKEY_paramgen`, these calls - * are encoded as context passthroughs, and any operation - * will get all associated initializers for the paramgen - * at the final keygen operation automatically. */ -class EvpNewKeyCtx extends EvpKeyInitializer { +class EvpNewKeyCtx extends OperationStep instanceof Call { Expr keyArg; EvpNewKeyCtx() { - this.(Call).getTarget().getName() = "EVP_PKEY_CTX_new" and - keyArg = this.(Call).getArgument(0) + this.getTarget().getName() = "EVP_PKEY_CTX_new" and + keyArg = this.getArgument(0) or - this.(Call).getTarget().getName() = "EVP_PKEY_CTX_new_from_pkey" and - keyArg = this.(Call).getArgument(1) + this.getTarget().getName() = "EVP_PKEY_CTX_new_from_pkey" and + keyArg = this.getArgument(1) } - /** - * Context is returned - */ - override CtxPointerSource getContext() { result = this } + override DataFlow::Node getInput(IOType type) { + result.asExpr() = keyArg and type = KeyIO() + or + this.getTarget().getName() = "EVP_PKEY_CTX_new_from_pkey" and + result.asDefiningArgument() = this.getArgument(0) and + type = OsslLibContextIO() + } - override Expr getKeyArg() { result = keyArg } + override DataFlow::Node getOutput(IOType type) { result.asExpr() = this and type = ContextIO() } + + override OperationStepType getStepType() { result = ContextCreationStep() } } /** * A call to "EVP_PKEY_CTX_set_ec_paramgen_curve_nid". - * Note that this is a primary algorithm as the pattenr is to specify an "EC" context, - * then set the specific curve later. Although the curve is set later, it is the primary - * algorithm intended for an operation. */ -class EvpCtxSetPrimaryAlgorithmInitializer extends EvpPrimaryAlgorithmInitializer { - EvpCtxSetPrimaryAlgorithmInitializer() { - this.(Call).getTarget().getName() = "EVP_PKEY_CTX_set_ec_paramgen_curve_nid" +class EvpCtxSetEcParamgenCurveNidInitializer extends OperationStep { + EvpCtxSetEcParamgenCurveNidInitializer() { + this.getTarget().getName() = "EVP_PKEY_CTX_set_ec_paramgen_curve_nid" } - override Expr getAlgorithmArg() { result = this.(Call).getArgument(1) } + override DataFlow::Node getInput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + or + result.asExpr() = this.getArgument(1) and type = PrimaryAlgorithmIO() + } - override CtxPointerSource getContext() { result = this.(Call).getArgument(0) } + override DataFlow::Node getOutput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + } + + override OperationStepType getStepType() { result = InitializerStep() } } -class EvpCtxSetHashAlgorithmInitializer extends EvpHashAlgorithmInitializer { - EvpCtxSetHashAlgorithmInitializer() { - this.(Call).getTarget().getName() in [ +/** + * A call to the following: + * - `EVP_PKEY_CTX_set_signature_md` + * - `EVP_PKEY_CTX_set_rsa_mgf1_md_name` + * - `EVP_PKEY_CTX_set_rsa_mgf1_md` + * - `EVP_PKEY_CTX_set_rsa_oaep_md_name` + * - `EVP_PKEY_CTX_set_rsa_oaep_md` + * - `EVP_PKEY_CTX_set_dsa_paramgen_md` + * - `EVP_PKEY_CTX_set_dh_kdf_md` + * - `EVP_PKEY_CTX_set_ecdh_kdf_md` + */ +class EvpCtxSetHashInitializer extends OperationStep { + EvpCtxSetHashInitializer() { + this.getTarget().getName() in [ "EVP_PKEY_CTX_set_signature_md", "EVP_PKEY_CTX_set_rsa_mgf1_md_name", "EVP_PKEY_CTX_set_rsa_mgf1_md", "EVP_PKEY_CTX_set_rsa_oaep_md_name", "EVP_PKEY_CTX_set_rsa_oaep_md", "EVP_PKEY_CTX_set_dsa_paramgen_md", @@ -64,56 +80,95 @@ class EvpCtxSetHashAlgorithmInitializer extends EvpHashAlgorithmInitializer { ] } - override Expr getHashAlgorithmArg() { result = this.(Call).getArgument(1) } - - override CtxPointerSource getContext() { result = this.(Call).getArgument(0) } -} - -class EvpCtxSetKeySizeInitializer extends EvpKeySizeInitializer { - Expr arg; - - EvpCtxSetKeySizeInitializer() { - this.(Call).getTarget().getName() in [ - "EVP_PKEY_CTX_set_rsa_keygen_bits", "EVP_PKEY_CTX_set_dsa_paramgen_bits", - "EVP_CIPHER_CTX_set_key_length" - ] and - arg = this.(Call).getArgument(1) + override DataFlow::Node getInput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() or - this.(Call).getTarget().getName() = "EVP_PKEY_CTX_set_mac_key" and - arg = this.(Call).getArgument(2) + result.asExpr() = this.getArgument(1) and type = HashAlgorithmIO() } - override Expr getKeySizeArg() { result = arg } + override DataFlow::Node getOutput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + } - override CtxPointerSource getContext() { result = this.(Call).getArgument(0) } + override OperationStepType getStepType() { result = InitializerStep() } } -class EvpCtxSetKeyInitializer extends EvpKeyInitializer { - EvpCtxSetKeyInitializer() { this.(Call).getTarget().getName() = "EVP_PKEY_CTX_set_mac_key" } - - override Expr getKeyArg() { result = this.(Call).getArgument(1) } - - override CtxPointerSource getContext() { result = this.(Call).getArgument(0) } -} - -class EvpCtxSetPaddingInitializer extends EvpPaddingInitializer { - EvpCtxSetPaddingInitializer() { - this.(Call).getTarget().getName() in [ - "EVP_PKEY_CTX_set_rsa_padding", "EVP_CIPHER_CTX_set_padding" +/** + * A call to `EVP_PKEY_CTX_set_rsa_keygen_bits`, `EVP_PKEY_CTX_set_dsa_paramgen_bits`, + * or `EVP_CIPHER_CTX_set_key_length`. + */ +class EvpCtxSetKeySizeInitializer extends OperationStep { + EvpCtxSetKeySizeInitializer() { + this.getTarget().getName() in [ + "EVP_PKEY_CTX_set_rsa_keygen_bits", "EVP_PKEY_CTX_set_dsa_paramgen_bits", + "EVP_CIPHER_CTX_set_key_length" ] } - override Expr getPaddingArg() { result = this.(Call).getArgument(1) } - - override CtxPointerSource getContext() { result = this.(Call).getArgument(0) } -} - -class EvpCtxSetSaltLengthInitializer extends EvpSaltLengthInitializer { - EvpCtxSetSaltLengthInitializer() { - this.(Call).getTarget().getName() = "EVP_PKEY_CTX_set_rsa_pss_saltlen" + override DataFlow::Node getInput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + or + result.asExpr() = this.getArgument(1) and type = KeySizeIO() } - override Expr getSaltLengthArg() { result = this.(Call).getArgument(1) } + override DataFlow::Node getOutput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + } - override CtxPointerSource getContext() { result = this.(Call).getArgument(0) } + override OperationStepType getStepType() { result = InitializerStep() } +} + +class EvpCtxSetMacKeyInitializer extends OperationStep { + EvpCtxSetMacKeyInitializer() { this.getTarget().getName() = "EVP_PKEY_CTX_set_mac_key" } + + override DataFlow::Node getInput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + or + result.asExpr() = this.getArgument(2) and type = KeySizeIO() + or + // the raw key that is configured into the output key + result.asExpr() = this.getArgument(1) and type = KeyIO() + } + + override DataFlow::Node getOutput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + } + + override OperationStepType getStepType() { result = InitializerStep() } +} + +class EvpCtxSetPaddingInitializer extends OperationStep { + EvpCtxSetPaddingInitializer() { + this.getTarget().getName() in ["EVP_PKEY_CTX_set_rsa_padding", "EVP_CIPHER_CTX_set_padding"] + } + + override DataFlow::Node getInput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + or + result.asExpr() = this.getArgument(1) and type = PaddingAlgorithmIO() + } + + override DataFlow::Node getOutput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + } + + override OperationStepType getStepType() { result = InitializerStep() } +} + +class EvpCtxSetSaltLengthInitializer extends OperationStep { + EvpCtxSetSaltLengthInitializer() { + this.getTarget().getName() = "EVP_PKEY_CTX_set_rsa_pss_saltlen" + } + + override DataFlow::Node getInput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + or + result.asExpr() = this.getArgument(1) and type = SaltLengthIO() + } + + override DataFlow::Node getOutput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + } + + override OperationStepType getStepType() { result = InitializerStep() } } diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPSignatureOperation.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPSignatureOperation.qll deleted file mode 100644 index 41a82865291..00000000000 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPSignatureOperation.qll +++ /dev/null @@ -1,200 +0,0 @@ -/** - * Provides classes for modeling OpenSSL's EVP signature operations - */ - -private import experimental.quantum.Language -private import experimental.quantum.OpenSSL.AvcFlow -private import experimental.quantum.OpenSSL.CtxFlow -private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumers -private import experimental.quantum.OpenSSL.Operations.OpenSSLOperations - -// TODO: verification functions -class EvpSignatureDigestInitializer extends EvpHashAlgorithmInitializer { - Expr arg; - - EvpSignatureDigestInitializer() { - this.(Call).getTarget().getName() in ["EVP_DigestSignInit_ex", "EVP_DigestSignInit"] and - arg = this.(Call).getArgument(2) - or - this.(Call).getTarget().getName() in ["EVP_SignInit", "EVP_SignInit_ex"] and - arg = this.(Call).getArgument(1) - } - - override Expr getHashAlgorithmArg() { result = arg } - - override CtxPointerSource getContext() { result = this.(Call).getArgument(0) } -} - -class EvpSignatureKeyInitializer extends EvpKeyInitializer { - Expr arg; - - EvpSignatureKeyInitializer() { - this.(Call).getTarget().getName() = "EVP_DigestSignInit_ex" and - arg = this.(Call).getArgument(5) - or - this.(Call).getTarget().getName() = "EVP_DigestSignInit" and - arg = this.(Call).getArgument(4) - } - - override Expr getKeyArg() { result = arg } - - override CtxPointerSource getContext() { result = this.(Call).getArgument(0) } -} - -class EvpSignaturePrimaryAlgorithmInitializer extends EvpPrimaryAlgorithmInitializer { - Expr arg; - - EvpSignaturePrimaryAlgorithmInitializer() { - // signature algorithm - this.(Call).getTarget().getName() in ["EVP_PKEY_sign_init_ex2", "EVP_PKEY_sign_message_init"] and - arg = this.(Call).getArgument(1) - or - // configuration through the context argument - this.(Call).getTarget().getName() in ["EVP_PKEY_sign_init", "EVP_PKEY_sign_init_ex"] and - arg = this.getContext() - } - - override Expr getAlgorithmArg() { result = arg } - - override CtxPointerSource getContext() { result = this.(Call).getArgument(0) } -} - -class Evp_Signature_Update_Call extends EvpUpdate { - Evp_Signature_Update_Call() { - this.(Call).getTarget().getName() in [ - "EVP_DigestSignUpdate", "EVP_SignUpdate", "EVP_PKEY_sign_message_update" - ] - } - - /** - * Input is the message to sign. - */ - override Expr getInputArg() { result = this.(Call).getArgument(1) } - - override CtxPointerSource getContext() { result = this.(Call).getArgument(0) } -} - -/** - * We model output explicit output arguments as predicate to use it in constructors. - * The predicate must cover all EVP_Signature_Operation subclasses. - */ -pragma[inline] -private Expr signatureOperationOutputArg(Call call) { - if call.getTarget().getName() = "EVP_SignFinal_ex" - then result = call.getArgument(2) - else result = call.getArgument(1) -} - -/** - * The base configuration for all EVP signature operations. - */ -abstract class EvpSignatureOperation extends EvpOperation, Crypto::SignatureOperationInstance { - EvpSignatureOperation() { - this.(Call).getTarget().getName().matches("EVP_%") and - // NULL output argument means the call is to get the size of the signature and such call is not an operation - ( - not exists(signatureOperationOutputArg(this).getValue()) - or - signatureOperationOutputArg(this).getValue() != "0" - ) - } - - Expr getHashAlgorithmArg() { - this.getInitCall().(EvpHashAlgorithmInitializer).getHashAlgorithmArg() = result - } - - override Expr getAlgorithmArg() { - this.getInitCall().(EvpPrimaryAlgorithmInitializer).getAlgorithmArg() = result - } - - override Crypto::AlgorithmValueConsumer getHashAlgorithmValueConsumer() { - AvcToCallArgFlow::flow(result.(OpenSslAlgorithmValueConsumer).getResultNode(), - DataFlow::exprNode(this.getHashAlgorithmArg())) - } - - /** - * Signing, verification or unknown. - */ - override Crypto::KeyOperationSubtype getKeyOperationSubtype() { - // TODO: if this KeyOperationSubtype does not match initialization call's KeyOperationSubtype then we found a bug - if this.(Call).getTarget().getName().toLowerCase().matches("%sign%") - then result instanceof Crypto::TSignMode - else - if this.(Call).getTarget().getName().toLowerCase().matches("%verify%") - then result instanceof Crypto::TVerifyMode - else result instanceof Crypto::TUnknownKeyOperationMode - } - - override Crypto::ConsumerInputDataFlowNode getNonceConsumer() { - // TODO: some signing operations may have explicit nonce generators - none() - } - - /** - * Keys provided in the initialization call or in a context are found by this method. - * Keys in explicit arguments are found by overridden methods in extending classes. - */ - override Crypto::ConsumerInputDataFlowNode getKeyConsumer() { - result = DataFlow::exprNode(this.getInitCall().(EvpKeyInitializer).getKeyArg()) - } - - override Crypto::ArtifactOutputDataFlowNode getOutputArtifact() { - result = EvpOperation.super.getOutputArtifact() - } - - override Crypto::ConsumerInputDataFlowNode getInputConsumer() { - result = EvpOperation.super.getInputConsumer() - } - - /** - * TODO: only signing operations for now, change when verificaiton is added - */ - override Crypto::ConsumerInputDataFlowNode getSignatureConsumer() { none() } -} - -class Evp_Signature_Call extends EvpSignatureOperation { - Evp_Signature_Call() { this.(Call).getTarget().getName() in ["EVP_DigestSign", "EVP_PKEY_sign"] } - - /** - * Output is the signature. - */ - override Expr getOutputArg() { result = signatureOperationOutputArg(this) } - - override CtxPointerSource getContext() { result = this.(Call).getArgument(0) } - - /** - * Input is the message to sign. - */ - override Expr getInputArg() { result = this.(Call).getArgument(3) } -} - -class Evp_Signature_Final_Call extends EvpFinal, EvpSignatureOperation { - Evp_Signature_Final_Call() { - this.(Call).getTarget().getName() in [ - "EVP_DigestSignFinal", - "EVP_SignFinal_ex", - "EVP_SignFinal", - "EVP_PKEY_sign_message_final" - ] - } - - override CtxPointerSource getContext() { result = this.(Call).getArgument(0) } - - override Expr getAlgorithmArg() { - this.getInitCall().(EvpPrimaryAlgorithmInitializer).getAlgorithmArg() = result - } - - override Crypto::ConsumerInputDataFlowNode getKeyConsumer() { - // key provided as an argument - this.(Call).getTarget().getName() in ["EVP_SignFinal", "EVP_SignFinal_ex"] and - result = DataFlow::exprNode(this.(Call).getArgument(3)) - or - // or find key in the initialization call - result = EvpSignatureOperation.super.getKeyConsumer() - } - - /** - * Output is the signature. - */ - override Expr getOutputArg() { result = signatureOperationOutputArg(this) } -} diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/HashOperation.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/HashOperation.qll new file mode 100644 index 00000000000..b62bc1cf98e --- /dev/null +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/HashOperation.qll @@ -0,0 +1,141 @@ +/** + * https://docs.openssl.org/3.0/man3/EVP_DigestInit/#synopsis + */ + +private import experimental.quantum.Language +private import OpenSSLOperationBase +private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumers + +/** + * A call to and EVP digest initializer, such as: + * - `EVP_DigestInit` + * - `EVP_DigestInit_ex` + * - `EVP_DigestInit_ex2` + */ +class EvpDigestInitVariantCalls extends OperationStep { + EvpDigestInitVariantCalls() { + this.(Call).getTarget().getName() in [ + "EVP_DigestInit", "EVP_DigestInit_ex", "EVP_DigestInit_ex2" + ] + } + + override DataFlow::Node getInput(IOType type) { + result.asExpr() = this.(Call).getArgument(0) and type = ContextIO() + or + result.asExpr() = this.(Call).getArgument(1) and type = PrimaryAlgorithmIO() + } + + override DataFlow::Node getOutput(IOType type) { + result.asExpr() = this.(Call).getArgument(0) and + type = ContextIO() + } + + override OperationStepType getStepType() { result = InitializerStep() } +} + +/** + * A call to `EVP_DigestUpdate`. + */ +class EvpDigestUpdateCall extends OperationStep { + EvpDigestUpdateCall() { this.(Call).getTarget().getName() = "EVP_DigestUpdate" } + + override DataFlow::Node getInput(IOType type) { + result.asExpr() = this.(Call).getArgument(0) and type = ContextIO() + or + result.asExpr() = this.(Call).getArgument(1) and type = PlaintextIO() + } + + override DataFlow::Node getOutput(IOType type) { + result.asExpr() = this.(Call).getArgument(0) and + type = ContextIO() + } + + override OperationStepType getStepType() { result = UpdateStep() } +} + +/** + * A base class for final digest operations. + */ +abstract class EVPFinalDigestOperationStep extends OperationStep { + override OperationStepType getStepType() { result = FinalStep() } +} + +/** + * A call to `EVP_Q_digest` + * https://docs.openssl.org/3.0/man3/EVP_DigestInit/#synopsis + */ +class EvpQDigestOperation extends EVPFinalDigestOperationStep { + EvpQDigestOperation() { this.(Call).getTarget().getName() = "EVP_Q_digest" } + + override DataFlow::Node getInput(IOType type) { + result.asExpr() = this.(Call).getArgument(1) and type = PrimaryAlgorithmIO() + or + result.asExpr() = this.(Call).getArgument(0) and type = ContextIO() + or + result.asExpr() = this.(Call).getArgument(3) and type = PlaintextIO() + } + + override DataFlow::Node getOutput(IOType type) { + result.asExpr() = this.(Call).getArgument(0) and + type = ContextIO() + or + result.asDefiningArgument() = this.(Call).getArgument(5) and type = DigestIO() + } +} + +class EvpDigestOperation extends EVPFinalDigestOperationStep { + EvpDigestOperation() { this.(Call).getTarget().getName() = "EVP_Digest" } + + override DataFlow::Node getInput(IOType type) { + result.asExpr() = this.(Call).getArgument(4) and type = PrimaryAlgorithmIO() + or + result.asExpr() = this.(Call).getArgument(0) and type = PlaintextIO() + } + + override DataFlow::Node getOutput(IOType type) { + result.asDefiningArgument() = this.(Call).getArgument(2) and type = DigestIO() + } +} + +/** + * A call to EVP_DigestFinal variants + */ +class EvpDigestFinalCall extends EVPFinalDigestOperationStep { + EvpDigestFinalCall() { + this.(Call).getTarget().getName() in [ + "EVP_DigestFinal", "EVP_DigestFinal_ex", "EVP_DigestFinalXOF" + ] + } + + override DataFlow::Node getInput(IOType type) { + result.asExpr() = this.(Call).getArgument(0) and type = ContextIO() + } + + override DataFlow::Node getOutput(IOType type) { + result.asExpr() = this.(Call).getArgument(0) and + type = ContextIO() + or + result.asDefiningArgument() = this.(Call).getArgument(1) and type = DigestIO() + } +} + +/** + * An openssl digest final hash operation instance + */ +class EvpDigestFinalOperationInstance extends Crypto::HashOperationInstance instanceof EVPFinalDigestOperationStep +{ + override Crypto::AlgorithmValueConsumer getAnAlgorithmValueConsumer() { + super.getPrimaryAlgorithmValueConsumer() = result + } + + override Crypto::ArtifactOutputDataFlowNode getOutputArtifact() { + exists(OperationStep s | + s.flowsToOperationStep(this) and + result = s.getOutput(DigestIO()) + ) + } + + override Crypto::ConsumerInputDataFlowNode getInputConsumer() { + super.getDominatingInitializersToStep(PlaintextIO()).getInput(PlaintextIO()) = result + } +} diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/KeyGenOperation.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/KeyGenOperation.qll new file mode 100644 index 00000000000..a0ff4a6341b --- /dev/null +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/KeyGenOperation.qll @@ -0,0 +1,203 @@ +private import experimental.quantum.Language +private import OpenSSLOperationBase +private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumers + +/** + * A call to EC_KEY_generate_key, which is used to generate an EC key pair. + * Note: this is an operation, though the input parameter is a "EC_KEY*". + * EC_KEY is really an empty context for a key that hasn't been generated, hence + * we consider this an operation generating a key and not accepting a key input. + */ +class ECKeyGen extends OperationStep instanceof Call { + //, Crypto::KeyGenerationOperationInstance { + ECKeyGen() { this.(Call).getTarget().getName() = "EC_KEY_generate_key" } + + override DataFlow::Node getInput(IOType type) { + result.asExpr() = this.(Call).getArgument(0) and type = ContextIO() + } + + override DataFlow::Node getOutput(IOType type) { result.asExpr() = this and type = KeyIO() } + + override OperationStepType getStepType() { result = ContextCreationStep() } +} + +/** + * A call to EVP_PKEY_keygen_init or EVP_PKEY_paramgen_init. + */ +class EvpKeyGenInitialize extends OperationStep { + EvpKeyGenInitialize() { + this.getTarget().getName() in [ + "EVP_PKEY_keygen_init", + "EVP_PKEY_paramgen_init" + ] + } + + override DataFlow::Node getInput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + } + + override DataFlow::Node getOutput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + } + + override OperationStepType getStepType() { result = InitializerStep() } +} + +abstract class KeyGenFinalOperationStep extends OperationStep { + override OperationStepType getStepType() { result = FinalStep() } +} + +/** + * A call to `EVP_PKEY_Q_keygen` + */ +class EvpPKeyQKeyGen extends KeyGenFinalOperationStep instanceof Call { + EvpPKeyQKeyGen() { this.getTarget().getName() = "EVP_PKEY_Q_keygen" } + + override DataFlow::Node getOutput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + or + result.asExpr() = this and type = KeyIO() + } + + override DataFlow::Node getInput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + or + // When arg 3 is a derived type, it is a curve name, otherwise it is a key size for RSA if provided + // and arg 2 is the algorithm type + this.getArgument(3).getType().getUnderlyingType() instanceof DerivedType and + result.asExpr() = this.getArgument(3) and + type = PrimaryAlgorithmIO() + or + not this.getArgument(3).getType().getUnderlyingType() instanceof DerivedType and + result.asExpr() = this.getArgument(2) and + type = PrimaryAlgorithmIO() + or + not this.getArgument(3).getType().getUnderlyingType() instanceof DerivedType and + result.asExpr() = this.getArgument(3) and + type = KeySizeIO() + } +} + +/** + * A call to `EVP_RSA_gen` + */ +class EvpRsaGen extends KeyGenFinalOperationStep instanceof Call { + EvpRsaGen() { this.getTarget().getName() = "EVP_RSA_gen" } + + override DataFlow::Node getOutput(IOType type) { result.asExpr() = this and type = KeyIO() } + + override DataFlow::Node getInput(IOType type) { + result.asExpr() = this.getArgument(0) and type = KeySizeIO() + } +} + +/** + * A call to RSA_generate_key + */ +class RsaGenerateKey extends KeyGenFinalOperationStep instanceof Call { + RsaGenerateKey() { this.getTarget().getName() = "RSA_generate_key" } + + override DataFlow::Node getOutput(IOType type) { result.asExpr() = this and type = KeyIO() } + + override DataFlow::Node getInput(IOType type) { + result.asExpr() = this.getArgument(0) and type = KeySizeIO() + } +} + +/** + * A call to RSA_generate_key_ex + */ +class RsaGenerateKeyEx extends KeyGenFinalOperationStep instanceof Call { + RsaGenerateKeyEx() { this.getTarget().getName() = "RSA_generate_key_ex" } + + override DataFlow::Node getOutput(IOType type) { + result.asDefiningArgument() = this.getArgument(0) and type = KeyIO() + } + + override DataFlow::Node getInput(IOType type) { + // arg 0 comes in as a blank RSA key, which we consider a context, + // on output it is considered a key + result.asExpr() = this.getArgument(0) and type = ContextIO() + } +} + +/** + * A call to `EVP_PKEY_generate` or `EVP_PKEY_keygen`. + */ +class EvpPkeyGen extends KeyGenFinalOperationStep instanceof Call { + EvpPkeyGen() { this.getTarget().getName() in ["EVP_PKEY_generate", "EVP_PKEY_keygen"] } + + override DataFlow::Node getInput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + } + + override DataFlow::Node getOutput(IOType type) { + result.asDefiningArgument() = this.getArgument(1) and type = KeyIO() + or + result.asExpr() = this.getArgument(0) and type = ContextIO() + } +} + +/** + * A call to `EVP_PKEY_new_mac_key` that creates a new generic MAC key. + * - EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, const unsigned char *key, int keylen); + */ +class EvpNewMacKey extends KeyGenFinalOperationStep { + EvpNewMacKey() { this.getTarget().getName() = "EVP_PKEY_new_mac_key" } + + override DataFlow::Node getInput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + or + // the raw key that is configured into the output key + result.asExpr() = this.getArgument(2) and type = KeyIO() + or + result.asExpr() = this.getArgument(3) and type = KeySizeIO() + } + + override DataFlow::Node getOutput(IOType type) { + result.asExpr() = this and type = KeyIO() + or + result.asExpr() = this.getArgument(0) and type = ContextIO() + } +} + +/// TODO: https://docs.openssl.org/3.0/man3/EVP_PKEY_new/#synopsis +/** + * An `KeyGenerationOperationInstance` for the for all key gen final operation steps. + */ +class KeyGenOperationInstance extends Crypto::KeyGenerationOperationInstance instanceof KeyGenFinalOperationStep +{ + override Crypto::AlgorithmValueConsumer getAnAlgorithmValueConsumer() { + super.getPrimaryAlgorithmValueConsumer() = result + } + + override Crypto::KeyArtifactType getOutputKeyType() { result = Crypto::TAsymmetricKeyType() } + + override Crypto::ArtifactOutputDataFlowNode getOutputKeyArtifact() { + exists(OperationStep s | + s.flowsToOperationStep(this) and + result = s.getOutput(KeyIO()) + ) + } + + override Crypto::ConsumerInputDataFlowNode getKeySizeConsumer() { + super.getDominatingInitializersToStep(KeySizeIO()).getInput(KeySizeIO()) = result + } + + override int getKeySizeFixed() { + none() + // TODO: marked as none as the operation itself has no key size, it + // comes from the algorithm source, but note we could grab the + // algorithm source and get the key size (see below). + // We may need to reconsider what is the best approach here. + // result = + // this.getAnAlgorithmValueConsumer() + // .getAKnownAlgorithmSource() + // .(Crypto::EllipticCurveInstance) + // .getKeySize() + } + + override Crypto::ConsumerInputDataFlowNode getRawKeyValueConsumer() { + super.getDominatingInitializersToStep(KeyIO()).getInput(KeyIO()) = result + } +} diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/OpenSSLOperationBase.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/OpenSSLOperationBase.qll index 34d7f6acec8..6289593edb7 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/OpenSSLOperationBase.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/OpenSSLOperationBase.qll @@ -1,316 +1,523 @@ private import experimental.quantum.Language -private import experimental.quantum.OpenSSL.AvcFlow -private import experimental.quantum.OpenSSL.CtxFlow -private import experimental.quantum.OpenSSL.KeyFlow private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumers +import semmle.code.cpp.dataflow.new.DataFlow // Importing these intializers here to ensure the are part of any model that is // using OpenSslOperationBase. This further ensures that initializers are tied to opeartions // even if only importing the operation by itself. import EVPPKeyCtxInitializer +//TODO: this needs to just be ctx type definitions +// private import experimental.quantum.OpenSSL.CtxTypes +/** + * An openSSL CTX type, which is type for which the stripped underlying type + * matches the pattern 'evp_%ctx_%st'. + * This includes types like: + * - EVP_CIPHER_CTX + * - EVP_MD_CTX + * - EVP_PKEY_CTX + */ +class CtxType extends Type { + CtxType() { + // It is possible for users to use the underlying type of the CTX variables + // these have a name matching 'evp_%ctx_%st + this.getUnspecifiedType().stripType().getName().matches("evp_%ctx_%st") + or + // In principal the above check should be sufficient, but in case of build mode none issues + // i.e., if a typedef cannot be resolved, + // or issues with properly stubbing test cases, we also explicitly check for the wrapping type defs + // i.e., patterns matching 'EVP_%_CTX' + exists(Type base | base = this or base = this.(DerivedType).getBaseType() | + base.getName().matches("EVP_%_CTX") + ) + } +} + +/** + * A pointer to a CtxType + */ +class CtxPointerExpr extends Expr { + CtxPointerExpr() { + this.getType() instanceof CtxType and + this.getType() instanceof PointerType + } +} + +/** + * A call argument of type CtxPointerExpr. + */ +class CtxPointerArgument extends CtxPointerExpr { + CtxPointerArgument() { exists(Call c | c.getAnArgument() = this) } + + Call getCall() { result.getAnArgument() = this } +} + +/** + * A call returning a CtxPointerExpr. + */ +private class CtxPointerReturn extends CtxPointerExpr instanceof Call { + Call getCall() { result = this } +} + +/** + * The type of inputs and ouputs for an `OperationStep`. + */ +newtype TIOType = + CiphertextIO() or + // Used for typical CTX types, but not for OSSL_PARAM or OSSL_LIB_CTX + // For OSSL_PARAM and OSSL_LIB_CTX use of OsslParamIO and OsslLibContextIO + ContextIO() or + DigestIO() or + HashAlgorithmIO() or + IVorNonceIO() or + KeyIO() or + KeyOperationSubtypeIO() or + KeySizeIO() or + // Used for OSSL_LIB_CTX + OsslLibContextIO() or + // Used for OSSL_PARAM + OsslParamIO() or + MacIO() or + PaddingAlgorithmIO() or + // Plaintext also includes a message for digest, signature, verification, and mac generation + PlaintextIO() or + PrimaryAlgorithmIO() or + RandomSourceIO() or + SaltLengthIO() or + SeedIO() or + SignatureIO() + +private string ioTypeToString(TIOType t) { + t = CiphertextIO() and result = "CiphertextIO" + or + t = ContextIO() and result = "ContextIO" + or + t = DigestIO() and result = "DigestIO" + or + t = HashAlgorithmIO() and result = "HashAlgorithmIO" + or + t = IVorNonceIO() and result = "IVorNonceIO" + or + t = KeyIO() and result = "KeyIO" + or + t = KeyOperationSubtypeIO() and result = "KeyOperationSubtypeIO" + or + t = KeySizeIO() and result = "KeySizeIO" + or + t = OsslLibContextIO() and result = "OsslLibContextIO" + or + t = OsslParamIO() and result = "OsslParamIO" + or + t = MacIO() and result = "MacIO" + or + t = PaddingAlgorithmIO() and result = "PaddingAlgorithmIO" + or + t = PlaintextIO() and result = "PlaintextIO" + or + t = PrimaryAlgorithmIO() and result = "PrimaryAlgorithmIO" + or + t = RandomSourceIO() and result = "RandomSourceIO" + or + t = SaltLengthIO() and result = "SaltLengthIO" + or + t = SeedIO() and result = "SeedIO" + or + t = SignatureIO() and result = "SignatureIO" +} + +class IOType extends TIOType { + string toString() { + result = ioTypeToString(this) + or + not exists(ioTypeToString(this)) and result = "UnknownIOType" + } +} + +//TODO: add more initializers as needed +/** + * The type of step in an `OperationStep`. + * - `ContextCreationStep`: the creation of a context from an algorithm or key. + * for example `EVP_MD_CTX_create(EVP_sha256())` or `EVP_PKEY_CTX_new(pkey, NULL)` + * - `InitializerStep`: the initialization of an operation through some sort of shared/accumulated context + * for example `EVP_DigestInit_ex(ctx, EVP_sha256(), NULL)` + * - `UpdateStep`: any operation that has and update/final paradigm, the update represents an intermediate step in an operation, + * such as `EVP_DigestUpdate(ctx, data, len)` + * - `FinalStep`: an ultimate operation step. This may be an explicit 'final' in an update/final paradigm, but not necessarily. + * Any operation that does nto operate through an update/final paradigm is considered a final step. + */ +newtype OperationStepType = + // Context creation captures cases where a context is created from an algorithm or key + // + ContextCreationStep() or + InitializerStep() or + UpdateStep() or + FinalStep() + +/** + * A step in configuring an operation. + * Captures creation of contexts from algorithms or keys, + * initalization of configurations on contexts, + * update operations (intermediate steps in an operation) + * and the operation itself. + * + * NOTE: if an operation is configured through a means other than a call + * e.g., a pattern like ctx->alg = EVP_sha256() + * then this class will need to be modified to account for that paradigm. + * Currently, this is not a known pattern in OpenSSL. + */ +abstract class OperationStep extends Call { + /** + * Gets the output nodes from the given operation step. + * These are the nodes that flow connecting this step + * to any other step in the operation should follow. + */ + abstract DataFlow::Node getOutput(IOType type); + + /** + * Gets any output node from the given operation step. + */ + final DataFlow::Node getAnOutput() { result = this.getOutput(_) } + + /** + * Gets the input nodes for the given operation step. + */ + abstract DataFlow::Node getInput(IOType type); + + /** + * Gets any input node for the given operation step. + */ + final DataFlow::Node getAnInput() { result = this.getInput(_) } + + /** + * Gets the type of the step, e.g., ContextCreationStep, InitializerStep, UpdateStep, FinalStep. + */ + abstract OperationStepType getStepType(); + + /** + * Holds if this operation step flows to the given `OperationStep` `sink`. + * If `sink` is `this`, then this holds true. + */ + predicate flowsToOperationStep(OperationStep sink) { + sink = this or + OperationStepFlow::flow(this.getAnOutput(), sink.getAnInput()) + } + + /** + * Holds if this operation step flows from the given `OperationStep` (`source`). + * If `source` is `this`, then this holds true. + */ + predicate flowsFromOperationStep(OperationStep source) { + source = this or + OperationStepFlow::flow(source.getAnOutput(), this.getAnInput()) + } + + /** + * Holds if this operation step sets a value of the given `IOType`. + */ + predicate setsValue(IOType type) { exists(this.getInput(type)) } + + /** + * Gets operation steps that flow to `this` and set the given `IOType`. + * This checks for the last initializers that flow to the `this`, + * i.e., if a value is set then re-set, the last set operation step is returned, + * not both. + * Note: Any 'update' that sets a value is not considered to be 'resetting' an input. + * I.e., there is a difference between changing a configuration before use and + * the oepration allows for multiple inputs (like plaintext for cipher update calls before final). + */ + OperationStep getDominatingInitializersToStep(IOType type) { + result.flowsToOperationStep(this) and + result.setsValue(type) and + ( + result.getStepType() = UpdateStep() + or + not exists(OperationStep reset | + reset != this and + reset != result and + reset.setsValue(type) and + reset.flowsToOperationStep(this) and + result.flowsToOperationStep(reset) + ) + ) + } + + /** + * Gets an AVC for the primary algorithm for this operation. + * A primary algorithm is an AVC that flows to a ctx input directly or + * an AVC that flows to a primary algorithm input directly. + * See `AvcContextCreationStep` for details about resetting scenarios. + * Gets the first OperationStep an AVC flows to. If a context input, + * the AVC is considered primary. + * If a primary algorithm input, then get the last set primary algorithm + * operation step (dominating operation step, see `getDominatingInitializersToStep`). + */ + Crypto::AlgorithmValueConsumer getPrimaryAlgorithmValueConsumer() { + exists(DataFlow::Node src, DataFlow::Node sink, IOType t, OperationStep avcSucc | + (t = PrimaryAlgorithmIO() or t = ContextIO()) and + avcSucc.flowsToOperationStep(this) and + src.asExpr() = result and + sink = avcSucc.getInput(t) and + AvcToOperationStepFlow::flow(src, sink) and + ( + // Case 1: the avcSucc step is a dominating initialization step + t = PrimaryAlgorithmIO() and + avcSucc = this.getDominatingInitializersToStep(PrimaryAlgorithmIO()) + or + // Case 2: the succ is a context input (any avcSucc is valid) + t = ContextIO() + ) + ) + } + + /** + * Gets the algorithm value consumer for an input to `this` operation step + * of the given `type`. + * TODO: generalize to use this for `getPrimaryAlgorithmValueConsumer` + */ + Crypto::AlgorithmValueConsumer getAlgorithmValueConsumerForInput(IOType type) { + exists(DataFlow::Node src, DataFlow::Node sink | + AvcToOperationStepFlow::flow(src, sink) and + src.asExpr() = result and + sink = this.getInput(type) + ) + } +} + +/** + * An AVC is considered to output a 'context type', however, + * each AVC has it's own output types in practice. + * Some output algorithm containers (`EVP_get_cipherbyname`) + * some output explicit contexts (`EVP_PKEY_CTX_new_from_name`). + * The output of an AVC cannot be determined to be a primary algorithm (PrimaryAlgorithmIO), that depends + * on the use of the AVC output. + * The use is assumed to be of two forms: + * - The AVC output flows to a known input that accepts an algorithm + * e.g., `EVP_DigestInit(ctx, type)` the `type` parameter is known to be the primary algorithm. + * `EVP_SignInit(ctx, type)` the `type` parameter is known to be a digest algorithm for the signature. + * - The AVC output flows to a context initialization step + * e.g., `pkey_ctx = EVP_PKEY_CTX_new_from_name(libctx, name, propquery)` this is an AVC call, but the + * API says the output is a context. It is consumed typically by something like: + * `ctx = EVP_PKEY_keygen_init(pkey_ctx)`, but note I cannot consider the `pkey_ctx` parameter to always be a primary algorithm, + * a key gen can be inited by a prior key as well, e.g., `ctx = EVP_PKEY_CTX_new(pkey, NULL)`. + * Hence, these initialization steps take in a context that may have come from an AVC or something else, + * and therefore cannot be considered a primary algorithm. + * Assumption: The first operation step an AVC flows to will be of the above two forms. + * Resetting Algorithm Concerns and Assumptions: + * What if a user resets the algorithm through another AVC call? + * How would we detect that and only look at the 'dominating' (last set) AVC? + * From an AVC, always assess the first operation step it flows to. + * If the first step is to a context input, then we assume that reset is not possible in the same path. + * I.e., a user cannot reset the algorithm without starting an entirely new operation step chain. + * See the use patterns for `pkey_ctx = EVP_PKEY_CTX_new_from_name(...)` mentioned above. A user cannot + * reset the algorithm without calling a new `ctx = EVP_PKEY_keygen_init(pkey_ctx)`, + * i.e., subsequent flow follows the `ctx` output. + * If the first step is to any other input, then we use the `getDominatingInitializersToStep` + * to find the last AVC that set the algorithm for the operation step. + * Domination checks must occur at an operation step (e.g., at a final operation). + * This operation step does not find the dominating AVC. + * If a primary algorithm is explicitly set and and AVC is set through a context input, + * we will use both cases as primary inputs. + */ +class AvcContextCreationStep extends OperationStep instanceof OpenSslAlgorithmValueConsumer { + DataFlow::Node output; + DataFlow::Node input; + + override DataFlow::Node getOutput(IOType type) { + type = ContextIO() and result = super.getResultNode() + } + + override DataFlow::Node getInput(IOType type) { none() } + + override OperationStepType getStepType() { result = ContextCreationStep() } +} + +abstract private class CtxPassThroughCall extends Call { + abstract DataFlow::Node getNode1(); + + abstract DataFlow::Node getNode2(); +} + +/** + * A call whose target contains 'free' or 'reset' and has an argument of type + * CtxPointerArgument. + */ +private class CtxClearCall extends Call { + CtxClearCall() { + this.getTarget().getName().toLowerCase().matches(["%free%", "%reset%"]) and + this.getAnArgument() instanceof CtxPointerArgument + } +} + +/** + * A call whose target contains 'copy' and has an argument of type + * CtxPointerArgument. + */ +private class CtxCopyOutArgCall extends CtxPassThroughCall { + DataFlow::Node n1; + DataFlow::Node n2; + + CtxCopyOutArgCall() { + this.getTarget().getName().toLowerCase().matches("%copy%") and + n1.asExpr() = this.getAnArgument() and + n1.getType() instanceof CtxType and + n2.asDefiningArgument() = this.getAnArgument() and + n2.getType() instanceof CtxType and + n1.asDefiningArgument() != n2.asExpr() + } + + override DataFlow::Node getNode1() { result = n1 } + + override DataFlow::Node getNode2() { result = n2 } +} + +/** + * A call whose target contains 'dup' and has an argument of type + * CtxPointerArgument. + */ +private class CtxCopyReturnCall extends CtxPassThroughCall, CtxPointerExpr { + DataFlow::Node n1; + + CtxCopyReturnCall() { + this.getTarget().getName().toLowerCase().matches("%dup%") and + n1.asExpr() = this.getAnArgument() and + n1.getType() instanceof CtxType + } + + override DataFlow::Node getNode1() { result = n1 } + + override DataFlow::Node getNode2() { result.asExpr() = this } +} + +// TODO: is this still needed? +/** + * A call to `EVP_PKEY_paramgen` acts as a kind of pass through. + * It's output pkey is eventually used in a new operation generating + * a fresh context pointer (e.g., `EVP_PKEY_CTX_new`). + * It is easier to model this as a pass through + * than to model the flow from the paramgen to the new key generation. + */ +private class CtxParamGenCall extends CtxPassThroughCall { + DataFlow::Node n1; + DataFlow::Node n2; + + CtxParamGenCall() { + this.getTarget().getName() = "EVP_PKEY_paramgen" and + n1.asExpr() = this.getArgument(0) and + ( + n2.asExpr() = this.getArgument(1) + or + n2.asDefiningArgument() = this.getArgument(1) + ) + } + + override DataFlow::Node getNode1() { result = n1 } + + override DataFlow::Node getNode2() { result = n2 } +} + +//TODO: I am not sure CallArgToCtxRet is needed anymore +/** + * If the current node is an argument to a function + * that returns a pointer type, immediately flow through. + * NOTE: this passthrough is required if we allow + * intermediate steps to go into variables that are not a CTX type. + * See for example `CtxParamGenCall`. + */ +private class CallArgToCtxRet extends CtxPassThroughCall, CtxPointerExpr { + DataFlow::Node n1; + DataFlow::Node n2; + + CallArgToCtxRet() { + this.getAnArgument() = n1.asExpr() and + n2.asExpr() = this + } + + override DataFlow::Node getNode1() { result = n1 } + + override DataFlow::Node getNode2() { result = n2 } +} + +/** + * A flow configuration from any non-final `OperationStep` to any other `OperationStep`. + */ +module OperationStepFlowConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { + exists(OperationStep s | + s.getAnOutput() = source or + s.getAnInput() = source + ) + } + + predicate isSink(DataFlow::Node sink) { + exists(OperationStep s | + s.getAnInput() = sink or + s.getAnOutput() = sink + ) + } + + predicate isBarrier(DataFlow::Node node) { + exists(CtxClearCall c | c.getAnArgument() = node.asExpr()) + } + + predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) { + exists(CtxPassThroughCall c | c.getNode1() = node1 and c.getNode2() = node2) + or + // Flow out through all outputs from an operation step if more than one output + // is defined. + exists(OperationStep s | s.getAnInput() = node1 and s.getAnOutput() = node2) + // TODO: consideration for additional alises defined as follows: + // if an output from an operation step itself flows from teh output of another operation step + // then the source of that flow's outputs (all of them) are potential aliases + } +} + +module OperationStepFlow = DataFlow::Global; + +/** + * A flow from AVC to the first `OperationStep` the AVC reaches as an input. + */ +module AvcToOperationStepFlowConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { + exists(AvcContextCreationStep s | s.getAnOutput() = source) + } + + predicate isSink(DataFlow::Node sink) { exists(OperationStep s | s.getAnInput() = sink) } + + predicate isBarrier(DataFlow::Node node) { + exists(CtxClearCall c | c.getAnArgument() = node.asExpr()) + } + + /** + * Only get the first operation step encountered. + */ + predicate isBarrierOut(DataFlow::Node node) { isSink(node) } + + predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) { + exists(CtxPassThroughCall c | c.getNode1() = node1 and c.getNode2() = node2) + } +} + +module AvcToOperationStepFlow = DataFlow::Global; + module EncValToInitEncArgConfig implements DataFlow::ConfigSig { predicate isSource(DataFlow::Node source) { source.asExpr().getValue().toInt() in [0, 1] } predicate isSink(DataFlow::Node sink) { - exists(EvpKeyOperationSubtypeInitializer initCall | - sink.asExpr() = initCall.getKeyOperationSubtypeArg() - ) + exists(OperationStep s | sink = s.getInput(KeyOperationSubtypeIO())) } } module EncValToInitEncArgFlow = DataFlow::Global; -private predicate argToAvc(Expr arg, Crypto::AlgorithmValueConsumer avc) { - // NOTE: because we trace through keys to their sources we must consider that the arg is an avc - // Consider this example: - // EVP_PKEY *pkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, key, key_len); - // The key may trace into a signing operation. Tracing through the key we will get the arg taking `EVP_PKEY_HMAC` - // as the algorithm value consumer (the input node of the AVC). The output node of this AVC - // is the call return of `EVP_PKEY_new_mac_key`. If we trace from the AVC result to - // the input argument this will not be possible (from the return to the call argument is a backwards flow). - // Therefore, we must consider the input node of the AVC as the argument. - // This should only occur due to tracing through keys to find configuration data. - avc.getInputNode().asExpr() = arg +private Crypto::KeyOperationSubtype intToCipherOperationSubtype(int i) { + i = 0 and + result instanceof Crypto::TEncryptMode or - AvcToCallArgFlow::flow(avc.(OpenSslAlgorithmValueConsumer).getResultNode(), - DataFlow::exprNode(arg)) + i = 1 and result instanceof Crypto::TDecryptMode } -/** - * A class for all OpenSsl operations. - */ -abstract class OpenSslOperation extends Crypto::OperationInstance instanceof Call { - /** - * Gets the argument that specifies the algorithm for the operation. - * This argument might not be immediately present at the specified operation. - * For example, it might be set in an initialization call. - * Modelers of the operation are resonsible for linking the operation to any - * initialization calls, and providing that argument as a returned value here. - */ - abstract Expr getAlgorithmArg(); - - /** - * Algorithm is specified in initialization call or is implicitly established by the key. - */ - override Crypto::AlgorithmValueConsumer getAnAlgorithmValueConsumer() { - argToAvc(this.getAlgorithmArg(), result) - } -} - -/** - * A Call to an initialization function for an operation. - * These are not operations in the sense of Crypto::OperationInstance, - * but they are used to initialize the context for the operation. - * There may be multiple initialization calls for the same operation. - * Intended for use with EvPOperation. - */ -abstract class EvpInitializer extends Call { - /** - * Gets the context argument or return that ties together initialization, updates and/or final calls. - * The context is the context coming into the initializer and is the output as well. - * This is assumed to be the same argument. - */ - abstract CtxPointerSource getContext(); -} - -/** - * A call to initialize a key size. - */ -abstract class EvpKeySizeInitializer extends EvpInitializer { - abstract Expr getKeySizeArg(); -} - -/** - * A call to initialize a key operation subtype. - */ -abstract class EvpKeyOperationSubtypeInitializer extends EvpInitializer { - abstract Expr getKeyOperationSubtypeArg(); - - private Crypto::KeyOperationSubtype intToCipherOperationSubtype(int i) { - i = 0 and - result instanceof Crypto::TEncryptMode - or - i = 1 and result instanceof Crypto::TDecryptMode - } - - Crypto::KeyOperationSubtype getKeyOperationSubtype() { - exists(DataFlow::Node a, DataFlow::Node b | - EncValToInitEncArgFlow::flow(a, b) and - b.asExpr() = this.getKeyOperationSubtypeArg() and - result = this.intToCipherOperationSubtype(a.asExpr().getValue().toInt()) - ) - or - // Infer the subtype from the initialization call, and ignore the argument - this.(Call).getTarget().getName().toLowerCase().matches("%encrypt%") and - result instanceof Crypto::TEncryptMode - or - this.(Call).getTarget().getName().toLowerCase().matches("%decrypt%") and - result instanceof Crypto::TDecryptMode - } -} - -/** - * An primary algorithm initializer initializes the primary algorithm for a given operation. - * For example, for a signing operation, the algorithm initializer may initialize algorithms - * like RSA. Other algorithsm may be initialized on an operation, as part of a larger - * operation/protocol. For example, hashing operations on signing operations; however, - * these are not the primary algorithm. Any other algorithms initialized on an operation - * require a specialized initializer, such as EvpHashAlgorithmInitializer. - */ -abstract class EvpPrimaryAlgorithmInitializer extends EvpInitializer { - abstract Expr getAlgorithmArg(); - - Crypto::AlgorithmValueConsumer getAlgorithmValueConsumer() { - argToAvc(this.getAlgorithmArg(), result) - } -} - -/** - * A call to initialize a key. - */ -abstract class EvpKeyInitializer extends EvpInitializer { - abstract Expr getKeyArg(); -} - -/** - * A key initializer may initialize the algorithm and the key size through - * the key. Extend any instance of key initializer provide initialization - * of the algorithm and key size from the key. - */ -class EvpInitializerThroughKey extends EvpPrimaryAlgorithmInitializer, EvpKeySizeInitializer, - EvpKeyInitializer -{ - Expr arg; - CtxPointerSource context; - - EvpInitializerThroughKey() { - exists(EvpKeyInitializer keyInit | - arg = keyInit.getKeyArg() and this = keyInit and context = keyInit.getContext() - ) - } - - override CtxPointerSource getContext() { result = context } - - override Expr getAlgorithmArg() { - result = - getSourceKeyCreationInstanceFromArg(this.getKeyArg()).(OpenSslOperation).getAlgorithmArg() - } - - override Expr getKeySizeArg() { - result = getSourceKeyCreationInstanceFromArg(this.getKeyArg()).getKeySizeConsumer().asExpr() - } - - override Expr getKeyArg() { result = arg } -} - -/** - * A default initializer for any key operation that accepts a key as input. - * A key initializer allows for a mechanic to go backwards to the key creation operation - * and find the algorithm and key size. - * If a user were to stipualte a key consumer for an operation but fail to indicate it as an - * initializer, automatic tracing to the creation operation would not occur. - * USERS SHOULD NOT NEED TO USE OR EXTEND THIS CLASS DIRECTLY. - * - * TODO: re-evaluate this approach - */ -class DefaultKeyInitializer extends EvpKeyInitializer instanceof Crypto::KeyOperationInstance { - Expr arg; - - DefaultKeyInitializer() { - exists(Call c | - c.getAChild*() = arg and - arg = this.(Crypto::KeyOperationInstance).getKeyConsumer().asExpr() and - c = this - ) - } - - override Expr getKeyArg() { result = arg } - - override CtxPointerSource getContext() { result = this.(EvpOperation).getContext() } -} - -abstract class EvpIVInitializer extends EvpInitializer { - abstract Expr getIVArg(); -} - -/** - * A call to initialize padding. - */ -abstract class EvpPaddingInitializer extends EvpInitializer { - /** - * Gets the padding mode argument. - * e.g., `EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING)` argument 1 (0-based) - */ - abstract Expr getPaddingArg(); -} - -/** - * A call to initialize a salt length. - */ -abstract class EvpSaltLengthInitializer extends EvpInitializer { - /** - * Gets the salt length argument. - * e.g., `EVP_PKEY_CTX_set_scrypt_salt_len(ctx, 16)` argument 1 (0-based) - */ - abstract Expr getSaltLengthArg(); -} - -/** - * A call to initialize a hash algorithm. - */ -abstract class EvpHashAlgorithmInitializer extends EvpInitializer { - abstract Expr getHashAlgorithmArg(); - - Crypto::AlgorithmValueConsumer getHashAlgorithmValueConsumer() { - argToAvc(this.getHashAlgorithmArg(), result) - } -} - -/** - * A Call to an "update" function. - * These are not operations in the sense of Crypto::OperationInstance, - * but produce intermediate results for the operation that are later finalized - * (see EvpFinal). - * Intended for use with EvPOperation. - */ -abstract class EvpUpdate extends Call { - /** - * Gets the context argument that ties together initialization, updates and/or final calls. - */ - abstract CtxPointerSource getContext(); - - /** - * Update calls always have some input data like plaintext or message digest. - */ - abstract Expr getInputArg(); - - /** - * Update calls sometimes have some output data like a plaintext. - */ - Expr getOutputArg() { none() } -} - -/** - * The base class for all operations of the EVP API. - * This captures one-shot APIs (with and without an initilizer call) and final calls. - * Provides some default methods for Crypto::KeyOperationInstance class. - */ -abstract class EvpOperation extends OpenSslOperation { - /** - * Gets the context argument that ties together initialization, updates and/or final calls. - */ - abstract CtxPointerSource getContext(); - - /** - * Some input data like plaintext or message digest. - * Either argument provided direcly in the call or all arguments that were provided in update calls. - */ - abstract Expr getInputArg(); - - /** - * Some output data like ciphertext or signature. - */ - abstract Expr getOutputArg(); - - /** - * Finds the initialization call, may be none. - */ - EvpInitializer getInitCall() { ctxSrcToSrcFlow(result.getContext(), this.getContext()) } - - Crypto::ArtifactOutputDataFlowNode getOutputArtifact() { - result = DataFlow::exprNode(this.getOutputArg()) - } - - /** - * Input consumer is the input argument of the call. - */ - Crypto::ConsumerInputDataFlowNode getInputConsumer() { - result = DataFlow::exprNode(this.getInputArg()) - } -} - -/** - * An EVP final call, - * which is typicall used in an update/final pattern. - * Final operations are typically identified by "final" in the name, - * e.g., "EVP_DigestFinal", "EVP_EncryptFinal", etc. - * however, this is not a strict rule. - */ -abstract class EvpFinal extends EvpOperation { - /** - * All update calls that were executed before this final call. - */ - EvpUpdate getUpdateCalls() { ctxSrcToSrcFlow(result.getContext(), this.getContext()) } - - /** - * Gets the input data provided to all update calls. - * If more input data was provided in the final call, override the method. - */ - override Expr getInputArg() { result = this.getUpdateCalls().getInputArg() } - - /** - * Gets the output data provided to all update calls. - * If more output data was provided in the final call, override the method. - */ - override Expr getOutputArg() { result = this.getUpdateCalls().getOutputArg() } +Crypto::KeyOperationSubtype resolveKeyOperationSubTypeOperationStep(OperationStep s) { + exists(DataFlow::Node src | + EncValToInitEncArgFlow::flow(src, s.getInput(KeyOperationSubtypeIO())) and + result = intToCipherOperationSubtype(src.asExpr().getValue().toInt()) + ) } diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/OpenSSLOperationBase_bak.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/OpenSSLOperationBase_bak.qll new file mode 100644 index 00000000000..34d7f6acec8 --- /dev/null +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/OpenSSLOperationBase_bak.qll @@ -0,0 +1,316 @@ +private import experimental.quantum.Language +private import experimental.quantum.OpenSSL.AvcFlow +private import experimental.quantum.OpenSSL.CtxFlow +private import experimental.quantum.OpenSSL.KeyFlow +private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumers +// Importing these intializers here to ensure the are part of any model that is +// using OpenSslOperationBase. This further ensures that initializers are tied to opeartions +// even if only importing the operation by itself. +import EVPPKeyCtxInitializer + +module EncValToInitEncArgConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { source.asExpr().getValue().toInt() in [0, 1] } + + predicate isSink(DataFlow::Node sink) { + exists(EvpKeyOperationSubtypeInitializer initCall | + sink.asExpr() = initCall.getKeyOperationSubtypeArg() + ) + } +} + +module EncValToInitEncArgFlow = DataFlow::Global; + +private predicate argToAvc(Expr arg, Crypto::AlgorithmValueConsumer avc) { + // NOTE: because we trace through keys to their sources we must consider that the arg is an avc + // Consider this example: + // EVP_PKEY *pkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, key, key_len); + // The key may trace into a signing operation. Tracing through the key we will get the arg taking `EVP_PKEY_HMAC` + // as the algorithm value consumer (the input node of the AVC). The output node of this AVC + // is the call return of `EVP_PKEY_new_mac_key`. If we trace from the AVC result to + // the input argument this will not be possible (from the return to the call argument is a backwards flow). + // Therefore, we must consider the input node of the AVC as the argument. + // This should only occur due to tracing through keys to find configuration data. + avc.getInputNode().asExpr() = arg + or + AvcToCallArgFlow::flow(avc.(OpenSslAlgorithmValueConsumer).getResultNode(), + DataFlow::exprNode(arg)) +} + +/** + * A class for all OpenSsl operations. + */ +abstract class OpenSslOperation extends Crypto::OperationInstance instanceof Call { + /** + * Gets the argument that specifies the algorithm for the operation. + * This argument might not be immediately present at the specified operation. + * For example, it might be set in an initialization call. + * Modelers of the operation are resonsible for linking the operation to any + * initialization calls, and providing that argument as a returned value here. + */ + abstract Expr getAlgorithmArg(); + + /** + * Algorithm is specified in initialization call or is implicitly established by the key. + */ + override Crypto::AlgorithmValueConsumer getAnAlgorithmValueConsumer() { + argToAvc(this.getAlgorithmArg(), result) + } +} + +/** + * A Call to an initialization function for an operation. + * These are not operations in the sense of Crypto::OperationInstance, + * but they are used to initialize the context for the operation. + * There may be multiple initialization calls for the same operation. + * Intended for use with EvPOperation. + */ +abstract class EvpInitializer extends Call { + /** + * Gets the context argument or return that ties together initialization, updates and/or final calls. + * The context is the context coming into the initializer and is the output as well. + * This is assumed to be the same argument. + */ + abstract CtxPointerSource getContext(); +} + +/** + * A call to initialize a key size. + */ +abstract class EvpKeySizeInitializer extends EvpInitializer { + abstract Expr getKeySizeArg(); +} + +/** + * A call to initialize a key operation subtype. + */ +abstract class EvpKeyOperationSubtypeInitializer extends EvpInitializer { + abstract Expr getKeyOperationSubtypeArg(); + + private Crypto::KeyOperationSubtype intToCipherOperationSubtype(int i) { + i = 0 and + result instanceof Crypto::TEncryptMode + or + i = 1 and result instanceof Crypto::TDecryptMode + } + + Crypto::KeyOperationSubtype getKeyOperationSubtype() { + exists(DataFlow::Node a, DataFlow::Node b | + EncValToInitEncArgFlow::flow(a, b) and + b.asExpr() = this.getKeyOperationSubtypeArg() and + result = this.intToCipherOperationSubtype(a.asExpr().getValue().toInt()) + ) + or + // Infer the subtype from the initialization call, and ignore the argument + this.(Call).getTarget().getName().toLowerCase().matches("%encrypt%") and + result instanceof Crypto::TEncryptMode + or + this.(Call).getTarget().getName().toLowerCase().matches("%decrypt%") and + result instanceof Crypto::TDecryptMode + } +} + +/** + * An primary algorithm initializer initializes the primary algorithm for a given operation. + * For example, for a signing operation, the algorithm initializer may initialize algorithms + * like RSA. Other algorithsm may be initialized on an operation, as part of a larger + * operation/protocol. For example, hashing operations on signing operations; however, + * these are not the primary algorithm. Any other algorithms initialized on an operation + * require a specialized initializer, such as EvpHashAlgorithmInitializer. + */ +abstract class EvpPrimaryAlgorithmInitializer extends EvpInitializer { + abstract Expr getAlgorithmArg(); + + Crypto::AlgorithmValueConsumer getAlgorithmValueConsumer() { + argToAvc(this.getAlgorithmArg(), result) + } +} + +/** + * A call to initialize a key. + */ +abstract class EvpKeyInitializer extends EvpInitializer { + abstract Expr getKeyArg(); +} + +/** + * A key initializer may initialize the algorithm and the key size through + * the key. Extend any instance of key initializer provide initialization + * of the algorithm and key size from the key. + */ +class EvpInitializerThroughKey extends EvpPrimaryAlgorithmInitializer, EvpKeySizeInitializer, + EvpKeyInitializer +{ + Expr arg; + CtxPointerSource context; + + EvpInitializerThroughKey() { + exists(EvpKeyInitializer keyInit | + arg = keyInit.getKeyArg() and this = keyInit and context = keyInit.getContext() + ) + } + + override CtxPointerSource getContext() { result = context } + + override Expr getAlgorithmArg() { + result = + getSourceKeyCreationInstanceFromArg(this.getKeyArg()).(OpenSslOperation).getAlgorithmArg() + } + + override Expr getKeySizeArg() { + result = getSourceKeyCreationInstanceFromArg(this.getKeyArg()).getKeySizeConsumer().asExpr() + } + + override Expr getKeyArg() { result = arg } +} + +/** + * A default initializer for any key operation that accepts a key as input. + * A key initializer allows for a mechanic to go backwards to the key creation operation + * and find the algorithm and key size. + * If a user were to stipualte a key consumer for an operation but fail to indicate it as an + * initializer, automatic tracing to the creation operation would not occur. + * USERS SHOULD NOT NEED TO USE OR EXTEND THIS CLASS DIRECTLY. + * + * TODO: re-evaluate this approach + */ +class DefaultKeyInitializer extends EvpKeyInitializer instanceof Crypto::KeyOperationInstance { + Expr arg; + + DefaultKeyInitializer() { + exists(Call c | + c.getAChild*() = arg and + arg = this.(Crypto::KeyOperationInstance).getKeyConsumer().asExpr() and + c = this + ) + } + + override Expr getKeyArg() { result = arg } + + override CtxPointerSource getContext() { result = this.(EvpOperation).getContext() } +} + +abstract class EvpIVInitializer extends EvpInitializer { + abstract Expr getIVArg(); +} + +/** + * A call to initialize padding. + */ +abstract class EvpPaddingInitializer extends EvpInitializer { + /** + * Gets the padding mode argument. + * e.g., `EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING)` argument 1 (0-based) + */ + abstract Expr getPaddingArg(); +} + +/** + * A call to initialize a salt length. + */ +abstract class EvpSaltLengthInitializer extends EvpInitializer { + /** + * Gets the salt length argument. + * e.g., `EVP_PKEY_CTX_set_scrypt_salt_len(ctx, 16)` argument 1 (0-based) + */ + abstract Expr getSaltLengthArg(); +} + +/** + * A call to initialize a hash algorithm. + */ +abstract class EvpHashAlgorithmInitializer extends EvpInitializer { + abstract Expr getHashAlgorithmArg(); + + Crypto::AlgorithmValueConsumer getHashAlgorithmValueConsumer() { + argToAvc(this.getHashAlgorithmArg(), result) + } +} + +/** + * A Call to an "update" function. + * These are not operations in the sense of Crypto::OperationInstance, + * but produce intermediate results for the operation that are later finalized + * (see EvpFinal). + * Intended for use with EvPOperation. + */ +abstract class EvpUpdate extends Call { + /** + * Gets the context argument that ties together initialization, updates and/or final calls. + */ + abstract CtxPointerSource getContext(); + + /** + * Update calls always have some input data like plaintext or message digest. + */ + abstract Expr getInputArg(); + + /** + * Update calls sometimes have some output data like a plaintext. + */ + Expr getOutputArg() { none() } +} + +/** + * The base class for all operations of the EVP API. + * This captures one-shot APIs (with and without an initilizer call) and final calls. + * Provides some default methods for Crypto::KeyOperationInstance class. + */ +abstract class EvpOperation extends OpenSslOperation { + /** + * Gets the context argument that ties together initialization, updates and/or final calls. + */ + abstract CtxPointerSource getContext(); + + /** + * Some input data like plaintext or message digest. + * Either argument provided direcly in the call or all arguments that were provided in update calls. + */ + abstract Expr getInputArg(); + + /** + * Some output data like ciphertext or signature. + */ + abstract Expr getOutputArg(); + + /** + * Finds the initialization call, may be none. + */ + EvpInitializer getInitCall() { ctxSrcToSrcFlow(result.getContext(), this.getContext()) } + + Crypto::ArtifactOutputDataFlowNode getOutputArtifact() { + result = DataFlow::exprNode(this.getOutputArg()) + } + + /** + * Input consumer is the input argument of the call. + */ + Crypto::ConsumerInputDataFlowNode getInputConsumer() { + result = DataFlow::exprNode(this.getInputArg()) + } +} + +/** + * An EVP final call, + * which is typicall used in an update/final pattern. + * Final operations are typically identified by "final" in the name, + * e.g., "EVP_DigestFinal", "EVP_EncryptFinal", etc. + * however, this is not a strict rule. + */ +abstract class EvpFinal extends EvpOperation { + /** + * All update calls that were executed before this final call. + */ + EvpUpdate getUpdateCalls() { ctxSrcToSrcFlow(result.getContext(), this.getContext()) } + + /** + * Gets the input data provided to all update calls. + * If more input data was provided in the final call, override the method. + */ + override Expr getInputArg() { result = this.getUpdateCalls().getInputArg() } + + /** + * Gets the output data provided to all update calls. + * If more output data was provided in the final call, override the method. + */ + override Expr getOutputArg() { result = this.getUpdateCalls().getOutputArg() } +} diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/OpenSSLOperations.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/OpenSSLOperations.qll index 78b8f8ce080..be65ef3e1c0 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/OpenSSLOperations.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/OpenSSLOperations.qll @@ -1,6 +1,5 @@ import OpenSSLOperationBase -import EVPCipherOperation -import EVPHashOperation -import ECKeyGenOperation -import EVPSignatureOperation -import EVPKeyGenOperation +import CipherOperation +import HashOperation +import SignatureOperation +import KeyGenOperation diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/SignatureOperation.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/SignatureOperation.qll new file mode 100644 index 00000000000..84b7a1cb8c2 --- /dev/null +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/SignatureOperation.qll @@ -0,0 +1,263 @@ +/** + * Provides classes for modeling OpenSSL's EVP signature operations + */ + +private import experimental.quantum.Language +private import experimental.quantum.OpenSSL.AvcFlow +private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumers +private import experimental.quantum.OpenSSL.Operations.OpenSSLOperations + +// TODO: verification functions +/** + * A base class for final signature operations. + */ +abstract class EvpSignatureFinalOperation extends OperationStep { + override OperationStepType getStepType() { result = FinalStep() } +} + +/** + * A call to EVP_DigestSignInit or EVP_DigestSignInit_ex. + */ +class EvpSignatureDigestInitializer extends OperationStep { + EvpSignatureDigestInitializer() { + this.getTarget().getName() in ["EVP_DigestSignInit_ex", "EVP_DigestSignInit"] + } + + override DataFlow::Node getInput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + or + this.getTarget().getName() = "EVP_DigestSignInit_ex" and + result.asExpr() = this.getArgument(3) and + type = OsslLibContextIO() + or + result.asExpr() = this.getArgument(2) and type = HashAlgorithmIO() + or + this.getTarget().getName() = "EVP_DigestSignInit" and + result.asExpr() = this.getArgument(4) and + type = KeyIO() + or + this.getTarget().getName() = "EVP_DigestSignInit_ex" and + result.asExpr() = this.getArgument(5) and + type = KeyIO() + or + this.getTarget().getName() = "EVP_DigestSignInit_ex" and + result.asExpr() = this.getArgument(6) and + type = OsslParamIO() + } + + override DataFlow::Node getOutput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + or + // EVP_PKEY_CTX + result.asExpr() = this.getArgument(1) and type = ContextIO() + or + this.getTarget().getName() = "EVP_DigestSignInit_ex" and + result.asExpr() = this.getArgument(6) and + type = ContextIO() + } + + override OperationStepType getStepType() { result = InitializerStep() } +} + +/** + * A call to EVP_SignInit or EVP_SignInit_ex. + */ +class EvpSignInit extends OperationStep { + EvpSignInit() { this.getTarget().getName() in ["EVP_SignInit", "EVP_SignInit_ex"] } + + override DataFlow::Node getInput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + or + result.asExpr() = this.getArgument(1) and type = HashAlgorithmIO() + } + + override DataFlow::Node getOutput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + } + + override OperationStepType getStepType() { result = InitializerStep() } +} + +/** + * A call to: + * - EVP_PKEY_sign_init_ex + * - EVP_PKEY_sign_init_ex2 + * - EVP_PKEY_sign_init + * - EVP_PKEY_sign_message_init + */ +class EvpPkeySignInit extends OperationStep { + EvpPkeySignInit() { + this.getTarget().getName() in [ + "EVP_PKEY_sign_init_ex", "EVP_PKEY_sign_init_ex2", "EVP_PKEY_sign_init", + "EVP_PKEY_sign_message_init" + ] + } + + override DataFlow::Node getInput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + or + this.getTarget().getName() in ["EVP_PKEY_sign_init_ex2", "EVP_PKEY_sign_message_init"] and + result.asExpr() = this.getArgument(1) and + type = PrimaryAlgorithmIO() + or + this.getTarget().getName() = "EVP_PKEY_sign_init_ex" and + result.asExpr() = this.getArgument(1) and + type = OsslParamIO() + or + // Argument 2 (0 based) only exists for EVP_PKEY_sign_init_ex2 and EVP_PKEY_sign_message_init + result.asExpr() = this.getArgument(2) and type = OsslParamIO() + } + + override DataFlow::Node getOutput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + } + + override OperationStepType getStepType() { result = InitializerStep() } +} + +/** + * A call to EVP_DIgestSignUpdate, EVP_SignUpdate or EVP_PKEY_sign_message_update. + */ +class EvpSignatureUpdateCall extends OperationStep { + EvpSignatureUpdateCall() { + this.getTarget().getName() in [ + "EVP_DigestSignUpdate", "EVP_SignUpdate", "EVP_PKEY_sign_message_update" + ] + } + + override DataFlow::Node getInput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + or + result.asExpr() = this.getArgument(1) and type = PlaintextIO() + } + + override DataFlow::Node getOutput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + } + + override OperationStepType getStepType() { result = UpdateStep() } +} + +/** + * A call to EVP_SignFinal or EVP_SignFinal_ex. + */ +class EvpSignFinal extends EvpSignatureFinalOperation { + EvpSignFinal() { this.getTarget().getName() in ["EVP_SignFinal_ex", "EVP_SignFinal"] } + + override DataFlow::Node getInput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + or + result.asExpr() = this.getArgument(3) and type = KeyIO() + or + // params above 3 (0-based) only exist for EVP_SignFinal_ex + result.asExpr() = this.getArgument(4) and + type = OsslLibContextIO() + } + + override DataFlow::Node getOutput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + or + result.asExpr() = this.getArgument(1) and type = SignatureIO() + } +} + +/** + * A call to EVP_DigestSign or EVP_PKEY_sign. + */ +class EvpDigestSign extends EvpSignatureFinalOperation { + EvpDigestSign() { this.getTarget().getName() in ["EVP_DigestSign", "EVP_PKEY_sign"] } + + override DataFlow::Node getInput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + or + result.asExpr() = this.getArgument(3) and type = PlaintextIO() + } + + override DataFlow::Node getOutput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + or + result.asExpr() = this.getArgument(1) and type = SignatureIO() + } +} + +/** + * A call to EVP_DigestSignFinal or EVP_PKEY_sign_message_final. + */ +class EvpDigestAndPkeySignFinal extends EvpSignatureFinalOperation { + EvpDigestAndPkeySignFinal() { + this.getTarget().getName() in [ + "EVP_DigestSignFinal", + "EVP_PKEY_sign_message_final" + ] + } + + override DataFlow::Node getInput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + } + + override DataFlow::Node getOutput(IOType type) { + result.asExpr() = this.getArgument(0) and type = ContextIO() + or + result.asExpr() = this.getArgument(1) and type = SignatureIO() + } + + override OperationStepType getStepType() { result = FinalStep() } +} + +/** + * An EVP signature operation instance. + */ +class EvpSignatureOperationInstance extends Crypto::SignatureOperationInstance instanceof EvpSignatureFinalOperation +{ + override Crypto::AlgorithmValueConsumer getAnAlgorithmValueConsumer() { + super.getPrimaryAlgorithmValueConsumer() = result + } + + /** + * Signing, verification or unknown. + */ + override Crypto::KeyOperationSubtype getKeyOperationSubtype() { + // TODO: if this KeyOperationSubtype does not match initialization call's KeyOperationSubtype then we found a bug + if super.getTarget().getName().toLowerCase().matches("%sign%") + then result instanceof Crypto::TSignMode + else + if super.getTarget().getName().toLowerCase().matches("%verify%") + then result instanceof Crypto::TVerifyMode + else result instanceof Crypto::TUnknownKeyOperationMode + } + + override Crypto::ConsumerInputDataFlowNode getNonceConsumer() { + // TODO: some signing operations may have explicit nonce generators + none() + } + + /** + * Keys provided in the initialization call or in a context are found by this method. + * Keys in explicit arguments are found by overridden methods in extending classes. + */ + override Crypto::ConsumerInputDataFlowNode getKeyConsumer() { + super.getDominatingInitializersToStep(KeyIO()).getInput(KeyIO()) = result + } + + override Crypto::ArtifactOutputDataFlowNode getOutputArtifact() { + exists(OperationStep s | + s.flowsToOperationStep(this) and + result = s.getOutput(SignatureIO()) + ) + } + + override Crypto::ConsumerInputDataFlowNode getInputConsumer() { + super.getDominatingInitializersToStep(PlaintextIO()).getInput(PlaintextIO()) = result + } + + /** + * TODO: only signing operations for now, change when verificaiton is added + */ + override Crypto::ConsumerInputDataFlowNode getSignatureConsumer() { none() } + + override Crypto::AlgorithmValueConsumer getHashAlgorithmValueConsumer() { + super + .getDominatingInitializersToStep(HashAlgorithmIO()) + .getAlgorithmValueConsumerForInput(HashAlgorithmIO()) = result + } +} diff --git a/shared/quantum/codeql/quantum/experimental/Model.qll b/shared/quantum/codeql/quantum/experimental/Model.qll index d4a900f9bca..c6fb7fbfa98 100644 --- a/shared/quantum/codeql/quantum/experimental/Model.qll +++ b/shared/quantum/codeql/quantum/experimental/Model.qll @@ -1154,6 +1154,12 @@ module CryptographyBase Input> { abstract class KeyGenerationOperationInstance extends KeyCreationOperationInstance { final override string getKeyCreationTypeDescription() { result = "KeyGeneration" } + + /** + * Gets a consumer of a raw value that is used to generate the key. + * Not all key generation operations require a raw value. + */ + abstract ConsumerInputDataFlowNode getRawKeyValueConsumer(); } abstract class KeyLoadOperationInstance extends KeyCreationOperationInstance { @@ -1914,12 +1920,19 @@ module CryptographyBase Input> { node instanceof KeyCreationCandidateAlgorithmNode } + NodeBase getARawValueSource() { + result = keyGenInstance.getRawKeyValueConsumer().getConsumer().getAGenericSourceNode() + or + result = keyGenInstance.getRawKeyValueConsumer().getConsumer().getAKnownSourceNode() + } + override NodeBase getChild(string key) { result = super.getChild(key) or // [ALWAYS_KNOWN] key = "Output" and result = this.getOutputKeyArtifact() + //TODO: how do I output the raw key if known? If not known, it may not require/have a raw value consumer, don't output } } From 46ac2fd9f0c9ac555c5e4a74d08165ca9566c7b6 Mon Sep 17 00:00:00 2001 From: Kasper Svendsen Date: Fri, 13 Jun 2025 08:14:01 +0200 Subject: [PATCH 056/111] Add CI workflow to check overlay annotations --- .../workflows/check-overlay-annotations.yml | 23 +++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 .github/workflows/check-overlay-annotations.yml diff --git a/.github/workflows/check-overlay-annotations.yml b/.github/workflows/check-overlay-annotations.yml new file mode 100644 index 00000000000..5369dfd49d0 --- /dev/null +++ b/.github/workflows/check-overlay-annotations.yml @@ -0,0 +1,23 @@ +name: Check overlay annotations + +on: + push: + branches: + - main + - 'rc/*' + pull_request: + branches: + - main + - 'rc/*' + +permissions: + contents: read + +jobs: + sync: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Check overlay annotations + run: python config/add-overlay-annotations.py --check java + From 92a1b8971cdce1f88722724bbd87ce8931bb8537 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Wed, 25 Jun 2025 12:52:58 +0200 Subject: [PATCH 057/111] C#: Add Microsoft.Data.SqlClient to the list of stubs. --- csharp/scripts/stubs/make_stubs_all.py | 1 + 1 file changed, 1 insertion(+) diff --git a/csharp/scripts/stubs/make_stubs_all.py b/csharp/scripts/stubs/make_stubs_all.py index 5204d9ceb72..51d3dd894a7 100644 --- a/csharp/scripts/stubs/make_stubs_all.py +++ b/csharp/scripts/stubs/make_stubs_all.py @@ -14,6 +14,7 @@ packages = [ "Amazon.Lambda.APIGatewayEvents", "Dapper", "EntityFramework", + "Microsoft.Data.SqlClient", "Newtonsoft.Json", "NHibernate", "System.Data.OleDb", From af2ebed395e9107383644b368987e1d3575df8a4 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Wed, 25 Jun 2025 14:33:24 +0200 Subject: [PATCH 058/111] C#: Add stubs for Microsoft.Data.SqlClient. --- .../stubs/Azure.Core/1.38.0/Azure.Core.cs | 1104 +++++++++++++ .../stubs/Azure.Core/1.38.0/Azure.Core.csproj | 20 + .../Azure.Identity/1.11.4/Azure.Identity.cs | 431 +++++ .../1.11.4/Azure.Identity.csproj | 19 + .../Microsoft.Bcl.AsyncInterfaces.csproj | 12 + .../9.0.4/Microsoft.Bcl.Cryptography.csproj | 12 + ...icrosoft.Data.SqlClient.SNI.runtime.csproj | 12 + .../6.0.2/Microsoft.Data.SqlClient.cs | 1445 +++++++++++++++++ .../6.0.2/Microsoft.Data.SqlClient.csproj | 21 + ...oft.Extensions.Caching.Abstractions.csproj | 13 + ...Microsoft.Extensions.Caching.Memory.csproj | 17 + ...ns.DependencyInjection.Abstractions.csproj | 12 + ...oft.Extensions.Logging.Abstractions.csproj | 13 + .../9.0.4/Microsoft.Extensions.Options.csproj | 14 + .../Microsoft.Extensions.Primitives.csproj | 12 + ...crosoft.Identity.Client.Extensions.Msal.cs | 103 ++ ...oft.Identity.Client.Extensions.Msal.csproj | 14 + .../4.61.3/Microsoft.Identity.Client.cs | 1350 +++++++++++++++ .../4.61.3/Microsoft.Identity.Client.csproj | 14 + .../Microsoft.IdentityModel.Abstractions.cs | 77 + ...icrosoft.IdentityModel.Abstractions.csproj | 12 + .../Microsoft.IdentityModel.JsonWebTokens.cs | 174 ++ ...crosoft.IdentityModel.JsonWebTokens.csproj | 13 + .../7.5.0/Microsoft.IdentityModel.Logging.cs | 98 ++ .../Microsoft.IdentityModel.Logging.csproj | 13 + ...t.IdentityModel.Protocols.OpenIdConnect.cs | 396 +++++ ...entityModel.Protocols.OpenIdConnect.csproj | 14 + .../Microsoft.IdentityModel.Protocols.cs | 120 ++ .../Microsoft.IdentityModel.Protocols.csproj | 13 + .../7.5.0/Microsoft.IdentityModel.Tokens.cs | 959 +++++++++++ .../Microsoft.IdentityModel.Tokens.csproj | 13 + .../1.0.0/Microsoft.SqlServer.Server.cs | 91 ++ .../1.0.0/Microsoft.SqlServer.Server.csproj | 12 + .../1.0.0/System.ClientModel.cs | 42 + .../1.0.0/System.ClientModel.csproj | 14 + ....Configuration.ConfigurationManager.csproj | 14 + ...System.Diagnostics.DiagnosticSource.csproj | 13 + .../9.0.4/System.Diagnostics.EventLog.csproj | 12 + .../7.5.0/System.IdentityModel.Tokens.Jwt.cs | 227 +++ .../System.IdentityModel.Tokens.Jwt.csproj | 14 + .../1.0.2/System.Memory.Data.cs | 27 + .../1.0.2/System.Memory.Data.csproj | 14 + .../System.Memory/4.5.4/System.Memory.csproj | 12 + .../4.5.0/System.Numerics.Vectors.csproj | 12 + ...tem.Runtime.CompilerServices.Unsafe.csproj | 12 + .../System.Security.Cryptography.Pkcs.cs | 503 ++++++ .../System.Security.Cryptography.Pkcs.csproj | 12 + ...tem.Security.Cryptography.ProtectedData.cs | 21 + ...Security.Cryptography.ProtectedData.csproj | 12 + .../4.7.2/System.Text.Encodings.Web.csproj | 12 + .../4.7.2/System.Text.Json.csproj | 12 + .../System.Threading.Tasks.Extensions.csproj | 12 + 52 files changed, 7640 insertions(+) create mode 100644 csharp/ql/test/resources/stubs/Azure.Core/1.38.0/Azure.Core.cs create mode 100644 csharp/ql/test/resources/stubs/Azure.Core/1.38.0/Azure.Core.csproj create mode 100644 csharp/ql/test/resources/stubs/Azure.Identity/1.11.4/Azure.Identity.cs create mode 100644 csharp/ql/test/resources/stubs/Azure.Identity/1.11.4/Azure.Identity.csproj create mode 100644 csharp/ql/test/resources/stubs/Microsoft.Bcl.AsyncInterfaces/1.1.1/Microsoft.Bcl.AsyncInterfaces.csproj create mode 100644 csharp/ql/test/resources/stubs/Microsoft.Bcl.Cryptography/9.0.4/Microsoft.Bcl.Cryptography.csproj create mode 100644 csharp/ql/test/resources/stubs/Microsoft.Data.SqlClient.SNI.runtime/6.0.2/Microsoft.Data.SqlClient.SNI.runtime.csproj create mode 100644 csharp/ql/test/resources/stubs/Microsoft.Data.SqlClient/6.0.2/Microsoft.Data.SqlClient.cs create mode 100644 csharp/ql/test/resources/stubs/Microsoft.Data.SqlClient/6.0.2/Microsoft.Data.SqlClient.csproj create mode 100644 csharp/ql/test/resources/stubs/Microsoft.Extensions.Caching.Abstractions/9.0.4/Microsoft.Extensions.Caching.Abstractions.csproj create mode 100644 csharp/ql/test/resources/stubs/Microsoft.Extensions.Caching.Memory/9.0.4/Microsoft.Extensions.Caching.Memory.csproj create mode 100644 csharp/ql/test/resources/stubs/Microsoft.Extensions.DependencyInjection.Abstractions/9.0.4/Microsoft.Extensions.DependencyInjection.Abstractions.csproj create mode 100644 csharp/ql/test/resources/stubs/Microsoft.Extensions.Logging.Abstractions/9.0.4/Microsoft.Extensions.Logging.Abstractions.csproj create mode 100644 csharp/ql/test/resources/stubs/Microsoft.Extensions.Options/9.0.4/Microsoft.Extensions.Options.csproj create mode 100644 csharp/ql/test/resources/stubs/Microsoft.Extensions.Primitives/9.0.4/Microsoft.Extensions.Primitives.csproj create mode 100644 csharp/ql/test/resources/stubs/Microsoft.Identity.Client.Extensions.Msal/4.61.3/Microsoft.Identity.Client.Extensions.Msal.cs create mode 100644 csharp/ql/test/resources/stubs/Microsoft.Identity.Client.Extensions.Msal/4.61.3/Microsoft.Identity.Client.Extensions.Msal.csproj create mode 100644 csharp/ql/test/resources/stubs/Microsoft.Identity.Client/4.61.3/Microsoft.Identity.Client.cs create mode 100644 csharp/ql/test/resources/stubs/Microsoft.Identity.Client/4.61.3/Microsoft.Identity.Client.csproj create mode 100644 csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Abstractions/7.5.0/Microsoft.IdentityModel.Abstractions.cs create mode 100644 csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Abstractions/7.5.0/Microsoft.IdentityModel.Abstractions.csproj create mode 100644 csharp/ql/test/resources/stubs/Microsoft.IdentityModel.JsonWebTokens/7.5.0/Microsoft.IdentityModel.JsonWebTokens.cs create mode 100644 csharp/ql/test/resources/stubs/Microsoft.IdentityModel.JsonWebTokens/7.5.0/Microsoft.IdentityModel.JsonWebTokens.csproj create mode 100644 csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Logging/7.5.0/Microsoft.IdentityModel.Logging.cs create mode 100644 csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Logging/7.5.0/Microsoft.IdentityModel.Logging.csproj create mode 100644 csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Protocols.OpenIdConnect/7.5.0/Microsoft.IdentityModel.Protocols.OpenIdConnect.cs create mode 100644 csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Protocols.OpenIdConnect/7.5.0/Microsoft.IdentityModel.Protocols.OpenIdConnect.csproj create mode 100644 csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Protocols/7.5.0/Microsoft.IdentityModel.Protocols.cs create mode 100644 csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Protocols/7.5.0/Microsoft.IdentityModel.Protocols.csproj create mode 100644 csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Tokens/7.5.0/Microsoft.IdentityModel.Tokens.cs create mode 100644 csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Tokens/7.5.0/Microsoft.IdentityModel.Tokens.csproj create mode 100644 csharp/ql/test/resources/stubs/Microsoft.SqlServer.Server/1.0.0/Microsoft.SqlServer.Server.cs create mode 100644 csharp/ql/test/resources/stubs/Microsoft.SqlServer.Server/1.0.0/Microsoft.SqlServer.Server.csproj create mode 100644 csharp/ql/test/resources/stubs/System.ClientModel/1.0.0/System.ClientModel.cs create mode 100644 csharp/ql/test/resources/stubs/System.ClientModel/1.0.0/System.ClientModel.csproj create mode 100644 csharp/ql/test/resources/stubs/System.Configuration.ConfigurationManager/9.0.4/System.Configuration.ConfigurationManager.csproj create mode 100644 csharp/ql/test/resources/stubs/System.Diagnostics.DiagnosticSource/6.0.1/System.Diagnostics.DiagnosticSource.csproj create mode 100644 csharp/ql/test/resources/stubs/System.Diagnostics.EventLog/9.0.4/System.Diagnostics.EventLog.csproj create mode 100644 csharp/ql/test/resources/stubs/System.IdentityModel.Tokens.Jwt/7.5.0/System.IdentityModel.Tokens.Jwt.cs create mode 100644 csharp/ql/test/resources/stubs/System.IdentityModel.Tokens.Jwt/7.5.0/System.IdentityModel.Tokens.Jwt.csproj create mode 100644 csharp/ql/test/resources/stubs/System.Memory.Data/1.0.2/System.Memory.Data.cs create mode 100644 csharp/ql/test/resources/stubs/System.Memory.Data/1.0.2/System.Memory.Data.csproj create mode 100644 csharp/ql/test/resources/stubs/System.Memory/4.5.4/System.Memory.csproj create mode 100644 csharp/ql/test/resources/stubs/System.Numerics.Vectors/4.5.0/System.Numerics.Vectors.csproj create mode 100644 csharp/ql/test/resources/stubs/System.Runtime.CompilerServices.Unsafe/6.0.0/System.Runtime.CompilerServices.Unsafe.csproj create mode 100644 csharp/ql/test/resources/stubs/System.Security.Cryptography.Pkcs/9.0.4/System.Security.Cryptography.Pkcs.cs create mode 100644 csharp/ql/test/resources/stubs/System.Security.Cryptography.Pkcs/9.0.4/System.Security.Cryptography.Pkcs.csproj create mode 100644 csharp/ql/test/resources/stubs/System.Security.Cryptography.ProtectedData/9.0.4/System.Security.Cryptography.ProtectedData.cs create mode 100644 csharp/ql/test/resources/stubs/System.Security.Cryptography.ProtectedData/9.0.4/System.Security.Cryptography.ProtectedData.csproj create mode 100644 csharp/ql/test/resources/stubs/System.Text.Encodings.Web/4.7.2/System.Text.Encodings.Web.csproj create mode 100644 csharp/ql/test/resources/stubs/System.Text.Json/4.7.2/System.Text.Json.csproj create mode 100644 csharp/ql/test/resources/stubs/System.Threading.Tasks.Extensions/4.5.4/System.Threading.Tasks.Extensions.csproj diff --git a/csharp/ql/test/resources/stubs/Azure.Core/1.38.0/Azure.Core.cs b/csharp/ql/test/resources/stubs/Azure.Core/1.38.0/Azure.Core.cs new file mode 100644 index 00000000000..c56fc0888b0 --- /dev/null +++ b/csharp/ql/test/resources/stubs/Azure.Core/1.38.0/Azure.Core.cs @@ -0,0 +1,1104 @@ +// This file contains auto-generated code. +// Generated from `Azure.Core, Version=1.38.0.0, Culture=neutral, PublicKeyToken=92742159e12e44c8`. +namespace Azure +{ + public abstract class AsyncPageable : System.Collections.Generic.IAsyncEnumerable + { + public abstract System.Collections.Generic.IAsyncEnumerable> AsPages(string continuationToken = default(string), int? pageSizeHint = default(int?)); + protected virtual System.Threading.CancellationToken CancellationToken { get => throw null; } + protected AsyncPageable() => throw null; + protected AsyncPageable(System.Threading.CancellationToken cancellationToken) => throw null; + public override bool Equals(object obj) => throw null; + public static Azure.AsyncPageable FromPages(System.Collections.Generic.IEnumerable> pages) => throw null; + public virtual System.Collections.Generic.IAsyncEnumerator GetAsyncEnumerator(System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public override int GetHashCode() => throw null; + public override string ToString() => throw null; + } + public static partial class AzureCoreExtensions + { + public static dynamic ToDynamicFromJson(this System.BinaryData utf8Json) => throw null; + public static dynamic ToDynamicFromJson(this System.BinaryData utf8Json, Azure.Core.Serialization.JsonPropertyNames propertyNameFormat, string dateTimeFormat = default(string)) => throw null; + public static T ToObject(this System.BinaryData data, Azure.Core.Serialization.ObjectSerializer serializer, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public static System.Threading.Tasks.ValueTask ToObjectAsync(this System.BinaryData data, Azure.Core.Serialization.ObjectSerializer serializer, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public static object ToObjectFromJson(this System.BinaryData data) => throw null; + } + public class AzureKeyCredential + { + public AzureKeyCredential(string key) => throw null; + public string Key { get => throw null; } + public void Update(string key) => throw null; + } + public class AzureNamedKeyCredential + { + public AzureNamedKeyCredential(string name, string key) => throw null; + public void Deconstruct(out string name, out string key) => throw null; + public string Name { get => throw null; } + public void Update(string name, string key) => throw null; + } + public class AzureSasCredential + { + public AzureSasCredential(string signature) => throw null; + public string Signature { get => throw null; } + public void Update(string signature) => throw null; + } + namespace Core + { + public struct AccessToken + { + public AccessToken(string accessToken, System.DateTimeOffset expiresOn) => throw null; + public override bool Equals(object obj) => throw null; + public System.DateTimeOffset ExpiresOn { get => throw null; } + public override int GetHashCode() => throw null; + public string Token { get => throw null; } + } + public struct AzureLocation : System.IEquatable + { + public static Azure.Core.AzureLocation AustraliaCentral { get => throw null; } + public static Azure.Core.AzureLocation AustraliaCentral2 { get => throw null; } + public static Azure.Core.AzureLocation AustraliaEast { get => throw null; } + public static Azure.Core.AzureLocation AustraliaSoutheast { get => throw null; } + public static Azure.Core.AzureLocation BrazilSouth { get => throw null; } + public static Azure.Core.AzureLocation BrazilSoutheast { get => throw null; } + public static Azure.Core.AzureLocation CanadaCentral { get => throw null; } + public static Azure.Core.AzureLocation CanadaEast { get => throw null; } + public static Azure.Core.AzureLocation CentralIndia { get => throw null; } + public static Azure.Core.AzureLocation CentralUS { get => throw null; } + public static Azure.Core.AzureLocation ChinaEast { get => throw null; } + public static Azure.Core.AzureLocation ChinaEast2 { get => throw null; } + public static Azure.Core.AzureLocation ChinaEast3 { get => throw null; } + public static Azure.Core.AzureLocation ChinaNorth { get => throw null; } + public static Azure.Core.AzureLocation ChinaNorth2 { get => throw null; } + public static Azure.Core.AzureLocation ChinaNorth3 { get => throw null; } + public AzureLocation(string location) => throw null; + public AzureLocation(string name, string displayName) => throw null; + public string DisplayName { get => throw null; } + public static Azure.Core.AzureLocation EastAsia { get => throw null; } + public static Azure.Core.AzureLocation EastUS { get => throw null; } + public static Azure.Core.AzureLocation EastUS2 { get => throw null; } + public bool Equals(Azure.Core.AzureLocation other) => throw null; + public override bool Equals(object obj) => throw null; + public static Azure.Core.AzureLocation FranceCentral { get => throw null; } + public static Azure.Core.AzureLocation FranceSouth { get => throw null; } + public static Azure.Core.AzureLocation GermanyCentral { get => throw null; } + public static Azure.Core.AzureLocation GermanyNorth { get => throw null; } + public static Azure.Core.AzureLocation GermanyNorthEast { get => throw null; } + public static Azure.Core.AzureLocation GermanyWestCentral { get => throw null; } + public override int GetHashCode() => throw null; + public static Azure.Core.AzureLocation IsraelCentral { get => throw null; } + public static Azure.Core.AzureLocation ItalyNorth { get => throw null; } + public static Azure.Core.AzureLocation JapanEast { get => throw null; } + public static Azure.Core.AzureLocation JapanWest { get => throw null; } + public static Azure.Core.AzureLocation KoreaCentral { get => throw null; } + public static Azure.Core.AzureLocation KoreaSouth { get => throw null; } + public string Name { get => throw null; } + public static Azure.Core.AzureLocation NorthCentralUS { get => throw null; } + public static Azure.Core.AzureLocation NorthEurope { get => throw null; } + public static Azure.Core.AzureLocation NorwayEast { get => throw null; } + public static Azure.Core.AzureLocation NorwayWest { get => throw null; } + public static bool operator ==(Azure.Core.AzureLocation left, Azure.Core.AzureLocation right) => throw null; + public static implicit operator Azure.Core.AzureLocation(string location) => throw null; + public static implicit operator string(Azure.Core.AzureLocation location) => throw null; + public static bool operator !=(Azure.Core.AzureLocation left, Azure.Core.AzureLocation right) => throw null; + public static Azure.Core.AzureLocation PolandCentral { get => throw null; } + public static Azure.Core.AzureLocation QatarCentral { get => throw null; } + public static Azure.Core.AzureLocation SouthAfricaNorth { get => throw null; } + public static Azure.Core.AzureLocation SouthAfricaWest { get => throw null; } + public static Azure.Core.AzureLocation SouthCentralUS { get => throw null; } + public static Azure.Core.AzureLocation SoutheastAsia { get => throw null; } + public static Azure.Core.AzureLocation SouthIndia { get => throw null; } + public static Azure.Core.AzureLocation SwedenCentral { get => throw null; } + public static Azure.Core.AzureLocation SwedenSouth { get => throw null; } + public static Azure.Core.AzureLocation SwitzerlandNorth { get => throw null; } + public static Azure.Core.AzureLocation SwitzerlandWest { get => throw null; } + public override string ToString() => throw null; + public static Azure.Core.AzureLocation UAECentral { get => throw null; } + public static Azure.Core.AzureLocation UAENorth { get => throw null; } + public static Azure.Core.AzureLocation UKSouth { get => throw null; } + public static Azure.Core.AzureLocation UKWest { get => throw null; } + public static Azure.Core.AzureLocation USDoDCentral { get => throw null; } + public static Azure.Core.AzureLocation USDoDEast { get => throw null; } + public static Azure.Core.AzureLocation USGovArizona { get => throw null; } + public static Azure.Core.AzureLocation USGovIowa { get => throw null; } + public static Azure.Core.AzureLocation USGovTexas { get => throw null; } + public static Azure.Core.AzureLocation USGovVirginia { get => throw null; } + public static Azure.Core.AzureLocation WestCentralUS { get => throw null; } + public static Azure.Core.AzureLocation WestEurope { get => throw null; } + public static Azure.Core.AzureLocation WestIndia { get => throw null; } + public static Azure.Core.AzureLocation WestUS { get => throw null; } + public static Azure.Core.AzureLocation WestUS2 { get => throw null; } + public static Azure.Core.AzureLocation WestUS3 { get => throw null; } + } + public abstract class ClientOptions + { + public void AddPolicy(Azure.Core.Pipeline.HttpPipelinePolicy policy, Azure.Core.HttpPipelinePosition position) => throw null; + protected ClientOptions() => throw null; + protected ClientOptions(Azure.Core.DiagnosticsOptions diagnostics) => throw null; + public static Azure.Core.ClientOptions Default { get => throw null; } + public Azure.Core.DiagnosticsOptions Diagnostics { get => throw null; } + public override bool Equals(object obj) => throw null; + public override int GetHashCode() => throw null; + public Azure.Core.RetryOptions Retry { get => throw null; } + public Azure.Core.Pipeline.HttpPipelinePolicy RetryPolicy { get => throw null; set { } } + public override string ToString() => throw null; + public Azure.Core.Pipeline.HttpPipelineTransport Transport { get => throw null; set { } } + } + public struct ContentType : System.IEquatable, System.IEquatable + { + public static Azure.Core.ContentType ApplicationJson { get => throw null; } + public static Azure.Core.ContentType ApplicationOctetStream { get => throw null; } + public ContentType(string contentType) => throw null; + public bool Equals(Azure.Core.ContentType other) => throw null; + public bool Equals(string other) => throw null; + public override bool Equals(object obj) => throw null; + public override int GetHashCode() => throw null; + public static bool operator ==(Azure.Core.ContentType left, Azure.Core.ContentType right) => throw null; + public static implicit operator Azure.Core.ContentType(string contentType) => throw null; + public static bool operator !=(Azure.Core.ContentType left, Azure.Core.ContentType right) => throw null; + public static Azure.Core.ContentType TextPlain { get => throw null; } + public override string ToString() => throw null; + } + namespace Cryptography + { + public interface IKeyEncryptionKey + { + string KeyId { get; } + byte[] UnwrapKey(string algorithm, System.ReadOnlyMemory encryptedKey, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)); + System.Threading.Tasks.Task UnwrapKeyAsync(string algorithm, System.ReadOnlyMemory encryptedKey, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)); + byte[] WrapKey(string algorithm, System.ReadOnlyMemory key, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)); + System.Threading.Tasks.Task WrapKeyAsync(string algorithm, System.ReadOnlyMemory key, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)); + } + public interface IKeyEncryptionKeyResolver + { + Azure.Core.Cryptography.IKeyEncryptionKey Resolve(string keyId, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)); + System.Threading.Tasks.Task ResolveAsync(string keyId, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)); + } + } + public abstract class DelayStrategy + { + public static Azure.Core.DelayStrategy CreateExponentialDelayStrategy(System.TimeSpan? initialDelay = default(System.TimeSpan?), System.TimeSpan? maxDelay = default(System.TimeSpan?)) => throw null; + public static Azure.Core.DelayStrategy CreateFixedDelayStrategy(System.TimeSpan? delay = default(System.TimeSpan?)) => throw null; + protected DelayStrategy(System.TimeSpan? maxDelay = default(System.TimeSpan?), double jitterFactor = default(double)) => throw null; + public System.TimeSpan GetNextDelay(Azure.Response response, int retryNumber) => throw null; + protected abstract System.TimeSpan GetNextDelayCore(Azure.Response response, int retryNumber); + protected static System.TimeSpan Max(System.TimeSpan val1, System.TimeSpan val2) => throw null; + protected static System.TimeSpan Min(System.TimeSpan val1, System.TimeSpan val2) => throw null; + } + public static class DelegatedTokenCredential + { + public static Azure.Core.TokenCredential Create(System.Func getToken, System.Func> getTokenAsync) => throw null; + public static Azure.Core.TokenCredential Create(System.Func getToken) => throw null; + } + namespace Diagnostics + { + public class AzureEventSourceListener : System.Diagnostics.Tracing.EventListener + { + public static Azure.Core.Diagnostics.AzureEventSourceListener CreateConsoleLogger(System.Diagnostics.Tracing.EventLevel level = default(System.Diagnostics.Tracing.EventLevel)) => throw null; + public static Azure.Core.Diagnostics.AzureEventSourceListener CreateTraceLogger(System.Diagnostics.Tracing.EventLevel level = default(System.Diagnostics.Tracing.EventLevel)) => throw null; + public AzureEventSourceListener(System.Action log, System.Diagnostics.Tracing.EventLevel level) => throw null; + protected override sealed void OnEventSourceCreated(System.Diagnostics.Tracing.EventSource eventSource) => throw null; + protected override sealed void OnEventWritten(System.Diagnostics.Tracing.EventWrittenEventArgs eventData) => throw null; + public const string TraitName = default; + public const string TraitValue = default; + } + } + public class DiagnosticsOptions + { + public string ApplicationId { get => throw null; set { } } + protected DiagnosticsOptions() => throw null; + public static string DefaultApplicationId { get => throw null; set { } } + public bool IsDistributedTracingEnabled { get => throw null; set { } } + public bool IsLoggingContentEnabled { get => throw null; set { } } + public bool IsLoggingEnabled { get => throw null; set { } } + public bool IsTelemetryEnabled { get => throw null; set { } } + public int LoggedContentSizeLimit { get => throw null; set { } } + public System.Collections.Generic.IList LoggedHeaderNames { get => throw null; } + public System.Collections.Generic.IList LoggedQueryParameters { get => throw null; } + } + namespace Extensions + { + public interface IAzureClientBuilder where TOptions : class + { + } + public interface IAzureClientFactoryBuilder + { + Azure.Core.Extensions.IAzureClientBuilder RegisterClientFactory(System.Func clientFactory) where TOptions : class; + } + public interface IAzureClientFactoryBuilderWithConfiguration : Azure.Core.Extensions.IAzureClientFactoryBuilder + { + Azure.Core.Extensions.IAzureClientBuilder RegisterClientFactory(TConfiguration configuration) where TOptions : class; + } + public interface IAzureClientFactoryBuilderWithCredential + { + Azure.Core.Extensions.IAzureClientBuilder RegisterClientFactory(System.Func clientFactory, bool requiresCredential = default(bool)) where TOptions : class; + } + } + namespace GeoJson + { + public struct GeoArray : System.Collections.Generic.IEnumerable, System.Collections.IEnumerable, System.Collections.Generic.IReadOnlyCollection, System.Collections.Generic.IReadOnlyList + { + public int Count { get => throw null; } + public struct Enumerator : System.IDisposable, System.Collections.Generic.IEnumerator, System.Collections.IEnumerator + { + object System.Collections.IEnumerator.Current { get => throw null; } + public T Current { get => throw null; } + public void Dispose() => throw null; + public bool MoveNext() => throw null; + public void Reset() => throw null; + } + public Azure.Core.GeoJson.GeoArray.Enumerator GetEnumerator() => throw null; + System.Collections.IEnumerator System.Collections.IEnumerable.GetEnumerator() => throw null; + System.Collections.Generic.IEnumerator System.Collections.Generic.IEnumerable.GetEnumerator() => throw null; + public T this[int index] { get => throw null; } + } + public sealed class GeoBoundingBox : System.IEquatable + { + public GeoBoundingBox(double west, double south, double east, double north) => throw null; + public GeoBoundingBox(double west, double south, double east, double north, double? minAltitude, double? maxAltitude) => throw null; + public double East { get => throw null; } + public bool Equals(Azure.Core.GeoJson.GeoBoundingBox other) => throw null; + public override bool Equals(object obj) => throw null; + public override int GetHashCode() => throw null; + public double? MaxAltitude { get => throw null; } + public double? MinAltitude { get => throw null; } + public double North { get => throw null; } + public double South { get => throw null; } + public double this[int index] { get => throw null; } + public override string ToString() => throw null; + public double West { get => throw null; } + } + public sealed class GeoCollection : Azure.Core.GeoJson.GeoObject, System.Collections.Generic.IEnumerable, System.Collections.IEnumerable, System.Collections.Generic.IReadOnlyCollection, System.Collections.Generic.IReadOnlyList + { + public int Count { get => throw null; } + public GeoCollection(System.Collections.Generic.IEnumerable geometries) => throw null; + public GeoCollection(System.Collections.Generic.IEnumerable geometries, Azure.Core.GeoJson.GeoBoundingBox boundingBox, System.Collections.Generic.IReadOnlyDictionary customProperties) => throw null; + public System.Collections.Generic.IEnumerator GetEnumerator() => throw null; + System.Collections.IEnumerator System.Collections.IEnumerable.GetEnumerator() => throw null; + public Azure.Core.GeoJson.GeoObject this[int index] { get => throw null; } + public override Azure.Core.GeoJson.GeoObjectType Type { get => throw null; } + } + public sealed class GeoLinearRing + { + public Azure.Core.GeoJson.GeoArray Coordinates { get => throw null; } + public GeoLinearRing(System.Collections.Generic.IEnumerable coordinates) => throw null; + } + public sealed class GeoLineString : Azure.Core.GeoJson.GeoObject + { + public Azure.Core.GeoJson.GeoArray Coordinates { get => throw null; } + public GeoLineString(System.Collections.Generic.IEnumerable coordinates) => throw null; + public GeoLineString(System.Collections.Generic.IEnumerable coordinates, Azure.Core.GeoJson.GeoBoundingBox boundingBox, System.Collections.Generic.IReadOnlyDictionary customProperties) => throw null; + public override Azure.Core.GeoJson.GeoObjectType Type { get => throw null; } + } + public sealed class GeoLineStringCollection : Azure.Core.GeoJson.GeoObject, System.Collections.Generic.IEnumerable, System.Collections.IEnumerable, System.Collections.Generic.IReadOnlyCollection, System.Collections.Generic.IReadOnlyList + { + public Azure.Core.GeoJson.GeoArray> Coordinates { get => throw null; } + public int Count { get => throw null; } + public GeoLineStringCollection(System.Collections.Generic.IEnumerable lines) => throw null; + public GeoLineStringCollection(System.Collections.Generic.IEnumerable lines, Azure.Core.GeoJson.GeoBoundingBox boundingBox, System.Collections.Generic.IReadOnlyDictionary customProperties) => throw null; + public System.Collections.Generic.IEnumerator GetEnumerator() => throw null; + System.Collections.IEnumerator System.Collections.IEnumerable.GetEnumerator() => throw null; + public Azure.Core.GeoJson.GeoLineString this[int index] { get => throw null; } + public override Azure.Core.GeoJson.GeoObjectType Type { get => throw null; } + } + public abstract class GeoObject + { + public Azure.Core.GeoJson.GeoBoundingBox BoundingBox { get => throw null; } + public static Azure.Core.GeoJson.GeoObject Parse(string json) => throw null; + public override string ToString() => throw null; + public bool TryGetCustomProperty(string name, out object value) => throw null; + public abstract Azure.Core.GeoJson.GeoObjectType Type { get; } + } + public enum GeoObjectType + { + Point = 0, + MultiPoint = 1, + Polygon = 2, + MultiPolygon = 3, + LineString = 4, + MultiLineString = 5, + GeometryCollection = 6, + } + public sealed class GeoPoint : Azure.Core.GeoJson.GeoObject + { + public Azure.Core.GeoJson.GeoPosition Coordinates { get => throw null; } + public GeoPoint(double longitude, double latitude) => throw null; + public GeoPoint(double longitude, double latitude, double? altitude) => throw null; + public GeoPoint(Azure.Core.GeoJson.GeoPosition position) => throw null; + public GeoPoint(Azure.Core.GeoJson.GeoPosition position, Azure.Core.GeoJson.GeoBoundingBox boundingBox, System.Collections.Generic.IReadOnlyDictionary customProperties) => throw null; + public override Azure.Core.GeoJson.GeoObjectType Type { get => throw null; } + } + public sealed class GeoPointCollection : Azure.Core.GeoJson.GeoObject, System.Collections.Generic.IEnumerable, System.Collections.IEnumerable, System.Collections.Generic.IReadOnlyCollection, System.Collections.Generic.IReadOnlyList + { + public Azure.Core.GeoJson.GeoArray Coordinates { get => throw null; } + public int Count { get => throw null; } + public GeoPointCollection(System.Collections.Generic.IEnumerable points) => throw null; + public GeoPointCollection(System.Collections.Generic.IEnumerable points, Azure.Core.GeoJson.GeoBoundingBox boundingBox, System.Collections.Generic.IReadOnlyDictionary customProperties) => throw null; + public System.Collections.Generic.IEnumerator GetEnumerator() => throw null; + System.Collections.IEnumerator System.Collections.IEnumerable.GetEnumerator() => throw null; + public Azure.Core.GeoJson.GeoPoint this[int index] { get => throw null; } + public override Azure.Core.GeoJson.GeoObjectType Type { get => throw null; } + } + public sealed class GeoPolygon : Azure.Core.GeoJson.GeoObject + { + public Azure.Core.GeoJson.GeoArray> Coordinates { get => throw null; } + public GeoPolygon(System.Collections.Generic.IEnumerable positions) => throw null; + public GeoPolygon(System.Collections.Generic.IEnumerable rings) => throw null; + public GeoPolygon(System.Collections.Generic.IEnumerable rings, Azure.Core.GeoJson.GeoBoundingBox boundingBox, System.Collections.Generic.IReadOnlyDictionary customProperties) => throw null; + public Azure.Core.GeoJson.GeoLinearRing OuterRing { get => throw null; } + public System.Collections.Generic.IReadOnlyList Rings { get => throw null; } + public override Azure.Core.GeoJson.GeoObjectType Type { get => throw null; } + } + public sealed class GeoPolygonCollection : Azure.Core.GeoJson.GeoObject, System.Collections.Generic.IEnumerable, System.Collections.IEnumerable, System.Collections.Generic.IReadOnlyCollection, System.Collections.Generic.IReadOnlyList + { + public Azure.Core.GeoJson.GeoArray>> Coordinates { get => throw null; } + public int Count { get => throw null; } + public GeoPolygonCollection(System.Collections.Generic.IEnumerable polygons) => throw null; + public GeoPolygonCollection(System.Collections.Generic.IEnumerable polygons, Azure.Core.GeoJson.GeoBoundingBox boundingBox, System.Collections.Generic.IReadOnlyDictionary customProperties) => throw null; + public System.Collections.Generic.IEnumerator GetEnumerator() => throw null; + System.Collections.IEnumerator System.Collections.IEnumerable.GetEnumerator() => throw null; + public Azure.Core.GeoJson.GeoPolygon this[int index] { get => throw null; } + public override Azure.Core.GeoJson.GeoObjectType Type { get => throw null; } + } + public struct GeoPosition : System.IEquatable + { + public double? Altitude { get => throw null; } + public int Count { get => throw null; } + public GeoPosition(double longitude, double latitude) => throw null; + public GeoPosition(double longitude, double latitude, double? altitude) => throw null; + public bool Equals(Azure.Core.GeoJson.GeoPosition other) => throw null; + public override bool Equals(object obj) => throw null; + public override int GetHashCode() => throw null; + public double Latitude { get => throw null; } + public double Longitude { get => throw null; } + public static bool operator ==(Azure.Core.GeoJson.GeoPosition left, Azure.Core.GeoJson.GeoPosition right) => throw null; + public static bool operator !=(Azure.Core.GeoJson.GeoPosition left, Azure.Core.GeoJson.GeoPosition right) => throw null; + public double this[int index] { get => throw null; } + public override string ToString() => throw null; + } + } + public struct HttpHeader : System.IEquatable + { + public static class Common + { + public static readonly Azure.Core.HttpHeader FormUrlEncodedContentType; + public static readonly Azure.Core.HttpHeader JsonAccept; + public static readonly Azure.Core.HttpHeader JsonContentType; + public static readonly Azure.Core.HttpHeader OctetStreamContentType; + } + public HttpHeader(string name, string value) => throw null; + public override bool Equals(object obj) => throw null; + public bool Equals(Azure.Core.HttpHeader other) => throw null; + public override int GetHashCode() => throw null; + public string Name { get => throw null; } + public static class Names + { + public static string Accept { get => throw null; } + public static string Authorization { get => throw null; } + public static string ContentDisposition { get => throw null; } + public static string ContentLength { get => throw null; } + public static string ContentType { get => throw null; } + public static string Date { get => throw null; } + public static string ETag { get => throw null; } + public static string Host { get => throw null; } + public static string IfMatch { get => throw null; } + public static string IfModifiedSince { get => throw null; } + public static string IfNoneMatch { get => throw null; } + public static string IfUnmodifiedSince { get => throw null; } + public static string Prefer { get => throw null; } + public static string Range { get => throw null; } + public static string Referer { get => throw null; } + public static string UserAgent { get => throw null; } + public static string WwwAuthenticate { get => throw null; } + public static string XMsDate { get => throw null; } + public static string XMsRange { get => throw null; } + public static string XMsRequestId { get => throw null; } + } + public override string ToString() => throw null; + public string Value { get => throw null; } + } + public sealed class HttpMessage : System.IDisposable + { + public bool BufferResponse { get => throw null; set { } } + public System.Threading.CancellationToken CancellationToken { get => throw null; } + public HttpMessage(Azure.Core.Request request, Azure.Core.ResponseClassifier responseClassifier) => throw null; + public void Dispose() => throw null; + public System.IO.Stream ExtractResponseContent() => throw null; + public bool HasResponse { get => throw null; } + public System.TimeSpan? NetworkTimeout { get => throw null; set { } } + public Azure.Core.MessageProcessingContext ProcessingContext { get => throw null; } + public Azure.Core.Request Request { get => throw null; } + public Azure.Response Response { get => throw null; set { } } + public Azure.Core.ResponseClassifier ResponseClassifier { get => throw null; set { } } + public void SetProperty(string name, object value) => throw null; + public void SetProperty(System.Type type, object value) => throw null; + public bool TryGetProperty(string name, out object value) => throw null; + public bool TryGetProperty(System.Type type, out object value) => throw null; + } + public enum HttpPipelinePosition + { + PerCall = 0, + PerRetry = 1, + BeforeTransport = 2, + } + public struct MessageProcessingContext + { + public int RetryNumber { get => throw null; set { } } + public System.DateTimeOffset StartTime { get => throw null; } + } + public static class MultipartResponse + { + public static Azure.Response[] Parse(Azure.Response response, bool expectCrLf, System.Threading.CancellationToken cancellationToken) => throw null; + public static System.Threading.Tasks.Task ParseAsync(Azure.Response response, bool expectCrLf, System.Threading.CancellationToken cancellationToken) => throw null; + } + namespace Pipeline + { + public class BearerTokenAuthenticationPolicy : Azure.Core.Pipeline.HttpPipelinePolicy + { + protected void AuthenticateAndAuthorizeRequest(Azure.Core.HttpMessage message, Azure.Core.TokenRequestContext context) => throw null; + protected System.Threading.Tasks.ValueTask AuthenticateAndAuthorizeRequestAsync(Azure.Core.HttpMessage message, Azure.Core.TokenRequestContext context) => throw null; + protected virtual void AuthorizeRequest(Azure.Core.HttpMessage message) => throw null; + protected virtual System.Threading.Tasks.ValueTask AuthorizeRequestAsync(Azure.Core.HttpMessage message) => throw null; + protected virtual bool AuthorizeRequestOnChallenge(Azure.Core.HttpMessage message) => throw null; + protected virtual System.Threading.Tasks.ValueTask AuthorizeRequestOnChallengeAsync(Azure.Core.HttpMessage message) => throw null; + public BearerTokenAuthenticationPolicy(Azure.Core.TokenCredential credential, string scope) => throw null; + public BearerTokenAuthenticationPolicy(Azure.Core.TokenCredential credential, System.Collections.Generic.IEnumerable scopes) => throw null; + public override void Process(Azure.Core.HttpMessage message, System.ReadOnlyMemory pipeline) => throw null; + public override System.Threading.Tasks.ValueTask ProcessAsync(Azure.Core.HttpMessage message, System.ReadOnlyMemory pipeline) => throw null; + } + public sealed class DisposableHttpPipeline : Azure.Core.Pipeline.HttpPipeline, System.IDisposable + { + public void Dispose() => throw null; + internal DisposableHttpPipeline() : base(default(Azure.Core.Pipeline.HttpPipelineTransport), default(Azure.Core.Pipeline.HttpPipelinePolicy[]), default(Azure.Core.ResponseClassifier)) { } + } + public class HttpClientTransport : Azure.Core.Pipeline.HttpPipelineTransport, System.IDisposable + { + public override sealed Azure.Core.Request CreateRequest() => throw null; + public HttpClientTransport() => throw null; + public HttpClientTransport(System.Net.Http.HttpMessageHandler messageHandler) => throw null; + public HttpClientTransport(System.Net.Http.HttpClient client) => throw null; + public void Dispose() => throw null; + public override void Process(Azure.Core.HttpMessage message) => throw null; + public override System.Threading.Tasks.ValueTask ProcessAsync(Azure.Core.HttpMessage message) => throw null; + public static readonly Azure.Core.Pipeline.HttpClientTransport Shared; + } + public class HttpPipeline + { + public static System.IDisposable CreateClientRequestIdScope(string clientRequestId) => throw null; + public static System.IDisposable CreateHttpMessagePropertiesScope(System.Collections.Generic.IDictionary messageProperties) => throw null; + public Azure.Core.HttpMessage CreateMessage() => throw null; + public Azure.Core.HttpMessage CreateMessage(Azure.RequestContext context) => throw null; + public Azure.Core.HttpMessage CreateMessage(Azure.RequestContext context, Azure.Core.ResponseClassifier classifier = default(Azure.Core.ResponseClassifier)) => throw null; + public Azure.Core.Request CreateRequest() => throw null; + public HttpPipeline(Azure.Core.Pipeline.HttpPipelineTransport transport, Azure.Core.Pipeline.HttpPipelinePolicy[] policies = default(Azure.Core.Pipeline.HttpPipelinePolicy[]), Azure.Core.ResponseClassifier responseClassifier = default(Azure.Core.ResponseClassifier)) => throw null; + public Azure.Core.ResponseClassifier ResponseClassifier { get => throw null; } + public void Send(Azure.Core.HttpMessage message, System.Threading.CancellationToken cancellationToken) => throw null; + public System.Threading.Tasks.ValueTask SendAsync(Azure.Core.HttpMessage message, System.Threading.CancellationToken cancellationToken) => throw null; + public Azure.Response SendRequest(Azure.Core.Request request, System.Threading.CancellationToken cancellationToken) => throw null; + public System.Threading.Tasks.ValueTask SendRequestAsync(Azure.Core.Request request, System.Threading.CancellationToken cancellationToken) => throw null; + } + public static class HttpPipelineBuilder + { + public static Azure.Core.Pipeline.HttpPipeline Build(Azure.Core.ClientOptions options, params Azure.Core.Pipeline.HttpPipelinePolicy[] perRetryPolicies) => throw null; + public static Azure.Core.Pipeline.HttpPipeline Build(Azure.Core.ClientOptions options, Azure.Core.Pipeline.HttpPipelinePolicy[] perCallPolicies, Azure.Core.Pipeline.HttpPipelinePolicy[] perRetryPolicies, Azure.Core.ResponseClassifier responseClassifier) => throw null; + public static Azure.Core.Pipeline.DisposableHttpPipeline Build(Azure.Core.ClientOptions options, Azure.Core.Pipeline.HttpPipelinePolicy[] perCallPolicies, Azure.Core.Pipeline.HttpPipelinePolicy[] perRetryPolicies, Azure.Core.Pipeline.HttpPipelineTransportOptions transportOptions, Azure.Core.ResponseClassifier responseClassifier) => throw null; + public static Azure.Core.Pipeline.HttpPipeline Build(Azure.Core.Pipeline.HttpPipelineOptions options) => throw null; + public static Azure.Core.Pipeline.DisposableHttpPipeline Build(Azure.Core.Pipeline.HttpPipelineOptions options, Azure.Core.Pipeline.HttpPipelineTransportOptions transportOptions) => throw null; + } + public class HttpPipelineOptions + { + public Azure.Core.ClientOptions ClientOptions { get => throw null; } + public HttpPipelineOptions(Azure.Core.ClientOptions options) => throw null; + public System.Collections.Generic.IList PerCallPolicies { get => throw null; } + public System.Collections.Generic.IList PerRetryPolicies { get => throw null; } + public Azure.Core.RequestFailedDetailsParser RequestFailedDetailsParser { get => throw null; set { } } + public Azure.Core.ResponseClassifier ResponseClassifier { get => throw null; set { } } + } + public abstract class HttpPipelinePolicy + { + protected HttpPipelinePolicy() => throw null; + public abstract void Process(Azure.Core.HttpMessage message, System.ReadOnlyMemory pipeline); + public abstract System.Threading.Tasks.ValueTask ProcessAsync(Azure.Core.HttpMessage message, System.ReadOnlyMemory pipeline); + protected static void ProcessNext(Azure.Core.HttpMessage message, System.ReadOnlyMemory pipeline) => throw null; + protected static System.Threading.Tasks.ValueTask ProcessNextAsync(Azure.Core.HttpMessage message, System.ReadOnlyMemory pipeline) => throw null; + } + public abstract class HttpPipelineSynchronousPolicy : Azure.Core.Pipeline.HttpPipelinePolicy + { + protected HttpPipelineSynchronousPolicy() => throw null; + public virtual void OnReceivedResponse(Azure.Core.HttpMessage message) => throw null; + public virtual void OnSendingRequest(Azure.Core.HttpMessage message) => throw null; + public override void Process(Azure.Core.HttpMessage message, System.ReadOnlyMemory pipeline) => throw null; + public override System.Threading.Tasks.ValueTask ProcessAsync(Azure.Core.HttpMessage message, System.ReadOnlyMemory pipeline) => throw null; + } + public abstract class HttpPipelineTransport + { + public abstract Azure.Core.Request CreateRequest(); + protected HttpPipelineTransport() => throw null; + public abstract void Process(Azure.Core.HttpMessage message); + public abstract System.Threading.Tasks.ValueTask ProcessAsync(Azure.Core.HttpMessage message); + } + public class HttpPipelineTransportOptions + { + public System.Collections.Generic.IList ClientCertificates { get => throw null; } + public HttpPipelineTransportOptions() => throw null; + public bool IsClientRedirectEnabled { get => throw null; set { } } + public System.Func ServerCertificateCustomValidationCallback { get => throw null; set { } } + } + public sealed class RedirectPolicy : Azure.Core.Pipeline.HttpPipelinePolicy + { + public override void Process(Azure.Core.HttpMessage message, System.ReadOnlyMemory pipeline) => throw null; + public override System.Threading.Tasks.ValueTask ProcessAsync(Azure.Core.HttpMessage message, System.ReadOnlyMemory pipeline) => throw null; + public static void SetAllowAutoRedirect(Azure.Core.HttpMessage message, bool allowAutoRedirect) => throw null; + } + public class RetryPolicy : Azure.Core.Pipeline.HttpPipelinePolicy + { + public RetryPolicy(int maxRetries = default(int), Azure.Core.DelayStrategy delayStrategy = default(Azure.Core.DelayStrategy)) => throw null; + protected virtual void OnRequestSent(Azure.Core.HttpMessage message) => throw null; + protected virtual System.Threading.Tasks.ValueTask OnRequestSentAsync(Azure.Core.HttpMessage message) => throw null; + protected virtual void OnSendingRequest(Azure.Core.HttpMessage message) => throw null; + protected virtual System.Threading.Tasks.ValueTask OnSendingRequestAsync(Azure.Core.HttpMessage message) => throw null; + public override void Process(Azure.Core.HttpMessage message, System.ReadOnlyMemory pipeline) => throw null; + public override System.Threading.Tasks.ValueTask ProcessAsync(Azure.Core.HttpMessage message, System.ReadOnlyMemory pipeline) => throw null; + protected virtual bool ShouldRetry(Azure.Core.HttpMessage message, System.Exception exception) => throw null; + protected virtual System.Threading.Tasks.ValueTask ShouldRetryAsync(Azure.Core.HttpMessage message, System.Exception exception) => throw null; + } + public class ServerCertificateCustomValidationArgs + { + public System.Security.Cryptography.X509Certificates.X509Certificate2 Certificate { get => throw null; } + public System.Security.Cryptography.X509Certificates.X509Chain CertificateAuthorityChain { get => throw null; } + public ServerCertificateCustomValidationArgs(System.Security.Cryptography.X509Certificates.X509Certificate2 certificate, System.Security.Cryptography.X509Certificates.X509Chain certificateAuthorityChain, System.Net.Security.SslPolicyErrors sslPolicyErrors) => throw null; + public System.Net.Security.SslPolicyErrors SslPolicyErrors { get => throw null; } + } + } + public struct RehydrationToken : System.ClientModel.Primitives.IJsonModel, System.ClientModel.Primitives.IJsonModel, System.ClientModel.Primitives.IPersistableModel, System.ClientModel.Primitives.IPersistableModel + { + Azure.Core.RehydrationToken System.ClientModel.Primitives.IJsonModel.Create(ref System.Text.Json.Utf8JsonReader reader, System.ClientModel.Primitives.ModelReaderWriterOptions options) => throw null; + Azure.Core.RehydrationToken System.ClientModel.Primitives.IPersistableModel.Create(System.BinaryData data, System.ClientModel.Primitives.ModelReaderWriterOptions options) => throw null; + object System.ClientModel.Primitives.IPersistableModel.Create(System.BinaryData data, System.ClientModel.Primitives.ModelReaderWriterOptions options) => throw null; + object System.ClientModel.Primitives.IJsonModel.Create(ref System.Text.Json.Utf8JsonReader reader, System.ClientModel.Primitives.ModelReaderWriterOptions options) => throw null; + string System.ClientModel.Primitives.IPersistableModel.GetFormatFromOptions(System.ClientModel.Primitives.ModelReaderWriterOptions options) => throw null; + string System.ClientModel.Primitives.IPersistableModel.GetFormatFromOptions(System.ClientModel.Primitives.ModelReaderWriterOptions options) => throw null; + public string Id { get => throw null; } + void System.ClientModel.Primitives.IJsonModel.Write(System.Text.Json.Utf8JsonWriter writer, System.ClientModel.Primitives.ModelReaderWriterOptions options) => throw null; + System.BinaryData System.ClientModel.Primitives.IPersistableModel.Write(System.ClientModel.Primitives.ModelReaderWriterOptions options) => throw null; + System.BinaryData System.ClientModel.Primitives.IPersistableModel.Write(System.ClientModel.Primitives.ModelReaderWriterOptions options) => throw null; + void System.ClientModel.Primitives.IJsonModel.Write(System.Text.Json.Utf8JsonWriter writer, System.ClientModel.Primitives.ModelReaderWriterOptions options) => throw null; + } + public abstract class Request : System.IDisposable + { + protected abstract void AddHeader(string name, string value); + public abstract string ClientRequestId { get; set; } + protected abstract bool ContainsHeader(string name); + public virtual Azure.Core.RequestContent Content { get => throw null; set { } } + protected Request() => throw null; + public abstract void Dispose(); + protected abstract System.Collections.Generic.IEnumerable EnumerateHeaders(); + public Azure.Core.RequestHeaders Headers { get => throw null; } + public virtual Azure.Core.RequestMethod Method { get => throw null; set { } } + protected abstract bool RemoveHeader(string name); + protected virtual void SetHeader(string name, string value) => throw null; + protected abstract bool TryGetHeader(string name, out string value); + protected abstract bool TryGetHeaderValues(string name, out System.Collections.Generic.IEnumerable values); + public virtual Azure.Core.RequestUriBuilder Uri { get => throw null; set { } } + } + public abstract class RequestContent : System.IDisposable + { + public static Azure.Core.RequestContent Create(System.IO.Stream stream) => throw null; + public static Azure.Core.RequestContent Create(byte[] bytes) => throw null; + public static Azure.Core.RequestContent Create(byte[] bytes, int index, int length) => throw null; + public static Azure.Core.RequestContent Create(System.ReadOnlyMemory bytes) => throw null; + public static Azure.Core.RequestContent Create(System.Buffers.ReadOnlySequence bytes) => throw null; + public static Azure.Core.RequestContent Create(string content) => throw null; + public static Azure.Core.RequestContent Create(System.BinaryData content) => throw null; + public static Azure.Core.RequestContent Create(Azure.Core.Serialization.DynamicData content) => throw null; + public static Azure.Core.RequestContent Create(object serializable) => throw null; + public static Azure.Core.RequestContent Create(object serializable, Azure.Core.Serialization.ObjectSerializer serializer) => throw null; + public static Azure.Core.RequestContent Create(object serializable, Azure.Core.Serialization.JsonPropertyNames propertyNameFormat, string dateTimeFormat = default(string)) => throw null; + protected RequestContent() => throw null; + public abstract void Dispose(); + public static implicit operator Azure.Core.RequestContent(string content) => throw null; + public static implicit operator Azure.Core.RequestContent(System.BinaryData content) => throw null; + public static implicit operator Azure.Core.RequestContent(Azure.Core.Serialization.DynamicData content) => throw null; + public abstract bool TryComputeLength(out long length); + public abstract void WriteTo(System.IO.Stream stream, System.Threading.CancellationToken cancellation); + public abstract System.Threading.Tasks.Task WriteToAsync(System.IO.Stream stream, System.Threading.CancellationToken cancellation); + } + public abstract class RequestFailedDetailsParser + { + protected RequestFailedDetailsParser() => throw null; + public abstract bool TryParse(Azure.Response response, out Azure.ResponseError error, out System.Collections.Generic.IDictionary data); + } + public struct RequestHeaders : System.Collections.Generic.IEnumerable, System.Collections.IEnumerable + { + public void Add(Azure.Core.HttpHeader header) => throw null; + public void Add(string name, string value) => throw null; + public bool Contains(string name) => throw null; + public System.Collections.Generic.IEnumerator GetEnumerator() => throw null; + System.Collections.IEnumerator System.Collections.IEnumerable.GetEnumerator() => throw null; + public bool Remove(string name) => throw null; + public void SetValue(string name, string value) => throw null; + public bool TryGetValue(string name, out string value) => throw null; + public bool TryGetValues(string name, out System.Collections.Generic.IEnumerable values) => throw null; + } + public struct RequestMethod : System.IEquatable + { + public RequestMethod(string method) => throw null; + public static Azure.Core.RequestMethod Delete { get => throw null; } + public bool Equals(Azure.Core.RequestMethod other) => throw null; + public override bool Equals(object obj) => throw null; + public static Azure.Core.RequestMethod Get { get => throw null; } + public override int GetHashCode() => throw null; + public static Azure.Core.RequestMethod Head { get => throw null; } + public string Method { get => throw null; } + public static bool operator ==(Azure.Core.RequestMethod left, Azure.Core.RequestMethod right) => throw null; + public static bool operator !=(Azure.Core.RequestMethod left, Azure.Core.RequestMethod right) => throw null; + public static Azure.Core.RequestMethod Options { get => throw null; } + public static Azure.Core.RequestMethod Parse(string method) => throw null; + public static Azure.Core.RequestMethod Patch { get => throw null; } + public static Azure.Core.RequestMethod Post { get => throw null; } + public static Azure.Core.RequestMethod Put { get => throw null; } + public override string ToString() => throw null; + public static Azure.Core.RequestMethod Trace { get => throw null; } + } + public class RequestUriBuilder + { + public void AppendPath(string value) => throw null; + public void AppendPath(string value, bool escape) => throw null; + public void AppendPath(System.ReadOnlySpan value, bool escape) => throw null; + public void AppendQuery(string name, string value) => throw null; + public void AppendQuery(string name, string value, bool escapeValue) => throw null; + public void AppendQuery(System.ReadOnlySpan name, System.ReadOnlySpan value, bool escapeValue) => throw null; + public RequestUriBuilder() => throw null; + protected bool HasPath { get => throw null; } + protected bool HasQuery { get => throw null; } + public string Host { get => throw null; set { } } + public string Path { get => throw null; set { } } + public string PathAndQuery { get => throw null; } + public int Port { get => throw null; set { } } + public string Query { get => throw null; set { } } + public void Reset(System.Uri value) => throw null; + public string Scheme { get => throw null; set { } } + public override string ToString() => throw null; + public System.Uri ToUri() => throw null; + } + public sealed class ResourceIdentifier : System.IComparable, System.IEquatable + { + public Azure.Core.ResourceIdentifier AppendChildResource(string childResourceType, string childResourceName) => throw null; + public Azure.Core.ResourceIdentifier AppendProviderResource(string providerNamespace, string resourceType, string resourceName) => throw null; + public int CompareTo(Azure.Core.ResourceIdentifier other) => throw null; + public ResourceIdentifier(string resourceId) => throw null; + public bool Equals(Azure.Core.ResourceIdentifier other) => throw null; + public override bool Equals(object obj) => throw null; + public override int GetHashCode() => throw null; + public Azure.Core.AzureLocation? Location { get => throw null; } + public string Name { get => throw null; } + public static bool operator ==(Azure.Core.ResourceIdentifier left, Azure.Core.ResourceIdentifier right) => throw null; + public static bool operator >(Azure.Core.ResourceIdentifier left, Azure.Core.ResourceIdentifier right) => throw null; + public static bool operator >=(Azure.Core.ResourceIdentifier left, Azure.Core.ResourceIdentifier right) => throw null; + public static implicit operator string(Azure.Core.ResourceIdentifier id) => throw null; + public static bool operator !=(Azure.Core.ResourceIdentifier left, Azure.Core.ResourceIdentifier right) => throw null; + public static bool operator <(Azure.Core.ResourceIdentifier left, Azure.Core.ResourceIdentifier right) => throw null; + public static bool operator <=(Azure.Core.ResourceIdentifier left, Azure.Core.ResourceIdentifier right) => throw null; + public Azure.Core.ResourceIdentifier Parent { get => throw null; } + public static Azure.Core.ResourceIdentifier Parse(string input) => throw null; + public string Provider { get => throw null; } + public string ResourceGroupName { get => throw null; } + public Azure.Core.ResourceType ResourceType { get => throw null; } + public static readonly Azure.Core.ResourceIdentifier Root; + public string SubscriptionId { get => throw null; } + public override string ToString() => throw null; + public static bool TryParse(string input, out Azure.Core.ResourceIdentifier result) => throw null; + } + public struct ResourceType : System.IEquatable + { + public ResourceType(string resourceType) => throw null; + public bool Equals(Azure.Core.ResourceType other) => throw null; + public override bool Equals(object other) => throw null; + public override int GetHashCode() => throw null; + public string GetLastType() => throw null; + public string Namespace { get => throw null; } + public static bool operator ==(Azure.Core.ResourceType left, Azure.Core.ResourceType right) => throw null; + public static implicit operator Azure.Core.ResourceType(string resourceType) => throw null; + public static implicit operator string(Azure.Core.ResourceType resourceType) => throw null; + public static bool operator !=(Azure.Core.ResourceType left, Azure.Core.ResourceType right) => throw null; + public override string ToString() => throw null; + public string Type { get => throw null; } + } + public abstract class ResponseClassificationHandler + { + protected ResponseClassificationHandler() => throw null; + public abstract bool TryClassify(Azure.Core.HttpMessage message, out bool isError); + } + public class ResponseClassifier + { + public ResponseClassifier() => throw null; + public virtual bool IsErrorResponse(Azure.Core.HttpMessage message) => throw null; + public virtual bool IsRetriable(Azure.Core.HttpMessage message, System.Exception exception) => throw null; + public virtual bool IsRetriableException(System.Exception exception) => throw null; + public virtual bool IsRetriableResponse(Azure.Core.HttpMessage message) => throw null; + } + public struct ResponseHeaders : System.Collections.Generic.IEnumerable, System.Collections.IEnumerable + { + public bool Contains(string name) => throw null; + public int? ContentLength { get => throw null; } + public long? ContentLengthLong { get => throw null; } + public string ContentType { get => throw null; } + public System.DateTimeOffset? Date { get => throw null; } + public Azure.ETag? ETag { get => throw null; } + public System.Collections.Generic.IEnumerator GetEnumerator() => throw null; + System.Collections.IEnumerator System.Collections.IEnumerable.GetEnumerator() => throw null; + public string RequestId { get => throw null; } + public bool TryGetValue(string name, out string value) => throw null; + public bool TryGetValues(string name, out System.Collections.Generic.IEnumerable values) => throw null; + } + public enum RetryMode + { + Fixed = 0, + Exponential = 1, + } + public class RetryOptions + { + public System.TimeSpan Delay { get => throw null; set { } } + public System.TimeSpan MaxDelay { get => throw null; set { } } + public int MaxRetries { get => throw null; set { } } + public Azure.Core.RetryMode Mode { get => throw null; set { } } + public System.TimeSpan NetworkTimeout { get => throw null; set { } } + } + namespace Serialization + { + public sealed class DynamicData : System.IDisposable, System.Dynamic.IDynamicMetaObjectProvider + { + public void Dispose() => throw null; + public override bool Equals(object obj) => throw null; + public override int GetHashCode() => throw null; + System.Dynamic.DynamicMetaObject System.Dynamic.IDynamicMetaObjectProvider.GetMetaObject(System.Linq.Expressions.Expression parameter) => throw null; + public static bool operator ==(Azure.Core.Serialization.DynamicData left, object right) => throw null; + public static explicit operator System.DateTime(Azure.Core.Serialization.DynamicData value) => throw null; + public static explicit operator System.DateTimeOffset(Azure.Core.Serialization.DynamicData value) => throw null; + public static explicit operator System.Guid(Azure.Core.Serialization.DynamicData value) => throw null; + public static implicit operator bool(Azure.Core.Serialization.DynamicData value) => throw null; + public static implicit operator string(Azure.Core.Serialization.DynamicData value) => throw null; + public static implicit operator byte(Azure.Core.Serialization.DynamicData value) => throw null; + public static implicit operator sbyte(Azure.Core.Serialization.DynamicData value) => throw null; + public static implicit operator short(Azure.Core.Serialization.DynamicData value) => throw null; + public static implicit operator ushort(Azure.Core.Serialization.DynamicData value) => throw null; + public static implicit operator int(Azure.Core.Serialization.DynamicData value) => throw null; + public static implicit operator uint(Azure.Core.Serialization.DynamicData value) => throw null; + public static implicit operator long(Azure.Core.Serialization.DynamicData value) => throw null; + public static implicit operator ulong(Azure.Core.Serialization.DynamicData value) => throw null; + public static implicit operator float(Azure.Core.Serialization.DynamicData value) => throw null; + public static implicit operator double(Azure.Core.Serialization.DynamicData value) => throw null; + public static implicit operator decimal(Azure.Core.Serialization.DynamicData value) => throw null; + public static bool operator !=(Azure.Core.Serialization.DynamicData left, object right) => throw null; + public override string ToString() => throw null; + } + public interface IMemberNameConverter + { + string ConvertMemberName(System.Reflection.MemberInfo member); + } + public class JsonObjectSerializer : Azure.Core.Serialization.ObjectSerializer, Azure.Core.Serialization.IMemberNameConverter + { + string Azure.Core.Serialization.IMemberNameConverter.ConvertMemberName(System.Reflection.MemberInfo member) => throw null; + public JsonObjectSerializer() => throw null; + public JsonObjectSerializer(System.Text.Json.JsonSerializerOptions options) => throw null; + public static Azure.Core.Serialization.JsonObjectSerializer Default { get => throw null; } + public override object Deserialize(System.IO.Stream stream, System.Type returnType, System.Threading.CancellationToken cancellationToken) => throw null; + public override System.Threading.Tasks.ValueTask DeserializeAsync(System.IO.Stream stream, System.Type returnType, System.Threading.CancellationToken cancellationToken) => throw null; + public override void Serialize(System.IO.Stream stream, object value, System.Type inputType, System.Threading.CancellationToken cancellationToken) => throw null; + public override System.BinaryData Serialize(object value, System.Type inputType = default(System.Type), System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public override System.Threading.Tasks.ValueTask SerializeAsync(System.IO.Stream stream, object value, System.Type inputType, System.Threading.CancellationToken cancellationToken) => throw null; + public override System.Threading.Tasks.ValueTask SerializeAsync(object value, System.Type inputType = default(System.Type), System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + } + public enum JsonPropertyNames + { + UseExact = 0, + CamelCase = 1, + } + public abstract class ObjectSerializer + { + protected ObjectSerializer() => throw null; + public abstract object Deserialize(System.IO.Stream stream, System.Type returnType, System.Threading.CancellationToken cancellationToken); + public abstract System.Threading.Tasks.ValueTask DeserializeAsync(System.IO.Stream stream, System.Type returnType, System.Threading.CancellationToken cancellationToken); + public abstract void Serialize(System.IO.Stream stream, object value, System.Type inputType, System.Threading.CancellationToken cancellationToken); + public virtual System.BinaryData Serialize(object value, System.Type inputType = default(System.Type), System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public abstract System.Threading.Tasks.ValueTask SerializeAsync(System.IO.Stream stream, object value, System.Type inputType, System.Threading.CancellationToken cancellationToken); + public virtual System.Threading.Tasks.ValueTask SerializeAsync(object value, System.Type inputType = default(System.Type), System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + } + } + public class StatusCodeClassifier : Azure.Core.ResponseClassifier + { + public StatusCodeClassifier(System.ReadOnlySpan successStatusCodes) => throw null; + public override bool IsErrorResponse(Azure.Core.HttpMessage message) => throw null; + } + public delegate System.Threading.Tasks.Task SyncAsyncEventHandler(T e) where T : Azure.SyncAsyncEventArgs; + public class TelemetryDetails + { + public string ApplicationId { get => throw null; } + public void Apply(Azure.Core.HttpMessage message) => throw null; + public System.Reflection.Assembly Assembly { get => throw null; } + public TelemetryDetails(System.Reflection.Assembly assembly, string applicationId = default(string)) => throw null; + public override string ToString() => throw null; + } + public abstract class TokenCredential + { + protected TokenCredential() => throw null; + public abstract Azure.Core.AccessToken GetToken(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken); + public abstract System.Threading.Tasks.ValueTask GetTokenAsync(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken); + } + public struct TokenRequestContext + { + public string Claims { get => throw null; } + public TokenRequestContext(string[] scopes, string parentRequestId) => throw null; + public TokenRequestContext(string[] scopes, string parentRequestId, string claims) => throw null; + public TokenRequestContext(string[] scopes, string parentRequestId, string claims, string tenantId) => throw null; + public TokenRequestContext(string[] scopes, string parentRequestId = default(string), string claims = default(string), string tenantId = default(string), bool isCaeEnabled = default(bool)) => throw null; + public bool IsCaeEnabled { get => throw null; } + public string ParentRequestId { get => throw null; } + public string[] Scopes { get => throw null; } + public string TenantId { get => throw null; } + } + } + [System.Flags] + public enum ErrorOptions + { + Default = 0, + NoThrow = 1, + } + public struct ETag : System.IEquatable + { + public static readonly Azure.ETag All; + public ETag(string etag) => throw null; + public bool Equals(Azure.ETag other) => throw null; + public bool Equals(string other) => throw null; + public override bool Equals(object obj) => throw null; + public override int GetHashCode() => throw null; + public static bool operator ==(Azure.ETag left, Azure.ETag right) => throw null; + public static bool operator !=(Azure.ETag left, Azure.ETag right) => throw null; + public override string ToString() => throw null; + public string ToString(string format) => throw null; + } + public class HttpAuthorization + { + public HttpAuthorization(string scheme, string parameter) => throw null; + public string Parameter { get => throw null; } + public string Scheme { get => throw null; } + public override string ToString() => throw null; + } + public struct HttpRange : System.IEquatable + { + public HttpRange(long offset = default(long), long? length = default(long?)) => throw null; + public bool Equals(Azure.HttpRange other) => throw null; + public override bool Equals(object obj) => throw null; + public override int GetHashCode() => throw null; + public long? Length { get => throw null; } + public long Offset { get => throw null; } + public static bool operator ==(Azure.HttpRange left, Azure.HttpRange right) => throw null; + public static bool operator !=(Azure.HttpRange left, Azure.HttpRange right) => throw null; + public override string ToString() => throw null; + } + public class JsonPatchDocument + { + public void AppendAdd(string path, T value) => throw null; + public void AppendAddRaw(string path, string rawJsonValue) => throw null; + public void AppendCopy(string from, string path) => throw null; + public void AppendMove(string from, string path) => throw null; + public void AppendRemove(string path) => throw null; + public void AppendReplace(string path, T value) => throw null; + public void AppendReplaceRaw(string path, string rawJsonValue) => throw null; + public void AppendTest(string path, T value) => throw null; + public void AppendTestRaw(string path, string rawJsonValue) => throw null; + public JsonPatchDocument() => throw null; + public JsonPatchDocument(Azure.Core.Serialization.ObjectSerializer serializer) => throw null; + public JsonPatchDocument(System.ReadOnlyMemory rawDocument) => throw null; + public JsonPatchDocument(System.ReadOnlyMemory rawDocument, Azure.Core.Serialization.ObjectSerializer serializer) => throw null; + public System.ReadOnlyMemory ToBytes() => throw null; + public override string ToString() => throw null; + } + public class MatchConditions + { + public MatchConditions() => throw null; + public Azure.ETag? IfMatch { get => throw null; set { } } + public Azure.ETag? IfNoneMatch { get => throw null; set { } } + } + namespace Messaging + { + public class CloudEvent + { + public CloudEvent(string source, string type, object jsonSerializableData, System.Type dataSerializationType = default(System.Type)) => throw null; + public CloudEvent(string source, string type, System.BinaryData data, string dataContentType, Azure.Messaging.CloudEventDataFormat dataFormat = default(Azure.Messaging.CloudEventDataFormat)) => throw null; + public System.BinaryData Data { get => throw null; set { } } + public string DataContentType { get => throw null; set { } } + public string DataSchema { get => throw null; set { } } + public System.Collections.Generic.IDictionary ExtensionAttributes { get => throw null; } + public string Id { get => throw null; set { } } + public static Azure.Messaging.CloudEvent Parse(System.BinaryData json, bool skipValidation = default(bool)) => throw null; + public static Azure.Messaging.CloudEvent[] ParseMany(System.BinaryData json, bool skipValidation = default(bool)) => throw null; + public string Source { get => throw null; set { } } + public string Subject { get => throw null; set { } } + public System.DateTimeOffset? Time { get => throw null; set { } } + public string Type { get => throw null; set { } } + } + public enum CloudEventDataFormat + { + Binary = 0, + Json = 1, + } + public class MessageContent + { + public virtual Azure.Core.ContentType? ContentType { get => throw null; set { } } + protected virtual Azure.Core.ContentType? ContentTypeCore { get => throw null; set { } } + public MessageContent() => throw null; + public virtual System.BinaryData Data { get => throw null; set { } } + public virtual bool IsReadOnly { get => throw null; } + } + } + public abstract class NullableResponse + { + protected NullableResponse() => throw null; + public override bool Equals(object obj) => throw null; + public override int GetHashCode() => throw null; + public abstract Azure.Response GetRawResponse(); + public abstract bool HasValue { get; } + public override string ToString() => throw null; + public abstract T Value { get; } + } + public abstract class Operation + { + protected Operation() => throw null; + public override bool Equals(object obj) => throw null; + public override int GetHashCode() => throw null; + public abstract Azure.Response GetRawResponse(); + public virtual Azure.Core.RehydrationToken? GetRehydrationToken() => throw null; + public abstract bool HasCompleted { get; } + public abstract string Id { get; } + public override string ToString() => throw null; + public abstract Azure.Response UpdateStatus(System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)); + public abstract System.Threading.Tasks.ValueTask UpdateStatusAsync(System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)); + public virtual Azure.Response WaitForCompletionResponse(System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public virtual Azure.Response WaitForCompletionResponse(System.TimeSpan pollingInterval, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public virtual Azure.Response WaitForCompletionResponse(Azure.Core.DelayStrategy delayStrategy, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public virtual System.Threading.Tasks.ValueTask WaitForCompletionResponseAsync(System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public virtual System.Threading.Tasks.ValueTask WaitForCompletionResponseAsync(System.TimeSpan pollingInterval, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public virtual System.Threading.Tasks.ValueTask WaitForCompletionResponseAsync(Azure.Core.DelayStrategy delayStrategy, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + } + public abstract class Operation : Azure.Operation + { + protected Operation() => throw null; + public abstract bool HasValue { get; } + public abstract T Value { get; } + public virtual Azure.Response WaitForCompletion(System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public virtual Azure.Response WaitForCompletion(System.TimeSpan pollingInterval, System.Threading.CancellationToken cancellationToken) => throw null; + public virtual Azure.Response WaitForCompletion(Azure.Core.DelayStrategy delayStrategy, System.Threading.CancellationToken cancellationToken) => throw null; + public virtual System.Threading.Tasks.ValueTask> WaitForCompletionAsync(System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public virtual System.Threading.Tasks.ValueTask> WaitForCompletionAsync(System.TimeSpan pollingInterval, System.Threading.CancellationToken cancellationToken) => throw null; + public virtual System.Threading.Tasks.ValueTask> WaitForCompletionAsync(Azure.Core.DelayStrategy delayStrategy, System.Threading.CancellationToken cancellationToken) => throw null; + public override System.Threading.Tasks.ValueTask WaitForCompletionResponseAsync(System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public override System.Threading.Tasks.ValueTask WaitForCompletionResponseAsync(System.TimeSpan pollingInterval, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + } + public abstract class Page + { + public abstract string ContinuationToken { get; } + protected Page() => throw null; + public override bool Equals(object obj) => throw null; + public static Azure.Page FromValues(System.Collections.Generic.IReadOnlyList values, string continuationToken, Azure.Response response) => throw null; + public override int GetHashCode() => throw null; + public abstract Azure.Response GetRawResponse(); + public override string ToString() => throw null; + public abstract System.Collections.Generic.IReadOnlyList Values { get; } + } + public abstract class Pageable : System.Collections.Generic.IEnumerable, System.Collections.IEnumerable + { + public abstract System.Collections.Generic.IEnumerable> AsPages(string continuationToken = default(string), int? pageSizeHint = default(int?)); + protected virtual System.Threading.CancellationToken CancellationToken { get => throw null; } + protected Pageable() => throw null; + protected Pageable(System.Threading.CancellationToken cancellationToken) => throw null; + public override bool Equals(object obj) => throw null; + public static Azure.Pageable FromPages(System.Collections.Generic.IEnumerable> pages) => throw null; + System.Collections.IEnumerator System.Collections.IEnumerable.GetEnumerator() => throw null; + public virtual System.Collections.Generic.IEnumerator GetEnumerator() => throw null; + public override int GetHashCode() => throw null; + public override string ToString() => throw null; + } + public abstract class PageableOperation : Azure.Operation> + { + protected PageableOperation() => throw null; + public abstract Azure.Pageable GetValues(System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)); + public abstract Azure.AsyncPageable GetValuesAsync(System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)); + public override Azure.AsyncPageable Value { get => throw null; } + } + public class RequestConditions : Azure.MatchConditions + { + public RequestConditions() => throw null; + public System.DateTimeOffset? IfModifiedSince { get => throw null; set { } } + public System.DateTimeOffset? IfUnmodifiedSince { get => throw null; set { } } + } + public class RequestContext + { + public void AddClassifier(int statusCode, bool isError) => throw null; + public void AddClassifier(Azure.Core.ResponseClassificationHandler classifier) => throw null; + public void AddPolicy(Azure.Core.Pipeline.HttpPipelinePolicy policy, Azure.Core.HttpPipelinePosition position) => throw null; + public System.Threading.CancellationToken CancellationToken { get => throw null; set { } } + public RequestContext() => throw null; + public Azure.ErrorOptions ErrorOptions { get => throw null; set { } } + public static implicit operator Azure.RequestContext(Azure.ErrorOptions options) => throw null; + } + public class RequestFailedException : System.Exception, System.Runtime.Serialization.ISerializable + { + public RequestFailedException(string message) => throw null; + public RequestFailedException(string message, System.Exception innerException) => throw null; + public RequestFailedException(int status, string message) => throw null; + public RequestFailedException(int status, string message, System.Exception innerException) => throw null; + public RequestFailedException(int status, string message, string errorCode, System.Exception innerException) => throw null; + public RequestFailedException(Azure.Response response) => throw null; + public RequestFailedException(Azure.Response response, System.Exception innerException) => throw null; + public RequestFailedException(Azure.Response response, System.Exception innerException, Azure.Core.RequestFailedDetailsParser detailsParser) => throw null; + protected RequestFailedException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + public string ErrorCode { get => throw null; } + public override void GetObjectData(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + public Azure.Response GetRawResponse() => throw null; + public int Status { get => throw null; } + } + public abstract class Response : System.IDisposable + { + public abstract string ClientRequestId { get; set; } + protected abstract bool ContainsHeader(string name); + public virtual System.BinaryData Content { get => throw null; } + public abstract System.IO.Stream ContentStream { get; set; } + protected Response() => throw null; + public abstract void Dispose(); + protected abstract System.Collections.Generic.IEnumerable EnumerateHeaders(); + public static Azure.Response FromValue(T value, Azure.Response response) => throw null; + public virtual Azure.Core.ResponseHeaders Headers { get => throw null; } + public virtual bool IsError { get => throw null; set { } } + public abstract string ReasonPhrase { get; } + public abstract int Status { get; } + public override string ToString() => throw null; + protected abstract bool TryGetHeader(string name, out string value); + protected abstract bool TryGetHeaderValues(string name, out System.Collections.Generic.IEnumerable values); + } + public abstract class Response : Azure.NullableResponse + { + protected Response() => throw null; + public override bool Equals(object obj) => throw null; + public override int GetHashCode() => throw null; + public override bool HasValue { get => throw null; } + public static implicit operator T(Azure.Response response) => throw null; + public override T Value { get => throw null; } + } + public sealed class ResponseError + { + public string Code { get => throw null; } + public ResponseError(string code, string message) => throw null; + public string Message { get => throw null; } + public override string ToString() => throw null; + } + public class SyncAsyncEventArgs : System.EventArgs + { + public System.Threading.CancellationToken CancellationToken { get => throw null; } + public SyncAsyncEventArgs(bool isRunningSynchronously, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public bool IsRunningSynchronously { get => throw null; } + } + public enum WaitUntil + { + Completed = 0, + Started = 1, + } +} diff --git a/csharp/ql/test/resources/stubs/Azure.Core/1.38.0/Azure.Core.csproj b/csharp/ql/test/resources/stubs/Azure.Core/1.38.0/Azure.Core.csproj new file mode 100644 index 00000000000..a440919775d --- /dev/null +++ b/csharp/ql/test/resources/stubs/Azure.Core/1.38.0/Azure.Core.csproj @@ -0,0 +1,20 @@ + + + net9.0 + true + bin\ + false + + + + + + + + + + + + + + diff --git a/csharp/ql/test/resources/stubs/Azure.Identity/1.11.4/Azure.Identity.cs b/csharp/ql/test/resources/stubs/Azure.Identity/1.11.4/Azure.Identity.cs new file mode 100644 index 00000000000..253b97a6585 --- /dev/null +++ b/csharp/ql/test/resources/stubs/Azure.Identity/1.11.4/Azure.Identity.cs @@ -0,0 +1,431 @@ +// This file contains auto-generated code. +// Generated from `Azure.Identity, Version=1.11.4.0, Culture=neutral, PublicKeyToken=92742159e12e44c8`. +namespace Azure +{ + namespace Identity + { + public class AuthenticationFailedException : System.Exception + { + public AuthenticationFailedException(string message) => throw null; + public AuthenticationFailedException(string message, System.Exception innerException) => throw null; + protected AuthenticationFailedException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + } + public class AuthenticationRecord + { + public string Authority { get => throw null; } + public string ClientId { get => throw null; } + public static Azure.Identity.AuthenticationRecord Deserialize(System.IO.Stream stream, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public static System.Threading.Tasks.Task DeserializeAsync(System.IO.Stream stream, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public string HomeAccountId { get => throw null; } + public void Serialize(System.IO.Stream stream, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public System.Threading.Tasks.Task SerializeAsync(System.IO.Stream stream, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public string TenantId { get => throw null; } + public string Username { get => throw null; } + } + public class AuthenticationRequiredException : Azure.Identity.CredentialUnavailableException + { + public AuthenticationRequiredException(string message, Azure.Core.TokenRequestContext context) : base(default(string)) => throw null; + public AuthenticationRequiredException(string message, Azure.Core.TokenRequestContext context, System.Exception innerException) : base(default(string)) => throw null; + protected AuthenticationRequiredException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) : base(default(string)) => throw null; + public Azure.Core.TokenRequestContext TokenRequestContext { get => throw null; } + } + public class AuthorizationCodeCredential : Azure.Core.TokenCredential + { + protected AuthorizationCodeCredential() => throw null; + public AuthorizationCodeCredential(string tenantId, string clientId, string clientSecret, string authorizationCode) => throw null; + public AuthorizationCodeCredential(string tenantId, string clientId, string clientSecret, string authorizationCode, Azure.Identity.AuthorizationCodeCredentialOptions options) => throw null; + public AuthorizationCodeCredential(string tenantId, string clientId, string clientSecret, string authorizationCode, Azure.Identity.TokenCredentialOptions options) => throw null; + public override Azure.Core.AccessToken GetToken(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public override System.Threading.Tasks.ValueTask GetTokenAsync(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + } + public class AuthorizationCodeCredentialOptions : Azure.Identity.TokenCredentialOptions + { + public System.Collections.Generic.IList AdditionallyAllowedTenants { get => throw null; } + public AuthorizationCodeCredentialOptions() => throw null; + public bool DisableInstanceDiscovery { get => throw null; set { } } + public System.Uri RedirectUri { get => throw null; set { } } + } + public static class AzureAuthorityHosts + { + public static System.Uri AzureChina { get => throw null; } + public static System.Uri AzureGermany { get => throw null; } + public static System.Uri AzureGovernment { get => throw null; } + public static System.Uri AzurePublicCloud { get => throw null; } + } + public class AzureCliCredential : Azure.Core.TokenCredential + { + public AzureCliCredential() => throw null; + public AzureCliCredential(Azure.Identity.AzureCliCredentialOptions options) => throw null; + public override Azure.Core.AccessToken GetToken(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public override System.Threading.Tasks.ValueTask GetTokenAsync(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + } + public class AzureCliCredentialOptions : Azure.Identity.TokenCredentialOptions + { + public System.Collections.Generic.IList AdditionallyAllowedTenants { get => throw null; } + public AzureCliCredentialOptions() => throw null; + public System.TimeSpan? ProcessTimeout { get => throw null; set { } } + public string TenantId { get => throw null; set { } } + } + public class AzureDeveloperCliCredential : Azure.Core.TokenCredential + { + public AzureDeveloperCliCredential() => throw null; + public AzureDeveloperCliCredential(Azure.Identity.AzureDeveloperCliCredentialOptions options) => throw null; + public override Azure.Core.AccessToken GetToken(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public override System.Threading.Tasks.ValueTask GetTokenAsync(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + } + public class AzureDeveloperCliCredentialOptions : Azure.Identity.TokenCredentialOptions + { + public System.Collections.Generic.IList AdditionallyAllowedTenants { get => throw null; } + public AzureDeveloperCliCredentialOptions() => throw null; + public System.TimeSpan? ProcessTimeout { get => throw null; set { } } + public string TenantId { get => throw null; set { } } + } + public class AzurePowerShellCredential : Azure.Core.TokenCredential + { + public AzurePowerShellCredential() => throw null; + public AzurePowerShellCredential(Azure.Identity.AzurePowerShellCredentialOptions options) => throw null; + public override Azure.Core.AccessToken GetToken(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken) => throw null; + public override System.Threading.Tasks.ValueTask GetTokenAsync(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + } + public class AzurePowerShellCredentialOptions : Azure.Identity.TokenCredentialOptions + { + public System.Collections.Generic.IList AdditionallyAllowedTenants { get => throw null; } + public AzurePowerShellCredentialOptions() => throw null; + public System.TimeSpan? ProcessTimeout { get => throw null; set { } } + public string TenantId { get => throw null; set { } } + } + public class BrowserCustomizationOptions + { + public BrowserCustomizationOptions() => throw null; + public string ErrorMessage { get => throw null; set { } } + public string SuccessMessage { get => throw null; set { } } + public bool? UseEmbeddedWebView { get => throw null; set { } } + } + public class ChainedTokenCredential : Azure.Core.TokenCredential + { + public ChainedTokenCredential(params Azure.Core.TokenCredential[] sources) => throw null; + public override Azure.Core.AccessToken GetToken(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public override System.Threading.Tasks.ValueTask GetTokenAsync(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + } + public class ClientAssertionCredential : Azure.Core.TokenCredential + { + protected ClientAssertionCredential() => throw null; + public ClientAssertionCredential(string tenantId, string clientId, System.Func> assertionCallback, Azure.Identity.ClientAssertionCredentialOptions options = default(Azure.Identity.ClientAssertionCredentialOptions)) => throw null; + public ClientAssertionCredential(string tenantId, string clientId, System.Func assertionCallback, Azure.Identity.ClientAssertionCredentialOptions options = default(Azure.Identity.ClientAssertionCredentialOptions)) => throw null; + public override Azure.Core.AccessToken GetToken(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public override System.Threading.Tasks.ValueTask GetTokenAsync(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + } + public class ClientAssertionCredentialOptions : Azure.Identity.TokenCredentialOptions + { + public System.Collections.Generic.IList AdditionallyAllowedTenants { get => throw null; } + public ClientAssertionCredentialOptions() => throw null; + public bool DisableInstanceDiscovery { get => throw null; set { } } + } + public class ClientCertificateCredential : Azure.Core.TokenCredential + { + protected ClientCertificateCredential() => throw null; + public ClientCertificateCredential(string tenantId, string clientId, string clientCertificatePath) => throw null; + public ClientCertificateCredential(string tenantId, string clientId, string clientCertificatePath, Azure.Identity.TokenCredentialOptions options) => throw null; + public ClientCertificateCredential(string tenantId, string clientId, string clientCertificatePath, Azure.Identity.ClientCertificateCredentialOptions options) => throw null; + public ClientCertificateCredential(string tenantId, string clientId, System.Security.Cryptography.X509Certificates.X509Certificate2 clientCertificate) => throw null; + public ClientCertificateCredential(string tenantId, string clientId, System.Security.Cryptography.X509Certificates.X509Certificate2 clientCertificate, Azure.Identity.TokenCredentialOptions options) => throw null; + public ClientCertificateCredential(string tenantId, string clientId, System.Security.Cryptography.X509Certificates.X509Certificate2 clientCertificate, Azure.Identity.ClientCertificateCredentialOptions options) => throw null; + public override Azure.Core.AccessToken GetToken(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public override System.Threading.Tasks.ValueTask GetTokenAsync(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + } + public class ClientCertificateCredentialOptions : Azure.Identity.TokenCredentialOptions + { + public System.Collections.Generic.IList AdditionallyAllowedTenants { get => throw null; } + public ClientCertificateCredentialOptions() => throw null; + public bool DisableInstanceDiscovery { get => throw null; set { } } + public bool SendCertificateChain { get => throw null; set { } } + public Azure.Identity.TokenCachePersistenceOptions TokenCachePersistenceOptions { get => throw null; set { } } + } + public class ClientSecretCredential : Azure.Core.TokenCredential + { + protected ClientSecretCredential() => throw null; + public ClientSecretCredential(string tenantId, string clientId, string clientSecret) => throw null; + public ClientSecretCredential(string tenantId, string clientId, string clientSecret, Azure.Identity.ClientSecretCredentialOptions options) => throw null; + public ClientSecretCredential(string tenantId, string clientId, string clientSecret, Azure.Identity.TokenCredentialOptions options) => throw null; + public override Azure.Core.AccessToken GetToken(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public override System.Threading.Tasks.ValueTask GetTokenAsync(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + } + public class ClientSecretCredentialOptions : Azure.Identity.TokenCredentialOptions + { + public System.Collections.Generic.IList AdditionallyAllowedTenants { get => throw null; } + public ClientSecretCredentialOptions() => throw null; + public bool DisableInstanceDiscovery { get => throw null; set { } } + public Azure.Identity.TokenCachePersistenceOptions TokenCachePersistenceOptions { get => throw null; set { } } + } + public class CredentialUnavailableException : Azure.Identity.AuthenticationFailedException + { + public CredentialUnavailableException(string message) : base(default(string)) => throw null; + public CredentialUnavailableException(string message, System.Exception innerException) : base(default(string)) => throw null; + protected CredentialUnavailableException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) : base(default(string)) => throw null; + } + public class DefaultAzureCredential : Azure.Core.TokenCredential + { + public DefaultAzureCredential(bool includeInteractiveCredentials = default(bool)) => throw null; + public DefaultAzureCredential(Azure.Identity.DefaultAzureCredentialOptions options) => throw null; + public override Azure.Core.AccessToken GetToken(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public override System.Threading.Tasks.ValueTask GetTokenAsync(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + } + public class DefaultAzureCredentialOptions : Azure.Identity.TokenCredentialOptions + { + public System.Collections.Generic.IList AdditionallyAllowedTenants { get => throw null; } + public System.TimeSpan? CredentialProcessTimeout { get => throw null; set { } } + public DefaultAzureCredentialOptions() => throw null; + public bool DisableInstanceDiscovery { get => throw null; set { } } + public bool ExcludeAzureCliCredential { get => throw null; set { } } + public bool ExcludeAzureDeveloperCliCredential { get => throw null; set { } } + public bool ExcludeAzurePowerShellCredential { get => throw null; set { } } + public bool ExcludeEnvironmentCredential { get => throw null; set { } } + public bool ExcludeInteractiveBrowserCredential { get => throw null; set { } } + public bool ExcludeManagedIdentityCredential { get => throw null; set { } } + public bool ExcludeSharedTokenCacheCredential { get => throw null; set { } } + public bool ExcludeVisualStudioCodeCredential { get => throw null; set { } } + public bool ExcludeVisualStudioCredential { get => throw null; set { } } + public bool ExcludeWorkloadIdentityCredential { get => throw null; set { } } + public string InteractiveBrowserCredentialClientId { get => throw null; set { } } + public string InteractiveBrowserTenantId { get => throw null; set { } } + public string ManagedIdentityClientId { get => throw null; set { } } + public Azure.Core.ResourceIdentifier ManagedIdentityResourceId { get => throw null; set { } } + public string SharedTokenCacheTenantId { get => throw null; set { } } + public string SharedTokenCacheUsername { get => throw null; set { } } + public string TenantId { get => throw null; set { } } + public string VisualStudioCodeTenantId { get => throw null; set { } } + public string VisualStudioTenantId { get => throw null; set { } } + public string WorkloadIdentityClientId { get => throw null; set { } } + } + public class DeviceCodeCredential : Azure.Core.TokenCredential + { + public virtual Azure.Identity.AuthenticationRecord Authenticate(System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public virtual Azure.Identity.AuthenticationRecord Authenticate(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public virtual System.Threading.Tasks.Task AuthenticateAsync(System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public virtual System.Threading.Tasks.Task AuthenticateAsync(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public DeviceCodeCredential() => throw null; + public DeviceCodeCredential(Azure.Identity.DeviceCodeCredentialOptions options) => throw null; + public DeviceCodeCredential(System.Func deviceCodeCallback, string clientId, Azure.Identity.TokenCredentialOptions options = default(Azure.Identity.TokenCredentialOptions)) => throw null; + public DeviceCodeCredential(System.Func deviceCodeCallback, string tenantId, string clientId, Azure.Identity.TokenCredentialOptions options = default(Azure.Identity.TokenCredentialOptions)) => throw null; + public override Azure.Core.AccessToken GetToken(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public override System.Threading.Tasks.ValueTask GetTokenAsync(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + } + public class DeviceCodeCredentialOptions : Azure.Identity.TokenCredentialOptions + { + public System.Collections.Generic.IList AdditionallyAllowedTenants { get => throw null; } + public Azure.Identity.AuthenticationRecord AuthenticationRecord { get => throw null; set { } } + public string ClientId { get => throw null; set { } } + public DeviceCodeCredentialOptions() => throw null; + public System.Func DeviceCodeCallback { get => throw null; set { } } + public bool DisableAutomaticAuthentication { get => throw null; set { } } + public bool DisableInstanceDiscovery { get => throw null; set { } } + public string TenantId { get => throw null; set { } } + public Azure.Identity.TokenCachePersistenceOptions TokenCachePersistenceOptions { get => throw null; set { } } + } + public struct DeviceCodeInfo + { + public string ClientId { get => throw null; } + public string DeviceCode { get => throw null; } + public System.DateTimeOffset ExpiresOn { get => throw null; } + public string Message { get => throw null; } + public System.Collections.Generic.IReadOnlyCollection Scopes { get => throw null; } + public string UserCode { get => throw null; } + public System.Uri VerificationUri { get => throw null; } + } + public class EnvironmentCredential : Azure.Core.TokenCredential + { + public EnvironmentCredential() => throw null; + public EnvironmentCredential(Azure.Identity.TokenCredentialOptions options) => throw null; + public EnvironmentCredential(Azure.Identity.EnvironmentCredentialOptions options) => throw null; + public override Azure.Core.AccessToken GetToken(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public override System.Threading.Tasks.ValueTask GetTokenAsync(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + } + public class EnvironmentCredentialOptions : Azure.Identity.TokenCredentialOptions + { + public System.Collections.Generic.IList AdditionallyAllowedTenants { get => throw null; } + public EnvironmentCredentialOptions() => throw null; + public bool DisableInstanceDiscovery { get => throw null; set { } } + } + public static class IdentityModelFactory + { + public static Azure.Identity.AuthenticationRecord AuthenticationRecord(string username, string authority, string homeAccountId, string tenantId, string clientId) => throw null; + public static Azure.Identity.DeviceCodeInfo DeviceCodeInfo(string userCode, string deviceCode, System.Uri verificationUri, System.DateTimeOffset expiresOn, string message, string clientId, System.Collections.Generic.IReadOnlyCollection scopes) => throw null; + } + public class InteractiveBrowserCredential : Azure.Core.TokenCredential + { + public virtual Azure.Identity.AuthenticationRecord Authenticate(System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public virtual Azure.Identity.AuthenticationRecord Authenticate(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public virtual System.Threading.Tasks.Task AuthenticateAsync(System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public virtual System.Threading.Tasks.Task AuthenticateAsync(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public InteractiveBrowserCredential() => throw null; + public InteractiveBrowserCredential(Azure.Identity.InteractiveBrowserCredentialOptions options) => throw null; + public InteractiveBrowserCredential(string clientId) => throw null; + public InteractiveBrowserCredential(string tenantId, string clientId, Azure.Identity.TokenCredentialOptions options = default(Azure.Identity.TokenCredentialOptions)) => throw null; + public override Azure.Core.AccessToken GetToken(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public override System.Threading.Tasks.ValueTask GetTokenAsync(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + } + public class InteractiveBrowserCredentialOptions : Azure.Identity.TokenCredentialOptions + { + public System.Collections.Generic.IList AdditionallyAllowedTenants { get => throw null; } + public Azure.Identity.AuthenticationRecord AuthenticationRecord { get => throw null; set { } } + public Azure.Identity.BrowserCustomizationOptions BrowserCustomization { get => throw null; set { } } + public string ClientId { get => throw null; set { } } + public InteractiveBrowserCredentialOptions() => throw null; + public bool DisableAutomaticAuthentication { get => throw null; set { } } + public bool DisableInstanceDiscovery { get => throw null; set { } } + public string LoginHint { get => throw null; set { } } + public System.Uri RedirectUri { get => throw null; set { } } + public string TenantId { get => throw null; set { } } + public Azure.Identity.TokenCachePersistenceOptions TokenCachePersistenceOptions { get => throw null; set { } } + } + public class ManagedIdentityCredential : Azure.Core.TokenCredential + { + protected ManagedIdentityCredential() => throw null; + public ManagedIdentityCredential(string clientId = default(string), Azure.Identity.TokenCredentialOptions options = default(Azure.Identity.TokenCredentialOptions)) => throw null; + public ManagedIdentityCredential(Azure.Core.ResourceIdentifier resourceId, Azure.Identity.TokenCredentialOptions options = default(Azure.Identity.TokenCredentialOptions)) => throw null; + public override Azure.Core.AccessToken GetToken(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public override System.Threading.Tasks.ValueTask GetTokenAsync(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + } + public class OnBehalfOfCredential : Azure.Core.TokenCredential + { + protected OnBehalfOfCredential() => throw null; + public OnBehalfOfCredential(string tenantId, string clientId, System.Security.Cryptography.X509Certificates.X509Certificate2 clientCertificate, string userAssertion) => throw null; + public OnBehalfOfCredential(string tenantId, string clientId, System.Security.Cryptography.X509Certificates.X509Certificate2 clientCertificate, string userAssertion, Azure.Identity.OnBehalfOfCredentialOptions options) => throw null; + public OnBehalfOfCredential(string tenantId, string clientId, string clientSecret, string userAssertion) => throw null; + public OnBehalfOfCredential(string tenantId, string clientId, string clientSecret, string userAssertion, Azure.Identity.OnBehalfOfCredentialOptions options) => throw null; + public override Azure.Core.AccessToken GetToken(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken) => throw null; + public override System.Threading.Tasks.ValueTask GetTokenAsync(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken) => throw null; + } + public class OnBehalfOfCredentialOptions : Azure.Identity.TokenCredentialOptions + { + public System.Collections.Generic.IList AdditionallyAllowedTenants { get => throw null; } + public OnBehalfOfCredentialOptions() => throw null; + public bool DisableInstanceDiscovery { get => throw null; set { } } + public bool SendCertificateChain { get => throw null; set { } } + public Azure.Identity.TokenCachePersistenceOptions TokenCachePersistenceOptions { get => throw null; set { } } + } + public class SharedTokenCacheCredential : Azure.Core.TokenCredential + { + public SharedTokenCacheCredential() => throw null; + public SharedTokenCacheCredential(Azure.Identity.SharedTokenCacheCredentialOptions options) => throw null; + public SharedTokenCacheCredential(string username, Azure.Identity.TokenCredentialOptions options = default(Azure.Identity.TokenCredentialOptions)) => throw null; + public override Azure.Core.AccessToken GetToken(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public override System.Threading.Tasks.ValueTask GetTokenAsync(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + } + public class SharedTokenCacheCredentialOptions : Azure.Identity.TokenCredentialOptions + { + public Azure.Identity.AuthenticationRecord AuthenticationRecord { get => throw null; set { } } + public string ClientId { get => throw null; set { } } + public SharedTokenCacheCredentialOptions() => throw null; + public SharedTokenCacheCredentialOptions(Azure.Identity.TokenCachePersistenceOptions tokenCacheOptions) => throw null; + public bool DisableInstanceDiscovery { get => throw null; set { } } + public bool EnableGuestTenantAuthentication { get => throw null; set { } } + public string TenantId { get => throw null; set { } } + public Azure.Identity.TokenCachePersistenceOptions TokenCachePersistenceOptions { get => throw null; set { } } + public string Username { get => throw null; set { } } + } + public struct TokenCacheData + { + public System.ReadOnlyMemory CacheBytes { get => throw null; } + public TokenCacheData(System.ReadOnlyMemory cacheBytes) => throw null; + } + public class TokenCachePersistenceOptions + { + public TokenCachePersistenceOptions() => throw null; + public string Name { get => throw null; set { } } + public bool UnsafeAllowUnencryptedStorage { get => throw null; set { } } + } + public class TokenCacheRefreshArgs + { + public bool IsCaeEnabled { get => throw null; } + public string SuggestedCacheKey { get => throw null; } + } + public class TokenCacheUpdatedArgs + { + public bool IsCaeEnabled { get => throw null; } + public System.ReadOnlyMemory UnsafeCacheData { get => throw null; } + } + public class TokenCredentialDiagnosticsOptions : Azure.Core.DiagnosticsOptions + { + public TokenCredentialDiagnosticsOptions() => throw null; + public bool IsAccountIdentifierLoggingEnabled { get => throw null; set { } } + } + public class TokenCredentialOptions : Azure.Core.ClientOptions + { + public System.Uri AuthorityHost { get => throw null; set { } } + public TokenCredentialOptions() => throw null; + public Azure.Identity.TokenCredentialDiagnosticsOptions Diagnostics { get => throw null; } + public bool IsUnsafeSupportLoggingEnabled { get => throw null; set { } } + } + public abstract class UnsafeTokenCacheOptions : Azure.Identity.TokenCachePersistenceOptions + { + protected UnsafeTokenCacheOptions() => throw null; + protected abstract System.Threading.Tasks.Task> RefreshCacheAsync(); + protected virtual System.Threading.Tasks.Task RefreshCacheAsync(Azure.Identity.TokenCacheRefreshArgs args, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + protected abstract System.Threading.Tasks.Task TokenCacheUpdatedAsync(Azure.Identity.TokenCacheUpdatedArgs tokenCacheUpdatedArgs); + } + public class UsernamePasswordCredential : Azure.Core.TokenCredential + { + public virtual Azure.Identity.AuthenticationRecord Authenticate(System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public virtual Azure.Identity.AuthenticationRecord Authenticate(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public virtual System.Threading.Tasks.Task AuthenticateAsync(System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public virtual System.Threading.Tasks.Task AuthenticateAsync(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + protected UsernamePasswordCredential() => throw null; + public UsernamePasswordCredential(string username, string password, string tenantId, string clientId) => throw null; + public UsernamePasswordCredential(string username, string password, string tenantId, string clientId, Azure.Identity.TokenCredentialOptions options) => throw null; + public UsernamePasswordCredential(string username, string password, string tenantId, string clientId, Azure.Identity.UsernamePasswordCredentialOptions options) => throw null; + public override Azure.Core.AccessToken GetToken(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public override System.Threading.Tasks.ValueTask GetTokenAsync(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + } + public class UsernamePasswordCredentialOptions : Azure.Identity.TokenCredentialOptions + { + public System.Collections.Generic.IList AdditionallyAllowedTenants { get => throw null; } + public UsernamePasswordCredentialOptions() => throw null; + public bool DisableInstanceDiscovery { get => throw null; set { } } + public Azure.Identity.TokenCachePersistenceOptions TokenCachePersistenceOptions { get => throw null; set { } } + } + public class VisualStudioCodeCredential : Azure.Core.TokenCredential + { + public VisualStudioCodeCredential() => throw null; + public VisualStudioCodeCredential(Azure.Identity.VisualStudioCodeCredentialOptions options) => throw null; + public override Azure.Core.AccessToken GetToken(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken) => throw null; + public override System.Threading.Tasks.ValueTask GetTokenAsync(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken) => throw null; + } + public class VisualStudioCodeCredentialOptions : Azure.Identity.TokenCredentialOptions + { + public System.Collections.Generic.IList AdditionallyAllowedTenants { get => throw null; } + public VisualStudioCodeCredentialOptions() => throw null; + public string TenantId { get => throw null; set { } } + } + public class VisualStudioCredential : Azure.Core.TokenCredential + { + public VisualStudioCredential() => throw null; + public VisualStudioCredential(Azure.Identity.VisualStudioCredentialOptions options) => throw null; + public override Azure.Core.AccessToken GetToken(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken) => throw null; + public override System.Threading.Tasks.ValueTask GetTokenAsync(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken) => throw null; + } + public class VisualStudioCredentialOptions : Azure.Identity.TokenCredentialOptions + { + public System.Collections.Generic.IList AdditionallyAllowedTenants { get => throw null; } + public VisualStudioCredentialOptions() => throw null; + public System.TimeSpan? ProcessTimeout { get => throw null; set { } } + public string TenantId { get => throw null; set { } } + } + public class WorkloadIdentityCredential : Azure.Core.TokenCredential + { + public WorkloadIdentityCredential() => throw null; + public WorkloadIdentityCredential(Azure.Identity.WorkloadIdentityCredentialOptions options) => throw null; + public override Azure.Core.AccessToken GetToken(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public override System.Threading.Tasks.ValueTask GetTokenAsync(Azure.Core.TokenRequestContext requestContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + } + public class WorkloadIdentityCredentialOptions : Azure.Identity.TokenCredentialOptions + { + public System.Collections.Generic.IList AdditionallyAllowedTenants { get => throw null; } + public string ClientId { get => throw null; set { } } + public WorkloadIdentityCredentialOptions() => throw null; + public bool DisableInstanceDiscovery { get => throw null; set { } } + public string TenantId { get => throw null; set { } } + public string TokenFilePath { get => throw null; set { } } + } + } +} diff --git a/csharp/ql/test/resources/stubs/Azure.Identity/1.11.4/Azure.Identity.csproj b/csharp/ql/test/resources/stubs/Azure.Identity/1.11.4/Azure.Identity.csproj new file mode 100644 index 00000000000..e16e446b3a1 --- /dev/null +++ b/csharp/ql/test/resources/stubs/Azure.Identity/1.11.4/Azure.Identity.csproj @@ -0,0 +1,19 @@ + + + net9.0 + true + bin\ + false + + + + + + + + + + + + + diff --git a/csharp/ql/test/resources/stubs/Microsoft.Bcl.AsyncInterfaces/1.1.1/Microsoft.Bcl.AsyncInterfaces.csproj b/csharp/ql/test/resources/stubs/Microsoft.Bcl.AsyncInterfaces/1.1.1/Microsoft.Bcl.AsyncInterfaces.csproj new file mode 100644 index 00000000000..c7646fbae20 --- /dev/null +++ b/csharp/ql/test/resources/stubs/Microsoft.Bcl.AsyncInterfaces/1.1.1/Microsoft.Bcl.AsyncInterfaces.csproj @@ -0,0 +1,12 @@ + + + net9.0 + true + bin\ + false + + + + + + diff --git a/csharp/ql/test/resources/stubs/Microsoft.Bcl.Cryptography/9.0.4/Microsoft.Bcl.Cryptography.csproj b/csharp/ql/test/resources/stubs/Microsoft.Bcl.Cryptography/9.0.4/Microsoft.Bcl.Cryptography.csproj new file mode 100644 index 00000000000..c7646fbae20 --- /dev/null +++ b/csharp/ql/test/resources/stubs/Microsoft.Bcl.Cryptography/9.0.4/Microsoft.Bcl.Cryptography.csproj @@ -0,0 +1,12 @@ + + + net9.0 + true + bin\ + false + + + + + + diff --git a/csharp/ql/test/resources/stubs/Microsoft.Data.SqlClient.SNI.runtime/6.0.2/Microsoft.Data.SqlClient.SNI.runtime.csproj b/csharp/ql/test/resources/stubs/Microsoft.Data.SqlClient.SNI.runtime/6.0.2/Microsoft.Data.SqlClient.SNI.runtime.csproj new file mode 100644 index 00000000000..c7646fbae20 --- /dev/null +++ b/csharp/ql/test/resources/stubs/Microsoft.Data.SqlClient.SNI.runtime/6.0.2/Microsoft.Data.SqlClient.SNI.runtime.csproj @@ -0,0 +1,12 @@ + + + net9.0 + true + bin\ + false + + + + + + diff --git a/csharp/ql/test/resources/stubs/Microsoft.Data.SqlClient/6.0.2/Microsoft.Data.SqlClient.cs b/csharp/ql/test/resources/stubs/Microsoft.Data.SqlClient/6.0.2/Microsoft.Data.SqlClient.cs new file mode 100644 index 00000000000..754a0767f37 --- /dev/null +++ b/csharp/ql/test/resources/stubs/Microsoft.Data.SqlClient/6.0.2/Microsoft.Data.SqlClient.cs @@ -0,0 +1,1445 @@ +// This file contains auto-generated code. +// Generated from `Microsoft.Data.SqlClient, Version=6.0.0.0, Culture=neutral, PublicKeyToken=23ec7fc2d6eaa4a5`. +namespace Microsoft +{ + namespace Data + { + public sealed class OperationAbortedException : System.SystemException + { + } + namespace Sql + { + public sealed class SqlDataSourceEnumerator : System.Data.Common.DbDataSourceEnumerator + { + public SqlDataSourceEnumerator() => throw null; + public override System.Data.DataTable GetDataSources() => throw null; + public static Microsoft.Data.Sql.SqlDataSourceEnumerator Instance { get => throw null; } + } + public sealed class SqlNotificationRequest + { + public SqlNotificationRequest() => throw null; + public SqlNotificationRequest(string userData, string options, int timeout) => throw null; + public string Options { get => throw null; set { } } + public int Timeout { get => throw null; set { } } + public string UserData { get => throw null; set { } } + } + } + namespace SqlClient + { + public sealed class ActiveDirectoryAuthenticationProvider : Microsoft.Data.SqlClient.SqlAuthenticationProvider + { + public override System.Threading.Tasks.Task AcquireTokenAsync(Microsoft.Data.SqlClient.SqlAuthenticationParameters parameters) => throw null; + public override void BeforeLoad(Microsoft.Data.SqlClient.SqlAuthenticationMethod authentication) => throw null; + public override void BeforeUnload(Microsoft.Data.SqlClient.SqlAuthenticationMethod authentication) => throw null; + public static void ClearUserTokenCache() => throw null; + public ActiveDirectoryAuthenticationProvider() => throw null; + public ActiveDirectoryAuthenticationProvider(string applicationClientId) => throw null; + public ActiveDirectoryAuthenticationProvider(System.Func deviceCodeFlowCallbackMethod, string applicationClientId = default(string)) => throw null; + public override bool IsSupported(Microsoft.Data.SqlClient.SqlAuthenticationMethod authentication) => throw null; + public void SetAcquireAuthorizationCodeAsyncCallback(System.Func> acquireAuthorizationCodeAsyncCallback) => throw null; + public void SetDeviceCodeFlowCallback(System.Func deviceCodeFlowCallbackMethod) => throw null; + } + public enum ApplicationIntent + { + ReadOnly = 1, + ReadWrite = 0, + } + namespace DataClassification + { + public class ColumnSensitivity + { + public ColumnSensitivity(System.Collections.Generic.IList sensitivityProperties) => throw null; + public System.Collections.ObjectModel.ReadOnlyCollection SensitivityProperties { get => throw null; } + } + public class InformationType + { + public InformationType(string name, string id) => throw null; + public string Id { get => throw null; } + public string Name { get => throw null; } + } + public class Label + { + public Label(string name, string id) => throw null; + public string Id { get => throw null; } + public string Name { get => throw null; } + } + public class SensitivityClassification + { + public System.Collections.ObjectModel.ReadOnlyCollection ColumnSensitivities { get => throw null; } + public SensitivityClassification(System.Collections.Generic.IList labels, System.Collections.Generic.IList informationTypes, System.Collections.Generic.IList columnSensitivity, Microsoft.Data.SqlClient.DataClassification.SensitivityRank sensitivityRank) => throw null; + public System.Collections.ObjectModel.ReadOnlyCollection InformationTypes { get => throw null; } + public System.Collections.ObjectModel.ReadOnlyCollection Labels { get => throw null; } + public Microsoft.Data.SqlClient.DataClassification.SensitivityRank SensitivityRank { get => throw null; } + } + public class SensitivityProperty + { + public SensitivityProperty(Microsoft.Data.SqlClient.DataClassification.Label label, Microsoft.Data.SqlClient.DataClassification.InformationType informationType, Microsoft.Data.SqlClient.DataClassification.SensitivityRank sensitivityRank) => throw null; + public Microsoft.Data.SqlClient.DataClassification.InformationType InformationType { get => throw null; } + public Microsoft.Data.SqlClient.DataClassification.Label Label { get => throw null; } + public Microsoft.Data.SqlClient.DataClassification.SensitivityRank SensitivityRank { get => throw null; } + } + public enum SensitivityRank + { + NOT_DEFINED = -1, + NONE = 0, + LOW = 10, + MEDIUM = 20, + HIGH = 30, + CRITICAL = 40, + } + } + namespace Diagnostics + { + public sealed class SqlClientCommandAfter : System.Collections.Generic.IEnumerable>, System.Collections.IEnumerable, System.Collections.Generic.IReadOnlyCollection>, System.Collections.Generic.IReadOnlyList> + { + public Microsoft.Data.SqlClient.SqlCommand Command { get => throw null; } + public System.Guid? ConnectionId { get => throw null; } + public int Count { get => throw null; } + public SqlClientCommandAfter() => throw null; + System.Collections.IEnumerator System.Collections.IEnumerable.GetEnumerator() => throw null; + public System.Collections.Generic.IEnumerator> GetEnumerator() => throw null; + public const string Name = default; + public string Operation { get => throw null; } + public System.Guid OperationId { get => throw null; } + public System.Collections.IDictionary Statistics { get => throw null; } + public System.Collections.Generic.KeyValuePair this[int index] { get => throw null; } + public long Timestamp { get => throw null; } + public long? TransactionId { get => throw null; } + } + public sealed class SqlClientCommandBefore : System.Collections.Generic.IEnumerable>, System.Collections.IEnumerable, System.Collections.Generic.IReadOnlyCollection>, System.Collections.Generic.IReadOnlyList> + { + public Microsoft.Data.SqlClient.SqlCommand Command { get => throw null; } + public System.Guid? ConnectionId { get => throw null; } + public int Count { get => throw null; } + public SqlClientCommandBefore() => throw null; + System.Collections.IEnumerator System.Collections.IEnumerable.GetEnumerator() => throw null; + public System.Collections.Generic.IEnumerator> GetEnumerator() => throw null; + public const string Name = default; + public string Operation { get => throw null; } + public System.Guid OperationId { get => throw null; } + public System.Collections.Generic.KeyValuePair this[int index] { get => throw null; } + public long Timestamp { get => throw null; } + public long? TransactionId { get => throw null; } + } + public sealed class SqlClientCommandError : System.Collections.Generic.IEnumerable>, System.Collections.IEnumerable, System.Collections.Generic.IReadOnlyCollection>, System.Collections.Generic.IReadOnlyList> + { + public Microsoft.Data.SqlClient.SqlCommand Command { get => throw null; } + public System.Guid? ConnectionId { get => throw null; } + public int Count { get => throw null; } + public SqlClientCommandError() => throw null; + public System.Exception Exception { get => throw null; } + System.Collections.IEnumerator System.Collections.IEnumerable.GetEnumerator() => throw null; + public System.Collections.Generic.IEnumerator> GetEnumerator() => throw null; + public const string Name = default; + public string Operation { get => throw null; } + public System.Guid OperationId { get => throw null; } + public System.Collections.Generic.KeyValuePair this[int index] { get => throw null; } + public long Timestamp { get => throw null; } + public long? TransactionId { get => throw null; } + } + public sealed class SqlClientConnectionCloseAfter : System.Collections.Generic.IEnumerable>, System.Collections.IEnumerable, System.Collections.Generic.IReadOnlyCollection>, System.Collections.Generic.IReadOnlyList> + { + public Microsoft.Data.SqlClient.SqlConnection Connection { get => throw null; } + public System.Guid? ConnectionId { get => throw null; } + public int Count { get => throw null; } + public SqlClientConnectionCloseAfter() => throw null; + System.Collections.IEnumerator System.Collections.IEnumerable.GetEnumerator() => throw null; + public System.Collections.Generic.IEnumerator> GetEnumerator() => throw null; + public const string Name = default; + public string Operation { get => throw null; } + public System.Guid OperationId { get => throw null; } + public System.Collections.IDictionary Statistics { get => throw null; } + public System.Collections.Generic.KeyValuePair this[int index] { get => throw null; } + public long Timestamp { get => throw null; } + } + public sealed class SqlClientConnectionCloseBefore : System.Collections.Generic.IEnumerable>, System.Collections.IEnumerable, System.Collections.Generic.IReadOnlyCollection>, System.Collections.Generic.IReadOnlyList> + { + public Microsoft.Data.SqlClient.SqlConnection Connection { get => throw null; } + public System.Guid? ConnectionId { get => throw null; } + public int Count { get => throw null; } + public SqlClientConnectionCloseBefore() => throw null; + System.Collections.IEnumerator System.Collections.IEnumerable.GetEnumerator() => throw null; + public System.Collections.Generic.IEnumerator> GetEnumerator() => throw null; + public const string Name = default; + public string Operation { get => throw null; } + public System.Guid OperationId { get => throw null; } + public System.Collections.IDictionary Statistics { get => throw null; } + public System.Collections.Generic.KeyValuePair this[int index] { get => throw null; } + public long Timestamp { get => throw null; } + } + public sealed class SqlClientConnectionCloseError : System.Collections.Generic.IEnumerable>, System.Collections.IEnumerable, System.Collections.Generic.IReadOnlyCollection>, System.Collections.Generic.IReadOnlyList> + { + public Microsoft.Data.SqlClient.SqlConnection Connection { get => throw null; } + public System.Guid? ConnectionId { get => throw null; } + public int Count { get => throw null; } + public SqlClientConnectionCloseError() => throw null; + public System.Exception Exception { get => throw null; } + System.Collections.IEnumerator System.Collections.IEnumerable.GetEnumerator() => throw null; + public System.Collections.Generic.IEnumerator> GetEnumerator() => throw null; + public const string Name = default; + public string Operation { get => throw null; } + public System.Guid OperationId { get => throw null; } + public System.Collections.IDictionary Statistics { get => throw null; } + public System.Collections.Generic.KeyValuePair this[int index] { get => throw null; } + public long Timestamp { get => throw null; } + } + public sealed class SqlClientConnectionOpenAfter : System.Collections.Generic.IEnumerable>, System.Collections.IEnumerable, System.Collections.Generic.IReadOnlyCollection>, System.Collections.Generic.IReadOnlyList> + { + public string ClientVersion { get => throw null; } + public Microsoft.Data.SqlClient.SqlConnection Connection { get => throw null; } + public System.Guid ConnectionId { get => throw null; } + public int Count { get => throw null; } + public SqlClientConnectionOpenAfter() => throw null; + System.Collections.IEnumerator System.Collections.IEnumerable.GetEnumerator() => throw null; + public System.Collections.Generic.IEnumerator> GetEnumerator() => throw null; + public const string Name = default; + public string Operation { get => throw null; } + public System.Guid OperationId { get => throw null; } + public System.Collections.IDictionary Statistics { get => throw null; } + public System.Collections.Generic.KeyValuePair this[int index] { get => throw null; } + public long Timestamp { get => throw null; } + } + public sealed class SqlClientConnectionOpenBefore : System.Collections.Generic.IEnumerable>, System.Collections.IEnumerable, System.Collections.Generic.IReadOnlyCollection>, System.Collections.Generic.IReadOnlyList> + { + public string ClientVersion { get => throw null; } + public Microsoft.Data.SqlClient.SqlConnection Connection { get => throw null; } + public int Count { get => throw null; } + public SqlClientConnectionOpenBefore() => throw null; + System.Collections.IEnumerator System.Collections.IEnumerable.GetEnumerator() => throw null; + public System.Collections.Generic.IEnumerator> GetEnumerator() => throw null; + public const string Name = default; + public string Operation { get => throw null; } + public System.Guid OperationId { get => throw null; } + public System.Collections.Generic.KeyValuePair this[int index] { get => throw null; } + public long Timestamp { get => throw null; } + } + public sealed class SqlClientConnectionOpenError : System.Collections.Generic.IEnumerable>, System.Collections.IEnumerable, System.Collections.Generic.IReadOnlyCollection>, System.Collections.Generic.IReadOnlyList> + { + public string ClientVersion { get => throw null; } + public Microsoft.Data.SqlClient.SqlConnection Connection { get => throw null; } + public System.Guid ConnectionId { get => throw null; } + public int Count { get => throw null; } + public SqlClientConnectionOpenError() => throw null; + public System.Exception Exception { get => throw null; } + System.Collections.IEnumerator System.Collections.IEnumerable.GetEnumerator() => throw null; + public System.Collections.Generic.IEnumerator> GetEnumerator() => throw null; + public const string Name = default; + public string Operation { get => throw null; } + public System.Guid OperationId { get => throw null; } + public System.Collections.Generic.KeyValuePair this[int index] { get => throw null; } + public long Timestamp { get => throw null; } + } + public sealed class SqlClientTransactionCommitAfter : System.Collections.Generic.IEnumerable>, System.Collections.IEnumerable, System.Collections.Generic.IReadOnlyCollection>, System.Collections.Generic.IReadOnlyList> + { + public Microsoft.Data.SqlClient.SqlConnection Connection { get => throw null; } + public int Count { get => throw null; } + public SqlClientTransactionCommitAfter() => throw null; + System.Collections.IEnumerator System.Collections.IEnumerable.GetEnumerator() => throw null; + public System.Collections.Generic.IEnumerator> GetEnumerator() => throw null; + public System.Data.IsolationLevel IsolationLevel { get => throw null; } + public const string Name = default; + public string Operation { get => throw null; } + public System.Guid OperationId { get => throw null; } + public System.Collections.Generic.KeyValuePair this[int index] { get => throw null; } + public long Timestamp { get => throw null; } + public long? TransactionId { get => throw null; } + } + public sealed class SqlClientTransactionCommitBefore : System.Collections.Generic.IEnumerable>, System.Collections.IEnumerable, System.Collections.Generic.IReadOnlyCollection>, System.Collections.Generic.IReadOnlyList> + { + public Microsoft.Data.SqlClient.SqlConnection Connection { get => throw null; } + public int Count { get => throw null; } + public SqlClientTransactionCommitBefore() => throw null; + System.Collections.IEnumerator System.Collections.IEnumerable.GetEnumerator() => throw null; + public System.Collections.Generic.IEnumerator> GetEnumerator() => throw null; + public System.Data.IsolationLevel IsolationLevel { get => throw null; } + public const string Name = default; + public string Operation { get => throw null; } + public System.Guid OperationId { get => throw null; } + public System.Collections.Generic.KeyValuePair this[int index] { get => throw null; } + public long Timestamp { get => throw null; } + public long? TransactionId { get => throw null; } + } + public sealed class SqlClientTransactionCommitError : System.Collections.Generic.IEnumerable>, System.Collections.IEnumerable, System.Collections.Generic.IReadOnlyCollection>, System.Collections.Generic.IReadOnlyList> + { + public Microsoft.Data.SqlClient.SqlConnection Connection { get => throw null; } + public int Count { get => throw null; } + public SqlClientTransactionCommitError() => throw null; + public System.Exception Exception { get => throw null; } + System.Collections.IEnumerator System.Collections.IEnumerable.GetEnumerator() => throw null; + public System.Collections.Generic.IEnumerator> GetEnumerator() => throw null; + public System.Data.IsolationLevel IsolationLevel { get => throw null; } + public const string Name = default; + public string Operation { get => throw null; } + public System.Guid OperationId { get => throw null; } + public System.Collections.Generic.KeyValuePair this[int index] { get => throw null; } + public long Timestamp { get => throw null; } + public long? TransactionId { get => throw null; } + } + public sealed class SqlClientTransactionRollbackAfter : System.Collections.Generic.IEnumerable>, System.Collections.IEnumerable, System.Collections.Generic.IReadOnlyCollection>, System.Collections.Generic.IReadOnlyList> + { + public Microsoft.Data.SqlClient.SqlConnection Connection { get => throw null; } + public int Count { get => throw null; } + public SqlClientTransactionRollbackAfter() => throw null; + System.Collections.IEnumerator System.Collections.IEnumerable.GetEnumerator() => throw null; + public System.Collections.Generic.IEnumerator> GetEnumerator() => throw null; + public System.Data.IsolationLevel IsolationLevel { get => throw null; } + public const string Name = default; + public string Operation { get => throw null; } + public System.Guid OperationId { get => throw null; } + public System.Collections.Generic.KeyValuePair this[int index] { get => throw null; } + public long Timestamp { get => throw null; } + public long? TransactionId { get => throw null; } + public string TransactionName { get => throw null; } + } + public sealed class SqlClientTransactionRollbackBefore : System.Collections.Generic.IEnumerable>, System.Collections.IEnumerable, System.Collections.Generic.IReadOnlyCollection>, System.Collections.Generic.IReadOnlyList> + { + public Microsoft.Data.SqlClient.SqlConnection Connection { get => throw null; } + public int Count { get => throw null; } + public SqlClientTransactionRollbackBefore() => throw null; + System.Collections.IEnumerator System.Collections.IEnumerable.GetEnumerator() => throw null; + public System.Collections.Generic.IEnumerator> GetEnumerator() => throw null; + public System.Data.IsolationLevel IsolationLevel { get => throw null; } + public const string Name = default; + public string Operation { get => throw null; } + public System.Guid OperationId { get => throw null; } + public System.Collections.Generic.KeyValuePair this[int index] { get => throw null; } + public long Timestamp { get => throw null; } + public long? TransactionId { get => throw null; } + public string TransactionName { get => throw null; } + } + public sealed class SqlClientTransactionRollbackError : System.Collections.Generic.IEnumerable>, System.Collections.IEnumerable, System.Collections.Generic.IReadOnlyCollection>, System.Collections.Generic.IReadOnlyList> + { + public Microsoft.Data.SqlClient.SqlConnection Connection { get => throw null; } + public int Count { get => throw null; } + public SqlClientTransactionRollbackError() => throw null; + public System.Exception Exception { get => throw null; } + System.Collections.IEnumerator System.Collections.IEnumerable.GetEnumerator() => throw null; + public System.Collections.Generic.IEnumerator> GetEnumerator() => throw null; + public System.Data.IsolationLevel IsolationLevel { get => throw null; } + public const string Name = default; + public string Operation { get => throw null; } + public System.Guid OperationId { get => throw null; } + public System.Collections.Generic.KeyValuePair this[int index] { get => throw null; } + public long Timestamp { get => throw null; } + public long? TransactionId { get => throw null; } + public string TransactionName { get => throw null; } + } + } + public delegate void OnChangeEventHandler(object sender, Microsoft.Data.SqlClient.SqlNotificationEventArgs e); + public enum PoolBlockingPeriod + { + Auto = 0, + AlwaysBlock = 1, + NeverBlock = 2, + } + namespace Server + { + public class SqlDataRecord : System.Data.IDataRecord + { + public SqlDataRecord(params Microsoft.Data.SqlClient.Server.SqlMetaData[] metaData) => throw null; + public virtual int FieldCount { get => throw null; } + public virtual bool GetBoolean(int ordinal) => throw null; + public virtual byte GetByte(int ordinal) => throw null; + public virtual long GetBytes(int ordinal, long fieldOffset, byte[] buffer, int bufferOffset, int length) => throw null; + public virtual char GetChar(int ordinal) => throw null; + public virtual long GetChars(int ordinal, long fieldOffset, char[] buffer, int bufferOffset, int length) => throw null; + System.Data.IDataReader System.Data.IDataRecord.GetData(int ordinal) => throw null; + public virtual string GetDataTypeName(int ordinal) => throw null; + public virtual System.DateTime GetDateTime(int ordinal) => throw null; + public virtual System.DateTimeOffset GetDateTimeOffset(int ordinal) => throw null; + public virtual decimal GetDecimal(int ordinal) => throw null; + public virtual double GetDouble(int ordinal) => throw null; + public virtual System.Type GetFieldType(int ordinal) => throw null; + public virtual float GetFloat(int ordinal) => throw null; + public virtual System.Guid GetGuid(int ordinal) => throw null; + public virtual short GetInt16(int ordinal) => throw null; + public virtual int GetInt32(int ordinal) => throw null; + public virtual long GetInt64(int ordinal) => throw null; + public virtual string GetName(int ordinal) => throw null; + public virtual int GetOrdinal(string name) => throw null; + public virtual System.Data.SqlTypes.SqlBinary GetSqlBinary(int ordinal) => throw null; + public virtual System.Data.SqlTypes.SqlBoolean GetSqlBoolean(int ordinal) => throw null; + public virtual System.Data.SqlTypes.SqlByte GetSqlByte(int ordinal) => throw null; + public virtual System.Data.SqlTypes.SqlBytes GetSqlBytes(int ordinal) => throw null; + public virtual System.Data.SqlTypes.SqlChars GetSqlChars(int ordinal) => throw null; + public virtual System.Data.SqlTypes.SqlDateTime GetSqlDateTime(int ordinal) => throw null; + public virtual System.Data.SqlTypes.SqlDecimal GetSqlDecimal(int ordinal) => throw null; + public virtual System.Data.SqlTypes.SqlDouble GetSqlDouble(int ordinal) => throw null; + public virtual System.Type GetSqlFieldType(int ordinal) => throw null; + public virtual System.Data.SqlTypes.SqlGuid GetSqlGuid(int ordinal) => throw null; + public virtual System.Data.SqlTypes.SqlInt16 GetSqlInt16(int ordinal) => throw null; + public virtual System.Data.SqlTypes.SqlInt32 GetSqlInt32(int ordinal) => throw null; + public virtual System.Data.SqlTypes.SqlInt64 GetSqlInt64(int ordinal) => throw null; + public virtual Microsoft.Data.SqlClient.Server.SqlMetaData GetSqlMetaData(int ordinal) => throw null; + public virtual System.Data.SqlTypes.SqlMoney GetSqlMoney(int ordinal) => throw null; + public virtual System.Data.SqlTypes.SqlSingle GetSqlSingle(int ordinal) => throw null; + public virtual System.Data.SqlTypes.SqlString GetSqlString(int ordinal) => throw null; + public virtual object GetSqlValue(int ordinal) => throw null; + public virtual int GetSqlValues(object[] values) => throw null; + public virtual System.Data.SqlTypes.SqlXml GetSqlXml(int ordinal) => throw null; + public virtual string GetString(int ordinal) => throw null; + public virtual System.TimeSpan GetTimeSpan(int ordinal) => throw null; + public virtual object GetValue(int ordinal) => throw null; + public virtual int GetValues(object[] values) => throw null; + public virtual bool IsDBNull(int ordinal) => throw null; + public virtual void SetBoolean(int ordinal, bool value) => throw null; + public virtual void SetByte(int ordinal, byte value) => throw null; + public virtual void SetBytes(int ordinal, long fieldOffset, byte[] buffer, int bufferOffset, int length) => throw null; + public virtual void SetChar(int ordinal, char value) => throw null; + public virtual void SetChars(int ordinal, long fieldOffset, char[] buffer, int bufferOffset, int length) => throw null; + public virtual void SetDateTime(int ordinal, System.DateTime value) => throw null; + public virtual void SetDateTimeOffset(int ordinal, System.DateTimeOffset value) => throw null; + public virtual void SetDBNull(int ordinal) => throw null; + public virtual void SetDecimal(int ordinal, decimal value) => throw null; + public virtual void SetDouble(int ordinal, double value) => throw null; + public virtual void SetFloat(int ordinal, float value) => throw null; + public virtual void SetGuid(int ordinal, System.Guid value) => throw null; + public virtual void SetInt16(int ordinal, short value) => throw null; + public virtual void SetInt32(int ordinal, int value) => throw null; + public virtual void SetInt64(int ordinal, long value) => throw null; + public virtual void SetSqlBinary(int ordinal, System.Data.SqlTypes.SqlBinary value) => throw null; + public virtual void SetSqlBoolean(int ordinal, System.Data.SqlTypes.SqlBoolean value) => throw null; + public virtual void SetSqlByte(int ordinal, System.Data.SqlTypes.SqlByte value) => throw null; + public virtual void SetSqlBytes(int ordinal, System.Data.SqlTypes.SqlBytes value) => throw null; + public virtual void SetSqlChars(int ordinal, System.Data.SqlTypes.SqlChars value) => throw null; + public virtual void SetSqlDateTime(int ordinal, System.Data.SqlTypes.SqlDateTime value) => throw null; + public virtual void SetSqlDecimal(int ordinal, System.Data.SqlTypes.SqlDecimal value) => throw null; + public virtual void SetSqlDouble(int ordinal, System.Data.SqlTypes.SqlDouble value) => throw null; + public virtual void SetSqlGuid(int ordinal, System.Data.SqlTypes.SqlGuid value) => throw null; + public virtual void SetSqlInt16(int ordinal, System.Data.SqlTypes.SqlInt16 value) => throw null; + public virtual void SetSqlInt32(int ordinal, System.Data.SqlTypes.SqlInt32 value) => throw null; + public virtual void SetSqlInt64(int ordinal, System.Data.SqlTypes.SqlInt64 value) => throw null; + public virtual void SetSqlMoney(int ordinal, System.Data.SqlTypes.SqlMoney value) => throw null; + public virtual void SetSqlSingle(int ordinal, System.Data.SqlTypes.SqlSingle value) => throw null; + public virtual void SetSqlString(int ordinal, System.Data.SqlTypes.SqlString value) => throw null; + public virtual void SetSqlXml(int ordinal, System.Data.SqlTypes.SqlXml value) => throw null; + public virtual void SetString(int ordinal, string value) => throw null; + public virtual void SetTimeSpan(int ordinal, System.TimeSpan value) => throw null; + public virtual void SetValue(int ordinal, object value) => throw null; + public virtual int SetValues(params object[] values) => throw null; + public virtual object this[int ordinal] { get => throw null; } + public virtual object this[string name] { get => throw null; } + } + public sealed class SqlMetaData + { + public bool Adjust(bool value) => throw null; + public byte Adjust(byte value) => throw null; + public byte[] Adjust(byte[] value) => throw null; + public char Adjust(char value) => throw null; + public char[] Adjust(char[] value) => throw null; + public System.Data.SqlTypes.SqlBinary Adjust(System.Data.SqlTypes.SqlBinary value) => throw null; + public System.Data.SqlTypes.SqlBoolean Adjust(System.Data.SqlTypes.SqlBoolean value) => throw null; + public System.Data.SqlTypes.SqlByte Adjust(System.Data.SqlTypes.SqlByte value) => throw null; + public System.Data.SqlTypes.SqlBytes Adjust(System.Data.SqlTypes.SqlBytes value) => throw null; + public System.Data.SqlTypes.SqlChars Adjust(System.Data.SqlTypes.SqlChars value) => throw null; + public System.Data.SqlTypes.SqlDateTime Adjust(System.Data.SqlTypes.SqlDateTime value) => throw null; + public System.Data.SqlTypes.SqlDecimal Adjust(System.Data.SqlTypes.SqlDecimal value) => throw null; + public System.Data.SqlTypes.SqlDouble Adjust(System.Data.SqlTypes.SqlDouble value) => throw null; + public System.Data.SqlTypes.SqlGuid Adjust(System.Data.SqlTypes.SqlGuid value) => throw null; + public System.Data.SqlTypes.SqlInt16 Adjust(System.Data.SqlTypes.SqlInt16 value) => throw null; + public System.Data.SqlTypes.SqlInt32 Adjust(System.Data.SqlTypes.SqlInt32 value) => throw null; + public System.Data.SqlTypes.SqlInt64 Adjust(System.Data.SqlTypes.SqlInt64 value) => throw null; + public System.Data.SqlTypes.SqlMoney Adjust(System.Data.SqlTypes.SqlMoney value) => throw null; + public System.Data.SqlTypes.SqlSingle Adjust(System.Data.SqlTypes.SqlSingle value) => throw null; + public System.Data.SqlTypes.SqlString Adjust(System.Data.SqlTypes.SqlString value) => throw null; + public System.Data.SqlTypes.SqlXml Adjust(System.Data.SqlTypes.SqlXml value) => throw null; + public System.DateTime Adjust(System.DateTime value) => throw null; + public System.DateTimeOffset Adjust(System.DateTimeOffset value) => throw null; + public decimal Adjust(decimal value) => throw null; + public double Adjust(double value) => throw null; + public System.Guid Adjust(System.Guid value) => throw null; + public short Adjust(short value) => throw null; + public int Adjust(int value) => throw null; + public long Adjust(long value) => throw null; + public object Adjust(object value) => throw null; + public float Adjust(float value) => throw null; + public string Adjust(string value) => throw null; + public System.TimeSpan Adjust(System.TimeSpan value) => throw null; + public System.Data.SqlTypes.SqlCompareOptions CompareOptions { get => throw null; } + public SqlMetaData(string name, System.Data.SqlDbType dbType) => throw null; + public SqlMetaData(string name, System.Data.SqlDbType dbType, bool useServerDefault, bool isUniqueKey, Microsoft.Data.SqlClient.SortOrder columnSortOrder, int sortOrdinal) => throw null; + public SqlMetaData(string name, System.Data.SqlDbType dbType, byte precision, byte scale) => throw null; + public SqlMetaData(string name, System.Data.SqlDbType dbType, byte precision, byte scale, bool useServerDefault, bool isUniqueKey, Microsoft.Data.SqlClient.SortOrder columnSortOrder, int sortOrdinal) => throw null; + public SqlMetaData(string name, System.Data.SqlDbType dbType, long maxLength) => throw null; + public SqlMetaData(string name, System.Data.SqlDbType dbType, long maxLength, bool useServerDefault, bool isUniqueKey, Microsoft.Data.SqlClient.SortOrder columnSortOrder, int sortOrdinal) => throw null; + public SqlMetaData(string name, System.Data.SqlDbType dbType, long maxLength, byte precision, byte scale, long locale, System.Data.SqlTypes.SqlCompareOptions compareOptions, System.Type userDefinedType) => throw null; + public SqlMetaData(string name, System.Data.SqlDbType dbType, long maxLength, byte precision, byte scale, long localeId, System.Data.SqlTypes.SqlCompareOptions compareOptions, System.Type userDefinedType, bool useServerDefault, bool isUniqueKey, Microsoft.Data.SqlClient.SortOrder columnSortOrder, int sortOrdinal) => throw null; + public SqlMetaData(string name, System.Data.SqlDbType dbType, long maxLength, long locale, System.Data.SqlTypes.SqlCompareOptions compareOptions) => throw null; + public SqlMetaData(string name, System.Data.SqlDbType dbType, long maxLength, long locale, System.Data.SqlTypes.SqlCompareOptions compareOptions, bool useServerDefault, bool isUniqueKey, Microsoft.Data.SqlClient.SortOrder columnSortOrder, int sortOrdinal) => throw null; + public SqlMetaData(string name, System.Data.SqlDbType dbType, string database, string owningSchema, string objectName) => throw null; + public SqlMetaData(string name, System.Data.SqlDbType dbType, string database, string owningSchema, string objectName, bool useServerDefault, bool isUniqueKey, Microsoft.Data.SqlClient.SortOrder columnSortOrder, int sortOrdinal) => throw null; + public SqlMetaData(string name, System.Data.SqlDbType dbType, System.Type userDefinedType) => throw null; + public SqlMetaData(string name, System.Data.SqlDbType dbType, System.Type userDefinedType, string serverTypeName) => throw null; + public SqlMetaData(string name, System.Data.SqlDbType dbType, System.Type userDefinedType, string serverTypeName, bool useServerDefault, bool isUniqueKey, Microsoft.Data.SqlClient.SortOrder columnSortOrder, int sortOrdinal) => throw null; + public System.Data.DbType DbType { get => throw null; } + public static Microsoft.Data.SqlClient.Server.SqlMetaData InferFromValue(object value, string name) => throw null; + public bool IsUniqueKey { get => throw null; } + public long LocaleId { get => throw null; } + public static long Max { get => throw null; } + public long MaxLength { get => throw null; } + public string Name { get => throw null; } + public byte Precision { get => throw null; } + public byte Scale { get => throw null; } + public Microsoft.Data.SqlClient.SortOrder SortOrder { get => throw null; } + public int SortOrdinal { get => throw null; } + public System.Data.SqlDbType SqlDbType { get => throw null; } + public System.Type Type { get => throw null; } + public string TypeName { get => throw null; } + public bool UseServerDefault { get => throw null; } + public string XmlSchemaCollectionDatabase { get => throw null; } + public string XmlSchemaCollectionName { get => throw null; } + public string XmlSchemaCollectionOwningSchema { get => throw null; } + } + } + public enum SortOrder + { + Unspecified = -1, + Ascending = 0, + Descending = 1, + } + public abstract class SqlAuthenticationInitializer + { + protected SqlAuthenticationInitializer() => throw null; + public abstract void Initialize(); + } + public enum SqlAuthenticationMethod + { + NotSpecified = 0, + SqlPassword = 1, + ActiveDirectoryPassword = 2, + ActiveDirectoryIntegrated = 3, + ActiveDirectoryInteractive = 4, + ActiveDirectoryServicePrincipal = 5, + ActiveDirectoryDeviceCodeFlow = 6, + ActiveDirectoryManagedIdentity = 7, + ActiveDirectoryMSI = 8, + ActiveDirectoryDefault = 9, + ActiveDirectoryWorkloadIdentity = 10, + } + public class SqlAuthenticationParameters + { + public Microsoft.Data.SqlClient.SqlAuthenticationMethod AuthenticationMethod { get => throw null; } + public string Authority { get => throw null; } + public System.Guid ConnectionId { get => throw null; } + public int ConnectionTimeout { get => throw null; } + protected SqlAuthenticationParameters(Microsoft.Data.SqlClient.SqlAuthenticationMethod authenticationMethod, string serverName, string databaseName, string resource, string authority, string userId, string password, System.Guid connectionId, int connectionTimeout) => throw null; + public string DatabaseName { get => throw null; } + public string Password { get => throw null; } + public string Resource { get => throw null; } + public string ServerName { get => throw null; } + public string UserId { get => throw null; } + } + public abstract class SqlAuthenticationProvider + { + public abstract System.Threading.Tasks.Task AcquireTokenAsync(Microsoft.Data.SqlClient.SqlAuthenticationParameters parameters); + public virtual void BeforeLoad(Microsoft.Data.SqlClient.SqlAuthenticationMethod authenticationMethod) => throw null; + public virtual void BeforeUnload(Microsoft.Data.SqlClient.SqlAuthenticationMethod authenticationMethod) => throw null; + protected SqlAuthenticationProvider() => throw null; + public static Microsoft.Data.SqlClient.SqlAuthenticationProvider GetProvider(Microsoft.Data.SqlClient.SqlAuthenticationMethod authenticationMethod) => throw null; + public abstract bool IsSupported(Microsoft.Data.SqlClient.SqlAuthenticationMethod authenticationMethod); + public static bool SetProvider(Microsoft.Data.SqlClient.SqlAuthenticationMethod authenticationMethod, Microsoft.Data.SqlClient.SqlAuthenticationProvider provider) => throw null; + } + public class SqlAuthenticationToken + { + public string AccessToken { get => throw null; } + public SqlAuthenticationToken(string accessToken, System.DateTimeOffset expiresOn) => throw null; + public System.DateTimeOffset ExpiresOn { get => throw null; } + } + public class SqlBatch : System.Data.Common.DbBatch + { + public Microsoft.Data.SqlClient.SqlBatchCommandCollection BatchCommands { get => throw null; } + public override void Cancel() => throw null; + public System.Collections.Generic.List Commands { get => throw null; } + public Microsoft.Data.SqlClient.SqlConnection Connection { get => throw null; set { } } + protected override System.Data.Common.DbBatchCommand CreateDbBatchCommand() => throw null; + public SqlBatch() => throw null; + public SqlBatch(Microsoft.Data.SqlClient.SqlConnection connection, Microsoft.Data.SqlClient.SqlTransaction transaction = default(Microsoft.Data.SqlClient.SqlTransaction)) => throw null; + protected override System.Data.Common.DbBatchCommandCollection DbBatchCommands { get => throw null; } + protected override System.Data.Common.DbConnection DbConnection { get => throw null; set { } } + protected override System.Data.Common.DbTransaction DbTransaction { get => throw null; set { } } + public override void Dispose() => throw null; + protected override System.Data.Common.DbDataReader ExecuteDbDataReader(System.Data.CommandBehavior behavior) => throw null; + protected override System.Threading.Tasks.Task ExecuteDbDataReaderAsync(System.Data.CommandBehavior behavior, System.Threading.CancellationToken cancellationToken) => throw null; + public override int ExecuteNonQuery() => throw null; + public override System.Threading.Tasks.Task ExecuteNonQueryAsync(System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public Microsoft.Data.SqlClient.SqlDataReader ExecuteReader() => throw null; + public System.Threading.Tasks.Task ExecuteReaderAsync(System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public override object ExecuteScalar() => throw null; + public override System.Threading.Tasks.Task ExecuteScalarAsync(System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public override void Prepare() => throw null; + public override System.Threading.Tasks.Task PrepareAsync(System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public override int Timeout { get => throw null; set { } } + public Microsoft.Data.SqlClient.SqlTransaction Transaction { get => throw null; set { } } + } + public class SqlBatchCommand : System.Data.Common.DbBatchCommand + { + public Microsoft.Data.SqlClient.SqlCommandColumnEncryptionSetting ColumnEncryptionSetting { get => throw null; set { } } + public System.Data.CommandBehavior CommandBehavior { get => throw null; set { } } + public override string CommandText { get => throw null; set { } } + public override System.Data.CommandType CommandType { get => throw null; set { } } + public SqlBatchCommand() => throw null; + public SqlBatchCommand(string commandText, System.Data.CommandType commandType = default(System.Data.CommandType), System.Collections.Generic.IEnumerable parameters = default(System.Collections.Generic.IEnumerable), Microsoft.Data.SqlClient.SqlCommandColumnEncryptionSetting columnEncryptionSetting = default(Microsoft.Data.SqlClient.SqlCommandColumnEncryptionSetting)) => throw null; + protected override System.Data.Common.DbParameterCollection DbParameterCollection { get => throw null; } + public Microsoft.Data.SqlClient.SqlParameterCollection Parameters { get => throw null; } + public override int RecordsAffected { get => throw null; } + } + public class SqlBatchCommandCollection : System.Data.Common.DbBatchCommandCollection, System.Collections.Generic.ICollection, System.Collections.Generic.IEnumerable, System.Collections.IEnumerable, System.Collections.Generic.IList + { + public void Add(Microsoft.Data.SqlClient.SqlBatchCommand item) => throw null; + public override void Add(System.Data.Common.DbBatchCommand item) => throw null; + public override void Clear() => throw null; + public bool Contains(Microsoft.Data.SqlClient.SqlBatchCommand item) => throw null; + public override bool Contains(System.Data.Common.DbBatchCommand item) => throw null; + public void CopyTo(Microsoft.Data.SqlClient.SqlBatchCommand[] array, int arrayIndex) => throw null; + public override void CopyTo(System.Data.Common.DbBatchCommand[] array, int arrayIndex) => throw null; + public override int Count { get => throw null; } + public SqlBatchCommandCollection() => throw null; + protected override System.Data.Common.DbBatchCommand GetBatchCommand(int index) => throw null; + System.Collections.Generic.IEnumerator System.Collections.Generic.IEnumerable.GetEnumerator() => throw null; + public override System.Collections.Generic.IEnumerator GetEnumerator() => throw null; + System.Collections.IEnumerator System.Collections.IEnumerable.GetEnumerator() => throw null; + public int IndexOf(Microsoft.Data.SqlClient.SqlBatchCommand item) => throw null; + public override int IndexOf(System.Data.Common.DbBatchCommand item) => throw null; + public void Insert(int index, Microsoft.Data.SqlClient.SqlBatchCommand item) => throw null; + public override void Insert(int index, System.Data.Common.DbBatchCommand item) => throw null; + public override bool IsReadOnly { get => throw null; } + Microsoft.Data.SqlClient.SqlBatchCommand System.Collections.Generic.IList.this[int index] { get => throw null; set { } } + public bool Remove(Microsoft.Data.SqlClient.SqlBatchCommand item) => throw null; + public override bool Remove(System.Data.Common.DbBatchCommand item) => throw null; + public override void RemoveAt(int index) => throw null; + protected override void SetBatchCommand(int index, System.Data.Common.DbBatchCommand batchCommand) => throw null; + public Microsoft.Data.SqlClient.SqlBatchCommand this[int index] { get => throw null; set { } } + } + public sealed class SqlBulkCopy : System.IDisposable + { + public int BatchSize { get => throw null; set { } } + public int BulkCopyTimeout { get => throw null; set { } } + public void Close() => throw null; + public Microsoft.Data.SqlClient.SqlBulkCopyColumnMappingCollection ColumnMappings { get => throw null; } + public Microsoft.Data.SqlClient.SqlBulkCopyColumnOrderHintCollection ColumnOrderHints { get => throw null; } + public SqlBulkCopy(Microsoft.Data.SqlClient.SqlConnection connection) => throw null; + public SqlBulkCopy(Microsoft.Data.SqlClient.SqlConnection connection, Microsoft.Data.SqlClient.SqlBulkCopyOptions copyOptions, Microsoft.Data.SqlClient.SqlTransaction externalTransaction) => throw null; + public SqlBulkCopy(string connectionString) => throw null; + public SqlBulkCopy(string connectionString, Microsoft.Data.SqlClient.SqlBulkCopyOptions copyOptions) => throw null; + public string DestinationTableName { get => throw null; set { } } + void System.IDisposable.Dispose() => throw null; + public bool EnableStreaming { get => throw null; set { } } + public int NotifyAfter { get => throw null; set { } } + public int RowsCopied { get => throw null; } + public long RowsCopied64 { get => throw null; } + public event Microsoft.Data.SqlClient.SqlRowsCopiedEventHandler SqlRowsCopied; + public void WriteToServer(System.Data.Common.DbDataReader reader) => throw null; + public void WriteToServer(System.Data.DataTable table) => throw null; + public void WriteToServer(System.Data.DataTable table, System.Data.DataRowState rowState) => throw null; + public void WriteToServer(System.Data.DataRow[] rows) => throw null; + public void WriteToServer(System.Data.IDataReader reader) => throw null; + public System.Threading.Tasks.Task WriteToServerAsync(System.Data.Common.DbDataReader reader) => throw null; + public System.Threading.Tasks.Task WriteToServerAsync(System.Data.Common.DbDataReader reader, System.Threading.CancellationToken cancellationToken) => throw null; + public System.Threading.Tasks.Task WriteToServerAsync(System.Data.DataRow[] rows) => throw null; + public System.Threading.Tasks.Task WriteToServerAsync(System.Data.DataRow[] rows, System.Threading.CancellationToken cancellationToken) => throw null; + public System.Threading.Tasks.Task WriteToServerAsync(System.Data.DataTable table) => throw null; + public System.Threading.Tasks.Task WriteToServerAsync(System.Data.DataTable table, System.Data.DataRowState rowState) => throw null; + public System.Threading.Tasks.Task WriteToServerAsync(System.Data.DataTable table, System.Data.DataRowState rowState, System.Threading.CancellationToken cancellationToken) => throw null; + public System.Threading.Tasks.Task WriteToServerAsync(System.Data.DataTable table, System.Threading.CancellationToken cancellationToken) => throw null; + public System.Threading.Tasks.Task WriteToServerAsync(System.Data.IDataReader reader) => throw null; + public System.Threading.Tasks.Task WriteToServerAsync(System.Data.IDataReader reader, System.Threading.CancellationToken cancellationToken) => throw null; + } + public sealed class SqlBulkCopyColumnMapping + { + public SqlBulkCopyColumnMapping() => throw null; + public SqlBulkCopyColumnMapping(int sourceColumnOrdinal, int destinationOrdinal) => throw null; + public SqlBulkCopyColumnMapping(int sourceColumnOrdinal, string destinationColumn) => throw null; + public SqlBulkCopyColumnMapping(string sourceColumn, int destinationOrdinal) => throw null; + public SqlBulkCopyColumnMapping(string sourceColumn, string destinationColumn) => throw null; + public string DestinationColumn { get => throw null; set { } } + public int DestinationOrdinal { get => throw null; set { } } + public string SourceColumn { get => throw null; set { } } + public int SourceOrdinal { get => throw null; set { } } + } + public sealed class SqlBulkCopyColumnMappingCollection : System.Collections.CollectionBase + { + public Microsoft.Data.SqlClient.SqlBulkCopyColumnMapping Add(Microsoft.Data.SqlClient.SqlBulkCopyColumnMapping bulkCopyColumnMapping) => throw null; + public Microsoft.Data.SqlClient.SqlBulkCopyColumnMapping Add(int sourceColumnIndex, int destinationColumnIndex) => throw null; + public Microsoft.Data.SqlClient.SqlBulkCopyColumnMapping Add(int sourceColumnIndex, string destinationColumn) => throw null; + public Microsoft.Data.SqlClient.SqlBulkCopyColumnMapping Add(string sourceColumn, int destinationColumnIndex) => throw null; + public Microsoft.Data.SqlClient.SqlBulkCopyColumnMapping Add(string sourceColumn, string destinationColumn) => throw null; + public void Clear() => throw null; + public bool Contains(Microsoft.Data.SqlClient.SqlBulkCopyColumnMapping value) => throw null; + public void CopyTo(Microsoft.Data.SqlClient.SqlBulkCopyColumnMapping[] array, int index) => throw null; + public int IndexOf(Microsoft.Data.SqlClient.SqlBulkCopyColumnMapping value) => throw null; + public void Insert(int index, Microsoft.Data.SqlClient.SqlBulkCopyColumnMapping value) => throw null; + public void Remove(Microsoft.Data.SqlClient.SqlBulkCopyColumnMapping value) => throw null; + public void RemoveAt(int index) => throw null; + public Microsoft.Data.SqlClient.SqlBulkCopyColumnMapping this[int index] { get => throw null; } + } + public sealed class SqlBulkCopyColumnOrderHint + { + public string Column { get => throw null; set { } } + public SqlBulkCopyColumnOrderHint(string column, Microsoft.Data.SqlClient.SortOrder sortOrder) => throw null; + public Microsoft.Data.SqlClient.SortOrder SortOrder { get => throw null; set { } } + } + public sealed class SqlBulkCopyColumnOrderHintCollection : System.Collections.CollectionBase + { + public Microsoft.Data.SqlClient.SqlBulkCopyColumnOrderHint Add(Microsoft.Data.SqlClient.SqlBulkCopyColumnOrderHint columnOrderHint) => throw null; + public Microsoft.Data.SqlClient.SqlBulkCopyColumnOrderHint Add(string column, Microsoft.Data.SqlClient.SortOrder sortOrder) => throw null; + public void Clear() => throw null; + public bool Contains(Microsoft.Data.SqlClient.SqlBulkCopyColumnOrderHint value) => throw null; + public void CopyTo(Microsoft.Data.SqlClient.SqlBulkCopyColumnOrderHint[] array, int index) => throw null; + public SqlBulkCopyColumnOrderHintCollection() => throw null; + public int IndexOf(Microsoft.Data.SqlClient.SqlBulkCopyColumnOrderHint value) => throw null; + public void Insert(int index, Microsoft.Data.SqlClient.SqlBulkCopyColumnOrderHint columnOrderHint) => throw null; + public void Remove(Microsoft.Data.SqlClient.SqlBulkCopyColumnOrderHint columnOrderHint) => throw null; + public void RemoveAt(int index) => throw null; + public Microsoft.Data.SqlClient.SqlBulkCopyColumnOrderHint this[int index] { get => throw null; } + } + [System.Flags] + public enum SqlBulkCopyOptions + { + AllowEncryptedValueModifications = 64, + CheckConstraints = 2, + Default = 0, + FireTriggers = 16, + KeepIdentity = 1, + KeepNulls = 8, + TableLock = 4, + UseInternalTransaction = 32, + } + public sealed class SqlClientFactory : System.Data.Common.DbProviderFactory + { + public override bool CanCreateBatch { get => throw null; } + public override System.Data.Common.DbBatch CreateBatch() => throw null; + public override System.Data.Common.DbBatchCommand CreateBatchCommand() => throw null; + public override System.Data.Common.DbCommand CreateCommand() => throw null; + public override System.Data.Common.DbCommandBuilder CreateCommandBuilder() => throw null; + public override System.Data.Common.DbConnection CreateConnection() => throw null; + public override System.Data.Common.DbConnectionStringBuilder CreateConnectionStringBuilder() => throw null; + public override System.Data.Common.DbDataAdapter CreateDataAdapter() => throw null; + public override System.Data.Common.DbDataSourceEnumerator CreateDataSourceEnumerator() => throw null; + public override System.Data.Common.DbParameter CreateParameter() => throw null; + public static readonly Microsoft.Data.SqlClient.SqlClientFactory Instance; + } + public class SqlClientLogger + { + public SqlClientLogger() => throw null; + public bool IsLoggingEnabled { get => throw null; } + public bool LogAssert(bool value, string type, string method, string message) => throw null; + public void LogError(string type, string method, string message) => throw null; + public void LogInfo(string type, string method, string message) => throw null; + public void LogWarning(string type, string method, string message) => throw null; + } + public static class SqlClientMetaDataCollectionNames + { + public static readonly string AllColumns; + public static readonly string Columns; + public static readonly string ColumnSetColumns; + public static readonly string Databases; + public static readonly string ForeignKeys; + public static readonly string IndexColumns; + public static readonly string Indexes; + public static readonly string ProcedureParameters; + public static readonly string Procedures; + public static readonly string StructuredTypeMembers; + public static readonly string Tables; + public static readonly string UserDefinedTypes; + public static readonly string Users; + public static readonly string ViewColumns; + public static readonly string Views; + } + public class SqlColumnEncryptionCertificateStoreProvider : Microsoft.Data.SqlClient.SqlColumnEncryptionKeyStoreProvider + { + public SqlColumnEncryptionCertificateStoreProvider() => throw null; + public override byte[] DecryptColumnEncryptionKey(string masterKeyPath, string encryptionAlgorithm, byte[] encryptedColumnEncryptionKey) => throw null; + public override byte[] EncryptColumnEncryptionKey(string masterKeyPath, string encryptionAlgorithm, byte[] columnEncryptionKey) => throw null; + public const string ProviderName = default; + public override byte[] SignColumnMasterKeyMetadata(string masterKeyPath, bool allowEnclaveComputations) => throw null; + public override bool VerifyColumnMasterKeyMetadata(string masterKeyPath, bool allowEnclaveComputations, byte[] signature) => throw null; + } + public class SqlColumnEncryptionCngProvider : Microsoft.Data.SqlClient.SqlColumnEncryptionKeyStoreProvider + { + public SqlColumnEncryptionCngProvider() => throw null; + public override byte[] DecryptColumnEncryptionKey(string masterKeyPath, string encryptionAlgorithm, byte[] encryptedColumnEncryptionKey) => throw null; + public override byte[] EncryptColumnEncryptionKey(string masterKeyPath, string encryptionAlgorithm, byte[] columnEncryptionKey) => throw null; + public const string ProviderName = default; + public override byte[] SignColumnMasterKeyMetadata(string masterKeyPath, bool allowEnclaveComputations) => throw null; + public override bool VerifyColumnMasterKeyMetadata(string masterKeyPath, bool allowEnclaveComputations, byte[] signature) => throw null; + } + public class SqlColumnEncryptionCspProvider : Microsoft.Data.SqlClient.SqlColumnEncryptionKeyStoreProvider + { + public SqlColumnEncryptionCspProvider() => throw null; + public override byte[] DecryptColumnEncryptionKey(string masterKeyPath, string encryptionAlgorithm, byte[] encryptedColumnEncryptionKey) => throw null; + public override byte[] EncryptColumnEncryptionKey(string masterKeyPath, string encryptionAlgorithm, byte[] columnEncryptionKey) => throw null; + public const string ProviderName = default; + public override byte[] SignColumnMasterKeyMetadata(string masterKeyPath, bool allowEnclaveComputations) => throw null; + public override bool VerifyColumnMasterKeyMetadata(string masterKeyPath, bool allowEnclaveComputations, byte[] signature) => throw null; + } + public abstract class SqlColumnEncryptionKeyStoreProvider + { + public virtual System.TimeSpan? ColumnEncryptionKeyCacheTtl { get => throw null; set { } } + protected SqlColumnEncryptionKeyStoreProvider() => throw null; + public abstract byte[] DecryptColumnEncryptionKey(string masterKeyPath, string encryptionAlgorithm, byte[] encryptedColumnEncryptionKey); + public abstract byte[] EncryptColumnEncryptionKey(string masterKeyPath, string encryptionAlgorithm, byte[] columnEncryptionKey); + public virtual byte[] SignColumnMasterKeyMetadata(string masterKeyPath, bool allowEnclaveComputations) => throw null; + public virtual bool VerifyColumnMasterKeyMetadata(string masterKeyPath, bool allowEnclaveComputations, byte[] signature) => throw null; + } + public sealed class SqlCommand : System.Data.Common.DbCommand, System.ICloneable + { + public System.IAsyncResult BeginExecuteNonQuery() => throw null; + public System.IAsyncResult BeginExecuteNonQuery(System.AsyncCallback callback, object stateObject) => throw null; + public System.IAsyncResult BeginExecuteReader() => throw null; + public System.IAsyncResult BeginExecuteReader(System.AsyncCallback callback, object stateObject) => throw null; + public System.IAsyncResult BeginExecuteReader(System.AsyncCallback callback, object stateObject, System.Data.CommandBehavior behavior) => throw null; + public System.IAsyncResult BeginExecuteReader(System.Data.CommandBehavior behavior) => throw null; + public System.IAsyncResult BeginExecuteXmlReader() => throw null; + public System.IAsyncResult BeginExecuteXmlReader(System.AsyncCallback callback, object stateObject) => throw null; + public override void Cancel() => throw null; + object System.ICloneable.Clone() => throw null; + public Microsoft.Data.SqlClient.SqlCommand Clone() => throw null; + public Microsoft.Data.SqlClient.SqlCommandColumnEncryptionSetting ColumnEncryptionSetting { get => throw null; } + public override string CommandText { get => throw null; set { } } + public override int CommandTimeout { get => throw null; set { } } + public override System.Data.CommandType CommandType { get => throw null; set { } } + public Microsoft.Data.SqlClient.SqlConnection Connection { get => throw null; set { } } + protected override System.Data.Common.DbParameter CreateDbParameter() => throw null; + public Microsoft.Data.SqlClient.SqlParameter CreateParameter() => throw null; + public SqlCommand() => throw null; + public SqlCommand(string cmdText) => throw null; + public SqlCommand(string cmdText, Microsoft.Data.SqlClient.SqlConnection connection) => throw null; + public SqlCommand(string cmdText, Microsoft.Data.SqlClient.SqlConnection connection, Microsoft.Data.SqlClient.SqlTransaction transaction) => throw null; + public SqlCommand(string cmdText, Microsoft.Data.SqlClient.SqlConnection connection, Microsoft.Data.SqlClient.SqlTransaction transaction, Microsoft.Data.SqlClient.SqlCommandColumnEncryptionSetting columnEncryptionSetting) => throw null; + protected override System.Data.Common.DbConnection DbConnection { get => throw null; set { } } + protected override System.Data.Common.DbParameterCollection DbParameterCollection { get => throw null; } + protected override System.Data.Common.DbTransaction DbTransaction { get => throw null; set { } } + public override bool DesignTimeVisible { get => throw null; set { } } + protected override void Dispose(bool disposing) => throw null; + public bool EnableOptimizedParameterBinding { get => throw null; set { } } + public int EndExecuteNonQuery(System.IAsyncResult asyncResult) => throw null; + public Microsoft.Data.SqlClient.SqlDataReader EndExecuteReader(System.IAsyncResult asyncResult) => throw null; + public System.Xml.XmlReader EndExecuteXmlReader(System.IAsyncResult asyncResult) => throw null; + protected override System.Data.Common.DbDataReader ExecuteDbDataReader(System.Data.CommandBehavior behavior) => throw null; + protected override System.Threading.Tasks.Task ExecuteDbDataReaderAsync(System.Data.CommandBehavior behavior, System.Threading.CancellationToken cancellationToken) => throw null; + public override int ExecuteNonQuery() => throw null; + public override System.Threading.Tasks.Task ExecuteNonQueryAsync(System.Threading.CancellationToken cancellationToken) => throw null; + public Microsoft.Data.SqlClient.SqlDataReader ExecuteReader() => throw null; + public Microsoft.Data.SqlClient.SqlDataReader ExecuteReader(System.Data.CommandBehavior behavior) => throw null; + public System.Threading.Tasks.Task ExecuteReaderAsync() => throw null; + public System.Threading.Tasks.Task ExecuteReaderAsync(System.Data.CommandBehavior behavior) => throw null; + public System.Threading.Tasks.Task ExecuteReaderAsync(System.Data.CommandBehavior behavior, System.Threading.CancellationToken cancellationToken) => throw null; + public System.Threading.Tasks.Task ExecuteReaderAsync(System.Threading.CancellationToken cancellationToken) => throw null; + public override object ExecuteScalar() => throw null; + public override System.Threading.Tasks.Task ExecuteScalarAsync(System.Threading.CancellationToken cancellationToken) => throw null; + public System.Xml.XmlReader ExecuteXmlReader() => throw null; + public System.Threading.Tasks.Task ExecuteXmlReaderAsync() => throw null; + public System.Threading.Tasks.Task ExecuteXmlReaderAsync(System.Threading.CancellationToken cancellationToken) => throw null; + public Microsoft.Data.Sql.SqlNotificationRequest Notification { get => throw null; set { } } + public Microsoft.Data.SqlClient.SqlParameterCollection Parameters { get => throw null; } + public override void Prepare() => throw null; + public void RegisterColumnEncryptionKeyStoreProvidersOnCommand(System.Collections.Generic.IDictionary customProviders) => throw null; + public void ResetCommandTimeout() => throw null; + public Microsoft.Data.SqlClient.SqlRetryLogicBaseProvider RetryLogicProvider { get => throw null; set { } } + public event System.Data.StatementCompletedEventHandler StatementCompleted; + public Microsoft.Data.SqlClient.SqlTransaction Transaction { get => throw null; set { } } + public override System.Data.UpdateRowSource UpdatedRowSource { get => throw null; set { } } + } + public sealed class SqlCommandBuilder : System.Data.Common.DbCommandBuilder + { + protected override void ApplyParameterInfo(System.Data.Common.DbParameter parameter, System.Data.DataRow datarow, System.Data.StatementType statementType, bool whereClause) => throw null; + public override System.Data.Common.CatalogLocation CatalogLocation { get => throw null; set { } } + public override string CatalogSeparator { get => throw null; set { } } + public SqlCommandBuilder() => throw null; + public SqlCommandBuilder(Microsoft.Data.SqlClient.SqlDataAdapter adapter) => throw null; + public Microsoft.Data.SqlClient.SqlDataAdapter DataAdapter { get => throw null; set { } } + public static void DeriveParameters(Microsoft.Data.SqlClient.SqlCommand command) => throw null; + public Microsoft.Data.SqlClient.SqlCommand GetDeleteCommand() => throw null; + public Microsoft.Data.SqlClient.SqlCommand GetDeleteCommand(bool useColumnsForParameterNames) => throw null; + public Microsoft.Data.SqlClient.SqlCommand GetInsertCommand() => throw null; + public Microsoft.Data.SqlClient.SqlCommand GetInsertCommand(bool useColumnsForParameterNames) => throw null; + protected override string GetParameterName(int parameterOrdinal) => throw null; + protected override string GetParameterName(string parameterName) => throw null; + protected override string GetParameterPlaceholder(int parameterOrdinal) => throw null; + protected override System.Data.DataTable GetSchemaTable(System.Data.Common.DbCommand srcCommand) => throw null; + public Microsoft.Data.SqlClient.SqlCommand GetUpdateCommand() => throw null; + public Microsoft.Data.SqlClient.SqlCommand GetUpdateCommand(bool useColumnsForParameterNames) => throw null; + protected override System.Data.Common.DbCommand InitializeCommand(System.Data.Common.DbCommand command) => throw null; + public override string QuoteIdentifier(string unquotedIdentifier) => throw null; + public override string QuotePrefix { get => throw null; set { } } + public override string QuoteSuffix { get => throw null; set { } } + public override string SchemaSeparator { get => throw null; set { } } + protected override void SetRowUpdatingHandler(System.Data.Common.DbDataAdapter adapter) => throw null; + public override string UnquoteIdentifier(string quotedIdentifier) => throw null; + } + public enum SqlCommandColumnEncryptionSetting + { + Disabled = 3, + Enabled = 1, + ResultSetOnly = 2, + UseConnectionSetting = 0, + } + public sealed class SqlConfigurableRetryFactory + { + public static Microsoft.Data.SqlClient.SqlRetryLogicBaseProvider CreateExponentialRetryProvider(Microsoft.Data.SqlClient.SqlRetryLogicOption retryLogicOption) => throw null; + public static Microsoft.Data.SqlClient.SqlRetryLogicBaseProvider CreateFixedRetryProvider(Microsoft.Data.SqlClient.SqlRetryLogicOption retryLogicOption) => throw null; + public static Microsoft.Data.SqlClient.SqlRetryLogicBaseProvider CreateIncrementalRetryProvider(Microsoft.Data.SqlClient.SqlRetryLogicOption retryLogicOption) => throw null; + public static Microsoft.Data.SqlClient.SqlRetryLogicBaseProvider CreateNoneRetryProvider() => throw null; + public SqlConfigurableRetryFactory() => throw null; + } + public sealed class SqlConnection : System.Data.Common.DbConnection, System.ICloneable + { + public string AccessToken { get => throw null; set { } } + public System.Func> AccessTokenCallback { get => throw null; set { } } + protected override System.Data.Common.DbTransaction BeginDbTransaction(System.Data.IsolationLevel isolationLevel) => throw null; + public Microsoft.Data.SqlClient.SqlTransaction BeginTransaction() => throw null; + public Microsoft.Data.SqlClient.SqlTransaction BeginTransaction(System.Data.IsolationLevel iso) => throw null; + public Microsoft.Data.SqlClient.SqlTransaction BeginTransaction(System.Data.IsolationLevel iso, string transactionName) => throw null; + public Microsoft.Data.SqlClient.SqlTransaction BeginTransaction(string transactionName) => throw null; + public override bool CanCreateBatch { get => throw null; } + public override void ChangeDatabase(string database) => throw null; + public static void ChangePassword(string connectionString, Microsoft.Data.SqlClient.SqlCredential credential, System.Security.SecureString newSecurePassword) => throw null; + public static void ChangePassword(string connectionString, string newPassword) => throw null; + public static void ClearAllPools() => throw null; + public static void ClearPool(Microsoft.Data.SqlClient.SqlConnection connection) => throw null; + public System.Guid ClientConnectionId { get => throw null; } + object System.ICloneable.Clone() => throw null; + public override void Close() => throw null; + public static System.TimeSpan ColumnEncryptionKeyCacheTtl { get => throw null; set { } } + public static bool ColumnEncryptionQueryMetadataCacheEnabled { get => throw null; set { } } + public static System.Collections.Generic.IDictionary> ColumnEncryptionTrustedMasterKeyPaths { get => throw null; } + public int CommandTimeout { get => throw null; } + public override string ConnectionString { get => throw null; set { } } + public override int ConnectionTimeout { get => throw null; } + public Microsoft.Data.SqlClient.SqlCommand CreateCommand() => throw null; + protected override System.Data.Common.DbBatch CreateDbBatch() => throw null; + protected override System.Data.Common.DbCommand CreateDbCommand() => throw null; + public Microsoft.Data.SqlClient.SqlCredential Credential { get => throw null; set { } } + public SqlConnection() => throw null; + public SqlConnection(string connectionString) => throw null; + public SqlConnection(string connectionString, Microsoft.Data.SqlClient.SqlCredential credential) => throw null; + public override string Database { get => throw null; } + public override string DataSource { get => throw null; } + protected override void Dispose(bool disposing) => throw null; + public bool FireInfoMessageEventOnUserErrors { get => throw null; set { } } + public override System.Data.DataTable GetSchema() => throw null; + public override System.Data.DataTable GetSchema(string collectionName) => throw null; + public override System.Data.DataTable GetSchema(string collectionName, string[] restrictionValues) => throw null; + public event Microsoft.Data.SqlClient.SqlInfoMessageEventHandler InfoMessage; + public override void Open() => throw null; + public void Open(Microsoft.Data.SqlClient.SqlConnectionOverrides overrides) => throw null; + public override System.Threading.Tasks.Task OpenAsync(System.Threading.CancellationToken cancellationToken) => throw null; + public System.Threading.Tasks.Task OpenAsync(Microsoft.Data.SqlClient.SqlConnectionOverrides overrides, System.Threading.CancellationToken cancellationToken) => throw null; + public int PacketSize { get => throw null; } + public static void RegisterColumnEncryptionKeyStoreProviders(System.Collections.Generic.IDictionary customProviders) => throw null; + public void RegisterColumnEncryptionKeyStoreProvidersOnConnection(System.Collections.Generic.IDictionary customProviders) => throw null; + public void ResetStatistics() => throw null; + public System.Collections.Generic.IDictionary RetrieveInternalInfo() => throw null; + public System.Collections.IDictionary RetrieveStatistics() => throw null; + public Microsoft.Data.SqlClient.SqlRetryLogicBaseProvider RetryLogicProvider { get => throw null; set { } } + public int ServerProcessId { get => throw null; } + public override string ServerVersion { get => throw null; } + public override System.Data.ConnectionState State { get => throw null; } + public bool StatisticsEnabled { get => throw null; set { } } + public string WorkstationId { get => throw null; } + } + public enum SqlConnectionAttestationProtocol + { + NotSpecified = 0, + AAS = 1, + None = 2, + HGS = 3, + } + public enum SqlConnectionColumnEncryptionSetting + { + Disabled = 0, + Enabled = 1, + } + public sealed class SqlConnectionEncryptOption + { + public SqlConnectionEncryptOption() => throw null; + public override bool Equals(object obj) => throw null; + public override int GetHashCode() => throw null; + public static Microsoft.Data.SqlClient.SqlConnectionEncryptOption Mandatory { get => throw null; } + public static implicit operator Microsoft.Data.SqlClient.SqlConnectionEncryptOption(bool value) => throw null; + public static implicit operator bool(Microsoft.Data.SqlClient.SqlConnectionEncryptOption value) => throw null; + public static Microsoft.Data.SqlClient.SqlConnectionEncryptOption Optional { get => throw null; } + public static Microsoft.Data.SqlClient.SqlConnectionEncryptOption Parse(string value) => throw null; + public static Microsoft.Data.SqlClient.SqlConnectionEncryptOption Strict { get => throw null; } + public override string ToString() => throw null; + public static bool TryParse(string value, out Microsoft.Data.SqlClient.SqlConnectionEncryptOption result) => throw null; + } + public enum SqlConnectionIPAddressPreference + { + IPv4First = 0, + IPv6First = 1, + UsePlatformDefault = 2, + } + public enum SqlConnectionOverrides + { + None = 0, + OpenWithoutRetry = 1, + } + public sealed class SqlConnectionStringBuilder : System.Data.Common.DbConnectionStringBuilder + { + public Microsoft.Data.SqlClient.ApplicationIntent ApplicationIntent { get => throw null; set { } } + public string ApplicationName { get => throw null; set { } } + public string AttachDBFilename { get => throw null; set { } } + public Microsoft.Data.SqlClient.SqlConnectionAttestationProtocol AttestationProtocol { get => throw null; set { } } + public Microsoft.Data.SqlClient.SqlAuthenticationMethod Authentication { get => throw null; set { } } + public override void Clear() => throw null; + public Microsoft.Data.SqlClient.SqlConnectionColumnEncryptionSetting ColumnEncryptionSetting { get => throw null; set { } } + public int CommandTimeout { get => throw null; set { } } + public int ConnectRetryCount { get => throw null; set { } } + public int ConnectRetryInterval { get => throw null; set { } } + public int ConnectTimeout { get => throw null; set { } } + public override bool ContainsKey(string keyword) => throw null; + public SqlConnectionStringBuilder() => throw null; + public SqlConnectionStringBuilder(string connectionString) => throw null; + public string CurrentLanguage { get => throw null; set { } } + public string DataSource { get => throw null; set { } } + public string EnclaveAttestationUrl { get => throw null; set { } } + public Microsoft.Data.SqlClient.SqlConnectionEncryptOption Encrypt { get => throw null; set { } } + public bool Enlist { get => throw null; set { } } + public string FailoverPartner { get => throw null; set { } } + public string FailoverPartnerSPN { get => throw null; set { } } + public string HostNameInCertificate { get => throw null; set { } } + public string InitialCatalog { get => throw null; set { } } + public bool IntegratedSecurity { get => throw null; set { } } + public Microsoft.Data.SqlClient.SqlConnectionIPAddressPreference IPAddressPreference { get => throw null; set { } } + public override bool IsFixedSize { get => throw null; } + public override System.Collections.ICollection Keys { get => throw null; } + public int LoadBalanceTimeout { get => throw null; set { } } + public int MaxPoolSize { get => throw null; set { } } + public int MinPoolSize { get => throw null; set { } } + public bool MultipleActiveResultSets { get => throw null; set { } } + public bool MultiSubnetFailover { get => throw null; set { } } + public int PacketSize { get => throw null; set { } } + public string Password { get => throw null; set { } } + public bool PersistSecurityInfo { get => throw null; set { } } + public Microsoft.Data.SqlClient.PoolBlockingPeriod PoolBlockingPeriod { get => throw null; set { } } + public bool Pooling { get => throw null; set { } } + public override bool Remove(string keyword) => throw null; + public bool Replication { get => throw null; set { } } + public string ServerCertificate { get => throw null; set { } } + public string ServerSPN { get => throw null; set { } } + public override bool ShouldSerialize(string keyword) => throw null; + public override object this[string keyword] { get => throw null; set { } } + public string TransactionBinding { get => throw null; set { } } + public bool TrustServerCertificate { get => throw null; set { } } + public override bool TryGetValue(string keyword, out object value) => throw null; + public string TypeSystemVersion { get => throw null; set { } } + public string UserID { get => throw null; set { } } + public bool UserInstance { get => throw null; set { } } + public override System.Collections.ICollection Values { get => throw null; } + public string WorkstationID { get => throw null; set { } } + } + public sealed class SqlCredential + { + public SqlCredential(string userId, System.Security.SecureString password) => throw null; + public System.Security.SecureString Password { get => throw null; } + public string UserId { get => throw null; } + } + public sealed class SqlDataAdapter : System.Data.Common.DbDataAdapter, System.ICloneable, System.Data.IDataAdapter, System.Data.IDbDataAdapter + { + object System.ICloneable.Clone() => throw null; + public SqlDataAdapter() => throw null; + public SqlDataAdapter(Microsoft.Data.SqlClient.SqlCommand selectCommand) => throw null; + public SqlDataAdapter(string selectCommandText, Microsoft.Data.SqlClient.SqlConnection selectConnection) => throw null; + public SqlDataAdapter(string selectCommandText, string selectConnectionString) => throw null; + public Microsoft.Data.SqlClient.SqlCommand DeleteCommand { get => throw null; set { } } + System.Data.IDbCommand System.Data.IDbDataAdapter.DeleteCommand { get => throw null; set { } } + public Microsoft.Data.SqlClient.SqlCommand InsertCommand { get => throw null; set { } } + System.Data.IDbCommand System.Data.IDbDataAdapter.InsertCommand { get => throw null; set { } } + protected override void OnRowUpdated(System.Data.Common.RowUpdatedEventArgs value) => throw null; + protected override void OnRowUpdating(System.Data.Common.RowUpdatingEventArgs value) => throw null; + public event Microsoft.Data.SqlClient.SqlRowUpdatedEventHandler RowUpdated; + public event Microsoft.Data.SqlClient.SqlRowUpdatingEventHandler RowUpdating; + public Microsoft.Data.SqlClient.SqlCommand SelectCommand { get => throw null; set { } } + System.Data.IDbCommand System.Data.IDbDataAdapter.SelectCommand { get => throw null; set { } } + public override int UpdateBatchSize { get => throw null; set { } } + System.Data.IDbCommand System.Data.IDbDataAdapter.UpdateCommand { get => throw null; set { } } + public Microsoft.Data.SqlClient.SqlCommand UpdateCommand { get => throw null; set { } } + } + public class SqlDataReader : System.Data.Common.DbDataReader, System.Data.IDataReader, System.Data.IDataRecord, System.IDisposable + { + public override void Close() => throw null; + protected Microsoft.Data.SqlClient.SqlConnection Connection { get => throw null; } + public override int Depth { get => throw null; } + public override int FieldCount { get => throw null; } + public override bool GetBoolean(int i) => throw null; + public override byte GetByte(int i) => throw null; + public override long GetBytes(int i, long dataIndex, byte[] buffer, int bufferIndex, int length) => throw null; + public override char GetChar(int i) => throw null; + public override long GetChars(int i, long dataIndex, char[] buffer, int bufferIndex, int length) => throw null; + public System.Collections.ObjectModel.ReadOnlyCollection GetColumnSchema() => throw null; + System.Data.IDataReader System.Data.IDataRecord.GetData(int i) => throw null; + public override string GetDataTypeName(int i) => throw null; + public override System.DateTime GetDateTime(int i) => throw null; + public virtual System.DateTimeOffset GetDateTimeOffset(int i) => throw null; + public override decimal GetDecimal(int i) => throw null; + public override double GetDouble(int i) => throw null; + public override System.Collections.IEnumerator GetEnumerator() => throw null; + public override System.Type GetFieldType(int i) => throw null; + public override T GetFieldValue(int i) => throw null; + public override System.Threading.Tasks.Task GetFieldValueAsync(int i, System.Threading.CancellationToken cancellationToken) => throw null; + public override float GetFloat(int i) => throw null; + public override System.Guid GetGuid(int i) => throw null; + public override short GetInt16(int i) => throw null; + public override int GetInt32(int i) => throw null; + public override long GetInt64(int i) => throw null; + public override string GetName(int i) => throw null; + public override int GetOrdinal(string name) => throw null; + public override System.Type GetProviderSpecificFieldType(int i) => throw null; + public override object GetProviderSpecificValue(int i) => throw null; + public override int GetProviderSpecificValues(object[] values) => throw null; + public override System.Data.DataTable GetSchemaTable() => throw null; + public virtual System.Data.SqlTypes.SqlBinary GetSqlBinary(int i) => throw null; + public virtual System.Data.SqlTypes.SqlBoolean GetSqlBoolean(int i) => throw null; + public virtual System.Data.SqlTypes.SqlByte GetSqlByte(int i) => throw null; + public virtual System.Data.SqlTypes.SqlBytes GetSqlBytes(int i) => throw null; + public virtual System.Data.SqlTypes.SqlChars GetSqlChars(int i) => throw null; + public virtual System.Data.SqlTypes.SqlDateTime GetSqlDateTime(int i) => throw null; + public virtual System.Data.SqlTypes.SqlDecimal GetSqlDecimal(int i) => throw null; + public virtual System.Data.SqlTypes.SqlDouble GetSqlDouble(int i) => throw null; + public virtual System.Data.SqlTypes.SqlGuid GetSqlGuid(int i) => throw null; + public virtual System.Data.SqlTypes.SqlInt16 GetSqlInt16(int i) => throw null; + public virtual System.Data.SqlTypes.SqlInt32 GetSqlInt32(int i) => throw null; + public virtual System.Data.SqlTypes.SqlInt64 GetSqlInt64(int i) => throw null; + public virtual Microsoft.Data.SqlTypes.SqlJson GetSqlJson(int i) => throw null; + public virtual System.Data.SqlTypes.SqlMoney GetSqlMoney(int i) => throw null; + public virtual System.Data.SqlTypes.SqlSingle GetSqlSingle(int i) => throw null; + public virtual System.Data.SqlTypes.SqlString GetSqlString(int i) => throw null; + public virtual object GetSqlValue(int i) => throw null; + public virtual int GetSqlValues(object[] values) => throw null; + public virtual System.Data.SqlTypes.SqlXml GetSqlXml(int i) => throw null; + public override System.IO.Stream GetStream(int i) => throw null; + public override string GetString(int i) => throw null; + public override System.IO.TextReader GetTextReader(int i) => throw null; + public virtual System.TimeSpan GetTimeSpan(int i) => throw null; + public override object GetValue(int i) => throw null; + public override int GetValues(object[] values) => throw null; + public virtual System.Xml.XmlReader GetXmlReader(int i) => throw null; + public override bool HasRows { get => throw null; } + public override bool IsClosed { get => throw null; } + protected bool IsCommandBehavior(System.Data.CommandBehavior condition) => throw null; + public override bool IsDBNull(int i) => throw null; + public override System.Threading.Tasks.Task IsDBNullAsync(int i, System.Threading.CancellationToken cancellationToken) => throw null; + public override bool NextResult() => throw null; + public override System.Threading.Tasks.Task NextResultAsync(System.Threading.CancellationToken cancellationToken) => throw null; + public override bool Read() => throw null; + public override System.Threading.Tasks.Task ReadAsync(System.Threading.CancellationToken cancellationToken) => throw null; + public override int RecordsAffected { get => throw null; } + public Microsoft.Data.SqlClient.DataClassification.SensitivityClassification SensitivityClassification { get => throw null; } + public override object this[int i] { get => throw null; } + public override object this[string name] { get => throw null; } + public override int VisibleFieldCount { get => throw null; } + } + public sealed class SqlDependency + { + public void AddCommandDependency(Microsoft.Data.SqlClient.SqlCommand command) => throw null; + public SqlDependency() => throw null; + public SqlDependency(Microsoft.Data.SqlClient.SqlCommand command) => throw null; + public SqlDependency(Microsoft.Data.SqlClient.SqlCommand command, string options, int timeout) => throw null; + public bool HasChanges { get => throw null; } + public string Id { get => throw null; } + public event Microsoft.Data.SqlClient.OnChangeEventHandler OnChange; + public static bool Start(string connectionString) => throw null; + public static bool Start(string connectionString, string queue) => throw null; + public static bool Stop(string connectionString) => throw null; + public static bool Stop(string connectionString, string queue) => throw null; + } + public sealed class SqlError + { + public byte Class { get => throw null; } + public int LineNumber { get => throw null; } + public string Message { get => throw null; } + public int Number { get => throw null; } + public string Procedure { get => throw null; } + public string Server { get => throw null; } + public string Source { get => throw null; } + public byte State { get => throw null; } + public override string ToString() => throw null; + } + public sealed class SqlErrorCollection : System.Collections.ICollection, System.Collections.IEnumerable + { + public void CopyTo(System.Array array, int index) => throw null; + public void CopyTo(Microsoft.Data.SqlClient.SqlError[] array, int index) => throw null; + public int Count { get => throw null; } + public System.Collections.IEnumerator GetEnumerator() => throw null; + bool System.Collections.ICollection.IsSynchronized { get => throw null; } + object System.Collections.ICollection.SyncRoot { get => throw null; } + public Microsoft.Data.SqlClient.SqlError this[int index] { get => throw null; } + } + public sealed class SqlException : System.Data.Common.DbException + { + public Microsoft.Data.SqlClient.SqlBatchCommand BatchCommand { get => throw null; } + public byte Class { get => throw null; } + public System.Guid ClientConnectionId { get => throw null; } + protected override System.Data.Common.DbBatchCommand DbBatchCommand { get => throw null; } + public Microsoft.Data.SqlClient.SqlErrorCollection Errors { get => throw null; } + public override void GetObjectData(System.Runtime.Serialization.SerializationInfo si, System.Runtime.Serialization.StreamingContext context) => throw null; + public int LineNumber { get => throw null; } + public int Number { get => throw null; } + public string Procedure { get => throw null; } + public string Server { get => throw null; } + public override string Source { get => throw null; } + public byte State { get => throw null; } + public override string ToString() => throw null; + } + public sealed class SqlInfoMessageEventArgs : System.EventArgs + { + public Microsoft.Data.SqlClient.SqlErrorCollection Errors { get => throw null; } + public string Message { get => throw null; } + public string Source { get => throw null; } + public override string ToString() => throw null; + } + public delegate void SqlInfoMessageEventHandler(object sender, Microsoft.Data.SqlClient.SqlInfoMessageEventArgs e); + public class SqlNotificationEventArgs : System.EventArgs + { + public SqlNotificationEventArgs(Microsoft.Data.SqlClient.SqlNotificationType type, Microsoft.Data.SqlClient.SqlNotificationInfo info, Microsoft.Data.SqlClient.SqlNotificationSource source) => throw null; + public Microsoft.Data.SqlClient.SqlNotificationInfo Info { get => throw null; } + public Microsoft.Data.SqlClient.SqlNotificationSource Source { get => throw null; } + public Microsoft.Data.SqlClient.SqlNotificationType Type { get => throw null; } + } + public enum SqlNotificationInfo + { + AlreadyChanged = -2, + Alter = 5, + Delete = 3, + Drop = 4, + Error = 7, + Expired = 12, + Insert = 1, + Invalid = 9, + Isolation = 11, + Merge = 16, + Options = 10, + PreviousFire = 14, + Query = 8, + Resource = 13, + Restart = 6, + TemplateLimit = 15, + Truncate = 0, + Unknown = -1, + Update = 2, + } + public enum SqlNotificationSource + { + Client = -2, + Data = 0, + Database = 3, + Environment = 6, + Execution = 7, + Object = 2, + Owner = 8, + Statement = 5, + System = 4, + Timeout = 1, + Unknown = -1, + } + public enum SqlNotificationType + { + Change = 0, + Subscribe = 1, + Unknown = -1, + } + public sealed class SqlParameter : System.Data.Common.DbParameter, System.ICloneable, System.Data.IDataParameter, System.Data.IDbDataParameter + { + object System.ICloneable.Clone() => throw null; + public System.Data.SqlTypes.SqlCompareOptions CompareInfo { get => throw null; set { } } + public SqlParameter() => throw null; + public SqlParameter(string parameterName, System.Data.SqlDbType dbType) => throw null; + public SqlParameter(string parameterName, System.Data.SqlDbType dbType, int size) => throw null; + public SqlParameter(string parameterName, System.Data.SqlDbType dbType, int size, System.Data.ParameterDirection direction, bool isNullable, byte precision, byte scale, string sourceColumn, System.Data.DataRowVersion sourceVersion, object value) => throw null; + public SqlParameter(string parameterName, System.Data.SqlDbType dbType, int size, System.Data.ParameterDirection direction, byte precision, byte scale, string sourceColumn, System.Data.DataRowVersion sourceVersion, bool sourceColumnNullMapping, object value, string xmlSchemaCollectionDatabase, string xmlSchemaCollectionOwningSchema, string xmlSchemaCollectionName) => throw null; + public SqlParameter(string parameterName, System.Data.SqlDbType dbType, int size, string sourceColumn) => throw null; + public SqlParameter(string parameterName, object value) => throw null; + public override System.Data.DbType DbType { get => throw null; set { } } + public override System.Data.ParameterDirection Direction { get => throw null; set { } } + public bool ForceColumnEncryption { get => throw null; set { } } + public override bool IsNullable { get => throw null; set { } } + public int LocaleId { get => throw null; set { } } + public int Offset { get => throw null; set { } } + public override string ParameterName { get => throw null; set { } } + public byte Precision { get => throw null; set { } } + public override void ResetDbType() => throw null; + public void ResetSqlDbType() => throw null; + public byte Scale { get => throw null; set { } } + public override int Size { get => throw null; set { } } + public override string SourceColumn { get => throw null; set { } } + public override bool SourceColumnNullMapping { get => throw null; set { } } + public override System.Data.DataRowVersion SourceVersion { get => throw null; set { } } + public System.Data.SqlDbType SqlDbType { get => throw null; set { } } + public object SqlValue { get => throw null; set { } } + public override string ToString() => throw null; + public string TypeName { get => throw null; set { } } + public string UdtTypeName { get => throw null; set { } } + public override object Value { get => throw null; set { } } + public string XmlSchemaCollectionDatabase { get => throw null; set { } } + public string XmlSchemaCollectionName { get => throw null; set { } } + public string XmlSchemaCollectionOwningSchema { get => throw null; set { } } + } + public sealed class SqlParameterCollection : System.Data.Common.DbParameterCollection + { + public Microsoft.Data.SqlClient.SqlParameter Add(Microsoft.Data.SqlClient.SqlParameter value) => throw null; + public override int Add(object value) => throw null; + public Microsoft.Data.SqlClient.SqlParameter Add(string parameterName, System.Data.SqlDbType sqlDbType) => throw null; + public Microsoft.Data.SqlClient.SqlParameter Add(string parameterName, System.Data.SqlDbType sqlDbType, int size) => throw null; + public Microsoft.Data.SqlClient.SqlParameter Add(string parameterName, System.Data.SqlDbType sqlDbType, int size, string sourceColumn) => throw null; + public void AddRange(Microsoft.Data.SqlClient.SqlParameter[] values) => throw null; + public override void AddRange(System.Array values) => throw null; + public Microsoft.Data.SqlClient.SqlParameter AddWithValue(string parameterName, object value) => throw null; + public override void Clear() => throw null; + public bool Contains(Microsoft.Data.SqlClient.SqlParameter value) => throw null; + public override bool Contains(object value) => throw null; + public override bool Contains(string value) => throw null; + public override void CopyTo(System.Array array, int index) => throw null; + public void CopyTo(Microsoft.Data.SqlClient.SqlParameter[] array, int index) => throw null; + public override int Count { get => throw null; } + public override System.Collections.IEnumerator GetEnumerator() => throw null; + protected override System.Data.Common.DbParameter GetParameter(int index) => throw null; + protected override System.Data.Common.DbParameter GetParameter(string parameterName) => throw null; + public int IndexOf(Microsoft.Data.SqlClient.SqlParameter value) => throw null; + public override int IndexOf(object value) => throw null; + public override int IndexOf(string parameterName) => throw null; + public void Insert(int index, Microsoft.Data.SqlClient.SqlParameter value) => throw null; + public override void Insert(int index, object value) => throw null; + public override bool IsFixedSize { get => throw null; } + public override bool IsReadOnly { get => throw null; } + public void Remove(Microsoft.Data.SqlClient.SqlParameter value) => throw null; + public override void Remove(object value) => throw null; + public override void RemoveAt(int index) => throw null; + public override void RemoveAt(string parameterName) => throw null; + protected override void SetParameter(int index, System.Data.Common.DbParameter value) => throw null; + protected override void SetParameter(string parameterName, System.Data.Common.DbParameter value) => throw null; + public override object SyncRoot { get => throw null; } + public Microsoft.Data.SqlClient.SqlParameter this[int index] { get => throw null; set { } } + public Microsoft.Data.SqlClient.SqlParameter this[string parameterName] { get => throw null; set { } } + } + public sealed class SqlRetryingEventArgs : System.EventArgs + { + public bool Cancel { get => throw null; set { } } + public SqlRetryingEventArgs(int retryCount, System.TimeSpan delay, System.Collections.Generic.IList exceptions) => throw null; + public System.TimeSpan Delay { get => throw null; } + public System.Collections.Generic.IList Exceptions { get => throw null; } + public int RetryCount { get => throw null; } + } + public abstract class SqlRetryIntervalBaseEnumerator : System.ICloneable, System.IDisposable, System.Collections.Generic.IEnumerator, System.Collections.IEnumerator + { + public virtual object Clone() => throw null; + public SqlRetryIntervalBaseEnumerator() => throw null; + public SqlRetryIntervalBaseEnumerator(System.TimeSpan timeInterval, System.TimeSpan maxTime, System.TimeSpan minTime) => throw null; + public System.TimeSpan Current { get => throw null; set { } } + object System.Collections.IEnumerator.Current { get => throw null; } + public virtual void Dispose() => throw null; + public System.TimeSpan GapTimeInterval { get => throw null; set { } } + protected abstract System.TimeSpan GetNextInterval(); + public System.TimeSpan MaxTimeInterval { get => throw null; set { } } + public System.TimeSpan MinTimeInterval { get => throw null; set { } } + public virtual bool MoveNext() => throw null; + public virtual void Reset() => throw null; + protected virtual void Validate(System.TimeSpan timeInterval, System.TimeSpan maxTimeInterval, System.TimeSpan minTimeInterval) => throw null; + } + public abstract class SqlRetryLogicBase : System.ICloneable + { + public virtual object Clone() => throw null; + protected SqlRetryLogicBase() => throw null; + public int Current { get => throw null; set { } } + public int NumberOfTries { get => throw null; set { } } + public abstract void Reset(); + public virtual bool RetryCondition(object sender) => throw null; + public Microsoft.Data.SqlClient.SqlRetryIntervalBaseEnumerator RetryIntervalEnumerator { get => throw null; set { } } + public System.Predicate TransientPredicate { get => throw null; set { } } + public abstract bool TryNextInterval(out System.TimeSpan intervalTime); + } + public abstract class SqlRetryLogicBaseProvider + { + protected SqlRetryLogicBaseProvider() => throw null; + public abstract TResult Execute(object sender, System.Func function); + public abstract System.Threading.Tasks.Task ExecuteAsync(object sender, System.Func> function, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)); + public abstract System.Threading.Tasks.Task ExecuteAsync(object sender, System.Func function, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)); + public System.EventHandler Retrying { get => throw null; set { } } + public Microsoft.Data.SqlClient.SqlRetryLogicBase RetryLogic { get => throw null; set { } } + } + public sealed class SqlRetryLogicOption + { + public System.Predicate AuthorizedSqlCondition { get => throw null; set { } } + public SqlRetryLogicOption() => throw null; + public System.TimeSpan DeltaTime { get => throw null; set { } } + public System.TimeSpan MaxTimeInterval { get => throw null; set { } } + public System.TimeSpan MinTimeInterval { get => throw null; set { } } + public int NumberOfTries { get => throw null; set { } } + public System.Collections.Generic.IEnumerable TransientErrors { get => throw null; set { } } + } + public class SqlRowsCopiedEventArgs : System.EventArgs + { + public bool Abort { get => throw null; set { } } + public SqlRowsCopiedEventArgs(long rowsCopied) => throw null; + public long RowsCopied { get => throw null; } + } + public delegate void SqlRowsCopiedEventHandler(object sender, Microsoft.Data.SqlClient.SqlRowsCopiedEventArgs e); + public sealed class SqlRowUpdatedEventArgs : System.Data.Common.RowUpdatedEventArgs + { + public Microsoft.Data.SqlClient.SqlCommand Command { get => throw null; } + public SqlRowUpdatedEventArgs(System.Data.DataRow row, System.Data.IDbCommand command, System.Data.StatementType statementType, System.Data.Common.DataTableMapping tableMapping) : base(default(System.Data.DataRow), default(System.Data.IDbCommand), default(System.Data.StatementType), default(System.Data.Common.DataTableMapping)) => throw null; + } + public delegate void SqlRowUpdatedEventHandler(object sender, Microsoft.Data.SqlClient.SqlRowUpdatedEventArgs e); + public sealed class SqlRowUpdatingEventArgs : System.Data.Common.RowUpdatingEventArgs + { + protected override System.Data.IDbCommand BaseCommand { get => throw null; set { } } + public Microsoft.Data.SqlClient.SqlCommand Command { get => throw null; set { } } + public SqlRowUpdatingEventArgs(System.Data.DataRow row, System.Data.IDbCommand command, System.Data.StatementType statementType, System.Data.Common.DataTableMapping tableMapping) : base(default(System.Data.DataRow), default(System.Data.IDbCommand), default(System.Data.StatementType), default(System.Data.Common.DataTableMapping)) => throw null; + } + public delegate void SqlRowUpdatingEventHandler(object sender, Microsoft.Data.SqlClient.SqlRowUpdatingEventArgs e); + public sealed class SqlTransaction : System.Data.Common.DbTransaction + { + public override void Commit() => throw null; + public Microsoft.Data.SqlClient.SqlConnection Connection { get => throw null; } + protected override System.Data.Common.DbConnection DbConnection { get => throw null; } + protected override void Dispose(bool disposing) => throw null; + public override System.Data.IsolationLevel IsolationLevel { get => throw null; } + public override void Rollback() => throw null; + public override void Rollback(string transactionName) => throw null; + public override void Save(string savePointName) => throw null; + } + } + public static partial class SqlDbTypeExtensions + { + public const System.Data.SqlDbType Json = default; + } + namespace SqlTypes + { + public sealed class SqlFileStream : System.IO.Stream + { + public override System.IAsyncResult BeginRead(byte[] buffer, int offset, int count, System.AsyncCallback callback, object state) => throw null; + public override System.IAsyncResult BeginWrite(byte[] buffer, int offset, int count, System.AsyncCallback callback, object state) => throw null; + public override bool CanRead { get => throw null; } + public override bool CanSeek { get => throw null; } + public override bool CanTimeout { get => throw null; } + public override bool CanWrite { get => throw null; } + public SqlFileStream(string path, byte[] transactionContext, System.IO.FileAccess access) => throw null; + public SqlFileStream(string path, byte[] transactionContext, System.IO.FileAccess access, System.IO.FileOptions options, long allocationSize) => throw null; + public override int EndRead(System.IAsyncResult asyncResult) => throw null; + public override void EndWrite(System.IAsyncResult asyncResult) => throw null; + public override void Flush() => throw null; + public override long Length { get => throw null; } + public string Name { get => throw null; } + public override long Position { get => throw null; set { } } + public override int Read(byte[] buffer, int offset, int count) => throw null; + public override int ReadByte() => throw null; + public override int ReadTimeout { get => throw null; } + public override long Seek(long offset, System.IO.SeekOrigin origin) => throw null; + public override void SetLength(long value) => throw null; + public byte[] TransactionContext { get => throw null; } + public override void Write(byte[] buffer, int offset, int count) => throw null; + public override void WriteByte(byte value) => throw null; + public override int WriteTimeout { get => throw null; } + } + public class SqlJson : System.Data.SqlTypes.INullable + { + public SqlJson() => throw null; + public SqlJson(string jsonString) => throw null; + public SqlJson(System.Text.Json.JsonDocument jsonDoc) => throw null; + public bool IsNull { get => throw null; } + public static Microsoft.Data.SqlTypes.SqlJson Null { get => throw null; } + public string Value { get => throw null; } + } + } + } +} diff --git a/csharp/ql/test/resources/stubs/Microsoft.Data.SqlClient/6.0.2/Microsoft.Data.SqlClient.csproj b/csharp/ql/test/resources/stubs/Microsoft.Data.SqlClient/6.0.2/Microsoft.Data.SqlClient.csproj new file mode 100644 index 00000000000..457f65b723b --- /dev/null +++ b/csharp/ql/test/resources/stubs/Microsoft.Data.SqlClient/6.0.2/Microsoft.Data.SqlClient.csproj @@ -0,0 +1,21 @@ + + + net9.0 + true + bin\ + false + + + + + + + + + + + + + + + diff --git a/csharp/ql/test/resources/stubs/Microsoft.Extensions.Caching.Abstractions/9.0.4/Microsoft.Extensions.Caching.Abstractions.csproj b/csharp/ql/test/resources/stubs/Microsoft.Extensions.Caching.Abstractions/9.0.4/Microsoft.Extensions.Caching.Abstractions.csproj new file mode 100644 index 00000000000..ba6857adb2b --- /dev/null +++ b/csharp/ql/test/resources/stubs/Microsoft.Extensions.Caching.Abstractions/9.0.4/Microsoft.Extensions.Caching.Abstractions.csproj @@ -0,0 +1,13 @@ + + + net9.0 + true + bin\ + false + + + + + + + diff --git a/csharp/ql/test/resources/stubs/Microsoft.Extensions.Caching.Memory/9.0.4/Microsoft.Extensions.Caching.Memory.csproj b/csharp/ql/test/resources/stubs/Microsoft.Extensions.Caching.Memory/9.0.4/Microsoft.Extensions.Caching.Memory.csproj new file mode 100644 index 00000000000..611dcc85a91 --- /dev/null +++ b/csharp/ql/test/resources/stubs/Microsoft.Extensions.Caching.Memory/9.0.4/Microsoft.Extensions.Caching.Memory.csproj @@ -0,0 +1,17 @@ + + + net9.0 + true + bin\ + false + + + + + + + + + + + diff --git a/csharp/ql/test/resources/stubs/Microsoft.Extensions.DependencyInjection.Abstractions/9.0.4/Microsoft.Extensions.DependencyInjection.Abstractions.csproj b/csharp/ql/test/resources/stubs/Microsoft.Extensions.DependencyInjection.Abstractions/9.0.4/Microsoft.Extensions.DependencyInjection.Abstractions.csproj new file mode 100644 index 00000000000..c7646fbae20 --- /dev/null +++ b/csharp/ql/test/resources/stubs/Microsoft.Extensions.DependencyInjection.Abstractions/9.0.4/Microsoft.Extensions.DependencyInjection.Abstractions.csproj @@ -0,0 +1,12 @@ + + + net9.0 + true + bin\ + false + + + + + + diff --git a/csharp/ql/test/resources/stubs/Microsoft.Extensions.Logging.Abstractions/9.0.4/Microsoft.Extensions.Logging.Abstractions.csproj b/csharp/ql/test/resources/stubs/Microsoft.Extensions.Logging.Abstractions/9.0.4/Microsoft.Extensions.Logging.Abstractions.csproj new file mode 100644 index 00000000000..24dcab514cf --- /dev/null +++ b/csharp/ql/test/resources/stubs/Microsoft.Extensions.Logging.Abstractions/9.0.4/Microsoft.Extensions.Logging.Abstractions.csproj @@ -0,0 +1,13 @@ + + + net9.0 + true + bin\ + false + + + + + + + diff --git a/csharp/ql/test/resources/stubs/Microsoft.Extensions.Options/9.0.4/Microsoft.Extensions.Options.csproj b/csharp/ql/test/resources/stubs/Microsoft.Extensions.Options/9.0.4/Microsoft.Extensions.Options.csproj new file mode 100644 index 00000000000..be3f78d87fc --- /dev/null +++ b/csharp/ql/test/resources/stubs/Microsoft.Extensions.Options/9.0.4/Microsoft.Extensions.Options.csproj @@ -0,0 +1,14 @@ + + + net9.0 + true + bin\ + false + + + + + + + + diff --git a/csharp/ql/test/resources/stubs/Microsoft.Extensions.Primitives/9.0.4/Microsoft.Extensions.Primitives.csproj b/csharp/ql/test/resources/stubs/Microsoft.Extensions.Primitives/9.0.4/Microsoft.Extensions.Primitives.csproj new file mode 100644 index 00000000000..c7646fbae20 --- /dev/null +++ b/csharp/ql/test/resources/stubs/Microsoft.Extensions.Primitives/9.0.4/Microsoft.Extensions.Primitives.csproj @@ -0,0 +1,12 @@ + + + net9.0 + true + bin\ + false + + + + + + diff --git a/csharp/ql/test/resources/stubs/Microsoft.Identity.Client.Extensions.Msal/4.61.3/Microsoft.Identity.Client.Extensions.Msal.cs b/csharp/ql/test/resources/stubs/Microsoft.Identity.Client.Extensions.Msal/4.61.3/Microsoft.Identity.Client.Extensions.Msal.cs new file mode 100644 index 00000000000..878df0d485a --- /dev/null +++ b/csharp/ql/test/resources/stubs/Microsoft.Identity.Client.Extensions.Msal/4.61.3/Microsoft.Identity.Client.Extensions.Msal.cs @@ -0,0 +1,103 @@ +// This file contains auto-generated code. +// Generated from `Microsoft.Identity.Client.Extensions.Msal, Version=4.61.3.0, Culture=neutral, PublicKeyToken=0a613f4dd989e8ae`. +namespace Microsoft +{ + namespace Identity + { + namespace Client + { + namespace Extensions + { + namespace Msal + { + public class CacheChangedEventArgs : System.EventArgs + { + public readonly System.Collections.Generic.IEnumerable AccountsAdded; + public readonly System.Collections.Generic.IEnumerable AccountsRemoved; + public CacheChangedEventArgs(System.Collections.Generic.IEnumerable added, System.Collections.Generic.IEnumerable removed) => throw null; + } + public sealed class CrossPlatLock : System.IDisposable + { + public CrossPlatLock(string lockfilePath, int lockFileRetryDelay = default(int), int lockFileRetryCount = default(int)) => throw null; + public void Dispose() => throw null; + } + public class MsalCacheHelper + { + public event System.EventHandler CacheChanged; + public void Clear() => throw null; + public static System.Threading.Tasks.Task CreateAsync(Microsoft.Identity.Client.Extensions.Msal.StorageCreationProperties storageCreationProperties, System.Diagnostics.TraceSource logger = default(System.Diagnostics.TraceSource)) => throw null; + public const string LinuxKeyRingDefaultCollection = default; + public const string LinuxKeyRingSessionCollection = default; + public byte[] LoadUnencryptedTokenCache() => throw null; + public void RegisterCache(Microsoft.Identity.Client.ITokenCache tokenCache) => throw null; + public void SaveUnencryptedTokenCache(byte[] tokenCache) => throw null; + public void UnregisterCache(Microsoft.Identity.Client.ITokenCache tokenCache) => throw null; + public static string UserRootDirectory { get => throw null; } + public void VerifyPersistence() => throw null; + } + public class MsalCachePersistenceException : System.Exception + { + public MsalCachePersistenceException() => throw null; + public MsalCachePersistenceException(string message) => throw null; + public MsalCachePersistenceException(string message, System.Exception innerException) => throw null; + protected MsalCachePersistenceException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + } + public static class SharedUtilities + { + public static string GetUserRootDirectory() => throw null; + public static bool IsLinuxPlatform() => throw null; + public static bool IsMacPlatform() => throw null; + public static bool IsWindowsPlatform() => throw null; + } + public class Storage + { + public void Clear(bool ignoreExceptions = default(bool)) => throw null; + public static Microsoft.Identity.Client.Extensions.Msal.Storage Create(Microsoft.Identity.Client.Extensions.Msal.StorageCreationProperties creationProperties, System.Diagnostics.TraceSource logger = default(System.Diagnostics.TraceSource)) => throw null; + public byte[] ReadData() => throw null; + public void VerifyPersistence() => throw null; + public void WriteData(byte[] data) => throw null; + } + public class StorageCreationProperties + { + public string Authority { get => throw null; } + public readonly string CacheDirectory; + public readonly string CacheFileName; + public string CacheFilePath { get => throw null; } + public string ClientId { get => throw null; } + public readonly System.Collections.Generic.KeyValuePair KeyringAttribute1; + public readonly System.Collections.Generic.KeyValuePair KeyringAttribute2; + public readonly string KeyringCollection; + public readonly string KeyringSchemaName; + public readonly string KeyringSecretLabel; + public readonly int LockRetryCount; + public readonly int LockRetryDelay; + public readonly string MacKeyChainAccountName; + public readonly string MacKeyChainServiceName; + public readonly bool UseLinuxUnencryptedFallback; + public readonly bool UseUnencryptedFallback; + } + public class StorageCreationPropertiesBuilder + { + public Microsoft.Identity.Client.Extensions.Msal.StorageCreationProperties Build() => throw null; + public StorageCreationPropertiesBuilder(string cacheFileName, string cacheDirectory, string clientId) => throw null; + public StorageCreationPropertiesBuilder(string cacheFileName, string cacheDirectory) => throw null; + public Microsoft.Identity.Client.Extensions.Msal.StorageCreationPropertiesBuilder CustomizeLockRetry(int lockRetryDelay, int lockRetryCount) => throw null; + public Microsoft.Identity.Client.Extensions.Msal.StorageCreationPropertiesBuilder WithCacheChangedEvent(string clientId, string authority = default(string)) => throw null; + public Microsoft.Identity.Client.Extensions.Msal.StorageCreationPropertiesBuilder WithLinuxKeyring(string schemaName, string collection, string secretLabel, System.Collections.Generic.KeyValuePair attribute1, System.Collections.Generic.KeyValuePair attribute2) => throw null; + public Microsoft.Identity.Client.Extensions.Msal.StorageCreationPropertiesBuilder WithLinuxUnprotectedFile() => throw null; + public Microsoft.Identity.Client.Extensions.Msal.StorageCreationPropertiesBuilder WithMacKeyChain(string serviceName, string accountName) => throw null; + public Microsoft.Identity.Client.Extensions.Msal.StorageCreationPropertiesBuilder WithUnprotectedFile() => throw null; + } + public class TraceSourceLogger + { + public TraceSourceLogger(System.Diagnostics.TraceSource traceSource) => throw null; + public void LogError(string message) => throw null; + public void LogInformation(string message) => throw null; + public void LogWarning(string message) => throw null; + public System.Diagnostics.TraceSource Source { get => throw null; } + } + } + } + } + } +} diff --git a/csharp/ql/test/resources/stubs/Microsoft.Identity.Client.Extensions.Msal/4.61.3/Microsoft.Identity.Client.Extensions.Msal.csproj b/csharp/ql/test/resources/stubs/Microsoft.Identity.Client.Extensions.Msal/4.61.3/Microsoft.Identity.Client.Extensions.Msal.csproj new file mode 100644 index 00000000000..a085743bd52 --- /dev/null +++ b/csharp/ql/test/resources/stubs/Microsoft.Identity.Client.Extensions.Msal/4.61.3/Microsoft.Identity.Client.Extensions.Msal.csproj @@ -0,0 +1,14 @@ + + + net9.0 + true + bin\ + false + + + + + + + + diff --git a/csharp/ql/test/resources/stubs/Microsoft.Identity.Client/4.61.3/Microsoft.Identity.Client.cs b/csharp/ql/test/resources/stubs/Microsoft.Identity.Client/4.61.3/Microsoft.Identity.Client.cs new file mode 100644 index 00000000000..01ea5340e8e --- /dev/null +++ b/csharp/ql/test/resources/stubs/Microsoft.Identity.Client/4.61.3/Microsoft.Identity.Client.cs @@ -0,0 +1,1350 @@ +// This file contains auto-generated code. +// Generated from `Microsoft.Identity.Client, Version=4.61.3.0, Culture=neutral, PublicKeyToken=0a613f4dd989e8ae`. +namespace Microsoft +{ + namespace Identity + { + namespace Client + { + public enum AadAuthorityAudience + { + None = 0, + AzureAdMyOrg = 1, + AzureAdAndPersonalMicrosoftAccount = 2, + AzureAdMultipleOrgs = 3, + PersonalMicrosoftAccount = 4, + } + public abstract class AbstractAcquireTokenParameterBuilder : Microsoft.Identity.Client.BaseAbstractAcquireTokenParameterBuilder where T : Microsoft.Identity.Client.BaseAbstractAcquireTokenParameterBuilder + { + protected AbstractAcquireTokenParameterBuilder() => throw null; + public T WithAdfsAuthority(string authorityUri, bool validateAuthority = default(bool)) => throw null; + public T WithAuthority(string authorityUri, bool validateAuthority = default(bool)) => throw null; + public T WithAuthority(string cloudInstanceUri, System.Guid tenantId, bool validateAuthority = default(bool)) => throw null; + public T WithAuthority(string cloudInstanceUri, string tenant, bool validateAuthority = default(bool)) => throw null; + public T WithAuthority(Microsoft.Identity.Client.AzureCloudInstance azureCloudInstance, System.Guid tenantId, bool validateAuthority = default(bool)) => throw null; + public T WithAuthority(Microsoft.Identity.Client.AzureCloudInstance azureCloudInstance, string tenant, bool validateAuthority = default(bool)) => throw null; + public T WithAuthority(Microsoft.Identity.Client.AzureCloudInstance azureCloudInstance, Microsoft.Identity.Client.AadAuthorityAudience authorityAudience, bool validateAuthority = default(bool)) => throw null; + public T WithAuthority(Microsoft.Identity.Client.AadAuthorityAudience authorityAudience, bool validateAuthority = default(bool)) => throw null; + public T WithB2CAuthority(string authorityUri) => throw null; + public T WithClaims(string claims) => throw null; + public T WithExtraQueryParameters(System.Collections.Generic.Dictionary extraQueryParameters) => throw null; + public T WithExtraQueryParameters(string extraQueryParameters) => throw null; + protected T WithScopes(System.Collections.Generic.IEnumerable scopes) => throw null; + public T WithTenantId(string tenantId) => throw null; + public T WithTenantIdFromAuthority(System.Uri authorityUri) => throw null; + } + public abstract class AbstractApplicationBuilder : Microsoft.Identity.Client.BaseAbstractApplicationBuilder where T : Microsoft.Identity.Client.BaseAbstractApplicationBuilder + { + public T WithAdfsAuthority(string authorityUri, bool validateAuthority = default(bool)) => throw null; + public T WithAuthority(System.Uri authorityUri, bool validateAuthority = default(bool)) => throw null; + public T WithAuthority(string authorityUri, bool validateAuthority = default(bool)) => throw null; + public T WithAuthority(string cloudInstanceUri, System.Guid tenantId, bool validateAuthority = default(bool)) => throw null; + public T WithAuthority(string cloudInstanceUri, string tenant, bool validateAuthority = default(bool)) => throw null; + public T WithAuthority(Microsoft.Identity.Client.AzureCloudInstance azureCloudInstance, System.Guid tenantId, bool validateAuthority = default(bool)) => throw null; + public T WithAuthority(Microsoft.Identity.Client.AzureCloudInstance azureCloudInstance, string tenant, bool validateAuthority = default(bool)) => throw null; + public T WithAuthority(Microsoft.Identity.Client.AzureCloudInstance azureCloudInstance, Microsoft.Identity.Client.AadAuthorityAudience authorityAudience, bool validateAuthority = default(bool)) => throw null; + public T WithAuthority(Microsoft.Identity.Client.AadAuthorityAudience authorityAudience, bool validateAuthority = default(bool)) => throw null; + public T WithB2CAuthority(string authorityUri) => throw null; + public T WithCacheOptions(Microsoft.Identity.Client.CacheOptions options) => throw null; + public T WithClientCapabilities(System.Collections.Generic.IEnumerable clientCapabilities) => throw null; + public T WithClientId(string clientId) => throw null; + public T WithClientName(string clientName) => throw null; + public T WithClientVersion(string clientVersion) => throw null; + public T WithExtraQueryParameters(System.Collections.Generic.IDictionary extraQueryParameters) => throw null; + public T WithExtraQueryParameters(string extraQueryParameters) => throw null; + public T WithInstanceDicoveryMetadata(string instanceDiscoveryJson) => throw null; + public T WithInstanceDicoveryMetadata(System.Uri instanceDiscoveryUri) => throw null; + public T WithInstanceDiscovery(bool enableInstanceDiscovery) => throw null; + public T WithInstanceDiscoveryMetadata(string instanceDiscoveryJson) => throw null; + public T WithInstanceDiscoveryMetadata(System.Uri instanceDiscoveryUri) => throw null; + public T WithLegacyCacheCompatibility(bool enableLegacyCacheCompatibility = default(bool)) => throw null; + protected T WithOptions(Microsoft.Identity.Client.ApplicationOptions applicationOptions) => throw null; + public T WithRedirectUri(string redirectUri) => throw null; + public T WithTelemetry(Microsoft.Identity.Client.ITelemetryConfig telemetryConfig) => throw null; + public T WithTenantId(string tenantId) => throw null; + } + public abstract class AbstractClientAppBaseAcquireTokenParameterBuilder : Microsoft.Identity.Client.AbstractAcquireTokenParameterBuilder where T : Microsoft.Identity.Client.AbstractAcquireTokenParameterBuilder + { + public override System.Threading.Tasks.Task ExecuteAsync(System.Threading.CancellationToken cancellationToken) => throw null; + } + public abstract class AbstractConfidentialClientAcquireTokenParameterBuilder : Microsoft.Identity.Client.AbstractAcquireTokenParameterBuilder where T : Microsoft.Identity.Client.AbstractAcquireTokenParameterBuilder + { + public override System.Threading.Tasks.Task ExecuteAsync(System.Threading.CancellationToken cancellationToken) => throw null; + protected override void Validate() => throw null; + public T WithProofOfPossession(Microsoft.Identity.Client.AppConfig.PoPAuthenticationConfiguration popAuthenticationConfiguration) => throw null; + } + public abstract class AbstractManagedIdentityAcquireTokenParameterBuilder : Microsoft.Identity.Client.BaseAbstractAcquireTokenParameterBuilder where T : Microsoft.Identity.Client.BaseAbstractAcquireTokenParameterBuilder + { + protected AbstractManagedIdentityAcquireTokenParameterBuilder() => throw null; + public override System.Threading.Tasks.Task ExecuteAsync(System.Threading.CancellationToken cancellationToken) => throw null; + } + public abstract class AbstractPublicClientAcquireTokenParameterBuilder : Microsoft.Identity.Client.AbstractAcquireTokenParameterBuilder where T : Microsoft.Identity.Client.AbstractAcquireTokenParameterBuilder + { + public override System.Threading.Tasks.Task ExecuteAsync(System.Threading.CancellationToken cancellationToken) => throw null; + } + public static partial class AccountExtensions + { + public static System.Collections.Generic.IEnumerable GetTenantProfiles(this Microsoft.Identity.Client.IAccount account) => throw null; + } + public class AccountId + { + public AccountId(string identifier, string objectId, string tenantId) => throw null; + public AccountId(string adfsIdentifier) => throw null; + public override bool Equals(object obj) => throw null; + public override int GetHashCode() => throw null; + public string Identifier { get => throw null; } + public string ObjectId { get => throw null; } + public string TenantId { get => throw null; } + public override string ToString() => throw null; + } + public sealed class AcquireTokenByAuthorizationCodeParameterBuilder : Microsoft.Identity.Client.AbstractConfidentialClientAcquireTokenParameterBuilder + { + protected override void Validate() => throw null; + public Microsoft.Identity.Client.AcquireTokenByAuthorizationCodeParameterBuilder WithCcsRoutingHint(string userObjectIdentifier, string tenantIdentifier) => throw null; + public Microsoft.Identity.Client.AcquireTokenByAuthorizationCodeParameterBuilder WithCcsRoutingHint(string userName) => throw null; + public Microsoft.Identity.Client.AcquireTokenByAuthorizationCodeParameterBuilder WithPkceCodeVerifier(string pkceCodeVerifier) => throw null; + public Microsoft.Identity.Client.AcquireTokenByAuthorizationCodeParameterBuilder WithSendX5C(bool withSendX5C) => throw null; + public Microsoft.Identity.Client.AcquireTokenByAuthorizationCodeParameterBuilder WithSpaAuthorizationCode(bool requestSpaAuthorizationCode = default(bool)) => throw null; + } + public sealed class AcquireTokenByIntegratedWindowsAuthParameterBuilder : Microsoft.Identity.Client.AbstractPublicClientAcquireTokenParameterBuilder + { + public Microsoft.Identity.Client.AcquireTokenByIntegratedWindowsAuthParameterBuilder WithFederationMetadata(string federationMetadata) => throw null; + public Microsoft.Identity.Client.AcquireTokenByIntegratedWindowsAuthParameterBuilder WithUsername(string username) => throw null; + } + public sealed class AcquireTokenByRefreshTokenParameterBuilder : Microsoft.Identity.Client.AbstractClientAppBaseAcquireTokenParameterBuilder + { + protected override void Validate() => throw null; + public Microsoft.Identity.Client.AcquireTokenByRefreshTokenParameterBuilder WithSendX5C(bool withSendX5C) => throw null; + } + public sealed class AcquireTokenByUsernamePasswordParameterBuilder : Microsoft.Identity.Client.AbstractPublicClientAcquireTokenParameterBuilder + { + public Microsoft.Identity.Client.AcquireTokenByUsernamePasswordParameterBuilder WithFederationMetadata(string federationMetadata) => throw null; + public Microsoft.Identity.Client.AcquireTokenByUsernamePasswordParameterBuilder WithProofOfPossession(string nonce, System.Net.Http.HttpMethod httpMethod, System.Uri requestUri) => throw null; + } + public sealed class AcquireTokenForClientParameterBuilder : Microsoft.Identity.Client.AbstractConfidentialClientAcquireTokenParameterBuilder + { + protected override void Validate() => throw null; + public Microsoft.Identity.Client.AcquireTokenForClientParameterBuilder WithAzureRegion(bool useAzureRegion) => throw null; + public Microsoft.Identity.Client.AcquireTokenForClientParameterBuilder WithForceRefresh(bool forceRefresh) => throw null; + public Microsoft.Identity.Client.AcquireTokenForClientParameterBuilder WithPreferredAzureRegion(bool useAzureRegion = default(bool), string regionUsedIfAutoDetectFails = default(string), bool fallbackToGlobal = default(bool)) => throw null; + public Microsoft.Identity.Client.AcquireTokenForClientParameterBuilder WithSendX5C(bool withSendX5C) => throw null; + } + public sealed class AcquireTokenForManagedIdentityParameterBuilder : Microsoft.Identity.Client.AbstractManagedIdentityAcquireTokenParameterBuilder + { + public Microsoft.Identity.Client.AcquireTokenForManagedIdentityParameterBuilder WithForceRefresh(bool forceRefresh) => throw null; + } + public sealed class AcquireTokenInteractiveParameterBuilder : Microsoft.Identity.Client.AbstractPublicClientAcquireTokenParameterBuilder + { + protected override void Validate() => throw null; + public Microsoft.Identity.Client.AcquireTokenInteractiveParameterBuilder WithAccount(Microsoft.Identity.Client.IAccount account) => throw null; + public Microsoft.Identity.Client.AcquireTokenInteractiveParameterBuilder WithEmbeddedWebViewOptions(Microsoft.Identity.Client.EmbeddedWebViewOptions options) => throw null; + public Microsoft.Identity.Client.AcquireTokenInteractiveParameterBuilder WithExtraScopesToConsent(System.Collections.Generic.IEnumerable extraScopesToConsent) => throw null; + public Microsoft.Identity.Client.AcquireTokenInteractiveParameterBuilder WithLoginHint(string loginHint) => throw null; + public Microsoft.Identity.Client.AcquireTokenInteractiveParameterBuilder WithParentActivityOrWindow(object parent) => throw null; + public Microsoft.Identity.Client.AcquireTokenInteractiveParameterBuilder WithParentActivityOrWindow(nint window) => throw null; + public Microsoft.Identity.Client.AcquireTokenInteractiveParameterBuilder WithPrompt(Microsoft.Identity.Client.Prompt prompt) => throw null; + public Microsoft.Identity.Client.AcquireTokenInteractiveParameterBuilder WithProofOfPossession(string nonce, System.Net.Http.HttpMethod httpMethod, System.Uri requestUri) => throw null; + public Microsoft.Identity.Client.AcquireTokenInteractiveParameterBuilder WithSystemWebViewOptions(Microsoft.Identity.Client.SystemWebViewOptions options) => throw null; + public Microsoft.Identity.Client.AcquireTokenInteractiveParameterBuilder WithUseEmbeddedWebView(bool useEmbeddedWebView) => throw null; + } + public sealed class AcquireTokenOnBehalfOfParameterBuilder : Microsoft.Identity.Client.AbstractConfidentialClientAcquireTokenParameterBuilder + { + protected override void Validate() => throw null; + public Microsoft.Identity.Client.AcquireTokenOnBehalfOfParameterBuilder WithCcsRoutingHint(string userObjectIdentifier, string tenantIdentifier) => throw null; + public Microsoft.Identity.Client.AcquireTokenOnBehalfOfParameterBuilder WithCcsRoutingHint(string userName) => throw null; + public Microsoft.Identity.Client.AcquireTokenOnBehalfOfParameterBuilder WithForceRefresh(bool forceRefresh) => throw null; + public Microsoft.Identity.Client.AcquireTokenOnBehalfOfParameterBuilder WithSendX5C(bool withSendX5C) => throw null; + } + public sealed class AcquireTokenSilentParameterBuilder : Microsoft.Identity.Client.AbstractClientAppBaseAcquireTokenParameterBuilder + { + protected override void Validate() => throw null; + public Microsoft.Identity.Client.AcquireTokenSilentParameterBuilder WithForceRefresh(bool forceRefresh) => throw null; + public Microsoft.Identity.Client.AcquireTokenSilentParameterBuilder WithProofOfPossession(Microsoft.Identity.Client.AppConfig.PoPAuthenticationConfiguration popAuthenticationConfiguration) => throw null; + public Microsoft.Identity.Client.AcquireTokenSilentParameterBuilder WithProofOfPossession(string nonce, System.Net.Http.HttpMethod httpMethod, System.Uri requestUri) => throw null; + public Microsoft.Identity.Client.AcquireTokenSilentParameterBuilder WithSendX5C(bool withSendX5C) => throw null; + } + public sealed class AcquireTokenWithDeviceCodeParameterBuilder : Microsoft.Identity.Client.AbstractPublicClientAcquireTokenParameterBuilder + { + protected override void Validate() => throw null; + public Microsoft.Identity.Client.AcquireTokenWithDeviceCodeParameterBuilder WithDeviceCodeResultCallback(System.Func deviceCodeResultCallback) => throw null; + } + namespace Advanced + { + public static partial class AcquireTokenParameterBuilderExtensions + { + public static T WithExtraHttpHeaders(this Microsoft.Identity.Client.AbstractAcquireTokenParameterBuilder builder, System.Collections.Generic.IDictionary extraHttpHeaders) where T : Microsoft.Identity.Client.AbstractAcquireTokenParameterBuilder => throw null; + } + } + namespace AppConfig + { + public class ManagedIdentityId + { + public static Microsoft.Identity.Client.AppConfig.ManagedIdentityId SystemAssigned { get => throw null; } + public static Microsoft.Identity.Client.AppConfig.ManagedIdentityId WithUserAssignedClientId(string clientId) => throw null; + public static Microsoft.Identity.Client.AppConfig.ManagedIdentityId WithUserAssignedObjectId(string objectId) => throw null; + public static Microsoft.Identity.Client.AppConfig.ManagedIdentityId WithUserAssignedResourceId(string resourceId) => throw null; + } + public class PoPAuthenticationConfiguration + { + public PoPAuthenticationConfiguration() => throw null; + public PoPAuthenticationConfiguration(System.Net.Http.HttpRequestMessage httpRequestMessage) => throw null; + public PoPAuthenticationConfiguration(System.Uri requestUri) => throw null; + public string HttpHost { get => throw null; set { } } + public System.Net.Http.HttpMethod HttpMethod { get => throw null; set { } } + public string HttpPath { get => throw null; set { } } + public string Nonce { get => throw null; set { } } + public Microsoft.Identity.Client.AuthScheme.PoP.IPoPCryptoProvider PopCryptoProvider { get => throw null; set { } } + public bool SignHttpRequest { get => throw null; set { } } + } + } + public abstract class ApplicationBase : Microsoft.Identity.Client.IApplicationBase + { + } + public abstract class ApplicationOptions : Microsoft.Identity.Client.BaseApplicationOptions + { + public Microsoft.Identity.Client.AadAuthorityAudience AadAuthorityAudience { get => throw null; set { } } + public Microsoft.Identity.Client.AzureCloudInstance AzureCloudInstance { get => throw null; set { } } + public System.Collections.Generic.IEnumerable ClientCapabilities { get => throw null; set { } } + public string ClientId { get => throw null; set { } } + public string ClientName { get => throw null; set { } } + public string ClientVersion { get => throw null; set { } } + protected ApplicationOptions() => throw null; + public string Instance { get => throw null; set { } } + public string KerberosServicePrincipalName { get => throw null; set { } } + public bool LegacyCacheCompatibilityEnabled { get => throw null; set { } } + public string RedirectUri { get => throw null; set { } } + public string TenantId { get => throw null; set { } } + public Microsoft.Identity.Client.Kerberos.KerberosTicketContainer TicketContainer { get => throw null; set { } } + } + public class AssertionRequestOptions + { + public System.Threading.CancellationToken CancellationToken { get => throw null; set { } } + public string ClientID { get => throw null; set { } } + public AssertionRequestOptions() => throw null; + public string TokenEndpoint { get => throw null; set { } } + } + public class AuthenticationHeaderParser + { + public Microsoft.Identity.Client.AuthenticationInfoParameters AuthenticationInfoParameters { get => throw null; } + public AuthenticationHeaderParser() => throw null; + public static Microsoft.Identity.Client.AuthenticationHeaderParser ParseAuthenticationHeaders(System.Net.Http.Headers.HttpResponseHeaders httpResponseHeaders) => throw null; + public static System.Threading.Tasks.Task ParseAuthenticationHeadersAsync(string resourceUri, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public static System.Threading.Tasks.Task ParseAuthenticationHeadersAsync(string resourceUri, System.Net.Http.HttpClient httpClient, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public string PopNonce { get => throw null; } + public System.Collections.Generic.IReadOnlyList WwwAuthenticateParameters { get => throw null; } + } + public class AuthenticationInfoParameters + { + public static Microsoft.Identity.Client.AuthenticationInfoParameters CreateFromResponseHeaders(System.Net.Http.Headers.HttpResponseHeaders httpResponseHeaders) => throw null; + public AuthenticationInfoParameters() => throw null; + public string NextNonce { get => throw null; } + public string this[string key] { get => throw null; } + } + public class AuthenticationResult + { + public string AccessToken { get => throw null; } + public Microsoft.Identity.Client.IAccount Account { get => throw null; } + public System.Collections.Generic.IReadOnlyDictionary AdditionalResponseParameters { get => throw null; } + public Microsoft.Identity.Client.AuthenticationResultMetadata AuthenticationResultMetadata { get => throw null; } + public System.Security.Claims.ClaimsPrincipal ClaimsPrincipal { get => throw null; } + public System.Guid CorrelationId { get => throw null; } + public string CreateAuthorizationHeader() => throw null; + public AuthenticationResult(string accessToken, bool isExtendedLifeTimeToken, string uniqueId, System.DateTimeOffset expiresOn, System.DateTimeOffset extendedExpiresOn, string tenantId, Microsoft.Identity.Client.IAccount account, string idToken, System.Collections.Generic.IEnumerable scopes, System.Guid correlationId, string tokenType = default(string), Microsoft.Identity.Client.AuthenticationResultMetadata authenticationResultMetadata = default(Microsoft.Identity.Client.AuthenticationResultMetadata), System.Security.Claims.ClaimsPrincipal claimsPrincipal = default(System.Security.Claims.ClaimsPrincipal), string spaAuthCode = default(string), System.Collections.Generic.IReadOnlyDictionary additionalResponseParameters = default(System.Collections.Generic.IReadOnlyDictionary)) => throw null; + public AuthenticationResult(string accessToken, bool isExtendedLifeTimeToken, string uniqueId, System.DateTimeOffset expiresOn, System.DateTimeOffset extendedExpiresOn, string tenantId, Microsoft.Identity.Client.IAccount account, string idToken, System.Collections.Generic.IEnumerable scopes, System.Guid correlationId, Microsoft.Identity.Client.AuthenticationResultMetadata authenticationResultMetadata, string tokenType = default(string)) => throw null; + public System.DateTimeOffset ExpiresOn { get => throw null; } + public System.DateTimeOffset ExtendedExpiresOn { get => throw null; } + public string IdToken { get => throw null; } + public bool IsExtendedLifeTimeToken { get => throw null; } + public System.Collections.Generic.IEnumerable Scopes { get => throw null; } + public string SpaAuthCode { get => throw null; } + public string TenantId { get => throw null; } + public string TokenType { get => throw null; } + public string UniqueId { get => throw null; } + public Microsoft.Identity.Client.IUser User { get => throw null; } + } + public class AuthenticationResultMetadata + { + public Microsoft.Identity.Client.Cache.CacheLevel CacheLevel { get => throw null; set { } } + public Microsoft.Identity.Client.CacheRefreshReason CacheRefreshReason { get => throw null; set { } } + public AuthenticationResultMetadata(Microsoft.Identity.Client.TokenSource tokenSource) => throw null; + public long DurationInCacheInMs { get => throw null; set { } } + public long DurationInHttpInMs { get => throw null; set { } } + public long DurationTotalInMs { get => throw null; set { } } + public System.DateTimeOffset? RefreshOn { get => throw null; set { } } + public Microsoft.Identity.Client.RegionDetails RegionDetails { get => throw null; set { } } + public string Telemetry { get => throw null; set { } } + public string TokenEndpoint { get => throw null; set { } } + public Microsoft.Identity.Client.TokenSource TokenSource { get => throw null; } + } + namespace AuthScheme + { + namespace PoP + { + public interface IPoPCryptoProvider + { + string CannonicalPublicKeyJwk { get; } + string CryptographicAlgorithm { get; } + byte[] Sign(byte[] data); + } + } + } + public enum AzureCloudInstance + { + None = 0, + AzurePublic = 1, + AzureChina = 2, + AzureGermany = 3, + AzureUsGovernment = 4, + } + public abstract class BaseAbstractAcquireTokenParameterBuilder where T : Microsoft.Identity.Client.BaseAbstractAcquireTokenParameterBuilder + { + protected BaseAbstractAcquireTokenParameterBuilder() => throw null; + public abstract System.Threading.Tasks.Task ExecuteAsync(System.Threading.CancellationToken cancellationToken); + public System.Threading.Tasks.Task ExecuteAsync() => throw null; + protected virtual void Validate() => throw null; + public T WithCorrelationId(System.Guid correlationId) => throw null; + } + public abstract class BaseAbstractApplicationBuilder where T : Microsoft.Identity.Client.BaseAbstractApplicationBuilder + { + public T WithDebugLoggingCallback(Microsoft.Identity.Client.LogLevel logLevel = default(Microsoft.Identity.Client.LogLevel), bool enablePiiLogging = default(bool), bool withDefaultPlatformLoggingEnabled = default(bool)) => throw null; + public T WithExperimentalFeatures(bool enableExperimentalFeatures = default(bool)) => throw null; + public T WithHttpClientFactory(Microsoft.Identity.Client.IMsalHttpClientFactory httpClientFactory) => throw null; + public T WithHttpClientFactory(Microsoft.Identity.Client.IMsalHttpClientFactory httpClientFactory, bool retryOnceOn5xx) => throw null; + public T WithLogging(Microsoft.Identity.Client.LogCallback loggingCallback, Microsoft.Identity.Client.LogLevel? logLevel = default(Microsoft.Identity.Client.LogLevel?), bool? enablePiiLogging = default(bool?), bool? enableDefaultPlatformLogging = default(bool?)) => throw null; + public T WithLogging(Microsoft.IdentityModel.Abstractions.IIdentityLogger identityLogger, bool enablePiiLogging = default(bool)) => throw null; + protected T WithOptions(Microsoft.Identity.Client.BaseApplicationOptions applicationOptions) => throw null; + } + public abstract class BaseApplicationOptions + { + protected BaseApplicationOptions() => throw null; + public bool EnablePiiLogging { get => throw null; set { } } + public bool IsDefaultPlatformLoggingEnabled { get => throw null; set { } } + public Microsoft.Identity.Client.LogLevel LogLevel { get => throw null; set { } } + } + public class BrokerOptions + { + public BrokerOptions(Microsoft.Identity.Client.BrokerOptions.OperatingSystems enabledOn) => throw null; + public Microsoft.Identity.Client.BrokerOptions.OperatingSystems EnabledOn { get => throw null; } + public bool ListOperatingSystemAccounts { get => throw null; set { } } + public bool MsaPassthrough { get => throw null; set { } } + [System.Flags] + public enum OperatingSystems + { + None = 0, + Windows = 1, + } + public string Title { get => throw null; set { } } + } + namespace Cache + { + public class CacheData + { + public byte[] AdalV3State { get => throw null; set { } } + public CacheData() => throw null; + public byte[] UnifiedState { get => throw null; set { } } + } + public enum CacheLevel + { + None = 0, + Unknown = 1, + L1Cache = 2, + L2Cache = 3, + } + } + public class CacheOptions + { + public CacheOptions() => throw null; + public CacheOptions(bool useSharedCache) => throw null; + public static Microsoft.Identity.Client.CacheOptions EnableSharedCacheOptions { get => throw null; } + public bool UseSharedCache { get => throw null; set { } } + } + public enum CacheRefreshReason + { + NotApplicable = 0, + ForceRefreshOrClaims = 1, + NoCachedAccessToken = 2, + Expired = 3, + ProactivelyRefreshed = 4, + } + public abstract class ClientApplicationBase : Microsoft.Identity.Client.ApplicationBase, Microsoft.Identity.Client.IApplicationBase, Microsoft.Identity.Client.IClientApplicationBase + { + public Microsoft.Identity.Client.AcquireTokenSilentParameterBuilder AcquireTokenSilent(System.Collections.Generic.IEnumerable scopes, Microsoft.Identity.Client.IAccount account) => throw null; + public Microsoft.Identity.Client.AcquireTokenSilentParameterBuilder AcquireTokenSilent(System.Collections.Generic.IEnumerable scopes, string loginHint) => throw null; + public System.Threading.Tasks.Task AcquireTokenSilentAsync(System.Collections.Generic.IEnumerable scopes, Microsoft.Identity.Client.IAccount account, string authority, bool forceRefresh) => throw null; + public System.Threading.Tasks.Task AcquireTokenSilentAsync(System.Collections.Generic.IEnumerable scopes, Microsoft.Identity.Client.IAccount account) => throw null; + public Microsoft.Identity.Client.IAppConfig AppConfig { get => throw null; } + public string Authority { get => throw null; } + public string ClientId { get => throw null; } + public string Component { get => throw null; set { } } + public System.Threading.Tasks.Task GetAccountAsync(string accountId, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public System.Threading.Tasks.Task GetAccountAsync(string accountId) => throw null; + public System.Threading.Tasks.Task> GetAccountsAsync() => throw null; + public System.Threading.Tasks.Task> GetAccountsAsync(System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public System.Threading.Tasks.Task> GetAccountsAsync(string userFlow) => throw null; + public System.Threading.Tasks.Task> GetAccountsAsync(string userFlow, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public Microsoft.Identity.Client.IUser GetUser(string identifier) => throw null; + public string RedirectUri { get => throw null; set { } } + public void Remove(Microsoft.Identity.Client.IUser user) => throw null; + public System.Threading.Tasks.Task RemoveAsync(Microsoft.Identity.Client.IAccount account) => throw null; + public System.Threading.Tasks.Task RemoveAsync(Microsoft.Identity.Client.IAccount account, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public string SliceParameters { get => throw null; set { } } + public System.Collections.Generic.IEnumerable Users { get => throw null; } + public Microsoft.Identity.Client.ITokenCache UserTokenCache { get => throw null; } + public bool ValidateAuthority { get => throw null; set { } } + } + public sealed class ClientAssertionCertificate + { + public System.Security.Cryptography.X509Certificates.X509Certificate2 Certificate { get => throw null; } + public ClientAssertionCertificate(System.Security.Cryptography.X509Certificates.X509Certificate2 certificate) => throw null; + public static int MinKeySizeInBits { get => throw null; } + } + public sealed class ClientCredential + { + public ClientCredential(Microsoft.Identity.Client.ClientAssertionCertificate certificate) => throw null; + public ClientCredential(string secret) => throw null; + } + public sealed class ConfidentialClientApplication : Microsoft.Identity.Client.ClientApplicationBase, Microsoft.Identity.Client.IApplicationBase, Microsoft.Identity.Client.IByRefreshToken, Microsoft.Identity.Client.IClientApplicationBase, Microsoft.Identity.Client.IConfidentialClientApplication, Microsoft.Identity.Client.IConfidentialClientApplicationWithCertificate, Microsoft.Identity.Client.ILongRunningWebApi + { + public Microsoft.Identity.Client.AcquireTokenByAuthorizationCodeParameterBuilder AcquireTokenByAuthorizationCode(System.Collections.Generic.IEnumerable scopes, string authorizationCode) => throw null; + public System.Threading.Tasks.Task AcquireTokenByAuthorizationCodeAsync(string authorizationCode, System.Collections.Generic.IEnumerable scopes) => throw null; + Microsoft.Identity.Client.AcquireTokenByRefreshTokenParameterBuilder Microsoft.Identity.Client.IByRefreshToken.AcquireTokenByRefreshToken(System.Collections.Generic.IEnumerable scopes, string refreshToken) => throw null; + System.Threading.Tasks.Task Microsoft.Identity.Client.IByRefreshToken.AcquireTokenByRefreshTokenAsync(System.Collections.Generic.IEnumerable scopes, string refreshToken) => throw null; + public Microsoft.Identity.Client.AcquireTokenForClientParameterBuilder AcquireTokenForClient(System.Collections.Generic.IEnumerable scopes) => throw null; + public System.Threading.Tasks.Task AcquireTokenForClientAsync(System.Collections.Generic.IEnumerable scopes) => throw null; + public System.Threading.Tasks.Task AcquireTokenForClientAsync(System.Collections.Generic.IEnumerable scopes, bool forceRefresh) => throw null; + System.Threading.Tasks.Task Microsoft.Identity.Client.IConfidentialClientApplicationWithCertificate.AcquireTokenForClientWithCertificateAsync(System.Collections.Generic.IEnumerable scopes) => throw null; + System.Threading.Tasks.Task Microsoft.Identity.Client.IConfidentialClientApplicationWithCertificate.AcquireTokenForClientWithCertificateAsync(System.Collections.Generic.IEnumerable scopes, bool forceRefresh) => throw null; + public Microsoft.Identity.Client.AcquireTokenOnBehalfOfParameterBuilder AcquireTokenInLongRunningProcess(System.Collections.Generic.IEnumerable scopes, string longRunningProcessSessionKey) => throw null; + public Microsoft.Identity.Client.AcquireTokenOnBehalfOfParameterBuilder AcquireTokenOnBehalfOf(System.Collections.Generic.IEnumerable scopes, Microsoft.Identity.Client.UserAssertion userAssertion) => throw null; + public System.Threading.Tasks.Task AcquireTokenOnBehalfOfAsync(System.Collections.Generic.IEnumerable scopes, Microsoft.Identity.Client.UserAssertion userAssertion) => throw null; + public System.Threading.Tasks.Task AcquireTokenOnBehalfOfAsync(System.Collections.Generic.IEnumerable scopes, Microsoft.Identity.Client.UserAssertion userAssertion, string authority) => throw null; + System.Threading.Tasks.Task Microsoft.Identity.Client.IConfidentialClientApplicationWithCertificate.AcquireTokenOnBehalfOfWithCertificateAsync(System.Collections.Generic.IEnumerable scopes, Microsoft.Identity.Client.UserAssertion userAssertion) => throw null; + System.Threading.Tasks.Task Microsoft.Identity.Client.IConfidentialClientApplicationWithCertificate.AcquireTokenOnBehalfOfWithCertificateAsync(System.Collections.Generic.IEnumerable scopes, Microsoft.Identity.Client.UserAssertion userAssertion, string authority) => throw null; + public Microsoft.Identity.Client.ITokenCache AppTokenCache { get => throw null; } + public const string AttemptRegionDiscovery = default; + public System.Security.Cryptography.X509Certificates.X509Certificate2 Certificate { get => throw null; } + public ConfidentialClientApplication(string clientId, string redirectUri, Microsoft.Identity.Client.ClientCredential clientCredential, Microsoft.Identity.Client.TokenCache userTokenCache, Microsoft.Identity.Client.TokenCache appTokenCache) => throw null; + public ConfidentialClientApplication(string clientId, string authority, string redirectUri, Microsoft.Identity.Client.ClientCredential clientCredential, Microsoft.Identity.Client.TokenCache userTokenCache, Microsoft.Identity.Client.TokenCache appTokenCache) => throw null; + public Microsoft.Identity.Client.GetAuthorizationRequestUrlParameterBuilder GetAuthorizationRequestUrl(System.Collections.Generic.IEnumerable scopes) => throw null; + public System.Threading.Tasks.Task GetAuthorizationRequestUrlAsync(System.Collections.Generic.IEnumerable scopes, string loginHint, string extraQueryParameters) => throw null; + public System.Threading.Tasks.Task GetAuthorizationRequestUrlAsync(System.Collections.Generic.IEnumerable scopes, string redirectUri, string loginHint, string extraQueryParameters, System.Collections.Generic.IEnumerable extraScopesToConsent, string authority) => throw null; + public Microsoft.Identity.Client.AcquireTokenOnBehalfOfParameterBuilder InitiateLongRunningProcessInWebApi(System.Collections.Generic.IEnumerable scopes, string userToken, ref string longRunningProcessSessionKey) => throw null; + public System.Threading.Tasks.Task StopLongRunningProcessInWebApiAsync(string longRunningProcessSessionKey, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + } + public class ConfidentialClientApplicationBuilder : Microsoft.Identity.Client.AbstractApplicationBuilder + { + public Microsoft.Identity.Client.IConfidentialClientApplication Build() => throw null; + public static Microsoft.Identity.Client.ConfidentialClientApplicationBuilder Create(string clientId) => throw null; + public static Microsoft.Identity.Client.ConfidentialClientApplicationBuilder CreateWithApplicationOptions(Microsoft.Identity.Client.ConfidentialClientApplicationOptions options) => throw null; + public Microsoft.Identity.Client.ConfidentialClientApplicationBuilder WithAzureRegion(string azureRegion = default(string)) => throw null; + public Microsoft.Identity.Client.ConfidentialClientApplicationBuilder WithCacheSynchronization(bool enableCacheSynchronization) => throw null; + public Microsoft.Identity.Client.ConfidentialClientApplicationBuilder WithCertificate(System.Security.Cryptography.X509Certificates.X509Certificate2 certificate) => throw null; + public Microsoft.Identity.Client.ConfidentialClientApplicationBuilder WithCertificate(System.Security.Cryptography.X509Certificates.X509Certificate2 certificate, bool sendX5C) => throw null; + public Microsoft.Identity.Client.ConfidentialClientApplicationBuilder WithClientAssertion(string signedClientAssertion) => throw null; + public Microsoft.Identity.Client.ConfidentialClientApplicationBuilder WithClientAssertion(System.Func clientAssertionDelegate) => throw null; + public Microsoft.Identity.Client.ConfidentialClientApplicationBuilder WithClientAssertion(System.Func> clientAssertionAsyncDelegate) => throw null; + public Microsoft.Identity.Client.ConfidentialClientApplicationBuilder WithClientAssertion(System.Func> clientAssertionAsyncDelegate) => throw null; + public Microsoft.Identity.Client.ConfidentialClientApplicationBuilder WithClientClaims(System.Security.Cryptography.X509Certificates.X509Certificate2 certificate, System.Collections.Generic.IDictionary claimsToSign, bool mergeWithDefaultClaims) => throw null; + public Microsoft.Identity.Client.ConfidentialClientApplicationBuilder WithClientClaims(System.Security.Cryptography.X509Certificates.X509Certificate2 certificate, System.Collections.Generic.IDictionary claimsToSign, bool mergeWithDefaultClaims = default(bool), bool sendX5C = default(bool)) => throw null; + public Microsoft.Identity.Client.ConfidentialClientApplicationBuilder WithClientSecret(string clientSecret) => throw null; + public Microsoft.Identity.Client.ConfidentialClientApplicationBuilder WithGenericAuthority(string authorityUri) => throw null; + public Microsoft.Identity.Client.ConfidentialClientApplicationBuilder WithOidcAuthority(string authorityUri) => throw null; + public Microsoft.Identity.Client.ConfidentialClientApplicationBuilder WithTelemetryClient(params Microsoft.IdentityModel.Abstractions.ITelemetryClient[] telemetryClients) => throw null; + } + public class ConfidentialClientApplicationOptions : Microsoft.Identity.Client.ApplicationOptions + { + public string AzureRegion { get => throw null; set { } } + public string ClientSecret { get => throw null; set { } } + public ConfidentialClientApplicationOptions() => throw null; + public bool EnableCacheSynchronization { get => throw null; set { } } + } + public class DeviceCodeResult + { + public string ClientId { get => throw null; } + public string DeviceCode { get => throw null; } + public System.DateTimeOffset ExpiresOn { get => throw null; } + public long Interval { get => throw null; } + public string Message { get => throw null; } + public System.Collections.Generic.IReadOnlyCollection Scopes { get => throw null; } + public string UserCode { get => throw null; } + public string VerificationUrl { get => throw null; } + } + public class EmbeddedWebViewOptions + { + public EmbeddedWebViewOptions() => throw null; + public string Title { get => throw null; set { } } + public string WebView2BrowserExecutableFolder { get => throw null; set { } } + } + namespace Extensibility + { + public static class AbstractConfidentialClientAcquireTokenParameterBuilderExtension + { + public static Microsoft.Identity.Client.AbstractAcquireTokenParameterBuilder OnBeforeTokenRequest(this Microsoft.Identity.Client.AbstractAcquireTokenParameterBuilder builder, System.Func onBeforeTokenRequestHandler) where T : Microsoft.Identity.Client.AbstractAcquireTokenParameterBuilder => throw null; + public static Microsoft.Identity.Client.AbstractAcquireTokenParameterBuilder WithProofOfPosessionKeyId(this Microsoft.Identity.Client.AbstractAcquireTokenParameterBuilder builder, string keyId, string expectedTokenTypeFromAad = default(string)) where T : Microsoft.Identity.Client.AbstractAcquireTokenParameterBuilder => throw null; + } + public static partial class AcquireTokenForClientBuilderExtensions + { + public static Microsoft.Identity.Client.AcquireTokenForClientParameterBuilder WithProofOfPosessionKeyId(this Microsoft.Identity.Client.AcquireTokenForClientParameterBuilder builder, string keyId, string expectedTokenTypeFromAad = default(string)) => throw null; + } + public static partial class AcquireTokenInteractiveParameterBuilderExtensions + { + public static Microsoft.Identity.Client.AcquireTokenInteractiveParameterBuilder WithCustomWebUi(this Microsoft.Identity.Client.AcquireTokenInteractiveParameterBuilder builder, Microsoft.Identity.Client.Extensibility.ICustomWebUi customWebUi) => throw null; + } + public static partial class AcquireTokenOnBehalfOfParameterBuilderExtensions + { + public static Microsoft.Identity.Client.AcquireTokenOnBehalfOfParameterBuilder WithSearchInCacheForLongRunningProcess(this Microsoft.Identity.Client.AcquireTokenOnBehalfOfParameterBuilder builder, bool searchInCache = default(bool)) => throw null; + } + public class AppTokenProviderParameters + { + public System.Threading.CancellationToken CancellationToken { get => throw null; } + public string Claims { get => throw null; } + public string CorrelationId { get => throw null; } + public AppTokenProviderParameters() => throw null; + public System.Collections.Generic.IEnumerable Scopes { get => throw null; } + public string TenantId { get => throw null; } + } + public class AppTokenProviderResult + { + public string AccessToken { get => throw null; set { } } + public AppTokenProviderResult() => throw null; + public long ExpiresInSeconds { get => throw null; set { } } + public long? RefreshInSeconds { get => throw null; set { } } + } + public static partial class ConfidentialClientApplicationBuilderExtensions + { + public static Microsoft.Identity.Client.ConfidentialClientApplicationBuilder WithAppTokenProvider(this Microsoft.Identity.Client.ConfidentialClientApplicationBuilder builder, System.Func> appTokenProvider) => throw null; + } + public static partial class ConfidentialClientApplicationExtensions + { + public static System.Threading.Tasks.Task StopLongRunningProcessInWebApiAsync(this Microsoft.Identity.Client.ILongRunningWebApi clientApp, string longRunningProcessSessionKey, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + } + public interface ICustomWebUi + { + System.Threading.Tasks.Task AcquireAuthorizationCodeAsync(System.Uri authorizationUri, System.Uri redirectUri, System.Threading.CancellationToken cancellationToken); + } + public sealed class OnBeforeTokenRequestData + { + public System.Collections.Generic.IDictionary BodyParameters { get => throw null; } + public System.Threading.CancellationToken CancellationToken { get => throw null; } + public OnBeforeTokenRequestData(System.Collections.Generic.IDictionary bodyParameters, System.Collections.Generic.IDictionary headers, System.Uri requestUri, System.Threading.CancellationToken cancellationToken) => throw null; + public System.Collections.Generic.IDictionary Headers { get => throw null; } + public System.Uri RequestUri { get => throw null; set { } } + } + } + public sealed class GetAuthorizationRequestUrlParameterBuilder : Microsoft.Identity.Client.AbstractConfidentialClientAcquireTokenParameterBuilder + { + public System.Threading.Tasks.Task ExecuteAsync(System.Threading.CancellationToken cancellationToken) => throw null; + public System.Threading.Tasks.Task ExecuteAsync() => throw null; + public Microsoft.Identity.Client.GetAuthorizationRequestUrlParameterBuilder WithAccount(Microsoft.Identity.Client.IAccount account) => throw null; + public Microsoft.Identity.Client.GetAuthorizationRequestUrlParameterBuilder WithCcsRoutingHint(string userObjectIdentifier, string tenantIdentifier) => throw null; + public Microsoft.Identity.Client.GetAuthorizationRequestUrlParameterBuilder WithExtraScopesToConsent(System.Collections.Generic.IEnumerable extraScopesToConsent) => throw null; + public Microsoft.Identity.Client.GetAuthorizationRequestUrlParameterBuilder WithLoginHint(string loginHint) => throw null; + public Microsoft.Identity.Client.GetAuthorizationRequestUrlParameterBuilder WithPkce(out string codeVerifier) => throw null; + public Microsoft.Identity.Client.GetAuthorizationRequestUrlParameterBuilder WithPrompt(Microsoft.Identity.Client.Prompt prompt) => throw null; + public Microsoft.Identity.Client.GetAuthorizationRequestUrlParameterBuilder WithRedirectUri(string redirectUri) => throw null; + } + public interface IAccount + { + string Environment { get; } + Microsoft.Identity.Client.AccountId HomeAccountId { get; } + string Username { get; } + } + public interface IAppConfig + { + System.Collections.Generic.IEnumerable ClientCapabilities { get; } + System.Security.Cryptography.X509Certificates.X509Certificate2 ClientCredentialCertificate { get; } + string ClientId { get; } + string ClientName { get; } + string ClientSecret { get; } + string ClientVersion { get; } + bool EnablePiiLogging { get; } + bool ExperimentalFeaturesEnabled { get; } + System.Collections.Generic.IDictionary ExtraQueryParameters { get; } + Microsoft.Identity.Client.IMsalHttpClientFactory HttpClientFactory { get; } + bool IsBrokerEnabled { get; } + bool IsDefaultPlatformLoggingEnabled { get; } + bool LegacyCacheCompatibilityEnabled { get; } + Microsoft.Identity.Client.LogCallback LoggingCallback { get; } + Microsoft.Identity.Client.LogLevel LogLevel { get; } + System.Func ParentActivityOrWindowFunc { get; } + string RedirectUri { get; } + Microsoft.Identity.Client.ITelemetryConfig TelemetryConfig { get; } + string TenantId { get; } + } + public interface IApplicationBase + { + } + public interface IByRefreshToken + { + Microsoft.Identity.Client.AcquireTokenByRefreshTokenParameterBuilder AcquireTokenByRefreshToken(System.Collections.Generic.IEnumerable scopes, string refreshToken); + System.Threading.Tasks.Task AcquireTokenByRefreshTokenAsync(System.Collections.Generic.IEnumerable scopes, string refreshToken); + } + public interface IClientApplicationBase : Microsoft.Identity.Client.IApplicationBase + { + Microsoft.Identity.Client.AcquireTokenSilentParameterBuilder AcquireTokenSilent(System.Collections.Generic.IEnumerable scopes, Microsoft.Identity.Client.IAccount account); + Microsoft.Identity.Client.AcquireTokenSilentParameterBuilder AcquireTokenSilent(System.Collections.Generic.IEnumerable scopes, string loginHint); + System.Threading.Tasks.Task AcquireTokenSilentAsync(System.Collections.Generic.IEnumerable scopes, Microsoft.Identity.Client.IAccount account); + System.Threading.Tasks.Task AcquireTokenSilentAsync(System.Collections.Generic.IEnumerable scopes, Microsoft.Identity.Client.IAccount account, string authority, bool forceRefresh); + Microsoft.Identity.Client.IAppConfig AppConfig { get; } + string Authority { get; } + string ClientId { get; } + string Component { get; set; } + System.Threading.Tasks.Task GetAccountAsync(string identifier); + System.Threading.Tasks.Task> GetAccountsAsync(); + System.Threading.Tasks.Task> GetAccountsAsync(string userFlow); + Microsoft.Identity.Client.IUser GetUser(string identifier); + string RedirectUri { get; set; } + void Remove(Microsoft.Identity.Client.IUser user); + System.Threading.Tasks.Task RemoveAsync(Microsoft.Identity.Client.IAccount account); + string SliceParameters { get; set; } + System.Collections.Generic.IEnumerable Users { get; } + Microsoft.Identity.Client.ITokenCache UserTokenCache { get; } + bool ValidateAuthority { get; } + } + public interface IConfidentialClientApplication : Microsoft.Identity.Client.IApplicationBase, Microsoft.Identity.Client.IClientApplicationBase + { + Microsoft.Identity.Client.AcquireTokenByAuthorizationCodeParameterBuilder AcquireTokenByAuthorizationCode(System.Collections.Generic.IEnumerable scopes, string authorizationCode); + System.Threading.Tasks.Task AcquireTokenByAuthorizationCodeAsync(string authorizationCode, System.Collections.Generic.IEnumerable scopes); + Microsoft.Identity.Client.AcquireTokenForClientParameterBuilder AcquireTokenForClient(System.Collections.Generic.IEnumerable scopes); + System.Threading.Tasks.Task AcquireTokenForClientAsync(System.Collections.Generic.IEnumerable scopes); + System.Threading.Tasks.Task AcquireTokenForClientAsync(System.Collections.Generic.IEnumerable scopes, bool forceRefresh); + Microsoft.Identity.Client.AcquireTokenOnBehalfOfParameterBuilder AcquireTokenOnBehalfOf(System.Collections.Generic.IEnumerable scopes, Microsoft.Identity.Client.UserAssertion userAssertion); + System.Threading.Tasks.Task AcquireTokenOnBehalfOfAsync(System.Collections.Generic.IEnumerable scopes, Microsoft.Identity.Client.UserAssertion userAssertion); + System.Threading.Tasks.Task AcquireTokenOnBehalfOfAsync(System.Collections.Generic.IEnumerable scopes, Microsoft.Identity.Client.UserAssertion userAssertion, string authority); + Microsoft.Identity.Client.AcquireTokenSilentParameterBuilder AcquireTokenSilent(System.Collections.Generic.IEnumerable scopes, string loginHint); + Microsoft.Identity.Client.ITokenCache AppTokenCache { get; } + System.Threading.Tasks.Task> GetAccountsAsync(); + Microsoft.Identity.Client.GetAuthorizationRequestUrlParameterBuilder GetAuthorizationRequestUrl(System.Collections.Generic.IEnumerable scopes); + System.Threading.Tasks.Task GetAuthorizationRequestUrlAsync(System.Collections.Generic.IEnumerable scopes, string loginHint, string extraQueryParameters); + System.Threading.Tasks.Task GetAuthorizationRequestUrlAsync(System.Collections.Generic.IEnumerable scopes, string redirectUri, string loginHint, string extraQueryParameters, System.Collections.Generic.IEnumerable extraScopesToConsent, string authority); + } + public interface IConfidentialClientApplicationWithCertificate + { + System.Threading.Tasks.Task AcquireTokenForClientWithCertificateAsync(System.Collections.Generic.IEnumerable scopes); + System.Threading.Tasks.Task AcquireTokenForClientWithCertificateAsync(System.Collections.Generic.IEnumerable scopes, bool forceRefresh); + System.Threading.Tasks.Task AcquireTokenOnBehalfOfWithCertificateAsync(System.Collections.Generic.IEnumerable scopes, Microsoft.Identity.Client.UserAssertion userAssertion); + System.Threading.Tasks.Task AcquireTokenOnBehalfOfWithCertificateAsync(System.Collections.Generic.IEnumerable scopes, Microsoft.Identity.Client.UserAssertion userAssertion, string authority); + } + public interface ILongRunningWebApi + { + Microsoft.Identity.Client.AcquireTokenOnBehalfOfParameterBuilder AcquireTokenInLongRunningProcess(System.Collections.Generic.IEnumerable scopes, string longRunningProcessSessionKey); + Microsoft.Identity.Client.AcquireTokenOnBehalfOfParameterBuilder InitiateLongRunningProcessInWebApi(System.Collections.Generic.IEnumerable scopes, string userToken, ref string longRunningProcessSessionKey); + } + public interface IManagedIdentityApplication : Microsoft.Identity.Client.IApplicationBase + { + Microsoft.Identity.Client.AcquireTokenForManagedIdentityParameterBuilder AcquireTokenForManagedIdentity(string resource); + } + public interface IMsalHttpClientFactory + { + System.Net.Http.HttpClient GetHttpClient(); + } + public class IntuneAppProtectionPolicyRequiredException : Microsoft.Identity.Client.MsalServiceException + { + public string AccountUserId { get => throw null; set { } } + public string AuthorityUrl { get => throw null; set { } } + public IntuneAppProtectionPolicyRequiredException(string errorCode, string errorMessage) : base(default(string), default(string)) => throw null; + public string TenantId { get => throw null; set { } } + public string Upn { get => throw null; set { } } + } + public interface IPublicClientApplication : Microsoft.Identity.Client.IApplicationBase, Microsoft.Identity.Client.IClientApplicationBase + { + System.Threading.Tasks.Task AcquireTokenAsync(System.Collections.Generic.IEnumerable scopes); + System.Threading.Tasks.Task AcquireTokenAsync(System.Collections.Generic.IEnumerable scopes, string loginHint); + System.Threading.Tasks.Task AcquireTokenAsync(System.Collections.Generic.IEnumerable scopes, Microsoft.Identity.Client.IAccount account); + System.Threading.Tasks.Task AcquireTokenAsync(System.Collections.Generic.IEnumerable scopes, string loginHint, Microsoft.Identity.Client.Prompt prompt, string extraQueryParameters); + System.Threading.Tasks.Task AcquireTokenAsync(System.Collections.Generic.IEnumerable scopes, Microsoft.Identity.Client.IAccount account, Microsoft.Identity.Client.Prompt prompt, string extraQueryParameters); + System.Threading.Tasks.Task AcquireTokenAsync(System.Collections.Generic.IEnumerable scopes, string loginHint, Microsoft.Identity.Client.Prompt prompt, string extraQueryParameters, System.Collections.Generic.IEnumerable extraScopesToConsent, string authority); + System.Threading.Tasks.Task AcquireTokenAsync(System.Collections.Generic.IEnumerable scopes, Microsoft.Identity.Client.IAccount account, Microsoft.Identity.Client.Prompt prompt, string extraQueryParameters, System.Collections.Generic.IEnumerable extraScopesToConsent, string authority); + System.Threading.Tasks.Task AcquireTokenAsync(System.Collections.Generic.IEnumerable scopes, Microsoft.Identity.Client.UIParent parent); + System.Threading.Tasks.Task AcquireTokenAsync(System.Collections.Generic.IEnumerable scopes, string loginHint, Microsoft.Identity.Client.UIParent parent); + System.Threading.Tasks.Task AcquireTokenAsync(System.Collections.Generic.IEnumerable scopes, Microsoft.Identity.Client.IAccount account, Microsoft.Identity.Client.UIParent parent); + System.Threading.Tasks.Task AcquireTokenAsync(System.Collections.Generic.IEnumerable scopes, string loginHint, Microsoft.Identity.Client.Prompt prompt, string extraQueryParameters, Microsoft.Identity.Client.UIParent parent); + System.Threading.Tasks.Task AcquireTokenAsync(System.Collections.Generic.IEnumerable scopes, Microsoft.Identity.Client.IAccount account, Microsoft.Identity.Client.Prompt prompt, string extraQueryParameters, Microsoft.Identity.Client.UIParent parent); + System.Threading.Tasks.Task AcquireTokenAsync(System.Collections.Generic.IEnumerable scopes, string loginHint, Microsoft.Identity.Client.Prompt prompt, string extraQueryParameters, System.Collections.Generic.IEnumerable extraScopesToConsent, string authority, Microsoft.Identity.Client.UIParent parent); + System.Threading.Tasks.Task AcquireTokenAsync(System.Collections.Generic.IEnumerable scopes, Microsoft.Identity.Client.IAccount account, Microsoft.Identity.Client.Prompt prompt, string extraQueryParameters, System.Collections.Generic.IEnumerable extraScopesToConsent, string authority, Microsoft.Identity.Client.UIParent parent); + Microsoft.Identity.Client.AcquireTokenByIntegratedWindowsAuthParameterBuilder AcquireTokenByIntegratedWindowsAuth(System.Collections.Generic.IEnumerable scopes); + System.Threading.Tasks.Task AcquireTokenByIntegratedWindowsAuthAsync(System.Collections.Generic.IEnumerable scopes); + System.Threading.Tasks.Task AcquireTokenByIntegratedWindowsAuthAsync(System.Collections.Generic.IEnumerable scopes, string username); + Microsoft.Identity.Client.AcquireTokenByUsernamePasswordParameterBuilder AcquireTokenByUsernamePassword(System.Collections.Generic.IEnumerable scopes, string username, System.Security.SecureString password); + Microsoft.Identity.Client.AcquireTokenByUsernamePasswordParameterBuilder AcquireTokenByUsernamePassword(System.Collections.Generic.IEnumerable scopes, string username, string password); + System.Threading.Tasks.Task AcquireTokenByUsernamePasswordAsync(System.Collections.Generic.IEnumerable scopes, string username, System.Security.SecureString securePassword); + Microsoft.Identity.Client.AcquireTokenInteractiveParameterBuilder AcquireTokenInteractive(System.Collections.Generic.IEnumerable scopes); + Microsoft.Identity.Client.AcquireTokenWithDeviceCodeParameterBuilder AcquireTokenWithDeviceCode(System.Collections.Generic.IEnumerable scopes, System.Func deviceCodeResultCallback); + System.Threading.Tasks.Task AcquireTokenWithDeviceCodeAsync(System.Collections.Generic.IEnumerable scopes, System.Func deviceCodeResultCallback); + System.Threading.Tasks.Task AcquireTokenWithDeviceCodeAsync(System.Collections.Generic.IEnumerable scopes, string extraQueryParameters, System.Func deviceCodeResultCallback); + System.Threading.Tasks.Task AcquireTokenWithDeviceCodeAsync(System.Collections.Generic.IEnumerable scopes, System.Func deviceCodeResultCallback, System.Threading.CancellationToken cancellationToken); + System.Threading.Tasks.Task AcquireTokenWithDeviceCodeAsync(System.Collections.Generic.IEnumerable scopes, string extraQueryParameters, System.Func deviceCodeResultCallback, System.Threading.CancellationToken cancellationToken); + bool IsSystemWebViewAvailable { get; } + } + public interface ITelemetryConfig + { + Microsoft.Identity.Client.TelemetryAudienceType AudienceType { get; } + System.Action DispatchAction { get; } + string SessionId { get; } + } + public interface ITelemetryEventPayload + { + System.Collections.Generic.IReadOnlyDictionary BoolValues { get; } + System.Collections.Generic.IReadOnlyDictionary Int64Values { get; } + System.Collections.Generic.IReadOnlyDictionary IntValues { get; } + string Name { get; } + System.Collections.Generic.IReadOnlyDictionary StringValues { get; } + string ToJsonString(); + } + public interface ITokenCache + { + void Deserialize(byte[] msalV2State); + void DeserializeAdalV3(byte[] adalV3State); + void DeserializeMsalV2(byte[] msalV2State); + void DeserializeMsalV3(byte[] msalV3State, bool shouldClearExistingCache = default(bool)); + void DeserializeUnifiedAndAdalCache(Microsoft.Identity.Client.Cache.CacheData cacheData); + byte[] Serialize(); + byte[] SerializeAdalV3(); + byte[] SerializeMsalV2(); + byte[] SerializeMsalV3(); + Microsoft.Identity.Client.Cache.CacheData SerializeUnifiedAndAdalCache(); + void SetAfterAccess(Microsoft.Identity.Client.TokenCacheCallback afterAccess); + void SetAfterAccessAsync(System.Func afterAccess); + void SetBeforeAccess(Microsoft.Identity.Client.TokenCacheCallback beforeAccess); + void SetBeforeAccessAsync(System.Func beforeAccess); + void SetBeforeWrite(Microsoft.Identity.Client.TokenCacheCallback beforeWrite); + void SetBeforeWriteAsync(System.Func beforeWrite); + } + public interface ITokenCacheSerializer + { + void DeserializeAdalV3(byte[] adalV3State); + void DeserializeMsalV2(byte[] msalV2State); + void DeserializeMsalV3(byte[] msalV3State, bool shouldClearExistingCache = default(bool)); + byte[] SerializeAdalV3(); + byte[] SerializeMsalV2(); + byte[] SerializeMsalV3(); + } + public interface IUser + { + string DisplayableId { get; } + string Identifier { get; } + string IdentityProvider { get; } + string Name { get; } + } + namespace Kerberos + { + public enum KerberosKeyTypes + { + None = 0, + DecCbcCrc = 1, + DesCbcMd5 = 3, + Aes128CtsHmacSha196 = 17, + Aes256CtsHmacSha196 = 18, + } + public class KerberosSupplementalTicket + { + public string ClientKey { get => throw null; set { } } + public string ClientName { get => throw null; set { } } + public KerberosSupplementalTicket() => throw null; + public KerberosSupplementalTicket(string errorMessage) => throw null; + public string ErrorMessage { get => throw null; set { } } + public string KerberosMessageBuffer { get => throw null; set { } } + public Microsoft.Identity.Client.Kerberos.KerberosKeyTypes KeyType { get => throw null; set { } } + public string Realm { get => throw null; set { } } + public string ServicePrincipalName { get => throw null; set { } } + public override string ToString() => throw null; + } + public static class KerberosSupplementalTicketManager + { + public static Microsoft.Identity.Client.Kerberos.KerberosSupplementalTicket FromIdToken(string idToken) => throw null; + public static byte[] GetKerberosTicketFromWindowsTicketCache(string servicePrincipalName) => throw null; + public static byte[] GetKerberosTicketFromWindowsTicketCache(string servicePrincipalName, long logonId) => throw null; + public static byte[] GetKrbCred(Microsoft.Identity.Client.Kerberos.KerberosSupplementalTicket ticket) => throw null; + public static void SaveToWindowsTicketCache(Microsoft.Identity.Client.Kerberos.KerberosSupplementalTicket ticket) => throw null; + public static void SaveToWindowsTicketCache(Microsoft.Identity.Client.Kerberos.KerberosSupplementalTicket ticket, long logonId) => throw null; + } + public enum KerberosTicketContainer + { + IdToken = 0, + AccessToken = 1, + } + } + public delegate void LogCallback(Microsoft.Identity.Client.LogLevel level, string message, bool containsPii); + public sealed class Logger + { + public Logger() => throw null; + public static bool DefaultLoggingEnabled { get => throw null; set { } } + public static Microsoft.Identity.Client.LogLevel Level { get => throw null; set { } } + public static Microsoft.Identity.Client.LogCallback LogCallback { set { } } + public static bool PiiLoggingEnabled { get => throw null; set { } } + } + public enum LogLevel + { + Always = -1, + Error = 0, + Warning = 1, + Info = 2, + Verbose = 3, + } + namespace ManagedIdentity + { + public enum ManagedIdentitySource + { + None = 0, + Imds = 1, + AppService = 2, + AzureArc = 3, + CloudShell = 4, + ServiceFabric = 5, + DefaultToImds = 6, + } + } + public sealed class ManagedIdentityApplication : Microsoft.Identity.Client.ApplicationBase, Microsoft.Identity.Client.IApplicationBase, Microsoft.Identity.Client.IManagedIdentityApplication + { + public Microsoft.Identity.Client.AcquireTokenForManagedIdentityParameterBuilder AcquireTokenForManagedIdentity(string resource) => throw null; + public static Microsoft.Identity.Client.ManagedIdentity.ManagedIdentitySource GetManagedIdentitySource() => throw null; + } + public sealed class ManagedIdentityApplicationBuilder : Microsoft.Identity.Client.BaseAbstractApplicationBuilder + { + public Microsoft.Identity.Client.IManagedIdentityApplication Build() => throw null; + public static Microsoft.Identity.Client.ManagedIdentityApplicationBuilder Create(Microsoft.Identity.Client.AppConfig.ManagedIdentityId managedIdentityId) => throw null; + public Microsoft.Identity.Client.ManagedIdentityApplicationBuilder WithTelemetryClient(params Microsoft.IdentityModel.Abstractions.ITelemetryClient[] telemetryClients) => throw null; + } + public class Metrics + { + public static long TotalAccessTokensFromBroker { get => throw null; } + public static long TotalAccessTokensFromCache { get => throw null; } + public static long TotalAccessTokensFromIdP { get => throw null; } + public static long TotalDurationInMs { get => throw null; } + } + public class MsalClaimsChallengeException : Microsoft.Identity.Client.MsalUiRequiredException + { + public MsalClaimsChallengeException(string errorCode, string errorMessage) : base(default(string), default(string)) => throw null; + public MsalClaimsChallengeException(string errorCode, string errorMessage, System.Exception innerException) : base(default(string), default(string)) => throw null; + public MsalClaimsChallengeException(string errorCode, string errorMessage, System.Exception innerException, Microsoft.Identity.Client.UiRequiredExceptionClassification classification) : base(default(string), default(string)) => throw null; + } + public class MsalClientException : Microsoft.Identity.Client.MsalException + { + public MsalClientException(string errorCode) => throw null; + public MsalClientException(string errorCode, string errorMessage) => throw null; + public MsalClientException(string errorCode, string errorMessage, System.Exception innerException) => throw null; + } + public static class MsalError + { + public const string AccessDenied = default; + public const string AccessingWsMetadataExchangeFailed = default; + public const string AccessTokenTypeMissing = default; + public const string ActivityRequired = default; + public const string AdfsNotSupportedWithBroker = default; + public const string AndroidBrokerOperationFailed = default; + public const string AndroidBrokerSignatureVerificationFailed = default; + public const string AuthenticationCanceledError = default; + public const string AuthenticationFailed = default; + public const string AuthenticationUiFailed = default; + public const string AuthenticationUiFailedError = default; + public const string AuthorityHostMismatch = default; + public const string AuthorityTenantSpecifiedTwice = default; + public const string AuthorityTypeMismatch = default; + public const string AuthorityValidationFailed = default; + public const string B2CAuthorityHostMismatch = default; + public const string BrokerApplicationRequired = default; + public const string BrokerDoesNotSupportPop = default; + public const string BrokerNonceMismatch = default; + public const string BrokerRequiredForPop = default; + public const string BrokerResponseHashMismatch = default; + public const string BrokerResponseReturnedError = default; + public const string CannotAccessUserInformationOrUserNotDomainJoined = default; + public const string CannotInvokeBroker = default; + public const string CertificateNotRsa = default; + public const string CertWithoutPrivateKey = default; + public const string ClientCredentialAuthenticationTypeMustBeDefined = default; + public const string ClientCredentialAuthenticationTypesAreMutuallyExclusive = default; + public const string CodeExpired = default; + public const string CombinedUserAppCacheNotSupported = default; + public const string CryptographicError = default; + public const string CurrentBrokerAccount = default; + public const string CustomMetadataInstanceOrUri = default; + public const string CustomWebUiRedirectUriMismatch = default; + public const string CustomWebUiReturnedInvalidUri = default; + public const string DefaultRedirectUriIsInvalid = default; + public const string DeviceCertificateNotFound = default; + public const string DuplicateQueryParameterError = default; + public const string EncodedTokenTooLong = default; + public const string ExactlyOneScopeExpected = default; + public const string ExperimentalFeature = default; + public const string FailedToAcquireTokenSilentlyFromBroker = default; + public const string FailedToGetBrokerResponse = default; + public const string FailedToRefreshToken = default; + public const string FederatedServiceReturnedError = default; + public const string GetUserNameFailed = default; + public const string HttpListenerError = default; + public const string HttpStatusCodeNotOk = default; + public const string HttpStatusNotFound = default; + public const string InitializeProcessSecurityError = default; + public const string IntegratedWindowsAuthenticationFailed = default; + public const string IntegratedWindowsAuthNotSupportedForManagedUser = default; + public const string InteractionRequired = default; + public const string InternalError = default; + public const string InvalidAdalCacheMultipleRTs = default; + public const string InvalidAuthority = default; + public const string InvalidAuthorityType = default; + public const string InvalidAuthorizationUri = default; + public const string InvalidClient = default; + public const string InvalidGrantError = default; + public const string InvalidInstance = default; + public const string InvalidJsonClaimsFormat = default; + public const string InvalidJwtError = default; + public const string InvalidManagedIdentityEndpoint = default; + public const string InvalidManagedIdentityResponse = default; + public const string InvalidOwnerWindowType = default; + public const string InvalidRequest = default; + public const string InvalidTokenProviderResponseValue = default; + public const string InvalidUserInstanceMetadata = default; + public const string JsonParseError = default; + public const string LinuxXdgOpen = default; + public const string LoopbackRedirectUri = default; + public const string LoopbackResponseUriMismatch = default; + public const string ManagedIdentityRequestFailed = default; + public const string ManagedIdentityUnreachableNetwork = default; + public const string MissingFederationMetadataUrl = default; + public const string MissingPassiveAuthEndpoint = default; + public const string MultipleAccountsForLoginHint = default; + public const string MultipleTokensMatchedError = default; + public const string NetworkNotAvailableError = default; + public const string NoAccountForLoginHint = default; + public const string NoAndroidBrokerAccountFound = default; + public const string NoAndroidBrokerInstalledOnDevice = default; + public const string NoClientId = default; + public const string NonceRequiredForPopOnPCA = default; + public const string NonHttpsRedirectNotSupported = default; + public const string NonParsableOAuthError = default; + public const string NoPromptFailedError = default; + public const string NoRedirectUri = default; + public const string NoTokensFoundError = default; + public const string NoUsernameOrAccountIDProvidedForSilentAndroidBrokerAuthentication = default; + public const string NullIntentReturnedFromAndroidBroker = default; + public const string OboCacheKeyNotInCacheError = default; + public const string ParsingWsMetadataExchangeFailed = default; + public const string ParsingWsTrustResponseFailed = default; + public const string PasswordRequiredForManagedUserError = default; + public const string PlatformNotSupported = default; + public const string RedirectUriValidationFailed = default; + public const string RegionalAndAuthorityOverride = default; + public const string RegionalAuthorityValidation = default; + public const string RegionDiscoveryFailed = default; + public const string RegionDiscoveryNotEnabled = default; + public const string RegionDiscoveryWithCustomInstanceMetadata = default; + public const string RequestThrottled = default; + public const string RequestTimeout = default; + public const string RopcDoesNotSupportMsaAccounts = default; + public const string ScopesRequired = default; + public const string ServiceNotAvailable = default; + public const string SetCiamAuthorityAtRequestLevelNotSupported = default; + public const string SSHCertUsedAsHttpHeader = default; + public const string StateMismatchError = default; + public const string StaticCacheWithExternalSerialization = default; + public const string SystemWebviewOptionsNotApplicable = default; + public const string TelemetryConfigOrTelemetryCallback = default; + public const string TenantDiscoveryFailedError = default; + public const string TenantOverrideNonAad = default; + public const string TokenCacheNullError = default; + public const string TokenTypeMismatch = default; + public const string UapCannotFindDomainUser = default; + public const string UapCannotFindUpn = default; + public const string UnableToParseAuthenticationHeader = default; + public const string UnauthorizedClient = default; + public const string UnknownBrokerError = default; + public const string UnknownError = default; + public const string UnknownManagedIdentityError = default; + public const string UnknownUser = default; + public const string UnknownUserType = default; + public const string UpnRequired = default; + public const string UserAssertionNullError = default; + public const string UserAssignedManagedIdentityNotConfigurableAtRuntime = default; + public const string UserAssignedManagedIdentityNotSupported = default; + public const string UserMismatch = default; + public const string UserNullError = default; + public const string UserRealmDiscoveryFailed = default; + public const string ValidateAuthorityOrCustomMetadata = default; + public const string WABError = default; + public const string WamFailedToSignout = default; + public const string WamInteractiveError = default; + public const string WamNoB2C = default; + public const string WamPickerError = default; + public const string WamScopesRequired = default; + public const string WamUiThread = default; + public const string WebView2LoaderNotFound = default; + public const string WebView2NotInstalled = default; + public const string WebviewUnavailable = default; + public const string WsTrustEndpointNotFoundInMetadataDocument = default; + } + public class MsalException : System.Exception + { + public System.Collections.Generic.IReadOnlyDictionary AdditionalExceptionData { get => throw null; set { } } + public const string BrokerErrorCode = default; + public const string BrokerErrorContext = default; + public const string BrokerErrorStatus = default; + public const string BrokerErrorTag = default; + public const string BrokerTelemetry = default; + public string CorrelationId { get => throw null; set { } } + public MsalException() => throw null; + public MsalException(string errorCode) => throw null; + public MsalException(string errorCode, string errorMessage) => throw null; + public MsalException(string errorCode, string errorMessage, System.Exception innerException) => throw null; + public string ErrorCode { get => throw null; } + public static Microsoft.Identity.Client.MsalException FromJsonString(string json) => throw null; + public bool IsRetryable { get => throw null; set { } } + public const string ManagedIdentitySource = default; + public string ToJsonString() => throw null; + public override string ToString() => throw null; + } + public class MsalManagedIdentityException : Microsoft.Identity.Client.MsalServiceException + { + public MsalManagedIdentityException(string errorCode, string errorMessage, Microsoft.Identity.Client.ManagedIdentity.ManagedIdentitySource source) : base(default(string), default(string)) => throw null; + public MsalManagedIdentityException(string errorCode, string errorMessage, Microsoft.Identity.Client.ManagedIdentity.ManagedIdentitySource source, int statusCode) : base(default(string), default(string)) => throw null; + public MsalManagedIdentityException(string errorCode, string errorMessage, System.Exception innerException, Microsoft.Identity.Client.ManagedIdentity.ManagedIdentitySource source, int statusCode) : base(default(string), default(string)) => throw null; + public MsalManagedIdentityException(string errorCode, string errorMessage, System.Exception innerException, Microsoft.Identity.Client.ManagedIdentity.ManagedIdentitySource source) : base(default(string), default(string)) => throw null; + public Microsoft.Identity.Client.ManagedIdentity.ManagedIdentitySource ManagedIdentitySource { get => throw null; } + protected override void UpdateIsRetryable() => throw null; + } + public class MsalServiceException : Microsoft.Identity.Client.MsalException + { + public string Claims { get => throw null; } + public MsalServiceException(string errorCode, string errorMessage) => throw null; + public MsalServiceException(string errorCode, string errorMessage, int statusCode) => throw null; + public MsalServiceException(string errorCode, string errorMessage, System.Exception innerException) => throw null; + public MsalServiceException(string errorCode, string errorMessage, int statusCode, System.Exception innerException) => throw null; + public MsalServiceException(string errorCode, string errorMessage, int statusCode, string claims, System.Exception innerException) => throw null; + public System.Net.Http.Headers.HttpResponseHeaders Headers { get => throw null; set { } } + public string ResponseBody { get => throw null; set { } } + public int StatusCode { get => throw null; } + public override string ToString() => throw null; + protected virtual void UpdateIsRetryable() => throw null; + } + public class MsalThrottledServiceException : Microsoft.Identity.Client.MsalServiceException + { + public MsalThrottledServiceException(Microsoft.Identity.Client.MsalServiceException originalException) : base(default(string), default(string)) => throw null; + public Microsoft.Identity.Client.MsalServiceException OriginalServiceException { get => throw null; } + } + public class MsalThrottledUiRequiredException : Microsoft.Identity.Client.MsalUiRequiredException + { + public MsalThrottledUiRequiredException(Microsoft.Identity.Client.MsalUiRequiredException originalException) : base(default(string), default(string)) => throw null; + public Microsoft.Identity.Client.MsalUiRequiredException OriginalServiceException { get => throw null; } + } + public class MsalUiRequiredException : Microsoft.Identity.Client.MsalServiceException + { + public Microsoft.Identity.Client.UiRequiredExceptionClassification Classification { get => throw null; } + public MsalUiRequiredException(string errorCode, string errorMessage) : base(default(string), default(string)) => throw null; + public MsalUiRequiredException(string errorCode, string errorMessage, System.Exception innerException) : base(default(string), default(string)) => throw null; + public MsalUiRequiredException(string errorCode, string errorMessage, System.Exception innerException, Microsoft.Identity.Client.UiRequiredExceptionClassification classification) : base(default(string), default(string)) => throw null; + } + public static partial class OsCapabilitiesExtensions + { + public static System.Security.Cryptography.X509Certificates.X509Certificate2 GetCertificate(this Microsoft.Identity.Client.IConfidentialClientApplication confidentialClientApplication) => throw null; + public static bool IsEmbeddedWebViewAvailable(this Microsoft.Identity.Client.IPublicClientApplication publicClientApplication) => throw null; + public static bool IsSystemWebViewAvailable(this Microsoft.Identity.Client.IPublicClientApplication publicClientApplication) => throw null; + public static bool IsUserInteractive(this Microsoft.Identity.Client.IPublicClientApplication publicClientApplication) => throw null; + } + namespace Platforms + { + namespace Features + { + namespace DesktopOs + { + namespace Kerberos + { + public abstract class Credential + { + protected Credential() => throw null; + public static Microsoft.Identity.Client.Platforms.Features.DesktopOs.Kerberos.Credential Current() => throw null; + } + } + } + } + } + public struct Prompt + { + public static readonly Microsoft.Identity.Client.Prompt Consent; + public static readonly Microsoft.Identity.Client.Prompt Create; + public override bool Equals(object obj) => throw null; + public static readonly Microsoft.Identity.Client.Prompt ForceLogin; + public override int GetHashCode() => throw null; + public static readonly Microsoft.Identity.Client.Prompt NoPrompt; + public static bool operator ==(Microsoft.Identity.Client.Prompt x, Microsoft.Identity.Client.Prompt y) => throw null; + public static bool operator !=(Microsoft.Identity.Client.Prompt x, Microsoft.Identity.Client.Prompt y) => throw null; + public static readonly Microsoft.Identity.Client.Prompt SelectAccount; + } + public sealed class PublicClientApplication : Microsoft.Identity.Client.ClientApplicationBase, Microsoft.Identity.Client.IApplicationBase, Microsoft.Identity.Client.IByRefreshToken, Microsoft.Identity.Client.IClientApplicationBase, Microsoft.Identity.Client.IPublicClientApplication + { + public System.Threading.Tasks.Task AcquireTokenAsync(System.Collections.Generic.IEnumerable scopes) => throw null; + public System.Threading.Tasks.Task AcquireTokenAsync(System.Collections.Generic.IEnumerable scopes, string loginHint) => throw null; + public System.Threading.Tasks.Task AcquireTokenAsync(System.Collections.Generic.IEnumerable scopes, Microsoft.Identity.Client.IAccount account) => throw null; + public System.Threading.Tasks.Task AcquireTokenAsync(System.Collections.Generic.IEnumerable scopes, string loginHint, Microsoft.Identity.Client.Prompt prompt, string extraQueryParameters) => throw null; + public System.Threading.Tasks.Task AcquireTokenAsync(System.Collections.Generic.IEnumerable scopes, Microsoft.Identity.Client.IAccount account, Microsoft.Identity.Client.Prompt prompt, string extraQueryParameters) => throw null; + public System.Threading.Tasks.Task AcquireTokenAsync(System.Collections.Generic.IEnumerable scopes, string loginHint, Microsoft.Identity.Client.Prompt prompt, string extraQueryParameters, System.Collections.Generic.IEnumerable extraScopesToConsent, string authority) => throw null; + public System.Threading.Tasks.Task AcquireTokenAsync(System.Collections.Generic.IEnumerable scopes, Microsoft.Identity.Client.IAccount account, Microsoft.Identity.Client.Prompt prompt, string extraQueryParameters, System.Collections.Generic.IEnumerable extraScopesToConsent, string authority) => throw null; + public System.Threading.Tasks.Task AcquireTokenAsync(System.Collections.Generic.IEnumerable scopes, Microsoft.Identity.Client.UIParent parent) => throw null; + public System.Threading.Tasks.Task AcquireTokenAsync(System.Collections.Generic.IEnumerable scopes, string loginHint, Microsoft.Identity.Client.UIParent parent) => throw null; + public System.Threading.Tasks.Task AcquireTokenAsync(System.Collections.Generic.IEnumerable scopes, Microsoft.Identity.Client.IAccount account, Microsoft.Identity.Client.UIParent parent) => throw null; + public System.Threading.Tasks.Task AcquireTokenAsync(System.Collections.Generic.IEnumerable scopes, string loginHint, Microsoft.Identity.Client.Prompt prompt, string extraQueryParameters, Microsoft.Identity.Client.UIParent parent) => throw null; + public System.Threading.Tasks.Task AcquireTokenAsync(System.Collections.Generic.IEnumerable scopes, Microsoft.Identity.Client.IAccount account, Microsoft.Identity.Client.Prompt prompt, string extraQueryParameters, Microsoft.Identity.Client.UIParent parent) => throw null; + public System.Threading.Tasks.Task AcquireTokenAsync(System.Collections.Generic.IEnumerable scopes, string loginHint, Microsoft.Identity.Client.Prompt prompt, string extraQueryParameters, System.Collections.Generic.IEnumerable extraScopesToConsent, string authority, Microsoft.Identity.Client.UIParent parent) => throw null; + public System.Threading.Tasks.Task AcquireTokenAsync(System.Collections.Generic.IEnumerable scopes, Microsoft.Identity.Client.IAccount account, Microsoft.Identity.Client.Prompt prompt, string extraQueryParameters, System.Collections.Generic.IEnumerable extraScopesToConsent, string authority, Microsoft.Identity.Client.UIParent parent) => throw null; + public Microsoft.Identity.Client.AcquireTokenByIntegratedWindowsAuthParameterBuilder AcquireTokenByIntegratedWindowsAuth(System.Collections.Generic.IEnumerable scopes) => throw null; + public System.Threading.Tasks.Task AcquireTokenByIntegratedWindowsAuthAsync(System.Collections.Generic.IEnumerable scopes) => throw null; + public System.Threading.Tasks.Task AcquireTokenByIntegratedWindowsAuthAsync(System.Collections.Generic.IEnumerable scopes, string username) => throw null; + Microsoft.Identity.Client.AcquireTokenByRefreshTokenParameterBuilder Microsoft.Identity.Client.IByRefreshToken.AcquireTokenByRefreshToken(System.Collections.Generic.IEnumerable scopes, string refreshToken) => throw null; + System.Threading.Tasks.Task Microsoft.Identity.Client.IByRefreshToken.AcquireTokenByRefreshTokenAsync(System.Collections.Generic.IEnumerable scopes, string refreshToken) => throw null; + public Microsoft.Identity.Client.AcquireTokenByUsernamePasswordParameterBuilder AcquireTokenByUsernamePassword(System.Collections.Generic.IEnumerable scopes, string username, System.Security.SecureString password) => throw null; + public Microsoft.Identity.Client.AcquireTokenByUsernamePasswordParameterBuilder AcquireTokenByUsernamePassword(System.Collections.Generic.IEnumerable scopes, string username, string password) => throw null; + public System.Threading.Tasks.Task AcquireTokenByUsernamePasswordAsync(System.Collections.Generic.IEnumerable scopes, string username, System.Security.SecureString securePassword) => throw null; + public Microsoft.Identity.Client.AcquireTokenInteractiveParameterBuilder AcquireTokenInteractive(System.Collections.Generic.IEnumerable scopes) => throw null; + public Microsoft.Identity.Client.AcquireTokenWithDeviceCodeParameterBuilder AcquireTokenWithDeviceCode(System.Collections.Generic.IEnumerable scopes, System.Func deviceCodeResultCallback) => throw null; + public System.Threading.Tasks.Task AcquireTokenWithDeviceCodeAsync(System.Collections.Generic.IEnumerable scopes, System.Func deviceCodeResultCallback) => throw null; + public System.Threading.Tasks.Task AcquireTokenWithDeviceCodeAsync(System.Collections.Generic.IEnumerable scopes, string extraQueryParameters, System.Func deviceCodeResultCallback) => throw null; + public System.Threading.Tasks.Task AcquireTokenWithDeviceCodeAsync(System.Collections.Generic.IEnumerable scopes, System.Func deviceCodeResultCallback, System.Threading.CancellationToken cancellationToken) => throw null; + public System.Threading.Tasks.Task AcquireTokenWithDeviceCodeAsync(System.Collections.Generic.IEnumerable scopes, string extraQueryParameters, System.Func deviceCodeResultCallback, System.Threading.CancellationToken cancellationToken) => throw null; + public PublicClientApplication(string clientId) => throw null; + public PublicClientApplication(string clientId, string authority) => throw null; + public PublicClientApplication(string clientId, string authority, Microsoft.Identity.Client.TokenCache userTokenCache) => throw null; + public bool IsBrokerAvailable() => throw null; + public bool IsEmbeddedWebViewAvailable() => throw null; + public bool IsProofOfPossessionSupportedByClient() => throw null; + public bool IsSystemWebViewAvailable { get => throw null; } + public bool IsUserInteractive() => throw null; + public static Microsoft.Identity.Client.IAccount OperatingSystemAccount { get => throw null; } + } + public sealed class PublicClientApplicationBuilder : Microsoft.Identity.Client.AbstractApplicationBuilder + { + public Microsoft.Identity.Client.IPublicClientApplication Build() => throw null; + public static Microsoft.Identity.Client.PublicClientApplicationBuilder Create(string clientId) => throw null; + public static Microsoft.Identity.Client.PublicClientApplicationBuilder CreateWithApplicationOptions(Microsoft.Identity.Client.PublicClientApplicationOptions options) => throw null; + public bool IsBrokerAvailable() => throw null; + public Microsoft.Identity.Client.PublicClientApplicationBuilder WithBroker(bool enableBroker = default(bool)) => throw null; + public Microsoft.Identity.Client.PublicClientApplicationBuilder WithDefaultRedirectUri() => throw null; + public Microsoft.Identity.Client.PublicClientApplicationBuilder WithIosKeychainSecurityGroup(string keychainSecurityGroup) => throw null; + public Microsoft.Identity.Client.PublicClientApplicationBuilder WithKerberosTicketClaim(string servicePrincipalName, Microsoft.Identity.Client.Kerberos.KerberosTicketContainer ticketContainer) => throw null; + public Microsoft.Identity.Client.PublicClientApplicationBuilder WithMultiCloudSupport(bool enableMultiCloudSupport) => throw null; + public Microsoft.Identity.Client.PublicClientApplicationBuilder WithOidcAuthority(string authorityUri) => throw null; + public Microsoft.Identity.Client.PublicClientApplicationBuilder WithParentActivityOrWindow(System.Func parentActivityOrWindowFunc) => throw null; + public Microsoft.Identity.Client.PublicClientApplicationBuilder WithParentActivityOrWindow(System.Func windowFunc) => throw null; + public Microsoft.Identity.Client.PublicClientApplicationBuilder WithWindowsBrokerOptions(Microsoft.Identity.Client.WindowsBrokerOptions options) => throw null; + } + public static partial class PublicClientApplicationExtensions + { + public static bool IsProofOfPossessionSupportedByClient(this Microsoft.Identity.Client.IPublicClientApplication app) => throw null; + } + public class PublicClientApplicationOptions : Microsoft.Identity.Client.ApplicationOptions + { + public PublicClientApplicationOptions() => throw null; + } + namespace Region + { + public enum RegionOutcome + { + None = 0, + UserProvidedValid = 1, + UserProvidedAutodetectionFailed = 2, + UserProvidedInvalid = 3, + AutodetectSuccess = 4, + FallbackToGlobal = 5, + } + } + public class RegionDetails + { + public string AutoDetectionError { get => throw null; } + public RegionDetails(Microsoft.Identity.Client.Region.RegionOutcome regionOutcome, string regionUsed, string autoDetectionError) => throw null; + public Microsoft.Identity.Client.Region.RegionOutcome RegionOutcome { get => throw null; } + public string RegionUsed { get => throw null; } + } + namespace SSHCertificates + { + public static partial class SSHExtensions + { + public static Microsoft.Identity.Client.AcquireTokenInteractiveParameterBuilder WithSSHCertificateAuthenticationScheme(this Microsoft.Identity.Client.AcquireTokenInteractiveParameterBuilder builder, string publicKeyJwk, string keyId) => throw null; + public static Microsoft.Identity.Client.AcquireTokenSilentParameterBuilder WithSSHCertificateAuthenticationScheme(this Microsoft.Identity.Client.AcquireTokenSilentParameterBuilder builder, string publicKeyJwk, string keyId) => throw null; + } + } + public class SystemWebViewOptions + { + public System.Uri BrowserRedirectError { get => throw null; set { } } + public System.Uri BrowserRedirectSuccess { get => throw null; set { } } + public SystemWebViewOptions() => throw null; + public string HtmlMessageError { get => throw null; set { } } + public string HtmlMessageSuccess { get => throw null; set { } } + public bool iOSHidePrivacyPrompt { get => throw null; set { } } + public System.Func OpenBrowserAsync { get => throw null; set { } } + public static System.Threading.Tasks.Task OpenWithChromeEdgeBrowserAsync(System.Uri uri) => throw null; + public static System.Threading.Tasks.Task OpenWithEdgeBrowserAsync(System.Uri uri) => throw null; + } + public class Telemetry + { + public Telemetry() => throw null; + public static Microsoft.Identity.Client.Telemetry GetInstance() => throw null; + public bool HasRegisteredReceiver() => throw null; + public delegate void Receiver(System.Collections.Generic.List> events); + public void RegisterReceiver(Microsoft.Identity.Client.Telemetry.Receiver r) => throw null; + public bool TelemetryOnFailureOnly { get => throw null; set { } } + } + public enum TelemetryAudienceType + { + PreProduction = 0, + Production = 1, + } + namespace TelemetryCore + { + namespace TelemetryClient + { + public class TelemetryData + { + public Microsoft.Identity.Client.Cache.CacheLevel CacheLevel { get => throw null; set { } } + public TelemetryData() => throw null; + } + } + } + public class TenantProfile + { + public System.Security.Claims.ClaimsPrincipal ClaimsPrincipal { get => throw null; } + public bool IsHomeTenant { get => throw null; } + public string Oid { get => throw null; } + public string TenantId { get => throw null; } + } + public sealed class TokenCache : Microsoft.Identity.Client.ITokenCache, Microsoft.Identity.Client.ITokenCacheSerializer + { + public TokenCache() => throw null; + public void Deserialize(byte[] msalV2State) => throw null; + public void DeserializeAdalV3(byte[] adalV3State) => throw null; + void Microsoft.Identity.Client.ITokenCacheSerializer.DeserializeAdalV3(byte[] adalV3State) => throw null; + public void DeserializeMsalV2(byte[] msalV2State) => throw null; + void Microsoft.Identity.Client.ITokenCacheSerializer.DeserializeMsalV2(byte[] msalV2State) => throw null; + public void DeserializeMsalV3(byte[] msalV3State, bool shouldClearExistingCache) => throw null; + void Microsoft.Identity.Client.ITokenCacheSerializer.DeserializeMsalV3(byte[] msalV3State, bool shouldClearExistingCache) => throw null; + public void DeserializeUnifiedAndAdalCache(Microsoft.Identity.Client.Cache.CacheData cacheData) => throw null; + public bool HasStateChanged { get => throw null; set { } } + public byte[] Serialize() => throw null; + public byte[] SerializeAdalV3() => throw null; + byte[] Microsoft.Identity.Client.ITokenCacheSerializer.SerializeAdalV3() => throw null; + public byte[] SerializeMsalV2() => throw null; + byte[] Microsoft.Identity.Client.ITokenCacheSerializer.SerializeMsalV2() => throw null; + public byte[] SerializeMsalV3() => throw null; + byte[] Microsoft.Identity.Client.ITokenCacheSerializer.SerializeMsalV3() => throw null; + public Microsoft.Identity.Client.Cache.CacheData SerializeUnifiedAndAdalCache() => throw null; + public void SetAfterAccess(Microsoft.Identity.Client.TokenCacheCallback afterAccess) => throw null; + public void SetAfterAccessAsync(System.Func afterAccess) => throw null; + public void SetBeforeAccess(Microsoft.Identity.Client.TokenCacheCallback beforeAccess) => throw null; + public void SetBeforeAccessAsync(System.Func beforeAccess) => throw null; + public void SetBeforeWrite(Microsoft.Identity.Client.TokenCacheCallback beforeWrite) => throw null; + public void SetBeforeWriteAsync(System.Func beforeWrite) => throw null; + public void SetIosKeychainSecurityGroup(string securityGroup) => throw null; + public delegate void TokenCacheNotification(Microsoft.Identity.Client.TokenCacheNotificationArgs args); + } + public delegate void TokenCacheCallback(Microsoft.Identity.Client.TokenCacheNotificationArgs args); + public static partial class TokenCacheExtensions + { + public static void SetCacheOptions(this Microsoft.Identity.Client.ITokenCache tokenCache, Microsoft.Identity.Client.CacheOptions options) => throw null; + } + public sealed class TokenCacheNotificationArgs + { + public Microsoft.Identity.Client.IAccount Account { get => throw null; } + public System.Threading.CancellationToken CancellationToken { get => throw null; } + public string ClientId { get => throw null; } + public System.Guid CorrelationId { get => throw null; } + public TokenCacheNotificationArgs(Microsoft.Identity.Client.ITokenCacheSerializer tokenCache, string clientId, Microsoft.Identity.Client.IAccount account, bool hasStateChanged, bool isApplicationCache, string suggestedCacheKey, bool hasTokens, System.DateTimeOffset? suggestedCacheExpiry, System.Threading.CancellationToken cancellationToken) => throw null; + public TokenCacheNotificationArgs(Microsoft.Identity.Client.ITokenCacheSerializer tokenCache, string clientId, Microsoft.Identity.Client.IAccount account, bool hasStateChanged, bool isApplicationCache, string suggestedCacheKey, bool hasTokens, System.DateTimeOffset? suggestedCacheExpiry, System.Threading.CancellationToken cancellationToken, System.Guid correlationId) => throw null; + public TokenCacheNotificationArgs(Microsoft.Identity.Client.ITokenCacheSerializer tokenCache, string clientId, Microsoft.Identity.Client.IAccount account, bool hasStateChanged, bool isApplicationCache, string suggestedCacheKey, bool hasTokens, System.DateTimeOffset? suggestedCacheExpiry, System.Threading.CancellationToken cancellationToken, System.Guid correlationId, System.Collections.Generic.IEnumerable requestScopes, string requestTenantId) => throw null; + public TokenCacheNotificationArgs(Microsoft.Identity.Client.ITokenCacheSerializer tokenCache, string clientId, Microsoft.Identity.Client.IAccount account, bool hasStateChanged, bool isApplicationCache, string suggestedCacheKey, bool hasTokens, System.DateTimeOffset? suggestedCacheExpiry, System.Threading.CancellationToken cancellationToken, System.Guid correlationId, System.Collections.Generic.IEnumerable requestScopes, string requestTenantId, Microsoft.IdentityModel.Abstractions.IIdentityLogger identityLogger, bool piiLoggingEnabled, Microsoft.Identity.Client.TelemetryCore.TelemetryClient.TelemetryData telemetryData = default(Microsoft.Identity.Client.TelemetryCore.TelemetryClient.TelemetryData)) => throw null; + public bool HasStateChanged { get => throw null; } + public bool HasTokens { get => throw null; } + public Microsoft.IdentityModel.Abstractions.IIdentityLogger IdentityLogger { get => throw null; } + public bool IsApplicationCache { get => throw null; } + public bool PiiLoggingEnabled { get => throw null; } + public System.Collections.Generic.IEnumerable RequestScopes { get => throw null; } + public string RequestTenantId { get => throw null; } + public System.DateTimeOffset? SuggestedCacheExpiry { get => throw null; } + public string SuggestedCacheKey { get => throw null; } + public Microsoft.Identity.Client.TelemetryCore.TelemetryClient.TelemetryData TelemetryData { get => throw null; } + public Microsoft.Identity.Client.ITokenCacheSerializer TokenCache { get => throw null; } + public Microsoft.Identity.Client.IUser User { get => throw null; } + } + public enum TokenSource + { + IdentityProvider = 0, + Cache = 1, + Broker = 2, + } + public class TraceTelemetryConfig : Microsoft.Identity.Client.ITelemetryConfig + { + public System.Collections.Generic.IEnumerable AllowedScopes { get => throw null; } + public Microsoft.Identity.Client.TelemetryAudienceType AudienceType { get => throw null; } + public TraceTelemetryConfig() => throw null; + public System.Action DispatchAction { get => throw null; } + public string SessionId { get => throw null; } + } + public struct UIBehavior + { + } + public sealed class UIParent + { + public UIParent() => throw null; + public UIParent(object parent, bool useEmbeddedWebView) => throw null; + public static bool IsSystemWebviewAvailable() => throw null; + } + public enum UiRequiredExceptionClassification + { + None = 0, + MessageOnly = 1, + BasicAction = 2, + AdditionalAction = 3, + ConsentRequired = 4, + UserPasswordExpired = 5, + PromptNeverFailed = 6, + AcquireTokenSilentFailed = 7, + } + public sealed class UserAssertion + { + public string Assertion { get => throw null; } + public string AssertionType { get => throw null; } + public UserAssertion(string jwtBearerToken) => throw null; + public UserAssertion(string assertion, string assertionType) => throw null; + } + namespace Utils + { + namespace Windows + { + public static class WindowsNativeUtils + { + public static void InitializeProcessSecurity() => throw null; + public static bool IsElevatedUser() => throw null; + } + } + } + public class WindowsBrokerOptions + { + public WindowsBrokerOptions() => throw null; + public string HeaderText { get => throw null; set { } } + public bool ListWindowsWorkAndSchoolAccounts { get => throw null; set { } } + public bool MsaPassthrough { get => throw null; set { } } + } + public class WwwAuthenticateParameters + { + public string AuthenticationScheme { get => throw null; } + public string Authority { get => throw null; set { } } + public string Claims { get => throw null; set { } } + public static Microsoft.Identity.Client.WwwAuthenticateParameters CreateFromAuthenticationHeaders(System.Net.Http.Headers.HttpResponseHeaders httpResponseHeaders, string scheme) => throw null; + public static System.Collections.Generic.IReadOnlyList CreateFromAuthenticationHeaders(System.Net.Http.Headers.HttpResponseHeaders httpResponseHeaders) => throw null; + public static System.Threading.Tasks.Task CreateFromAuthenticationResponseAsync(string resourceUri, string scheme, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public static System.Threading.Tasks.Task CreateFromAuthenticationResponseAsync(string resourceUri, string scheme, System.Net.Http.HttpClient httpClient, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public static System.Threading.Tasks.Task> CreateFromAuthenticationResponseAsync(string resourceUri, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public static System.Threading.Tasks.Task> CreateFromAuthenticationResponseAsync(string resourceUri, System.Net.Http.HttpClient httpClient, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public static System.Threading.Tasks.Task CreateFromResourceResponseAsync(string resourceUri) => throw null; + public static System.Threading.Tasks.Task CreateFromResourceResponseAsync(string resourceUri, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public static System.Threading.Tasks.Task CreateFromResourceResponseAsync(System.Net.Http.HttpClient httpClient, string resourceUri, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public static Microsoft.Identity.Client.WwwAuthenticateParameters CreateFromResponseHeaders(System.Net.Http.Headers.HttpResponseHeaders httpResponseHeaders, string scheme = default(string)) => throw null; + public static Microsoft.Identity.Client.WwwAuthenticateParameters CreateFromWwwAuthenticateHeaderValue(string wwwAuthenticateValue) => throw null; + public WwwAuthenticateParameters() => throw null; + public string Error { get => throw null; set { } } + public static string GetClaimChallengeFromResponseHeaders(System.Net.Http.Headers.HttpResponseHeaders httpResponseHeaders, string scheme = default(string)) => throw null; + public string GetTenantId() => throw null; + public string Nonce { get => throw null; } + public string Resource { get => throw null; set { } } + public System.Collections.Generic.IEnumerable Scopes { get => throw null; set { } } + public string this[string key] { get => throw null; } + } + } + } +} diff --git a/csharp/ql/test/resources/stubs/Microsoft.Identity.Client/4.61.3/Microsoft.Identity.Client.csproj b/csharp/ql/test/resources/stubs/Microsoft.Identity.Client/4.61.3/Microsoft.Identity.Client.csproj new file mode 100644 index 00000000000..3951c0cd04f --- /dev/null +++ b/csharp/ql/test/resources/stubs/Microsoft.Identity.Client/4.61.3/Microsoft.Identity.Client.csproj @@ -0,0 +1,14 @@ + + + net9.0 + true + bin\ + false + + + + + + + + diff --git a/csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Abstractions/7.5.0/Microsoft.IdentityModel.Abstractions.cs b/csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Abstractions/7.5.0/Microsoft.IdentityModel.Abstractions.cs new file mode 100644 index 00000000000..04ee4e6d957 --- /dev/null +++ b/csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Abstractions/7.5.0/Microsoft.IdentityModel.Abstractions.cs @@ -0,0 +1,77 @@ +// This file contains auto-generated code. +// Generated from `Microsoft.IdentityModel.Abstractions, Version=7.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35`. +namespace Microsoft +{ + namespace IdentityModel + { + namespace Abstractions + { + public enum EventLogLevel + { + LogAlways = 0, + Critical = 1, + Error = 2, + Warning = 3, + Informational = 4, + Verbose = 5, + } + public interface IIdentityLogger + { + bool IsEnabled(Microsoft.IdentityModel.Abstractions.EventLogLevel eventLogLevel); + void Log(Microsoft.IdentityModel.Abstractions.LogEntry entry); + } + public interface ITelemetryClient + { + string ClientId { get; set; } + void Initialize(); + bool IsEnabled(); + bool IsEnabled(string eventName); + void TrackEvent(Microsoft.IdentityModel.Abstractions.TelemetryEventDetails eventDetails); + void TrackEvent(string eventName, System.Collections.Generic.IDictionary stringProperties = default(System.Collections.Generic.IDictionary), System.Collections.Generic.IDictionary longProperties = default(System.Collections.Generic.IDictionary), System.Collections.Generic.IDictionary boolProperties = default(System.Collections.Generic.IDictionary), System.Collections.Generic.IDictionary dateTimeProperties = default(System.Collections.Generic.IDictionary), System.Collections.Generic.IDictionary doubleProperties = default(System.Collections.Generic.IDictionary), System.Collections.Generic.IDictionary guidProperties = default(System.Collections.Generic.IDictionary)); + } + public class LogEntry + { + public string CorrelationId { get => throw null; set { } } + public LogEntry() => throw null; + public Microsoft.IdentityModel.Abstractions.EventLogLevel EventLogLevel { get => throw null; set { } } + public string Message { get => throw null; set { } } + } + public sealed class NullIdentityModelLogger : Microsoft.IdentityModel.Abstractions.IIdentityLogger + { + public static Microsoft.IdentityModel.Abstractions.NullIdentityModelLogger Instance { get => throw null; } + public bool IsEnabled(Microsoft.IdentityModel.Abstractions.EventLogLevel eventLogLevel) => throw null; + public void Log(Microsoft.IdentityModel.Abstractions.LogEntry entry) => throw null; + } + public class NullTelemetryClient : Microsoft.IdentityModel.Abstractions.ITelemetryClient + { + public string ClientId { get => throw null; set { } } + public void Initialize() => throw null; + public static Microsoft.IdentityModel.Abstractions.NullTelemetryClient Instance { get => throw null; } + public bool IsEnabled() => throw null; + public bool IsEnabled(string eventName) => throw null; + public void TrackEvent(Microsoft.IdentityModel.Abstractions.TelemetryEventDetails eventDetails) => throw null; + public void TrackEvent(string eventName, System.Collections.Generic.IDictionary stringProperties = default(System.Collections.Generic.IDictionary), System.Collections.Generic.IDictionary longProperties = default(System.Collections.Generic.IDictionary), System.Collections.Generic.IDictionary boolProperties = default(System.Collections.Generic.IDictionary), System.Collections.Generic.IDictionary dateTimeProperties = default(System.Collections.Generic.IDictionary), System.Collections.Generic.IDictionary doubleProperties = default(System.Collections.Generic.IDictionary), System.Collections.Generic.IDictionary guidProperties = default(System.Collections.Generic.IDictionary)) => throw null; + } + public static class ObservabilityConstants + { + public const string ActivityId = default; + public const string ClientId = default; + public const string Duration = default; + public const string Succeeded = default; + } + public abstract class TelemetryEventDetails + { + protected TelemetryEventDetails() => throw null; + public virtual string Name { get => throw null; set { } } + public virtual System.Collections.Generic.IReadOnlyDictionary Properties { get => throw null; } + protected System.Collections.Generic.IDictionary PropertyValues { get => throw null; } + public virtual void SetProperty(string key, string value) => throw null; + public virtual void SetProperty(string key, long value) => throw null; + public virtual void SetProperty(string key, bool value) => throw null; + public virtual void SetProperty(string key, System.DateTime value) => throw null; + public virtual void SetProperty(string key, double value) => throw null; + public virtual void SetProperty(string key, System.Guid value) => throw null; + } + } + } +} diff --git a/csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Abstractions/7.5.0/Microsoft.IdentityModel.Abstractions.csproj b/csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Abstractions/7.5.0/Microsoft.IdentityModel.Abstractions.csproj new file mode 100644 index 00000000000..c7646fbae20 --- /dev/null +++ b/csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Abstractions/7.5.0/Microsoft.IdentityModel.Abstractions.csproj @@ -0,0 +1,12 @@ + + + net9.0 + true + bin\ + false + + + + + + diff --git a/csharp/ql/test/resources/stubs/Microsoft.IdentityModel.JsonWebTokens/7.5.0/Microsoft.IdentityModel.JsonWebTokens.cs b/csharp/ql/test/resources/stubs/Microsoft.IdentityModel.JsonWebTokens/7.5.0/Microsoft.IdentityModel.JsonWebTokens.cs new file mode 100644 index 00000000000..b5068997c2c --- /dev/null +++ b/csharp/ql/test/resources/stubs/Microsoft.IdentityModel.JsonWebTokens/7.5.0/Microsoft.IdentityModel.JsonWebTokens.cs @@ -0,0 +1,174 @@ +// This file contains auto-generated code. +// Generated from `Microsoft.IdentityModel.JsonWebTokens, Version=7.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35`. +namespace Microsoft +{ + namespace IdentityModel + { + namespace JsonWebTokens + { + public static class JsonClaimValueTypes + { + public const string Json = default; + public const string JsonArray = default; + public const string JsonNull = default; + } + public class JsonWebToken : Microsoft.IdentityModel.Tokens.SecurityToken + { + public string Actor { get => throw null; } + public string Alg { get => throw null; } + public System.Collections.Generic.IEnumerable Audiences { get => throw null; } + public string AuthenticationTag { get => throw null; } + public string Azp { get => throw null; } + public string Ciphertext { get => throw null; } + public virtual System.Collections.Generic.IEnumerable Claims { get => throw null; } + public JsonWebToken(string jwtEncodedString) => throw null; + public JsonWebToken(System.ReadOnlyMemory encodedTokenMemory) => throw null; + public JsonWebToken(string header, string payload) => throw null; + public string Cty { get => throw null; } + public string Enc { get => throw null; } + public string EncodedHeader { get => throw null; } + public string EncodedPayload { get => throw null; } + public string EncodedSignature { get => throw null; } + public string EncodedToken { get => throw null; } + public string EncryptedKey { get => throw null; } + public System.Security.Claims.Claim GetClaim(string key) => throw null; + public T GetHeaderValue(string key) => throw null; + public T GetPayloadValue(string key) => throw null; + public override string Id { get => throw null; } + public string InitializationVector { get => throw null; } + public Microsoft.IdentityModel.JsonWebTokens.JsonWebToken InnerToken { get => throw null; } + public bool IsEncrypted { get => throw null; } + public bool IsSigned { get => throw null; } + public System.DateTime IssuedAt { get => throw null; } + public override string Issuer { get => throw null; } + public string Kid { get => throw null; } + public override Microsoft.IdentityModel.Tokens.SecurityKey SecurityKey { get => throw null; } + public override Microsoft.IdentityModel.Tokens.SecurityKey SigningKey { get => throw null; set { } } + public string Subject { get => throw null; } + public override string ToString() => throw null; + public bool TryGetClaim(string key, out System.Security.Claims.Claim value) => throw null; + public bool TryGetHeaderValue(string key, out T value) => throw null; + public bool TryGetPayloadValue(string key, out T value) => throw null; + public bool TryGetValue(string key, out T value) => throw null; + public string Typ { get => throw null; } + public override string UnsafeToString() => throw null; + public override System.DateTime ValidFrom { get => throw null; } + public override System.DateTime ValidTo { get => throw null; } + public string X5t { get => throw null; } + public string Zip { get => throw null; } + } + public class JsonWebTokenHandler : Microsoft.IdentityModel.Tokens.TokenHandler + { + public const string Base64UrlEncodedUnsignedJWSHeader = default; + public virtual bool CanReadToken(string token) => throw null; + public virtual bool CanValidateToken { get => throw null; } + protected virtual System.Security.Claims.ClaimsIdentity CreateClaimsIdentity(Microsoft.IdentityModel.JsonWebTokens.JsonWebToken jwtToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters) => throw null; + protected virtual System.Security.Claims.ClaimsIdentity CreateClaimsIdentity(Microsoft.IdentityModel.JsonWebTokens.JsonWebToken jwtToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters, string issuer) => throw null; + public virtual string CreateToken(string payload) => throw null; + public virtual string CreateToken(string payload, System.Collections.Generic.IDictionary additionalHeaderClaims) => throw null; + public virtual string CreateToken(string payload, Microsoft.IdentityModel.Tokens.SigningCredentials signingCredentials) => throw null; + public virtual string CreateToken(string payload, Microsoft.IdentityModel.Tokens.SigningCredentials signingCredentials, System.Collections.Generic.IDictionary additionalHeaderClaims) => throw null; + public virtual string CreateToken(Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor tokenDescriptor) => throw null; + public virtual string CreateToken(string payload, Microsoft.IdentityModel.Tokens.EncryptingCredentials encryptingCredentials) => throw null; + public virtual string CreateToken(string payload, Microsoft.IdentityModel.Tokens.EncryptingCredentials encryptingCredentials, System.Collections.Generic.IDictionary additionalHeaderClaims) => throw null; + public virtual string CreateToken(string payload, Microsoft.IdentityModel.Tokens.SigningCredentials signingCredentials, Microsoft.IdentityModel.Tokens.EncryptingCredentials encryptingCredentials) => throw null; + public virtual string CreateToken(string payload, Microsoft.IdentityModel.Tokens.SigningCredentials signingCredentials, Microsoft.IdentityModel.Tokens.EncryptingCredentials encryptingCredentials, System.Collections.Generic.IDictionary additionalHeaderClaims) => throw null; + public virtual string CreateToken(string payload, Microsoft.IdentityModel.Tokens.EncryptingCredentials encryptingCredentials, string compressionAlgorithm) => throw null; + public virtual string CreateToken(string payload, Microsoft.IdentityModel.Tokens.SigningCredentials signingCredentials, Microsoft.IdentityModel.Tokens.EncryptingCredentials encryptingCredentials, string compressionAlgorithm) => throw null; + public virtual string CreateToken(string payload, Microsoft.IdentityModel.Tokens.SigningCredentials signingCredentials, Microsoft.IdentityModel.Tokens.EncryptingCredentials encryptingCredentials, string compressionAlgorithm, System.Collections.Generic.IDictionary additionalHeaderClaims, System.Collections.Generic.IDictionary additionalInnerHeaderClaims) => throw null; + public virtual string CreateToken(string payload, Microsoft.IdentityModel.Tokens.SigningCredentials signingCredentials, Microsoft.IdentityModel.Tokens.EncryptingCredentials encryptingCredentials, string compressionAlgorithm, System.Collections.Generic.IDictionary additionalHeaderClaims) => throw null; + public JsonWebTokenHandler() => throw null; + public string DecryptToken(Microsoft.IdentityModel.JsonWebTokens.JsonWebToken jwtToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters) => throw null; + public static System.Collections.Generic.IDictionary DefaultInboundClaimTypeMap; + public static bool DefaultMapInboundClaims; + public string EncryptToken(string innerJwt, Microsoft.IdentityModel.Tokens.EncryptingCredentials encryptingCredentials) => throw null; + public string EncryptToken(string innerJwt, Microsoft.IdentityModel.Tokens.EncryptingCredentials encryptingCredentials, System.Collections.Generic.IDictionary additionalHeaderClaims) => throw null; + public string EncryptToken(string innerJwt, Microsoft.IdentityModel.Tokens.EncryptingCredentials encryptingCredentials, string algorithm) => throw null; + public string EncryptToken(string innerJwt, Microsoft.IdentityModel.Tokens.EncryptingCredentials encryptingCredentials, string algorithm, System.Collections.Generic.IDictionary additionalHeaderClaims) => throw null; + public System.Collections.Generic.IDictionary InboundClaimTypeMap { get => throw null; set { } } + public bool MapInboundClaims { get => throw null; set { } } + public virtual Microsoft.IdentityModel.JsonWebTokens.JsonWebToken ReadJsonWebToken(string token) => throw null; + public override Microsoft.IdentityModel.Tokens.SecurityToken ReadToken(string token) => throw null; + protected virtual Microsoft.IdentityModel.Tokens.SecurityKey ResolveTokenDecryptionKey(string token, Microsoft.IdentityModel.JsonWebTokens.JsonWebToken jwtToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters) => throw null; + public static string ShortClaimTypeProperty { get => throw null; set { } } + public System.Type TokenType { get => throw null; } + public virtual Microsoft.IdentityModel.Tokens.TokenValidationResult ValidateToken(string token, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters) => throw null; + public override System.Threading.Tasks.Task ValidateTokenAsync(string token, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters) => throw null; + public override System.Threading.Tasks.Task ValidateTokenAsync(Microsoft.IdentityModel.Tokens.SecurityToken token, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters) => throw null; + } + public static class JwtConstants + { + public const string DirectKeyUseAlg = default; + public const string HeaderType = default; + public const string HeaderTypeAlt = default; + public const string JsonCompactSerializationRegex = default; + public const string JweCompactSerializationRegex = default; + public const int JweSegmentCount = 5; + public const int JwsSegmentCount = 3; + public const int MaxJwtSegmentCount = 5; + public const string TokenType = default; + public const string TokenTypeAlt = default; + } + public struct JwtHeaderParameterNames + { + public const string Alg = default; + public const string Apu = default; + public const string Apv = default; + public const string Cty = default; + public const string Enc = default; + public const string Epk = default; + public const string IV = default; + public const string Jku = default; + public const string Jwk = default; + public const string Kid = default; + public const string Typ = default; + public const string X5c = default; + public const string X5t = default; + public const string X5u = default; + public const string Zip = default; + } + public struct JwtRegisteredClaimNames + { + public const string Acr = default; + public const string Actort = default; + public const string Amr = default; + public const string AtHash = default; + public const string Aud = default; + public const string AuthTime = default; + public const string Azp = default; + public const string Birthdate = default; + public const string CHash = default; + public const string Email = default; + public const string Exp = default; + public const string FamilyName = default; + public const string Gender = default; + public const string GivenName = default; + public const string Iat = default; + public const string Iss = default; + public const string Jti = default; + public const string Name = default; + public const string NameId = default; + public const string Nbf = default; + public const string Nonce = default; + public const string PhoneNumber = default; + public const string PhoneNumberVerified = default; + public const string Prn = default; + public const string Sid = default; + public const string Sub = default; + public const string Typ = default; + public const string UniqueName = default; + public const string Website = default; + } + public class JwtTokenUtilities + { + public static string CreateEncodedSignature(string input, Microsoft.IdentityModel.Tokens.SigningCredentials signingCredentials) => throw null; + public static string CreateEncodedSignature(string input, Microsoft.IdentityModel.Tokens.SigningCredentials signingCredentials, bool cacheProvider) => throw null; + public JwtTokenUtilities() => throw null; + public static byte[] GenerateKeyBytes(int sizeInBits) => throw null; + public static System.Collections.Generic.IEnumerable GetAllDecryptionKeys(Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters) => throw null; + public static System.Text.RegularExpressions.Regex RegexJwe; + public static System.Text.RegularExpressions.Regex RegexJws; + } + } + } +} diff --git a/csharp/ql/test/resources/stubs/Microsoft.IdentityModel.JsonWebTokens/7.5.0/Microsoft.IdentityModel.JsonWebTokens.csproj b/csharp/ql/test/resources/stubs/Microsoft.IdentityModel.JsonWebTokens/7.5.0/Microsoft.IdentityModel.JsonWebTokens.csproj new file mode 100644 index 00000000000..3f7a9eeb43f --- /dev/null +++ b/csharp/ql/test/resources/stubs/Microsoft.IdentityModel.JsonWebTokens/7.5.0/Microsoft.IdentityModel.JsonWebTokens.csproj @@ -0,0 +1,13 @@ + + + net9.0 + true + bin\ + false + + + + + + + diff --git a/csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Logging/7.5.0/Microsoft.IdentityModel.Logging.cs b/csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Logging/7.5.0/Microsoft.IdentityModel.Logging.cs new file mode 100644 index 00000000000..0952b4a4424 --- /dev/null +++ b/csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Logging/7.5.0/Microsoft.IdentityModel.Logging.cs @@ -0,0 +1,98 @@ +// This file contains auto-generated code. +// Generated from `Microsoft.IdentityModel.Logging, Version=7.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35`. +namespace Microsoft +{ + namespace IdentityModel + { + namespace Logging + { + public class IdentityModelEventSource : System.Diagnostics.Tracing.EventSource + { + public static bool HeaderWritten { get => throw null; set { } } + public static string HiddenPIIString { get => throw null; } + public static string HiddenSecurityArtifactString { get => throw null; } + public static bool LogCompleteSecurityArtifact { get => throw null; set { } } + public static Microsoft.IdentityModel.Logging.IdentityModelEventSource Logger { get => throw null; } + public System.Diagnostics.Tracing.EventLevel LogLevel { get => throw null; set { } } + public static bool ShowPII { get => throw null; set { } } + public void Write(System.Diagnostics.Tracing.EventLevel level, System.Exception innerException, string message) => throw null; + public void Write(System.Diagnostics.Tracing.EventLevel level, System.Exception innerException, string message, params object[] args) => throw null; + public void WriteAlways(string message) => throw null; + public void WriteAlways(string message, params object[] args) => throw null; + public void WriteCritical(string message) => throw null; + public void WriteCritical(string message, params object[] args) => throw null; + public void WriteError(string message) => throw null; + public void WriteError(string message, params object[] args) => throw null; + public void WriteInformation(string message) => throw null; + public void WriteInformation(string message, params object[] args) => throw null; + public void WriteVerbose(string message) => throw null; + public void WriteVerbose(string message, params object[] args) => throw null; + public void WriteWarning(string message) => throw null; + public void WriteWarning(string message, params object[] args) => throw null; + } + public static class IdentityModelTelemetryUtil + { + public static bool AddTelemetryData(string key, string value) => throw null; + public static string ClientSku { get => throw null; } + public static string ClientVer { get => throw null; } + public static bool RemoveTelemetryData(string key) => throw null; + } + public interface ISafeLogSecurityArtifact + { + string UnsafeToString(); + } + public class LoggerContext + { + public System.Guid ActivityId { get => throw null; set { } } + public bool CaptureLogs { get => throw null; set { } } + public LoggerContext() => throw null; + public LoggerContext(System.Guid activityId) => throw null; + public virtual string DebugId { get => throw null; set { } } + public System.Collections.Generic.ICollection Logs { get => throw null; } + public System.Collections.Generic.IDictionary PropertyBag { get => throw null; set { } } + } + public class LogHelper + { + public LogHelper() => throw null; + public static string FormatInvariant(string format, params object[] args) => throw null; + public static bool IsEnabled(Microsoft.IdentityModel.Abstractions.EventLogLevel level) => throw null; + public static T LogArgumentException(string argumentName, string message) where T : System.ArgumentException => throw null; + public static T LogArgumentException(string argumentName, string format, params object[] args) where T : System.ArgumentException => throw null; + public static T LogArgumentException(string argumentName, System.Exception innerException, string message) where T : System.ArgumentException => throw null; + public static T LogArgumentException(string argumentName, System.Exception innerException, string format, params object[] args) where T : System.ArgumentException => throw null; + public static T LogArgumentException(System.Diagnostics.Tracing.EventLevel eventLevel, string argumentName, string message) where T : System.ArgumentException => throw null; + public static T LogArgumentException(System.Diagnostics.Tracing.EventLevel eventLevel, string argumentName, string format, params object[] args) where T : System.ArgumentException => throw null; + public static T LogArgumentException(System.Diagnostics.Tracing.EventLevel eventLevel, string argumentName, System.Exception innerException, string message) where T : System.ArgumentException => throw null; + public static T LogArgumentException(System.Diagnostics.Tracing.EventLevel eventLevel, string argumentName, System.Exception innerException, string format, params object[] args) where T : System.ArgumentException => throw null; + public static System.ArgumentNullException LogArgumentNullException(string argument) => throw null; + public static T LogException(string message) where T : System.Exception => throw null; + public static T LogException(string format, params object[] args) where T : System.Exception => throw null; + public static T LogException(System.Exception innerException, string message) where T : System.Exception => throw null; + public static T LogException(System.Exception innerException, string format, params object[] args) where T : System.Exception => throw null; + public static T LogException(System.Diagnostics.Tracing.EventLevel eventLevel, string message) where T : System.Exception => throw null; + public static T LogException(System.Diagnostics.Tracing.EventLevel eventLevel, string format, params object[] args) where T : System.Exception => throw null; + public static T LogException(System.Diagnostics.Tracing.EventLevel eventLevel, System.Exception innerException, string message) where T : System.Exception => throw null; + public static T LogException(System.Diagnostics.Tracing.EventLevel eventLevel, System.Exception innerException, string format, params object[] args) where T : System.Exception => throw null; + public static System.Exception LogExceptionMessage(System.Exception exception) => throw null; + public static System.Exception LogExceptionMessage(System.Diagnostics.Tracing.EventLevel eventLevel, System.Exception exception) => throw null; + public static Microsoft.IdentityModel.Abstractions.IIdentityLogger Logger { get => throw null; set { } } + public static void LogInformation(string message, params object[] args) => throw null; + public static void LogVerbose(string message, params object[] args) => throw null; + public static void LogWarning(string message, params object[] args) => throw null; + public static object MarkAsNonPII(object arg) => throw null; + public static object MarkAsSecurityArtifact(object arg, System.Func callback) => throw null; + public static object MarkAsSecurityArtifact(object arg, System.Func callback, System.Func callbackUnsafe) => throw null; + public static object MarkAsUnsafeSecurityArtifact(object arg, System.Func callbackUnsafe) => throw null; + } + public class TextWriterEventListener : System.Diagnostics.Tracing.EventListener + { + public TextWriterEventListener() => throw null; + public TextWriterEventListener(string filePath) => throw null; + public TextWriterEventListener(System.IO.StreamWriter streamWriter) => throw null; + public static readonly string DefaultLogFileName; + public override void Dispose() => throw null; + protected override void OnEventWritten(System.Diagnostics.Tracing.EventWrittenEventArgs eventData) => throw null; + } + } + } +} diff --git a/csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Logging/7.5.0/Microsoft.IdentityModel.Logging.csproj b/csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Logging/7.5.0/Microsoft.IdentityModel.Logging.csproj new file mode 100644 index 00000000000..ccae125b498 --- /dev/null +++ b/csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Logging/7.5.0/Microsoft.IdentityModel.Logging.csproj @@ -0,0 +1,13 @@ + + + net9.0 + true + bin\ + false + + + + + + + diff --git a/csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Protocols.OpenIdConnect/7.5.0/Microsoft.IdentityModel.Protocols.OpenIdConnect.cs b/csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Protocols.OpenIdConnect/7.5.0/Microsoft.IdentityModel.Protocols.OpenIdConnect.cs new file mode 100644 index 00000000000..9d945dc9033 --- /dev/null +++ b/csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Protocols.OpenIdConnect/7.5.0/Microsoft.IdentityModel.Protocols.OpenIdConnect.cs @@ -0,0 +1,396 @@ +// This file contains auto-generated code. +// Generated from `Microsoft.IdentityModel.Protocols.OpenIdConnect, Version=7.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35`. +namespace Microsoft +{ + namespace IdentityModel + { + namespace Protocols + { + namespace OpenIdConnect + { + public static class ActiveDirectoryOpenIdConnectEndpoints + { + public const string Authorize = default; + public const string Logout = default; + public const string Token = default; + } + namespace Configuration + { + public class OpenIdConnectConfigurationValidator : Microsoft.IdentityModel.Protocols.IConfigurationValidator + { + public OpenIdConnectConfigurationValidator() => throw null; + public int MinimumNumberOfKeys { get => throw null; set { } } + public Microsoft.IdentityModel.Protocols.ConfigurationValidationResult Validate(Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfiguration openIdConnectConfiguration) => throw null; + } + } + public delegate void IdTokenValidator(System.IdentityModel.Tokens.Jwt.JwtSecurityToken idToken, Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectProtocolValidationContext context); + public class OpenIdConnectConfiguration : Microsoft.IdentityModel.Tokens.BaseConfiguration + { + public System.Collections.Generic.ICollection AcrValuesSupported { get => throw null; } + public override string ActiveTokenEndpoint { get => throw null; set { } } + public System.Collections.Generic.IDictionary AdditionalData { get => throw null; } + public string AuthorizationEndpoint { get => throw null; set { } } + public string CheckSessionIframe { get => throw null; set { } } + public System.Collections.Generic.ICollection ClaimsLocalesSupported { get => throw null; } + public bool ClaimsParameterSupported { get => throw null; set { } } + public System.Collections.Generic.ICollection ClaimsSupported { get => throw null; } + public System.Collections.Generic.ICollection ClaimTypesSupported { get => throw null; } + public static Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfiguration Create(string json) => throw null; + public OpenIdConnectConfiguration() => throw null; + public OpenIdConnectConfiguration(string json) => throw null; + public System.Collections.Generic.ICollection DisplayValuesSupported { get => throw null; } + public string EndSessionEndpoint { get => throw null; set { } } + public string FrontchannelLogoutSessionSupported { get => throw null; set { } } + public string FrontchannelLogoutSupported { get => throw null; set { } } + public System.Collections.Generic.ICollection GrantTypesSupported { get => throw null; } + public bool HttpLogoutSupported { get => throw null; set { } } + public System.Collections.Generic.ICollection IdTokenEncryptionAlgValuesSupported { get => throw null; } + public System.Collections.Generic.ICollection IdTokenEncryptionEncValuesSupported { get => throw null; } + public System.Collections.Generic.ICollection IdTokenSigningAlgValuesSupported { get => throw null; } + public string IntrospectionEndpoint { get => throw null; set { } } + public System.Collections.Generic.ICollection IntrospectionEndpointAuthMethodsSupported { get => throw null; } + public System.Collections.Generic.ICollection IntrospectionEndpointAuthSigningAlgValuesSupported { get => throw null; } + public override string Issuer { get => throw null; set { } } + public Microsoft.IdentityModel.Tokens.JsonWebKeySet JsonWebKeySet { get => throw null; set { } } + public string JwksUri { get => throw null; set { } } + public bool LogoutSessionSupported { get => throw null; set { } } + public string OpPolicyUri { get => throw null; set { } } + public string OpTosUri { get => throw null; set { } } + public string RegistrationEndpoint { get => throw null; set { } } + public System.Collections.Generic.ICollection RequestObjectEncryptionAlgValuesSupported { get => throw null; } + public System.Collections.Generic.ICollection RequestObjectEncryptionEncValuesSupported { get => throw null; } + public System.Collections.Generic.ICollection RequestObjectSigningAlgValuesSupported { get => throw null; } + public bool RequestParameterSupported { get => throw null; set { } } + public bool RequestUriParameterSupported { get => throw null; set { } } + public bool RequireRequestUriRegistration { get => throw null; set { } } + public System.Collections.Generic.ICollection ResponseModesSupported { get => throw null; } + public System.Collections.Generic.ICollection ResponseTypesSupported { get => throw null; } + public System.Collections.Generic.ICollection ScopesSupported { get => throw null; } + public string ServiceDocumentation { get => throw null; set { } } + public bool ShouldSerializeAcrValuesSupported() => throw null; + public bool ShouldSerializeClaimsLocalesSupported() => throw null; + public bool ShouldSerializeClaimsSupported() => throw null; + public bool ShouldSerializeClaimTypesSupported() => throw null; + public bool ShouldSerializeDisplayValuesSupported() => throw null; + public bool ShouldSerializeGrantTypesSupported() => throw null; + public bool ShouldSerializeIdTokenEncryptionAlgValuesSupported() => throw null; + public bool ShouldSerializeIdTokenEncryptionEncValuesSupported() => throw null; + public bool ShouldSerializeIdTokenSigningAlgValuesSupported() => throw null; + public bool ShouldSerializeIntrospectionEndpointAuthMethodsSupported() => throw null; + public bool ShouldSerializeIntrospectionEndpointAuthSigningAlgValuesSupported() => throw null; + public bool ShouldSerializeRequestObjectEncryptionAlgValuesSupported() => throw null; + public bool ShouldSerializeRequestObjectEncryptionEncValuesSupported() => throw null; + public bool ShouldSerializeRequestObjectSigningAlgValuesSupported() => throw null; + public bool ShouldSerializeResponseModesSupported() => throw null; + public bool ShouldSerializeResponseTypesSupported() => throw null; + public bool ShouldSerializeScopesSupported() => throw null; + public bool ShouldSerializeSigningKeys() => throw null; + public bool ShouldSerializeSubjectTypesSupported() => throw null; + public bool ShouldSerializeTokenEndpointAuthMethodsSupported() => throw null; + public bool ShouldSerializeTokenEndpointAuthSigningAlgValuesSupported() => throw null; + public bool ShouldSerializeUILocalesSupported() => throw null; + public bool ShouldSerializeUserInfoEndpointEncryptionAlgValuesSupported() => throw null; + public bool ShouldSerializeUserInfoEndpointEncryptionEncValuesSupported() => throw null; + public bool ShouldSerializeUserInfoEndpointSigningAlgValuesSupported() => throw null; + public override System.Collections.Generic.ICollection SigningKeys { get => throw null; } + public System.Collections.Generic.ICollection SubjectTypesSupported { get => throw null; } + public override string TokenEndpoint { get => throw null; set { } } + public System.Collections.Generic.ICollection TokenEndpointAuthMethodsSupported { get => throw null; } + public System.Collections.Generic.ICollection TokenEndpointAuthSigningAlgValuesSupported { get => throw null; } + public System.Collections.Generic.ICollection UILocalesSupported { get => throw null; } + public string UserInfoEndpoint { get => throw null; set { } } + public System.Collections.Generic.ICollection UserInfoEndpointEncryptionAlgValuesSupported { get => throw null; } + public System.Collections.Generic.ICollection UserInfoEndpointEncryptionEncValuesSupported { get => throw null; } + public System.Collections.Generic.ICollection UserInfoEndpointSigningAlgValuesSupported { get => throw null; } + public static string Write(Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfiguration configuration) => throw null; + } + public class OpenIdConnectConfigurationRetriever : Microsoft.IdentityModel.Protocols.IConfigurationRetriever + { + public OpenIdConnectConfigurationRetriever() => throw null; + public static System.Threading.Tasks.Task GetAsync(string address, System.Threading.CancellationToken cancel) => throw null; + public static System.Threading.Tasks.Task GetAsync(string address, System.Net.Http.HttpClient httpClient, System.Threading.CancellationToken cancel) => throw null; + public static System.Threading.Tasks.Task GetAsync(string address, Microsoft.IdentityModel.Protocols.IDocumentRetriever retriever, System.Threading.CancellationToken cancel) => throw null; + System.Threading.Tasks.Task Microsoft.IdentityModel.Protocols.IConfigurationRetriever.GetConfigurationAsync(string address, Microsoft.IdentityModel.Protocols.IDocumentRetriever retriever, System.Threading.CancellationToken cancel) => throw null; + } + public static class OpenIdConnectGrantTypes + { + public const string AuthorizationCode = default; + public const string ClientCredentials = default; + public const string Password = default; + public const string RefreshToken = default; + } + public class OpenIdConnectMessage : Microsoft.IdentityModel.Protocols.AuthenticationProtocolMessage + { + public string AccessToken { get => throw null; set { } } + public string AcrValues { get => throw null; set { } } + public string AuthorizationEndpoint { get => throw null; set { } } + public string ClaimsLocales { get => throw null; set { } } + public string ClientAssertion { get => throw null; set { } } + public string ClientAssertionType { get => throw null; set { } } + public string ClientId { get => throw null; set { } } + public string ClientSecret { get => throw null; set { } } + public virtual Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectMessage Clone() => throw null; + public string Code { get => throw null; set { } } + public virtual string CreateAuthenticationRequestUrl() => throw null; + public virtual string CreateLogoutRequestUrl() => throw null; + public OpenIdConnectMessage() => throw null; + public OpenIdConnectMessage(string json) => throw null; + protected OpenIdConnectMessage(Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectMessage other) => throw null; + public OpenIdConnectMessage(System.Collections.Specialized.NameValueCollection nameValueCollection) => throw null; + public OpenIdConnectMessage(System.Collections.Generic.IEnumerable> parameters) => throw null; + public string Display { get => throw null; set { } } + public string DomainHint { get => throw null; set { } } + public bool EnableTelemetryParameters { get => throw null; set { } } + public static bool EnableTelemetryParametersByDefault { get => throw null; set { } } + public string Error { get => throw null; set { } } + public string ErrorDescription { get => throw null; set { } } + public string ErrorUri { get => throw null; set { } } + public string ExpiresIn { get => throw null; set { } } + public string GrantType { get => throw null; set { } } + public string IdentityProvider { get => throw null; set { } } + public string IdToken { get => throw null; set { } } + public string IdTokenHint { get => throw null; set { } } + public string Iss { get => throw null; set { } } + public string LoginHint { get => throw null; set { } } + public string MaxAge { get => throw null; set { } } + public string Nonce { get => throw null; set { } } + public string Password { get => throw null; set { } } + public string PostLogoutRedirectUri { get => throw null; set { } } + public string Prompt { get => throw null; set { } } + public string RedirectUri { get => throw null; set { } } + public string RefreshToken { get => throw null; set { } } + public Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectRequestType RequestType { get => throw null; set { } } + public string RequestUri { get => throw null; set { } } + public string Resource { get => throw null; set { } } + public string ResponseMode { get => throw null; set { } } + public string ResponseType { get => throw null; set { } } + public string Scope { get => throw null; set { } } + public string SessionState { get => throw null; set { } } + public string Sid { get => throw null; set { } } + public string SkuTelemetryValue { get => throw null; set { } } + public string State { get => throw null; set { } } + public string TargetLinkUri { get => throw null; set { } } + public string TokenEndpoint { get => throw null; set { } } + public string TokenType { get => throw null; set { } } + public string UiLocales { get => throw null; set { } } + public string UserId { get => throw null; set { } } + public string Username { get => throw null; set { } } + } + public static class OpenIdConnectParameterNames + { + public const string AccessToken = default; + public const string AcrValues = default; + public const string ClaimsLocales = default; + public const string ClientAssertion = default; + public const string ClientAssertionType = default; + public const string ClientId = default; + public const string ClientSecret = default; + public const string Code = default; + public const string Display = default; + public const string DomainHint = default; + public const string Error = default; + public const string ErrorDescription = default; + public const string ErrorUri = default; + public const string ExpiresIn = default; + public const string GrantType = default; + public const string IdentityProvider = default; + public const string IdToken = default; + public const string IdTokenHint = default; + public const string Iss = default; + public const string LoginHint = default; + public const string MaxAge = default; + public const string Nonce = default; + public const string Password = default; + public const string PostLogoutRedirectUri = default; + public const string Prompt = default; + public const string RedirectUri = default; + public const string RefreshToken = default; + public const string RequestUri = default; + public const string Resource = default; + public const string ResponseMode = default; + public const string ResponseType = default; + public const string Scope = default; + public const string SessionState = default; + public const string Sid = default; + public const string SkuTelemetry = default; + public const string State = default; + public const string TargetLinkUri = default; + public const string TokenType = default; + public const string UiLocales = default; + public const string UserId = default; + public const string Username = default; + public const string VersionTelemetry = default; + } + public static class OpenIdConnectPrompt + { + public const string Consent = default; + public const string Login = default; + public const string None = default; + public const string SelectAccount = default; + } + public class OpenIdConnectProtocolException : System.Exception + { + public OpenIdConnectProtocolException() => throw null; + public OpenIdConnectProtocolException(string message) => throw null; + public OpenIdConnectProtocolException(string message, System.Exception innerException) => throw null; + protected OpenIdConnectProtocolException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + } + public class OpenIdConnectProtocolInvalidAtHashException : Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectProtocolException + { + public OpenIdConnectProtocolInvalidAtHashException() => throw null; + public OpenIdConnectProtocolInvalidAtHashException(string message) => throw null; + public OpenIdConnectProtocolInvalidAtHashException(string message, System.Exception innerException) => throw null; + protected OpenIdConnectProtocolInvalidAtHashException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + } + public class OpenIdConnectProtocolInvalidCHashException : Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectProtocolException + { + public OpenIdConnectProtocolInvalidCHashException() => throw null; + public OpenIdConnectProtocolInvalidCHashException(string message) => throw null; + public OpenIdConnectProtocolInvalidCHashException(string message, System.Exception innerException) => throw null; + protected OpenIdConnectProtocolInvalidCHashException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + } + public class OpenIdConnectProtocolInvalidNonceException : Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectProtocolException + { + public OpenIdConnectProtocolInvalidNonceException() => throw null; + public OpenIdConnectProtocolInvalidNonceException(string message) => throw null; + public OpenIdConnectProtocolInvalidNonceException(string message, System.Exception innerException) => throw null; + protected OpenIdConnectProtocolInvalidNonceException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + } + public class OpenIdConnectProtocolInvalidStateException : Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectProtocolException + { + public OpenIdConnectProtocolInvalidStateException() => throw null; + public OpenIdConnectProtocolInvalidStateException(string message) => throw null; + public OpenIdConnectProtocolInvalidStateException(string message, System.Exception innerException) => throw null; + protected OpenIdConnectProtocolInvalidStateException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + } + public class OpenIdConnectProtocolValidationContext + { + public string ClientId { get => throw null; set { } } + public OpenIdConnectProtocolValidationContext() => throw null; + public string Nonce { get => throw null; set { } } + public Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectMessage ProtocolMessage { get => throw null; set { } } + public string State { get => throw null; set { } } + public string UserInfoEndpointResponse { get => throw null; set { } } + public System.IdentityModel.Tokens.Jwt.JwtSecurityToken ValidatedIdToken { get => throw null; set { } } + } + public class OpenIdConnectProtocolValidator + { + public Microsoft.IdentityModel.Tokens.CryptoProviderFactory CryptoProviderFactory { get => throw null; set { } } + public OpenIdConnectProtocolValidator() => throw null; + public static readonly System.TimeSpan DefaultNonceLifetime; + public virtual string GenerateNonce() => throw null; + public virtual System.Security.Cryptography.HashAlgorithm GetHashAlgorithm(string algorithm) => throw null; + public System.Collections.Generic.IDictionary HashAlgorithmMap { get => throw null; } + public Microsoft.IdentityModel.Protocols.OpenIdConnect.IdTokenValidator IdTokenValidator { get => throw null; set { } } + public System.TimeSpan NonceLifetime { get => throw null; set { } } + public bool RequireAcr { get => throw null; set { } } + public bool RequireAmr { get => throw null; set { } } + public bool RequireAuthTime { get => throw null; set { } } + public bool RequireAzp { get => throw null; set { } } + public bool RequireNonce { get => throw null; set { } } + public bool RequireState { get => throw null; set { } } + public bool RequireStateValidation { get => throw null; set { } } + public bool RequireSub { get => throw null; set { } } + public static bool RequireSubByDefault { get => throw null; set { } } + public bool RequireTimeStampInNonce { get => throw null; set { } } + protected virtual void ValidateAtHash(Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectProtocolValidationContext validationContext) => throw null; + public virtual void ValidateAuthenticationResponse(Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectProtocolValidationContext validationContext) => throw null; + protected virtual void ValidateCHash(Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectProtocolValidationContext validationContext) => throw null; + protected virtual void ValidateIdToken(Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectProtocolValidationContext validationContext) => throw null; + protected virtual void ValidateNonce(Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectProtocolValidationContext validationContext) => throw null; + protected virtual void ValidateState(Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectProtocolValidationContext validationContext) => throw null; + public virtual void ValidateTokenResponse(Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectProtocolValidationContext validationContext) => throw null; + public virtual void ValidateUserInfoResponse(Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectProtocolValidationContext validationContext) => throw null; + } + public enum OpenIdConnectRequestType + { + Authentication = 0, + Logout = 1, + Token = 2, + } + public static class OpenIdConnectResponseMode + { + public const string FormPost = default; + public const string Fragment = default; + public const string Query = default; + } + public static class OpenIdConnectResponseType + { + public const string Code = default; + public const string CodeIdToken = default; + public const string CodeIdTokenToken = default; + public const string CodeToken = default; + public const string IdToken = default; + public const string IdTokenToken = default; + public const string None = default; + public const string Token = default; + } + public static class OpenIdConnectScope + { + public const string Address = default; + public const string Email = default; + public const string OfflineAccess = default; + public const string OpenId = default; + public const string OpenIdProfile = default; + public const string Phone = default; + public const string UserImpersonation = default; + } + public static class OpenIdConnectSessionProperties + { + public const string CheckSessionIFrame = default; + public const string RedirectUri = default; + public const string SessionState = default; + } + public static class OpenIdProviderMetadataNames + { + public const string AcrValuesSupported = default; + public const string AuthorizationEndpoint = default; + public const string CheckSessionIframe = default; + public const string ClaimsLocalesSupported = default; + public const string ClaimsParameterSupported = default; + public const string ClaimsSupported = default; + public const string ClaimTypesSupported = default; + public const string Discovery = default; + public const string DisplayValuesSupported = default; + public const string EndSessionEndpoint = default; + public const string FrontchannelLogoutSessionSupported = default; + public const string FrontchannelLogoutSupported = default; + public const string GrantTypesSupported = default; + public const string HttpLogoutSupported = default; + public const string IdTokenEncryptionAlgValuesSupported = default; + public const string IdTokenEncryptionEncValuesSupported = default; + public const string IdTokenSigningAlgValuesSupported = default; + public const string IntrospectionEndpoint = default; + public const string IntrospectionEndpointAuthMethodsSupported = default; + public const string IntrospectionEndpointAuthSigningAlgValuesSupported = default; + public const string Issuer = default; + public const string JwksUri = default; + public const string LogoutSessionSupported = default; + public const string MicrosoftMultiRefreshToken = default; + public const string OpPolicyUri = default; + public const string OpTosUri = default; + public const string RegistrationEndpoint = default; + public const string RequestObjectEncryptionAlgValuesSupported = default; + public const string RequestObjectEncryptionEncValuesSupported = default; + public const string RequestObjectSigningAlgValuesSupported = default; + public const string RequestParameterSupported = default; + public const string RequestUriParameterSupported = default; + public const string RequireRequestUriRegistration = default; + public const string ResponseModesSupported = default; + public const string ResponseTypesSupported = default; + public const string ScopesSupported = default; + public const string ServiceDocumentation = default; + public const string SubjectTypesSupported = default; + public const string TokenEndpoint = default; + public const string TokenEndpointAuthMethodsSupported = default; + public const string TokenEndpointAuthSigningAlgValuesSupported = default; + public const string UILocalesSupported = default; + public const string UserInfoEncryptionAlgValuesSupported = default; + public const string UserInfoEncryptionEncValuesSupported = default; + public const string UserInfoEndpoint = default; + public const string UserInfoSigningAlgValuesSupported = default; + } + } + } + } +} diff --git a/csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Protocols.OpenIdConnect/7.5.0/Microsoft.IdentityModel.Protocols.OpenIdConnect.csproj b/csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Protocols.OpenIdConnect/7.5.0/Microsoft.IdentityModel.Protocols.OpenIdConnect.csproj new file mode 100644 index 00000000000..4fcb6a92ab7 --- /dev/null +++ b/csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Protocols.OpenIdConnect/7.5.0/Microsoft.IdentityModel.Protocols.OpenIdConnect.csproj @@ -0,0 +1,14 @@ + + + net9.0 + true + bin\ + false + + + + + + + + diff --git a/csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Protocols/7.5.0/Microsoft.IdentityModel.Protocols.cs b/csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Protocols/7.5.0/Microsoft.IdentityModel.Protocols.cs new file mode 100644 index 00000000000..d7d2fc40cd0 --- /dev/null +++ b/csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Protocols/7.5.0/Microsoft.IdentityModel.Protocols.cs @@ -0,0 +1,120 @@ +// This file contains auto-generated code. +// Generated from `Microsoft.IdentityModel.Protocols, Version=7.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35`. +namespace Microsoft +{ + namespace IdentityModel + { + namespace Protocols + { + public abstract class AuthenticationProtocolMessage + { + public virtual string BuildFormPost() => throw null; + public virtual string BuildRedirectUrl() => throw null; + protected AuthenticationProtocolMessage() => throw null; + public virtual string GetParameter(string parameter) => throw null; + public string IssuerAddress { get => throw null; set { } } + public System.Collections.Generic.IDictionary Parameters { get => throw null; } + public string PostTitle { get => throw null; set { } } + public virtual void RemoveParameter(string parameter) => throw null; + public string Script { get => throw null; set { } } + public string ScriptButtonText { get => throw null; set { } } + public string ScriptDisabledText { get => throw null; set { } } + public void SetParameter(string parameter, string value) => throw null; + public virtual void SetParameters(System.Collections.Specialized.NameValueCollection nameValueCollection) => throw null; + } + namespace Configuration + { + public class InvalidConfigurationException : System.Exception + { + public InvalidConfigurationException() => throw null; + public InvalidConfigurationException(string message) => throw null; + public InvalidConfigurationException(string message, System.Exception innerException) => throw null; + protected InvalidConfigurationException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + } + public class LastKnownGoodConfigurationCacheOptions : Microsoft.IdentityModel.Tokens.Configuration.LKGConfigurationCacheOptions + { + public LastKnownGoodConfigurationCacheOptions() => throw null; + public static readonly int DefaultLastKnownGoodConfigurationSizeLimit; + } + } + public class ConfigurationManager : Microsoft.IdentityModel.Tokens.BaseConfigurationManager, Microsoft.IdentityModel.Protocols.IConfigurationManager where T : class + { + public ConfigurationManager(string metadataAddress, Microsoft.IdentityModel.Protocols.IConfigurationRetriever configRetriever) => throw null; + public ConfigurationManager(string metadataAddress, Microsoft.IdentityModel.Protocols.IConfigurationRetriever configRetriever, System.Net.Http.HttpClient httpClient) => throw null; + public ConfigurationManager(string metadataAddress, Microsoft.IdentityModel.Protocols.IConfigurationRetriever configRetriever, Microsoft.IdentityModel.Protocols.IDocumentRetriever docRetriever) => throw null; + public ConfigurationManager(string metadataAddress, Microsoft.IdentityModel.Protocols.IConfigurationRetriever configRetriever, Microsoft.IdentityModel.Protocols.IDocumentRetriever docRetriever, Microsoft.IdentityModel.Protocols.Configuration.LastKnownGoodConfigurationCacheOptions lkgCacheOptions) => throw null; + public ConfigurationManager(string metadataAddress, Microsoft.IdentityModel.Protocols.IConfigurationRetriever configRetriever, Microsoft.IdentityModel.Protocols.IDocumentRetriever docRetriever, Microsoft.IdentityModel.Protocols.IConfigurationValidator configValidator) => throw null; + public ConfigurationManager(string metadataAddress, Microsoft.IdentityModel.Protocols.IConfigurationRetriever configRetriever, Microsoft.IdentityModel.Protocols.IDocumentRetriever docRetriever, Microsoft.IdentityModel.Protocols.IConfigurationValidator configValidator, Microsoft.IdentityModel.Protocols.Configuration.LastKnownGoodConfigurationCacheOptions lkgCacheOptions) => throw null; + public static readonly System.TimeSpan DefaultAutomaticRefreshInterval; + public static readonly System.TimeSpan DefaultRefreshInterval; + public override System.Threading.Tasks.Task GetBaseConfigurationAsync(System.Threading.CancellationToken cancel) => throw null; + public System.Threading.Tasks.Task GetConfigurationAsync() => throw null; + public System.Threading.Tasks.Task GetConfigurationAsync(System.Threading.CancellationToken cancel) => throw null; + public static readonly System.TimeSpan MinimumAutomaticRefreshInterval; + public static readonly System.TimeSpan MinimumRefreshInterval; + public override void RequestRefresh() => throw null; + } + public class ConfigurationValidationResult + { + public ConfigurationValidationResult() => throw null; + public string ErrorMessage { get => throw null; set { } } + public bool Succeeded { get => throw null; set { } } + } + public class FileDocumentRetriever : Microsoft.IdentityModel.Protocols.IDocumentRetriever + { + public FileDocumentRetriever() => throw null; + public System.Threading.Tasks.Task GetDocumentAsync(string address, System.Threading.CancellationToken cancel) => throw null; + } + public class HttpDocumentRetriever : Microsoft.IdentityModel.Protocols.IDocumentRetriever + { + public HttpDocumentRetriever() => throw null; + public HttpDocumentRetriever(System.Net.Http.HttpClient httpClient) => throw null; + public static bool DefaultSendAdditionalHeaderData { get => throw null; set { } } + public System.Threading.Tasks.Task GetDocumentAsync(string address, System.Threading.CancellationToken cancel) => throw null; + public bool RequireHttps { get => throw null; set { } } + public const string ResponseContent = default; + public bool SendAdditionalHeaderData { get => throw null; set { } } + public const string StatusCode = default; + } + public class HttpRequestData + { + public void AppendHeaders(System.Net.Http.Headers.HttpHeaders headers) => throw null; + public byte[] Body { get => throw null; set { } } + public System.Security.Cryptography.X509Certificates.X509Certificate2Collection ClientCertificates { get => throw null; } + public HttpRequestData() => throw null; + public System.Collections.Generic.IDictionary> Headers { get => throw null; set { } } + public string Method { get => throw null; set { } } + public System.Collections.Generic.IDictionary PropertyBag { get => throw null; set { } } + public System.Uri Uri { get => throw null; set { } } + } + public interface IConfigurationManager where T : class + { + System.Threading.Tasks.Task GetConfigurationAsync(System.Threading.CancellationToken cancel); + void RequestRefresh(); + } + public interface IConfigurationRetriever + { + System.Threading.Tasks.Task GetConfigurationAsync(string address, Microsoft.IdentityModel.Protocols.IDocumentRetriever retriever, System.Threading.CancellationToken cancel); + } + public interface IConfigurationValidator + { + Microsoft.IdentityModel.Protocols.ConfigurationValidationResult Validate(T configuration); + } + public interface IDocumentRetriever + { + System.Threading.Tasks.Task GetDocumentAsync(string address, System.Threading.CancellationToken cancel); + } + public class StaticConfigurationManager : Microsoft.IdentityModel.Tokens.BaseConfigurationManager, Microsoft.IdentityModel.Protocols.IConfigurationManager where T : class + { + public StaticConfigurationManager(T configuration) => throw null; + public override System.Threading.Tasks.Task GetBaseConfigurationAsync(System.Threading.CancellationToken cancel) => throw null; + public System.Threading.Tasks.Task GetConfigurationAsync(System.Threading.CancellationToken cancel) => throw null; + public override void RequestRefresh() => throw null; + } + public class X509CertificateValidationMode + { + public X509CertificateValidationMode() => throw null; + } + } + } +} diff --git a/csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Protocols/7.5.0/Microsoft.IdentityModel.Protocols.csproj b/csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Protocols/7.5.0/Microsoft.IdentityModel.Protocols.csproj new file mode 100644 index 00000000000..3f7a9eeb43f --- /dev/null +++ b/csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Protocols/7.5.0/Microsoft.IdentityModel.Protocols.csproj @@ -0,0 +1,13 @@ + + + net9.0 + true + bin\ + false + + + + + + + diff --git a/csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Tokens/7.5.0/Microsoft.IdentityModel.Tokens.cs b/csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Tokens/7.5.0/Microsoft.IdentityModel.Tokens.cs new file mode 100644 index 00000000000..8cc98b2580c --- /dev/null +++ b/csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Tokens/7.5.0/Microsoft.IdentityModel.Tokens.cs @@ -0,0 +1,959 @@ +// This file contains auto-generated code. +// Generated from `Microsoft.IdentityModel.Tokens, Version=7.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35`. +namespace Microsoft +{ + namespace IdentityModel + { + namespace Tokens + { + public delegate bool AlgorithmValidator(string algorithm, Microsoft.IdentityModel.Tokens.SecurityKey securityKey, Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters); + public abstract class AsymmetricSecurityKey : Microsoft.IdentityModel.Tokens.SecurityKey + { + public AsymmetricSecurityKey() => throw null; + public abstract bool HasPrivateKey { get; } + public abstract Microsoft.IdentityModel.Tokens.PrivateKeyStatus PrivateKeyStatus { get; } + } + public class AsymmetricSignatureProvider : Microsoft.IdentityModel.Tokens.SignatureProvider + { + public AsymmetricSignatureProvider(Microsoft.IdentityModel.Tokens.SecurityKey key, string algorithm) : base(default(Microsoft.IdentityModel.Tokens.SecurityKey), default(string)) => throw null; + public AsymmetricSignatureProvider(Microsoft.IdentityModel.Tokens.SecurityKey key, string algorithm, bool willCreateSignatures) : base(default(Microsoft.IdentityModel.Tokens.SecurityKey), default(string)) => throw null; + public static readonly System.Collections.Generic.Dictionary DefaultMinimumAsymmetricKeySizeInBitsForSigningMap; + public static readonly System.Collections.Generic.Dictionary DefaultMinimumAsymmetricKeySizeInBitsForVerifyingMap; + protected override void Dispose(bool disposing) => throw null; + protected virtual System.Security.Cryptography.HashAlgorithmName GetHashAlgorithmName(string algorithm) => throw null; + public System.Collections.Generic.IReadOnlyDictionary MinimumAsymmetricKeySizeInBitsForSigningMap { get => throw null; } + public System.Collections.Generic.IReadOnlyDictionary MinimumAsymmetricKeySizeInBitsForVerifyingMap { get => throw null; } + public override bool Sign(System.ReadOnlySpan input, System.Span signature, out int bytesWritten) => throw null; + public override byte[] Sign(byte[] input) => throw null; + public override byte[] Sign(byte[] input, int offset, int count) => throw null; + public virtual void ValidateAsymmetricSecurityKeySize(Microsoft.IdentityModel.Tokens.SecurityKey key, string algorithm, bool willCreateSignatures) => throw null; + public override bool Verify(byte[] input, byte[] signature) => throw null; + public override bool Verify(byte[] input, int inputOffset, int inputLength, byte[] signature, int signatureOffset, int signatureLength) => throw null; + } + public delegate bool AudienceValidator(System.Collections.Generic.IEnumerable audiences, Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters); + public class AuthenticatedEncryptionProvider : System.IDisposable + { + public string Algorithm { get => throw null; } + public string Context { get => throw null; set { } } + public AuthenticatedEncryptionProvider(Microsoft.IdentityModel.Tokens.SecurityKey key, string algorithm) => throw null; + public virtual byte[] Decrypt(byte[] ciphertext, byte[] authenticatedData, byte[] iv, byte[] authenticationTag) => throw null; + public void Dispose() => throw null; + protected virtual void Dispose(bool disposing) => throw null; + public virtual Microsoft.IdentityModel.Tokens.AuthenticatedEncryptionResult Encrypt(byte[] plaintext, byte[] authenticatedData) => throw null; + public virtual Microsoft.IdentityModel.Tokens.AuthenticatedEncryptionResult Encrypt(byte[] plaintext, byte[] authenticatedData, byte[] iv) => throw null; + protected virtual byte[] GetKeyBytes(Microsoft.IdentityModel.Tokens.SecurityKey key) => throw null; + protected virtual bool IsSupportedAlgorithm(Microsoft.IdentityModel.Tokens.SecurityKey key, string algorithm) => throw null; + public Microsoft.IdentityModel.Tokens.SecurityKey Key { get => throw null; } + protected virtual void ValidateKeySize(Microsoft.IdentityModel.Tokens.SecurityKey key, string algorithm) => throw null; + } + public class AuthenticatedEncryptionResult + { + public byte[] AuthenticationTag { get => throw null; } + public byte[] Ciphertext { get => throw null; } + public AuthenticatedEncryptionResult(Microsoft.IdentityModel.Tokens.SecurityKey key, byte[] ciphertext, byte[] iv, byte[] authenticationTag) => throw null; + public byte[] IV { get => throw null; } + public Microsoft.IdentityModel.Tokens.SecurityKey Key { get => throw null; } + } + public static class Base64UrlEncoder + { + public static string Decode(string arg) => throw null; + public static byte[] DecodeBytes(string str) => throw null; + public static string Encode(string arg) => throw null; + public static string Encode(byte[] inArray) => throw null; + public static string Encode(byte[] inArray, int offset, int length) => throw null; + public static int Encode(System.ReadOnlySpan inArray, System.Span output) => throw null; + } + public abstract class BaseConfiguration + { + public virtual string ActiveTokenEndpoint { get => throw null; set { } } + protected BaseConfiguration() => throw null; + public virtual string Issuer { get => throw null; set { } } + public virtual System.Collections.Generic.ICollection SigningKeys { get => throw null; } + public virtual System.Collections.Generic.ICollection TokenDecryptionKeys { get => throw null; } + public virtual string TokenEndpoint { get => throw null; set { } } + } + public abstract class BaseConfigurationManager + { + public System.TimeSpan AutomaticRefreshInterval { get => throw null; set { } } + public BaseConfigurationManager() => throw null; + public BaseConfigurationManager(Microsoft.IdentityModel.Tokens.Configuration.LKGConfigurationCacheOptions options) => throw null; + public static readonly System.TimeSpan DefaultAutomaticRefreshInterval; + public static readonly System.TimeSpan DefaultLastKnownGoodConfigurationLifetime; + public static readonly System.TimeSpan DefaultRefreshInterval; + public virtual System.Threading.Tasks.Task GetBaseConfigurationAsync(System.Threading.CancellationToken cancel) => throw null; + public bool IsLastKnownGoodValid { get => throw null; } + public Microsoft.IdentityModel.Tokens.BaseConfiguration LastKnownGoodConfiguration { get => throw null; set { } } + public System.TimeSpan LastKnownGoodLifetime { get => throw null; set { } } + public string MetadataAddress { get => throw null; set { } } + public static readonly System.TimeSpan MinimumAutomaticRefreshInterval; + public static readonly System.TimeSpan MinimumRefreshInterval; + public System.TimeSpan RefreshInterval { get => throw null; set { } } + public abstract void RequestRefresh(); + public bool UseLastKnownGoodConfiguration { get => throw null; set { } } + } + public class CallContext : Microsoft.IdentityModel.Logging.LoggerContext + { + public CallContext() => throw null; + public CallContext(System.Guid activityId) => throw null; + } + public static class CollectionUtilities + { + public static bool IsNullOrEmpty(this System.Collections.Generic.IEnumerable enumerable) => throw null; + } + public class CompressionAlgorithms + { + public CompressionAlgorithms() => throw null; + public const string Deflate = default; + } + public class CompressionProviderFactory + { + public Microsoft.IdentityModel.Tokens.ICompressionProvider CreateCompressionProvider(string algorithm) => throw null; + public Microsoft.IdentityModel.Tokens.ICompressionProvider CreateCompressionProvider(string algorithm, int maximumDeflateSize) => throw null; + public CompressionProviderFactory() => throw null; + public CompressionProviderFactory(Microsoft.IdentityModel.Tokens.CompressionProviderFactory other) => throw null; + public Microsoft.IdentityModel.Tokens.ICompressionProvider CustomCompressionProvider { get => throw null; set { } } + public static Microsoft.IdentityModel.Tokens.CompressionProviderFactory Default { get => throw null; set { } } + public virtual bool IsSupportedAlgorithm(string algorithm) => throw null; + } + namespace Configuration + { + public class LKGConfigurationCacheOptions + { + public System.Collections.Generic.IEqualityComparer BaseConfigurationComparer { get => throw null; set { } } + public LKGConfigurationCacheOptions() => throw null; + public static readonly int DefaultLKGConfigurationSizeLimit; + public int LastKnownGoodConfigurationSizeLimit { get => throw null; set { } } + public bool RemoveExpiredValues { get => throw null; set { } } + public System.Threading.Tasks.TaskCreationOptions TaskCreationOptions { get => throw null; set { } } + } + } + public abstract class CryptoProviderCache + { + protected CryptoProviderCache() => throw null; + protected abstract string GetCacheKey(Microsoft.IdentityModel.Tokens.SignatureProvider signatureProvider); + protected abstract string GetCacheKey(Microsoft.IdentityModel.Tokens.SecurityKey securityKey, string algorithm, string typeofProvider); + public abstract bool TryAdd(Microsoft.IdentityModel.Tokens.SignatureProvider signatureProvider); + public abstract bool TryGetSignatureProvider(Microsoft.IdentityModel.Tokens.SecurityKey securityKey, string algorithm, string typeofProvider, bool willCreateSignatures, out Microsoft.IdentityModel.Tokens.SignatureProvider signatureProvider); + public abstract bool TryRemove(Microsoft.IdentityModel.Tokens.SignatureProvider signatureProvider); + } + public class CryptoProviderCacheOptions + { + public CryptoProviderCacheOptions() => throw null; + public static readonly int DefaultSizeLimit; + public int SizeLimit { get => throw null; set { } } + } + public class CryptoProviderFactory + { + public bool CacheSignatureProviders { get => throw null; set { } } + public virtual Microsoft.IdentityModel.Tokens.AuthenticatedEncryptionProvider CreateAuthenticatedEncryptionProvider(Microsoft.IdentityModel.Tokens.SecurityKey key, string algorithm) => throw null; + public virtual Microsoft.IdentityModel.Tokens.SignatureProvider CreateForSigning(Microsoft.IdentityModel.Tokens.SecurityKey key, string algorithm) => throw null; + public virtual Microsoft.IdentityModel.Tokens.SignatureProvider CreateForSigning(Microsoft.IdentityModel.Tokens.SecurityKey key, string algorithm, bool cacheProvider) => throw null; + public virtual Microsoft.IdentityModel.Tokens.SignatureProvider CreateForVerifying(Microsoft.IdentityModel.Tokens.SecurityKey key, string algorithm) => throw null; + public virtual Microsoft.IdentityModel.Tokens.SignatureProvider CreateForVerifying(Microsoft.IdentityModel.Tokens.SecurityKey key, string algorithm, bool cacheProvider) => throw null; + public virtual System.Security.Cryptography.HashAlgorithm CreateHashAlgorithm(System.Security.Cryptography.HashAlgorithmName algorithm) => throw null; + public virtual System.Security.Cryptography.HashAlgorithm CreateHashAlgorithm(string algorithm) => throw null; + public virtual System.Security.Cryptography.KeyedHashAlgorithm CreateKeyedHashAlgorithm(byte[] keyBytes, string algorithm) => throw null; + public virtual Microsoft.IdentityModel.Tokens.KeyWrapProvider CreateKeyWrapProvider(Microsoft.IdentityModel.Tokens.SecurityKey key, string algorithm) => throw null; + public virtual Microsoft.IdentityModel.Tokens.KeyWrapProvider CreateKeyWrapProviderForUnwrap(Microsoft.IdentityModel.Tokens.SecurityKey key, string algorithm) => throw null; + public Microsoft.IdentityModel.Tokens.CryptoProviderCache CryptoProviderCache { get => throw null; } + public CryptoProviderFactory() => throw null; + public CryptoProviderFactory(Microsoft.IdentityModel.Tokens.CryptoProviderCache cache) => throw null; + public CryptoProviderFactory(Microsoft.IdentityModel.Tokens.CryptoProviderFactory other) => throw null; + public Microsoft.IdentityModel.Tokens.ICryptoProvider CustomCryptoProvider { get => throw null; set { } } + public static Microsoft.IdentityModel.Tokens.CryptoProviderFactory Default { get => throw null; set { } } + public static bool DefaultCacheSignatureProviders { get => throw null; set { } } + public static int DefaultSignatureProviderObjectPoolCacheSize { get => throw null; set { } } + public virtual bool IsSupportedAlgorithm(string algorithm) => throw null; + public virtual bool IsSupportedAlgorithm(string algorithm, Microsoft.IdentityModel.Tokens.SecurityKey key) => throw null; + public virtual void ReleaseHashAlgorithm(System.Security.Cryptography.HashAlgorithm hashAlgorithm) => throw null; + public virtual void ReleaseKeyWrapProvider(Microsoft.IdentityModel.Tokens.KeyWrapProvider provider) => throw null; + public virtual void ReleaseRsaKeyWrapProvider(Microsoft.IdentityModel.Tokens.RsaKeyWrapProvider provider) => throw null; + public virtual void ReleaseSignatureProvider(Microsoft.IdentityModel.Tokens.SignatureProvider signatureProvider) => throw null; + public int SignatureProviderObjectPoolCacheSize { get => throw null; set { } } + } + public static class DateTimeUtil + { + public static System.DateTime Add(System.DateTime time, System.TimeSpan timespan) => throw null; + public static System.DateTime GetMaxValue(System.DateTimeKind kind) => throw null; + public static System.DateTime GetMinValue(System.DateTimeKind kind) => throw null; + public static System.DateTime? ToUniversalTime(System.DateTime? value) => throw null; + public static System.DateTime ToUniversalTime(System.DateTime value) => throw null; + } + public class DeflateCompressionProvider : Microsoft.IdentityModel.Tokens.ICompressionProvider + { + public string Algorithm { get => throw null; } + public byte[] Compress(byte[] value) => throw null; + public System.IO.Compression.CompressionLevel CompressionLevel { get => throw null; } + public DeflateCompressionProvider() => throw null; + public DeflateCompressionProvider(System.IO.Compression.CompressionLevel compressionLevel) => throw null; + public byte[] Decompress(byte[] value) => throw null; + public bool IsSupportedAlgorithm(string algorithm) => throw null; + public int MaximumDeflateSize { get => throw null; set { } } + } + public class EcdhKeyExchangeProvider + { + public EcdhKeyExchangeProvider(Microsoft.IdentityModel.Tokens.SecurityKey privateKey, Microsoft.IdentityModel.Tokens.SecurityKey publicKey, string alg, string enc) => throw null; + public Microsoft.IdentityModel.Tokens.SecurityKey GenerateKdf(string apu = default(string), string apv = default(string)) => throw null; + public int KeyDataLen { get => throw null; set { } } + } + public class ECDsaSecurityKey : Microsoft.IdentityModel.Tokens.AsymmetricSecurityKey + { + public override bool CanComputeJwkThumbprint() => throw null; + public override byte[] ComputeJwkThumbprint() => throw null; + public ECDsaSecurityKey(System.Security.Cryptography.ECDsa ecdsa) => throw null; + public System.Security.Cryptography.ECDsa ECDsa { get => throw null; } + public override bool HasPrivateKey { get => throw null; } + public override int KeySize { get => throw null; } + public override Microsoft.IdentityModel.Tokens.PrivateKeyStatus PrivateKeyStatus { get => throw null; } + } + public class EncryptingCredentials + { + public string Alg { get => throw null; } + public Microsoft.IdentityModel.Tokens.CryptoProviderFactory CryptoProviderFactory { get => throw null; set { } } + protected EncryptingCredentials(System.Security.Cryptography.X509Certificates.X509Certificate2 certificate, string alg, string enc) => throw null; + public EncryptingCredentials(Microsoft.IdentityModel.Tokens.SecurityKey key, string alg, string enc) => throw null; + public EncryptingCredentials(Microsoft.IdentityModel.Tokens.SymmetricSecurityKey key, string enc) => throw null; + public string Enc { get => throw null; } + public Microsoft.IdentityModel.Tokens.SecurityKey Key { get => throw null; } + public Microsoft.IdentityModel.Tokens.SecurityKey KeyExchangePublicKey { get => throw null; set { } } + public bool SetDefaultCtyClaim { get => throw null; set { } } + } + public static class EpochTime + { + public static System.DateTime DateTime(long secondsSinceUnixEpoch) => throw null; + public static long GetIntDate(System.DateTime datetime) => throw null; + public static readonly System.DateTime UnixEpoch; + } + public interface ICompressionProvider + { + string Algorithm { get; } + byte[] Compress(byte[] value); + byte[] Decompress(byte[] value); + bool IsSupportedAlgorithm(string algorithm); + } + public interface ICryptoProvider + { + object Create(string algorithm, params object[] args); + bool IsSupportedAlgorithm(string algorithm, params object[] args); + void Release(object cryptoInstance); + } + public class InMemoryCryptoProviderCache : Microsoft.IdentityModel.Tokens.CryptoProviderCache, System.IDisposable + { + public InMemoryCryptoProviderCache() => throw null; + public InMemoryCryptoProviderCache(Microsoft.IdentityModel.Tokens.CryptoProviderCacheOptions cryptoProviderCacheOptions) => throw null; + public void Dispose() => throw null; + protected virtual void Dispose(bool disposing) => throw null; + protected override string GetCacheKey(Microsoft.IdentityModel.Tokens.SignatureProvider signatureProvider) => throw null; + protected override string GetCacheKey(Microsoft.IdentityModel.Tokens.SecurityKey securityKey, string algorithm, string typeofProvider) => throw null; + public override bool TryAdd(Microsoft.IdentityModel.Tokens.SignatureProvider signatureProvider) => throw null; + public override bool TryGetSignatureProvider(Microsoft.IdentityModel.Tokens.SecurityKey securityKey, string algorithm, string typeofProvider, bool willCreateSignatures, out Microsoft.IdentityModel.Tokens.SignatureProvider signatureProvider) => throw null; + public override bool TryRemove(Microsoft.IdentityModel.Tokens.SignatureProvider signatureProvider) => throw null; + } + public interface ISecurityTokenValidator + { + bool CanReadToken(string securityToken); + bool CanValidateToken { get; } + int MaximumTokenSizeInBytes { get; set; } + System.Security.Claims.ClaimsPrincipal ValidateToken(string securityToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters, out Microsoft.IdentityModel.Tokens.SecurityToken validatedToken); + } + public delegate System.Collections.Generic.IEnumerable IssuerSigningKeyResolver(string token, Microsoft.IdentityModel.Tokens.SecurityToken securityToken, string kid, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters); + public delegate System.Collections.Generic.IEnumerable IssuerSigningKeyResolverUsingConfiguration(string token, Microsoft.IdentityModel.Tokens.SecurityToken securityToken, string kid, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.BaseConfiguration configuration); + public delegate bool IssuerSigningKeyValidator(Microsoft.IdentityModel.Tokens.SecurityKey securityKey, Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters); + public delegate bool IssuerSigningKeyValidatorUsingConfiguration(Microsoft.IdentityModel.Tokens.SecurityKey securityKey, Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.BaseConfiguration configuration); + public delegate string IssuerValidator(string issuer, Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters); + public delegate string IssuerValidatorUsingConfiguration(string issuer, Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.BaseConfiguration configuration); + public interface ITokenReplayCache + { + bool TryAdd(string securityToken, System.DateTime expiresOn); + bool TryFind(string securityToken); + } + public static class JsonWebAlgorithmsKeyTypes + { + public const string EllipticCurve = default; + public const string Octet = default; + public const string RSA = default; + } + public class JsonWebKey : Microsoft.IdentityModel.Tokens.SecurityKey + { + public System.Collections.Generic.IDictionary AdditionalData { get => throw null; } + public string Alg { get => throw null; set { } } + public override bool CanComputeJwkThumbprint() => throw null; + public override byte[] ComputeJwkThumbprint() => throw null; + public static Microsoft.IdentityModel.Tokens.JsonWebKey Create(string json) => throw null; + public string Crv { get => throw null; set { } } + public JsonWebKey() => throw null; + public JsonWebKey(string json) => throw null; + public string D { get => throw null; set { } } + public string DP { get => throw null; set { } } + public string DQ { get => throw null; set { } } + public string E { get => throw null; set { } } + public bool HasPrivateKey { get => throw null; } + public string K { get => throw null; set { } } + public override string KeyId { get => throw null; set { } } + public System.Collections.Generic.IList KeyOps { get => throw null; } + public override int KeySize { get => throw null; } + public string Kid { get => throw null; set { } } + public string Kty { get => throw null; set { } } + public string N { get => throw null; set { } } + public System.Collections.Generic.IList Oth { get => throw null; } + public string P { get => throw null; set { } } + public string Q { get => throw null; set { } } + public string QI { get => throw null; set { } } + public override string ToString() => throw null; + public string Use { get => throw null; set { } } + public string X { get => throw null; set { } } + public System.Collections.Generic.IList X5c { get => throw null; } + public string X5t { get => throw null; set { } } + public string X5tS256 { get => throw null; set { } } + public string X5u { get => throw null; set { } } + public string Y { get => throw null; set { } } + } + public class JsonWebKeyConverter + { + public static Microsoft.IdentityModel.Tokens.JsonWebKey ConvertFromECDsaSecurityKey(Microsoft.IdentityModel.Tokens.ECDsaSecurityKey key) => throw null; + public static Microsoft.IdentityModel.Tokens.JsonWebKey ConvertFromRSASecurityKey(Microsoft.IdentityModel.Tokens.RsaSecurityKey key) => throw null; + public static Microsoft.IdentityModel.Tokens.JsonWebKey ConvertFromSecurityKey(Microsoft.IdentityModel.Tokens.SecurityKey key) => throw null; + public static Microsoft.IdentityModel.Tokens.JsonWebKey ConvertFromSymmetricSecurityKey(Microsoft.IdentityModel.Tokens.SymmetricSecurityKey key) => throw null; + public static Microsoft.IdentityModel.Tokens.JsonWebKey ConvertFromX509SecurityKey(Microsoft.IdentityModel.Tokens.X509SecurityKey key) => throw null; + public static Microsoft.IdentityModel.Tokens.JsonWebKey ConvertFromX509SecurityKey(Microsoft.IdentityModel.Tokens.X509SecurityKey key, bool representAsRsaKey) => throw null; + public JsonWebKeyConverter() => throw null; + } + public static class JsonWebKeyECTypes + { + public const string P256 = default; + public const string P384 = default; + public const string P512 = default; + public const string P521 = default; + } + public static class JsonWebKeyParameterNames + { + public const string Alg = default; + public const string Crv = default; + public const string D = default; + public const string DP = default; + public const string DQ = default; + public const string E = default; + public const string K = default; + public const string KeyOps = default; + public const string Keys = default; + public const string Kid = default; + public const string Kty = default; + public const string N = default; + public const string Oth = default; + public const string P = default; + public const string Q = default; + public const string QI = default; + public const string Use = default; + public const string X = default; + public const string X5c = default; + public const string X5t = default; + public const string X5tS256 = default; + public const string X5u = default; + public const string Y = default; + } + public class JsonWebKeySet + { + public System.Collections.Generic.IDictionary AdditionalData { get => throw null; } + public static Microsoft.IdentityModel.Tokens.JsonWebKeySet Create(string json) => throw null; + public JsonWebKeySet() => throw null; + public JsonWebKeySet(string json) => throw null; + public static bool DefaultSkipUnresolvedJsonWebKeys; + public System.Collections.Generic.IList GetSigningKeys() => throw null; + public System.Collections.Generic.IList Keys { get => throw null; } + public bool SkipUnresolvedJsonWebKeys { get => throw null; set { } } + } + public static class JsonWebKeySetParameterNames + { + public const string Keys = default; + } + public static class JsonWebKeyUseNames + { + public const string Enc = default; + public const string Sig = default; + } + public abstract class KeyWrapProvider : System.IDisposable + { + public abstract string Algorithm { get; } + public abstract string Context { get; set; } + protected KeyWrapProvider() => throw null; + public void Dispose() => throw null; + protected abstract void Dispose(bool disposing); + public abstract Microsoft.IdentityModel.Tokens.SecurityKey Key { get; } + public abstract byte[] UnwrapKey(byte[] keyBytes); + public abstract byte[] WrapKey(byte[] keyBytes); + } + public delegate bool LifetimeValidator(System.DateTime? notBefore, System.DateTime? expires, Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters); + public enum PrivateKeyStatus + { + Exists = 0, + DoesNotExist = 1, + Unknown = 2, + } + public class RsaKeyWrapProvider : Microsoft.IdentityModel.Tokens.KeyWrapProvider + { + public override string Algorithm { get => throw null; } + public override string Context { get => throw null; set { } } + public RsaKeyWrapProvider(Microsoft.IdentityModel.Tokens.SecurityKey key, string algorithm, bool willUnwrap) => throw null; + protected override void Dispose(bool disposing) => throw null; + protected virtual bool IsSupportedAlgorithm(Microsoft.IdentityModel.Tokens.SecurityKey key, string algorithm) => throw null; + public override Microsoft.IdentityModel.Tokens.SecurityKey Key { get => throw null; } + public override byte[] UnwrapKey(byte[] keyBytes) => throw null; + public override byte[] WrapKey(byte[] keyBytes) => throw null; + } + public class RsaSecurityKey : Microsoft.IdentityModel.Tokens.AsymmetricSecurityKey + { + public override bool CanComputeJwkThumbprint() => throw null; + public override byte[] ComputeJwkThumbprint() => throw null; + public RsaSecurityKey(System.Security.Cryptography.RSAParameters rsaParameters) => throw null; + public RsaSecurityKey(System.Security.Cryptography.RSA rsa) => throw null; + public override bool HasPrivateKey { get => throw null; } + public override int KeySize { get => throw null; } + public System.Security.Cryptography.RSAParameters Parameters { get => throw null; } + public override Microsoft.IdentityModel.Tokens.PrivateKeyStatus PrivateKeyStatus { get => throw null; } + public System.Security.Cryptography.RSA Rsa { get => throw null; } + } + public static class SecurityAlgorithms + { + public const string Aes128CbcHmacSha256 = default; + public const string Aes128Encryption = default; + public const string Aes128Gcm = default; + public const string Aes128KeyWrap = default; + public const string Aes128KW = default; + public const string Aes192CbcHmacSha384 = default; + public const string Aes192Encryption = default; + public const string Aes192Gcm = default; + public const string Aes192KeyWrap = default; + public const string Aes192KW = default; + public const string Aes256CbcHmacSha512 = default; + public const string Aes256Encryption = default; + public const string Aes256Gcm = default; + public const string Aes256KeyWrap = default; + public const string Aes256KW = default; + public const string DesEncryption = default; + public const string EcdhEs = default; + public const string EcdhEsA128kw = default; + public const string EcdhEsA192kw = default; + public const string EcdhEsA256kw = default; + public const string EcdsaSha256 = default; + public const string EcdsaSha256Signature = default; + public const string EcdsaSha384 = default; + public const string EcdsaSha384Signature = default; + public const string EcdsaSha512 = default; + public const string EcdsaSha512Signature = default; + public const string EnvelopedSignature = default; + public const string ExclusiveC14n = default; + public const string ExclusiveC14nWithComments = default; + public const string HmacSha256 = default; + public const string HmacSha256Signature = default; + public const string HmacSha384 = default; + public const string HmacSha384Signature = default; + public const string HmacSha512 = default; + public const string HmacSha512Signature = default; + public const string None = default; + public const string Ripemd160Digest = default; + public const string RsaOAEP = default; + public const string RsaOaepKeyWrap = default; + public const string RsaPKCS1 = default; + public const string RsaSha256 = default; + public const string RsaSha256Signature = default; + public const string RsaSha384 = default; + public const string RsaSha384Signature = default; + public const string RsaSha512 = default; + public const string RsaSha512Signature = default; + public const string RsaSsaPssSha256 = default; + public const string RsaSsaPssSha256Signature = default; + public const string RsaSsaPssSha384 = default; + public const string RsaSsaPssSha384Signature = default; + public const string RsaSsaPssSha512 = default; + public const string RsaSsaPssSha512Signature = default; + public const string RsaV15KeyWrap = default; + public const string Sha256 = default; + public const string Sha256Digest = default; + public const string Sha384 = default; + public const string Sha384Digest = default; + public const string Sha512 = default; + public const string Sha512Digest = default; + } + public abstract class SecurityKey + { + public virtual bool CanComputeJwkThumbprint() => throw null; + public virtual byte[] ComputeJwkThumbprint() => throw null; + public Microsoft.IdentityModel.Tokens.CryptoProviderFactory CryptoProviderFactory { get => throw null; set { } } + public SecurityKey() => throw null; + public virtual bool IsSupportedAlgorithm(string algorithm) => throw null; + public virtual string KeyId { get => throw null; set { } } + public abstract int KeySize { get; } + public override string ToString() => throw null; + } + public class SecurityKeyIdentifierClause + { + public SecurityKeyIdentifierClause() => throw null; + } + public abstract class SecurityToken : Microsoft.IdentityModel.Logging.ISafeLogSecurityArtifact + { + protected SecurityToken() => throw null; + public abstract string Id { get; } + public abstract string Issuer { get; } + public abstract Microsoft.IdentityModel.Tokens.SecurityKey SecurityKey { get; } + public abstract Microsoft.IdentityModel.Tokens.SecurityKey SigningKey { get; set; } + public virtual string UnsafeToString() => throw null; + public abstract System.DateTime ValidFrom { get; } + public abstract System.DateTime ValidTo { get; } + } + public class SecurityTokenArgumentException : System.ArgumentException + { + public SecurityTokenArgumentException() => throw null; + public SecurityTokenArgumentException(string message) => throw null; + public SecurityTokenArgumentException(string message, System.Exception innerException) => throw null; + protected SecurityTokenArgumentException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + } + public class SecurityTokenCompressionFailedException : Microsoft.IdentityModel.Tokens.SecurityTokenException + { + public SecurityTokenCompressionFailedException() => throw null; + public SecurityTokenCompressionFailedException(string message) => throw null; + public SecurityTokenCompressionFailedException(string message, System.Exception inner) => throw null; + protected SecurityTokenCompressionFailedException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + } + public class SecurityTokenDecompressionFailedException : Microsoft.IdentityModel.Tokens.SecurityTokenException + { + public SecurityTokenDecompressionFailedException() => throw null; + public SecurityTokenDecompressionFailedException(string message) => throw null; + public SecurityTokenDecompressionFailedException(string message, System.Exception inner) => throw null; + protected SecurityTokenDecompressionFailedException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + } + public class SecurityTokenDecryptionFailedException : Microsoft.IdentityModel.Tokens.SecurityTokenException + { + public SecurityTokenDecryptionFailedException() => throw null; + public SecurityTokenDecryptionFailedException(string message) => throw null; + public SecurityTokenDecryptionFailedException(string message, System.Exception innerException) => throw null; + protected SecurityTokenDecryptionFailedException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + } + public class SecurityTokenDescriptor + { + public System.Collections.Generic.IDictionary AdditionalHeaderClaims { get => throw null; set { } } + public System.Collections.Generic.IDictionary AdditionalInnerHeaderClaims { get => throw null; set { } } + public string Audience { get => throw null; set { } } + public System.Collections.Generic.IDictionary Claims { get => throw null; set { } } + public string CompressionAlgorithm { get => throw null; set { } } + public SecurityTokenDescriptor() => throw null; + public Microsoft.IdentityModel.Tokens.EncryptingCredentials EncryptingCredentials { get => throw null; set { } } + public System.DateTime? Expires { get => throw null; set { } } + public System.DateTime? IssuedAt { get => throw null; set { } } + public string Issuer { get => throw null; set { } } + public System.DateTime? NotBefore { get => throw null; set { } } + public Microsoft.IdentityModel.Tokens.SigningCredentials SigningCredentials { get => throw null; set { } } + public System.Security.Claims.ClaimsIdentity Subject { get => throw null; set { } } + public string TokenType { get => throw null; set { } } + } + public class SecurityTokenEncryptionFailedException : Microsoft.IdentityModel.Tokens.SecurityTokenException + { + public SecurityTokenEncryptionFailedException() => throw null; + public SecurityTokenEncryptionFailedException(string message) => throw null; + public SecurityTokenEncryptionFailedException(string message, System.Exception innerException) => throw null; + protected SecurityTokenEncryptionFailedException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + } + public class SecurityTokenEncryptionKeyNotFoundException : Microsoft.IdentityModel.Tokens.SecurityTokenDecryptionFailedException + { + public SecurityTokenEncryptionKeyNotFoundException() => throw null; + public SecurityTokenEncryptionKeyNotFoundException(string message) => throw null; + public SecurityTokenEncryptionKeyNotFoundException(string message, System.Exception innerException) => throw null; + protected SecurityTokenEncryptionKeyNotFoundException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + } + public class SecurityTokenException : System.Exception + { + public SecurityTokenException() => throw null; + public SecurityTokenException(string message) => throw null; + public SecurityTokenException(string message, System.Exception innerException) => throw null; + protected SecurityTokenException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + public override void GetObjectData(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + } + public class SecurityTokenExpiredException : Microsoft.IdentityModel.Tokens.SecurityTokenValidationException + { + public SecurityTokenExpiredException() => throw null; + public SecurityTokenExpiredException(string message) => throw null; + public SecurityTokenExpiredException(string message, System.Exception inner) => throw null; + protected SecurityTokenExpiredException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + public System.DateTime Expires { get => throw null; set { } } + public override void GetObjectData(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + } + public abstract class SecurityTokenHandler : Microsoft.IdentityModel.Tokens.TokenHandler, Microsoft.IdentityModel.Tokens.ISecurityTokenValidator + { + public virtual bool CanReadToken(System.Xml.XmlReader reader) => throw null; + public virtual bool CanReadToken(string tokenString) => throw null; + public virtual bool CanValidateToken { get => throw null; } + public virtual bool CanWriteToken { get => throw null; } + public virtual Microsoft.IdentityModel.Tokens.SecurityKeyIdentifierClause CreateSecurityTokenReference(Microsoft.IdentityModel.Tokens.SecurityToken token, bool attached) => throw null; + public virtual Microsoft.IdentityModel.Tokens.SecurityToken CreateToken(Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor tokenDescriptor) => throw null; + protected SecurityTokenHandler() => throw null; + public virtual Microsoft.IdentityModel.Tokens.SecurityToken ReadToken(System.Xml.XmlReader reader) => throw null; + public abstract Microsoft.IdentityModel.Tokens.SecurityToken ReadToken(System.Xml.XmlReader reader, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters); + public abstract System.Type TokenType { get; } + public virtual System.Security.Claims.ClaimsPrincipal ValidateToken(string securityToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters, out Microsoft.IdentityModel.Tokens.SecurityToken validatedToken) => throw null; + public virtual System.Security.Claims.ClaimsPrincipal ValidateToken(System.Xml.XmlReader reader, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters, out Microsoft.IdentityModel.Tokens.SecurityToken validatedToken) => throw null; + public virtual string WriteToken(Microsoft.IdentityModel.Tokens.SecurityToken token) => throw null; + public abstract void WriteToken(System.Xml.XmlWriter writer, Microsoft.IdentityModel.Tokens.SecurityToken token); + } + public class SecurityTokenInvalidAlgorithmException : Microsoft.IdentityModel.Tokens.SecurityTokenValidationException + { + public SecurityTokenInvalidAlgorithmException() => throw null; + public SecurityTokenInvalidAlgorithmException(string message) => throw null; + public SecurityTokenInvalidAlgorithmException(string message, System.Exception innerException) => throw null; + protected SecurityTokenInvalidAlgorithmException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + public override void GetObjectData(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + public string InvalidAlgorithm { get => throw null; set { } } + } + public class SecurityTokenInvalidAudienceException : Microsoft.IdentityModel.Tokens.SecurityTokenValidationException + { + public SecurityTokenInvalidAudienceException() => throw null; + public SecurityTokenInvalidAudienceException(string message) => throw null; + public SecurityTokenInvalidAudienceException(string message, System.Exception innerException) => throw null; + protected SecurityTokenInvalidAudienceException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + public override void GetObjectData(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + public string InvalidAudience { get => throw null; set { } } + } + public class SecurityTokenInvalidIssuerException : Microsoft.IdentityModel.Tokens.SecurityTokenValidationException + { + public SecurityTokenInvalidIssuerException() => throw null; + public SecurityTokenInvalidIssuerException(string message) => throw null; + public SecurityTokenInvalidIssuerException(string message, System.Exception innerException) => throw null; + protected SecurityTokenInvalidIssuerException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + public override void GetObjectData(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + public string InvalidIssuer { get => throw null; set { } } + } + public class SecurityTokenInvalidLifetimeException : Microsoft.IdentityModel.Tokens.SecurityTokenValidationException + { + public SecurityTokenInvalidLifetimeException() => throw null; + public SecurityTokenInvalidLifetimeException(string message) => throw null; + public SecurityTokenInvalidLifetimeException(string message, System.Exception innerException) => throw null; + protected SecurityTokenInvalidLifetimeException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + public System.DateTime? Expires { get => throw null; set { } } + public override void GetObjectData(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + public System.DateTime? NotBefore { get => throw null; set { } } + } + public class SecurityTokenInvalidSignatureException : Microsoft.IdentityModel.Tokens.SecurityTokenValidationException + { + public SecurityTokenInvalidSignatureException() => throw null; + public SecurityTokenInvalidSignatureException(string message) => throw null; + public SecurityTokenInvalidSignatureException(string message, System.Exception innerException) => throw null; + protected SecurityTokenInvalidSignatureException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + } + public class SecurityTokenInvalidSigningKeyException : Microsoft.IdentityModel.Tokens.SecurityTokenValidationException + { + public SecurityTokenInvalidSigningKeyException() => throw null; + public SecurityTokenInvalidSigningKeyException(string message) => throw null; + public SecurityTokenInvalidSigningKeyException(string message, System.Exception inner) => throw null; + protected SecurityTokenInvalidSigningKeyException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + public Microsoft.IdentityModel.Tokens.SecurityKey SigningKey { get => throw null; set { } } + } + public class SecurityTokenInvalidTypeException : Microsoft.IdentityModel.Tokens.SecurityTokenValidationException + { + public SecurityTokenInvalidTypeException() => throw null; + public SecurityTokenInvalidTypeException(string message) => throw null; + public SecurityTokenInvalidTypeException(string message, System.Exception innerException) => throw null; + protected SecurityTokenInvalidTypeException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + public override void GetObjectData(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + public string InvalidType { get => throw null; set { } } + } + public class SecurityTokenKeyWrapException : Microsoft.IdentityModel.Tokens.SecurityTokenException + { + public SecurityTokenKeyWrapException() => throw null; + public SecurityTokenKeyWrapException(string message) => throw null; + public SecurityTokenKeyWrapException(string message, System.Exception innerException) => throw null; + protected SecurityTokenKeyWrapException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + } + public class SecurityTokenMalformedException : Microsoft.IdentityModel.Tokens.SecurityTokenArgumentException + { + public SecurityTokenMalformedException() => throw null; + public SecurityTokenMalformedException(string message) => throw null; + public SecurityTokenMalformedException(string message, System.Exception innerException) => throw null; + protected SecurityTokenMalformedException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + } + public class SecurityTokenNoExpirationException : Microsoft.IdentityModel.Tokens.SecurityTokenValidationException + { + public SecurityTokenNoExpirationException() => throw null; + public SecurityTokenNoExpirationException(string message) => throw null; + public SecurityTokenNoExpirationException(string message, System.Exception innerException) => throw null; + protected SecurityTokenNoExpirationException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + } + public class SecurityTokenNotYetValidException : Microsoft.IdentityModel.Tokens.SecurityTokenValidationException + { + public SecurityTokenNotYetValidException() => throw null; + public SecurityTokenNotYetValidException(string message) => throw null; + public SecurityTokenNotYetValidException(string message, System.Exception inner) => throw null; + protected SecurityTokenNotYetValidException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + public override void GetObjectData(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + public System.DateTime NotBefore { get => throw null; set { } } + } + public class SecurityTokenReplayAddFailedException : Microsoft.IdentityModel.Tokens.SecurityTokenValidationException + { + public SecurityTokenReplayAddFailedException() => throw null; + public SecurityTokenReplayAddFailedException(string message) => throw null; + public SecurityTokenReplayAddFailedException(string message, System.Exception innerException) => throw null; + protected SecurityTokenReplayAddFailedException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + } + public class SecurityTokenReplayDetectedException : Microsoft.IdentityModel.Tokens.SecurityTokenValidationException + { + public SecurityTokenReplayDetectedException() => throw null; + public SecurityTokenReplayDetectedException(string message) => throw null; + public SecurityTokenReplayDetectedException(string message, System.Exception inner) => throw null; + protected SecurityTokenReplayDetectedException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + } + public class SecurityTokenSignatureKeyNotFoundException : Microsoft.IdentityModel.Tokens.SecurityTokenInvalidSignatureException + { + public SecurityTokenSignatureKeyNotFoundException() => throw null; + public SecurityTokenSignatureKeyNotFoundException(string message) => throw null; + public SecurityTokenSignatureKeyNotFoundException(string message, System.Exception innerException) => throw null; + protected SecurityTokenSignatureKeyNotFoundException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + } + public class SecurityTokenUnableToValidateException : Microsoft.IdentityModel.Tokens.SecurityTokenInvalidSignatureException + { + public SecurityTokenUnableToValidateException() => throw null; + public SecurityTokenUnableToValidateException(Microsoft.IdentityModel.Tokens.ValidationFailure validationFailure, string message) => throw null; + public SecurityTokenUnableToValidateException(string message) => throw null; + public SecurityTokenUnableToValidateException(string message, System.Exception innerException) => throw null; + protected SecurityTokenUnableToValidateException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + public override void GetObjectData(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + public Microsoft.IdentityModel.Tokens.ValidationFailure ValidationFailure { get => throw null; set { } } + } + public class SecurityTokenValidationException : Microsoft.IdentityModel.Tokens.SecurityTokenException + { + public SecurityTokenValidationException() => throw null; + public SecurityTokenValidationException(string message) => throw null; + public SecurityTokenValidationException(string message, System.Exception innerException) => throw null; + protected SecurityTokenValidationException(System.Runtime.Serialization.SerializationInfo info, System.Runtime.Serialization.StreamingContext context) => throw null; + } + public abstract class SignatureProvider : System.IDisposable + { + public string Algorithm { get => throw null; } + public string Context { get => throw null; set { } } + public Microsoft.IdentityModel.Tokens.CryptoProviderCache CryptoProviderCache { get => throw null; set { } } + protected SignatureProvider(Microsoft.IdentityModel.Tokens.SecurityKey key, string algorithm) => throw null; + public void Dispose() => throw null; + protected abstract void Dispose(bool disposing); + public Microsoft.IdentityModel.Tokens.SecurityKey Key { get => throw null; } + public abstract byte[] Sign(byte[] input); + public virtual byte[] Sign(byte[] input, int offset, int count) => throw null; + public virtual bool Sign(System.ReadOnlySpan data, System.Span destination, out int bytesWritten) => throw null; + public abstract bool Verify(byte[] input, byte[] signature); + public virtual bool Verify(byte[] input, int inputOffset, int inputLength, byte[] signature, int signatureOffset, int signatureLength) => throw null; + public bool WillCreateSignatures { get => throw null; set { } } + } + public delegate Microsoft.IdentityModel.Tokens.SecurityToken SignatureValidator(string token, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters); + public delegate Microsoft.IdentityModel.Tokens.SecurityToken SignatureValidatorUsingConfiguration(string token, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.BaseConfiguration configuration); + public class SigningCredentials + { + public string Algorithm { get => throw null; } + public Microsoft.IdentityModel.Tokens.CryptoProviderFactory CryptoProviderFactory { get => throw null; set { } } + protected SigningCredentials(System.Security.Cryptography.X509Certificates.X509Certificate2 certificate) => throw null; + protected SigningCredentials(System.Security.Cryptography.X509Certificates.X509Certificate2 certificate, string algorithm) => throw null; + public SigningCredentials(Microsoft.IdentityModel.Tokens.SecurityKey key, string algorithm) => throw null; + public SigningCredentials(Microsoft.IdentityModel.Tokens.SecurityKey key, string algorithm, string digest) => throw null; + public string Digest { get => throw null; } + public Microsoft.IdentityModel.Tokens.SecurityKey Key { get => throw null; } + public string Kid { get => throw null; } + } + public class SymmetricKeyWrapProvider : Microsoft.IdentityModel.Tokens.KeyWrapProvider + { + public override string Algorithm { get => throw null; } + public override string Context { get => throw null; set { } } + public SymmetricKeyWrapProvider(Microsoft.IdentityModel.Tokens.SecurityKey key, string algorithm) => throw null; + protected override void Dispose(bool disposing) => throw null; + protected virtual System.Security.Cryptography.SymmetricAlgorithm GetSymmetricAlgorithm(Microsoft.IdentityModel.Tokens.SecurityKey key, string algorithm) => throw null; + protected virtual bool IsSupportedAlgorithm(Microsoft.IdentityModel.Tokens.SecurityKey key, string algorithm) => throw null; + public override Microsoft.IdentityModel.Tokens.SecurityKey Key { get => throw null; } + public override byte[] UnwrapKey(byte[] keyBytes) => throw null; + public override byte[] WrapKey(byte[] keyBytes) => throw null; + } + public class SymmetricSecurityKey : Microsoft.IdentityModel.Tokens.SecurityKey + { + public override bool CanComputeJwkThumbprint() => throw null; + public override byte[] ComputeJwkThumbprint() => throw null; + public SymmetricSecurityKey(byte[] key) => throw null; + public virtual byte[] Key { get => throw null; } + public override int KeySize { get => throw null; } + } + public class SymmetricSignatureProvider : Microsoft.IdentityModel.Tokens.SignatureProvider + { + public SymmetricSignatureProvider(Microsoft.IdentityModel.Tokens.SecurityKey key, string algorithm) : base(default(Microsoft.IdentityModel.Tokens.SecurityKey), default(string)) => throw null; + public SymmetricSignatureProvider(Microsoft.IdentityModel.Tokens.SecurityKey key, string algorithm, bool willCreateSignatures) : base(default(Microsoft.IdentityModel.Tokens.SecurityKey), default(string)) => throw null; + public static readonly int DefaultMinimumSymmetricKeySizeInBits; + protected override void Dispose(bool disposing) => throw null; + protected virtual byte[] GetKeyBytes(Microsoft.IdentityModel.Tokens.SecurityKey key) => throw null; + protected virtual System.Security.Cryptography.KeyedHashAlgorithm GetKeyedHashAlgorithm(byte[] keyBytes, string algorithm) => throw null; + public int MinimumSymmetricKeySizeInBits { get => throw null; set { } } + protected virtual void ReleaseKeyedHashAlgorithm(System.Security.Cryptography.KeyedHashAlgorithm keyedHashAlgorithm) => throw null; + public override byte[] Sign(byte[] input) => throw null; + public override bool Sign(System.ReadOnlySpan input, System.Span signature, out int bytesWritten) => throw null; + public override byte[] Sign(byte[] input, int offset, int count) => throw null; + public override bool Verify(byte[] input, byte[] signature) => throw null; + public bool Verify(byte[] input, byte[] signature, int length) => throw null; + public override bool Verify(byte[] input, int inputOffset, int inputLength, byte[] signature, int signatureOffset, int signatureLength) => throw null; + } + public class TokenContext : Microsoft.IdentityModel.Tokens.CallContext + { + public TokenContext() => throw null; + public TokenContext(System.Guid activityId) => throw null; + } + public delegate System.Collections.Generic.IEnumerable TokenDecryptionKeyResolver(string token, Microsoft.IdentityModel.Tokens.SecurityToken securityToken, string kid, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters); + public abstract class TokenHandler + { + protected TokenHandler() => throw null; + public static readonly int DefaultTokenLifetimeInMinutes; + public virtual int MaximumTokenSizeInBytes { get => throw null; set { } } + public virtual Microsoft.IdentityModel.Tokens.SecurityToken ReadToken(string token) => throw null; + public bool SetDefaultTimesOnTokenCreation { get => throw null; set { } } + public int TokenLifetimeInMinutes { get => throw null; set { } } + public virtual System.Threading.Tasks.Task ValidateTokenAsync(string token, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters) => throw null; + public virtual System.Threading.Tasks.Task ValidateTokenAsync(Microsoft.IdentityModel.Tokens.SecurityToken token, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters) => throw null; + } + public delegate Microsoft.IdentityModel.Tokens.SecurityToken TokenReader(string token, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters); + public delegate bool TokenReplayValidator(System.DateTime? expirationTime, string securityToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters); + public class TokenValidationParameters + { + public Microsoft.IdentityModel.Tokens.TokenValidationParameters ActorValidationParameters { get => throw null; set { } } + public Microsoft.IdentityModel.Tokens.AlgorithmValidator AlgorithmValidator { get => throw null; set { } } + public Microsoft.IdentityModel.Tokens.AudienceValidator AudienceValidator { get => throw null; set { } } + public string AuthenticationType { get => throw null; set { } } + public System.TimeSpan ClockSkew { get => throw null; set { } } + public virtual Microsoft.IdentityModel.Tokens.TokenValidationParameters Clone() => throw null; + public Microsoft.IdentityModel.Tokens.BaseConfigurationManager ConfigurationManager { get => throw null; set { } } + public virtual System.Security.Claims.ClaimsIdentity CreateClaimsIdentity(Microsoft.IdentityModel.Tokens.SecurityToken securityToken, string issuer) => throw null; + public Microsoft.IdentityModel.Tokens.CryptoProviderFactory CryptoProviderFactory { get => throw null; set { } } + protected TokenValidationParameters(Microsoft.IdentityModel.Tokens.TokenValidationParameters other) => throw null; + public TokenValidationParameters() => throw null; + public string DebugId { get => throw null; set { } } + public static readonly string DefaultAuthenticationType; + public static readonly System.TimeSpan DefaultClockSkew; + public const int DefaultMaximumTokenSizeInBytes = 256000; + public bool IgnoreTrailingSlashWhenValidatingAudience { get => throw null; set { } } + public bool IncludeTokenOnFailedValidation { get => throw null; set { } } + public System.Collections.Generic.IDictionary InstancePropertyBag { get => throw null; } + public bool IsClone { get => throw null; set { } } + public Microsoft.IdentityModel.Tokens.SecurityKey IssuerSigningKey { get => throw null; set { } } + public Microsoft.IdentityModel.Tokens.IssuerSigningKeyResolver IssuerSigningKeyResolver { get => throw null; set { } } + public Microsoft.IdentityModel.Tokens.IssuerSigningKeyResolverUsingConfiguration IssuerSigningKeyResolverUsingConfiguration { get => throw null; set { } } + public System.Collections.Generic.IEnumerable IssuerSigningKeys { get => throw null; set { } } + public Microsoft.IdentityModel.Tokens.IssuerSigningKeyValidator IssuerSigningKeyValidator { get => throw null; set { } } + public Microsoft.IdentityModel.Tokens.IssuerSigningKeyValidatorUsingConfiguration IssuerSigningKeyValidatorUsingConfiguration { get => throw null; set { } } + public Microsoft.IdentityModel.Tokens.IssuerValidator IssuerValidator { get => throw null; set { } } + public Microsoft.IdentityModel.Tokens.IssuerValidatorUsingConfiguration IssuerValidatorUsingConfiguration { get => throw null; set { } } + public Microsoft.IdentityModel.Tokens.LifetimeValidator LifetimeValidator { get => throw null; set { } } + public bool LogTokenId { get => throw null; set { } } + public bool LogValidationExceptions { get => throw null; set { } } + public string NameClaimType { get => throw null; set { } } + public System.Func NameClaimTypeRetriever { get => throw null; set { } } + public System.Collections.Generic.IDictionary PropertyBag { get => throw null; set { } } + public bool RefreshBeforeValidation { get => throw null; set { } } + public bool RequireAudience { get => throw null; set { } } + public bool RequireExpirationTime { get => throw null; set { } } + public bool RequireSignedTokens { get => throw null; set { } } + public string RoleClaimType { get => throw null; set { } } + public System.Func RoleClaimTypeRetriever { get => throw null; set { } } + public bool SaveSigninToken { get => throw null; set { } } + public Microsoft.IdentityModel.Tokens.SignatureValidator SignatureValidator { get => throw null; set { } } + public Microsoft.IdentityModel.Tokens.SignatureValidatorUsingConfiguration SignatureValidatorUsingConfiguration { get => throw null; set { } } + public Microsoft.IdentityModel.Tokens.SecurityKey TokenDecryptionKey { get => throw null; set { } } + public Microsoft.IdentityModel.Tokens.TokenDecryptionKeyResolver TokenDecryptionKeyResolver { get => throw null; set { } } + public System.Collections.Generic.IEnumerable TokenDecryptionKeys { get => throw null; set { } } + public Microsoft.IdentityModel.Tokens.TokenReader TokenReader { get => throw null; set { } } + public Microsoft.IdentityModel.Tokens.ITokenReplayCache TokenReplayCache { get => throw null; set { } } + public Microsoft.IdentityModel.Tokens.TokenReplayValidator TokenReplayValidator { get => throw null; set { } } + public Microsoft.IdentityModel.Tokens.TransformBeforeSignatureValidation TransformBeforeSignatureValidation { get => throw null; set { } } + public bool TryAllIssuerSigningKeys { get => throw null; set { } } + public Microsoft.IdentityModel.Tokens.TypeValidator TypeValidator { get => throw null; set { } } + public System.Collections.Generic.IEnumerable ValidAlgorithms { get => throw null; set { } } + public bool ValidateActor { get => throw null; set { } } + public bool ValidateAudience { get => throw null; set { } } + public bool ValidateIssuer { get => throw null; set { } } + public bool ValidateIssuerSigningKey { get => throw null; set { } } + public bool ValidateLifetime { get => throw null; set { } } + public bool ValidateSignatureLast { get => throw null; set { } } + public bool ValidateTokenReplay { get => throw null; set { } } + public bool ValidateWithLKG { get => throw null; set { } } + public string ValidAudience { get => throw null; set { } } + public System.Collections.Generic.IEnumerable ValidAudiences { get => throw null; set { } } + public string ValidIssuer { get => throw null; set { } } + public System.Collections.Generic.IEnumerable ValidIssuers { get => throw null; set { } } + public System.Collections.Generic.IEnumerable ValidTypes { get => throw null; set { } } + } + public class TokenValidationResult + { + public System.Collections.Generic.IDictionary Claims { get => throw null; } + public System.Security.Claims.ClaimsIdentity ClaimsIdentity { get => throw null; set { } } + public TokenValidationResult() => throw null; + public System.Exception Exception { get => throw null; set { } } + public string Issuer { get => throw null; set { } } + public bool IsValid { get => throw null; set { } } + public System.Collections.Generic.IDictionary PropertyBag { get => throw null; } + public Microsoft.IdentityModel.Tokens.SecurityToken SecurityToken { get => throw null; set { } } + public Microsoft.IdentityModel.Tokens.CallContext TokenContext { get => throw null; set { } } + public Microsoft.IdentityModel.Tokens.SecurityToken TokenOnFailedValidation { get => throw null; } + public string TokenType { get => throw null; set { } } + } + public delegate Microsoft.IdentityModel.Tokens.SecurityToken TransformBeforeSignatureValidation(Microsoft.IdentityModel.Tokens.SecurityToken token, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters); + public delegate string TypeValidator(string type, Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters); + public static class UniqueId + { + public static string CreateRandomId() => throw null; + public static string CreateRandomId(string prefix) => throw null; + public static System.Uri CreateRandomUri() => throw null; + public static string CreateUniqueId() => throw null; + public static string CreateUniqueId(string prefix) => throw null; + } + public static class Utility + { + public static bool AreEqual(byte[] a, byte[] b) => throw null; + public static byte[] CloneByteArray(this byte[] src) => throw null; + public const string Empty = default; + public static bool IsHttps(string address) => throw null; + public static bool IsHttps(System.Uri uri) => throw null; + public const string Null = default; + } + public enum ValidationFailure + { + None = 0, + InvalidLifetime = 1, + InvalidIssuer = 2, + } + public static class Validators + { + public static void ValidateAlgorithm(string algorithm, Microsoft.IdentityModel.Tokens.SecurityKey securityKey, Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters) => throw null; + public static void ValidateAudience(System.Collections.Generic.IEnumerable audiences, Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters) => throw null; + public static string ValidateIssuer(string issuer, Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters) => throw null; + public static void ValidateIssuerSecurityKey(Microsoft.IdentityModel.Tokens.SecurityKey securityKey, Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters) => throw null; + public static void ValidateLifetime(System.DateTime? notBefore, System.DateTime? expires, Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters) => throw null; + public static void ValidateTokenReplay(System.DateTime? expirationTime, string securityToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters) => throw null; + public static void ValidateTokenReplay(string securityToken, System.DateTime? expirationTime, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters) => throw null; + public static string ValidateTokenType(string type, Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters) => throw null; + } + public class X509EncryptingCredentials : Microsoft.IdentityModel.Tokens.EncryptingCredentials + { + public System.Security.Cryptography.X509Certificates.X509Certificate2 Certificate { get => throw null; } + public X509EncryptingCredentials(System.Security.Cryptography.X509Certificates.X509Certificate2 certificate) : base(default(Microsoft.IdentityModel.Tokens.SymmetricSecurityKey), default(string)) => throw null; + public X509EncryptingCredentials(System.Security.Cryptography.X509Certificates.X509Certificate2 certificate, string keyWrapAlgorithm, string dataEncryptionAlgorithm) : base(default(Microsoft.IdentityModel.Tokens.SymmetricSecurityKey), default(string)) => throw null; + } + public class X509SecurityKey : Microsoft.IdentityModel.Tokens.AsymmetricSecurityKey + { + public override bool CanComputeJwkThumbprint() => throw null; + public System.Security.Cryptography.X509Certificates.X509Certificate2 Certificate { get => throw null; } + public override byte[] ComputeJwkThumbprint() => throw null; + public X509SecurityKey(System.Security.Cryptography.X509Certificates.X509Certificate2 certificate) => throw null; + public X509SecurityKey(System.Security.Cryptography.X509Certificates.X509Certificate2 certificate, string keyId) => throw null; + public override bool Equals(object obj) => throw null; + public override int GetHashCode() => throw null; + public override bool HasPrivateKey { get => throw null; } + public override int KeySize { get => throw null; } + public System.Security.Cryptography.AsymmetricAlgorithm PrivateKey { get => throw null; } + public override Microsoft.IdentityModel.Tokens.PrivateKeyStatus PrivateKeyStatus { get => throw null; } + public System.Security.Cryptography.AsymmetricAlgorithm PublicKey { get => throw null; } + public string X5t { get => throw null; } + } + public class X509SigningCredentials : Microsoft.IdentityModel.Tokens.SigningCredentials + { + public System.Security.Cryptography.X509Certificates.X509Certificate2 Certificate { get => throw null; } + public X509SigningCredentials(System.Security.Cryptography.X509Certificates.X509Certificate2 certificate) : base(default(System.Security.Cryptography.X509Certificates.X509Certificate2)) => throw null; + public X509SigningCredentials(System.Security.Cryptography.X509Certificates.X509Certificate2 certificate, string algorithm) : base(default(System.Security.Cryptography.X509Certificates.X509Certificate2)) => throw null; + } + } + } +} diff --git a/csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Tokens/7.5.0/Microsoft.IdentityModel.Tokens.csproj b/csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Tokens/7.5.0/Microsoft.IdentityModel.Tokens.csproj new file mode 100644 index 00000000000..524740979fa --- /dev/null +++ b/csharp/ql/test/resources/stubs/Microsoft.IdentityModel.Tokens/7.5.0/Microsoft.IdentityModel.Tokens.csproj @@ -0,0 +1,13 @@ + + + net9.0 + true + bin\ + false + + + + + + + diff --git a/csharp/ql/test/resources/stubs/Microsoft.SqlServer.Server/1.0.0/Microsoft.SqlServer.Server.cs b/csharp/ql/test/resources/stubs/Microsoft.SqlServer.Server/1.0.0/Microsoft.SqlServer.Server.cs new file mode 100644 index 00000000000..8c197a3d682 --- /dev/null +++ b/csharp/ql/test/resources/stubs/Microsoft.SqlServer.Server/1.0.0/Microsoft.SqlServer.Server.cs @@ -0,0 +1,91 @@ +// This file contains auto-generated code. +// Generated from `Microsoft.SqlServer.Server, Version=1.0.0.0, Culture=neutral, PublicKeyToken=23ec7fc2d6eaa4a5`. +namespace Microsoft +{ + namespace SqlServer + { + namespace Server + { + public enum DataAccessKind + { + None = 0, + Read = 1, + } + public enum Format + { + Unknown = 0, + Native = 1, + UserDefined = 2, + } + public interface IBinarySerialize + { + void Read(System.IO.BinaryReader r); + void Write(System.IO.BinaryWriter w); + } + public sealed class InvalidUdtException : System.SystemException + { + public static Microsoft.SqlServer.Server.InvalidUdtException Create(System.Type udtType, string resourceReason = default(string)) => throw null; + public override void GetObjectData(System.Runtime.Serialization.SerializationInfo si, System.Runtime.Serialization.StreamingContext context) => throw null; + } + [System.AttributeUsage((System.AttributeTargets)10624, AllowMultiple = false, Inherited = false)] + public class SqlFacetAttribute : System.Attribute + { + public SqlFacetAttribute() => throw null; + public bool IsFixedLength { get => throw null; set { } } + public bool IsNullable { get => throw null; set { } } + public int MaxSize { get => throw null; set { } } + public int Precision { get => throw null; set { } } + public int Scale { get => throw null; set { } } + } + [System.AttributeUsage((System.AttributeTargets)64, AllowMultiple = false, Inherited = false)] + public class SqlFunctionAttribute : System.Attribute + { + public SqlFunctionAttribute() => throw null; + public Microsoft.SqlServer.Server.DataAccessKind DataAccess { get => throw null; set { } } + public string FillRowMethodName { get => throw null; set { } } + public bool IsDeterministic { get => throw null; set { } } + public bool IsPrecise { get => throw null; set { } } + public string Name { get => throw null; set { } } + public Microsoft.SqlServer.Server.SystemDataAccessKind SystemDataAccess { get => throw null; set { } } + public string TableDefinition { get => throw null; set { } } + } + [System.AttributeUsage((System.AttributeTargets)64, AllowMultiple = false, Inherited = false)] + public sealed class SqlMethodAttribute : Microsoft.SqlServer.Server.SqlFunctionAttribute + { + public SqlMethodAttribute() => throw null; + public bool InvokeIfReceiverIsNull { get => throw null; set { } } + public bool IsMutator { get => throw null; set { } } + public bool OnNullCall { get => throw null; set { } } + } + [System.AttributeUsage((System.AttributeTargets)12, AllowMultiple = false, Inherited = false)] + public sealed class SqlUserDefinedAggregateAttribute : System.Attribute + { + public SqlUserDefinedAggregateAttribute(Microsoft.SqlServer.Server.Format format) => throw null; + public Microsoft.SqlServer.Server.Format Format { get => throw null; } + public bool IsInvariantToDuplicates { get => throw null; set { } } + public bool IsInvariantToNulls { get => throw null; set { } } + public bool IsInvariantToOrder { get => throw null; set { } } + public bool IsNullIfEmpty { get => throw null; set { } } + public int MaxByteSize { get => throw null; set { } } + public const int MaxByteSizeValue = 8000; + public string Name { get => throw null; set { } } + } + [System.AttributeUsage((System.AttributeTargets)12, AllowMultiple = false, Inherited = true)] + public sealed class SqlUserDefinedTypeAttribute : System.Attribute + { + public SqlUserDefinedTypeAttribute(Microsoft.SqlServer.Server.Format format) => throw null; + public Microsoft.SqlServer.Server.Format Format { get => throw null; } + public bool IsByteOrdered { get => throw null; set { } } + public bool IsFixedLength { get => throw null; set { } } + public int MaxByteSize { get => throw null; set { } } + public string Name { get => throw null; set { } } + public string ValidationMethodName { get => throw null; set { } } + } + public enum SystemDataAccessKind + { + None = 0, + Read = 1, + } + } + } +} diff --git a/csharp/ql/test/resources/stubs/Microsoft.SqlServer.Server/1.0.0/Microsoft.SqlServer.Server.csproj b/csharp/ql/test/resources/stubs/Microsoft.SqlServer.Server/1.0.0/Microsoft.SqlServer.Server.csproj new file mode 100644 index 00000000000..c7646fbae20 --- /dev/null +++ b/csharp/ql/test/resources/stubs/Microsoft.SqlServer.Server/1.0.0/Microsoft.SqlServer.Server.csproj @@ -0,0 +1,12 @@ + + + net9.0 + true + bin\ + false + + + + + + diff --git a/csharp/ql/test/resources/stubs/System.ClientModel/1.0.0/System.ClientModel.cs b/csharp/ql/test/resources/stubs/System.ClientModel/1.0.0/System.ClientModel.cs new file mode 100644 index 00000000000..964fecb626d --- /dev/null +++ b/csharp/ql/test/resources/stubs/System.ClientModel/1.0.0/System.ClientModel.cs @@ -0,0 +1,42 @@ +// This file contains auto-generated code. +// Generated from `System.ClientModel, Version=1.0.0.0, Culture=neutral, PublicKeyToken=92742159e12e44c8`. +namespace System +{ + namespace ClientModel + { + namespace Primitives + { + public interface IJsonModel : System.ClientModel.Primitives.IPersistableModel + { + T Create(ref System.Text.Json.Utf8JsonReader reader, System.ClientModel.Primitives.ModelReaderWriterOptions options); + void Write(System.Text.Json.Utf8JsonWriter writer, System.ClientModel.Primitives.ModelReaderWriterOptions options); + } + public interface IPersistableModel + { + T Create(System.BinaryData data, System.ClientModel.Primitives.ModelReaderWriterOptions options); + string GetFormatFromOptions(System.ClientModel.Primitives.ModelReaderWriterOptions options); + System.BinaryData Write(System.ClientModel.Primitives.ModelReaderWriterOptions options); + } + public static class ModelReaderWriter + { + public static T Read(System.BinaryData data, System.ClientModel.Primitives.ModelReaderWriterOptions options = default(System.ClientModel.Primitives.ModelReaderWriterOptions)) where T : System.ClientModel.Primitives.IPersistableModel => throw null; + public static object Read(System.BinaryData data, System.Type returnType, System.ClientModel.Primitives.ModelReaderWriterOptions options = default(System.ClientModel.Primitives.ModelReaderWriterOptions)) => throw null; + public static System.BinaryData Write(T model, System.ClientModel.Primitives.ModelReaderWriterOptions options = default(System.ClientModel.Primitives.ModelReaderWriterOptions)) where T : System.ClientModel.Primitives.IPersistableModel => throw null; + public static System.BinaryData Write(object model, System.ClientModel.Primitives.ModelReaderWriterOptions options = default(System.ClientModel.Primitives.ModelReaderWriterOptions)) => throw null; + } + public class ModelReaderWriterOptions + { + public ModelReaderWriterOptions(string format) => throw null; + public string Format { get => throw null; } + public static System.ClientModel.Primitives.ModelReaderWriterOptions Json { get => throw null; } + public static System.ClientModel.Primitives.ModelReaderWriterOptions Xml { get => throw null; } + } + [System.AttributeUsage((System.AttributeTargets)4)] + public sealed class PersistableModelProxyAttribute : System.Attribute + { + public PersistableModelProxyAttribute(System.Type proxyType) => throw null; + public System.Type ProxyType { get => throw null; } + } + } + } +} diff --git a/csharp/ql/test/resources/stubs/System.ClientModel/1.0.0/System.ClientModel.csproj b/csharp/ql/test/resources/stubs/System.ClientModel/1.0.0/System.ClientModel.csproj new file mode 100644 index 00000000000..af9830f6d13 --- /dev/null +++ b/csharp/ql/test/resources/stubs/System.ClientModel/1.0.0/System.ClientModel.csproj @@ -0,0 +1,14 @@ + + + net9.0 + true + bin\ + false + + + + + + + + diff --git a/csharp/ql/test/resources/stubs/System.Configuration.ConfigurationManager/9.0.4/System.Configuration.ConfigurationManager.csproj b/csharp/ql/test/resources/stubs/System.Configuration.ConfigurationManager/9.0.4/System.Configuration.ConfigurationManager.csproj new file mode 100644 index 00000000000..8017e89ccf2 --- /dev/null +++ b/csharp/ql/test/resources/stubs/System.Configuration.ConfigurationManager/9.0.4/System.Configuration.ConfigurationManager.csproj @@ -0,0 +1,14 @@ + + + net9.0 + true + bin\ + false + + + + + + + + diff --git a/csharp/ql/test/resources/stubs/System.Diagnostics.DiagnosticSource/6.0.1/System.Diagnostics.DiagnosticSource.csproj b/csharp/ql/test/resources/stubs/System.Diagnostics.DiagnosticSource/6.0.1/System.Diagnostics.DiagnosticSource.csproj new file mode 100644 index 00000000000..44f3b6c98d1 --- /dev/null +++ b/csharp/ql/test/resources/stubs/System.Diagnostics.DiagnosticSource/6.0.1/System.Diagnostics.DiagnosticSource.csproj @@ -0,0 +1,13 @@ + + + net9.0 + true + bin\ + false + + + + + + + diff --git a/csharp/ql/test/resources/stubs/System.Diagnostics.EventLog/9.0.4/System.Diagnostics.EventLog.csproj b/csharp/ql/test/resources/stubs/System.Diagnostics.EventLog/9.0.4/System.Diagnostics.EventLog.csproj new file mode 100644 index 00000000000..c7646fbae20 --- /dev/null +++ b/csharp/ql/test/resources/stubs/System.Diagnostics.EventLog/9.0.4/System.Diagnostics.EventLog.csproj @@ -0,0 +1,12 @@ + + + net9.0 + true + bin\ + false + + + + + + diff --git a/csharp/ql/test/resources/stubs/System.IdentityModel.Tokens.Jwt/7.5.0/System.IdentityModel.Tokens.Jwt.cs b/csharp/ql/test/resources/stubs/System.IdentityModel.Tokens.Jwt/7.5.0/System.IdentityModel.Tokens.Jwt.cs new file mode 100644 index 00000000000..ad97899809d --- /dev/null +++ b/csharp/ql/test/resources/stubs/System.IdentityModel.Tokens.Jwt/7.5.0/System.IdentityModel.Tokens.Jwt.cs @@ -0,0 +1,227 @@ +// This file contains auto-generated code. +// Generated from `System.IdentityModel.Tokens.Jwt, Version=7.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35`. +namespace System +{ + namespace IdentityModel + { + namespace Tokens + { + namespace Jwt + { + public static class JsonClaimValueTypes + { + public const string Json = default; + public const string JsonArray = default; + public const string JsonNull = default; + } + public static class JwtConstants + { + public const string DirectKeyUseAlg = default; + public const string HeaderType = default; + public const string HeaderTypeAlt = default; + public const string JsonCompactSerializationRegex = default; + public const string JweCompactSerializationRegex = default; + public const string TokenType = default; + public const string TokenTypeAlt = default; + } + public class JwtHeader : System.Collections.Generic.Dictionary + { + public string Alg { get => throw null; } + public static System.IdentityModel.Tokens.Jwt.JwtHeader Base64UrlDeserialize(string base64UrlEncodedJsonString) => throw null; + public virtual string Base64UrlEncode() => throw null; + public JwtHeader() => throw null; + public JwtHeader(Microsoft.IdentityModel.Tokens.SigningCredentials signingCredentials) => throw null; + public JwtHeader(Microsoft.IdentityModel.Tokens.EncryptingCredentials encryptingCredentials) => throw null; + public JwtHeader(Microsoft.IdentityModel.Tokens.SigningCredentials signingCredentials, System.Collections.Generic.IDictionary outboundAlgorithmMap) => throw null; + public JwtHeader(Microsoft.IdentityModel.Tokens.SigningCredentials signingCredentials, System.Collections.Generic.IDictionary outboundAlgorithmMap, string tokenType) => throw null; + public JwtHeader(Microsoft.IdentityModel.Tokens.SigningCredentials signingCredentials, System.Collections.Generic.IDictionary outboundAlgorithmMap, string tokenType, System.Collections.Generic.IDictionary additionalInnerHeaderClaims) => throw null; + public JwtHeader(Microsoft.IdentityModel.Tokens.EncryptingCredentials encryptingCredentials, System.Collections.Generic.IDictionary outboundAlgorithmMap) => throw null; + public JwtHeader(Microsoft.IdentityModel.Tokens.EncryptingCredentials encryptingCredentials, System.Collections.Generic.IDictionary outboundAlgorithmMap, string tokenType) => throw null; + public JwtHeader(Microsoft.IdentityModel.Tokens.EncryptingCredentials encryptingCredentials, System.Collections.Generic.IDictionary outboundAlgorithmMap, string tokenType, System.Collections.Generic.IDictionary additionalHeaderClaims) => throw null; + public string Cty { get => throw null; } + public string Enc { get => throw null; } + public Microsoft.IdentityModel.Tokens.EncryptingCredentials EncryptingCredentials { get => throw null; } + public string IV { get => throw null; } + public string Kid { get => throw null; } + public virtual string SerializeToJson() => throw null; + public Microsoft.IdentityModel.Tokens.SigningCredentials SigningCredentials { get => throw null; } + public string Typ { get => throw null; } + public string X5c { get => throw null; } + public string X5t { get => throw null; } + public string Zip { get => throw null; } + } + public struct JwtHeaderParameterNames + { + public const string Alg = default; + public const string Apu = default; + public const string Apv = default; + public const string Cty = default; + public const string Enc = default; + public const string Epk = default; + public const string IV = default; + public const string Jku = default; + public const string Jwk = default; + public const string Kid = default; + public const string Typ = default; + public const string X5c = default; + public const string X5t = default; + public const string X5u = default; + public const string Zip = default; + } + public class JwtPayload : System.Collections.Generic.Dictionary + { + public string Acr { get => throw null; } + public string Actort { get => throw null; } + public void AddClaim(System.Security.Claims.Claim claim) => throw null; + public void AddClaims(System.Collections.Generic.IEnumerable claims) => throw null; + public System.Collections.Generic.IList Amr { get => throw null; } + public System.Collections.Generic.IList Aud { get => throw null; } + public int? AuthTime { get => throw null; } + public string Azp { get => throw null; } + public static System.IdentityModel.Tokens.Jwt.JwtPayload Base64UrlDeserialize(string base64UrlEncodedJsonString) => throw null; + public virtual string Base64UrlEncode() => throw null; + public string CHash { get => throw null; } + public virtual System.Collections.Generic.IEnumerable Claims { get => throw null; } + public JwtPayload() => throw null; + public JwtPayload(System.Collections.Generic.IEnumerable claims) => throw null; + public JwtPayload(string issuer, string audience, System.Collections.Generic.IEnumerable claims, System.DateTime? notBefore, System.DateTime? expires) => throw null; + public JwtPayload(string issuer, string audience, System.Collections.Generic.IEnumerable claims, System.DateTime? notBefore, System.DateTime? expires, System.DateTime? issuedAt) => throw null; + public JwtPayload(string issuer, string audience, System.Collections.Generic.IEnumerable claims, System.Collections.Generic.IDictionary claimsCollection, System.DateTime? notBefore, System.DateTime? expires, System.DateTime? issuedAt) => throw null; + public static System.IdentityModel.Tokens.Jwt.JwtPayload Deserialize(string jsonString) => throw null; + public int? Exp { get => throw null; } + public long? Expiration { get => throw null; } + public int? Iat { get => throw null; } + public string Iss { get => throw null; } + public System.DateTime IssuedAt { get => throw null; } + public string Jti { get => throw null; } + public int? Nbf { get => throw null; } + public string Nonce { get => throw null; } + public long? NotBefore { get => throw null; } + public virtual string SerializeToJson() => throw null; + public string Sub { get => throw null; } + public System.DateTime ValidFrom { get => throw null; } + public System.DateTime ValidTo { get => throw null; } + } + public struct JwtRegisteredClaimNames + { + public const string Acr = default; + public const string Actort = default; + public const string Amr = default; + public const string AtHash = default; + public const string Aud = default; + public const string AuthTime = default; + public const string Azp = default; + public const string Birthdate = default; + public const string CHash = default; + public const string Email = default; + public const string Exp = default; + public const string FamilyName = default; + public const string Gender = default; + public const string GivenName = default; + public const string Iat = default; + public const string Iss = default; + public const string Jti = default; + public const string Name = default; + public const string NameId = default; + public const string Nbf = default; + public const string Nonce = default; + public const string Prn = default; + public const string Sid = default; + public const string Sub = default; + public const string Typ = default; + public const string UniqueName = default; + public const string Website = default; + } + public class JwtSecurityToken : Microsoft.IdentityModel.Tokens.SecurityToken + { + public string Actor { get => throw null; } + public System.Collections.Generic.IEnumerable Audiences { get => throw null; } + public System.Collections.Generic.IEnumerable Claims { get => throw null; } + public JwtSecurityToken(string jwtEncodedString) => throw null; + public JwtSecurityToken(System.IdentityModel.Tokens.Jwt.JwtHeader header, System.IdentityModel.Tokens.Jwt.JwtPayload payload, string rawHeader, string rawPayload, string rawSignature) => throw null; + public JwtSecurityToken(System.IdentityModel.Tokens.Jwt.JwtHeader header, System.IdentityModel.Tokens.Jwt.JwtSecurityToken innerToken, string rawHeader, string rawEncryptedKey, string rawInitializationVector, string rawCiphertext, string rawAuthenticationTag) => throw null; + public JwtSecurityToken(System.IdentityModel.Tokens.Jwt.JwtHeader header, System.IdentityModel.Tokens.Jwt.JwtPayload payload) => throw null; + public JwtSecurityToken(string issuer = default(string), string audience = default(string), System.Collections.Generic.IEnumerable claims = default(System.Collections.Generic.IEnumerable), System.DateTime? notBefore = default(System.DateTime?), System.DateTime? expires = default(System.DateTime?), Microsoft.IdentityModel.Tokens.SigningCredentials signingCredentials = default(Microsoft.IdentityModel.Tokens.SigningCredentials)) => throw null; + public virtual string EncodedHeader { get => throw null; } + public virtual string EncodedPayload { get => throw null; } + public Microsoft.IdentityModel.Tokens.EncryptingCredentials EncryptingCredentials { get => throw null; } + public System.IdentityModel.Tokens.Jwt.JwtHeader Header { get => throw null; } + public override string Id { get => throw null; } + public System.IdentityModel.Tokens.Jwt.JwtSecurityToken InnerToken { get => throw null; } + public virtual System.DateTime IssuedAt { get => throw null; } + public override string Issuer { get => throw null; } + public System.IdentityModel.Tokens.Jwt.JwtPayload Payload { get => throw null; } + public string RawAuthenticationTag { get => throw null; } + public string RawCiphertext { get => throw null; } + public string RawData { get => throw null; } + public string RawEncryptedKey { get => throw null; } + public string RawHeader { get => throw null; } + public string RawInitializationVector { get => throw null; } + public string RawPayload { get => throw null; } + public string RawSignature { get => throw null; } + public override Microsoft.IdentityModel.Tokens.SecurityKey SecurityKey { get => throw null; } + public string SignatureAlgorithm { get => throw null; } + public Microsoft.IdentityModel.Tokens.SigningCredentials SigningCredentials { get => throw null; } + public override Microsoft.IdentityModel.Tokens.SecurityKey SigningKey { get => throw null; set { } } + public string Subject { get => throw null; } + public override string ToString() => throw null; + public override string UnsafeToString() => throw null; + public override System.DateTime ValidFrom { get => throw null; } + public override System.DateTime ValidTo { get => throw null; } + } + public static class JwtSecurityTokenConverter + { + public static System.IdentityModel.Tokens.Jwt.JwtSecurityToken Convert(Microsoft.IdentityModel.JsonWebTokens.JsonWebToken token) => throw null; + } + public class JwtSecurityTokenHandler : Microsoft.IdentityModel.Tokens.SecurityTokenHandler + { + public override bool CanReadToken(string token) => throw null; + public override bool CanValidateToken { get => throw null; } + public override bool CanWriteToken { get => throw null; } + protected virtual string CreateActorValue(System.Security.Claims.ClaimsIdentity actor) => throw null; + protected virtual System.Security.Claims.ClaimsIdentity CreateClaimsIdentity(System.IdentityModel.Tokens.Jwt.JwtSecurityToken jwtToken, string issuer, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters) => throw null; + public virtual string CreateEncodedJwt(Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor tokenDescriptor) => throw null; + public virtual string CreateEncodedJwt(string issuer, string audience, System.Security.Claims.ClaimsIdentity subject, System.DateTime? notBefore, System.DateTime? expires, System.DateTime? issuedAt, Microsoft.IdentityModel.Tokens.SigningCredentials signingCredentials) => throw null; + public virtual string CreateEncodedJwt(string issuer, string audience, System.Security.Claims.ClaimsIdentity subject, System.DateTime? notBefore, System.DateTime? expires, System.DateTime? issuedAt, Microsoft.IdentityModel.Tokens.SigningCredentials signingCredentials, Microsoft.IdentityModel.Tokens.EncryptingCredentials encryptingCredentials) => throw null; + public virtual string CreateEncodedJwt(string issuer, string audience, System.Security.Claims.ClaimsIdentity subject, System.DateTime? notBefore, System.DateTime? expires, System.DateTime? issuedAt, Microsoft.IdentityModel.Tokens.SigningCredentials signingCredentials, Microsoft.IdentityModel.Tokens.EncryptingCredentials encryptingCredentials, System.Collections.Generic.IDictionary claimCollection) => throw null; + public virtual System.IdentityModel.Tokens.Jwt.JwtSecurityToken CreateJwtSecurityToken(Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor tokenDescriptor) => throw null; + public virtual System.IdentityModel.Tokens.Jwt.JwtSecurityToken CreateJwtSecurityToken(string issuer, string audience, System.Security.Claims.ClaimsIdentity subject, System.DateTime? notBefore, System.DateTime? expires, System.DateTime? issuedAt, Microsoft.IdentityModel.Tokens.SigningCredentials signingCredentials, Microsoft.IdentityModel.Tokens.EncryptingCredentials encryptingCredentials) => throw null; + public virtual System.IdentityModel.Tokens.Jwt.JwtSecurityToken CreateJwtSecurityToken(string issuer, string audience, System.Security.Claims.ClaimsIdentity subject, System.DateTime? notBefore, System.DateTime? expires, System.DateTime? issuedAt, Microsoft.IdentityModel.Tokens.SigningCredentials signingCredentials, Microsoft.IdentityModel.Tokens.EncryptingCredentials encryptingCredentials, System.Collections.Generic.IDictionary claimCollection) => throw null; + public virtual System.IdentityModel.Tokens.Jwt.JwtSecurityToken CreateJwtSecurityToken(string issuer = default(string), string audience = default(string), System.Security.Claims.ClaimsIdentity subject = default(System.Security.Claims.ClaimsIdentity), System.DateTime? notBefore = default(System.DateTime?), System.DateTime? expires = default(System.DateTime?), System.DateTime? issuedAt = default(System.DateTime?), Microsoft.IdentityModel.Tokens.SigningCredentials signingCredentials = default(Microsoft.IdentityModel.Tokens.SigningCredentials)) => throw null; + public override Microsoft.IdentityModel.Tokens.SecurityToken CreateToken(Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor tokenDescriptor) => throw null; + public JwtSecurityTokenHandler() => throw null; + protected string DecryptToken(System.IdentityModel.Tokens.Jwt.JwtSecurityToken jwtToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters) => throw null; + public static System.Collections.Generic.ISet DefaultInboundClaimFilter; + public static System.Collections.Generic.IDictionary DefaultInboundClaimTypeMap; + public static bool DefaultMapInboundClaims; + public static System.Collections.Generic.IDictionary DefaultOutboundAlgorithmMap; + public static System.Collections.Generic.IDictionary DefaultOutboundClaimTypeMap; + public System.Collections.Generic.ISet InboundClaimFilter { get => throw null; set { } } + public System.Collections.Generic.IDictionary InboundClaimTypeMap { get => throw null; set { } } + public static string JsonClaimTypeProperty { get => throw null; set { } } + public bool MapInboundClaims { get => throw null; set { } } + public System.Collections.Generic.IDictionary OutboundAlgorithmMap { get => throw null; } + public System.Collections.Generic.IDictionary OutboundClaimTypeMap { get => throw null; set { } } + public System.IdentityModel.Tokens.Jwt.JwtSecurityToken ReadJwtToken(string token) => throw null; + public override Microsoft.IdentityModel.Tokens.SecurityToken ReadToken(string token) => throw null; + public override Microsoft.IdentityModel.Tokens.SecurityToken ReadToken(System.Xml.XmlReader reader, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters) => throw null; + protected virtual Microsoft.IdentityModel.Tokens.SecurityKey ResolveIssuerSigningKey(string token, System.IdentityModel.Tokens.Jwt.JwtSecurityToken jwtToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters) => throw null; + protected virtual Microsoft.IdentityModel.Tokens.SecurityKey ResolveTokenDecryptionKey(string token, System.IdentityModel.Tokens.Jwt.JwtSecurityToken jwtToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters) => throw null; + public static string ShortClaimTypeProperty { get => throw null; set { } } + public override System.Type TokenType { get => throw null; } + protected virtual void ValidateAudience(System.Collections.Generic.IEnumerable audiences, System.IdentityModel.Tokens.Jwt.JwtSecurityToken jwtToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters) => throw null; + protected virtual string ValidateIssuer(string issuer, System.IdentityModel.Tokens.Jwt.JwtSecurityToken jwtToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters) => throw null; + protected virtual void ValidateIssuerSecurityKey(Microsoft.IdentityModel.Tokens.SecurityKey key, System.IdentityModel.Tokens.Jwt.JwtSecurityToken securityToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters) => throw null; + protected virtual void ValidateLifetime(System.DateTime? notBefore, System.DateTime? expires, System.IdentityModel.Tokens.Jwt.JwtSecurityToken jwtToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters) => throw null; + protected virtual System.IdentityModel.Tokens.Jwt.JwtSecurityToken ValidateSignature(string token, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters) => throw null; + public override System.Security.Claims.ClaimsPrincipal ValidateToken(string token, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters, out Microsoft.IdentityModel.Tokens.SecurityToken validatedToken) => throw null; + public override System.Threading.Tasks.Task ValidateTokenAsync(string token, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters) => throw null; + protected System.Security.Claims.ClaimsPrincipal ValidateTokenPayload(System.IdentityModel.Tokens.Jwt.JwtSecurityToken jwtToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters) => throw null; + protected virtual void ValidateTokenReplay(System.DateTime? expires, string securityToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters) => throw null; + public override string WriteToken(Microsoft.IdentityModel.Tokens.SecurityToken token) => throw null; + public override void WriteToken(System.Xml.XmlWriter writer, Microsoft.IdentityModel.Tokens.SecurityToken token) => throw null; + } + } + } + } +} diff --git a/csharp/ql/test/resources/stubs/System.IdentityModel.Tokens.Jwt/7.5.0/System.IdentityModel.Tokens.Jwt.csproj b/csharp/ql/test/resources/stubs/System.IdentityModel.Tokens.Jwt/7.5.0/System.IdentityModel.Tokens.Jwt.csproj new file mode 100644 index 00000000000..2f5d2330dc9 --- /dev/null +++ b/csharp/ql/test/resources/stubs/System.IdentityModel.Tokens.Jwt/7.5.0/System.IdentityModel.Tokens.Jwt.csproj @@ -0,0 +1,14 @@ + + + net9.0 + true + bin\ + false + + + + + + + + diff --git a/csharp/ql/test/resources/stubs/System.Memory.Data/1.0.2/System.Memory.Data.cs b/csharp/ql/test/resources/stubs/System.Memory.Data/1.0.2/System.Memory.Data.cs new file mode 100644 index 00000000000..123c87b4e1c --- /dev/null +++ b/csharp/ql/test/resources/stubs/System.Memory.Data/1.0.2/System.Memory.Data.cs @@ -0,0 +1,27 @@ +// This file contains auto-generated code. +// Generated from `System.Memory.Data, Version=1.0.2.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51`. +namespace System +{ + public class BinaryData + { + public BinaryData(byte[] data) => throw null; + public BinaryData(object jsonSerializable, System.Text.Json.JsonSerializerOptions options = default(System.Text.Json.JsonSerializerOptions), System.Type type = default(System.Type)) => throw null; + public BinaryData(System.ReadOnlyMemory data) => throw null; + public BinaryData(string data) => throw null; + public override bool Equals(object obj) => throw null; + public static System.BinaryData FromBytes(System.ReadOnlyMemory data) => throw null; + public static System.BinaryData FromBytes(byte[] data) => throw null; + public static System.BinaryData FromObjectAsJson(T jsonSerializable, System.Text.Json.JsonSerializerOptions options = default(System.Text.Json.JsonSerializerOptions)) => throw null; + public static System.BinaryData FromStream(System.IO.Stream stream) => throw null; + public static System.Threading.Tasks.Task FromStreamAsync(System.IO.Stream stream, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) => throw null; + public static System.BinaryData FromString(string data) => throw null; + public override int GetHashCode() => throw null; + public static implicit operator System.ReadOnlyMemory(System.BinaryData data) => throw null; + public static implicit operator System.ReadOnlySpan(System.BinaryData data) => throw null; + public byte[] ToArray() => throw null; + public System.ReadOnlyMemory ToMemory() => throw null; + public T ToObjectFromJson(System.Text.Json.JsonSerializerOptions options = default(System.Text.Json.JsonSerializerOptions)) => throw null; + public System.IO.Stream ToStream() => throw null; + public override string ToString() => throw null; + } +} diff --git a/csharp/ql/test/resources/stubs/System.Memory.Data/1.0.2/System.Memory.Data.csproj b/csharp/ql/test/resources/stubs/System.Memory.Data/1.0.2/System.Memory.Data.csproj new file mode 100644 index 00000000000..c444f79ac6f --- /dev/null +++ b/csharp/ql/test/resources/stubs/System.Memory.Data/1.0.2/System.Memory.Data.csproj @@ -0,0 +1,14 @@ + + + net9.0 + true + bin\ + false + + + + + + + + diff --git a/csharp/ql/test/resources/stubs/System.Memory/4.5.4/System.Memory.csproj b/csharp/ql/test/resources/stubs/System.Memory/4.5.4/System.Memory.csproj new file mode 100644 index 00000000000..c7646fbae20 --- /dev/null +++ b/csharp/ql/test/resources/stubs/System.Memory/4.5.4/System.Memory.csproj @@ -0,0 +1,12 @@ + + + net9.0 + true + bin\ + false + + + + + + diff --git a/csharp/ql/test/resources/stubs/System.Numerics.Vectors/4.5.0/System.Numerics.Vectors.csproj b/csharp/ql/test/resources/stubs/System.Numerics.Vectors/4.5.0/System.Numerics.Vectors.csproj new file mode 100644 index 00000000000..c7646fbae20 --- /dev/null +++ b/csharp/ql/test/resources/stubs/System.Numerics.Vectors/4.5.0/System.Numerics.Vectors.csproj @@ -0,0 +1,12 @@ + + + net9.0 + true + bin\ + false + + + + + + diff --git a/csharp/ql/test/resources/stubs/System.Runtime.CompilerServices.Unsafe/6.0.0/System.Runtime.CompilerServices.Unsafe.csproj b/csharp/ql/test/resources/stubs/System.Runtime.CompilerServices.Unsafe/6.0.0/System.Runtime.CompilerServices.Unsafe.csproj new file mode 100644 index 00000000000..c7646fbae20 --- /dev/null +++ b/csharp/ql/test/resources/stubs/System.Runtime.CompilerServices.Unsafe/6.0.0/System.Runtime.CompilerServices.Unsafe.csproj @@ -0,0 +1,12 @@ + + + net9.0 + true + bin\ + false + + + + + + diff --git a/csharp/ql/test/resources/stubs/System.Security.Cryptography.Pkcs/9.0.4/System.Security.Cryptography.Pkcs.cs b/csharp/ql/test/resources/stubs/System.Security.Cryptography.Pkcs/9.0.4/System.Security.Cryptography.Pkcs.cs new file mode 100644 index 00000000000..4dcb51a937f --- /dev/null +++ b/csharp/ql/test/resources/stubs/System.Security.Cryptography.Pkcs/9.0.4/System.Security.Cryptography.Pkcs.cs @@ -0,0 +1,503 @@ +// This file contains auto-generated code. +// Generated from `System.Security.Cryptography.Pkcs, Version=9.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a`. +namespace System +{ + namespace Security + { + namespace Cryptography + { + public sealed class CryptographicAttributeObject + { + public CryptographicAttributeObject(System.Security.Cryptography.Oid oid) => throw null; + public CryptographicAttributeObject(System.Security.Cryptography.Oid oid, System.Security.Cryptography.AsnEncodedDataCollection values) => throw null; + public System.Security.Cryptography.Oid Oid { get => throw null; } + public System.Security.Cryptography.AsnEncodedDataCollection Values { get => throw null; } + } + public sealed class CryptographicAttributeObjectCollection : System.Collections.ICollection, System.Collections.IEnumerable + { + public int Add(System.Security.Cryptography.AsnEncodedData asnEncodedData) => throw null; + public int Add(System.Security.Cryptography.CryptographicAttributeObject attribute) => throw null; + void System.Collections.ICollection.CopyTo(System.Array array, int index) => throw null; + public void CopyTo(System.Security.Cryptography.CryptographicAttributeObject[] array, int index) => throw null; + public int Count { get => throw null; } + public CryptographicAttributeObjectCollection() => throw null; + public CryptographicAttributeObjectCollection(System.Security.Cryptography.CryptographicAttributeObject attribute) => throw null; + public System.Security.Cryptography.CryptographicAttributeObjectEnumerator GetEnumerator() => throw null; + System.Collections.IEnumerator System.Collections.IEnumerable.GetEnumerator() => throw null; + public bool IsSynchronized { get => throw null; } + public void Remove(System.Security.Cryptography.CryptographicAttributeObject attribute) => throw null; + public object SyncRoot { get => throw null; } + public System.Security.Cryptography.CryptographicAttributeObject this[int index] { get => throw null; } + } + public sealed class CryptographicAttributeObjectEnumerator : System.Collections.IEnumerator + { + public System.Security.Cryptography.CryptographicAttributeObject Current { get => throw null; } + object System.Collections.IEnumerator.Current { get => throw null; } + public bool MoveNext() => throw null; + public void Reset() => throw null; + } + namespace Pkcs + { + public sealed class AlgorithmIdentifier + { + public AlgorithmIdentifier() => throw null; + public AlgorithmIdentifier(System.Security.Cryptography.Oid oid) => throw null; + public AlgorithmIdentifier(System.Security.Cryptography.Oid oid, int keyLength) => throw null; + public int KeyLength { get => throw null; set { } } + public System.Security.Cryptography.Oid Oid { get => throw null; set { } } + public byte[] Parameters { get => throw null; set { } } + } + public sealed class CmsRecipient + { + public System.Security.Cryptography.X509Certificates.X509Certificate2 Certificate { get => throw null; } + public CmsRecipient(System.Security.Cryptography.X509Certificates.X509Certificate2 certificate) => throw null; + public CmsRecipient(System.Security.Cryptography.X509Certificates.X509Certificate2 certificate, System.Security.Cryptography.RSAEncryptionPadding rsaEncryptionPadding) => throw null; + public CmsRecipient(System.Security.Cryptography.Pkcs.SubjectIdentifierType recipientIdentifierType, System.Security.Cryptography.X509Certificates.X509Certificate2 certificate, System.Security.Cryptography.RSAEncryptionPadding rsaEncryptionPadding) => throw null; + public CmsRecipient(System.Security.Cryptography.Pkcs.SubjectIdentifierType recipientIdentifierType, System.Security.Cryptography.X509Certificates.X509Certificate2 certificate) => throw null; + public System.Security.Cryptography.Pkcs.SubjectIdentifierType RecipientIdentifierType { get => throw null; } + public System.Security.Cryptography.RSAEncryptionPadding RSAEncryptionPadding { get => throw null; } + } + public sealed class CmsRecipientCollection : System.Collections.ICollection, System.Collections.IEnumerable + { + public int Add(System.Security.Cryptography.Pkcs.CmsRecipient recipient) => throw null; + public void CopyTo(System.Array array, int index) => throw null; + public void CopyTo(System.Security.Cryptography.Pkcs.CmsRecipient[] array, int index) => throw null; + public int Count { get => throw null; } + public CmsRecipientCollection() => throw null; + public CmsRecipientCollection(System.Security.Cryptography.Pkcs.CmsRecipient recipient) => throw null; + public CmsRecipientCollection(System.Security.Cryptography.Pkcs.SubjectIdentifierType recipientIdentifierType, System.Security.Cryptography.X509Certificates.X509Certificate2Collection certificates) => throw null; + public System.Security.Cryptography.Pkcs.CmsRecipientEnumerator GetEnumerator() => throw null; + System.Collections.IEnumerator System.Collections.IEnumerable.GetEnumerator() => throw null; + public bool IsSynchronized { get => throw null; } + public void Remove(System.Security.Cryptography.Pkcs.CmsRecipient recipient) => throw null; + public object SyncRoot { get => throw null; } + public System.Security.Cryptography.Pkcs.CmsRecipient this[int index] { get => throw null; } + } + public sealed class CmsRecipientEnumerator : System.Collections.IEnumerator + { + public System.Security.Cryptography.Pkcs.CmsRecipient Current { get => throw null; } + object System.Collections.IEnumerator.Current { get => throw null; } + public bool MoveNext() => throw null; + public void Reset() => throw null; + } + public sealed class CmsSigner + { + public System.Security.Cryptography.X509Certificates.X509Certificate2 Certificate { get => throw null; set { } } + public System.Security.Cryptography.X509Certificates.X509Certificate2Collection Certificates { get => throw null; } + public CmsSigner() => throw null; + public CmsSigner(System.Security.Cryptography.Pkcs.SubjectIdentifierType signerIdentifierType) => throw null; + public CmsSigner(System.Security.Cryptography.X509Certificates.X509Certificate2 certificate) => throw null; + public CmsSigner(System.Security.Cryptography.CspParameters parameters) => throw null; + public CmsSigner(System.Security.Cryptography.Pkcs.SubjectIdentifierType signerIdentifierType, System.Security.Cryptography.X509Certificates.X509Certificate2 certificate) => throw null; + public CmsSigner(System.Security.Cryptography.Pkcs.SubjectIdentifierType signerIdentifierType, System.Security.Cryptography.X509Certificates.X509Certificate2 certificate, System.Security.Cryptography.AsymmetricAlgorithm privateKey) => throw null; + public CmsSigner(System.Security.Cryptography.Pkcs.SubjectIdentifierType signerIdentifierType, System.Security.Cryptography.X509Certificates.X509Certificate2 certificate, System.Security.Cryptography.RSA privateKey, System.Security.Cryptography.RSASignaturePadding signaturePadding) => throw null; + public System.Security.Cryptography.Oid DigestAlgorithm { get => throw null; set { } } + public System.Security.Cryptography.X509Certificates.X509IncludeOption IncludeOption { get => throw null; set { } } + public System.Security.Cryptography.AsymmetricAlgorithm PrivateKey { get => throw null; set { } } + public System.Security.Cryptography.RSASignaturePadding SignaturePadding { get => throw null; set { } } + public System.Security.Cryptography.CryptographicAttributeObjectCollection SignedAttributes { get => throw null; } + public System.Security.Cryptography.Pkcs.SubjectIdentifierType SignerIdentifierType { get => throw null; set { } } + public System.Security.Cryptography.CryptographicAttributeObjectCollection UnsignedAttributes { get => throw null; } + } + public sealed class ContentInfo + { + public byte[] Content { get => throw null; } + public System.Security.Cryptography.Oid ContentType { get => throw null; } + public ContentInfo(byte[] content) => throw null; + public ContentInfo(System.Security.Cryptography.Oid contentType, byte[] content) => throw null; + public static System.Security.Cryptography.Oid GetContentType(byte[] encodedMessage) => throw null; + public static System.Security.Cryptography.Oid GetContentType(System.ReadOnlySpan encodedMessage) => throw null; + } + public sealed class EnvelopedCms + { + public System.Security.Cryptography.X509Certificates.X509Certificate2Collection Certificates { get => throw null; } + public System.Security.Cryptography.Pkcs.AlgorithmIdentifier ContentEncryptionAlgorithm { get => throw null; } + public System.Security.Cryptography.Pkcs.ContentInfo ContentInfo { get => throw null; } + public EnvelopedCms() => throw null; + public EnvelopedCms(System.Security.Cryptography.Pkcs.ContentInfo contentInfo) => throw null; + public EnvelopedCms(System.Security.Cryptography.Pkcs.ContentInfo contentInfo, System.Security.Cryptography.Pkcs.AlgorithmIdentifier encryptionAlgorithm) => throw null; + public void Decode(byte[] encodedMessage) => throw null; + public void Decode(System.ReadOnlySpan encodedMessage) => throw null; + public void Decrypt() => throw null; + public void Decrypt(System.Security.Cryptography.Pkcs.RecipientInfo recipientInfo) => throw null; + public void Decrypt(System.Security.Cryptography.Pkcs.RecipientInfo recipientInfo, System.Security.Cryptography.X509Certificates.X509Certificate2Collection extraStore) => throw null; + public void Decrypt(System.Security.Cryptography.X509Certificates.X509Certificate2Collection extraStore) => throw null; + public void Decrypt(System.Security.Cryptography.Pkcs.RecipientInfo recipientInfo, System.Security.Cryptography.AsymmetricAlgorithm privateKey) => throw null; + public byte[] Encode() => throw null; + public void Encrypt(System.Security.Cryptography.Pkcs.CmsRecipient recipient) => throw null; + public void Encrypt(System.Security.Cryptography.Pkcs.CmsRecipientCollection recipients) => throw null; + public System.Security.Cryptography.Pkcs.RecipientInfoCollection RecipientInfos { get => throw null; } + public System.Security.Cryptography.CryptographicAttributeObjectCollection UnprotectedAttributes { get => throw null; } + public int Version { get => throw null; } + } + public sealed class KeyAgreeRecipientInfo : System.Security.Cryptography.Pkcs.RecipientInfo + { + public System.DateTime Date { get => throw null; } + public override byte[] EncryptedKey { get => throw null; } + public override System.Security.Cryptography.Pkcs.AlgorithmIdentifier KeyEncryptionAlgorithm { get => throw null; } + public System.Security.Cryptography.Pkcs.SubjectIdentifierOrKey OriginatorIdentifierOrKey { get => throw null; } + public System.Security.Cryptography.CryptographicAttributeObject OtherKeyAttribute { get => throw null; } + public override System.Security.Cryptography.Pkcs.SubjectIdentifier RecipientIdentifier { get => throw null; } + public override int Version { get => throw null; } + } + public sealed class KeyTransRecipientInfo : System.Security.Cryptography.Pkcs.RecipientInfo + { + public override byte[] EncryptedKey { get => throw null; } + public override System.Security.Cryptography.Pkcs.AlgorithmIdentifier KeyEncryptionAlgorithm { get => throw null; } + public override System.Security.Cryptography.Pkcs.SubjectIdentifier RecipientIdentifier { get => throw null; } + public override int Version { get => throw null; } + } + public sealed class Pkcs12Builder + { + public void AddSafeContentsEncrypted(System.Security.Cryptography.Pkcs.Pkcs12SafeContents safeContents, byte[] passwordBytes, System.Security.Cryptography.PbeParameters pbeParameters) => throw null; + public void AddSafeContentsEncrypted(System.Security.Cryptography.Pkcs.Pkcs12SafeContents safeContents, System.ReadOnlySpan passwordBytes, System.Security.Cryptography.PbeParameters pbeParameters) => throw null; + public void AddSafeContentsEncrypted(System.Security.Cryptography.Pkcs.Pkcs12SafeContents safeContents, string password, System.Security.Cryptography.PbeParameters pbeParameters) => throw null; + public void AddSafeContentsEncrypted(System.Security.Cryptography.Pkcs.Pkcs12SafeContents safeContents, System.ReadOnlySpan password, System.Security.Cryptography.PbeParameters pbeParameters) => throw null; + public void AddSafeContentsUnencrypted(System.Security.Cryptography.Pkcs.Pkcs12SafeContents safeContents) => throw null; + public Pkcs12Builder() => throw null; + public byte[] Encode() => throw null; + public bool IsSealed { get => throw null; } + public void SealWithMac(string password, System.Security.Cryptography.HashAlgorithmName hashAlgorithm, int iterationCount) => throw null; + public void SealWithMac(System.ReadOnlySpan password, System.Security.Cryptography.HashAlgorithmName hashAlgorithm, int iterationCount) => throw null; + public void SealWithoutIntegrity() => throw null; + public bool TryEncode(System.Span destination, out int bytesWritten) => throw null; + } + public sealed class Pkcs12CertBag : System.Security.Cryptography.Pkcs.Pkcs12SafeBag + { + public Pkcs12CertBag(System.Security.Cryptography.Oid certificateType, System.ReadOnlyMemory encodedCertificate) : base(default(string), default(System.ReadOnlyMemory), default(bool)) => throw null; + public System.ReadOnlyMemory EncodedCertificate { get => throw null; } + public System.Security.Cryptography.X509Certificates.X509Certificate2 GetCertificate() => throw null; + public System.Security.Cryptography.Oid GetCertificateType() => throw null; + public bool IsX509Certificate { get => throw null; } + } + public enum Pkcs12ConfidentialityMode + { + Unknown = 0, + None = 1, + Password = 2, + PublicKey = 3, + } + public sealed class Pkcs12Info + { + public System.Collections.ObjectModel.ReadOnlyCollection AuthenticatedSafe { get => throw null; } + public static System.Security.Cryptography.Pkcs.Pkcs12Info Decode(System.ReadOnlyMemory encodedBytes, out int bytesConsumed, bool skipCopy = default(bool)) => throw null; + public System.Security.Cryptography.Pkcs.Pkcs12IntegrityMode IntegrityMode { get => throw null; } + public bool VerifyMac(string password) => throw null; + public bool VerifyMac(System.ReadOnlySpan password) => throw null; + } + public enum Pkcs12IntegrityMode + { + Unknown = 0, + None = 1, + Password = 2, + PublicKey = 3, + } + public sealed class Pkcs12KeyBag : System.Security.Cryptography.Pkcs.Pkcs12SafeBag + { + public Pkcs12KeyBag(System.ReadOnlyMemory pkcs8PrivateKey, bool skipCopy = default(bool)) : base(default(string), default(System.ReadOnlyMemory), default(bool)) => throw null; + public System.ReadOnlyMemory Pkcs8PrivateKey { get => throw null; } + } + public abstract class Pkcs12SafeBag + { + public System.Security.Cryptography.CryptographicAttributeObjectCollection Attributes { get => throw null; } + protected Pkcs12SafeBag(string bagIdValue, System.ReadOnlyMemory encodedBagValue, bool skipCopy = default(bool)) => throw null; + public byte[] Encode() => throw null; + public System.ReadOnlyMemory EncodedBagValue { get => throw null; } + public System.Security.Cryptography.Oid GetBagId() => throw null; + public bool TryEncode(System.Span destination, out int bytesWritten) => throw null; + } + public sealed class Pkcs12SafeContents + { + public System.Security.Cryptography.Pkcs.Pkcs12CertBag AddCertificate(System.Security.Cryptography.X509Certificates.X509Certificate2 certificate) => throw null; + public System.Security.Cryptography.Pkcs.Pkcs12KeyBag AddKeyUnencrypted(System.Security.Cryptography.AsymmetricAlgorithm key) => throw null; + public System.Security.Cryptography.Pkcs.Pkcs12SafeContentsBag AddNestedContents(System.Security.Cryptography.Pkcs.Pkcs12SafeContents safeContents) => throw null; + public void AddSafeBag(System.Security.Cryptography.Pkcs.Pkcs12SafeBag safeBag) => throw null; + public System.Security.Cryptography.Pkcs.Pkcs12SecretBag AddSecret(System.Security.Cryptography.Oid secretType, System.ReadOnlyMemory secretValue) => throw null; + public System.Security.Cryptography.Pkcs.Pkcs12ShroudedKeyBag AddShroudedKey(System.Security.Cryptography.AsymmetricAlgorithm key, byte[] passwordBytes, System.Security.Cryptography.PbeParameters pbeParameters) => throw null; + public System.Security.Cryptography.Pkcs.Pkcs12ShroudedKeyBag AddShroudedKey(System.Security.Cryptography.AsymmetricAlgorithm key, System.ReadOnlySpan passwordBytes, System.Security.Cryptography.PbeParameters pbeParameters) => throw null; + public System.Security.Cryptography.Pkcs.Pkcs12ShroudedKeyBag AddShroudedKey(System.Security.Cryptography.AsymmetricAlgorithm key, string password, System.Security.Cryptography.PbeParameters pbeParameters) => throw null; + public System.Security.Cryptography.Pkcs.Pkcs12ShroudedKeyBag AddShroudedKey(System.Security.Cryptography.AsymmetricAlgorithm key, System.ReadOnlySpan password, System.Security.Cryptography.PbeParameters pbeParameters) => throw null; + public System.Security.Cryptography.Pkcs.Pkcs12ConfidentialityMode ConfidentialityMode { get => throw null; } + public Pkcs12SafeContents() => throw null; + public void Decrypt(byte[] passwordBytes) => throw null; + public void Decrypt(System.ReadOnlySpan passwordBytes) => throw null; + public void Decrypt(string password) => throw null; + public void Decrypt(System.ReadOnlySpan password) => throw null; + public System.Collections.Generic.IEnumerable GetBags() => throw null; + public bool IsReadOnly { get => throw null; } + } + public sealed class Pkcs12SafeContentsBag : System.Security.Cryptography.Pkcs.Pkcs12SafeBag + { + public System.Security.Cryptography.Pkcs.Pkcs12SafeContents SafeContents { get => throw null; } + internal Pkcs12SafeContentsBag() : base(default(string), default(System.ReadOnlyMemory), default(bool)) { } + } + public sealed class Pkcs12SecretBag : System.Security.Cryptography.Pkcs.Pkcs12SafeBag + { + public System.Security.Cryptography.Oid GetSecretType() => throw null; + public System.ReadOnlyMemory SecretValue { get => throw null; } + internal Pkcs12SecretBag() : base(default(string), default(System.ReadOnlyMemory), default(bool)) { } + } + public sealed class Pkcs12ShroudedKeyBag : System.Security.Cryptography.Pkcs.Pkcs12SafeBag + { + public Pkcs12ShroudedKeyBag(System.ReadOnlyMemory encryptedPkcs8PrivateKey, bool skipCopy = default(bool)) : base(default(string), default(System.ReadOnlyMemory), default(bool)) => throw null; + public System.ReadOnlyMemory EncryptedPkcs8PrivateKey { get => throw null; } + } + public sealed class Pkcs8PrivateKeyInfo + { + public System.Security.Cryptography.Oid AlgorithmId { get => throw null; } + public System.ReadOnlyMemory? AlgorithmParameters { get => throw null; } + public System.Security.Cryptography.CryptographicAttributeObjectCollection Attributes { get => throw null; } + public static System.Security.Cryptography.Pkcs.Pkcs8PrivateKeyInfo Create(System.Security.Cryptography.AsymmetricAlgorithm privateKey) => throw null; + public Pkcs8PrivateKeyInfo(System.Security.Cryptography.Oid algorithmId, System.ReadOnlyMemory? algorithmParameters, System.ReadOnlyMemory privateKey, bool skipCopies = default(bool)) => throw null; + public static System.Security.Cryptography.Pkcs.Pkcs8PrivateKeyInfo Decode(System.ReadOnlyMemory source, out int bytesRead, bool skipCopy = default(bool)) => throw null; + public static System.Security.Cryptography.Pkcs.Pkcs8PrivateKeyInfo DecryptAndDecode(System.ReadOnlySpan password, System.ReadOnlyMemory source, out int bytesRead) => throw null; + public static System.Security.Cryptography.Pkcs.Pkcs8PrivateKeyInfo DecryptAndDecode(System.ReadOnlySpan passwordBytes, System.ReadOnlyMemory source, out int bytesRead) => throw null; + public byte[] Encode() => throw null; + public byte[] Encrypt(System.ReadOnlySpan password, System.Security.Cryptography.PbeParameters pbeParameters) => throw null; + public byte[] Encrypt(System.ReadOnlySpan passwordBytes, System.Security.Cryptography.PbeParameters pbeParameters) => throw null; + public System.ReadOnlyMemory PrivateKeyBytes { get => throw null; } + public bool TryEncode(System.Span destination, out int bytesWritten) => throw null; + public bool TryEncrypt(System.ReadOnlySpan password, System.Security.Cryptography.PbeParameters pbeParameters, System.Span destination, out int bytesWritten) => throw null; + public bool TryEncrypt(System.ReadOnlySpan passwordBytes, System.Security.Cryptography.PbeParameters pbeParameters, System.Span destination, out int bytesWritten) => throw null; + } + public class Pkcs9AttributeObject : System.Security.Cryptography.AsnEncodedData + { + public override void CopyFrom(System.Security.Cryptography.AsnEncodedData asnEncodedData) => throw null; + public Pkcs9AttributeObject() => throw null; + public Pkcs9AttributeObject(string oid, byte[] encodedData) => throw null; + public Pkcs9AttributeObject(System.Security.Cryptography.Oid oid, byte[] encodedData) => throw null; + public Pkcs9AttributeObject(System.Security.Cryptography.AsnEncodedData asnEncodedData) => throw null; + public System.Security.Cryptography.Oid Oid { get => throw null; } + } + public sealed class Pkcs9ContentType : System.Security.Cryptography.Pkcs.Pkcs9AttributeObject + { + public System.Security.Cryptography.Oid ContentType { get => throw null; } + public override void CopyFrom(System.Security.Cryptography.AsnEncodedData asnEncodedData) => throw null; + public Pkcs9ContentType() => throw null; + } + public sealed class Pkcs9DocumentDescription : System.Security.Cryptography.Pkcs.Pkcs9AttributeObject + { + public override void CopyFrom(System.Security.Cryptography.AsnEncodedData asnEncodedData) => throw null; + public Pkcs9DocumentDescription() => throw null; + public Pkcs9DocumentDescription(string documentDescription) => throw null; + public Pkcs9DocumentDescription(byte[] encodedDocumentDescription) => throw null; + public string DocumentDescription { get => throw null; } + } + public sealed class Pkcs9DocumentName : System.Security.Cryptography.Pkcs.Pkcs9AttributeObject + { + public override void CopyFrom(System.Security.Cryptography.AsnEncodedData asnEncodedData) => throw null; + public Pkcs9DocumentName() => throw null; + public Pkcs9DocumentName(string documentName) => throw null; + public Pkcs9DocumentName(byte[] encodedDocumentName) => throw null; + public string DocumentName { get => throw null; } + } + public sealed class Pkcs9LocalKeyId : System.Security.Cryptography.Pkcs.Pkcs9AttributeObject + { + public override void CopyFrom(System.Security.Cryptography.AsnEncodedData asnEncodedData) => throw null; + public Pkcs9LocalKeyId() => throw null; + public Pkcs9LocalKeyId(byte[] keyId) => throw null; + public Pkcs9LocalKeyId(System.ReadOnlySpan keyId) => throw null; + public System.ReadOnlyMemory KeyId { get => throw null; } + } + public sealed class Pkcs9MessageDigest : System.Security.Cryptography.Pkcs.Pkcs9AttributeObject + { + public override void CopyFrom(System.Security.Cryptography.AsnEncodedData asnEncodedData) => throw null; + public Pkcs9MessageDigest() => throw null; + public byte[] MessageDigest { get => throw null; } + } + public sealed class Pkcs9SigningTime : System.Security.Cryptography.Pkcs.Pkcs9AttributeObject + { + public override void CopyFrom(System.Security.Cryptography.AsnEncodedData asnEncodedData) => throw null; + public Pkcs9SigningTime() => throw null; + public Pkcs9SigningTime(System.DateTime signingTime) => throw null; + public Pkcs9SigningTime(byte[] encodedSigningTime) => throw null; + public System.DateTime SigningTime { get => throw null; } + } + public sealed class PublicKeyInfo + { + public System.Security.Cryptography.Pkcs.AlgorithmIdentifier Algorithm { get => throw null; } + public byte[] KeyValue { get => throw null; } + } + public abstract class RecipientInfo + { + public abstract byte[] EncryptedKey { get; } + public abstract System.Security.Cryptography.Pkcs.AlgorithmIdentifier KeyEncryptionAlgorithm { get; } + public abstract System.Security.Cryptography.Pkcs.SubjectIdentifier RecipientIdentifier { get; } + public System.Security.Cryptography.Pkcs.RecipientInfoType Type { get => throw null; } + public abstract int Version { get; } + } + public sealed class RecipientInfoCollection : System.Collections.ICollection, System.Collections.IEnumerable + { + public void CopyTo(System.Array array, int index) => throw null; + public void CopyTo(System.Security.Cryptography.Pkcs.RecipientInfo[] array, int index) => throw null; + public int Count { get => throw null; } + public System.Security.Cryptography.Pkcs.RecipientInfoEnumerator GetEnumerator() => throw null; + System.Collections.IEnumerator System.Collections.IEnumerable.GetEnumerator() => throw null; + public bool IsSynchronized { get => throw null; } + public object SyncRoot { get => throw null; } + public System.Security.Cryptography.Pkcs.RecipientInfo this[int index] { get => throw null; } + } + public sealed class RecipientInfoEnumerator : System.Collections.IEnumerator + { + public System.Security.Cryptography.Pkcs.RecipientInfo Current { get => throw null; } + object System.Collections.IEnumerator.Current { get => throw null; } + public bool MoveNext() => throw null; + public void Reset() => throw null; + } + public enum RecipientInfoType + { + Unknown = 0, + KeyTransport = 1, + KeyAgreement = 2, + } + public sealed class Rfc3161TimestampRequest + { + public static System.Security.Cryptography.Pkcs.Rfc3161TimestampRequest CreateFromData(System.ReadOnlySpan data, System.Security.Cryptography.HashAlgorithmName hashAlgorithm, System.Security.Cryptography.Oid requestedPolicyId = default(System.Security.Cryptography.Oid), System.ReadOnlyMemory? nonce = default(System.ReadOnlyMemory?), bool requestSignerCertificates = default(bool), System.Security.Cryptography.X509Certificates.X509ExtensionCollection extensions = default(System.Security.Cryptography.X509Certificates.X509ExtensionCollection)) => throw null; + public static System.Security.Cryptography.Pkcs.Rfc3161TimestampRequest CreateFromHash(System.ReadOnlyMemory hash, System.Security.Cryptography.HashAlgorithmName hashAlgorithm, System.Security.Cryptography.Oid requestedPolicyId = default(System.Security.Cryptography.Oid), System.ReadOnlyMemory? nonce = default(System.ReadOnlyMemory?), bool requestSignerCertificates = default(bool), System.Security.Cryptography.X509Certificates.X509ExtensionCollection extensions = default(System.Security.Cryptography.X509Certificates.X509ExtensionCollection)) => throw null; + public static System.Security.Cryptography.Pkcs.Rfc3161TimestampRequest CreateFromHash(System.ReadOnlyMemory hash, System.Security.Cryptography.Oid hashAlgorithmId, System.Security.Cryptography.Oid requestedPolicyId = default(System.Security.Cryptography.Oid), System.ReadOnlyMemory? nonce = default(System.ReadOnlyMemory?), bool requestSignerCertificates = default(bool), System.Security.Cryptography.X509Certificates.X509ExtensionCollection extensions = default(System.Security.Cryptography.X509Certificates.X509ExtensionCollection)) => throw null; + public static System.Security.Cryptography.Pkcs.Rfc3161TimestampRequest CreateFromSignerInfo(System.Security.Cryptography.Pkcs.SignerInfo signerInfo, System.Security.Cryptography.HashAlgorithmName hashAlgorithm, System.Security.Cryptography.Oid requestedPolicyId = default(System.Security.Cryptography.Oid), System.ReadOnlyMemory? nonce = default(System.ReadOnlyMemory?), bool requestSignerCertificates = default(bool), System.Security.Cryptography.X509Certificates.X509ExtensionCollection extensions = default(System.Security.Cryptography.X509Certificates.X509ExtensionCollection)) => throw null; + public byte[] Encode() => throw null; + public System.Security.Cryptography.X509Certificates.X509ExtensionCollection GetExtensions() => throw null; + public System.ReadOnlyMemory GetMessageHash() => throw null; + public System.ReadOnlyMemory? GetNonce() => throw null; + public bool HasExtensions { get => throw null; } + public System.Security.Cryptography.Oid HashAlgorithmId { get => throw null; } + public System.Security.Cryptography.Pkcs.Rfc3161TimestampToken ProcessResponse(System.ReadOnlyMemory responseBytes, out int bytesConsumed) => throw null; + public System.Security.Cryptography.Oid RequestedPolicyId { get => throw null; } + public bool RequestSignerCertificate { get => throw null; } + public static bool TryDecode(System.ReadOnlyMemory encodedBytes, out System.Security.Cryptography.Pkcs.Rfc3161TimestampRequest request, out int bytesConsumed) => throw null; + public bool TryEncode(System.Span destination, out int bytesWritten) => throw null; + public int Version { get => throw null; } + } + public sealed class Rfc3161TimestampToken + { + public System.Security.Cryptography.Pkcs.SignedCms AsSignedCms() => throw null; + public System.Security.Cryptography.Pkcs.Rfc3161TimestampTokenInfo TokenInfo { get => throw null; } + public static bool TryDecode(System.ReadOnlyMemory encodedBytes, out System.Security.Cryptography.Pkcs.Rfc3161TimestampToken token, out int bytesConsumed) => throw null; + public bool VerifySignatureForData(System.ReadOnlySpan data, out System.Security.Cryptography.X509Certificates.X509Certificate2 signerCertificate, System.Security.Cryptography.X509Certificates.X509Certificate2Collection extraCandidates = default(System.Security.Cryptography.X509Certificates.X509Certificate2Collection)) => throw null; + public bool VerifySignatureForHash(System.ReadOnlySpan hash, System.Security.Cryptography.HashAlgorithmName hashAlgorithm, out System.Security.Cryptography.X509Certificates.X509Certificate2 signerCertificate, System.Security.Cryptography.X509Certificates.X509Certificate2Collection extraCandidates = default(System.Security.Cryptography.X509Certificates.X509Certificate2Collection)) => throw null; + public bool VerifySignatureForHash(System.ReadOnlySpan hash, System.Security.Cryptography.Oid hashAlgorithmId, out System.Security.Cryptography.X509Certificates.X509Certificate2 signerCertificate, System.Security.Cryptography.X509Certificates.X509Certificate2Collection extraCandidates = default(System.Security.Cryptography.X509Certificates.X509Certificate2Collection)) => throw null; + public bool VerifySignatureForSignerInfo(System.Security.Cryptography.Pkcs.SignerInfo signerInfo, out System.Security.Cryptography.X509Certificates.X509Certificate2 signerCertificate, System.Security.Cryptography.X509Certificates.X509Certificate2Collection extraCandidates = default(System.Security.Cryptography.X509Certificates.X509Certificate2Collection)) => throw null; + } + public sealed class Rfc3161TimestampTokenInfo + { + public long? AccuracyInMicroseconds { get => throw null; } + public Rfc3161TimestampTokenInfo(System.Security.Cryptography.Oid policyId, System.Security.Cryptography.Oid hashAlgorithmId, System.ReadOnlyMemory messageHash, System.ReadOnlyMemory serialNumber, System.DateTimeOffset timestamp, long? accuracyInMicroseconds = default(long?), bool isOrdering = default(bool), System.ReadOnlyMemory? nonce = default(System.ReadOnlyMemory?), System.ReadOnlyMemory? timestampAuthorityName = default(System.ReadOnlyMemory?), System.Security.Cryptography.X509Certificates.X509ExtensionCollection extensions = default(System.Security.Cryptography.X509Certificates.X509ExtensionCollection)) => throw null; + public byte[] Encode() => throw null; + public System.Security.Cryptography.X509Certificates.X509ExtensionCollection GetExtensions() => throw null; + public System.ReadOnlyMemory GetMessageHash() => throw null; + public System.ReadOnlyMemory? GetNonce() => throw null; + public System.ReadOnlyMemory GetSerialNumber() => throw null; + public System.ReadOnlyMemory? GetTimestampAuthorityName() => throw null; + public bool HasExtensions { get => throw null; } + public System.Security.Cryptography.Oid HashAlgorithmId { get => throw null; } + public bool IsOrdering { get => throw null; } + public System.Security.Cryptography.Oid PolicyId { get => throw null; } + public System.DateTimeOffset Timestamp { get => throw null; } + public static bool TryDecode(System.ReadOnlyMemory encodedBytes, out System.Security.Cryptography.Pkcs.Rfc3161TimestampTokenInfo timestampTokenInfo, out int bytesConsumed) => throw null; + public bool TryEncode(System.Span destination, out int bytesWritten) => throw null; + public int Version { get => throw null; } + } + public sealed class SignedCms + { + public void AddCertificate(System.Security.Cryptography.X509Certificates.X509Certificate2 certificate) => throw null; + public System.Security.Cryptography.X509Certificates.X509Certificate2Collection Certificates { get => throw null; } + public void CheckHash() => throw null; + public void CheckSignature(bool verifySignatureOnly) => throw null; + public void CheckSignature(System.Security.Cryptography.X509Certificates.X509Certificate2Collection extraStore, bool verifySignatureOnly) => throw null; + public void ComputeSignature() => throw null; + public void ComputeSignature(System.Security.Cryptography.Pkcs.CmsSigner signer) => throw null; + public void ComputeSignature(System.Security.Cryptography.Pkcs.CmsSigner signer, bool silent) => throw null; + public System.Security.Cryptography.Pkcs.ContentInfo ContentInfo { get => throw null; } + public SignedCms(System.Security.Cryptography.Pkcs.SubjectIdentifierType signerIdentifierType, System.Security.Cryptography.Pkcs.ContentInfo contentInfo, bool detached) => throw null; + public SignedCms() => throw null; + public SignedCms(System.Security.Cryptography.Pkcs.SubjectIdentifierType signerIdentifierType) => throw null; + public SignedCms(System.Security.Cryptography.Pkcs.ContentInfo contentInfo) => throw null; + public SignedCms(System.Security.Cryptography.Pkcs.SubjectIdentifierType signerIdentifierType, System.Security.Cryptography.Pkcs.ContentInfo contentInfo) => throw null; + public SignedCms(System.Security.Cryptography.Pkcs.ContentInfo contentInfo, bool detached) => throw null; + public void Decode(byte[] encodedMessage) => throw null; + public void Decode(System.ReadOnlySpan encodedMessage) => throw null; + public bool Detached { get => throw null; } + public byte[] Encode() => throw null; + public void RemoveCertificate(System.Security.Cryptography.X509Certificates.X509Certificate2 certificate) => throw null; + public void RemoveSignature(int index) => throw null; + public void RemoveSignature(System.Security.Cryptography.Pkcs.SignerInfo signerInfo) => throw null; + public System.Security.Cryptography.Pkcs.SignerInfoCollection SignerInfos { get => throw null; } + public int Version { get => throw null; } + } + public sealed class SignerInfo + { + public void AddUnsignedAttribute(System.Security.Cryptography.AsnEncodedData unsignedAttribute) => throw null; + public System.Security.Cryptography.X509Certificates.X509Certificate2 Certificate { get => throw null; } + public void CheckHash() => throw null; + public void CheckSignature(bool verifySignatureOnly) => throw null; + public void CheckSignature(System.Security.Cryptography.X509Certificates.X509Certificate2Collection extraStore, bool verifySignatureOnly) => throw null; + public void ComputeCounterSignature() => throw null; + public void ComputeCounterSignature(System.Security.Cryptography.Pkcs.CmsSigner signer) => throw null; + public System.Security.Cryptography.Pkcs.SignerInfoCollection CounterSignerInfos { get => throw null; } + public System.Security.Cryptography.Oid DigestAlgorithm { get => throw null; } + public byte[] GetSignature() => throw null; + public void RemoveCounterSignature(int index) => throw null; + public void RemoveCounterSignature(System.Security.Cryptography.Pkcs.SignerInfo counterSignerInfo) => throw null; + public void RemoveUnsignedAttribute(System.Security.Cryptography.AsnEncodedData unsignedAttribute) => throw null; + public System.Security.Cryptography.Oid SignatureAlgorithm { get => throw null; } + public System.Security.Cryptography.CryptographicAttributeObjectCollection SignedAttributes { get => throw null; } + public System.Security.Cryptography.Pkcs.SubjectIdentifier SignerIdentifier { get => throw null; } + public System.Security.Cryptography.CryptographicAttributeObjectCollection UnsignedAttributes { get => throw null; } + public int Version { get => throw null; } + } + public sealed class SignerInfoCollection : System.Collections.ICollection, System.Collections.IEnumerable + { + public void CopyTo(System.Array array, int index) => throw null; + public void CopyTo(System.Security.Cryptography.Pkcs.SignerInfo[] array, int index) => throw null; + public int Count { get => throw null; } + public System.Security.Cryptography.Pkcs.SignerInfoEnumerator GetEnumerator() => throw null; + System.Collections.IEnumerator System.Collections.IEnumerable.GetEnumerator() => throw null; + public bool IsSynchronized { get => throw null; } + public object SyncRoot { get => throw null; } + public System.Security.Cryptography.Pkcs.SignerInfo this[int index] { get => throw null; } + } + public sealed class SignerInfoEnumerator : System.Collections.IEnumerator + { + public System.Security.Cryptography.Pkcs.SignerInfo Current { get => throw null; } + object System.Collections.IEnumerator.Current { get => throw null; } + public bool MoveNext() => throw null; + public void Reset() => throw null; + } + public sealed class SubjectIdentifier + { + public bool MatchesCertificate(System.Security.Cryptography.X509Certificates.X509Certificate2 certificate) => throw null; + public System.Security.Cryptography.Pkcs.SubjectIdentifierType Type { get => throw null; } + public object Value { get => throw null; } + } + public sealed class SubjectIdentifierOrKey + { + public System.Security.Cryptography.Pkcs.SubjectIdentifierOrKeyType Type { get => throw null; } + public object Value { get => throw null; } + } + public enum SubjectIdentifierOrKeyType + { + Unknown = 0, + IssuerAndSerialNumber = 1, + SubjectKeyIdentifier = 2, + PublicKeyInfo = 3, + } + public enum SubjectIdentifierType + { + Unknown = 0, + IssuerAndSerialNumber = 1, + SubjectKeyIdentifier = 2, + NoSignature = 3, + } + } + namespace Xml + { + public struct X509IssuerSerial + { + public string IssuerName { get => throw null; set { } } + public string SerialNumber { get => throw null; set { } } + } + } + } + } +} diff --git a/csharp/ql/test/resources/stubs/System.Security.Cryptography.Pkcs/9.0.4/System.Security.Cryptography.Pkcs.csproj b/csharp/ql/test/resources/stubs/System.Security.Cryptography.Pkcs/9.0.4/System.Security.Cryptography.Pkcs.csproj new file mode 100644 index 00000000000..c7646fbae20 --- /dev/null +++ b/csharp/ql/test/resources/stubs/System.Security.Cryptography.Pkcs/9.0.4/System.Security.Cryptography.Pkcs.csproj @@ -0,0 +1,12 @@ + + + net9.0 + true + bin\ + false + + + + + + diff --git a/csharp/ql/test/resources/stubs/System.Security.Cryptography.ProtectedData/9.0.4/System.Security.Cryptography.ProtectedData.cs b/csharp/ql/test/resources/stubs/System.Security.Cryptography.ProtectedData/9.0.4/System.Security.Cryptography.ProtectedData.cs new file mode 100644 index 00000000000..112088cf6b5 --- /dev/null +++ b/csharp/ql/test/resources/stubs/System.Security.Cryptography.ProtectedData/9.0.4/System.Security.Cryptography.ProtectedData.cs @@ -0,0 +1,21 @@ +// This file contains auto-generated code. +// Generated from `System.Security.Cryptography.ProtectedData, Version=9.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a`. +namespace System +{ + namespace Security + { + namespace Cryptography + { + public enum DataProtectionScope + { + CurrentUser = 0, + LocalMachine = 1, + } + public static class ProtectedData + { + public static byte[] Protect(byte[] userData, byte[] optionalEntropy, System.Security.Cryptography.DataProtectionScope scope) => throw null; + public static byte[] Unprotect(byte[] encryptedData, byte[] optionalEntropy, System.Security.Cryptography.DataProtectionScope scope) => throw null; + } + } + } +} diff --git a/csharp/ql/test/resources/stubs/System.Security.Cryptography.ProtectedData/9.0.4/System.Security.Cryptography.ProtectedData.csproj b/csharp/ql/test/resources/stubs/System.Security.Cryptography.ProtectedData/9.0.4/System.Security.Cryptography.ProtectedData.csproj new file mode 100644 index 00000000000..c7646fbae20 --- /dev/null +++ b/csharp/ql/test/resources/stubs/System.Security.Cryptography.ProtectedData/9.0.4/System.Security.Cryptography.ProtectedData.csproj @@ -0,0 +1,12 @@ + + + net9.0 + true + bin\ + false + + + + + + diff --git a/csharp/ql/test/resources/stubs/System.Text.Encodings.Web/4.7.2/System.Text.Encodings.Web.csproj b/csharp/ql/test/resources/stubs/System.Text.Encodings.Web/4.7.2/System.Text.Encodings.Web.csproj new file mode 100644 index 00000000000..c7646fbae20 --- /dev/null +++ b/csharp/ql/test/resources/stubs/System.Text.Encodings.Web/4.7.2/System.Text.Encodings.Web.csproj @@ -0,0 +1,12 @@ + + + net9.0 + true + bin\ + false + + + + + + diff --git a/csharp/ql/test/resources/stubs/System.Text.Json/4.7.2/System.Text.Json.csproj b/csharp/ql/test/resources/stubs/System.Text.Json/4.7.2/System.Text.Json.csproj new file mode 100644 index 00000000000..c7646fbae20 --- /dev/null +++ b/csharp/ql/test/resources/stubs/System.Text.Json/4.7.2/System.Text.Json.csproj @@ -0,0 +1,12 @@ + + + net9.0 + true + bin\ + false + + + + + + diff --git a/csharp/ql/test/resources/stubs/System.Threading.Tasks.Extensions/4.5.4/System.Threading.Tasks.Extensions.csproj b/csharp/ql/test/resources/stubs/System.Threading.Tasks.Extensions/4.5.4/System.Threading.Tasks.Extensions.csproj new file mode 100644 index 00000000000..c7646fbae20 --- /dev/null +++ b/csharp/ql/test/resources/stubs/System.Threading.Tasks.Extensions/4.5.4/System.Threading.Tasks.Extensions.csproj @@ -0,0 +1,12 @@ + + + net9.0 + true + bin\ + false + + + + + + From bb85e241214ced356401c8621e43aacad74065f6 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Wed, 25 Jun 2025 13:19:53 +0200 Subject: [PATCH 059/111] C#: Convert SQL injection test to use inline expectations. --- .../CWE-089/SecondOrderSqlInjection.cs | 8 ++--- .../Security Features/CWE-089/SqlInjection.cs | 30 +++++++++---------- .../CWE-089/SqlInjection.qlref | 4 ++- .../CWE-089/SqlInjectionDapper.cs | 28 ++++++++--------- .../CWE-089/SqlInjectionSqlite.cs | 16 +++++----- 5 files changed, 44 insertions(+), 42 deletions(-) diff --git a/csharp/ql/test/query-tests/Security Features/CWE-089/SecondOrderSqlInjection.cs b/csharp/ql/test/query-tests/Security Features/CWE-089/SecondOrderSqlInjection.cs index b8ecf0b8e0a..b2240908686 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-089/SecondOrderSqlInjection.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-089/SecondOrderSqlInjection.cs @@ -17,12 +17,12 @@ namespace Test { connection.Open(); SqlCommand customerCommand = new SqlCommand("SELECT * FROM customers", connection); - SqlDataReader customerReader = customerCommand.ExecuteReader(); + SqlDataReader customerReader = customerCommand.ExecuteReader(); // $ Source[cs/sql-injection] while (customerReader.Read()) { // BAD: Read from database, write it straight to another query - SqlCommand secondCustomerCommand = new SqlCommand("SELECT * FROM customers WHERE customerName=" + customerReader.GetString(1), connection); + SqlCommand secondCustomerCommand = new SqlCommand("SELECT * FROM customers WHERE customerName=" + customerReader.GetString(1), connection); // $ Alert[cs/sql-injection] } customerReader.Close(); } @@ -30,7 +30,7 @@ namespace Test public void RunSQLFromFile() { - using (FileStream fs = new FileStream("myfile.txt", FileMode.Open)) + using (FileStream fs = new FileStream("myfile.txt", FileMode.Open)) // $ Source[cs/sql-injection] { using (StreamReader sr = new StreamReader(fs, Encoding.UTF8)) { @@ -42,7 +42,7 @@ namespace Test continue; using (var connection = new SQLiteConnection("")) { - var cmd = new SQLiteCommand(sql, connection); + var cmd = new SQLiteCommand(sql, connection); // $ Alert[cs/sql-injection] cmd.ExecuteScalar(); } } diff --git a/csharp/ql/test/query-tests/Security Features/CWE-089/SqlInjection.cs b/csharp/ql/test/query-tests/Security Features/CWE-089/SqlInjection.cs index 38dcf94ef8d..e7dd2f73260 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-089/SqlInjection.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-089/SqlInjection.cs @@ -35,8 +35,8 @@ namespace Test using (var connection = new SqlConnection(connectionString)) { var query1 = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='" - + categoryTextBox.Text + "' ORDER BY PRICE"; - var adapter = new SqlDataAdapter(query1, connection); + + categoryTextBox.Text + "' ORDER BY PRICE"; // $ Source[cs/sql-injection] + var adapter = new SqlDataAdapter(query1, connection); // $ Alert[cs/sql-injection] var result = new DataSet(); adapter.Fill(result); } @@ -70,9 +70,9 @@ namespace Test { // BAD: Use EntityFramework direct Sql execution methods var query1 = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='" - + categoryTextBox.Text + "' ORDER BY PRICE"; - context.Database.ExecuteSqlCommand(query1); - context.Database.SqlQuery(query1); + + categoryTextBox.Text + "' ORDER BY PRICE"; // $ Source[cs/sql-injection] + context.Database.ExecuteSqlCommand(query1); // $ Alert[cs/sql-injection] + context.Database.SqlQuery(query1); // $ Alert[cs/sql-injection] // GOOD: Use EntityFramework direct Sql execution methods with parameter var query2 = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=" + "@p0 ORDER BY PRICE"; @@ -84,8 +84,8 @@ namespace Test using (var connection = new SqlConnection(connectionString)) { var query1 = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='" - + box1.Text + "' ORDER BY PRICE"; - var adapter = new SqlDataAdapter(query1, connection); + + box1.Text + "' ORDER BY PRICE"; // $ Source[cs/sql-injection] + var adapter = new SqlDataAdapter(query1, connection); // $ Alert[cs/sql-injection] var result = new DataSet(); adapter.Fill(result); } @@ -94,9 +94,9 @@ namespace Test using (var connection = new SqlConnection(connectionString)) { var queryString = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='" - + box1.Text + "' ORDER BY PRICE"; - var cmd = new SqlCommand(queryString); - var adapter = new SqlDataAdapter(cmd); + + box1.Text + "' ORDER BY PRICE"; // $ Source[cs/sql-injection] + var cmd = new SqlCommand(queryString); // $ Alert[cs/sql-injection] + var adapter = new SqlDataAdapter(cmd); // $ Alert[cs/sql-injection] var result = new DataSet(); adapter.Fill(result); } @@ -105,9 +105,9 @@ namespace Test using (var connection = new SqlConnection(connectionString)) { var queryString = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='" - + Console.ReadLine()! + "' ORDER BY PRICE"; - var cmd = new SqlCommand(queryString); - var adapter = new SqlDataAdapter(cmd); + + Console.ReadLine()! + "' ORDER BY PRICE"; // $ Source[cs/sql-injection] + var cmd = new SqlCommand(queryString); // $ Alert[cs/sql-injection] + var adapter = new SqlDataAdapter(cmd); // $ Alert[cs/sql-injection] var result = new DataSet(); adapter.Fill(result); } @@ -119,14 +119,14 @@ namespace Test public abstract class MyController : Controller { [HttpPost("{userId:string}")] - public async Task GetUserById([FromRoute] string userId, CancellationToken cancellationToken) + public async Task GetUserById([FromRoute] string userId, CancellationToken cancellationToken) // $ Source[cs/sql-injection] { // This is a vulnerable method due to SQL injection string query = "SELECT * FROM Users WHERE UserId = '" + userId + "'"; using (SqlConnection connection = new SqlConnection("YourConnectionString")) { - SqlCommand command = new SqlCommand(query, connection); + SqlCommand command = new SqlCommand(query, connection); // $ Alert[cs/sql-injection] connection.Open(); SqlDataReader reader = command.ExecuteReader(); diff --git a/csharp/ql/test/query-tests/Security Features/CWE-089/SqlInjection.qlref b/csharp/ql/test/query-tests/Security Features/CWE-089/SqlInjection.qlref index 56829ee8e8f..1421faac807 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-089/SqlInjection.qlref +++ b/csharp/ql/test/query-tests/Security Features/CWE-089/SqlInjection.qlref @@ -1,2 +1,4 @@ query: Security Features/CWE-089/SqlInjection.ql -postprocess: utils/test/PrettyPrintModels.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-089/SqlInjectionDapper.cs b/csharp/ql/test/query-tests/Security Features/CWE-089/SqlInjectionDapper.cs index ec54c70ddeb..360264c5776 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-089/SqlInjectionDapper.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-089/SqlInjectionDapper.cs @@ -17,8 +17,8 @@ namespace Test { using (var connection = new SqlConnection(connectionString)) { - var query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='" + box1.Text + "' ORDER BY PRICE"; - var result = connection.Query(query); + var query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='" + box1.Text + "' ORDER BY PRICE"; // $ Source[cs/sql-injection] + var result = connection.Query(query); // $ Alert[cs/sql-injection] } } @@ -26,8 +26,8 @@ namespace Test { using (var connection = new SqlConnection(connectionString)) { - var query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='" + box1.Text + "' ORDER BY PRICE"; - var result = await connection.QueryAsync(query); + var query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='" + box1.Text + "' ORDER BY PRICE"; // $ Source[cs/sql-injection] + var result = await connection.QueryAsync(query); // $ Alert[cs/sql-injection] } } @@ -35,8 +35,8 @@ namespace Test { using (var connection = new SqlConnection(connectionString)) { - var query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='" + box1.Text + "' ORDER BY PRICE"; - var result = await connection.QueryFirstAsync(query); + var query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='" + box1.Text + "' ORDER BY PRICE"; // $ Source[cs/sql-injection] + var result = await connection.QueryFirstAsync(query); // $ Alert[cs/sql-injection] } } @@ -44,9 +44,9 @@ namespace Test { using (var connection = new SqlConnection(connectionString)) { - var query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='" + box1.Text + "' ORDER BY PRICE"; + var query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='" + box1.Text + "' ORDER BY PRICE"; // $ Source[cs/sql-injection] - await connection.ExecuteAsync(query); + await connection.ExecuteAsync(query); // $ Alert[cs/sql-injection] } } @@ -54,8 +54,8 @@ namespace Test { using (var connection = new SqlConnection(connectionString)) { - var query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='" + box1.Text + "' ORDER BY PRICE"; - connection.ExecuteScalar(query); + var query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='" + box1.Text + "' ORDER BY PRICE"; // $ Source[cs/sql-injection] + connection.ExecuteScalar(query); // $ Alert[cs/sql-injection] } } @@ -63,8 +63,8 @@ namespace Test { using (var connection = new SqlConnection(connectionString)) { - var query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='" + box1.Text + "' ORDER BY PRICE"; - connection.ExecuteReader(query); + var query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='" + box1.Text + "' ORDER BY PRICE"; // $ Source[cs/sql-injection] + connection.ExecuteReader(query); // $ Alert[cs/sql-injection] } } @@ -72,9 +72,9 @@ namespace Test { using (var connection = new SqlConnection(connectionString)) { - var query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='" + box1.Text + "' ORDER BY PRICE"; + var query = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='" + box1.Text + "' ORDER BY PRICE"; // $ Source[cs/sql-injection] - var comDef = new CommandDefinition(query); + var comDef = new CommandDefinition(query); // $ Alert[cs/sql-injection] var result = await connection.QueryFirstAsync(comDef); } } diff --git a/csharp/ql/test/query-tests/Security Features/CWE-089/SqlInjectionSqlite.cs b/csharp/ql/test/query-tests/Security Features/CWE-089/SqlInjectionSqlite.cs index 6654a8fdec1..c7b6f1db072 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-089/SqlInjectionSqlite.cs +++ b/csharp/ql/test/query-tests/Security Features/CWE-089/SqlInjectionSqlite.cs @@ -16,12 +16,12 @@ namespace TestSqlite public void InjectUntrustedData() { // BAD: untrusted data is not sanitized. - SQLiteCommand cmd = new SQLiteCommand(untrustedData.Text); + SQLiteCommand cmd = new SQLiteCommand(untrustedData.Text); // $ Alert[cs/sql-injection] // BAD: untrusted data is not sanitized. using (var connection = new SQLiteConnection(connectionString)) { - cmd = new SQLiteCommand(untrustedData.Text, connection); + cmd = new SQLiteCommand(untrustedData.Text, connection); // $ Source[cs/sql-injection] Alert[cs/sql-injection] } SQLiteDataAdapter adapter; @@ -30,23 +30,23 @@ namespace TestSqlite // BAD: untrusted data is not sanitized. using (var connection = new SQLiteConnection(connectionString)) { - adapter = new SQLiteDataAdapter(untrustedData.Text, connection); + adapter = new SQLiteDataAdapter(untrustedData.Text, connection); // $ Alert[cs/sql-injection] result = new DataSet(); adapter.Fill(result); } // BAD: untrusted data is not sanitized. - adapter = new SQLiteDataAdapter(untrustedData.Text, connectionString); + adapter = new SQLiteDataAdapter(untrustedData.Text, connectionString); // $ Alert[cs/sql-injection] result = new DataSet(); adapter.Fill(result); // BAD: untrusted data is not sanitized. - adapter = new SQLiteDataAdapter(cmd); + adapter = new SQLiteDataAdapter(cmd); // $ Alert[cs/sql-injection] result = new DataSet(); adapter.Fill(result); // BAD: untrusted data as filename is not sanitized. - using (FileStream fs = new FileStream(untrustedData.Text, FileMode.Open)) + using (FileStream fs = new FileStream(untrustedData.Text, FileMode.Open)) // $ Source[cs/sql-injection] { using (StreamReader sr = new StreamReader(fs, Encoding.UTF8)) { @@ -58,7 +58,7 @@ namespace TestSqlite continue; using (var connection = new SQLiteConnection("")) { - cmd = new SQLiteCommand(sql, connection); + cmd = new SQLiteCommand(sql, connection); // $ Alert[cs/sql-injection] cmd.ExecuteScalar(); } } @@ -66,4 +66,4 @@ namespace TestSqlite } } } -} \ No newline at end of file +} From 710e08088f3d528bca4f4bbb3680ce535403535a Mon Sep 17 00:00:00 2001 From: Nicolas Will Date: Wed, 25 Jun 2025 15:23:33 +0200 Subject: [PATCH 060/111] Crypto: Refactor casing and documentation --- .../MACAlgorithmInstance.qll | 6 +- .../PaddingAlgorithmInstance.qll | 6 +- java/ql/lib/experimental/quantum/JCA.qll | 114 +++++++------- .../codeql/quantum/experimental/Model.qll | 149 +++++++++--------- 4 files changed, 139 insertions(+), 136 deletions(-) diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/MACAlgorithmInstance.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/MACAlgorithmInstance.qll index 2e476824316..ac1898d7bdf 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/MACAlgorithmInstance.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/MACAlgorithmInstance.qll @@ -7,7 +7,7 @@ private import experimental.quantum.OpenSSL.Operations.OpenSSLOperations private import AlgToAVCFlow class KnownOpenSslMacConstantAlgorithmInstance extends OpenSslAlgorithmInstance, - Crypto::MACAlgorithmInstance instanceof KnownOpenSslMacAlgorithmExpr + Crypto::MacAlgorithmInstance instanceof KnownOpenSslMacAlgorithmExpr { OpenSslAlgorithmValueConsumer getterCall; @@ -39,14 +39,14 @@ class KnownOpenSslMacConstantAlgorithmInstance extends OpenSslAlgorithmInstance, result = this.(Call).getTarget().getName() } - override Crypto::TMACType getMacType() { + override Crypto::TMacType getMacType() { this instanceof KnownOpenSslHMacAlgorithmExpr and result instanceof Crypto::THMAC or this instanceof KnownOpenSslCMacAlgorithmExpr and result instanceof Crypto::TCMAC } } -class KnownOpenSslHMacConstantAlgorithmInstance extends Crypto::HMACAlgorithmInstance, +class KnownOpenSslHMacConstantAlgorithmInstance extends Crypto::HmacAlgorithmInstance, KnownOpenSslMacConstantAlgorithmInstance { override Crypto::AlgorithmValueConsumer getHashAlgorithmValueConsumer() { diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/PaddingAlgorithmInstance.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/PaddingAlgorithmInstance.qll index e794b84b8f8..89af70fb6c3 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/PaddingAlgorithmInstance.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/PaddingAlgorithmInstance.qll @@ -161,18 +161,18 @@ class KnownOpenSslPaddingConstantAlgorithmInstance extends OpenSslAlgorithmInsta // else result = Crypto::OtherPadding() // } // } -class OaepPaddingAlgorithmInstance extends Crypto::OAEPPaddingAlgorithmInstance, +class OaepPaddingAlgorithmInstance extends Crypto::OaepPaddingAlgorithmInstance, KnownOpenSslPaddingConstantAlgorithmInstance { OaepPaddingAlgorithmInstance() { this.(Crypto::PaddingAlgorithmInstance).getPaddingType() = Crypto::OAEP() } - override Crypto::HashAlgorithmInstance getOAEPEncodingHashAlgorithm() { + override Crypto::HashAlgorithmInstance getOaepEncodingHashAlgorithm() { none() //TODO } - override Crypto::HashAlgorithmInstance getMGF1HashAlgorithm() { + override Crypto::HashAlgorithmInstance getMgf1HashAlgorithm() { none() //TODO } } diff --git a/java/ql/lib/experimental/quantum/JCA.qll b/java/ql/lib/experimental/quantum/JCA.qll index 16afa26347f..08898f256c4 100644 --- a/java/ql/lib/experimental/quantum/JCA.qll +++ b/java/ql/lib/experimental/quantum/JCA.qll @@ -205,7 +205,7 @@ module JCAModel { } bindingset[name] - predicate mac_name_to_mac_type_known(Crypto::TMACType type, string name) { + predicate mac_name_to_mac_type_known(Crypto::TMacType type, string name) { type = Crypto::THMAC() and name.toUpperCase().matches("HMAC%") } @@ -373,12 +373,12 @@ module JCAModel { oaep_padding_string_components(any(CipherStringLiteral s).getPadding(), hash, mfg) } - class OAEPPaddingHashAlgorithmInstance extends OAEPPaddingAlgorithmInstance, + class OaepPaddingHashAlgorithmInstance extends OaepPaddingAlgorithmInstance, Crypto::HashAlgorithmInstance instanceof CipherStringLiteral { string hashName; - OAEPPaddingHashAlgorithmInstance() { + OaepPaddingHashAlgorithmInstance() { oaep_padding_string_components(super.getPadding(), hashName, _) } @@ -389,12 +389,12 @@ module JCAModel { override int getFixedDigestLength() { exists(hash_name_to_type_known(hashName, result)) } } - class OAEPPaddingAlgorithmInstance extends Crypto::OAEPPaddingAlgorithmInstance, + class OaepPaddingAlgorithmInstance extends Crypto::OaepPaddingAlgorithmInstance, CipherStringLiteralPaddingAlgorithmInstance { - override Crypto::HashAlgorithmInstance getOAEPEncodingHashAlgorithm() { result = this } + override Crypto::HashAlgorithmInstance getOaepEncodingHashAlgorithm() { result = this } - override Crypto::HashAlgorithmInstance getMGF1HashAlgorithm() { none() } // TODO + override Crypto::HashAlgorithmInstance getMgf1HashAlgorithm() { none() } // TODO } /** @@ -1156,9 +1156,7 @@ module JCAModel { } module KeySpecInstantiationToGenerateSecretFlowConfig implements DataFlow::ConfigSig { - predicate isSource(DataFlow::Node src) { - exists(KeySpecInstantiation call | src.asExpr() = call) - } + predicate isSource(DataFlow::Node src) { src.asExpr() instanceof KeySpecInstantiation } predicate isSink(DataFlow::Node sink) { exists(SecretKeyFactoryGenerateSecretCall call | sink.asExpr() = call.getKeySpecArg()) @@ -1207,29 +1205,29 @@ module JCAModel { predicate isIntermediate() { none() } } - class KDFAlgorithmStringLiteral extends Crypto::KeyDerivationAlgorithmInstance instanceof StringLiteral + class KdfAlgorithmStringLiteral extends Crypto::KeyDerivationAlgorithmInstance instanceof StringLiteral { SecretKeyFactoryKDFAlgorithmValueConsumer consumer; - KDFAlgorithmStringLiteral() { + KdfAlgorithmStringLiteral() { kdf_names(this.getValue()) and KDFAlgorithmStringToGetInstanceFlow::flow(DataFlow::exprNode(this), consumer.getInputNode()) } - override string getRawKDFAlgorithmName() { result = super.getValue() } + override string getRawKdfAlgorithmName() { result = super.getValue() } - override Crypto::TKeyDerivationType getKDFType() { + override Crypto::TKeyDerivationType getKdfType() { result = kdf_name_to_kdf_type(super.getValue(), _) } SecretKeyFactoryKDFAlgorithmValueConsumer getConsumer() { result = consumer } } - class PBKDF2AlgorithmStringLiteral extends KDFAlgorithmStringLiteral, - Crypto::PBKDF2AlgorithmInstance, Crypto::HMACAlgorithmInstance, Crypto::HashAlgorithmInstance, + class Pbkdf2AlgorithmStringLiteral extends KdfAlgorithmStringLiteral, + Crypto::Pbkdf2AlgorithmInstance, Crypto::HmacAlgorithmInstance, Crypto::HashAlgorithmInstance, Crypto::AlgorithmValueConsumer { - PBKDF2AlgorithmStringLiteral() { super.getKDFType() instanceof Crypto::PBKDF2 } + Pbkdf2AlgorithmStringLiteral() { super.getKdfType() instanceof Crypto::PBKDF2 } override Crypto::ConsumerInputDataFlowNode getInputNode() { none() } @@ -1244,16 +1242,16 @@ module JCAModel { } override string getRawMacAlgorithmName() { - result = super.getRawKDFAlgorithmName().splitAt("PBKDF2With", 1) + result = super.getRawKdfAlgorithmName().splitAt("PBKDF2With", 1) } override string getRawHashAlgorithmName() { - result = super.getRawKDFAlgorithmName().splitAt("WithHmac", 1) + result = super.getRawKdfAlgorithmName().splitAt("WithHmac", 1) } - override Crypto::TMACType getMacType() { result instanceof Crypto::THMAC } + override Crypto::TMacType getMacType() { result instanceof Crypto::THMAC } - override Crypto::AlgorithmValueConsumer getHMACAlgorithmValueConsumer() { result = this } + override Crypto::AlgorithmValueConsumer getHmacAlgorithmValueConsumer() { result = this } override Crypto::AlgorithmValueConsumer getHashAlgorithmValueConsumer() { result = this } } @@ -1267,7 +1265,7 @@ module JCAModel { override Crypto::ConsumerInputDataFlowNode getInputNode() { result.asExpr() = this } override Crypto::AlgorithmInstance getAKnownAlgorithmSource() { - exists(KDFAlgorithmStringLiteral l | l.getConsumer() = this and result = l) + exists(KdfAlgorithmStringLiteral l | l.getConsumer() = this and result = l) } SecretKeyFactoryGetInstanceCall getInstantiation() { result = call } @@ -1442,105 +1440,105 @@ module JCAModel { * MACs */ - module MACKnownAlgorithmToConsumerConfig implements DataFlow::ConfigSig { + module MacKnownAlgorithmToConsumerConfig implements DataFlow::ConfigSig { predicate isSource(DataFlow::Node src) { mac_names(src.asExpr().(StringLiteral).getValue()) } predicate isSink(DataFlow::Node sink) { - exists(MACGetInstanceCall call | sink.asExpr() = call.getAlgorithmArg()) + exists(MacGetInstanceCall call | sink.asExpr() = call.getAlgorithmArg()) } } - module MACKnownAlgorithmToConsumerFlow = DataFlow::Global; + module MacKnownAlgorithmToConsumerFlow = DataFlow::Global; - module MACGetInstanceToMACOperationFlowConfig implements DataFlow::ConfigSig { - predicate isSource(DataFlow::Node src) { src.asExpr() instanceof MACGetInstanceCall } + module MacGetInstanceToMacOperationFlowConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node src) { src.asExpr() instanceof MacGetInstanceCall } predicate isSink(DataFlow::Node sink) { - exists(MACOperationCall call | sink.asExpr() = call.(MethodCall).getQualifier()) or - exists(MACInitCall call | sink.asExpr() = call.(MethodCall).getQualifier()) + exists(MacOperationCall call | sink.asExpr() = call.(MethodCall).getQualifier()) or + exists(MacInitCall call | sink.asExpr() = call.(MethodCall).getQualifier()) } } - module MACGetInstanceToMACOperationFlow = - DataFlow::Global; + module MacGetInstanceToMacOperationFlow = + DataFlow::Global; - module MACInitCallToMACOperationFlowConfig implements DataFlow::ConfigSig { + module MacInitCallToMacOperationFlowConfig implements DataFlow::ConfigSig { // TODO: use flow state with one config predicate isSource(DataFlow::Node src) { - exists(MACInitCall init | src.asExpr() = init.getQualifier()) + exists(MacInitCall init | src.asExpr() = init.getQualifier()) } predicate isSink(DataFlow::Node sink) { - exists(MACOperationCall call | sink.asExpr() = call.(MethodCall).getQualifier()) + exists(MacOperationCall call | sink.asExpr() = call.(MethodCall).getQualifier()) } } - module MACInitCallToMACOperationFlow = DataFlow::Global; + module MacInitCallToMacOperationFlow = DataFlow::Global; - class KnownMACAlgorithm extends Crypto::MACAlgorithmInstance instanceof StringLiteral { - MACGetInstanceAlgorithmValueConsumer consumer; + class KnownMacAlgorithm extends Crypto::MacAlgorithmInstance instanceof StringLiteral { + MacGetInstanceAlgorithmValueConsumer consumer; - KnownMACAlgorithm() { + KnownMacAlgorithm() { mac_names(this.getValue()) and - MACKnownAlgorithmToConsumerFlow::flow(DataFlow::exprNode(this), consumer.getInputNode()) + MacKnownAlgorithmToConsumerFlow::flow(DataFlow::exprNode(this), consumer.getInputNode()) } - MACGetInstanceAlgorithmValueConsumer getConsumer() { result = consumer } + MacGetInstanceAlgorithmValueConsumer getConsumer() { result = consumer } override string getRawMacAlgorithmName() { result = super.getValue() } - override Crypto::TMACType getMacType() { + override Crypto::TMacType getMacType() { if mac_name_to_mac_type_known(_, super.getValue()) then mac_name_to_mac_type_known(result, super.getValue()) else result instanceof Crypto::TOtherMACType } } - class MACGetInstanceCall extends MethodCall { - MACGetInstanceCall() { this.getCallee().hasQualifiedName("javax.crypto", "Mac", "getInstance") } + class MacGetInstanceCall extends MethodCall { + MacGetInstanceCall() { this.getCallee().hasQualifiedName("javax.crypto", "Mac", "getInstance") } Expr getAlgorithmArg() { result = this.getArgument(0) } - MACOperationCall getOperation() { - MACGetInstanceToMACOperationFlow::flow(DataFlow::exprNode(this), + MacOperationCall getOperation() { + MacGetInstanceToMacOperationFlow::flow(DataFlow::exprNode(this), DataFlow::exprNode(result.(MethodCall).getQualifier())) } - MACInitCall getInitCall() { - MACGetInstanceToMACOperationFlow::flow(DataFlow::exprNode(this), + MacInitCall getInitCall() { + MacGetInstanceToMacOperationFlow::flow(DataFlow::exprNode(this), DataFlow::exprNode(result.getQualifier())) } } - class MACInitCall extends MethodCall { - MACInitCall() { this.getCallee().hasQualifiedName("javax.crypto", "Mac", "init") } + class MacInitCall extends MethodCall { + MacInitCall() { this.getCallee().hasQualifiedName("javax.crypto", "Mac", "init") } Expr getKeyArg() { result = this.getArgument(0) and this.getMethod().getParameterType(0).hasName("Key") } - MACOperationCall getOperation() { - MACInitCallToMACOperationFlow::flow(DataFlow::exprNode(this.getQualifier()), + MacOperationCall getOperation() { + MacInitCallToMacOperationFlow::flow(DataFlow::exprNode(this.getQualifier()), DataFlow::exprNode(result.(MethodCall).getQualifier())) } } - class MACGetInstanceAlgorithmValueConsumer extends Crypto::AlgorithmValueConsumer { - MACGetInstanceCall call; + class MacGetInstanceAlgorithmValueConsumer extends Crypto::AlgorithmValueConsumer { + MacGetInstanceCall call; - MACGetInstanceAlgorithmValueConsumer() { this = call.getAlgorithmArg() } + MacGetInstanceAlgorithmValueConsumer() { this = call.getAlgorithmArg() } override Crypto::ConsumerInputDataFlowNode getInputNode() { result.asExpr() = this } override Crypto::AlgorithmInstance getAKnownAlgorithmSource() { - exists(KnownMACAlgorithm l | l.getConsumer() = this and result = l) + exists(KnownMacAlgorithm l | l.getConsumer() = this and result = l) } } - class MACOperationCall extends Crypto::MACOperationInstance instanceof MethodCall { + class MacOperationCall extends Crypto::MacOperationInstance instanceof MethodCall { Expr output; - MACOperationCall() { + MacOperationCall() { super.getMethod().getDeclaringType().hasQualifiedName("javax.crypto", "Mac") and ( super.getMethod().hasStringSignature(["doFinal()", "doFinal(byte[])"]) and this = output @@ -1551,13 +1549,13 @@ module JCAModel { } override Crypto::AlgorithmValueConsumer getAnAlgorithmValueConsumer() { - exists(MACGetInstanceCall instantiation | + exists(MacGetInstanceCall instantiation | instantiation.getOperation() = this and result = instantiation.getAlgorithmArg() ) } override Crypto::ConsumerInputDataFlowNode getKeyConsumer() { - exists(MACGetInstanceCall instantiation, MACInitCall initCall | + exists(MacGetInstanceCall instantiation, MacInitCall initCall | instantiation.getOperation() = this and initCall.getOperation() = this and instantiation.getInitCall() = initCall and diff --git a/shared/quantum/codeql/quantum/experimental/Model.qll b/shared/quantum/codeql/quantum/experimental/Model.qll index d4a900f9bca..e41dae15656 100644 --- a/shared/quantum/codeql/quantum/experimental/Model.qll +++ b/shared/quantum/codeql/quantum/experimental/Model.qll @@ -355,7 +355,7 @@ module CryptographyBase Input> { * * An artifact's properties (such as being a nonce) are not necessarily inherent; they are determined by the context in which the artifact is consumed. * The consumer node is therefore essential in defining these properties for inputs. * * This approach reduces ambiguity by avoiding separate notions of "artifact source" and "consumer", as the node itself encapsulates both roles. - * * Instances of nodes do not necessarily have to come from a consumer, allowing additional modelling of an artifact to occur outside of the consumer. + * * Instances of nodes do not necessarily have to come from a consumer, allowing additional modeling of an artifact to occur outside of the consumer. */ abstract class ArtifactConsumer extends ConsumerElement { /** @@ -403,7 +403,7 @@ module CryptographyBase Input> { or exists(KeyDerivationOperationInstance op | inputNode = op.getInputConsumer()) or - exists(MACOperationInstance op | inputNode = op.getMessageConsumer()) + exists(MacOperationInstance op | inputNode = op.getMessageConsumer()) or exists(HashOperationInstance op | inputNode = op.getInputConsumer()) ) and @@ -537,7 +537,7 @@ module CryptographyBase Input> { ( exists(KeyOperationInstance op | inputNode = op.getKeyConsumer()) or - exists(MACOperationInstance op | inputNode = op.getKeyConsumer()) + exists(MacOperationInstance op | inputNode = op.getKeyConsumer()) or exists(KeyAgreementSecretGenerationOperationInstance op | inputNode = op.getServerKeyConsumer() or @@ -937,30 +937,30 @@ module CryptographyBase Input> { abstract TPaddingType getPaddingType(); } - abstract class OAEPPaddingAlgorithmInstance extends PaddingAlgorithmInstance { - OAEPPaddingAlgorithmInstance() { this.getPaddingType() instanceof OAEP } + abstract class OaepPaddingAlgorithmInstance extends PaddingAlgorithmInstance { + OaepPaddingAlgorithmInstance() { this.getPaddingType() instanceof OAEP } /** * Gets the hash algorithm used in this padding scheme. */ - abstract HashAlgorithmInstance getOAEPEncodingHashAlgorithm(); + abstract HashAlgorithmInstance getOaepEncodingHashAlgorithm(); /** * Gets the hash algorithm used by MGF1 (assumption: MGF1 is the only MGF used by OAEP) */ - abstract HashAlgorithmInstance getMGF1HashAlgorithm(); + abstract HashAlgorithmInstance getMgf1HashAlgorithm(); } - newtype TMACType = + newtype TMacType = THMAC() or TCMAC() or TOtherMACType() - abstract class MACAlgorithmInstance extends AlgorithmInstance { + abstract class MacAlgorithmInstance extends AlgorithmInstance { /** * Gets the type of this MAC algorithm, e.g., "HMAC" or "CMAC". */ - abstract TMACType getMacType(); + abstract TMacType getMacType(); /** * Gets the isolated name as it appears in source, e.g., "HMAC-SHA256" in "HMAC-SHA256/UnrelatedInformation". @@ -970,7 +970,7 @@ module CryptographyBase Input> { abstract string getRawMacAlgorithmName(); } - abstract class MACOperationInstance extends OperationInstance { + abstract class MacOperationInstance extends OperationInstance { /** * Gets the message input used in this operation. */ @@ -982,8 +982,8 @@ module CryptographyBase Input> { abstract ConsumerInputDataFlowNode getKeyConsumer(); } - abstract class HMACAlgorithmInstance extends MACAlgorithmInstance { - HMACAlgorithmInstance() { this.getMacType() instanceof THMAC } + abstract class HmacAlgorithmInstance extends MacAlgorithmInstance { + HmacAlgorithmInstance() { this.getMacType() instanceof THMAC } /** * Gets the hash algorithm used by this HMAC algorithm. @@ -1060,8 +1060,10 @@ module CryptographyBase Input> { } /** - * Users should not extend this class directly, but instead use - * `KeyCreationOperationInstance` or `KeyDerivationOperationInstance`. + * An operation that generates, derives, or loads a cryptographic key. + * + * Library modeling should not extend this class directly but rather extend + * `KeyGenerationOperationInstance`, `KeyDerivationOperationInstance`, or `KeyLoadOperationInstance`. */ abstract class KeyCreationOperationInstance extends OperationInstance { abstract string getKeyCreationTypeDescription(); @@ -1087,6 +1089,9 @@ module CryptographyBase Input> { } } + /** + * An operation that derives a key from an input password or other data. + */ abstract class KeyDerivationOperationInstance extends KeyCreationOperationInstance { final override KeyArtifactType getOutputKeyType() { result instanceof TSymmetricKeyType } @@ -1120,16 +1125,16 @@ module CryptographyBase Input> { /** * Gets the type of this key derivation algorithm, e.g., "PBKDF2" or "HKDF". */ - abstract TKeyDerivationType getKDFType(); + abstract TKeyDerivationType getKdfType(); /** * Gets the isolated name as it appears in source, e.g., "PBKDF2WithHmacSHA256" in "PBKDF2WithHmacSHA256/UnrelatedInformation". */ - abstract string getRawKDFAlgorithmName(); + abstract string getRawKdfAlgorithmName(); } - abstract class PBKDF2AlgorithmInstance extends KeyDerivationAlgorithmInstance { - PBKDF2AlgorithmInstance() { this.getKDFType() instanceof PBKDF2 } + abstract class Pbkdf2AlgorithmInstance extends KeyDerivationAlgorithmInstance { + Pbkdf2AlgorithmInstance() { this.getKdfType() instanceof PBKDF2 } /** * Gets the HMAC algorithm used by this PBKDF2 algorithm. @@ -1137,11 +1142,11 @@ module CryptographyBase Input> { * Note: Other PRFs are not supported, as most cryptographic libraries * only support HMAC for PBKDF2's PRF input. */ - abstract AlgorithmValueConsumer getHMACAlgorithmValueConsumer(); + abstract AlgorithmValueConsumer getHmacAlgorithmValueConsumer(); } abstract class ScryptAlgorithmInstance extends KeyDerivationAlgorithmInstance { - ScryptAlgorithmInstance() { this.getKDFType() instanceof SCRYPT } + ScryptAlgorithmInstance() { this.getKdfType() instanceof SCRYPT } /** * Gets the HMAC algorithm used by this PBKDF2 algorithm. @@ -1149,7 +1154,7 @@ module CryptographyBase Input> { * Note: Other PRFs are not supported, as most cryptographic libraries * only support HMAC for PBKDF2's PRF input. */ - abstract AlgorithmValueConsumer getHMACAlgorithmValueConsumer(); + abstract AlgorithmValueConsumer getHmacAlgorithmValueConsumer(); } abstract class KeyGenerationOperationInstance extends KeyCreationOperationInstance { @@ -1216,7 +1221,7 @@ module CryptographyBase Input> { * This concept is used to model consumers that have no known source as an algorithm node. * * The `isCandidateAVCSig` predicate is used to restrict the set of consumers that expect inputs of `AlgorithmInstanceType`. - * These "total unknown" algorithm nodes would otherwise not exist if not modelled as a consumer node. + * These "total unknown" algorithm nodes would otherwise not exist if not modeled as a consumer node. */ module AlgorithmInstanceOrValueConsumer< AlgorithmInstanceType Alg, isCandidateAVCSig/1 isCandidateAVC> @@ -1237,58 +1242,58 @@ module CryptographyBase Input> { Alg asAlg() { result = this } - AlgorithmValueConsumer asAVC() { result = this and not this instanceof Alg } + AlgorithmValueConsumer asAvc() { result = this and not this instanceof Alg } } } - private predicate isHashAVC(AlgorithmValueConsumer avc) { + private predicate isHashAvc(AlgorithmValueConsumer avc) { exists(HashOperationInstance op | op.getAnAlgorithmValueConsumer() = avc) or - exists(HMACAlgorithmInstance alg | avc = alg.getAConsumer()) + exists(HmacAlgorithmInstance alg | avc = alg.getAConsumer()) } - private predicate isKeyOperationAlgorithmAVC(AlgorithmValueConsumer avc) { + private predicate isKeyOperationAlgorithmAvc(AlgorithmValueConsumer avc) { exists(KeyOperationInstance op | op.getAnAlgorithmValueConsumer() = avc) } - private predicate isMACAVC(AlgorithmValueConsumer avc) { - exists(MACOperationInstance op | op.getAnAlgorithmValueConsumer() = avc) or - exists(PBKDF2AlgorithmInstance alg | avc = alg.getHMACAlgorithmValueConsumer()) + private predicate isMacAvc(AlgorithmValueConsumer avc) { + exists(MacOperationInstance op | op.getAnAlgorithmValueConsumer() = avc) or + exists(Pbkdf2AlgorithmInstance alg | avc = alg.getHmacAlgorithmValueConsumer()) } - private predicate isKeyDerivationAVC(AlgorithmValueConsumer avc) { + private predicate isKeyDerivationAvc(AlgorithmValueConsumer avc) { exists(KeyDerivationOperationInstance op | op.getAnAlgorithmValueConsumer() = avc) } - private predicate isEllipticCurveAVC(AlgorithmValueConsumer avc) { + private predicate isEllipticCurveAvc(AlgorithmValueConsumer avc) { exists(ECDHKeyAgreementAlgorithmInstance alg | avc = alg.getEllipticCurveAlgorithmValueConsumer() ) or exists(KeyGenerationOperationInstance op | op.getAnAlgorithmValueConsumer() = avc) } - private predicate isKeyAgreementAVC(AlgorithmValueConsumer avc) { + private predicate isKeyAgreementAvc(AlgorithmValueConsumer avc) { exists(KeyAgreementSecretGenerationOperationInstance op | op.getAnAlgorithmValueConsumer() = avc ) } final private class KeyOperationAlgorithmInstanceOrValueConsumer = - AlgorithmInstanceOrValueConsumer::Union; + AlgorithmInstanceOrValueConsumer::Union; final private class HashAlgorithmInstanceOrValueConsumer = - AlgorithmInstanceOrValueConsumer::Union; + AlgorithmInstanceOrValueConsumer::Union; - final private class MACAlgorithmInstanceOrValueConsumer = - AlgorithmInstanceOrValueConsumer::Union; + final private class MacAlgorithmInstanceOrValueConsumer = + AlgorithmInstanceOrValueConsumer::Union; final private class KeyDerivationAlgorithmInstanceOrValueConsumer = - AlgorithmInstanceOrValueConsumer::Union; + AlgorithmInstanceOrValueConsumer::Union; final private class EllipticCurveInstanceOrValueConsumer = - AlgorithmInstanceOrValueConsumer::Union; + AlgorithmInstanceOrValueConsumer::Union; final private class KeyAgreementAlgorithmInstanceOrValueConsumer = - AlgorithmInstanceOrValueConsumer::Union; + AlgorithmInstanceOrValueConsumer::Union; private newtype TNode = // Output artifacts (data that is not an operation or algorithm, e.g., a key) @@ -1315,17 +1320,17 @@ module CryptographyBase Input> { TPaddingAlgorithm(PaddingAlgorithmInstance e) or // All other operations THashOperation(HashOperationInstance e) or - TMACOperation(MACOperationInstance e) or + TMACOperation(MacOperationInstance e) or TKeyAgreementOperation(KeyAgreementSecretGenerationOperationInstance e) or // All other algorithms TEllipticCurve(EllipticCurveInstanceOrValueConsumer e) or THashAlgorithm(HashAlgorithmInstanceOrValueConsumer e) or TKeyDerivationAlgorithm(KeyDerivationAlgorithmInstanceOrValueConsumer e) or - TMACAlgorithm(MACAlgorithmInstanceOrValueConsumer e) or + TMACAlgorithm(MacAlgorithmInstanceOrValueConsumer e) or TKeyAgreementAlgorithm(KeyAgreementAlgorithmInstanceOrValueConsumer e) or // Generic source nodes, i.e., sources of data that are not resolvable to a specific known asset. TGenericSourceNode(GenericSourceInstance e) { - // An element modelled as a `GenericSourceInstance` can also be modelled as a `KnownElement` + // An element modeled as a `GenericSourceInstance` can also be modeled as a `KnownElement` // For example, a string literal "AES" could be a generic constant but also an algorithm instance. // // Therefore, only create generic nodes tied to instances which are not also a `KnownElement`... @@ -1769,17 +1774,17 @@ module CryptographyBase Input> { /** * A MAC operation that produces a MAC value. */ - final class MACOperationNode extends OperationNode, TMACOperation { - MACOperationInstance instance; + final class MacOperationNode extends OperationNode, TMACOperation { + MacOperationInstance instance; - MACOperationNode() { this = TMACOperation(instance) } + MacOperationNode() { this = TMACOperation(instance) } final override string getInternalType() { result = "MACOperation" } override LocatableElement asElement() { result = instance } override predicate isCandidateAlgorithmNode(AlgorithmNode node) { - node instanceof MACAlgorithmNode + node instanceof MacAlgorithmNode } MessageArtifactNode getAMessage() { @@ -1804,10 +1809,10 @@ module CryptographyBase Input> { /** * A MAC algorithm, such as HMAC or CMAC. */ - class MACAlgorithmNode extends AlgorithmNode, TMACAlgorithm { - MACAlgorithmInstanceOrValueConsumer instance; + class MacAlgorithmNode extends AlgorithmNode, TMACAlgorithm { + MacAlgorithmInstanceOrValueConsumer instance; - MACAlgorithmNode() { this = TMACAlgorithm(instance) } + MacAlgorithmNode() { this = TMACAlgorithm(instance) } final override string getInternalType() { result = "MACAlgorithm" } @@ -1817,9 +1822,9 @@ module CryptographyBase Input> { result = instance.asAlg().getRawMacAlgorithmName() } - TMACType getMacType() { result = instance.asAlg().getMacType() } + TMacType getMacType() { result = instance.asAlg().getMacType() } - final private predicate macToNameMapping(TMACType type, string name) { + final private predicate macToNameMapping(TMacType type, string name) { type instanceof THMAC and name = "HMAC" } @@ -1827,10 +1832,10 @@ module CryptographyBase Input> { override string getAlgorithmName() { this.macToNameMapping(this.getMacType(), result) } } - final class HMACAlgorithmNode extends MACAlgorithmNode { - HMACAlgorithmInstance hmacInstance; + final class HmacAlgorithmNode extends MacAlgorithmNode { + HmacAlgorithmInstance hmacInstance; - HMACAlgorithmNode() { hmacInstance = instance.asAlg() } + HmacAlgorithmNode() { hmacInstance = instance.asAlg() } NodeBase getHashAlgorithmOrUnknown() { result.asElement() = hmacInstance.getHashAlgorithmValueConsumer().getASource() @@ -1993,22 +1998,22 @@ module CryptographyBase Input> { override LocatableElement asElement() { result = instance } final override string getRawAlgorithmName() { - result = instance.asAlg().getRawKDFAlgorithmName() + result = instance.asAlg().getRawKdfAlgorithmName() } override string getAlgorithmName() { result = this.getRawAlgorithmName() } // TODO: standardize? } /** - * PBKDF2 key derivation function + * A PBKDF2 (key derivation function) algorithm node. */ - class PBKDF2AlgorithmNode extends KeyDerivationAlgorithmNode { - PBKDF2AlgorithmInstance pbkdf2Instance; + class Pbkdf2AlgorithmNode extends KeyDerivationAlgorithmNode { + Pbkdf2AlgorithmInstance pbkdf2Instance; - PBKDF2AlgorithmNode() { pbkdf2Instance = instance.asAlg() } + Pbkdf2AlgorithmNode() { pbkdf2Instance = instance.asAlg() } - HMACAlgorithmNode getHMACAlgorithm() { - result.asElement() = pbkdf2Instance.getHMACAlgorithmValueConsumer().getASource() + HmacAlgorithmNode getHmacAlgorithm() { + result.asElement() = pbkdf2Instance.getHmacAlgorithmValueConsumer().getASource() } override NodeBase getChild(string key) { @@ -2016,12 +2021,12 @@ module CryptographyBase Input> { or // [KNOWN_OR_UNKNOWN] key = "PRF" and - if exists(this.getHMACAlgorithm()) then result = this.getHMACAlgorithm() else result = this + if exists(this.getHmacAlgorithm()) then result = this.getHmacAlgorithm() else result = this } } /** - * scrypt key derivation function + * An SCRYPT key derivation algorithm node. */ class ScryptAlgorithmNode extends KeyDerivationAlgorithmNode { ScryptAlgorithmInstance scryptInstance; @@ -2223,7 +2228,7 @@ module CryptographyBase Input> { } /** - * Block cipher modes of operation algorithms + * A block cipher mode of operation algorithm node. */ class ModeOfOperationAlgorithmNode extends AlgorithmNode, TModeOfOperationAlgorithm { ModeOfOperationAlgorithmInstance instance; @@ -2310,16 +2315,16 @@ module CryptographyBase Input> { } class OAEPPaddingAlgorithmNode extends PaddingAlgorithmNode { - override OAEPPaddingAlgorithmInstance instance; + override OaepPaddingAlgorithmInstance instance; OAEPPaddingAlgorithmNode() { this = TPaddingAlgorithm(instance) } HashAlgorithmNode getOAEPEncodingHashAlgorithm() { - result.asElement() = instance.getOAEPEncodingHashAlgorithm() + result.asElement() = instance.getOaepEncodingHashAlgorithm() } HashAlgorithmNode getMGF1HashAlgorithm() { - result.asElement() = instance.getMGF1HashAlgorithm() + result.asElement() = instance.getMgf1HashAlgorithm() } override NodeBase getChild(string edgeName) { @@ -2632,9 +2637,9 @@ module CryptographyBase Input> { /** * Holds if `name` corresponds to a known elliptic curve. * - * Note: As an exception, this predicate may be used for library modelling, as curve names are largely standardized. + * Note: As an exception, this predicate may be used for library modeling, as curve names are largely standardized. * - * When modelling, verify that this predicate offers sufficient coverage for the library and handle edge-cases. + * When modeling, verify that this predicate offers sufficient coverage for the library and handle edge-cases. */ bindingset[curveName] predicate isEllipticCurveAlgorithmName(string curveName) { @@ -2644,9 +2649,9 @@ module CryptographyBase Input> { /** * Relates elliptic curve names to their key size and family. * - * Note: As an exception, this predicate may be used for library modelling, as curve names are largely standardized. + * Note: As an exception, this predicate may be used for library modeling, as curve names are largely standardized. * - * When modelling, verify that this predicate offers sufficient coverage for the library and handle edge-cases. + * When modeling, verify that this predicate offers sufficient coverage for the library and handle edge-cases. */ bindingset[rawName] predicate ellipticCurveNameToKeySizeAndFamilyMapping( From 9021168725c4c5f15d1bd00b175d27535bbed5b5 Mon Sep 17 00:00:00 2001 From: Nick Rolfe Date: Wed, 25 Jun 2025 15:10:15 +0100 Subject: [PATCH 061/111] QL: fix stats-collection workflow --- .github/workflows/ql-for-ql-dataset_measure.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ql-for-ql-dataset_measure.yml b/.github/workflows/ql-for-ql-dataset_measure.yml index d133eb0ad35..c3441ffa407 100644 --- a/.github/workflows/ql-for-ql-dataset_measure.yml +++ b/.github/workflows/ql-for-ql-dataset_measure.yml @@ -53,7 +53,7 @@ jobs: - name: Create database run: | "${CODEQL}" database create \ - --search-path "${{ github.workspace }}" + --search-path "${{ github.workspace }}" \ --threads 4 \ --language ql --source-root "${{ github.workspace }}/repo" \ "${{ runner.temp }}/database" From 57b866bbe147da8a7c5876f8afb99a4a5e633507 Mon Sep 17 00:00:00 2001 From: Nick Rolfe Date: Wed, 25 Jun 2025 12:34:06 +0100 Subject: [PATCH 062/111] Ruby/Rust/QL: move databaseMetadata to prefix.dbscheme This has no effect on ruby.dbscheme, and adds the relation to ql.dbscheme and rust.dbscheme. (The relation will be required for overlay support). --- ql/ql/src/ql.dbscheme | 6 + ql/ql/src/ql.dbscheme.stats | 36 + .../old.dbscheme | 3638 +++++++++++++++++ .../rust.dbscheme | 3632 ++++++++++++++++ .../upgrade.properties | 3 + rust/ql/lib/rust.dbscheme | 6 + .../old.dbscheme | 3632 ++++++++++++++++ .../rust.dbscheme | 3638 +++++++++++++++++ .../upgrade.properties | 2 + .../src/generator/mod.rs | 33 - .../src/generator/prefix.dbscheme | 6 + 11 files changed, 14599 insertions(+), 33 deletions(-) create mode 100644 rust/downgrades/f72a3d8d021c81c67ba046c6af15c61a79cb8163/old.dbscheme create mode 100644 rust/downgrades/f72a3d8d021c81c67ba046c6af15c61a79cb8163/rust.dbscheme create mode 100644 rust/downgrades/f72a3d8d021c81c67ba046c6af15c61a79cb8163/upgrade.properties create mode 100644 rust/ql/lib/upgrades/e3b3765116ecb8d796979f0b4787926cb8d691b5/old.dbscheme create mode 100644 rust/ql/lib/upgrades/e3b3765116ecb8d796979f0b4787926cb8d691b5/rust.dbscheme create mode 100644 rust/ql/lib/upgrades/e3b3765116ecb8d796979f0b4787926cb8d691b5/upgrade.properties diff --git a/ql/ql/src/ql.dbscheme b/ql/ql/src/ql.dbscheme index 6b7646b90f9..d2a00208469 100644 --- a/ql/ql/src/ql.dbscheme +++ b/ql/ql/src/ql.dbscheme @@ -108,6 +108,12 @@ yaml_locations(unique int locatable: @yaml_locatable ref, @yaml_locatable = @yaml_node | @yaml_error; +/*- Database metadata -*/ +databaseMetadata( + string metadataKey: string ref, + string value: string ref +); + /*- QL dbscheme -*/ @ql_add_expr_left_type = @ql_add_expr | @ql_aggregate | @ql_call_or_unqual_agg_expr | @ql_comp_term | @ql_conjunction | @ql_disjunction | @ql_expr_annotation | @ql_if_term | @ql_implication | @ql_in_expr | @ql_instance_of | @ql_literal | @ql_mul_expr | @ql_negation | @ql_par_expr | @ql_prefix_cast | @ql_qualified_expr | @ql_quantified | @ql_range | @ql_set_literal | @ql_special_call | @ql_super_ref | @ql_unary_expr | @ql_variable diff --git a/ql/ql/src/ql.dbscheme.stats b/ql/ql/src/ql.dbscheme.stats index 1e992f7d7a4..8a586681263 100644 --- a/ql/ql/src/ql.dbscheme.stats +++ b/ql/ql/src/ql.dbscheme.stats @@ -22436,5 +22436,41 @@ + + databaseMetadata + 1 + + + metadataKey + 1 + + + value + 1 + + + + + metadataKey + value + + + 12 + + + + + + value + metadataKey + + + 12 + + + + + + diff --git a/rust/downgrades/f72a3d8d021c81c67ba046c6af15c61a79cb8163/old.dbscheme b/rust/downgrades/f72a3d8d021c81c67ba046c6af15c61a79cb8163/old.dbscheme new file mode 100644 index 00000000000..f72a3d8d021 --- /dev/null +++ b/rust/downgrades/f72a3d8d021c81c67ba046c6af15c61a79cb8163/old.dbscheme @@ -0,0 +1,3638 @@ +// generated by codegen, do not edit + +// from ../shared/tree-sitter-extractor/src/generator/prefix.dbscheme +/*- Files and folders -*/ + +/** + * The location of an element. + * The location spans column `startcolumn` of line `startline` to + * column `endcolumn` of line `endline` in file `file`. + * For more information, see + * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). + */ +locations_default( + unique int id: @location_default, + int file: @file ref, + int beginLine: int ref, + int beginColumn: int ref, + int endLine: int ref, + int endColumn: int ref +); + +files( + unique int id: @file, + string name: string ref +); + +folders( + unique int id: @folder, + string name: string ref +); + +@container = @file | @folder + +containerparent( + int parent: @container ref, + unique int child: @container ref +); + +/*- Empty location -*/ + +empty_location( + int location: @location_default ref +); + +/*- Source location prefix -*/ + +/** + * The source location of the snapshot. + */ +sourceLocationPrefix(string prefix : string ref); + +/*- Diagnostic messages -*/ + +diagnostics( + unique int id: @diagnostic, + int severity: int ref, + string error_tag: string ref, + string error_message: string ref, + string full_error_message: string ref, + int location: @location_default ref +); + +/*- Diagnostic messages: severity -*/ + +case @diagnostic.severity of + 10 = @diagnostic_debug +| 20 = @diagnostic_info +| 30 = @diagnostic_warning +| 40 = @diagnostic_error +; + +/*- YAML -*/ + +#keyset[parent, idx] +yaml (unique int id: @yaml_node, + int kind: int ref, + int parent: @yaml_node_parent ref, + int idx: int ref, + string tag: string ref, + string tostring: string ref); + +case @yaml_node.kind of + 0 = @yaml_scalar_node +| 1 = @yaml_mapping_node +| 2 = @yaml_sequence_node +| 3 = @yaml_alias_node +; + +@yaml_collection_node = @yaml_mapping_node | @yaml_sequence_node; + +@yaml_node_parent = @yaml_collection_node | @file; + +yaml_anchors (unique int node: @yaml_node ref, + string anchor: string ref); + +yaml_aliases (unique int alias: @yaml_alias_node ref, + string target: string ref); + +yaml_scalars (unique int scalar: @yaml_scalar_node ref, + int style: int ref, + string value: string ref); + +yaml_errors (unique int id: @yaml_error, + string message: string ref); + +yaml_locations(unique int locatable: @yaml_locatable ref, + int location: @location_default ref); + +@yaml_locatable = @yaml_node | @yaml_error; + +/*- Database metadata -*/ +databaseMetadata( + string metadataKey: string ref, + string value: string ref +); + + +// from prefix.dbscheme +#keyset[id] +locatable_locations( + int id: @locatable ref, + int location: @location_default ref +); + + +// from schema + +@element = + @extractor_step +| @locatable +| @named_crate +| @unextracted +; + +extractor_steps( + unique int id: @extractor_step, + string action: string ref, + int duration_ms: int ref +); + +#keyset[id] +extractor_step_files( + int id: @extractor_step ref, + int file: @file ref +); + +@locatable = + @ast_node +| @crate +; + +named_crates( + unique int id: @named_crate, + string name: string ref, + int crate: @crate ref +); + +@unextracted = + @missing +| @unimplemented +; + +@ast_node = + @abi +| @addressable +| @arg_list +| @asm_dir_spec +| @asm_operand +| @asm_operand_expr +| @asm_option +| @asm_piece +| @asm_reg_spec +| @assoc_item +| @assoc_item_list +| @attr +| @callable +| @closure_binder +| @expr +| @extern_item +| @extern_item_list +| @field_list +| @format_args_arg +| @generic_arg +| @generic_arg_list +| @generic_param +| @generic_param_list +| @item_list +| @label +| @let_else +| @macro_items +| @match_arm +| @match_arm_list +| @match_guard +| @meta +| @name +| @param_base +| @param_list +| @parenthesized_arg_list +| @pat +| @path +| @path_segment +| @rename +| @resolvable +| @ret_type_repr +| @return_type_syntax +| @source_file +| @stmt +| @stmt_list +| @struct_expr_field +| @struct_expr_field_list +| @struct_field +| @struct_pat_field +| @struct_pat_field_list +| @token +| @token_tree +| @tuple_field +| @type_bound +| @type_bound_list +| @type_repr +| @use_bound_generic_arg +| @use_bound_generic_args +| @use_tree +| @use_tree_list +| @variant_list +| @visibility +| @where_clause +| @where_pred +; + +crates( + unique int id: @crate +); + +#keyset[id] +crate_names( + int id: @crate ref, + string name: string ref +); + +#keyset[id] +crate_versions( + int id: @crate ref, + string version: string ref +); + +#keyset[id, index] +crate_cfg_options( + int id: @crate ref, + int index: int ref, + string cfg_option: string ref +); + +#keyset[id, index] +crate_named_dependencies( + int id: @crate ref, + int index: int ref, + int named_dependency: @named_crate ref +); + +missings( + unique int id: @missing +); + +unimplementeds( + unique int id: @unimplemented +); + +abis( + unique int id: @abi +); + +#keyset[id] +abi_abi_strings( + int id: @abi ref, + string abi_string: string ref +); + +@addressable = + @item +| @variant +; + +#keyset[id] +addressable_extended_canonical_paths( + int id: @addressable ref, + string extended_canonical_path: string ref +); + +#keyset[id] +addressable_crate_origins( + int id: @addressable ref, + string crate_origin: string ref +); + +arg_lists( + unique int id: @arg_list +); + +#keyset[id, index] +arg_list_args( + int id: @arg_list ref, + int index: int ref, + int arg: @expr ref +); + +asm_dir_specs( + unique int id: @asm_dir_spec +); + +@asm_operand = + @asm_const +| @asm_label +| @asm_reg_operand +| @asm_sym +; + +asm_operand_exprs( + unique int id: @asm_operand_expr +); + +#keyset[id] +asm_operand_expr_in_exprs( + int id: @asm_operand_expr ref, + int in_expr: @expr ref +); + +#keyset[id] +asm_operand_expr_out_exprs( + int id: @asm_operand_expr ref, + int out_expr: @expr ref +); + +asm_options( + unique int id: @asm_option +); + +#keyset[id] +asm_option_is_raw( + int id: @asm_option ref +); + +@asm_piece = + @asm_clobber_abi +| @asm_operand_named +| @asm_options_list +; + +asm_reg_specs( + unique int id: @asm_reg_spec +); + +#keyset[id] +asm_reg_spec_identifiers( + int id: @asm_reg_spec ref, + int identifier: @name_ref ref +); + +@assoc_item = + @const +| @function +| @macro_call +| @type_alias +; + +assoc_item_lists( + unique int id: @assoc_item_list +); + +#keyset[id, index] +assoc_item_list_assoc_items( + int id: @assoc_item_list ref, + int index: int ref, + int assoc_item: @assoc_item ref +); + +#keyset[id, index] +assoc_item_list_attrs( + int id: @assoc_item_list ref, + int index: int ref, + int attr: @attr ref +); + +attrs( + unique int id: @attr +); + +#keyset[id] +attr_meta( + int id: @attr ref, + int meta: @meta ref +); + +@callable = + @closure_expr +| @function +; + +#keyset[id] +callable_param_lists( + int id: @callable ref, + int param_list: @param_list ref +); + +#keyset[id, index] +callable_attrs( + int id: @callable ref, + int index: int ref, + int attr: @attr ref +); + +closure_binders( + unique int id: @closure_binder +); + +#keyset[id] +closure_binder_generic_param_lists( + int id: @closure_binder ref, + int generic_param_list: @generic_param_list ref +); + +@expr = + @array_expr_internal +| @asm_expr +| @await_expr +| @become_expr +| @binary_expr +| @break_expr +| @call_expr_base +| @cast_expr +| @closure_expr +| @continue_expr +| @field_expr +| @format_args_expr +| @if_expr +| @index_expr +| @labelable_expr +| @let_expr +| @literal_expr +| @macro_block_expr +| @macro_expr +| @match_expr +| @offset_of_expr +| @paren_expr +| @path_expr_base +| @prefix_expr +| @range_expr +| @ref_expr +| @return_expr +| @struct_expr +| @try_expr +| @tuple_expr +| @underscore_expr +| @yeet_expr +| @yield_expr +; + +@extern_item = + @function +| @macro_call +| @static +| @type_alias +; + +extern_item_lists( + unique int id: @extern_item_list +); + +#keyset[id, index] +extern_item_list_attrs( + int id: @extern_item_list ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id, index] +extern_item_list_extern_items( + int id: @extern_item_list ref, + int index: int ref, + int extern_item: @extern_item ref +); + +@field_list = + @struct_field_list +| @tuple_field_list +; + +format_args_args( + unique int id: @format_args_arg +); + +#keyset[id] +format_args_arg_exprs( + int id: @format_args_arg ref, + int expr: @expr ref +); + +#keyset[id] +format_args_arg_names( + int id: @format_args_arg ref, + int name: @name ref +); + +@generic_arg = + @assoc_type_arg +| @const_arg +| @lifetime_arg +| @type_arg +; + +generic_arg_lists( + unique int id: @generic_arg_list +); + +#keyset[id, index] +generic_arg_list_generic_args( + int id: @generic_arg_list ref, + int index: int ref, + int generic_arg: @generic_arg ref +); + +@generic_param = + @const_param +| @lifetime_param +| @type_param +; + +generic_param_lists( + unique int id: @generic_param_list +); + +#keyset[id, index] +generic_param_list_generic_params( + int id: @generic_param_list ref, + int index: int ref, + int generic_param: @generic_param ref +); + +item_lists( + unique int id: @item_list +); + +#keyset[id, index] +item_list_attrs( + int id: @item_list ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id, index] +item_list_items( + int id: @item_list ref, + int index: int ref, + int item: @item ref +); + +labels( + unique int id: @label +); + +#keyset[id] +label_lifetimes( + int id: @label ref, + int lifetime: @lifetime ref +); + +let_elses( + unique int id: @let_else +); + +#keyset[id] +let_else_block_exprs( + int id: @let_else ref, + int block_expr: @block_expr ref +); + +macro_items( + unique int id: @macro_items +); + +#keyset[id, index] +macro_items_items( + int id: @macro_items ref, + int index: int ref, + int item: @item ref +); + +match_arms( + unique int id: @match_arm +); + +#keyset[id, index] +match_arm_attrs( + int id: @match_arm ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +match_arm_exprs( + int id: @match_arm ref, + int expr: @expr ref +); + +#keyset[id] +match_arm_guards( + int id: @match_arm ref, + int guard: @match_guard ref +); + +#keyset[id] +match_arm_pats( + int id: @match_arm ref, + int pat: @pat ref +); + +match_arm_lists( + unique int id: @match_arm_list +); + +#keyset[id, index] +match_arm_list_arms( + int id: @match_arm_list ref, + int index: int ref, + int arm: @match_arm ref +); + +#keyset[id, index] +match_arm_list_attrs( + int id: @match_arm_list ref, + int index: int ref, + int attr: @attr ref +); + +match_guards( + unique int id: @match_guard +); + +#keyset[id] +match_guard_conditions( + int id: @match_guard ref, + int condition: @expr ref +); + +meta( + unique int id: @meta +); + +#keyset[id] +meta_exprs( + int id: @meta ref, + int expr: @expr ref +); + +#keyset[id] +meta_is_unsafe( + int id: @meta ref +); + +#keyset[id] +meta_paths( + int id: @meta ref, + int path: @path ref +); + +#keyset[id] +meta_token_trees( + int id: @meta ref, + int token_tree: @token_tree ref +); + +names( + unique int id: @name +); + +#keyset[id] +name_texts( + int id: @name ref, + string text: string ref +); + +@param_base = + @param +| @self_param +; + +#keyset[id, index] +param_base_attrs( + int id: @param_base ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +param_base_type_reprs( + int id: @param_base ref, + int type_repr: @type_repr ref +); + +param_lists( + unique int id: @param_list +); + +#keyset[id, index] +param_list_params( + int id: @param_list ref, + int index: int ref, + int param: @param ref +); + +#keyset[id] +param_list_self_params( + int id: @param_list ref, + int self_param: @self_param ref +); + +parenthesized_arg_lists( + unique int id: @parenthesized_arg_list +); + +#keyset[id, index] +parenthesized_arg_list_type_args( + int id: @parenthesized_arg_list ref, + int index: int ref, + int type_arg: @type_arg ref +); + +@pat = + @box_pat +| @const_block_pat +| @ident_pat +| @literal_pat +| @macro_pat +| @or_pat +| @paren_pat +| @path_pat +| @range_pat +| @ref_pat +| @rest_pat +| @slice_pat +| @struct_pat +| @tuple_pat +| @tuple_struct_pat +| @wildcard_pat +; + +paths( + unique int id: @path +); + +#keyset[id] +path_qualifiers( + int id: @path ref, + int qualifier: @path ref +); + +#keyset[id] +path_segments_( + int id: @path ref, + int segment: @path_segment ref +); + +path_segments( + unique int id: @path_segment +); + +#keyset[id] +path_segment_generic_arg_lists( + int id: @path_segment ref, + int generic_arg_list: @generic_arg_list ref +); + +#keyset[id] +path_segment_identifiers( + int id: @path_segment ref, + int identifier: @name_ref ref +); + +#keyset[id] +path_segment_parenthesized_arg_lists( + int id: @path_segment ref, + int parenthesized_arg_list: @parenthesized_arg_list ref +); + +#keyset[id] +path_segment_ret_types( + int id: @path_segment ref, + int ret_type: @ret_type_repr ref +); + +#keyset[id] +path_segment_return_type_syntaxes( + int id: @path_segment ref, + int return_type_syntax: @return_type_syntax ref +); + +#keyset[id] +path_segment_type_reprs( + int id: @path_segment ref, + int type_repr: @type_repr ref +); + +#keyset[id] +path_segment_trait_type_reprs( + int id: @path_segment ref, + int trait_type_repr: @path_type_repr ref +); + +renames( + unique int id: @rename +); + +#keyset[id] +rename_names( + int id: @rename ref, + int name: @name ref +); + +@resolvable = + @method_call_expr +| @path_ast_node +; + +#keyset[id] +resolvable_resolved_paths( + int id: @resolvable ref, + string resolved_path: string ref +); + +#keyset[id] +resolvable_resolved_crate_origins( + int id: @resolvable ref, + string resolved_crate_origin: string ref +); + +ret_type_reprs( + unique int id: @ret_type_repr +); + +#keyset[id] +ret_type_repr_type_reprs( + int id: @ret_type_repr ref, + int type_repr: @type_repr ref +); + +return_type_syntaxes( + unique int id: @return_type_syntax +); + +source_files( + unique int id: @source_file +); + +#keyset[id, index] +source_file_attrs( + int id: @source_file ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id, index] +source_file_items( + int id: @source_file ref, + int index: int ref, + int item: @item ref +); + +@stmt = + @expr_stmt +| @item +| @let_stmt +; + +stmt_lists( + unique int id: @stmt_list +); + +#keyset[id, index] +stmt_list_attrs( + int id: @stmt_list ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id, index] +stmt_list_statements( + int id: @stmt_list ref, + int index: int ref, + int statement: @stmt ref +); + +#keyset[id] +stmt_list_tail_exprs( + int id: @stmt_list ref, + int tail_expr: @expr ref +); + +struct_expr_fields( + unique int id: @struct_expr_field +); + +#keyset[id, index] +struct_expr_field_attrs( + int id: @struct_expr_field ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +struct_expr_field_exprs( + int id: @struct_expr_field ref, + int expr: @expr ref +); + +#keyset[id] +struct_expr_field_identifiers( + int id: @struct_expr_field ref, + int identifier: @name_ref ref +); + +struct_expr_field_lists( + unique int id: @struct_expr_field_list +); + +#keyset[id, index] +struct_expr_field_list_attrs( + int id: @struct_expr_field_list ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id, index] +struct_expr_field_list_fields( + int id: @struct_expr_field_list ref, + int index: int ref, + int field: @struct_expr_field ref +); + +#keyset[id] +struct_expr_field_list_spreads( + int id: @struct_expr_field_list ref, + int spread: @expr ref +); + +struct_fields( + unique int id: @struct_field +); + +#keyset[id, index] +struct_field_attrs( + int id: @struct_field ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +struct_field_defaults( + int id: @struct_field ref, + int default: @expr ref +); + +#keyset[id] +struct_field_is_unsafe( + int id: @struct_field ref +); + +#keyset[id] +struct_field_names( + int id: @struct_field ref, + int name: @name ref +); + +#keyset[id] +struct_field_type_reprs( + int id: @struct_field ref, + int type_repr: @type_repr ref +); + +#keyset[id] +struct_field_visibilities( + int id: @struct_field ref, + int visibility: @visibility ref +); + +struct_pat_fields( + unique int id: @struct_pat_field +); + +#keyset[id, index] +struct_pat_field_attrs( + int id: @struct_pat_field ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +struct_pat_field_identifiers( + int id: @struct_pat_field ref, + int identifier: @name_ref ref +); + +#keyset[id] +struct_pat_field_pats( + int id: @struct_pat_field ref, + int pat: @pat ref +); + +struct_pat_field_lists( + unique int id: @struct_pat_field_list +); + +#keyset[id, index] +struct_pat_field_list_fields( + int id: @struct_pat_field_list ref, + int index: int ref, + int field: @struct_pat_field ref +); + +#keyset[id] +struct_pat_field_list_rest_pats( + int id: @struct_pat_field_list ref, + int rest_pat: @rest_pat ref +); + +@token = + @comment +; + +token_trees( + unique int id: @token_tree +); + +tuple_fields( + unique int id: @tuple_field +); + +#keyset[id, index] +tuple_field_attrs( + int id: @tuple_field ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +tuple_field_type_reprs( + int id: @tuple_field ref, + int type_repr: @type_repr ref +); + +#keyset[id] +tuple_field_visibilities( + int id: @tuple_field ref, + int visibility: @visibility ref +); + +type_bounds( + unique int id: @type_bound +); + +#keyset[id] +type_bound_is_async( + int id: @type_bound ref +); + +#keyset[id] +type_bound_is_const( + int id: @type_bound ref +); + +#keyset[id] +type_bound_lifetimes( + int id: @type_bound ref, + int lifetime: @lifetime ref +); + +#keyset[id] +type_bound_type_reprs( + int id: @type_bound ref, + int type_repr: @type_repr ref +); + +#keyset[id] +type_bound_use_bound_generic_args( + int id: @type_bound ref, + int use_bound_generic_args: @use_bound_generic_args ref +); + +type_bound_lists( + unique int id: @type_bound_list +); + +#keyset[id, index] +type_bound_list_bounds( + int id: @type_bound_list ref, + int index: int ref, + int bound: @type_bound ref +); + +@type_repr = + @array_type_repr +| @dyn_trait_type_repr +| @fn_ptr_type_repr +| @for_type_repr +| @impl_trait_type_repr +| @infer_type_repr +| @macro_type_repr +| @never_type_repr +| @paren_type_repr +| @path_type_repr +| @ptr_type_repr +| @ref_type_repr +| @slice_type_repr +| @tuple_type_repr +; + +@use_bound_generic_arg = + @lifetime +| @name_ref +; + +use_bound_generic_args( + unique int id: @use_bound_generic_args +); + +#keyset[id, index] +use_bound_generic_args_use_bound_generic_args( + int id: @use_bound_generic_args ref, + int index: int ref, + int use_bound_generic_arg: @use_bound_generic_arg ref +); + +use_trees( + unique int id: @use_tree +); + +#keyset[id] +use_tree_is_glob( + int id: @use_tree ref +); + +#keyset[id] +use_tree_paths( + int id: @use_tree ref, + int path: @path ref +); + +#keyset[id] +use_tree_renames( + int id: @use_tree ref, + int rename: @rename ref +); + +#keyset[id] +use_tree_use_tree_lists( + int id: @use_tree ref, + int use_tree_list: @use_tree_list ref +); + +use_tree_lists( + unique int id: @use_tree_list +); + +#keyset[id, index] +use_tree_list_use_trees( + int id: @use_tree_list ref, + int index: int ref, + int use_tree: @use_tree ref +); + +variant_lists( + unique int id: @variant_list +); + +#keyset[id, index] +variant_list_variants( + int id: @variant_list ref, + int index: int ref, + int variant: @variant ref +); + +visibilities( + unique int id: @visibility +); + +#keyset[id] +visibility_paths( + int id: @visibility ref, + int path: @path ref +); + +where_clauses( + unique int id: @where_clause +); + +#keyset[id, index] +where_clause_predicates( + int id: @where_clause ref, + int index: int ref, + int predicate: @where_pred ref +); + +where_preds( + unique int id: @where_pred +); + +#keyset[id] +where_pred_generic_param_lists( + int id: @where_pred ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +where_pred_lifetimes( + int id: @where_pred ref, + int lifetime: @lifetime ref +); + +#keyset[id] +where_pred_type_reprs( + int id: @where_pred ref, + int type_repr: @type_repr ref +); + +#keyset[id] +where_pred_type_bound_lists( + int id: @where_pred ref, + int type_bound_list: @type_bound_list ref +); + +array_expr_internals( + unique int id: @array_expr_internal +); + +#keyset[id, index] +array_expr_internal_attrs( + int id: @array_expr_internal ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id, index] +array_expr_internal_exprs( + int id: @array_expr_internal ref, + int index: int ref, + int expr: @expr ref +); + +#keyset[id] +array_expr_internal_is_semicolon( + int id: @array_expr_internal ref +); + +array_type_reprs( + unique int id: @array_type_repr +); + +#keyset[id] +array_type_repr_const_args( + int id: @array_type_repr ref, + int const_arg: @const_arg ref +); + +#keyset[id] +array_type_repr_element_type_reprs( + int id: @array_type_repr ref, + int element_type_repr: @type_repr ref +); + +asm_clobber_abis( + unique int id: @asm_clobber_abi +); + +asm_consts( + unique int id: @asm_const +); + +#keyset[id] +asm_const_exprs( + int id: @asm_const ref, + int expr: @expr ref +); + +#keyset[id] +asm_const_is_const( + int id: @asm_const ref +); + +asm_exprs( + unique int id: @asm_expr +); + +#keyset[id, index] +asm_expr_asm_pieces( + int id: @asm_expr ref, + int index: int ref, + int asm_piece: @asm_piece ref +); + +#keyset[id, index] +asm_expr_attrs( + int id: @asm_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id, index] +asm_expr_templates( + int id: @asm_expr ref, + int index: int ref, + int template: @expr ref +); + +asm_labels( + unique int id: @asm_label +); + +#keyset[id] +asm_label_block_exprs( + int id: @asm_label ref, + int block_expr: @block_expr ref +); + +asm_operand_nameds( + unique int id: @asm_operand_named +); + +#keyset[id] +asm_operand_named_asm_operands( + int id: @asm_operand_named ref, + int asm_operand: @asm_operand ref +); + +#keyset[id] +asm_operand_named_names( + int id: @asm_operand_named ref, + int name: @name ref +); + +asm_options_lists( + unique int id: @asm_options_list +); + +#keyset[id, index] +asm_options_list_asm_options( + int id: @asm_options_list ref, + int index: int ref, + int asm_option: @asm_option ref +); + +asm_reg_operands( + unique int id: @asm_reg_operand +); + +#keyset[id] +asm_reg_operand_asm_dir_specs( + int id: @asm_reg_operand ref, + int asm_dir_spec: @asm_dir_spec ref +); + +#keyset[id] +asm_reg_operand_asm_operand_exprs( + int id: @asm_reg_operand ref, + int asm_operand_expr: @asm_operand_expr ref +); + +#keyset[id] +asm_reg_operand_asm_reg_specs( + int id: @asm_reg_operand ref, + int asm_reg_spec: @asm_reg_spec ref +); + +asm_syms( + unique int id: @asm_sym +); + +#keyset[id] +asm_sym_paths( + int id: @asm_sym ref, + int path: @path ref +); + +assoc_type_args( + unique int id: @assoc_type_arg +); + +#keyset[id] +assoc_type_arg_const_args( + int id: @assoc_type_arg ref, + int const_arg: @const_arg ref +); + +#keyset[id] +assoc_type_arg_generic_arg_lists( + int id: @assoc_type_arg ref, + int generic_arg_list: @generic_arg_list ref +); + +#keyset[id] +assoc_type_arg_identifiers( + int id: @assoc_type_arg ref, + int identifier: @name_ref ref +); + +#keyset[id] +assoc_type_arg_param_lists( + int id: @assoc_type_arg ref, + int param_list: @param_list ref +); + +#keyset[id] +assoc_type_arg_ret_types( + int id: @assoc_type_arg ref, + int ret_type: @ret_type_repr ref +); + +#keyset[id] +assoc_type_arg_return_type_syntaxes( + int id: @assoc_type_arg ref, + int return_type_syntax: @return_type_syntax ref +); + +#keyset[id] +assoc_type_arg_type_reprs( + int id: @assoc_type_arg ref, + int type_repr: @type_repr ref +); + +#keyset[id] +assoc_type_arg_type_bound_lists( + int id: @assoc_type_arg ref, + int type_bound_list: @type_bound_list ref +); + +await_exprs( + unique int id: @await_expr +); + +#keyset[id, index] +await_expr_attrs( + int id: @await_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +await_expr_exprs( + int id: @await_expr ref, + int expr: @expr ref +); + +become_exprs( + unique int id: @become_expr +); + +#keyset[id, index] +become_expr_attrs( + int id: @become_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +become_expr_exprs( + int id: @become_expr ref, + int expr: @expr ref +); + +binary_exprs( + unique int id: @binary_expr +); + +#keyset[id, index] +binary_expr_attrs( + int id: @binary_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +binary_expr_lhs( + int id: @binary_expr ref, + int lhs: @expr ref +); + +#keyset[id] +binary_expr_operator_names( + int id: @binary_expr ref, + string operator_name: string ref +); + +#keyset[id] +binary_expr_rhs( + int id: @binary_expr ref, + int rhs: @expr ref +); + +box_pats( + unique int id: @box_pat +); + +#keyset[id] +box_pat_pats( + int id: @box_pat ref, + int pat: @pat ref +); + +break_exprs( + unique int id: @break_expr +); + +#keyset[id, index] +break_expr_attrs( + int id: @break_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +break_expr_exprs( + int id: @break_expr ref, + int expr: @expr ref +); + +#keyset[id] +break_expr_lifetimes( + int id: @break_expr ref, + int lifetime: @lifetime ref +); + +@call_expr_base = + @call_expr +| @method_call_expr +; + +#keyset[id] +call_expr_base_arg_lists( + int id: @call_expr_base ref, + int arg_list: @arg_list ref +); + +#keyset[id, index] +call_expr_base_attrs( + int id: @call_expr_base ref, + int index: int ref, + int attr: @attr ref +); + +cast_exprs( + unique int id: @cast_expr +); + +#keyset[id, index] +cast_expr_attrs( + int id: @cast_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +cast_expr_exprs( + int id: @cast_expr ref, + int expr: @expr ref +); + +#keyset[id] +cast_expr_type_reprs( + int id: @cast_expr ref, + int type_repr: @type_repr ref +); + +closure_exprs( + unique int id: @closure_expr +); + +#keyset[id] +closure_expr_bodies( + int id: @closure_expr ref, + int body: @expr ref +); + +#keyset[id] +closure_expr_closure_binders( + int id: @closure_expr ref, + int closure_binder: @closure_binder ref +); + +#keyset[id] +closure_expr_is_async( + int id: @closure_expr ref +); + +#keyset[id] +closure_expr_is_const( + int id: @closure_expr ref +); + +#keyset[id] +closure_expr_is_gen( + int id: @closure_expr ref +); + +#keyset[id] +closure_expr_is_move( + int id: @closure_expr ref +); + +#keyset[id] +closure_expr_is_static( + int id: @closure_expr ref +); + +#keyset[id] +closure_expr_ret_types( + int id: @closure_expr ref, + int ret_type: @ret_type_repr ref +); + +comments( + unique int id: @comment, + int parent: @ast_node ref, + string text: string ref +); + +const_args( + unique int id: @const_arg +); + +#keyset[id] +const_arg_exprs( + int id: @const_arg ref, + int expr: @expr ref +); + +const_block_pats( + unique int id: @const_block_pat +); + +#keyset[id] +const_block_pat_block_exprs( + int id: @const_block_pat ref, + int block_expr: @block_expr ref +); + +#keyset[id] +const_block_pat_is_const( + int id: @const_block_pat ref +); + +const_params( + unique int id: @const_param +); + +#keyset[id, index] +const_param_attrs( + int id: @const_param ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +const_param_default_vals( + int id: @const_param ref, + int default_val: @const_arg ref +); + +#keyset[id] +const_param_is_const( + int id: @const_param ref +); + +#keyset[id] +const_param_names( + int id: @const_param ref, + int name: @name ref +); + +#keyset[id] +const_param_type_reprs( + int id: @const_param ref, + int type_repr: @type_repr ref +); + +continue_exprs( + unique int id: @continue_expr +); + +#keyset[id, index] +continue_expr_attrs( + int id: @continue_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +continue_expr_lifetimes( + int id: @continue_expr ref, + int lifetime: @lifetime ref +); + +dyn_trait_type_reprs( + unique int id: @dyn_trait_type_repr +); + +#keyset[id] +dyn_trait_type_repr_type_bound_lists( + int id: @dyn_trait_type_repr ref, + int type_bound_list: @type_bound_list ref +); + +expr_stmts( + unique int id: @expr_stmt +); + +#keyset[id] +expr_stmt_exprs( + int id: @expr_stmt ref, + int expr: @expr ref +); + +field_exprs( + unique int id: @field_expr +); + +#keyset[id, index] +field_expr_attrs( + int id: @field_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +field_expr_containers( + int id: @field_expr ref, + int container: @expr ref +); + +#keyset[id] +field_expr_identifiers( + int id: @field_expr ref, + int identifier: @name_ref ref +); + +fn_ptr_type_reprs( + unique int id: @fn_ptr_type_repr +); + +#keyset[id] +fn_ptr_type_repr_abis( + int id: @fn_ptr_type_repr ref, + int abi: @abi ref +); + +#keyset[id] +fn_ptr_type_repr_is_async( + int id: @fn_ptr_type_repr ref +); + +#keyset[id] +fn_ptr_type_repr_is_const( + int id: @fn_ptr_type_repr ref +); + +#keyset[id] +fn_ptr_type_repr_is_unsafe( + int id: @fn_ptr_type_repr ref +); + +#keyset[id] +fn_ptr_type_repr_param_lists( + int id: @fn_ptr_type_repr ref, + int param_list: @param_list ref +); + +#keyset[id] +fn_ptr_type_repr_ret_types( + int id: @fn_ptr_type_repr ref, + int ret_type: @ret_type_repr ref +); + +for_type_reprs( + unique int id: @for_type_repr +); + +#keyset[id] +for_type_repr_generic_param_lists( + int id: @for_type_repr ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +for_type_repr_type_reprs( + int id: @for_type_repr ref, + int type_repr: @type_repr ref +); + +format_args_exprs( + unique int id: @format_args_expr +); + +#keyset[id, index] +format_args_expr_args( + int id: @format_args_expr ref, + int index: int ref, + int arg: @format_args_arg ref +); + +#keyset[id, index] +format_args_expr_attrs( + int id: @format_args_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +format_args_expr_templates( + int id: @format_args_expr ref, + int template: @expr ref +); + +ident_pats( + unique int id: @ident_pat +); + +#keyset[id, index] +ident_pat_attrs( + int id: @ident_pat ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +ident_pat_is_mut( + int id: @ident_pat ref +); + +#keyset[id] +ident_pat_is_ref( + int id: @ident_pat ref +); + +#keyset[id] +ident_pat_names( + int id: @ident_pat ref, + int name: @name ref +); + +#keyset[id] +ident_pat_pats( + int id: @ident_pat ref, + int pat: @pat ref +); + +if_exprs( + unique int id: @if_expr +); + +#keyset[id, index] +if_expr_attrs( + int id: @if_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +if_expr_conditions( + int id: @if_expr ref, + int condition: @expr ref +); + +#keyset[id] +if_expr_elses( + int id: @if_expr ref, + int else: @expr ref +); + +#keyset[id] +if_expr_thens( + int id: @if_expr ref, + int then: @block_expr ref +); + +impl_trait_type_reprs( + unique int id: @impl_trait_type_repr +); + +#keyset[id] +impl_trait_type_repr_type_bound_lists( + int id: @impl_trait_type_repr ref, + int type_bound_list: @type_bound_list ref +); + +index_exprs( + unique int id: @index_expr +); + +#keyset[id, index] +index_expr_attrs( + int id: @index_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +index_expr_bases( + int id: @index_expr ref, + int base: @expr ref +); + +#keyset[id] +index_expr_indices( + int id: @index_expr ref, + int index: @expr ref +); + +infer_type_reprs( + unique int id: @infer_type_repr +); + +@item = + @adt +| @const +| @extern_block +| @extern_crate +| @function +| @impl +| @macro_call +| @macro_def +| @macro_rules +| @module +| @static +| @trait +| @trait_alias +| @type_alias +| @use +; + +#keyset[id] +item_attribute_macro_expansions( + int id: @item ref, + int attribute_macro_expansion: @macro_items ref +); + +@labelable_expr = + @block_expr +| @looping_expr +; + +#keyset[id] +labelable_expr_labels( + int id: @labelable_expr ref, + int label: @label ref +); + +let_exprs( + unique int id: @let_expr +); + +#keyset[id, index] +let_expr_attrs( + int id: @let_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +let_expr_scrutinees( + int id: @let_expr ref, + int scrutinee: @expr ref +); + +#keyset[id] +let_expr_pats( + int id: @let_expr ref, + int pat: @pat ref +); + +let_stmts( + unique int id: @let_stmt +); + +#keyset[id, index] +let_stmt_attrs( + int id: @let_stmt ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +let_stmt_initializers( + int id: @let_stmt ref, + int initializer: @expr ref +); + +#keyset[id] +let_stmt_let_elses( + int id: @let_stmt ref, + int let_else: @let_else ref +); + +#keyset[id] +let_stmt_pats( + int id: @let_stmt ref, + int pat: @pat ref +); + +#keyset[id] +let_stmt_type_reprs( + int id: @let_stmt ref, + int type_repr: @type_repr ref +); + +lifetimes( + unique int id: @lifetime +); + +#keyset[id] +lifetime_texts( + int id: @lifetime ref, + string text: string ref +); + +lifetime_args( + unique int id: @lifetime_arg +); + +#keyset[id] +lifetime_arg_lifetimes( + int id: @lifetime_arg ref, + int lifetime: @lifetime ref +); + +lifetime_params( + unique int id: @lifetime_param +); + +#keyset[id, index] +lifetime_param_attrs( + int id: @lifetime_param ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +lifetime_param_lifetimes( + int id: @lifetime_param ref, + int lifetime: @lifetime ref +); + +#keyset[id] +lifetime_param_type_bound_lists( + int id: @lifetime_param ref, + int type_bound_list: @type_bound_list ref +); + +literal_exprs( + unique int id: @literal_expr +); + +#keyset[id, index] +literal_expr_attrs( + int id: @literal_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +literal_expr_text_values( + int id: @literal_expr ref, + string text_value: string ref +); + +literal_pats( + unique int id: @literal_pat +); + +#keyset[id] +literal_pat_literals( + int id: @literal_pat ref, + int literal: @literal_expr ref +); + +macro_block_exprs( + unique int id: @macro_block_expr +); + +#keyset[id] +macro_block_expr_tail_exprs( + int id: @macro_block_expr ref, + int tail_expr: @expr ref +); + +#keyset[id, index] +macro_block_expr_statements( + int id: @macro_block_expr ref, + int index: int ref, + int statement: @stmt ref +); + +macro_exprs( + unique int id: @macro_expr +); + +#keyset[id] +macro_expr_macro_calls( + int id: @macro_expr ref, + int macro_call: @macro_call ref +); + +macro_pats( + unique int id: @macro_pat +); + +#keyset[id] +macro_pat_macro_calls( + int id: @macro_pat ref, + int macro_call: @macro_call ref +); + +macro_type_reprs( + unique int id: @macro_type_repr +); + +#keyset[id] +macro_type_repr_macro_calls( + int id: @macro_type_repr ref, + int macro_call: @macro_call ref +); + +match_exprs( + unique int id: @match_expr +); + +#keyset[id, index] +match_expr_attrs( + int id: @match_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +match_expr_scrutinees( + int id: @match_expr ref, + int scrutinee: @expr ref +); + +#keyset[id] +match_expr_match_arm_lists( + int id: @match_expr ref, + int match_arm_list: @match_arm_list ref +); + +name_refs( + unique int id: @name_ref +); + +#keyset[id] +name_ref_texts( + int id: @name_ref ref, + string text: string ref +); + +never_type_reprs( + unique int id: @never_type_repr +); + +offset_of_exprs( + unique int id: @offset_of_expr +); + +#keyset[id, index] +offset_of_expr_attrs( + int id: @offset_of_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id, index] +offset_of_expr_fields( + int id: @offset_of_expr ref, + int index: int ref, + int field: @name_ref ref +); + +#keyset[id] +offset_of_expr_type_reprs( + int id: @offset_of_expr ref, + int type_repr: @type_repr ref +); + +or_pats( + unique int id: @or_pat +); + +#keyset[id, index] +or_pat_pats( + int id: @or_pat ref, + int index: int ref, + int pat: @pat ref +); + +params( + unique int id: @param +); + +#keyset[id] +param_pats( + int id: @param ref, + int pat: @pat ref +); + +paren_exprs( + unique int id: @paren_expr +); + +#keyset[id, index] +paren_expr_attrs( + int id: @paren_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +paren_expr_exprs( + int id: @paren_expr ref, + int expr: @expr ref +); + +paren_pats( + unique int id: @paren_pat +); + +#keyset[id] +paren_pat_pats( + int id: @paren_pat ref, + int pat: @pat ref +); + +paren_type_reprs( + unique int id: @paren_type_repr +); + +#keyset[id] +paren_type_repr_type_reprs( + int id: @paren_type_repr ref, + int type_repr: @type_repr ref +); + +@path_ast_node = + @path_expr +| @path_pat +| @struct_expr +| @struct_pat +| @tuple_struct_pat +; + +#keyset[id] +path_ast_node_paths( + int id: @path_ast_node ref, + int path: @path ref +); + +@path_expr_base = + @path_expr +; + +path_type_reprs( + unique int id: @path_type_repr +); + +#keyset[id] +path_type_repr_paths( + int id: @path_type_repr ref, + int path: @path ref +); + +prefix_exprs( + unique int id: @prefix_expr +); + +#keyset[id, index] +prefix_expr_attrs( + int id: @prefix_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +prefix_expr_exprs( + int id: @prefix_expr ref, + int expr: @expr ref +); + +#keyset[id] +prefix_expr_operator_names( + int id: @prefix_expr ref, + string operator_name: string ref +); + +ptr_type_reprs( + unique int id: @ptr_type_repr +); + +#keyset[id] +ptr_type_repr_is_const( + int id: @ptr_type_repr ref +); + +#keyset[id] +ptr_type_repr_is_mut( + int id: @ptr_type_repr ref +); + +#keyset[id] +ptr_type_repr_type_reprs( + int id: @ptr_type_repr ref, + int type_repr: @type_repr ref +); + +range_exprs( + unique int id: @range_expr +); + +#keyset[id, index] +range_expr_attrs( + int id: @range_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +range_expr_ends( + int id: @range_expr ref, + int end: @expr ref +); + +#keyset[id] +range_expr_operator_names( + int id: @range_expr ref, + string operator_name: string ref +); + +#keyset[id] +range_expr_starts( + int id: @range_expr ref, + int start: @expr ref +); + +range_pats( + unique int id: @range_pat +); + +#keyset[id] +range_pat_ends( + int id: @range_pat ref, + int end: @pat ref +); + +#keyset[id] +range_pat_operator_names( + int id: @range_pat ref, + string operator_name: string ref +); + +#keyset[id] +range_pat_starts( + int id: @range_pat ref, + int start: @pat ref +); + +ref_exprs( + unique int id: @ref_expr +); + +#keyset[id, index] +ref_expr_attrs( + int id: @ref_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +ref_expr_exprs( + int id: @ref_expr ref, + int expr: @expr ref +); + +#keyset[id] +ref_expr_is_const( + int id: @ref_expr ref +); + +#keyset[id] +ref_expr_is_mut( + int id: @ref_expr ref +); + +#keyset[id] +ref_expr_is_raw( + int id: @ref_expr ref +); + +ref_pats( + unique int id: @ref_pat +); + +#keyset[id] +ref_pat_is_mut( + int id: @ref_pat ref +); + +#keyset[id] +ref_pat_pats( + int id: @ref_pat ref, + int pat: @pat ref +); + +ref_type_reprs( + unique int id: @ref_type_repr +); + +#keyset[id] +ref_type_repr_is_mut( + int id: @ref_type_repr ref +); + +#keyset[id] +ref_type_repr_lifetimes( + int id: @ref_type_repr ref, + int lifetime: @lifetime ref +); + +#keyset[id] +ref_type_repr_type_reprs( + int id: @ref_type_repr ref, + int type_repr: @type_repr ref +); + +rest_pats( + unique int id: @rest_pat +); + +#keyset[id, index] +rest_pat_attrs( + int id: @rest_pat ref, + int index: int ref, + int attr: @attr ref +); + +return_exprs( + unique int id: @return_expr +); + +#keyset[id, index] +return_expr_attrs( + int id: @return_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +return_expr_exprs( + int id: @return_expr ref, + int expr: @expr ref +); + +self_params( + unique int id: @self_param +); + +#keyset[id] +self_param_is_ref( + int id: @self_param ref +); + +#keyset[id] +self_param_is_mut( + int id: @self_param ref +); + +#keyset[id] +self_param_lifetimes( + int id: @self_param ref, + int lifetime: @lifetime ref +); + +#keyset[id] +self_param_names( + int id: @self_param ref, + int name: @name ref +); + +slice_pats( + unique int id: @slice_pat +); + +#keyset[id, index] +slice_pat_pats( + int id: @slice_pat ref, + int index: int ref, + int pat: @pat ref +); + +slice_type_reprs( + unique int id: @slice_type_repr +); + +#keyset[id] +slice_type_repr_type_reprs( + int id: @slice_type_repr ref, + int type_repr: @type_repr ref +); + +struct_field_lists( + unique int id: @struct_field_list +); + +#keyset[id, index] +struct_field_list_fields( + int id: @struct_field_list ref, + int index: int ref, + int field: @struct_field ref +); + +try_exprs( + unique int id: @try_expr +); + +#keyset[id, index] +try_expr_attrs( + int id: @try_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +try_expr_exprs( + int id: @try_expr ref, + int expr: @expr ref +); + +tuple_exprs( + unique int id: @tuple_expr +); + +#keyset[id, index] +tuple_expr_attrs( + int id: @tuple_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id, index] +tuple_expr_fields( + int id: @tuple_expr ref, + int index: int ref, + int field: @expr ref +); + +tuple_field_lists( + unique int id: @tuple_field_list +); + +#keyset[id, index] +tuple_field_list_fields( + int id: @tuple_field_list ref, + int index: int ref, + int field: @tuple_field ref +); + +tuple_pats( + unique int id: @tuple_pat +); + +#keyset[id, index] +tuple_pat_fields( + int id: @tuple_pat ref, + int index: int ref, + int field: @pat ref +); + +tuple_type_reprs( + unique int id: @tuple_type_repr +); + +#keyset[id, index] +tuple_type_repr_fields( + int id: @tuple_type_repr ref, + int index: int ref, + int field: @type_repr ref +); + +type_args( + unique int id: @type_arg +); + +#keyset[id] +type_arg_type_reprs( + int id: @type_arg ref, + int type_repr: @type_repr ref +); + +type_params( + unique int id: @type_param +); + +#keyset[id, index] +type_param_attrs( + int id: @type_param ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +type_param_default_types( + int id: @type_param ref, + int default_type: @type_repr ref +); + +#keyset[id] +type_param_names( + int id: @type_param ref, + int name: @name ref +); + +#keyset[id] +type_param_type_bound_lists( + int id: @type_param ref, + int type_bound_list: @type_bound_list ref +); + +underscore_exprs( + unique int id: @underscore_expr +); + +#keyset[id, index] +underscore_expr_attrs( + int id: @underscore_expr ref, + int index: int ref, + int attr: @attr ref +); + +variants( + unique int id: @variant +); + +#keyset[id, index] +variant_attrs( + int id: @variant ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +variant_discriminants( + int id: @variant ref, + int discriminant: @expr ref +); + +#keyset[id] +variant_field_lists( + int id: @variant ref, + int field_list: @field_list ref +); + +#keyset[id] +variant_names( + int id: @variant ref, + int name: @name ref +); + +#keyset[id] +variant_visibilities( + int id: @variant ref, + int visibility: @visibility ref +); + +wildcard_pats( + unique int id: @wildcard_pat +); + +yeet_exprs( + unique int id: @yeet_expr +); + +#keyset[id, index] +yeet_expr_attrs( + int id: @yeet_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +yeet_expr_exprs( + int id: @yeet_expr ref, + int expr: @expr ref +); + +yield_exprs( + unique int id: @yield_expr +); + +#keyset[id, index] +yield_expr_attrs( + int id: @yield_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +yield_expr_exprs( + int id: @yield_expr ref, + int expr: @expr ref +); + +@adt = + @enum +| @struct +| @union +; + +#keyset[id, index] +adt_derive_macro_expansions( + int id: @adt ref, + int index: int ref, + int derive_macro_expansion: @macro_items ref +); + +block_exprs( + unique int id: @block_expr +); + +#keyset[id, index] +block_expr_attrs( + int id: @block_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +block_expr_is_async( + int id: @block_expr ref +); + +#keyset[id] +block_expr_is_const( + int id: @block_expr ref +); + +#keyset[id] +block_expr_is_gen( + int id: @block_expr ref +); + +#keyset[id] +block_expr_is_move( + int id: @block_expr ref +); + +#keyset[id] +block_expr_is_try( + int id: @block_expr ref +); + +#keyset[id] +block_expr_is_unsafe( + int id: @block_expr ref +); + +#keyset[id] +block_expr_stmt_lists( + int id: @block_expr ref, + int stmt_list: @stmt_list ref +); + +call_exprs( + unique int id: @call_expr +); + +#keyset[id] +call_expr_functions( + int id: @call_expr ref, + int function: @expr ref +); + +consts( + unique int id: @const +); + +#keyset[id, index] +const_attrs( + int id: @const ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +const_bodies( + int id: @const ref, + int body: @expr ref +); + +#keyset[id] +const_generic_param_lists( + int id: @const ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +const_is_const( + int id: @const ref +); + +#keyset[id] +const_is_default( + int id: @const ref +); + +#keyset[id] +const_names( + int id: @const ref, + int name: @name ref +); + +#keyset[id] +const_type_reprs( + int id: @const ref, + int type_repr: @type_repr ref +); + +#keyset[id] +const_visibilities( + int id: @const ref, + int visibility: @visibility ref +); + +#keyset[id] +const_where_clauses( + int id: @const ref, + int where_clause: @where_clause ref +); + +#keyset[id] +const_has_implementation( + int id: @const ref +); + +extern_blocks( + unique int id: @extern_block +); + +#keyset[id] +extern_block_abis( + int id: @extern_block ref, + int abi: @abi ref +); + +#keyset[id, index] +extern_block_attrs( + int id: @extern_block ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +extern_block_extern_item_lists( + int id: @extern_block ref, + int extern_item_list: @extern_item_list ref +); + +#keyset[id] +extern_block_is_unsafe( + int id: @extern_block ref +); + +extern_crates( + unique int id: @extern_crate +); + +#keyset[id, index] +extern_crate_attrs( + int id: @extern_crate ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +extern_crate_identifiers( + int id: @extern_crate ref, + int identifier: @name_ref ref +); + +#keyset[id] +extern_crate_renames( + int id: @extern_crate ref, + int rename: @rename ref +); + +#keyset[id] +extern_crate_visibilities( + int id: @extern_crate ref, + int visibility: @visibility ref +); + +functions( + unique int id: @function +); + +#keyset[id] +function_abis( + int id: @function ref, + int abi: @abi ref +); + +#keyset[id] +function_bodies( + int id: @function ref, + int body: @block_expr ref +); + +#keyset[id] +function_generic_param_lists( + int id: @function ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +function_is_async( + int id: @function ref +); + +#keyset[id] +function_is_const( + int id: @function ref +); + +#keyset[id] +function_is_default( + int id: @function ref +); + +#keyset[id] +function_is_gen( + int id: @function ref +); + +#keyset[id] +function_is_unsafe( + int id: @function ref +); + +#keyset[id] +function_names( + int id: @function ref, + int name: @name ref +); + +#keyset[id] +function_ret_types( + int id: @function ref, + int ret_type: @ret_type_repr ref +); + +#keyset[id] +function_visibilities( + int id: @function ref, + int visibility: @visibility ref +); + +#keyset[id] +function_where_clauses( + int id: @function ref, + int where_clause: @where_clause ref +); + +#keyset[id] +function_has_implementation( + int id: @function ref +); + +impls( + unique int id: @impl +); + +#keyset[id] +impl_assoc_item_lists( + int id: @impl ref, + int assoc_item_list: @assoc_item_list ref +); + +#keyset[id, index] +impl_attrs( + int id: @impl ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +impl_generic_param_lists( + int id: @impl ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +impl_is_const( + int id: @impl ref +); + +#keyset[id] +impl_is_default( + int id: @impl ref +); + +#keyset[id] +impl_is_unsafe( + int id: @impl ref +); + +#keyset[id] +impl_self_ties( + int id: @impl ref, + int self_ty: @type_repr ref +); + +#keyset[id] +impl_traits( + int id: @impl ref, + int trait: @type_repr ref +); + +#keyset[id] +impl_visibilities( + int id: @impl ref, + int visibility: @visibility ref +); + +#keyset[id] +impl_where_clauses( + int id: @impl ref, + int where_clause: @where_clause ref +); + +@looping_expr = + @for_expr +| @loop_expr +| @while_expr +; + +#keyset[id] +looping_expr_loop_bodies( + int id: @looping_expr ref, + int loop_body: @block_expr ref +); + +macro_calls( + unique int id: @macro_call +); + +#keyset[id, index] +macro_call_attrs( + int id: @macro_call ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +macro_call_paths( + int id: @macro_call ref, + int path: @path ref +); + +#keyset[id] +macro_call_token_trees( + int id: @macro_call ref, + int token_tree: @token_tree ref +); + +#keyset[id] +macro_call_macro_call_expansions( + int id: @macro_call ref, + int macro_call_expansion: @ast_node ref +); + +macro_defs( + unique int id: @macro_def +); + +#keyset[id] +macro_def_args( + int id: @macro_def ref, + int args: @token_tree ref +); + +#keyset[id, index] +macro_def_attrs( + int id: @macro_def ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +macro_def_bodies( + int id: @macro_def ref, + int body: @token_tree ref +); + +#keyset[id] +macro_def_names( + int id: @macro_def ref, + int name: @name ref +); + +#keyset[id] +macro_def_visibilities( + int id: @macro_def ref, + int visibility: @visibility ref +); + +macro_rules( + unique int id: @macro_rules +); + +#keyset[id, index] +macro_rules_attrs( + int id: @macro_rules ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +macro_rules_names( + int id: @macro_rules ref, + int name: @name ref +); + +#keyset[id] +macro_rules_token_trees( + int id: @macro_rules ref, + int token_tree: @token_tree ref +); + +#keyset[id] +macro_rules_visibilities( + int id: @macro_rules ref, + int visibility: @visibility ref +); + +method_call_exprs( + unique int id: @method_call_expr +); + +#keyset[id] +method_call_expr_generic_arg_lists( + int id: @method_call_expr ref, + int generic_arg_list: @generic_arg_list ref +); + +#keyset[id] +method_call_expr_identifiers( + int id: @method_call_expr ref, + int identifier: @name_ref ref +); + +#keyset[id] +method_call_expr_receivers( + int id: @method_call_expr ref, + int receiver: @expr ref +); + +modules( + unique int id: @module +); + +#keyset[id, index] +module_attrs( + int id: @module ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +module_item_lists( + int id: @module ref, + int item_list: @item_list ref +); + +#keyset[id] +module_names( + int id: @module ref, + int name: @name ref +); + +#keyset[id] +module_visibilities( + int id: @module ref, + int visibility: @visibility ref +); + +path_exprs( + unique int id: @path_expr +); + +#keyset[id, index] +path_expr_attrs( + int id: @path_expr ref, + int index: int ref, + int attr: @attr ref +); + +path_pats( + unique int id: @path_pat +); + +statics( + unique int id: @static +); + +#keyset[id, index] +static_attrs( + int id: @static ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +static_bodies( + int id: @static ref, + int body: @expr ref +); + +#keyset[id] +static_is_mut( + int id: @static ref +); + +#keyset[id] +static_is_static( + int id: @static ref +); + +#keyset[id] +static_is_unsafe( + int id: @static ref +); + +#keyset[id] +static_names( + int id: @static ref, + int name: @name ref +); + +#keyset[id] +static_type_reprs( + int id: @static ref, + int type_repr: @type_repr ref +); + +#keyset[id] +static_visibilities( + int id: @static ref, + int visibility: @visibility ref +); + +struct_exprs( + unique int id: @struct_expr +); + +#keyset[id] +struct_expr_struct_expr_field_lists( + int id: @struct_expr ref, + int struct_expr_field_list: @struct_expr_field_list ref +); + +struct_pats( + unique int id: @struct_pat +); + +#keyset[id] +struct_pat_struct_pat_field_lists( + int id: @struct_pat ref, + int struct_pat_field_list: @struct_pat_field_list ref +); + +traits( + unique int id: @trait +); + +#keyset[id] +trait_assoc_item_lists( + int id: @trait ref, + int assoc_item_list: @assoc_item_list ref +); + +#keyset[id, index] +trait_attrs( + int id: @trait ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +trait_generic_param_lists( + int id: @trait ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +trait_is_auto( + int id: @trait ref +); + +#keyset[id] +trait_is_unsafe( + int id: @trait ref +); + +#keyset[id] +trait_names( + int id: @trait ref, + int name: @name ref +); + +#keyset[id] +trait_type_bound_lists( + int id: @trait ref, + int type_bound_list: @type_bound_list ref +); + +#keyset[id] +trait_visibilities( + int id: @trait ref, + int visibility: @visibility ref +); + +#keyset[id] +trait_where_clauses( + int id: @trait ref, + int where_clause: @where_clause ref +); + +trait_aliases( + unique int id: @trait_alias +); + +#keyset[id, index] +trait_alias_attrs( + int id: @trait_alias ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +trait_alias_generic_param_lists( + int id: @trait_alias ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +trait_alias_names( + int id: @trait_alias ref, + int name: @name ref +); + +#keyset[id] +trait_alias_type_bound_lists( + int id: @trait_alias ref, + int type_bound_list: @type_bound_list ref +); + +#keyset[id] +trait_alias_visibilities( + int id: @trait_alias ref, + int visibility: @visibility ref +); + +#keyset[id] +trait_alias_where_clauses( + int id: @trait_alias ref, + int where_clause: @where_clause ref +); + +tuple_struct_pats( + unique int id: @tuple_struct_pat +); + +#keyset[id, index] +tuple_struct_pat_fields( + int id: @tuple_struct_pat ref, + int index: int ref, + int field: @pat ref +); + +type_aliases( + unique int id: @type_alias +); + +#keyset[id, index] +type_alias_attrs( + int id: @type_alias ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +type_alias_generic_param_lists( + int id: @type_alias ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +type_alias_is_default( + int id: @type_alias ref +); + +#keyset[id] +type_alias_names( + int id: @type_alias ref, + int name: @name ref +); + +#keyset[id] +type_alias_type_reprs( + int id: @type_alias ref, + int type_repr: @type_repr ref +); + +#keyset[id] +type_alias_type_bound_lists( + int id: @type_alias ref, + int type_bound_list: @type_bound_list ref +); + +#keyset[id] +type_alias_visibilities( + int id: @type_alias ref, + int visibility: @visibility ref +); + +#keyset[id] +type_alias_where_clauses( + int id: @type_alias ref, + int where_clause: @where_clause ref +); + +uses( + unique int id: @use +); + +#keyset[id, index] +use_attrs( + int id: @use ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +use_use_trees( + int id: @use ref, + int use_tree: @use_tree ref +); + +#keyset[id] +use_visibilities( + int id: @use ref, + int visibility: @visibility ref +); + +enums( + unique int id: @enum +); + +#keyset[id, index] +enum_attrs( + int id: @enum ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +enum_generic_param_lists( + int id: @enum ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +enum_names( + int id: @enum ref, + int name: @name ref +); + +#keyset[id] +enum_variant_lists( + int id: @enum ref, + int variant_list: @variant_list ref +); + +#keyset[id] +enum_visibilities( + int id: @enum ref, + int visibility: @visibility ref +); + +#keyset[id] +enum_where_clauses( + int id: @enum ref, + int where_clause: @where_clause ref +); + +for_exprs( + unique int id: @for_expr +); + +#keyset[id, index] +for_expr_attrs( + int id: @for_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +for_expr_iterables( + int id: @for_expr ref, + int iterable: @expr ref +); + +#keyset[id] +for_expr_pats( + int id: @for_expr ref, + int pat: @pat ref +); + +loop_exprs( + unique int id: @loop_expr +); + +#keyset[id, index] +loop_expr_attrs( + int id: @loop_expr ref, + int index: int ref, + int attr: @attr ref +); + +structs( + unique int id: @struct +); + +#keyset[id, index] +struct_attrs( + int id: @struct ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +struct_field_lists_( + int id: @struct ref, + int field_list: @field_list ref +); + +#keyset[id] +struct_generic_param_lists( + int id: @struct ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +struct_names( + int id: @struct ref, + int name: @name ref +); + +#keyset[id] +struct_visibilities( + int id: @struct ref, + int visibility: @visibility ref +); + +#keyset[id] +struct_where_clauses( + int id: @struct ref, + int where_clause: @where_clause ref +); + +unions( + unique int id: @union +); + +#keyset[id, index] +union_attrs( + int id: @union ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +union_generic_param_lists( + int id: @union ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +union_names( + int id: @union ref, + int name: @name ref +); + +#keyset[id] +union_struct_field_lists( + int id: @union ref, + int struct_field_list: @struct_field_list ref +); + +#keyset[id] +union_visibilities( + int id: @union ref, + int visibility: @visibility ref +); + +#keyset[id] +union_where_clauses( + int id: @union ref, + int where_clause: @where_clause ref +); + +while_exprs( + unique int id: @while_expr +); + +#keyset[id, index] +while_expr_attrs( + int id: @while_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +while_expr_conditions( + int id: @while_expr ref, + int condition: @expr ref +); diff --git a/rust/downgrades/f72a3d8d021c81c67ba046c6af15c61a79cb8163/rust.dbscheme b/rust/downgrades/f72a3d8d021c81c67ba046c6af15c61a79cb8163/rust.dbscheme new file mode 100644 index 00000000000..e3b3765116e --- /dev/null +++ b/rust/downgrades/f72a3d8d021c81c67ba046c6af15c61a79cb8163/rust.dbscheme @@ -0,0 +1,3632 @@ +// generated by codegen, do not edit + +// from ../shared/tree-sitter-extractor/src/generator/prefix.dbscheme +/*- Files and folders -*/ + +/** + * The location of an element. + * The location spans column `startcolumn` of line `startline` to + * column `endcolumn` of line `endline` in file `file`. + * For more information, see + * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). + */ +locations_default( + unique int id: @location_default, + int file: @file ref, + int beginLine: int ref, + int beginColumn: int ref, + int endLine: int ref, + int endColumn: int ref +); + +files( + unique int id: @file, + string name: string ref +); + +folders( + unique int id: @folder, + string name: string ref +); + +@container = @file | @folder + +containerparent( + int parent: @container ref, + unique int child: @container ref +); + +/*- Empty location -*/ + +empty_location( + int location: @location_default ref +); + +/*- Source location prefix -*/ + +/** + * The source location of the snapshot. + */ +sourceLocationPrefix(string prefix : string ref); + +/*- Diagnostic messages -*/ + +diagnostics( + unique int id: @diagnostic, + int severity: int ref, + string error_tag: string ref, + string error_message: string ref, + string full_error_message: string ref, + int location: @location_default ref +); + +/*- Diagnostic messages: severity -*/ + +case @diagnostic.severity of + 10 = @diagnostic_debug +| 20 = @diagnostic_info +| 30 = @diagnostic_warning +| 40 = @diagnostic_error +; + +/*- YAML -*/ + +#keyset[parent, idx] +yaml (unique int id: @yaml_node, + int kind: int ref, + int parent: @yaml_node_parent ref, + int idx: int ref, + string tag: string ref, + string tostring: string ref); + +case @yaml_node.kind of + 0 = @yaml_scalar_node +| 1 = @yaml_mapping_node +| 2 = @yaml_sequence_node +| 3 = @yaml_alias_node +; + +@yaml_collection_node = @yaml_mapping_node | @yaml_sequence_node; + +@yaml_node_parent = @yaml_collection_node | @file; + +yaml_anchors (unique int node: @yaml_node ref, + string anchor: string ref); + +yaml_aliases (unique int alias: @yaml_alias_node ref, + string target: string ref); + +yaml_scalars (unique int scalar: @yaml_scalar_node ref, + int style: int ref, + string value: string ref); + +yaml_errors (unique int id: @yaml_error, + string message: string ref); + +yaml_locations(unique int locatable: @yaml_locatable ref, + int location: @location_default ref); + +@yaml_locatable = @yaml_node | @yaml_error; + + +// from prefix.dbscheme +#keyset[id] +locatable_locations( + int id: @locatable ref, + int location: @location_default ref +); + + +// from schema + +@element = + @extractor_step +| @locatable +| @named_crate +| @unextracted +; + +extractor_steps( + unique int id: @extractor_step, + string action: string ref, + int duration_ms: int ref +); + +#keyset[id] +extractor_step_files( + int id: @extractor_step ref, + int file: @file ref +); + +@locatable = + @ast_node +| @crate +; + +named_crates( + unique int id: @named_crate, + string name: string ref, + int crate: @crate ref +); + +@unextracted = + @missing +| @unimplemented +; + +@ast_node = + @abi +| @addressable +| @arg_list +| @asm_dir_spec +| @asm_operand +| @asm_operand_expr +| @asm_option +| @asm_piece +| @asm_reg_spec +| @assoc_item +| @assoc_item_list +| @attr +| @callable +| @closure_binder +| @expr +| @extern_item +| @extern_item_list +| @field_list +| @format_args_arg +| @generic_arg +| @generic_arg_list +| @generic_param +| @generic_param_list +| @item_list +| @label +| @let_else +| @macro_items +| @match_arm +| @match_arm_list +| @match_guard +| @meta +| @name +| @param_base +| @param_list +| @parenthesized_arg_list +| @pat +| @path +| @path_segment +| @rename +| @resolvable +| @ret_type_repr +| @return_type_syntax +| @source_file +| @stmt +| @stmt_list +| @struct_expr_field +| @struct_expr_field_list +| @struct_field +| @struct_pat_field +| @struct_pat_field_list +| @token +| @token_tree +| @tuple_field +| @type_bound +| @type_bound_list +| @type_repr +| @use_bound_generic_arg +| @use_bound_generic_args +| @use_tree +| @use_tree_list +| @variant_list +| @visibility +| @where_clause +| @where_pred +; + +crates( + unique int id: @crate +); + +#keyset[id] +crate_names( + int id: @crate ref, + string name: string ref +); + +#keyset[id] +crate_versions( + int id: @crate ref, + string version: string ref +); + +#keyset[id, index] +crate_cfg_options( + int id: @crate ref, + int index: int ref, + string cfg_option: string ref +); + +#keyset[id, index] +crate_named_dependencies( + int id: @crate ref, + int index: int ref, + int named_dependency: @named_crate ref +); + +missings( + unique int id: @missing +); + +unimplementeds( + unique int id: @unimplemented +); + +abis( + unique int id: @abi +); + +#keyset[id] +abi_abi_strings( + int id: @abi ref, + string abi_string: string ref +); + +@addressable = + @item +| @variant +; + +#keyset[id] +addressable_extended_canonical_paths( + int id: @addressable ref, + string extended_canonical_path: string ref +); + +#keyset[id] +addressable_crate_origins( + int id: @addressable ref, + string crate_origin: string ref +); + +arg_lists( + unique int id: @arg_list +); + +#keyset[id, index] +arg_list_args( + int id: @arg_list ref, + int index: int ref, + int arg: @expr ref +); + +asm_dir_specs( + unique int id: @asm_dir_spec +); + +@asm_operand = + @asm_const +| @asm_label +| @asm_reg_operand +| @asm_sym +; + +asm_operand_exprs( + unique int id: @asm_operand_expr +); + +#keyset[id] +asm_operand_expr_in_exprs( + int id: @asm_operand_expr ref, + int in_expr: @expr ref +); + +#keyset[id] +asm_operand_expr_out_exprs( + int id: @asm_operand_expr ref, + int out_expr: @expr ref +); + +asm_options( + unique int id: @asm_option +); + +#keyset[id] +asm_option_is_raw( + int id: @asm_option ref +); + +@asm_piece = + @asm_clobber_abi +| @asm_operand_named +| @asm_options_list +; + +asm_reg_specs( + unique int id: @asm_reg_spec +); + +#keyset[id] +asm_reg_spec_identifiers( + int id: @asm_reg_spec ref, + int identifier: @name_ref ref +); + +@assoc_item = + @const +| @function +| @macro_call +| @type_alias +; + +assoc_item_lists( + unique int id: @assoc_item_list +); + +#keyset[id, index] +assoc_item_list_assoc_items( + int id: @assoc_item_list ref, + int index: int ref, + int assoc_item: @assoc_item ref +); + +#keyset[id, index] +assoc_item_list_attrs( + int id: @assoc_item_list ref, + int index: int ref, + int attr: @attr ref +); + +attrs( + unique int id: @attr +); + +#keyset[id] +attr_meta( + int id: @attr ref, + int meta: @meta ref +); + +@callable = + @closure_expr +| @function +; + +#keyset[id] +callable_param_lists( + int id: @callable ref, + int param_list: @param_list ref +); + +#keyset[id, index] +callable_attrs( + int id: @callable ref, + int index: int ref, + int attr: @attr ref +); + +closure_binders( + unique int id: @closure_binder +); + +#keyset[id] +closure_binder_generic_param_lists( + int id: @closure_binder ref, + int generic_param_list: @generic_param_list ref +); + +@expr = + @array_expr_internal +| @asm_expr +| @await_expr +| @become_expr +| @binary_expr +| @break_expr +| @call_expr_base +| @cast_expr +| @closure_expr +| @continue_expr +| @field_expr +| @format_args_expr +| @if_expr +| @index_expr +| @labelable_expr +| @let_expr +| @literal_expr +| @macro_block_expr +| @macro_expr +| @match_expr +| @offset_of_expr +| @paren_expr +| @path_expr_base +| @prefix_expr +| @range_expr +| @ref_expr +| @return_expr +| @struct_expr +| @try_expr +| @tuple_expr +| @underscore_expr +| @yeet_expr +| @yield_expr +; + +@extern_item = + @function +| @macro_call +| @static +| @type_alias +; + +extern_item_lists( + unique int id: @extern_item_list +); + +#keyset[id, index] +extern_item_list_attrs( + int id: @extern_item_list ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id, index] +extern_item_list_extern_items( + int id: @extern_item_list ref, + int index: int ref, + int extern_item: @extern_item ref +); + +@field_list = + @struct_field_list +| @tuple_field_list +; + +format_args_args( + unique int id: @format_args_arg +); + +#keyset[id] +format_args_arg_exprs( + int id: @format_args_arg ref, + int expr: @expr ref +); + +#keyset[id] +format_args_arg_names( + int id: @format_args_arg ref, + int name: @name ref +); + +@generic_arg = + @assoc_type_arg +| @const_arg +| @lifetime_arg +| @type_arg +; + +generic_arg_lists( + unique int id: @generic_arg_list +); + +#keyset[id, index] +generic_arg_list_generic_args( + int id: @generic_arg_list ref, + int index: int ref, + int generic_arg: @generic_arg ref +); + +@generic_param = + @const_param +| @lifetime_param +| @type_param +; + +generic_param_lists( + unique int id: @generic_param_list +); + +#keyset[id, index] +generic_param_list_generic_params( + int id: @generic_param_list ref, + int index: int ref, + int generic_param: @generic_param ref +); + +item_lists( + unique int id: @item_list +); + +#keyset[id, index] +item_list_attrs( + int id: @item_list ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id, index] +item_list_items( + int id: @item_list ref, + int index: int ref, + int item: @item ref +); + +labels( + unique int id: @label +); + +#keyset[id] +label_lifetimes( + int id: @label ref, + int lifetime: @lifetime ref +); + +let_elses( + unique int id: @let_else +); + +#keyset[id] +let_else_block_exprs( + int id: @let_else ref, + int block_expr: @block_expr ref +); + +macro_items( + unique int id: @macro_items +); + +#keyset[id, index] +macro_items_items( + int id: @macro_items ref, + int index: int ref, + int item: @item ref +); + +match_arms( + unique int id: @match_arm +); + +#keyset[id, index] +match_arm_attrs( + int id: @match_arm ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +match_arm_exprs( + int id: @match_arm ref, + int expr: @expr ref +); + +#keyset[id] +match_arm_guards( + int id: @match_arm ref, + int guard: @match_guard ref +); + +#keyset[id] +match_arm_pats( + int id: @match_arm ref, + int pat: @pat ref +); + +match_arm_lists( + unique int id: @match_arm_list +); + +#keyset[id, index] +match_arm_list_arms( + int id: @match_arm_list ref, + int index: int ref, + int arm: @match_arm ref +); + +#keyset[id, index] +match_arm_list_attrs( + int id: @match_arm_list ref, + int index: int ref, + int attr: @attr ref +); + +match_guards( + unique int id: @match_guard +); + +#keyset[id] +match_guard_conditions( + int id: @match_guard ref, + int condition: @expr ref +); + +meta( + unique int id: @meta +); + +#keyset[id] +meta_exprs( + int id: @meta ref, + int expr: @expr ref +); + +#keyset[id] +meta_is_unsafe( + int id: @meta ref +); + +#keyset[id] +meta_paths( + int id: @meta ref, + int path: @path ref +); + +#keyset[id] +meta_token_trees( + int id: @meta ref, + int token_tree: @token_tree ref +); + +names( + unique int id: @name +); + +#keyset[id] +name_texts( + int id: @name ref, + string text: string ref +); + +@param_base = + @param +| @self_param +; + +#keyset[id, index] +param_base_attrs( + int id: @param_base ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +param_base_type_reprs( + int id: @param_base ref, + int type_repr: @type_repr ref +); + +param_lists( + unique int id: @param_list +); + +#keyset[id, index] +param_list_params( + int id: @param_list ref, + int index: int ref, + int param: @param ref +); + +#keyset[id] +param_list_self_params( + int id: @param_list ref, + int self_param: @self_param ref +); + +parenthesized_arg_lists( + unique int id: @parenthesized_arg_list +); + +#keyset[id, index] +parenthesized_arg_list_type_args( + int id: @parenthesized_arg_list ref, + int index: int ref, + int type_arg: @type_arg ref +); + +@pat = + @box_pat +| @const_block_pat +| @ident_pat +| @literal_pat +| @macro_pat +| @or_pat +| @paren_pat +| @path_pat +| @range_pat +| @ref_pat +| @rest_pat +| @slice_pat +| @struct_pat +| @tuple_pat +| @tuple_struct_pat +| @wildcard_pat +; + +paths( + unique int id: @path +); + +#keyset[id] +path_qualifiers( + int id: @path ref, + int qualifier: @path ref +); + +#keyset[id] +path_segments_( + int id: @path ref, + int segment: @path_segment ref +); + +path_segments( + unique int id: @path_segment +); + +#keyset[id] +path_segment_generic_arg_lists( + int id: @path_segment ref, + int generic_arg_list: @generic_arg_list ref +); + +#keyset[id] +path_segment_identifiers( + int id: @path_segment ref, + int identifier: @name_ref ref +); + +#keyset[id] +path_segment_parenthesized_arg_lists( + int id: @path_segment ref, + int parenthesized_arg_list: @parenthesized_arg_list ref +); + +#keyset[id] +path_segment_ret_types( + int id: @path_segment ref, + int ret_type: @ret_type_repr ref +); + +#keyset[id] +path_segment_return_type_syntaxes( + int id: @path_segment ref, + int return_type_syntax: @return_type_syntax ref +); + +#keyset[id] +path_segment_type_reprs( + int id: @path_segment ref, + int type_repr: @type_repr ref +); + +#keyset[id] +path_segment_trait_type_reprs( + int id: @path_segment ref, + int trait_type_repr: @path_type_repr ref +); + +renames( + unique int id: @rename +); + +#keyset[id] +rename_names( + int id: @rename ref, + int name: @name ref +); + +@resolvable = + @method_call_expr +| @path_ast_node +; + +#keyset[id] +resolvable_resolved_paths( + int id: @resolvable ref, + string resolved_path: string ref +); + +#keyset[id] +resolvable_resolved_crate_origins( + int id: @resolvable ref, + string resolved_crate_origin: string ref +); + +ret_type_reprs( + unique int id: @ret_type_repr +); + +#keyset[id] +ret_type_repr_type_reprs( + int id: @ret_type_repr ref, + int type_repr: @type_repr ref +); + +return_type_syntaxes( + unique int id: @return_type_syntax +); + +source_files( + unique int id: @source_file +); + +#keyset[id, index] +source_file_attrs( + int id: @source_file ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id, index] +source_file_items( + int id: @source_file ref, + int index: int ref, + int item: @item ref +); + +@stmt = + @expr_stmt +| @item +| @let_stmt +; + +stmt_lists( + unique int id: @stmt_list +); + +#keyset[id, index] +stmt_list_attrs( + int id: @stmt_list ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id, index] +stmt_list_statements( + int id: @stmt_list ref, + int index: int ref, + int statement: @stmt ref +); + +#keyset[id] +stmt_list_tail_exprs( + int id: @stmt_list ref, + int tail_expr: @expr ref +); + +struct_expr_fields( + unique int id: @struct_expr_field +); + +#keyset[id, index] +struct_expr_field_attrs( + int id: @struct_expr_field ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +struct_expr_field_exprs( + int id: @struct_expr_field ref, + int expr: @expr ref +); + +#keyset[id] +struct_expr_field_identifiers( + int id: @struct_expr_field ref, + int identifier: @name_ref ref +); + +struct_expr_field_lists( + unique int id: @struct_expr_field_list +); + +#keyset[id, index] +struct_expr_field_list_attrs( + int id: @struct_expr_field_list ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id, index] +struct_expr_field_list_fields( + int id: @struct_expr_field_list ref, + int index: int ref, + int field: @struct_expr_field ref +); + +#keyset[id] +struct_expr_field_list_spreads( + int id: @struct_expr_field_list ref, + int spread: @expr ref +); + +struct_fields( + unique int id: @struct_field +); + +#keyset[id, index] +struct_field_attrs( + int id: @struct_field ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +struct_field_defaults( + int id: @struct_field ref, + int default: @expr ref +); + +#keyset[id] +struct_field_is_unsafe( + int id: @struct_field ref +); + +#keyset[id] +struct_field_names( + int id: @struct_field ref, + int name: @name ref +); + +#keyset[id] +struct_field_type_reprs( + int id: @struct_field ref, + int type_repr: @type_repr ref +); + +#keyset[id] +struct_field_visibilities( + int id: @struct_field ref, + int visibility: @visibility ref +); + +struct_pat_fields( + unique int id: @struct_pat_field +); + +#keyset[id, index] +struct_pat_field_attrs( + int id: @struct_pat_field ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +struct_pat_field_identifiers( + int id: @struct_pat_field ref, + int identifier: @name_ref ref +); + +#keyset[id] +struct_pat_field_pats( + int id: @struct_pat_field ref, + int pat: @pat ref +); + +struct_pat_field_lists( + unique int id: @struct_pat_field_list +); + +#keyset[id, index] +struct_pat_field_list_fields( + int id: @struct_pat_field_list ref, + int index: int ref, + int field: @struct_pat_field ref +); + +#keyset[id] +struct_pat_field_list_rest_pats( + int id: @struct_pat_field_list ref, + int rest_pat: @rest_pat ref +); + +@token = + @comment +; + +token_trees( + unique int id: @token_tree +); + +tuple_fields( + unique int id: @tuple_field +); + +#keyset[id, index] +tuple_field_attrs( + int id: @tuple_field ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +tuple_field_type_reprs( + int id: @tuple_field ref, + int type_repr: @type_repr ref +); + +#keyset[id] +tuple_field_visibilities( + int id: @tuple_field ref, + int visibility: @visibility ref +); + +type_bounds( + unique int id: @type_bound +); + +#keyset[id] +type_bound_is_async( + int id: @type_bound ref +); + +#keyset[id] +type_bound_is_const( + int id: @type_bound ref +); + +#keyset[id] +type_bound_lifetimes( + int id: @type_bound ref, + int lifetime: @lifetime ref +); + +#keyset[id] +type_bound_type_reprs( + int id: @type_bound ref, + int type_repr: @type_repr ref +); + +#keyset[id] +type_bound_use_bound_generic_args( + int id: @type_bound ref, + int use_bound_generic_args: @use_bound_generic_args ref +); + +type_bound_lists( + unique int id: @type_bound_list +); + +#keyset[id, index] +type_bound_list_bounds( + int id: @type_bound_list ref, + int index: int ref, + int bound: @type_bound ref +); + +@type_repr = + @array_type_repr +| @dyn_trait_type_repr +| @fn_ptr_type_repr +| @for_type_repr +| @impl_trait_type_repr +| @infer_type_repr +| @macro_type_repr +| @never_type_repr +| @paren_type_repr +| @path_type_repr +| @ptr_type_repr +| @ref_type_repr +| @slice_type_repr +| @tuple_type_repr +; + +@use_bound_generic_arg = + @lifetime +| @name_ref +; + +use_bound_generic_args( + unique int id: @use_bound_generic_args +); + +#keyset[id, index] +use_bound_generic_args_use_bound_generic_args( + int id: @use_bound_generic_args ref, + int index: int ref, + int use_bound_generic_arg: @use_bound_generic_arg ref +); + +use_trees( + unique int id: @use_tree +); + +#keyset[id] +use_tree_is_glob( + int id: @use_tree ref +); + +#keyset[id] +use_tree_paths( + int id: @use_tree ref, + int path: @path ref +); + +#keyset[id] +use_tree_renames( + int id: @use_tree ref, + int rename: @rename ref +); + +#keyset[id] +use_tree_use_tree_lists( + int id: @use_tree ref, + int use_tree_list: @use_tree_list ref +); + +use_tree_lists( + unique int id: @use_tree_list +); + +#keyset[id, index] +use_tree_list_use_trees( + int id: @use_tree_list ref, + int index: int ref, + int use_tree: @use_tree ref +); + +variant_lists( + unique int id: @variant_list +); + +#keyset[id, index] +variant_list_variants( + int id: @variant_list ref, + int index: int ref, + int variant: @variant ref +); + +visibilities( + unique int id: @visibility +); + +#keyset[id] +visibility_paths( + int id: @visibility ref, + int path: @path ref +); + +where_clauses( + unique int id: @where_clause +); + +#keyset[id, index] +where_clause_predicates( + int id: @where_clause ref, + int index: int ref, + int predicate: @where_pred ref +); + +where_preds( + unique int id: @where_pred +); + +#keyset[id] +where_pred_generic_param_lists( + int id: @where_pred ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +where_pred_lifetimes( + int id: @where_pred ref, + int lifetime: @lifetime ref +); + +#keyset[id] +where_pred_type_reprs( + int id: @where_pred ref, + int type_repr: @type_repr ref +); + +#keyset[id] +where_pred_type_bound_lists( + int id: @where_pred ref, + int type_bound_list: @type_bound_list ref +); + +array_expr_internals( + unique int id: @array_expr_internal +); + +#keyset[id, index] +array_expr_internal_attrs( + int id: @array_expr_internal ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id, index] +array_expr_internal_exprs( + int id: @array_expr_internal ref, + int index: int ref, + int expr: @expr ref +); + +#keyset[id] +array_expr_internal_is_semicolon( + int id: @array_expr_internal ref +); + +array_type_reprs( + unique int id: @array_type_repr +); + +#keyset[id] +array_type_repr_const_args( + int id: @array_type_repr ref, + int const_arg: @const_arg ref +); + +#keyset[id] +array_type_repr_element_type_reprs( + int id: @array_type_repr ref, + int element_type_repr: @type_repr ref +); + +asm_clobber_abis( + unique int id: @asm_clobber_abi +); + +asm_consts( + unique int id: @asm_const +); + +#keyset[id] +asm_const_exprs( + int id: @asm_const ref, + int expr: @expr ref +); + +#keyset[id] +asm_const_is_const( + int id: @asm_const ref +); + +asm_exprs( + unique int id: @asm_expr +); + +#keyset[id, index] +asm_expr_asm_pieces( + int id: @asm_expr ref, + int index: int ref, + int asm_piece: @asm_piece ref +); + +#keyset[id, index] +asm_expr_attrs( + int id: @asm_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id, index] +asm_expr_templates( + int id: @asm_expr ref, + int index: int ref, + int template: @expr ref +); + +asm_labels( + unique int id: @asm_label +); + +#keyset[id] +asm_label_block_exprs( + int id: @asm_label ref, + int block_expr: @block_expr ref +); + +asm_operand_nameds( + unique int id: @asm_operand_named +); + +#keyset[id] +asm_operand_named_asm_operands( + int id: @asm_operand_named ref, + int asm_operand: @asm_operand ref +); + +#keyset[id] +asm_operand_named_names( + int id: @asm_operand_named ref, + int name: @name ref +); + +asm_options_lists( + unique int id: @asm_options_list +); + +#keyset[id, index] +asm_options_list_asm_options( + int id: @asm_options_list ref, + int index: int ref, + int asm_option: @asm_option ref +); + +asm_reg_operands( + unique int id: @asm_reg_operand +); + +#keyset[id] +asm_reg_operand_asm_dir_specs( + int id: @asm_reg_operand ref, + int asm_dir_spec: @asm_dir_spec ref +); + +#keyset[id] +asm_reg_operand_asm_operand_exprs( + int id: @asm_reg_operand ref, + int asm_operand_expr: @asm_operand_expr ref +); + +#keyset[id] +asm_reg_operand_asm_reg_specs( + int id: @asm_reg_operand ref, + int asm_reg_spec: @asm_reg_spec ref +); + +asm_syms( + unique int id: @asm_sym +); + +#keyset[id] +asm_sym_paths( + int id: @asm_sym ref, + int path: @path ref +); + +assoc_type_args( + unique int id: @assoc_type_arg +); + +#keyset[id] +assoc_type_arg_const_args( + int id: @assoc_type_arg ref, + int const_arg: @const_arg ref +); + +#keyset[id] +assoc_type_arg_generic_arg_lists( + int id: @assoc_type_arg ref, + int generic_arg_list: @generic_arg_list ref +); + +#keyset[id] +assoc_type_arg_identifiers( + int id: @assoc_type_arg ref, + int identifier: @name_ref ref +); + +#keyset[id] +assoc_type_arg_param_lists( + int id: @assoc_type_arg ref, + int param_list: @param_list ref +); + +#keyset[id] +assoc_type_arg_ret_types( + int id: @assoc_type_arg ref, + int ret_type: @ret_type_repr ref +); + +#keyset[id] +assoc_type_arg_return_type_syntaxes( + int id: @assoc_type_arg ref, + int return_type_syntax: @return_type_syntax ref +); + +#keyset[id] +assoc_type_arg_type_reprs( + int id: @assoc_type_arg ref, + int type_repr: @type_repr ref +); + +#keyset[id] +assoc_type_arg_type_bound_lists( + int id: @assoc_type_arg ref, + int type_bound_list: @type_bound_list ref +); + +await_exprs( + unique int id: @await_expr +); + +#keyset[id, index] +await_expr_attrs( + int id: @await_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +await_expr_exprs( + int id: @await_expr ref, + int expr: @expr ref +); + +become_exprs( + unique int id: @become_expr +); + +#keyset[id, index] +become_expr_attrs( + int id: @become_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +become_expr_exprs( + int id: @become_expr ref, + int expr: @expr ref +); + +binary_exprs( + unique int id: @binary_expr +); + +#keyset[id, index] +binary_expr_attrs( + int id: @binary_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +binary_expr_lhs( + int id: @binary_expr ref, + int lhs: @expr ref +); + +#keyset[id] +binary_expr_operator_names( + int id: @binary_expr ref, + string operator_name: string ref +); + +#keyset[id] +binary_expr_rhs( + int id: @binary_expr ref, + int rhs: @expr ref +); + +box_pats( + unique int id: @box_pat +); + +#keyset[id] +box_pat_pats( + int id: @box_pat ref, + int pat: @pat ref +); + +break_exprs( + unique int id: @break_expr +); + +#keyset[id, index] +break_expr_attrs( + int id: @break_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +break_expr_exprs( + int id: @break_expr ref, + int expr: @expr ref +); + +#keyset[id] +break_expr_lifetimes( + int id: @break_expr ref, + int lifetime: @lifetime ref +); + +@call_expr_base = + @call_expr +| @method_call_expr +; + +#keyset[id] +call_expr_base_arg_lists( + int id: @call_expr_base ref, + int arg_list: @arg_list ref +); + +#keyset[id, index] +call_expr_base_attrs( + int id: @call_expr_base ref, + int index: int ref, + int attr: @attr ref +); + +cast_exprs( + unique int id: @cast_expr +); + +#keyset[id, index] +cast_expr_attrs( + int id: @cast_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +cast_expr_exprs( + int id: @cast_expr ref, + int expr: @expr ref +); + +#keyset[id] +cast_expr_type_reprs( + int id: @cast_expr ref, + int type_repr: @type_repr ref +); + +closure_exprs( + unique int id: @closure_expr +); + +#keyset[id] +closure_expr_bodies( + int id: @closure_expr ref, + int body: @expr ref +); + +#keyset[id] +closure_expr_closure_binders( + int id: @closure_expr ref, + int closure_binder: @closure_binder ref +); + +#keyset[id] +closure_expr_is_async( + int id: @closure_expr ref +); + +#keyset[id] +closure_expr_is_const( + int id: @closure_expr ref +); + +#keyset[id] +closure_expr_is_gen( + int id: @closure_expr ref +); + +#keyset[id] +closure_expr_is_move( + int id: @closure_expr ref +); + +#keyset[id] +closure_expr_is_static( + int id: @closure_expr ref +); + +#keyset[id] +closure_expr_ret_types( + int id: @closure_expr ref, + int ret_type: @ret_type_repr ref +); + +comments( + unique int id: @comment, + int parent: @ast_node ref, + string text: string ref +); + +const_args( + unique int id: @const_arg +); + +#keyset[id] +const_arg_exprs( + int id: @const_arg ref, + int expr: @expr ref +); + +const_block_pats( + unique int id: @const_block_pat +); + +#keyset[id] +const_block_pat_block_exprs( + int id: @const_block_pat ref, + int block_expr: @block_expr ref +); + +#keyset[id] +const_block_pat_is_const( + int id: @const_block_pat ref +); + +const_params( + unique int id: @const_param +); + +#keyset[id, index] +const_param_attrs( + int id: @const_param ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +const_param_default_vals( + int id: @const_param ref, + int default_val: @const_arg ref +); + +#keyset[id] +const_param_is_const( + int id: @const_param ref +); + +#keyset[id] +const_param_names( + int id: @const_param ref, + int name: @name ref +); + +#keyset[id] +const_param_type_reprs( + int id: @const_param ref, + int type_repr: @type_repr ref +); + +continue_exprs( + unique int id: @continue_expr +); + +#keyset[id, index] +continue_expr_attrs( + int id: @continue_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +continue_expr_lifetimes( + int id: @continue_expr ref, + int lifetime: @lifetime ref +); + +dyn_trait_type_reprs( + unique int id: @dyn_trait_type_repr +); + +#keyset[id] +dyn_trait_type_repr_type_bound_lists( + int id: @dyn_trait_type_repr ref, + int type_bound_list: @type_bound_list ref +); + +expr_stmts( + unique int id: @expr_stmt +); + +#keyset[id] +expr_stmt_exprs( + int id: @expr_stmt ref, + int expr: @expr ref +); + +field_exprs( + unique int id: @field_expr +); + +#keyset[id, index] +field_expr_attrs( + int id: @field_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +field_expr_containers( + int id: @field_expr ref, + int container: @expr ref +); + +#keyset[id] +field_expr_identifiers( + int id: @field_expr ref, + int identifier: @name_ref ref +); + +fn_ptr_type_reprs( + unique int id: @fn_ptr_type_repr +); + +#keyset[id] +fn_ptr_type_repr_abis( + int id: @fn_ptr_type_repr ref, + int abi: @abi ref +); + +#keyset[id] +fn_ptr_type_repr_is_async( + int id: @fn_ptr_type_repr ref +); + +#keyset[id] +fn_ptr_type_repr_is_const( + int id: @fn_ptr_type_repr ref +); + +#keyset[id] +fn_ptr_type_repr_is_unsafe( + int id: @fn_ptr_type_repr ref +); + +#keyset[id] +fn_ptr_type_repr_param_lists( + int id: @fn_ptr_type_repr ref, + int param_list: @param_list ref +); + +#keyset[id] +fn_ptr_type_repr_ret_types( + int id: @fn_ptr_type_repr ref, + int ret_type: @ret_type_repr ref +); + +for_type_reprs( + unique int id: @for_type_repr +); + +#keyset[id] +for_type_repr_generic_param_lists( + int id: @for_type_repr ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +for_type_repr_type_reprs( + int id: @for_type_repr ref, + int type_repr: @type_repr ref +); + +format_args_exprs( + unique int id: @format_args_expr +); + +#keyset[id, index] +format_args_expr_args( + int id: @format_args_expr ref, + int index: int ref, + int arg: @format_args_arg ref +); + +#keyset[id, index] +format_args_expr_attrs( + int id: @format_args_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +format_args_expr_templates( + int id: @format_args_expr ref, + int template: @expr ref +); + +ident_pats( + unique int id: @ident_pat +); + +#keyset[id, index] +ident_pat_attrs( + int id: @ident_pat ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +ident_pat_is_mut( + int id: @ident_pat ref +); + +#keyset[id] +ident_pat_is_ref( + int id: @ident_pat ref +); + +#keyset[id] +ident_pat_names( + int id: @ident_pat ref, + int name: @name ref +); + +#keyset[id] +ident_pat_pats( + int id: @ident_pat ref, + int pat: @pat ref +); + +if_exprs( + unique int id: @if_expr +); + +#keyset[id, index] +if_expr_attrs( + int id: @if_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +if_expr_conditions( + int id: @if_expr ref, + int condition: @expr ref +); + +#keyset[id] +if_expr_elses( + int id: @if_expr ref, + int else: @expr ref +); + +#keyset[id] +if_expr_thens( + int id: @if_expr ref, + int then: @block_expr ref +); + +impl_trait_type_reprs( + unique int id: @impl_trait_type_repr +); + +#keyset[id] +impl_trait_type_repr_type_bound_lists( + int id: @impl_trait_type_repr ref, + int type_bound_list: @type_bound_list ref +); + +index_exprs( + unique int id: @index_expr +); + +#keyset[id, index] +index_expr_attrs( + int id: @index_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +index_expr_bases( + int id: @index_expr ref, + int base: @expr ref +); + +#keyset[id] +index_expr_indices( + int id: @index_expr ref, + int index: @expr ref +); + +infer_type_reprs( + unique int id: @infer_type_repr +); + +@item = + @adt +| @const +| @extern_block +| @extern_crate +| @function +| @impl +| @macro_call +| @macro_def +| @macro_rules +| @module +| @static +| @trait +| @trait_alias +| @type_alias +| @use +; + +#keyset[id] +item_attribute_macro_expansions( + int id: @item ref, + int attribute_macro_expansion: @macro_items ref +); + +@labelable_expr = + @block_expr +| @looping_expr +; + +#keyset[id] +labelable_expr_labels( + int id: @labelable_expr ref, + int label: @label ref +); + +let_exprs( + unique int id: @let_expr +); + +#keyset[id, index] +let_expr_attrs( + int id: @let_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +let_expr_scrutinees( + int id: @let_expr ref, + int scrutinee: @expr ref +); + +#keyset[id] +let_expr_pats( + int id: @let_expr ref, + int pat: @pat ref +); + +let_stmts( + unique int id: @let_stmt +); + +#keyset[id, index] +let_stmt_attrs( + int id: @let_stmt ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +let_stmt_initializers( + int id: @let_stmt ref, + int initializer: @expr ref +); + +#keyset[id] +let_stmt_let_elses( + int id: @let_stmt ref, + int let_else: @let_else ref +); + +#keyset[id] +let_stmt_pats( + int id: @let_stmt ref, + int pat: @pat ref +); + +#keyset[id] +let_stmt_type_reprs( + int id: @let_stmt ref, + int type_repr: @type_repr ref +); + +lifetimes( + unique int id: @lifetime +); + +#keyset[id] +lifetime_texts( + int id: @lifetime ref, + string text: string ref +); + +lifetime_args( + unique int id: @lifetime_arg +); + +#keyset[id] +lifetime_arg_lifetimes( + int id: @lifetime_arg ref, + int lifetime: @lifetime ref +); + +lifetime_params( + unique int id: @lifetime_param +); + +#keyset[id, index] +lifetime_param_attrs( + int id: @lifetime_param ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +lifetime_param_lifetimes( + int id: @lifetime_param ref, + int lifetime: @lifetime ref +); + +#keyset[id] +lifetime_param_type_bound_lists( + int id: @lifetime_param ref, + int type_bound_list: @type_bound_list ref +); + +literal_exprs( + unique int id: @literal_expr +); + +#keyset[id, index] +literal_expr_attrs( + int id: @literal_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +literal_expr_text_values( + int id: @literal_expr ref, + string text_value: string ref +); + +literal_pats( + unique int id: @literal_pat +); + +#keyset[id] +literal_pat_literals( + int id: @literal_pat ref, + int literal: @literal_expr ref +); + +macro_block_exprs( + unique int id: @macro_block_expr +); + +#keyset[id] +macro_block_expr_tail_exprs( + int id: @macro_block_expr ref, + int tail_expr: @expr ref +); + +#keyset[id, index] +macro_block_expr_statements( + int id: @macro_block_expr ref, + int index: int ref, + int statement: @stmt ref +); + +macro_exprs( + unique int id: @macro_expr +); + +#keyset[id] +macro_expr_macro_calls( + int id: @macro_expr ref, + int macro_call: @macro_call ref +); + +macro_pats( + unique int id: @macro_pat +); + +#keyset[id] +macro_pat_macro_calls( + int id: @macro_pat ref, + int macro_call: @macro_call ref +); + +macro_type_reprs( + unique int id: @macro_type_repr +); + +#keyset[id] +macro_type_repr_macro_calls( + int id: @macro_type_repr ref, + int macro_call: @macro_call ref +); + +match_exprs( + unique int id: @match_expr +); + +#keyset[id, index] +match_expr_attrs( + int id: @match_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +match_expr_scrutinees( + int id: @match_expr ref, + int scrutinee: @expr ref +); + +#keyset[id] +match_expr_match_arm_lists( + int id: @match_expr ref, + int match_arm_list: @match_arm_list ref +); + +name_refs( + unique int id: @name_ref +); + +#keyset[id] +name_ref_texts( + int id: @name_ref ref, + string text: string ref +); + +never_type_reprs( + unique int id: @never_type_repr +); + +offset_of_exprs( + unique int id: @offset_of_expr +); + +#keyset[id, index] +offset_of_expr_attrs( + int id: @offset_of_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id, index] +offset_of_expr_fields( + int id: @offset_of_expr ref, + int index: int ref, + int field: @name_ref ref +); + +#keyset[id] +offset_of_expr_type_reprs( + int id: @offset_of_expr ref, + int type_repr: @type_repr ref +); + +or_pats( + unique int id: @or_pat +); + +#keyset[id, index] +or_pat_pats( + int id: @or_pat ref, + int index: int ref, + int pat: @pat ref +); + +params( + unique int id: @param +); + +#keyset[id] +param_pats( + int id: @param ref, + int pat: @pat ref +); + +paren_exprs( + unique int id: @paren_expr +); + +#keyset[id, index] +paren_expr_attrs( + int id: @paren_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +paren_expr_exprs( + int id: @paren_expr ref, + int expr: @expr ref +); + +paren_pats( + unique int id: @paren_pat +); + +#keyset[id] +paren_pat_pats( + int id: @paren_pat ref, + int pat: @pat ref +); + +paren_type_reprs( + unique int id: @paren_type_repr +); + +#keyset[id] +paren_type_repr_type_reprs( + int id: @paren_type_repr ref, + int type_repr: @type_repr ref +); + +@path_ast_node = + @path_expr +| @path_pat +| @struct_expr +| @struct_pat +| @tuple_struct_pat +; + +#keyset[id] +path_ast_node_paths( + int id: @path_ast_node ref, + int path: @path ref +); + +@path_expr_base = + @path_expr +; + +path_type_reprs( + unique int id: @path_type_repr +); + +#keyset[id] +path_type_repr_paths( + int id: @path_type_repr ref, + int path: @path ref +); + +prefix_exprs( + unique int id: @prefix_expr +); + +#keyset[id, index] +prefix_expr_attrs( + int id: @prefix_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +prefix_expr_exprs( + int id: @prefix_expr ref, + int expr: @expr ref +); + +#keyset[id] +prefix_expr_operator_names( + int id: @prefix_expr ref, + string operator_name: string ref +); + +ptr_type_reprs( + unique int id: @ptr_type_repr +); + +#keyset[id] +ptr_type_repr_is_const( + int id: @ptr_type_repr ref +); + +#keyset[id] +ptr_type_repr_is_mut( + int id: @ptr_type_repr ref +); + +#keyset[id] +ptr_type_repr_type_reprs( + int id: @ptr_type_repr ref, + int type_repr: @type_repr ref +); + +range_exprs( + unique int id: @range_expr +); + +#keyset[id, index] +range_expr_attrs( + int id: @range_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +range_expr_ends( + int id: @range_expr ref, + int end: @expr ref +); + +#keyset[id] +range_expr_operator_names( + int id: @range_expr ref, + string operator_name: string ref +); + +#keyset[id] +range_expr_starts( + int id: @range_expr ref, + int start: @expr ref +); + +range_pats( + unique int id: @range_pat +); + +#keyset[id] +range_pat_ends( + int id: @range_pat ref, + int end: @pat ref +); + +#keyset[id] +range_pat_operator_names( + int id: @range_pat ref, + string operator_name: string ref +); + +#keyset[id] +range_pat_starts( + int id: @range_pat ref, + int start: @pat ref +); + +ref_exprs( + unique int id: @ref_expr +); + +#keyset[id, index] +ref_expr_attrs( + int id: @ref_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +ref_expr_exprs( + int id: @ref_expr ref, + int expr: @expr ref +); + +#keyset[id] +ref_expr_is_const( + int id: @ref_expr ref +); + +#keyset[id] +ref_expr_is_mut( + int id: @ref_expr ref +); + +#keyset[id] +ref_expr_is_raw( + int id: @ref_expr ref +); + +ref_pats( + unique int id: @ref_pat +); + +#keyset[id] +ref_pat_is_mut( + int id: @ref_pat ref +); + +#keyset[id] +ref_pat_pats( + int id: @ref_pat ref, + int pat: @pat ref +); + +ref_type_reprs( + unique int id: @ref_type_repr +); + +#keyset[id] +ref_type_repr_is_mut( + int id: @ref_type_repr ref +); + +#keyset[id] +ref_type_repr_lifetimes( + int id: @ref_type_repr ref, + int lifetime: @lifetime ref +); + +#keyset[id] +ref_type_repr_type_reprs( + int id: @ref_type_repr ref, + int type_repr: @type_repr ref +); + +rest_pats( + unique int id: @rest_pat +); + +#keyset[id, index] +rest_pat_attrs( + int id: @rest_pat ref, + int index: int ref, + int attr: @attr ref +); + +return_exprs( + unique int id: @return_expr +); + +#keyset[id, index] +return_expr_attrs( + int id: @return_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +return_expr_exprs( + int id: @return_expr ref, + int expr: @expr ref +); + +self_params( + unique int id: @self_param +); + +#keyset[id] +self_param_is_ref( + int id: @self_param ref +); + +#keyset[id] +self_param_is_mut( + int id: @self_param ref +); + +#keyset[id] +self_param_lifetimes( + int id: @self_param ref, + int lifetime: @lifetime ref +); + +#keyset[id] +self_param_names( + int id: @self_param ref, + int name: @name ref +); + +slice_pats( + unique int id: @slice_pat +); + +#keyset[id, index] +slice_pat_pats( + int id: @slice_pat ref, + int index: int ref, + int pat: @pat ref +); + +slice_type_reprs( + unique int id: @slice_type_repr +); + +#keyset[id] +slice_type_repr_type_reprs( + int id: @slice_type_repr ref, + int type_repr: @type_repr ref +); + +struct_field_lists( + unique int id: @struct_field_list +); + +#keyset[id, index] +struct_field_list_fields( + int id: @struct_field_list ref, + int index: int ref, + int field: @struct_field ref +); + +try_exprs( + unique int id: @try_expr +); + +#keyset[id, index] +try_expr_attrs( + int id: @try_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +try_expr_exprs( + int id: @try_expr ref, + int expr: @expr ref +); + +tuple_exprs( + unique int id: @tuple_expr +); + +#keyset[id, index] +tuple_expr_attrs( + int id: @tuple_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id, index] +tuple_expr_fields( + int id: @tuple_expr ref, + int index: int ref, + int field: @expr ref +); + +tuple_field_lists( + unique int id: @tuple_field_list +); + +#keyset[id, index] +tuple_field_list_fields( + int id: @tuple_field_list ref, + int index: int ref, + int field: @tuple_field ref +); + +tuple_pats( + unique int id: @tuple_pat +); + +#keyset[id, index] +tuple_pat_fields( + int id: @tuple_pat ref, + int index: int ref, + int field: @pat ref +); + +tuple_type_reprs( + unique int id: @tuple_type_repr +); + +#keyset[id, index] +tuple_type_repr_fields( + int id: @tuple_type_repr ref, + int index: int ref, + int field: @type_repr ref +); + +type_args( + unique int id: @type_arg +); + +#keyset[id] +type_arg_type_reprs( + int id: @type_arg ref, + int type_repr: @type_repr ref +); + +type_params( + unique int id: @type_param +); + +#keyset[id, index] +type_param_attrs( + int id: @type_param ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +type_param_default_types( + int id: @type_param ref, + int default_type: @type_repr ref +); + +#keyset[id] +type_param_names( + int id: @type_param ref, + int name: @name ref +); + +#keyset[id] +type_param_type_bound_lists( + int id: @type_param ref, + int type_bound_list: @type_bound_list ref +); + +underscore_exprs( + unique int id: @underscore_expr +); + +#keyset[id, index] +underscore_expr_attrs( + int id: @underscore_expr ref, + int index: int ref, + int attr: @attr ref +); + +variants( + unique int id: @variant +); + +#keyset[id, index] +variant_attrs( + int id: @variant ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +variant_discriminants( + int id: @variant ref, + int discriminant: @expr ref +); + +#keyset[id] +variant_field_lists( + int id: @variant ref, + int field_list: @field_list ref +); + +#keyset[id] +variant_names( + int id: @variant ref, + int name: @name ref +); + +#keyset[id] +variant_visibilities( + int id: @variant ref, + int visibility: @visibility ref +); + +wildcard_pats( + unique int id: @wildcard_pat +); + +yeet_exprs( + unique int id: @yeet_expr +); + +#keyset[id, index] +yeet_expr_attrs( + int id: @yeet_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +yeet_expr_exprs( + int id: @yeet_expr ref, + int expr: @expr ref +); + +yield_exprs( + unique int id: @yield_expr +); + +#keyset[id, index] +yield_expr_attrs( + int id: @yield_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +yield_expr_exprs( + int id: @yield_expr ref, + int expr: @expr ref +); + +@adt = + @enum +| @struct +| @union +; + +#keyset[id, index] +adt_derive_macro_expansions( + int id: @adt ref, + int index: int ref, + int derive_macro_expansion: @macro_items ref +); + +block_exprs( + unique int id: @block_expr +); + +#keyset[id, index] +block_expr_attrs( + int id: @block_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +block_expr_is_async( + int id: @block_expr ref +); + +#keyset[id] +block_expr_is_const( + int id: @block_expr ref +); + +#keyset[id] +block_expr_is_gen( + int id: @block_expr ref +); + +#keyset[id] +block_expr_is_move( + int id: @block_expr ref +); + +#keyset[id] +block_expr_is_try( + int id: @block_expr ref +); + +#keyset[id] +block_expr_is_unsafe( + int id: @block_expr ref +); + +#keyset[id] +block_expr_stmt_lists( + int id: @block_expr ref, + int stmt_list: @stmt_list ref +); + +call_exprs( + unique int id: @call_expr +); + +#keyset[id] +call_expr_functions( + int id: @call_expr ref, + int function: @expr ref +); + +consts( + unique int id: @const +); + +#keyset[id, index] +const_attrs( + int id: @const ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +const_bodies( + int id: @const ref, + int body: @expr ref +); + +#keyset[id] +const_generic_param_lists( + int id: @const ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +const_is_const( + int id: @const ref +); + +#keyset[id] +const_is_default( + int id: @const ref +); + +#keyset[id] +const_names( + int id: @const ref, + int name: @name ref +); + +#keyset[id] +const_type_reprs( + int id: @const ref, + int type_repr: @type_repr ref +); + +#keyset[id] +const_visibilities( + int id: @const ref, + int visibility: @visibility ref +); + +#keyset[id] +const_where_clauses( + int id: @const ref, + int where_clause: @where_clause ref +); + +#keyset[id] +const_has_implementation( + int id: @const ref +); + +extern_blocks( + unique int id: @extern_block +); + +#keyset[id] +extern_block_abis( + int id: @extern_block ref, + int abi: @abi ref +); + +#keyset[id, index] +extern_block_attrs( + int id: @extern_block ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +extern_block_extern_item_lists( + int id: @extern_block ref, + int extern_item_list: @extern_item_list ref +); + +#keyset[id] +extern_block_is_unsafe( + int id: @extern_block ref +); + +extern_crates( + unique int id: @extern_crate +); + +#keyset[id, index] +extern_crate_attrs( + int id: @extern_crate ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +extern_crate_identifiers( + int id: @extern_crate ref, + int identifier: @name_ref ref +); + +#keyset[id] +extern_crate_renames( + int id: @extern_crate ref, + int rename: @rename ref +); + +#keyset[id] +extern_crate_visibilities( + int id: @extern_crate ref, + int visibility: @visibility ref +); + +functions( + unique int id: @function +); + +#keyset[id] +function_abis( + int id: @function ref, + int abi: @abi ref +); + +#keyset[id] +function_bodies( + int id: @function ref, + int body: @block_expr ref +); + +#keyset[id] +function_generic_param_lists( + int id: @function ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +function_is_async( + int id: @function ref +); + +#keyset[id] +function_is_const( + int id: @function ref +); + +#keyset[id] +function_is_default( + int id: @function ref +); + +#keyset[id] +function_is_gen( + int id: @function ref +); + +#keyset[id] +function_is_unsafe( + int id: @function ref +); + +#keyset[id] +function_names( + int id: @function ref, + int name: @name ref +); + +#keyset[id] +function_ret_types( + int id: @function ref, + int ret_type: @ret_type_repr ref +); + +#keyset[id] +function_visibilities( + int id: @function ref, + int visibility: @visibility ref +); + +#keyset[id] +function_where_clauses( + int id: @function ref, + int where_clause: @where_clause ref +); + +#keyset[id] +function_has_implementation( + int id: @function ref +); + +impls( + unique int id: @impl +); + +#keyset[id] +impl_assoc_item_lists( + int id: @impl ref, + int assoc_item_list: @assoc_item_list ref +); + +#keyset[id, index] +impl_attrs( + int id: @impl ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +impl_generic_param_lists( + int id: @impl ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +impl_is_const( + int id: @impl ref +); + +#keyset[id] +impl_is_default( + int id: @impl ref +); + +#keyset[id] +impl_is_unsafe( + int id: @impl ref +); + +#keyset[id] +impl_self_ties( + int id: @impl ref, + int self_ty: @type_repr ref +); + +#keyset[id] +impl_traits( + int id: @impl ref, + int trait: @type_repr ref +); + +#keyset[id] +impl_visibilities( + int id: @impl ref, + int visibility: @visibility ref +); + +#keyset[id] +impl_where_clauses( + int id: @impl ref, + int where_clause: @where_clause ref +); + +@looping_expr = + @for_expr +| @loop_expr +| @while_expr +; + +#keyset[id] +looping_expr_loop_bodies( + int id: @looping_expr ref, + int loop_body: @block_expr ref +); + +macro_calls( + unique int id: @macro_call +); + +#keyset[id, index] +macro_call_attrs( + int id: @macro_call ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +macro_call_paths( + int id: @macro_call ref, + int path: @path ref +); + +#keyset[id] +macro_call_token_trees( + int id: @macro_call ref, + int token_tree: @token_tree ref +); + +#keyset[id] +macro_call_macro_call_expansions( + int id: @macro_call ref, + int macro_call_expansion: @ast_node ref +); + +macro_defs( + unique int id: @macro_def +); + +#keyset[id] +macro_def_args( + int id: @macro_def ref, + int args: @token_tree ref +); + +#keyset[id, index] +macro_def_attrs( + int id: @macro_def ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +macro_def_bodies( + int id: @macro_def ref, + int body: @token_tree ref +); + +#keyset[id] +macro_def_names( + int id: @macro_def ref, + int name: @name ref +); + +#keyset[id] +macro_def_visibilities( + int id: @macro_def ref, + int visibility: @visibility ref +); + +macro_rules( + unique int id: @macro_rules +); + +#keyset[id, index] +macro_rules_attrs( + int id: @macro_rules ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +macro_rules_names( + int id: @macro_rules ref, + int name: @name ref +); + +#keyset[id] +macro_rules_token_trees( + int id: @macro_rules ref, + int token_tree: @token_tree ref +); + +#keyset[id] +macro_rules_visibilities( + int id: @macro_rules ref, + int visibility: @visibility ref +); + +method_call_exprs( + unique int id: @method_call_expr +); + +#keyset[id] +method_call_expr_generic_arg_lists( + int id: @method_call_expr ref, + int generic_arg_list: @generic_arg_list ref +); + +#keyset[id] +method_call_expr_identifiers( + int id: @method_call_expr ref, + int identifier: @name_ref ref +); + +#keyset[id] +method_call_expr_receivers( + int id: @method_call_expr ref, + int receiver: @expr ref +); + +modules( + unique int id: @module +); + +#keyset[id, index] +module_attrs( + int id: @module ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +module_item_lists( + int id: @module ref, + int item_list: @item_list ref +); + +#keyset[id] +module_names( + int id: @module ref, + int name: @name ref +); + +#keyset[id] +module_visibilities( + int id: @module ref, + int visibility: @visibility ref +); + +path_exprs( + unique int id: @path_expr +); + +#keyset[id, index] +path_expr_attrs( + int id: @path_expr ref, + int index: int ref, + int attr: @attr ref +); + +path_pats( + unique int id: @path_pat +); + +statics( + unique int id: @static +); + +#keyset[id, index] +static_attrs( + int id: @static ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +static_bodies( + int id: @static ref, + int body: @expr ref +); + +#keyset[id] +static_is_mut( + int id: @static ref +); + +#keyset[id] +static_is_static( + int id: @static ref +); + +#keyset[id] +static_is_unsafe( + int id: @static ref +); + +#keyset[id] +static_names( + int id: @static ref, + int name: @name ref +); + +#keyset[id] +static_type_reprs( + int id: @static ref, + int type_repr: @type_repr ref +); + +#keyset[id] +static_visibilities( + int id: @static ref, + int visibility: @visibility ref +); + +struct_exprs( + unique int id: @struct_expr +); + +#keyset[id] +struct_expr_struct_expr_field_lists( + int id: @struct_expr ref, + int struct_expr_field_list: @struct_expr_field_list ref +); + +struct_pats( + unique int id: @struct_pat +); + +#keyset[id] +struct_pat_struct_pat_field_lists( + int id: @struct_pat ref, + int struct_pat_field_list: @struct_pat_field_list ref +); + +traits( + unique int id: @trait +); + +#keyset[id] +trait_assoc_item_lists( + int id: @trait ref, + int assoc_item_list: @assoc_item_list ref +); + +#keyset[id, index] +trait_attrs( + int id: @trait ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +trait_generic_param_lists( + int id: @trait ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +trait_is_auto( + int id: @trait ref +); + +#keyset[id] +trait_is_unsafe( + int id: @trait ref +); + +#keyset[id] +trait_names( + int id: @trait ref, + int name: @name ref +); + +#keyset[id] +trait_type_bound_lists( + int id: @trait ref, + int type_bound_list: @type_bound_list ref +); + +#keyset[id] +trait_visibilities( + int id: @trait ref, + int visibility: @visibility ref +); + +#keyset[id] +trait_where_clauses( + int id: @trait ref, + int where_clause: @where_clause ref +); + +trait_aliases( + unique int id: @trait_alias +); + +#keyset[id, index] +trait_alias_attrs( + int id: @trait_alias ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +trait_alias_generic_param_lists( + int id: @trait_alias ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +trait_alias_names( + int id: @trait_alias ref, + int name: @name ref +); + +#keyset[id] +trait_alias_type_bound_lists( + int id: @trait_alias ref, + int type_bound_list: @type_bound_list ref +); + +#keyset[id] +trait_alias_visibilities( + int id: @trait_alias ref, + int visibility: @visibility ref +); + +#keyset[id] +trait_alias_where_clauses( + int id: @trait_alias ref, + int where_clause: @where_clause ref +); + +tuple_struct_pats( + unique int id: @tuple_struct_pat +); + +#keyset[id, index] +tuple_struct_pat_fields( + int id: @tuple_struct_pat ref, + int index: int ref, + int field: @pat ref +); + +type_aliases( + unique int id: @type_alias +); + +#keyset[id, index] +type_alias_attrs( + int id: @type_alias ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +type_alias_generic_param_lists( + int id: @type_alias ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +type_alias_is_default( + int id: @type_alias ref +); + +#keyset[id] +type_alias_names( + int id: @type_alias ref, + int name: @name ref +); + +#keyset[id] +type_alias_type_reprs( + int id: @type_alias ref, + int type_repr: @type_repr ref +); + +#keyset[id] +type_alias_type_bound_lists( + int id: @type_alias ref, + int type_bound_list: @type_bound_list ref +); + +#keyset[id] +type_alias_visibilities( + int id: @type_alias ref, + int visibility: @visibility ref +); + +#keyset[id] +type_alias_where_clauses( + int id: @type_alias ref, + int where_clause: @where_clause ref +); + +uses( + unique int id: @use +); + +#keyset[id, index] +use_attrs( + int id: @use ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +use_use_trees( + int id: @use ref, + int use_tree: @use_tree ref +); + +#keyset[id] +use_visibilities( + int id: @use ref, + int visibility: @visibility ref +); + +enums( + unique int id: @enum +); + +#keyset[id, index] +enum_attrs( + int id: @enum ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +enum_generic_param_lists( + int id: @enum ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +enum_names( + int id: @enum ref, + int name: @name ref +); + +#keyset[id] +enum_variant_lists( + int id: @enum ref, + int variant_list: @variant_list ref +); + +#keyset[id] +enum_visibilities( + int id: @enum ref, + int visibility: @visibility ref +); + +#keyset[id] +enum_where_clauses( + int id: @enum ref, + int where_clause: @where_clause ref +); + +for_exprs( + unique int id: @for_expr +); + +#keyset[id, index] +for_expr_attrs( + int id: @for_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +for_expr_iterables( + int id: @for_expr ref, + int iterable: @expr ref +); + +#keyset[id] +for_expr_pats( + int id: @for_expr ref, + int pat: @pat ref +); + +loop_exprs( + unique int id: @loop_expr +); + +#keyset[id, index] +loop_expr_attrs( + int id: @loop_expr ref, + int index: int ref, + int attr: @attr ref +); + +structs( + unique int id: @struct +); + +#keyset[id, index] +struct_attrs( + int id: @struct ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +struct_field_lists_( + int id: @struct ref, + int field_list: @field_list ref +); + +#keyset[id] +struct_generic_param_lists( + int id: @struct ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +struct_names( + int id: @struct ref, + int name: @name ref +); + +#keyset[id] +struct_visibilities( + int id: @struct ref, + int visibility: @visibility ref +); + +#keyset[id] +struct_where_clauses( + int id: @struct ref, + int where_clause: @where_clause ref +); + +unions( + unique int id: @union +); + +#keyset[id, index] +union_attrs( + int id: @union ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +union_generic_param_lists( + int id: @union ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +union_names( + int id: @union ref, + int name: @name ref +); + +#keyset[id] +union_struct_field_lists( + int id: @union ref, + int struct_field_list: @struct_field_list ref +); + +#keyset[id] +union_visibilities( + int id: @union ref, + int visibility: @visibility ref +); + +#keyset[id] +union_where_clauses( + int id: @union ref, + int where_clause: @where_clause ref +); + +while_exprs( + unique int id: @while_expr +); + +#keyset[id, index] +while_expr_attrs( + int id: @while_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +while_expr_conditions( + int id: @while_expr ref, + int condition: @expr ref +); diff --git a/rust/downgrades/f72a3d8d021c81c67ba046c6af15c61a79cb8163/upgrade.properties b/rust/downgrades/f72a3d8d021c81c67ba046c6af15c61a79cb8163/upgrade.properties new file mode 100644 index 00000000000..1d437ec8ac6 --- /dev/null +++ b/rust/downgrades/f72a3d8d021c81c67ba046c6af15c61a79cb8163/upgrade.properties @@ -0,0 +1,3 @@ +description: Add databaseMetadata relation +compatibility: full +databaseMetadata.rel: delete diff --git a/rust/ql/lib/rust.dbscheme b/rust/ql/lib/rust.dbscheme index e3b3765116e..f72a3d8d021 100644 --- a/rust/ql/lib/rust.dbscheme +++ b/rust/ql/lib/rust.dbscheme @@ -108,6 +108,12 @@ yaml_locations(unique int locatable: @yaml_locatable ref, @yaml_locatable = @yaml_node | @yaml_error; +/*- Database metadata -*/ +databaseMetadata( + string metadataKey: string ref, + string value: string ref +); + // from prefix.dbscheme #keyset[id] diff --git a/rust/ql/lib/upgrades/e3b3765116ecb8d796979f0b4787926cb8d691b5/old.dbscheme b/rust/ql/lib/upgrades/e3b3765116ecb8d796979f0b4787926cb8d691b5/old.dbscheme new file mode 100644 index 00000000000..e3b3765116e --- /dev/null +++ b/rust/ql/lib/upgrades/e3b3765116ecb8d796979f0b4787926cb8d691b5/old.dbscheme @@ -0,0 +1,3632 @@ +// generated by codegen, do not edit + +// from ../shared/tree-sitter-extractor/src/generator/prefix.dbscheme +/*- Files and folders -*/ + +/** + * The location of an element. + * The location spans column `startcolumn` of line `startline` to + * column `endcolumn` of line `endline` in file `file`. + * For more information, see + * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). + */ +locations_default( + unique int id: @location_default, + int file: @file ref, + int beginLine: int ref, + int beginColumn: int ref, + int endLine: int ref, + int endColumn: int ref +); + +files( + unique int id: @file, + string name: string ref +); + +folders( + unique int id: @folder, + string name: string ref +); + +@container = @file | @folder + +containerparent( + int parent: @container ref, + unique int child: @container ref +); + +/*- Empty location -*/ + +empty_location( + int location: @location_default ref +); + +/*- Source location prefix -*/ + +/** + * The source location of the snapshot. + */ +sourceLocationPrefix(string prefix : string ref); + +/*- Diagnostic messages -*/ + +diagnostics( + unique int id: @diagnostic, + int severity: int ref, + string error_tag: string ref, + string error_message: string ref, + string full_error_message: string ref, + int location: @location_default ref +); + +/*- Diagnostic messages: severity -*/ + +case @diagnostic.severity of + 10 = @diagnostic_debug +| 20 = @diagnostic_info +| 30 = @diagnostic_warning +| 40 = @diagnostic_error +; + +/*- YAML -*/ + +#keyset[parent, idx] +yaml (unique int id: @yaml_node, + int kind: int ref, + int parent: @yaml_node_parent ref, + int idx: int ref, + string tag: string ref, + string tostring: string ref); + +case @yaml_node.kind of + 0 = @yaml_scalar_node +| 1 = @yaml_mapping_node +| 2 = @yaml_sequence_node +| 3 = @yaml_alias_node +; + +@yaml_collection_node = @yaml_mapping_node | @yaml_sequence_node; + +@yaml_node_parent = @yaml_collection_node | @file; + +yaml_anchors (unique int node: @yaml_node ref, + string anchor: string ref); + +yaml_aliases (unique int alias: @yaml_alias_node ref, + string target: string ref); + +yaml_scalars (unique int scalar: @yaml_scalar_node ref, + int style: int ref, + string value: string ref); + +yaml_errors (unique int id: @yaml_error, + string message: string ref); + +yaml_locations(unique int locatable: @yaml_locatable ref, + int location: @location_default ref); + +@yaml_locatable = @yaml_node | @yaml_error; + + +// from prefix.dbscheme +#keyset[id] +locatable_locations( + int id: @locatable ref, + int location: @location_default ref +); + + +// from schema + +@element = + @extractor_step +| @locatable +| @named_crate +| @unextracted +; + +extractor_steps( + unique int id: @extractor_step, + string action: string ref, + int duration_ms: int ref +); + +#keyset[id] +extractor_step_files( + int id: @extractor_step ref, + int file: @file ref +); + +@locatable = + @ast_node +| @crate +; + +named_crates( + unique int id: @named_crate, + string name: string ref, + int crate: @crate ref +); + +@unextracted = + @missing +| @unimplemented +; + +@ast_node = + @abi +| @addressable +| @arg_list +| @asm_dir_spec +| @asm_operand +| @asm_operand_expr +| @asm_option +| @asm_piece +| @asm_reg_spec +| @assoc_item +| @assoc_item_list +| @attr +| @callable +| @closure_binder +| @expr +| @extern_item +| @extern_item_list +| @field_list +| @format_args_arg +| @generic_arg +| @generic_arg_list +| @generic_param +| @generic_param_list +| @item_list +| @label +| @let_else +| @macro_items +| @match_arm +| @match_arm_list +| @match_guard +| @meta +| @name +| @param_base +| @param_list +| @parenthesized_arg_list +| @pat +| @path +| @path_segment +| @rename +| @resolvable +| @ret_type_repr +| @return_type_syntax +| @source_file +| @stmt +| @stmt_list +| @struct_expr_field +| @struct_expr_field_list +| @struct_field +| @struct_pat_field +| @struct_pat_field_list +| @token +| @token_tree +| @tuple_field +| @type_bound +| @type_bound_list +| @type_repr +| @use_bound_generic_arg +| @use_bound_generic_args +| @use_tree +| @use_tree_list +| @variant_list +| @visibility +| @where_clause +| @where_pred +; + +crates( + unique int id: @crate +); + +#keyset[id] +crate_names( + int id: @crate ref, + string name: string ref +); + +#keyset[id] +crate_versions( + int id: @crate ref, + string version: string ref +); + +#keyset[id, index] +crate_cfg_options( + int id: @crate ref, + int index: int ref, + string cfg_option: string ref +); + +#keyset[id, index] +crate_named_dependencies( + int id: @crate ref, + int index: int ref, + int named_dependency: @named_crate ref +); + +missings( + unique int id: @missing +); + +unimplementeds( + unique int id: @unimplemented +); + +abis( + unique int id: @abi +); + +#keyset[id] +abi_abi_strings( + int id: @abi ref, + string abi_string: string ref +); + +@addressable = + @item +| @variant +; + +#keyset[id] +addressable_extended_canonical_paths( + int id: @addressable ref, + string extended_canonical_path: string ref +); + +#keyset[id] +addressable_crate_origins( + int id: @addressable ref, + string crate_origin: string ref +); + +arg_lists( + unique int id: @arg_list +); + +#keyset[id, index] +arg_list_args( + int id: @arg_list ref, + int index: int ref, + int arg: @expr ref +); + +asm_dir_specs( + unique int id: @asm_dir_spec +); + +@asm_operand = + @asm_const +| @asm_label +| @asm_reg_operand +| @asm_sym +; + +asm_operand_exprs( + unique int id: @asm_operand_expr +); + +#keyset[id] +asm_operand_expr_in_exprs( + int id: @asm_operand_expr ref, + int in_expr: @expr ref +); + +#keyset[id] +asm_operand_expr_out_exprs( + int id: @asm_operand_expr ref, + int out_expr: @expr ref +); + +asm_options( + unique int id: @asm_option +); + +#keyset[id] +asm_option_is_raw( + int id: @asm_option ref +); + +@asm_piece = + @asm_clobber_abi +| @asm_operand_named +| @asm_options_list +; + +asm_reg_specs( + unique int id: @asm_reg_spec +); + +#keyset[id] +asm_reg_spec_identifiers( + int id: @asm_reg_spec ref, + int identifier: @name_ref ref +); + +@assoc_item = + @const +| @function +| @macro_call +| @type_alias +; + +assoc_item_lists( + unique int id: @assoc_item_list +); + +#keyset[id, index] +assoc_item_list_assoc_items( + int id: @assoc_item_list ref, + int index: int ref, + int assoc_item: @assoc_item ref +); + +#keyset[id, index] +assoc_item_list_attrs( + int id: @assoc_item_list ref, + int index: int ref, + int attr: @attr ref +); + +attrs( + unique int id: @attr +); + +#keyset[id] +attr_meta( + int id: @attr ref, + int meta: @meta ref +); + +@callable = + @closure_expr +| @function +; + +#keyset[id] +callable_param_lists( + int id: @callable ref, + int param_list: @param_list ref +); + +#keyset[id, index] +callable_attrs( + int id: @callable ref, + int index: int ref, + int attr: @attr ref +); + +closure_binders( + unique int id: @closure_binder +); + +#keyset[id] +closure_binder_generic_param_lists( + int id: @closure_binder ref, + int generic_param_list: @generic_param_list ref +); + +@expr = + @array_expr_internal +| @asm_expr +| @await_expr +| @become_expr +| @binary_expr +| @break_expr +| @call_expr_base +| @cast_expr +| @closure_expr +| @continue_expr +| @field_expr +| @format_args_expr +| @if_expr +| @index_expr +| @labelable_expr +| @let_expr +| @literal_expr +| @macro_block_expr +| @macro_expr +| @match_expr +| @offset_of_expr +| @paren_expr +| @path_expr_base +| @prefix_expr +| @range_expr +| @ref_expr +| @return_expr +| @struct_expr +| @try_expr +| @tuple_expr +| @underscore_expr +| @yeet_expr +| @yield_expr +; + +@extern_item = + @function +| @macro_call +| @static +| @type_alias +; + +extern_item_lists( + unique int id: @extern_item_list +); + +#keyset[id, index] +extern_item_list_attrs( + int id: @extern_item_list ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id, index] +extern_item_list_extern_items( + int id: @extern_item_list ref, + int index: int ref, + int extern_item: @extern_item ref +); + +@field_list = + @struct_field_list +| @tuple_field_list +; + +format_args_args( + unique int id: @format_args_arg +); + +#keyset[id] +format_args_arg_exprs( + int id: @format_args_arg ref, + int expr: @expr ref +); + +#keyset[id] +format_args_arg_names( + int id: @format_args_arg ref, + int name: @name ref +); + +@generic_arg = + @assoc_type_arg +| @const_arg +| @lifetime_arg +| @type_arg +; + +generic_arg_lists( + unique int id: @generic_arg_list +); + +#keyset[id, index] +generic_arg_list_generic_args( + int id: @generic_arg_list ref, + int index: int ref, + int generic_arg: @generic_arg ref +); + +@generic_param = + @const_param +| @lifetime_param +| @type_param +; + +generic_param_lists( + unique int id: @generic_param_list +); + +#keyset[id, index] +generic_param_list_generic_params( + int id: @generic_param_list ref, + int index: int ref, + int generic_param: @generic_param ref +); + +item_lists( + unique int id: @item_list +); + +#keyset[id, index] +item_list_attrs( + int id: @item_list ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id, index] +item_list_items( + int id: @item_list ref, + int index: int ref, + int item: @item ref +); + +labels( + unique int id: @label +); + +#keyset[id] +label_lifetimes( + int id: @label ref, + int lifetime: @lifetime ref +); + +let_elses( + unique int id: @let_else +); + +#keyset[id] +let_else_block_exprs( + int id: @let_else ref, + int block_expr: @block_expr ref +); + +macro_items( + unique int id: @macro_items +); + +#keyset[id, index] +macro_items_items( + int id: @macro_items ref, + int index: int ref, + int item: @item ref +); + +match_arms( + unique int id: @match_arm +); + +#keyset[id, index] +match_arm_attrs( + int id: @match_arm ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +match_arm_exprs( + int id: @match_arm ref, + int expr: @expr ref +); + +#keyset[id] +match_arm_guards( + int id: @match_arm ref, + int guard: @match_guard ref +); + +#keyset[id] +match_arm_pats( + int id: @match_arm ref, + int pat: @pat ref +); + +match_arm_lists( + unique int id: @match_arm_list +); + +#keyset[id, index] +match_arm_list_arms( + int id: @match_arm_list ref, + int index: int ref, + int arm: @match_arm ref +); + +#keyset[id, index] +match_arm_list_attrs( + int id: @match_arm_list ref, + int index: int ref, + int attr: @attr ref +); + +match_guards( + unique int id: @match_guard +); + +#keyset[id] +match_guard_conditions( + int id: @match_guard ref, + int condition: @expr ref +); + +meta( + unique int id: @meta +); + +#keyset[id] +meta_exprs( + int id: @meta ref, + int expr: @expr ref +); + +#keyset[id] +meta_is_unsafe( + int id: @meta ref +); + +#keyset[id] +meta_paths( + int id: @meta ref, + int path: @path ref +); + +#keyset[id] +meta_token_trees( + int id: @meta ref, + int token_tree: @token_tree ref +); + +names( + unique int id: @name +); + +#keyset[id] +name_texts( + int id: @name ref, + string text: string ref +); + +@param_base = + @param +| @self_param +; + +#keyset[id, index] +param_base_attrs( + int id: @param_base ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +param_base_type_reprs( + int id: @param_base ref, + int type_repr: @type_repr ref +); + +param_lists( + unique int id: @param_list +); + +#keyset[id, index] +param_list_params( + int id: @param_list ref, + int index: int ref, + int param: @param ref +); + +#keyset[id] +param_list_self_params( + int id: @param_list ref, + int self_param: @self_param ref +); + +parenthesized_arg_lists( + unique int id: @parenthesized_arg_list +); + +#keyset[id, index] +parenthesized_arg_list_type_args( + int id: @parenthesized_arg_list ref, + int index: int ref, + int type_arg: @type_arg ref +); + +@pat = + @box_pat +| @const_block_pat +| @ident_pat +| @literal_pat +| @macro_pat +| @or_pat +| @paren_pat +| @path_pat +| @range_pat +| @ref_pat +| @rest_pat +| @slice_pat +| @struct_pat +| @tuple_pat +| @tuple_struct_pat +| @wildcard_pat +; + +paths( + unique int id: @path +); + +#keyset[id] +path_qualifiers( + int id: @path ref, + int qualifier: @path ref +); + +#keyset[id] +path_segments_( + int id: @path ref, + int segment: @path_segment ref +); + +path_segments( + unique int id: @path_segment +); + +#keyset[id] +path_segment_generic_arg_lists( + int id: @path_segment ref, + int generic_arg_list: @generic_arg_list ref +); + +#keyset[id] +path_segment_identifiers( + int id: @path_segment ref, + int identifier: @name_ref ref +); + +#keyset[id] +path_segment_parenthesized_arg_lists( + int id: @path_segment ref, + int parenthesized_arg_list: @parenthesized_arg_list ref +); + +#keyset[id] +path_segment_ret_types( + int id: @path_segment ref, + int ret_type: @ret_type_repr ref +); + +#keyset[id] +path_segment_return_type_syntaxes( + int id: @path_segment ref, + int return_type_syntax: @return_type_syntax ref +); + +#keyset[id] +path_segment_type_reprs( + int id: @path_segment ref, + int type_repr: @type_repr ref +); + +#keyset[id] +path_segment_trait_type_reprs( + int id: @path_segment ref, + int trait_type_repr: @path_type_repr ref +); + +renames( + unique int id: @rename +); + +#keyset[id] +rename_names( + int id: @rename ref, + int name: @name ref +); + +@resolvable = + @method_call_expr +| @path_ast_node +; + +#keyset[id] +resolvable_resolved_paths( + int id: @resolvable ref, + string resolved_path: string ref +); + +#keyset[id] +resolvable_resolved_crate_origins( + int id: @resolvable ref, + string resolved_crate_origin: string ref +); + +ret_type_reprs( + unique int id: @ret_type_repr +); + +#keyset[id] +ret_type_repr_type_reprs( + int id: @ret_type_repr ref, + int type_repr: @type_repr ref +); + +return_type_syntaxes( + unique int id: @return_type_syntax +); + +source_files( + unique int id: @source_file +); + +#keyset[id, index] +source_file_attrs( + int id: @source_file ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id, index] +source_file_items( + int id: @source_file ref, + int index: int ref, + int item: @item ref +); + +@stmt = + @expr_stmt +| @item +| @let_stmt +; + +stmt_lists( + unique int id: @stmt_list +); + +#keyset[id, index] +stmt_list_attrs( + int id: @stmt_list ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id, index] +stmt_list_statements( + int id: @stmt_list ref, + int index: int ref, + int statement: @stmt ref +); + +#keyset[id] +stmt_list_tail_exprs( + int id: @stmt_list ref, + int tail_expr: @expr ref +); + +struct_expr_fields( + unique int id: @struct_expr_field +); + +#keyset[id, index] +struct_expr_field_attrs( + int id: @struct_expr_field ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +struct_expr_field_exprs( + int id: @struct_expr_field ref, + int expr: @expr ref +); + +#keyset[id] +struct_expr_field_identifiers( + int id: @struct_expr_field ref, + int identifier: @name_ref ref +); + +struct_expr_field_lists( + unique int id: @struct_expr_field_list +); + +#keyset[id, index] +struct_expr_field_list_attrs( + int id: @struct_expr_field_list ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id, index] +struct_expr_field_list_fields( + int id: @struct_expr_field_list ref, + int index: int ref, + int field: @struct_expr_field ref +); + +#keyset[id] +struct_expr_field_list_spreads( + int id: @struct_expr_field_list ref, + int spread: @expr ref +); + +struct_fields( + unique int id: @struct_field +); + +#keyset[id, index] +struct_field_attrs( + int id: @struct_field ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +struct_field_defaults( + int id: @struct_field ref, + int default: @expr ref +); + +#keyset[id] +struct_field_is_unsafe( + int id: @struct_field ref +); + +#keyset[id] +struct_field_names( + int id: @struct_field ref, + int name: @name ref +); + +#keyset[id] +struct_field_type_reprs( + int id: @struct_field ref, + int type_repr: @type_repr ref +); + +#keyset[id] +struct_field_visibilities( + int id: @struct_field ref, + int visibility: @visibility ref +); + +struct_pat_fields( + unique int id: @struct_pat_field +); + +#keyset[id, index] +struct_pat_field_attrs( + int id: @struct_pat_field ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +struct_pat_field_identifiers( + int id: @struct_pat_field ref, + int identifier: @name_ref ref +); + +#keyset[id] +struct_pat_field_pats( + int id: @struct_pat_field ref, + int pat: @pat ref +); + +struct_pat_field_lists( + unique int id: @struct_pat_field_list +); + +#keyset[id, index] +struct_pat_field_list_fields( + int id: @struct_pat_field_list ref, + int index: int ref, + int field: @struct_pat_field ref +); + +#keyset[id] +struct_pat_field_list_rest_pats( + int id: @struct_pat_field_list ref, + int rest_pat: @rest_pat ref +); + +@token = + @comment +; + +token_trees( + unique int id: @token_tree +); + +tuple_fields( + unique int id: @tuple_field +); + +#keyset[id, index] +tuple_field_attrs( + int id: @tuple_field ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +tuple_field_type_reprs( + int id: @tuple_field ref, + int type_repr: @type_repr ref +); + +#keyset[id] +tuple_field_visibilities( + int id: @tuple_field ref, + int visibility: @visibility ref +); + +type_bounds( + unique int id: @type_bound +); + +#keyset[id] +type_bound_is_async( + int id: @type_bound ref +); + +#keyset[id] +type_bound_is_const( + int id: @type_bound ref +); + +#keyset[id] +type_bound_lifetimes( + int id: @type_bound ref, + int lifetime: @lifetime ref +); + +#keyset[id] +type_bound_type_reprs( + int id: @type_bound ref, + int type_repr: @type_repr ref +); + +#keyset[id] +type_bound_use_bound_generic_args( + int id: @type_bound ref, + int use_bound_generic_args: @use_bound_generic_args ref +); + +type_bound_lists( + unique int id: @type_bound_list +); + +#keyset[id, index] +type_bound_list_bounds( + int id: @type_bound_list ref, + int index: int ref, + int bound: @type_bound ref +); + +@type_repr = + @array_type_repr +| @dyn_trait_type_repr +| @fn_ptr_type_repr +| @for_type_repr +| @impl_trait_type_repr +| @infer_type_repr +| @macro_type_repr +| @never_type_repr +| @paren_type_repr +| @path_type_repr +| @ptr_type_repr +| @ref_type_repr +| @slice_type_repr +| @tuple_type_repr +; + +@use_bound_generic_arg = + @lifetime +| @name_ref +; + +use_bound_generic_args( + unique int id: @use_bound_generic_args +); + +#keyset[id, index] +use_bound_generic_args_use_bound_generic_args( + int id: @use_bound_generic_args ref, + int index: int ref, + int use_bound_generic_arg: @use_bound_generic_arg ref +); + +use_trees( + unique int id: @use_tree +); + +#keyset[id] +use_tree_is_glob( + int id: @use_tree ref +); + +#keyset[id] +use_tree_paths( + int id: @use_tree ref, + int path: @path ref +); + +#keyset[id] +use_tree_renames( + int id: @use_tree ref, + int rename: @rename ref +); + +#keyset[id] +use_tree_use_tree_lists( + int id: @use_tree ref, + int use_tree_list: @use_tree_list ref +); + +use_tree_lists( + unique int id: @use_tree_list +); + +#keyset[id, index] +use_tree_list_use_trees( + int id: @use_tree_list ref, + int index: int ref, + int use_tree: @use_tree ref +); + +variant_lists( + unique int id: @variant_list +); + +#keyset[id, index] +variant_list_variants( + int id: @variant_list ref, + int index: int ref, + int variant: @variant ref +); + +visibilities( + unique int id: @visibility +); + +#keyset[id] +visibility_paths( + int id: @visibility ref, + int path: @path ref +); + +where_clauses( + unique int id: @where_clause +); + +#keyset[id, index] +where_clause_predicates( + int id: @where_clause ref, + int index: int ref, + int predicate: @where_pred ref +); + +where_preds( + unique int id: @where_pred +); + +#keyset[id] +where_pred_generic_param_lists( + int id: @where_pred ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +where_pred_lifetimes( + int id: @where_pred ref, + int lifetime: @lifetime ref +); + +#keyset[id] +where_pred_type_reprs( + int id: @where_pred ref, + int type_repr: @type_repr ref +); + +#keyset[id] +where_pred_type_bound_lists( + int id: @where_pred ref, + int type_bound_list: @type_bound_list ref +); + +array_expr_internals( + unique int id: @array_expr_internal +); + +#keyset[id, index] +array_expr_internal_attrs( + int id: @array_expr_internal ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id, index] +array_expr_internal_exprs( + int id: @array_expr_internal ref, + int index: int ref, + int expr: @expr ref +); + +#keyset[id] +array_expr_internal_is_semicolon( + int id: @array_expr_internal ref +); + +array_type_reprs( + unique int id: @array_type_repr +); + +#keyset[id] +array_type_repr_const_args( + int id: @array_type_repr ref, + int const_arg: @const_arg ref +); + +#keyset[id] +array_type_repr_element_type_reprs( + int id: @array_type_repr ref, + int element_type_repr: @type_repr ref +); + +asm_clobber_abis( + unique int id: @asm_clobber_abi +); + +asm_consts( + unique int id: @asm_const +); + +#keyset[id] +asm_const_exprs( + int id: @asm_const ref, + int expr: @expr ref +); + +#keyset[id] +asm_const_is_const( + int id: @asm_const ref +); + +asm_exprs( + unique int id: @asm_expr +); + +#keyset[id, index] +asm_expr_asm_pieces( + int id: @asm_expr ref, + int index: int ref, + int asm_piece: @asm_piece ref +); + +#keyset[id, index] +asm_expr_attrs( + int id: @asm_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id, index] +asm_expr_templates( + int id: @asm_expr ref, + int index: int ref, + int template: @expr ref +); + +asm_labels( + unique int id: @asm_label +); + +#keyset[id] +asm_label_block_exprs( + int id: @asm_label ref, + int block_expr: @block_expr ref +); + +asm_operand_nameds( + unique int id: @asm_operand_named +); + +#keyset[id] +asm_operand_named_asm_operands( + int id: @asm_operand_named ref, + int asm_operand: @asm_operand ref +); + +#keyset[id] +asm_operand_named_names( + int id: @asm_operand_named ref, + int name: @name ref +); + +asm_options_lists( + unique int id: @asm_options_list +); + +#keyset[id, index] +asm_options_list_asm_options( + int id: @asm_options_list ref, + int index: int ref, + int asm_option: @asm_option ref +); + +asm_reg_operands( + unique int id: @asm_reg_operand +); + +#keyset[id] +asm_reg_operand_asm_dir_specs( + int id: @asm_reg_operand ref, + int asm_dir_spec: @asm_dir_spec ref +); + +#keyset[id] +asm_reg_operand_asm_operand_exprs( + int id: @asm_reg_operand ref, + int asm_operand_expr: @asm_operand_expr ref +); + +#keyset[id] +asm_reg_operand_asm_reg_specs( + int id: @asm_reg_operand ref, + int asm_reg_spec: @asm_reg_spec ref +); + +asm_syms( + unique int id: @asm_sym +); + +#keyset[id] +asm_sym_paths( + int id: @asm_sym ref, + int path: @path ref +); + +assoc_type_args( + unique int id: @assoc_type_arg +); + +#keyset[id] +assoc_type_arg_const_args( + int id: @assoc_type_arg ref, + int const_arg: @const_arg ref +); + +#keyset[id] +assoc_type_arg_generic_arg_lists( + int id: @assoc_type_arg ref, + int generic_arg_list: @generic_arg_list ref +); + +#keyset[id] +assoc_type_arg_identifiers( + int id: @assoc_type_arg ref, + int identifier: @name_ref ref +); + +#keyset[id] +assoc_type_arg_param_lists( + int id: @assoc_type_arg ref, + int param_list: @param_list ref +); + +#keyset[id] +assoc_type_arg_ret_types( + int id: @assoc_type_arg ref, + int ret_type: @ret_type_repr ref +); + +#keyset[id] +assoc_type_arg_return_type_syntaxes( + int id: @assoc_type_arg ref, + int return_type_syntax: @return_type_syntax ref +); + +#keyset[id] +assoc_type_arg_type_reprs( + int id: @assoc_type_arg ref, + int type_repr: @type_repr ref +); + +#keyset[id] +assoc_type_arg_type_bound_lists( + int id: @assoc_type_arg ref, + int type_bound_list: @type_bound_list ref +); + +await_exprs( + unique int id: @await_expr +); + +#keyset[id, index] +await_expr_attrs( + int id: @await_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +await_expr_exprs( + int id: @await_expr ref, + int expr: @expr ref +); + +become_exprs( + unique int id: @become_expr +); + +#keyset[id, index] +become_expr_attrs( + int id: @become_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +become_expr_exprs( + int id: @become_expr ref, + int expr: @expr ref +); + +binary_exprs( + unique int id: @binary_expr +); + +#keyset[id, index] +binary_expr_attrs( + int id: @binary_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +binary_expr_lhs( + int id: @binary_expr ref, + int lhs: @expr ref +); + +#keyset[id] +binary_expr_operator_names( + int id: @binary_expr ref, + string operator_name: string ref +); + +#keyset[id] +binary_expr_rhs( + int id: @binary_expr ref, + int rhs: @expr ref +); + +box_pats( + unique int id: @box_pat +); + +#keyset[id] +box_pat_pats( + int id: @box_pat ref, + int pat: @pat ref +); + +break_exprs( + unique int id: @break_expr +); + +#keyset[id, index] +break_expr_attrs( + int id: @break_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +break_expr_exprs( + int id: @break_expr ref, + int expr: @expr ref +); + +#keyset[id] +break_expr_lifetimes( + int id: @break_expr ref, + int lifetime: @lifetime ref +); + +@call_expr_base = + @call_expr +| @method_call_expr +; + +#keyset[id] +call_expr_base_arg_lists( + int id: @call_expr_base ref, + int arg_list: @arg_list ref +); + +#keyset[id, index] +call_expr_base_attrs( + int id: @call_expr_base ref, + int index: int ref, + int attr: @attr ref +); + +cast_exprs( + unique int id: @cast_expr +); + +#keyset[id, index] +cast_expr_attrs( + int id: @cast_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +cast_expr_exprs( + int id: @cast_expr ref, + int expr: @expr ref +); + +#keyset[id] +cast_expr_type_reprs( + int id: @cast_expr ref, + int type_repr: @type_repr ref +); + +closure_exprs( + unique int id: @closure_expr +); + +#keyset[id] +closure_expr_bodies( + int id: @closure_expr ref, + int body: @expr ref +); + +#keyset[id] +closure_expr_closure_binders( + int id: @closure_expr ref, + int closure_binder: @closure_binder ref +); + +#keyset[id] +closure_expr_is_async( + int id: @closure_expr ref +); + +#keyset[id] +closure_expr_is_const( + int id: @closure_expr ref +); + +#keyset[id] +closure_expr_is_gen( + int id: @closure_expr ref +); + +#keyset[id] +closure_expr_is_move( + int id: @closure_expr ref +); + +#keyset[id] +closure_expr_is_static( + int id: @closure_expr ref +); + +#keyset[id] +closure_expr_ret_types( + int id: @closure_expr ref, + int ret_type: @ret_type_repr ref +); + +comments( + unique int id: @comment, + int parent: @ast_node ref, + string text: string ref +); + +const_args( + unique int id: @const_arg +); + +#keyset[id] +const_arg_exprs( + int id: @const_arg ref, + int expr: @expr ref +); + +const_block_pats( + unique int id: @const_block_pat +); + +#keyset[id] +const_block_pat_block_exprs( + int id: @const_block_pat ref, + int block_expr: @block_expr ref +); + +#keyset[id] +const_block_pat_is_const( + int id: @const_block_pat ref +); + +const_params( + unique int id: @const_param +); + +#keyset[id, index] +const_param_attrs( + int id: @const_param ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +const_param_default_vals( + int id: @const_param ref, + int default_val: @const_arg ref +); + +#keyset[id] +const_param_is_const( + int id: @const_param ref +); + +#keyset[id] +const_param_names( + int id: @const_param ref, + int name: @name ref +); + +#keyset[id] +const_param_type_reprs( + int id: @const_param ref, + int type_repr: @type_repr ref +); + +continue_exprs( + unique int id: @continue_expr +); + +#keyset[id, index] +continue_expr_attrs( + int id: @continue_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +continue_expr_lifetimes( + int id: @continue_expr ref, + int lifetime: @lifetime ref +); + +dyn_trait_type_reprs( + unique int id: @dyn_trait_type_repr +); + +#keyset[id] +dyn_trait_type_repr_type_bound_lists( + int id: @dyn_trait_type_repr ref, + int type_bound_list: @type_bound_list ref +); + +expr_stmts( + unique int id: @expr_stmt +); + +#keyset[id] +expr_stmt_exprs( + int id: @expr_stmt ref, + int expr: @expr ref +); + +field_exprs( + unique int id: @field_expr +); + +#keyset[id, index] +field_expr_attrs( + int id: @field_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +field_expr_containers( + int id: @field_expr ref, + int container: @expr ref +); + +#keyset[id] +field_expr_identifiers( + int id: @field_expr ref, + int identifier: @name_ref ref +); + +fn_ptr_type_reprs( + unique int id: @fn_ptr_type_repr +); + +#keyset[id] +fn_ptr_type_repr_abis( + int id: @fn_ptr_type_repr ref, + int abi: @abi ref +); + +#keyset[id] +fn_ptr_type_repr_is_async( + int id: @fn_ptr_type_repr ref +); + +#keyset[id] +fn_ptr_type_repr_is_const( + int id: @fn_ptr_type_repr ref +); + +#keyset[id] +fn_ptr_type_repr_is_unsafe( + int id: @fn_ptr_type_repr ref +); + +#keyset[id] +fn_ptr_type_repr_param_lists( + int id: @fn_ptr_type_repr ref, + int param_list: @param_list ref +); + +#keyset[id] +fn_ptr_type_repr_ret_types( + int id: @fn_ptr_type_repr ref, + int ret_type: @ret_type_repr ref +); + +for_type_reprs( + unique int id: @for_type_repr +); + +#keyset[id] +for_type_repr_generic_param_lists( + int id: @for_type_repr ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +for_type_repr_type_reprs( + int id: @for_type_repr ref, + int type_repr: @type_repr ref +); + +format_args_exprs( + unique int id: @format_args_expr +); + +#keyset[id, index] +format_args_expr_args( + int id: @format_args_expr ref, + int index: int ref, + int arg: @format_args_arg ref +); + +#keyset[id, index] +format_args_expr_attrs( + int id: @format_args_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +format_args_expr_templates( + int id: @format_args_expr ref, + int template: @expr ref +); + +ident_pats( + unique int id: @ident_pat +); + +#keyset[id, index] +ident_pat_attrs( + int id: @ident_pat ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +ident_pat_is_mut( + int id: @ident_pat ref +); + +#keyset[id] +ident_pat_is_ref( + int id: @ident_pat ref +); + +#keyset[id] +ident_pat_names( + int id: @ident_pat ref, + int name: @name ref +); + +#keyset[id] +ident_pat_pats( + int id: @ident_pat ref, + int pat: @pat ref +); + +if_exprs( + unique int id: @if_expr +); + +#keyset[id, index] +if_expr_attrs( + int id: @if_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +if_expr_conditions( + int id: @if_expr ref, + int condition: @expr ref +); + +#keyset[id] +if_expr_elses( + int id: @if_expr ref, + int else: @expr ref +); + +#keyset[id] +if_expr_thens( + int id: @if_expr ref, + int then: @block_expr ref +); + +impl_trait_type_reprs( + unique int id: @impl_trait_type_repr +); + +#keyset[id] +impl_trait_type_repr_type_bound_lists( + int id: @impl_trait_type_repr ref, + int type_bound_list: @type_bound_list ref +); + +index_exprs( + unique int id: @index_expr +); + +#keyset[id, index] +index_expr_attrs( + int id: @index_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +index_expr_bases( + int id: @index_expr ref, + int base: @expr ref +); + +#keyset[id] +index_expr_indices( + int id: @index_expr ref, + int index: @expr ref +); + +infer_type_reprs( + unique int id: @infer_type_repr +); + +@item = + @adt +| @const +| @extern_block +| @extern_crate +| @function +| @impl +| @macro_call +| @macro_def +| @macro_rules +| @module +| @static +| @trait +| @trait_alias +| @type_alias +| @use +; + +#keyset[id] +item_attribute_macro_expansions( + int id: @item ref, + int attribute_macro_expansion: @macro_items ref +); + +@labelable_expr = + @block_expr +| @looping_expr +; + +#keyset[id] +labelable_expr_labels( + int id: @labelable_expr ref, + int label: @label ref +); + +let_exprs( + unique int id: @let_expr +); + +#keyset[id, index] +let_expr_attrs( + int id: @let_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +let_expr_scrutinees( + int id: @let_expr ref, + int scrutinee: @expr ref +); + +#keyset[id] +let_expr_pats( + int id: @let_expr ref, + int pat: @pat ref +); + +let_stmts( + unique int id: @let_stmt +); + +#keyset[id, index] +let_stmt_attrs( + int id: @let_stmt ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +let_stmt_initializers( + int id: @let_stmt ref, + int initializer: @expr ref +); + +#keyset[id] +let_stmt_let_elses( + int id: @let_stmt ref, + int let_else: @let_else ref +); + +#keyset[id] +let_stmt_pats( + int id: @let_stmt ref, + int pat: @pat ref +); + +#keyset[id] +let_stmt_type_reprs( + int id: @let_stmt ref, + int type_repr: @type_repr ref +); + +lifetimes( + unique int id: @lifetime +); + +#keyset[id] +lifetime_texts( + int id: @lifetime ref, + string text: string ref +); + +lifetime_args( + unique int id: @lifetime_arg +); + +#keyset[id] +lifetime_arg_lifetimes( + int id: @lifetime_arg ref, + int lifetime: @lifetime ref +); + +lifetime_params( + unique int id: @lifetime_param +); + +#keyset[id, index] +lifetime_param_attrs( + int id: @lifetime_param ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +lifetime_param_lifetimes( + int id: @lifetime_param ref, + int lifetime: @lifetime ref +); + +#keyset[id] +lifetime_param_type_bound_lists( + int id: @lifetime_param ref, + int type_bound_list: @type_bound_list ref +); + +literal_exprs( + unique int id: @literal_expr +); + +#keyset[id, index] +literal_expr_attrs( + int id: @literal_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +literal_expr_text_values( + int id: @literal_expr ref, + string text_value: string ref +); + +literal_pats( + unique int id: @literal_pat +); + +#keyset[id] +literal_pat_literals( + int id: @literal_pat ref, + int literal: @literal_expr ref +); + +macro_block_exprs( + unique int id: @macro_block_expr +); + +#keyset[id] +macro_block_expr_tail_exprs( + int id: @macro_block_expr ref, + int tail_expr: @expr ref +); + +#keyset[id, index] +macro_block_expr_statements( + int id: @macro_block_expr ref, + int index: int ref, + int statement: @stmt ref +); + +macro_exprs( + unique int id: @macro_expr +); + +#keyset[id] +macro_expr_macro_calls( + int id: @macro_expr ref, + int macro_call: @macro_call ref +); + +macro_pats( + unique int id: @macro_pat +); + +#keyset[id] +macro_pat_macro_calls( + int id: @macro_pat ref, + int macro_call: @macro_call ref +); + +macro_type_reprs( + unique int id: @macro_type_repr +); + +#keyset[id] +macro_type_repr_macro_calls( + int id: @macro_type_repr ref, + int macro_call: @macro_call ref +); + +match_exprs( + unique int id: @match_expr +); + +#keyset[id, index] +match_expr_attrs( + int id: @match_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +match_expr_scrutinees( + int id: @match_expr ref, + int scrutinee: @expr ref +); + +#keyset[id] +match_expr_match_arm_lists( + int id: @match_expr ref, + int match_arm_list: @match_arm_list ref +); + +name_refs( + unique int id: @name_ref +); + +#keyset[id] +name_ref_texts( + int id: @name_ref ref, + string text: string ref +); + +never_type_reprs( + unique int id: @never_type_repr +); + +offset_of_exprs( + unique int id: @offset_of_expr +); + +#keyset[id, index] +offset_of_expr_attrs( + int id: @offset_of_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id, index] +offset_of_expr_fields( + int id: @offset_of_expr ref, + int index: int ref, + int field: @name_ref ref +); + +#keyset[id] +offset_of_expr_type_reprs( + int id: @offset_of_expr ref, + int type_repr: @type_repr ref +); + +or_pats( + unique int id: @or_pat +); + +#keyset[id, index] +or_pat_pats( + int id: @or_pat ref, + int index: int ref, + int pat: @pat ref +); + +params( + unique int id: @param +); + +#keyset[id] +param_pats( + int id: @param ref, + int pat: @pat ref +); + +paren_exprs( + unique int id: @paren_expr +); + +#keyset[id, index] +paren_expr_attrs( + int id: @paren_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +paren_expr_exprs( + int id: @paren_expr ref, + int expr: @expr ref +); + +paren_pats( + unique int id: @paren_pat +); + +#keyset[id] +paren_pat_pats( + int id: @paren_pat ref, + int pat: @pat ref +); + +paren_type_reprs( + unique int id: @paren_type_repr +); + +#keyset[id] +paren_type_repr_type_reprs( + int id: @paren_type_repr ref, + int type_repr: @type_repr ref +); + +@path_ast_node = + @path_expr +| @path_pat +| @struct_expr +| @struct_pat +| @tuple_struct_pat +; + +#keyset[id] +path_ast_node_paths( + int id: @path_ast_node ref, + int path: @path ref +); + +@path_expr_base = + @path_expr +; + +path_type_reprs( + unique int id: @path_type_repr +); + +#keyset[id] +path_type_repr_paths( + int id: @path_type_repr ref, + int path: @path ref +); + +prefix_exprs( + unique int id: @prefix_expr +); + +#keyset[id, index] +prefix_expr_attrs( + int id: @prefix_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +prefix_expr_exprs( + int id: @prefix_expr ref, + int expr: @expr ref +); + +#keyset[id] +prefix_expr_operator_names( + int id: @prefix_expr ref, + string operator_name: string ref +); + +ptr_type_reprs( + unique int id: @ptr_type_repr +); + +#keyset[id] +ptr_type_repr_is_const( + int id: @ptr_type_repr ref +); + +#keyset[id] +ptr_type_repr_is_mut( + int id: @ptr_type_repr ref +); + +#keyset[id] +ptr_type_repr_type_reprs( + int id: @ptr_type_repr ref, + int type_repr: @type_repr ref +); + +range_exprs( + unique int id: @range_expr +); + +#keyset[id, index] +range_expr_attrs( + int id: @range_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +range_expr_ends( + int id: @range_expr ref, + int end: @expr ref +); + +#keyset[id] +range_expr_operator_names( + int id: @range_expr ref, + string operator_name: string ref +); + +#keyset[id] +range_expr_starts( + int id: @range_expr ref, + int start: @expr ref +); + +range_pats( + unique int id: @range_pat +); + +#keyset[id] +range_pat_ends( + int id: @range_pat ref, + int end: @pat ref +); + +#keyset[id] +range_pat_operator_names( + int id: @range_pat ref, + string operator_name: string ref +); + +#keyset[id] +range_pat_starts( + int id: @range_pat ref, + int start: @pat ref +); + +ref_exprs( + unique int id: @ref_expr +); + +#keyset[id, index] +ref_expr_attrs( + int id: @ref_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +ref_expr_exprs( + int id: @ref_expr ref, + int expr: @expr ref +); + +#keyset[id] +ref_expr_is_const( + int id: @ref_expr ref +); + +#keyset[id] +ref_expr_is_mut( + int id: @ref_expr ref +); + +#keyset[id] +ref_expr_is_raw( + int id: @ref_expr ref +); + +ref_pats( + unique int id: @ref_pat +); + +#keyset[id] +ref_pat_is_mut( + int id: @ref_pat ref +); + +#keyset[id] +ref_pat_pats( + int id: @ref_pat ref, + int pat: @pat ref +); + +ref_type_reprs( + unique int id: @ref_type_repr +); + +#keyset[id] +ref_type_repr_is_mut( + int id: @ref_type_repr ref +); + +#keyset[id] +ref_type_repr_lifetimes( + int id: @ref_type_repr ref, + int lifetime: @lifetime ref +); + +#keyset[id] +ref_type_repr_type_reprs( + int id: @ref_type_repr ref, + int type_repr: @type_repr ref +); + +rest_pats( + unique int id: @rest_pat +); + +#keyset[id, index] +rest_pat_attrs( + int id: @rest_pat ref, + int index: int ref, + int attr: @attr ref +); + +return_exprs( + unique int id: @return_expr +); + +#keyset[id, index] +return_expr_attrs( + int id: @return_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +return_expr_exprs( + int id: @return_expr ref, + int expr: @expr ref +); + +self_params( + unique int id: @self_param +); + +#keyset[id] +self_param_is_ref( + int id: @self_param ref +); + +#keyset[id] +self_param_is_mut( + int id: @self_param ref +); + +#keyset[id] +self_param_lifetimes( + int id: @self_param ref, + int lifetime: @lifetime ref +); + +#keyset[id] +self_param_names( + int id: @self_param ref, + int name: @name ref +); + +slice_pats( + unique int id: @slice_pat +); + +#keyset[id, index] +slice_pat_pats( + int id: @slice_pat ref, + int index: int ref, + int pat: @pat ref +); + +slice_type_reprs( + unique int id: @slice_type_repr +); + +#keyset[id] +slice_type_repr_type_reprs( + int id: @slice_type_repr ref, + int type_repr: @type_repr ref +); + +struct_field_lists( + unique int id: @struct_field_list +); + +#keyset[id, index] +struct_field_list_fields( + int id: @struct_field_list ref, + int index: int ref, + int field: @struct_field ref +); + +try_exprs( + unique int id: @try_expr +); + +#keyset[id, index] +try_expr_attrs( + int id: @try_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +try_expr_exprs( + int id: @try_expr ref, + int expr: @expr ref +); + +tuple_exprs( + unique int id: @tuple_expr +); + +#keyset[id, index] +tuple_expr_attrs( + int id: @tuple_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id, index] +tuple_expr_fields( + int id: @tuple_expr ref, + int index: int ref, + int field: @expr ref +); + +tuple_field_lists( + unique int id: @tuple_field_list +); + +#keyset[id, index] +tuple_field_list_fields( + int id: @tuple_field_list ref, + int index: int ref, + int field: @tuple_field ref +); + +tuple_pats( + unique int id: @tuple_pat +); + +#keyset[id, index] +tuple_pat_fields( + int id: @tuple_pat ref, + int index: int ref, + int field: @pat ref +); + +tuple_type_reprs( + unique int id: @tuple_type_repr +); + +#keyset[id, index] +tuple_type_repr_fields( + int id: @tuple_type_repr ref, + int index: int ref, + int field: @type_repr ref +); + +type_args( + unique int id: @type_arg +); + +#keyset[id] +type_arg_type_reprs( + int id: @type_arg ref, + int type_repr: @type_repr ref +); + +type_params( + unique int id: @type_param +); + +#keyset[id, index] +type_param_attrs( + int id: @type_param ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +type_param_default_types( + int id: @type_param ref, + int default_type: @type_repr ref +); + +#keyset[id] +type_param_names( + int id: @type_param ref, + int name: @name ref +); + +#keyset[id] +type_param_type_bound_lists( + int id: @type_param ref, + int type_bound_list: @type_bound_list ref +); + +underscore_exprs( + unique int id: @underscore_expr +); + +#keyset[id, index] +underscore_expr_attrs( + int id: @underscore_expr ref, + int index: int ref, + int attr: @attr ref +); + +variants( + unique int id: @variant +); + +#keyset[id, index] +variant_attrs( + int id: @variant ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +variant_discriminants( + int id: @variant ref, + int discriminant: @expr ref +); + +#keyset[id] +variant_field_lists( + int id: @variant ref, + int field_list: @field_list ref +); + +#keyset[id] +variant_names( + int id: @variant ref, + int name: @name ref +); + +#keyset[id] +variant_visibilities( + int id: @variant ref, + int visibility: @visibility ref +); + +wildcard_pats( + unique int id: @wildcard_pat +); + +yeet_exprs( + unique int id: @yeet_expr +); + +#keyset[id, index] +yeet_expr_attrs( + int id: @yeet_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +yeet_expr_exprs( + int id: @yeet_expr ref, + int expr: @expr ref +); + +yield_exprs( + unique int id: @yield_expr +); + +#keyset[id, index] +yield_expr_attrs( + int id: @yield_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +yield_expr_exprs( + int id: @yield_expr ref, + int expr: @expr ref +); + +@adt = + @enum +| @struct +| @union +; + +#keyset[id, index] +adt_derive_macro_expansions( + int id: @adt ref, + int index: int ref, + int derive_macro_expansion: @macro_items ref +); + +block_exprs( + unique int id: @block_expr +); + +#keyset[id, index] +block_expr_attrs( + int id: @block_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +block_expr_is_async( + int id: @block_expr ref +); + +#keyset[id] +block_expr_is_const( + int id: @block_expr ref +); + +#keyset[id] +block_expr_is_gen( + int id: @block_expr ref +); + +#keyset[id] +block_expr_is_move( + int id: @block_expr ref +); + +#keyset[id] +block_expr_is_try( + int id: @block_expr ref +); + +#keyset[id] +block_expr_is_unsafe( + int id: @block_expr ref +); + +#keyset[id] +block_expr_stmt_lists( + int id: @block_expr ref, + int stmt_list: @stmt_list ref +); + +call_exprs( + unique int id: @call_expr +); + +#keyset[id] +call_expr_functions( + int id: @call_expr ref, + int function: @expr ref +); + +consts( + unique int id: @const +); + +#keyset[id, index] +const_attrs( + int id: @const ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +const_bodies( + int id: @const ref, + int body: @expr ref +); + +#keyset[id] +const_generic_param_lists( + int id: @const ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +const_is_const( + int id: @const ref +); + +#keyset[id] +const_is_default( + int id: @const ref +); + +#keyset[id] +const_names( + int id: @const ref, + int name: @name ref +); + +#keyset[id] +const_type_reprs( + int id: @const ref, + int type_repr: @type_repr ref +); + +#keyset[id] +const_visibilities( + int id: @const ref, + int visibility: @visibility ref +); + +#keyset[id] +const_where_clauses( + int id: @const ref, + int where_clause: @where_clause ref +); + +#keyset[id] +const_has_implementation( + int id: @const ref +); + +extern_blocks( + unique int id: @extern_block +); + +#keyset[id] +extern_block_abis( + int id: @extern_block ref, + int abi: @abi ref +); + +#keyset[id, index] +extern_block_attrs( + int id: @extern_block ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +extern_block_extern_item_lists( + int id: @extern_block ref, + int extern_item_list: @extern_item_list ref +); + +#keyset[id] +extern_block_is_unsafe( + int id: @extern_block ref +); + +extern_crates( + unique int id: @extern_crate +); + +#keyset[id, index] +extern_crate_attrs( + int id: @extern_crate ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +extern_crate_identifiers( + int id: @extern_crate ref, + int identifier: @name_ref ref +); + +#keyset[id] +extern_crate_renames( + int id: @extern_crate ref, + int rename: @rename ref +); + +#keyset[id] +extern_crate_visibilities( + int id: @extern_crate ref, + int visibility: @visibility ref +); + +functions( + unique int id: @function +); + +#keyset[id] +function_abis( + int id: @function ref, + int abi: @abi ref +); + +#keyset[id] +function_bodies( + int id: @function ref, + int body: @block_expr ref +); + +#keyset[id] +function_generic_param_lists( + int id: @function ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +function_is_async( + int id: @function ref +); + +#keyset[id] +function_is_const( + int id: @function ref +); + +#keyset[id] +function_is_default( + int id: @function ref +); + +#keyset[id] +function_is_gen( + int id: @function ref +); + +#keyset[id] +function_is_unsafe( + int id: @function ref +); + +#keyset[id] +function_names( + int id: @function ref, + int name: @name ref +); + +#keyset[id] +function_ret_types( + int id: @function ref, + int ret_type: @ret_type_repr ref +); + +#keyset[id] +function_visibilities( + int id: @function ref, + int visibility: @visibility ref +); + +#keyset[id] +function_where_clauses( + int id: @function ref, + int where_clause: @where_clause ref +); + +#keyset[id] +function_has_implementation( + int id: @function ref +); + +impls( + unique int id: @impl +); + +#keyset[id] +impl_assoc_item_lists( + int id: @impl ref, + int assoc_item_list: @assoc_item_list ref +); + +#keyset[id, index] +impl_attrs( + int id: @impl ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +impl_generic_param_lists( + int id: @impl ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +impl_is_const( + int id: @impl ref +); + +#keyset[id] +impl_is_default( + int id: @impl ref +); + +#keyset[id] +impl_is_unsafe( + int id: @impl ref +); + +#keyset[id] +impl_self_ties( + int id: @impl ref, + int self_ty: @type_repr ref +); + +#keyset[id] +impl_traits( + int id: @impl ref, + int trait: @type_repr ref +); + +#keyset[id] +impl_visibilities( + int id: @impl ref, + int visibility: @visibility ref +); + +#keyset[id] +impl_where_clauses( + int id: @impl ref, + int where_clause: @where_clause ref +); + +@looping_expr = + @for_expr +| @loop_expr +| @while_expr +; + +#keyset[id] +looping_expr_loop_bodies( + int id: @looping_expr ref, + int loop_body: @block_expr ref +); + +macro_calls( + unique int id: @macro_call +); + +#keyset[id, index] +macro_call_attrs( + int id: @macro_call ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +macro_call_paths( + int id: @macro_call ref, + int path: @path ref +); + +#keyset[id] +macro_call_token_trees( + int id: @macro_call ref, + int token_tree: @token_tree ref +); + +#keyset[id] +macro_call_macro_call_expansions( + int id: @macro_call ref, + int macro_call_expansion: @ast_node ref +); + +macro_defs( + unique int id: @macro_def +); + +#keyset[id] +macro_def_args( + int id: @macro_def ref, + int args: @token_tree ref +); + +#keyset[id, index] +macro_def_attrs( + int id: @macro_def ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +macro_def_bodies( + int id: @macro_def ref, + int body: @token_tree ref +); + +#keyset[id] +macro_def_names( + int id: @macro_def ref, + int name: @name ref +); + +#keyset[id] +macro_def_visibilities( + int id: @macro_def ref, + int visibility: @visibility ref +); + +macro_rules( + unique int id: @macro_rules +); + +#keyset[id, index] +macro_rules_attrs( + int id: @macro_rules ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +macro_rules_names( + int id: @macro_rules ref, + int name: @name ref +); + +#keyset[id] +macro_rules_token_trees( + int id: @macro_rules ref, + int token_tree: @token_tree ref +); + +#keyset[id] +macro_rules_visibilities( + int id: @macro_rules ref, + int visibility: @visibility ref +); + +method_call_exprs( + unique int id: @method_call_expr +); + +#keyset[id] +method_call_expr_generic_arg_lists( + int id: @method_call_expr ref, + int generic_arg_list: @generic_arg_list ref +); + +#keyset[id] +method_call_expr_identifiers( + int id: @method_call_expr ref, + int identifier: @name_ref ref +); + +#keyset[id] +method_call_expr_receivers( + int id: @method_call_expr ref, + int receiver: @expr ref +); + +modules( + unique int id: @module +); + +#keyset[id, index] +module_attrs( + int id: @module ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +module_item_lists( + int id: @module ref, + int item_list: @item_list ref +); + +#keyset[id] +module_names( + int id: @module ref, + int name: @name ref +); + +#keyset[id] +module_visibilities( + int id: @module ref, + int visibility: @visibility ref +); + +path_exprs( + unique int id: @path_expr +); + +#keyset[id, index] +path_expr_attrs( + int id: @path_expr ref, + int index: int ref, + int attr: @attr ref +); + +path_pats( + unique int id: @path_pat +); + +statics( + unique int id: @static +); + +#keyset[id, index] +static_attrs( + int id: @static ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +static_bodies( + int id: @static ref, + int body: @expr ref +); + +#keyset[id] +static_is_mut( + int id: @static ref +); + +#keyset[id] +static_is_static( + int id: @static ref +); + +#keyset[id] +static_is_unsafe( + int id: @static ref +); + +#keyset[id] +static_names( + int id: @static ref, + int name: @name ref +); + +#keyset[id] +static_type_reprs( + int id: @static ref, + int type_repr: @type_repr ref +); + +#keyset[id] +static_visibilities( + int id: @static ref, + int visibility: @visibility ref +); + +struct_exprs( + unique int id: @struct_expr +); + +#keyset[id] +struct_expr_struct_expr_field_lists( + int id: @struct_expr ref, + int struct_expr_field_list: @struct_expr_field_list ref +); + +struct_pats( + unique int id: @struct_pat +); + +#keyset[id] +struct_pat_struct_pat_field_lists( + int id: @struct_pat ref, + int struct_pat_field_list: @struct_pat_field_list ref +); + +traits( + unique int id: @trait +); + +#keyset[id] +trait_assoc_item_lists( + int id: @trait ref, + int assoc_item_list: @assoc_item_list ref +); + +#keyset[id, index] +trait_attrs( + int id: @trait ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +trait_generic_param_lists( + int id: @trait ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +trait_is_auto( + int id: @trait ref +); + +#keyset[id] +trait_is_unsafe( + int id: @trait ref +); + +#keyset[id] +trait_names( + int id: @trait ref, + int name: @name ref +); + +#keyset[id] +trait_type_bound_lists( + int id: @trait ref, + int type_bound_list: @type_bound_list ref +); + +#keyset[id] +trait_visibilities( + int id: @trait ref, + int visibility: @visibility ref +); + +#keyset[id] +trait_where_clauses( + int id: @trait ref, + int where_clause: @where_clause ref +); + +trait_aliases( + unique int id: @trait_alias +); + +#keyset[id, index] +trait_alias_attrs( + int id: @trait_alias ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +trait_alias_generic_param_lists( + int id: @trait_alias ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +trait_alias_names( + int id: @trait_alias ref, + int name: @name ref +); + +#keyset[id] +trait_alias_type_bound_lists( + int id: @trait_alias ref, + int type_bound_list: @type_bound_list ref +); + +#keyset[id] +trait_alias_visibilities( + int id: @trait_alias ref, + int visibility: @visibility ref +); + +#keyset[id] +trait_alias_where_clauses( + int id: @trait_alias ref, + int where_clause: @where_clause ref +); + +tuple_struct_pats( + unique int id: @tuple_struct_pat +); + +#keyset[id, index] +tuple_struct_pat_fields( + int id: @tuple_struct_pat ref, + int index: int ref, + int field: @pat ref +); + +type_aliases( + unique int id: @type_alias +); + +#keyset[id, index] +type_alias_attrs( + int id: @type_alias ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +type_alias_generic_param_lists( + int id: @type_alias ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +type_alias_is_default( + int id: @type_alias ref +); + +#keyset[id] +type_alias_names( + int id: @type_alias ref, + int name: @name ref +); + +#keyset[id] +type_alias_type_reprs( + int id: @type_alias ref, + int type_repr: @type_repr ref +); + +#keyset[id] +type_alias_type_bound_lists( + int id: @type_alias ref, + int type_bound_list: @type_bound_list ref +); + +#keyset[id] +type_alias_visibilities( + int id: @type_alias ref, + int visibility: @visibility ref +); + +#keyset[id] +type_alias_where_clauses( + int id: @type_alias ref, + int where_clause: @where_clause ref +); + +uses( + unique int id: @use +); + +#keyset[id, index] +use_attrs( + int id: @use ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +use_use_trees( + int id: @use ref, + int use_tree: @use_tree ref +); + +#keyset[id] +use_visibilities( + int id: @use ref, + int visibility: @visibility ref +); + +enums( + unique int id: @enum +); + +#keyset[id, index] +enum_attrs( + int id: @enum ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +enum_generic_param_lists( + int id: @enum ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +enum_names( + int id: @enum ref, + int name: @name ref +); + +#keyset[id] +enum_variant_lists( + int id: @enum ref, + int variant_list: @variant_list ref +); + +#keyset[id] +enum_visibilities( + int id: @enum ref, + int visibility: @visibility ref +); + +#keyset[id] +enum_where_clauses( + int id: @enum ref, + int where_clause: @where_clause ref +); + +for_exprs( + unique int id: @for_expr +); + +#keyset[id, index] +for_expr_attrs( + int id: @for_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +for_expr_iterables( + int id: @for_expr ref, + int iterable: @expr ref +); + +#keyset[id] +for_expr_pats( + int id: @for_expr ref, + int pat: @pat ref +); + +loop_exprs( + unique int id: @loop_expr +); + +#keyset[id, index] +loop_expr_attrs( + int id: @loop_expr ref, + int index: int ref, + int attr: @attr ref +); + +structs( + unique int id: @struct +); + +#keyset[id, index] +struct_attrs( + int id: @struct ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +struct_field_lists_( + int id: @struct ref, + int field_list: @field_list ref +); + +#keyset[id] +struct_generic_param_lists( + int id: @struct ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +struct_names( + int id: @struct ref, + int name: @name ref +); + +#keyset[id] +struct_visibilities( + int id: @struct ref, + int visibility: @visibility ref +); + +#keyset[id] +struct_where_clauses( + int id: @struct ref, + int where_clause: @where_clause ref +); + +unions( + unique int id: @union +); + +#keyset[id, index] +union_attrs( + int id: @union ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +union_generic_param_lists( + int id: @union ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +union_names( + int id: @union ref, + int name: @name ref +); + +#keyset[id] +union_struct_field_lists( + int id: @union ref, + int struct_field_list: @struct_field_list ref +); + +#keyset[id] +union_visibilities( + int id: @union ref, + int visibility: @visibility ref +); + +#keyset[id] +union_where_clauses( + int id: @union ref, + int where_clause: @where_clause ref +); + +while_exprs( + unique int id: @while_expr +); + +#keyset[id, index] +while_expr_attrs( + int id: @while_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +while_expr_conditions( + int id: @while_expr ref, + int condition: @expr ref +); diff --git a/rust/ql/lib/upgrades/e3b3765116ecb8d796979f0b4787926cb8d691b5/rust.dbscheme b/rust/ql/lib/upgrades/e3b3765116ecb8d796979f0b4787926cb8d691b5/rust.dbscheme new file mode 100644 index 00000000000..f72a3d8d021 --- /dev/null +++ b/rust/ql/lib/upgrades/e3b3765116ecb8d796979f0b4787926cb8d691b5/rust.dbscheme @@ -0,0 +1,3638 @@ +// generated by codegen, do not edit + +// from ../shared/tree-sitter-extractor/src/generator/prefix.dbscheme +/*- Files and folders -*/ + +/** + * The location of an element. + * The location spans column `startcolumn` of line `startline` to + * column `endcolumn` of line `endline` in file `file`. + * For more information, see + * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). + */ +locations_default( + unique int id: @location_default, + int file: @file ref, + int beginLine: int ref, + int beginColumn: int ref, + int endLine: int ref, + int endColumn: int ref +); + +files( + unique int id: @file, + string name: string ref +); + +folders( + unique int id: @folder, + string name: string ref +); + +@container = @file | @folder + +containerparent( + int parent: @container ref, + unique int child: @container ref +); + +/*- Empty location -*/ + +empty_location( + int location: @location_default ref +); + +/*- Source location prefix -*/ + +/** + * The source location of the snapshot. + */ +sourceLocationPrefix(string prefix : string ref); + +/*- Diagnostic messages -*/ + +diagnostics( + unique int id: @diagnostic, + int severity: int ref, + string error_tag: string ref, + string error_message: string ref, + string full_error_message: string ref, + int location: @location_default ref +); + +/*- Diagnostic messages: severity -*/ + +case @diagnostic.severity of + 10 = @diagnostic_debug +| 20 = @diagnostic_info +| 30 = @diagnostic_warning +| 40 = @diagnostic_error +; + +/*- YAML -*/ + +#keyset[parent, idx] +yaml (unique int id: @yaml_node, + int kind: int ref, + int parent: @yaml_node_parent ref, + int idx: int ref, + string tag: string ref, + string tostring: string ref); + +case @yaml_node.kind of + 0 = @yaml_scalar_node +| 1 = @yaml_mapping_node +| 2 = @yaml_sequence_node +| 3 = @yaml_alias_node +; + +@yaml_collection_node = @yaml_mapping_node | @yaml_sequence_node; + +@yaml_node_parent = @yaml_collection_node | @file; + +yaml_anchors (unique int node: @yaml_node ref, + string anchor: string ref); + +yaml_aliases (unique int alias: @yaml_alias_node ref, + string target: string ref); + +yaml_scalars (unique int scalar: @yaml_scalar_node ref, + int style: int ref, + string value: string ref); + +yaml_errors (unique int id: @yaml_error, + string message: string ref); + +yaml_locations(unique int locatable: @yaml_locatable ref, + int location: @location_default ref); + +@yaml_locatable = @yaml_node | @yaml_error; + +/*- Database metadata -*/ +databaseMetadata( + string metadataKey: string ref, + string value: string ref +); + + +// from prefix.dbscheme +#keyset[id] +locatable_locations( + int id: @locatable ref, + int location: @location_default ref +); + + +// from schema + +@element = + @extractor_step +| @locatable +| @named_crate +| @unextracted +; + +extractor_steps( + unique int id: @extractor_step, + string action: string ref, + int duration_ms: int ref +); + +#keyset[id] +extractor_step_files( + int id: @extractor_step ref, + int file: @file ref +); + +@locatable = + @ast_node +| @crate +; + +named_crates( + unique int id: @named_crate, + string name: string ref, + int crate: @crate ref +); + +@unextracted = + @missing +| @unimplemented +; + +@ast_node = + @abi +| @addressable +| @arg_list +| @asm_dir_spec +| @asm_operand +| @asm_operand_expr +| @asm_option +| @asm_piece +| @asm_reg_spec +| @assoc_item +| @assoc_item_list +| @attr +| @callable +| @closure_binder +| @expr +| @extern_item +| @extern_item_list +| @field_list +| @format_args_arg +| @generic_arg +| @generic_arg_list +| @generic_param +| @generic_param_list +| @item_list +| @label +| @let_else +| @macro_items +| @match_arm +| @match_arm_list +| @match_guard +| @meta +| @name +| @param_base +| @param_list +| @parenthesized_arg_list +| @pat +| @path +| @path_segment +| @rename +| @resolvable +| @ret_type_repr +| @return_type_syntax +| @source_file +| @stmt +| @stmt_list +| @struct_expr_field +| @struct_expr_field_list +| @struct_field +| @struct_pat_field +| @struct_pat_field_list +| @token +| @token_tree +| @tuple_field +| @type_bound +| @type_bound_list +| @type_repr +| @use_bound_generic_arg +| @use_bound_generic_args +| @use_tree +| @use_tree_list +| @variant_list +| @visibility +| @where_clause +| @where_pred +; + +crates( + unique int id: @crate +); + +#keyset[id] +crate_names( + int id: @crate ref, + string name: string ref +); + +#keyset[id] +crate_versions( + int id: @crate ref, + string version: string ref +); + +#keyset[id, index] +crate_cfg_options( + int id: @crate ref, + int index: int ref, + string cfg_option: string ref +); + +#keyset[id, index] +crate_named_dependencies( + int id: @crate ref, + int index: int ref, + int named_dependency: @named_crate ref +); + +missings( + unique int id: @missing +); + +unimplementeds( + unique int id: @unimplemented +); + +abis( + unique int id: @abi +); + +#keyset[id] +abi_abi_strings( + int id: @abi ref, + string abi_string: string ref +); + +@addressable = + @item +| @variant +; + +#keyset[id] +addressable_extended_canonical_paths( + int id: @addressable ref, + string extended_canonical_path: string ref +); + +#keyset[id] +addressable_crate_origins( + int id: @addressable ref, + string crate_origin: string ref +); + +arg_lists( + unique int id: @arg_list +); + +#keyset[id, index] +arg_list_args( + int id: @arg_list ref, + int index: int ref, + int arg: @expr ref +); + +asm_dir_specs( + unique int id: @asm_dir_spec +); + +@asm_operand = + @asm_const +| @asm_label +| @asm_reg_operand +| @asm_sym +; + +asm_operand_exprs( + unique int id: @asm_operand_expr +); + +#keyset[id] +asm_operand_expr_in_exprs( + int id: @asm_operand_expr ref, + int in_expr: @expr ref +); + +#keyset[id] +asm_operand_expr_out_exprs( + int id: @asm_operand_expr ref, + int out_expr: @expr ref +); + +asm_options( + unique int id: @asm_option +); + +#keyset[id] +asm_option_is_raw( + int id: @asm_option ref +); + +@asm_piece = + @asm_clobber_abi +| @asm_operand_named +| @asm_options_list +; + +asm_reg_specs( + unique int id: @asm_reg_spec +); + +#keyset[id] +asm_reg_spec_identifiers( + int id: @asm_reg_spec ref, + int identifier: @name_ref ref +); + +@assoc_item = + @const +| @function +| @macro_call +| @type_alias +; + +assoc_item_lists( + unique int id: @assoc_item_list +); + +#keyset[id, index] +assoc_item_list_assoc_items( + int id: @assoc_item_list ref, + int index: int ref, + int assoc_item: @assoc_item ref +); + +#keyset[id, index] +assoc_item_list_attrs( + int id: @assoc_item_list ref, + int index: int ref, + int attr: @attr ref +); + +attrs( + unique int id: @attr +); + +#keyset[id] +attr_meta( + int id: @attr ref, + int meta: @meta ref +); + +@callable = + @closure_expr +| @function +; + +#keyset[id] +callable_param_lists( + int id: @callable ref, + int param_list: @param_list ref +); + +#keyset[id, index] +callable_attrs( + int id: @callable ref, + int index: int ref, + int attr: @attr ref +); + +closure_binders( + unique int id: @closure_binder +); + +#keyset[id] +closure_binder_generic_param_lists( + int id: @closure_binder ref, + int generic_param_list: @generic_param_list ref +); + +@expr = + @array_expr_internal +| @asm_expr +| @await_expr +| @become_expr +| @binary_expr +| @break_expr +| @call_expr_base +| @cast_expr +| @closure_expr +| @continue_expr +| @field_expr +| @format_args_expr +| @if_expr +| @index_expr +| @labelable_expr +| @let_expr +| @literal_expr +| @macro_block_expr +| @macro_expr +| @match_expr +| @offset_of_expr +| @paren_expr +| @path_expr_base +| @prefix_expr +| @range_expr +| @ref_expr +| @return_expr +| @struct_expr +| @try_expr +| @tuple_expr +| @underscore_expr +| @yeet_expr +| @yield_expr +; + +@extern_item = + @function +| @macro_call +| @static +| @type_alias +; + +extern_item_lists( + unique int id: @extern_item_list +); + +#keyset[id, index] +extern_item_list_attrs( + int id: @extern_item_list ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id, index] +extern_item_list_extern_items( + int id: @extern_item_list ref, + int index: int ref, + int extern_item: @extern_item ref +); + +@field_list = + @struct_field_list +| @tuple_field_list +; + +format_args_args( + unique int id: @format_args_arg +); + +#keyset[id] +format_args_arg_exprs( + int id: @format_args_arg ref, + int expr: @expr ref +); + +#keyset[id] +format_args_arg_names( + int id: @format_args_arg ref, + int name: @name ref +); + +@generic_arg = + @assoc_type_arg +| @const_arg +| @lifetime_arg +| @type_arg +; + +generic_arg_lists( + unique int id: @generic_arg_list +); + +#keyset[id, index] +generic_arg_list_generic_args( + int id: @generic_arg_list ref, + int index: int ref, + int generic_arg: @generic_arg ref +); + +@generic_param = + @const_param +| @lifetime_param +| @type_param +; + +generic_param_lists( + unique int id: @generic_param_list +); + +#keyset[id, index] +generic_param_list_generic_params( + int id: @generic_param_list ref, + int index: int ref, + int generic_param: @generic_param ref +); + +item_lists( + unique int id: @item_list +); + +#keyset[id, index] +item_list_attrs( + int id: @item_list ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id, index] +item_list_items( + int id: @item_list ref, + int index: int ref, + int item: @item ref +); + +labels( + unique int id: @label +); + +#keyset[id] +label_lifetimes( + int id: @label ref, + int lifetime: @lifetime ref +); + +let_elses( + unique int id: @let_else +); + +#keyset[id] +let_else_block_exprs( + int id: @let_else ref, + int block_expr: @block_expr ref +); + +macro_items( + unique int id: @macro_items +); + +#keyset[id, index] +macro_items_items( + int id: @macro_items ref, + int index: int ref, + int item: @item ref +); + +match_arms( + unique int id: @match_arm +); + +#keyset[id, index] +match_arm_attrs( + int id: @match_arm ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +match_arm_exprs( + int id: @match_arm ref, + int expr: @expr ref +); + +#keyset[id] +match_arm_guards( + int id: @match_arm ref, + int guard: @match_guard ref +); + +#keyset[id] +match_arm_pats( + int id: @match_arm ref, + int pat: @pat ref +); + +match_arm_lists( + unique int id: @match_arm_list +); + +#keyset[id, index] +match_arm_list_arms( + int id: @match_arm_list ref, + int index: int ref, + int arm: @match_arm ref +); + +#keyset[id, index] +match_arm_list_attrs( + int id: @match_arm_list ref, + int index: int ref, + int attr: @attr ref +); + +match_guards( + unique int id: @match_guard +); + +#keyset[id] +match_guard_conditions( + int id: @match_guard ref, + int condition: @expr ref +); + +meta( + unique int id: @meta +); + +#keyset[id] +meta_exprs( + int id: @meta ref, + int expr: @expr ref +); + +#keyset[id] +meta_is_unsafe( + int id: @meta ref +); + +#keyset[id] +meta_paths( + int id: @meta ref, + int path: @path ref +); + +#keyset[id] +meta_token_trees( + int id: @meta ref, + int token_tree: @token_tree ref +); + +names( + unique int id: @name +); + +#keyset[id] +name_texts( + int id: @name ref, + string text: string ref +); + +@param_base = + @param +| @self_param +; + +#keyset[id, index] +param_base_attrs( + int id: @param_base ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +param_base_type_reprs( + int id: @param_base ref, + int type_repr: @type_repr ref +); + +param_lists( + unique int id: @param_list +); + +#keyset[id, index] +param_list_params( + int id: @param_list ref, + int index: int ref, + int param: @param ref +); + +#keyset[id] +param_list_self_params( + int id: @param_list ref, + int self_param: @self_param ref +); + +parenthesized_arg_lists( + unique int id: @parenthesized_arg_list +); + +#keyset[id, index] +parenthesized_arg_list_type_args( + int id: @parenthesized_arg_list ref, + int index: int ref, + int type_arg: @type_arg ref +); + +@pat = + @box_pat +| @const_block_pat +| @ident_pat +| @literal_pat +| @macro_pat +| @or_pat +| @paren_pat +| @path_pat +| @range_pat +| @ref_pat +| @rest_pat +| @slice_pat +| @struct_pat +| @tuple_pat +| @tuple_struct_pat +| @wildcard_pat +; + +paths( + unique int id: @path +); + +#keyset[id] +path_qualifiers( + int id: @path ref, + int qualifier: @path ref +); + +#keyset[id] +path_segments_( + int id: @path ref, + int segment: @path_segment ref +); + +path_segments( + unique int id: @path_segment +); + +#keyset[id] +path_segment_generic_arg_lists( + int id: @path_segment ref, + int generic_arg_list: @generic_arg_list ref +); + +#keyset[id] +path_segment_identifiers( + int id: @path_segment ref, + int identifier: @name_ref ref +); + +#keyset[id] +path_segment_parenthesized_arg_lists( + int id: @path_segment ref, + int parenthesized_arg_list: @parenthesized_arg_list ref +); + +#keyset[id] +path_segment_ret_types( + int id: @path_segment ref, + int ret_type: @ret_type_repr ref +); + +#keyset[id] +path_segment_return_type_syntaxes( + int id: @path_segment ref, + int return_type_syntax: @return_type_syntax ref +); + +#keyset[id] +path_segment_type_reprs( + int id: @path_segment ref, + int type_repr: @type_repr ref +); + +#keyset[id] +path_segment_trait_type_reprs( + int id: @path_segment ref, + int trait_type_repr: @path_type_repr ref +); + +renames( + unique int id: @rename +); + +#keyset[id] +rename_names( + int id: @rename ref, + int name: @name ref +); + +@resolvable = + @method_call_expr +| @path_ast_node +; + +#keyset[id] +resolvable_resolved_paths( + int id: @resolvable ref, + string resolved_path: string ref +); + +#keyset[id] +resolvable_resolved_crate_origins( + int id: @resolvable ref, + string resolved_crate_origin: string ref +); + +ret_type_reprs( + unique int id: @ret_type_repr +); + +#keyset[id] +ret_type_repr_type_reprs( + int id: @ret_type_repr ref, + int type_repr: @type_repr ref +); + +return_type_syntaxes( + unique int id: @return_type_syntax +); + +source_files( + unique int id: @source_file +); + +#keyset[id, index] +source_file_attrs( + int id: @source_file ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id, index] +source_file_items( + int id: @source_file ref, + int index: int ref, + int item: @item ref +); + +@stmt = + @expr_stmt +| @item +| @let_stmt +; + +stmt_lists( + unique int id: @stmt_list +); + +#keyset[id, index] +stmt_list_attrs( + int id: @stmt_list ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id, index] +stmt_list_statements( + int id: @stmt_list ref, + int index: int ref, + int statement: @stmt ref +); + +#keyset[id] +stmt_list_tail_exprs( + int id: @stmt_list ref, + int tail_expr: @expr ref +); + +struct_expr_fields( + unique int id: @struct_expr_field +); + +#keyset[id, index] +struct_expr_field_attrs( + int id: @struct_expr_field ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +struct_expr_field_exprs( + int id: @struct_expr_field ref, + int expr: @expr ref +); + +#keyset[id] +struct_expr_field_identifiers( + int id: @struct_expr_field ref, + int identifier: @name_ref ref +); + +struct_expr_field_lists( + unique int id: @struct_expr_field_list +); + +#keyset[id, index] +struct_expr_field_list_attrs( + int id: @struct_expr_field_list ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id, index] +struct_expr_field_list_fields( + int id: @struct_expr_field_list ref, + int index: int ref, + int field: @struct_expr_field ref +); + +#keyset[id] +struct_expr_field_list_spreads( + int id: @struct_expr_field_list ref, + int spread: @expr ref +); + +struct_fields( + unique int id: @struct_field +); + +#keyset[id, index] +struct_field_attrs( + int id: @struct_field ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +struct_field_defaults( + int id: @struct_field ref, + int default: @expr ref +); + +#keyset[id] +struct_field_is_unsafe( + int id: @struct_field ref +); + +#keyset[id] +struct_field_names( + int id: @struct_field ref, + int name: @name ref +); + +#keyset[id] +struct_field_type_reprs( + int id: @struct_field ref, + int type_repr: @type_repr ref +); + +#keyset[id] +struct_field_visibilities( + int id: @struct_field ref, + int visibility: @visibility ref +); + +struct_pat_fields( + unique int id: @struct_pat_field +); + +#keyset[id, index] +struct_pat_field_attrs( + int id: @struct_pat_field ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +struct_pat_field_identifiers( + int id: @struct_pat_field ref, + int identifier: @name_ref ref +); + +#keyset[id] +struct_pat_field_pats( + int id: @struct_pat_field ref, + int pat: @pat ref +); + +struct_pat_field_lists( + unique int id: @struct_pat_field_list +); + +#keyset[id, index] +struct_pat_field_list_fields( + int id: @struct_pat_field_list ref, + int index: int ref, + int field: @struct_pat_field ref +); + +#keyset[id] +struct_pat_field_list_rest_pats( + int id: @struct_pat_field_list ref, + int rest_pat: @rest_pat ref +); + +@token = + @comment +; + +token_trees( + unique int id: @token_tree +); + +tuple_fields( + unique int id: @tuple_field +); + +#keyset[id, index] +tuple_field_attrs( + int id: @tuple_field ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +tuple_field_type_reprs( + int id: @tuple_field ref, + int type_repr: @type_repr ref +); + +#keyset[id] +tuple_field_visibilities( + int id: @tuple_field ref, + int visibility: @visibility ref +); + +type_bounds( + unique int id: @type_bound +); + +#keyset[id] +type_bound_is_async( + int id: @type_bound ref +); + +#keyset[id] +type_bound_is_const( + int id: @type_bound ref +); + +#keyset[id] +type_bound_lifetimes( + int id: @type_bound ref, + int lifetime: @lifetime ref +); + +#keyset[id] +type_bound_type_reprs( + int id: @type_bound ref, + int type_repr: @type_repr ref +); + +#keyset[id] +type_bound_use_bound_generic_args( + int id: @type_bound ref, + int use_bound_generic_args: @use_bound_generic_args ref +); + +type_bound_lists( + unique int id: @type_bound_list +); + +#keyset[id, index] +type_bound_list_bounds( + int id: @type_bound_list ref, + int index: int ref, + int bound: @type_bound ref +); + +@type_repr = + @array_type_repr +| @dyn_trait_type_repr +| @fn_ptr_type_repr +| @for_type_repr +| @impl_trait_type_repr +| @infer_type_repr +| @macro_type_repr +| @never_type_repr +| @paren_type_repr +| @path_type_repr +| @ptr_type_repr +| @ref_type_repr +| @slice_type_repr +| @tuple_type_repr +; + +@use_bound_generic_arg = + @lifetime +| @name_ref +; + +use_bound_generic_args( + unique int id: @use_bound_generic_args +); + +#keyset[id, index] +use_bound_generic_args_use_bound_generic_args( + int id: @use_bound_generic_args ref, + int index: int ref, + int use_bound_generic_arg: @use_bound_generic_arg ref +); + +use_trees( + unique int id: @use_tree +); + +#keyset[id] +use_tree_is_glob( + int id: @use_tree ref +); + +#keyset[id] +use_tree_paths( + int id: @use_tree ref, + int path: @path ref +); + +#keyset[id] +use_tree_renames( + int id: @use_tree ref, + int rename: @rename ref +); + +#keyset[id] +use_tree_use_tree_lists( + int id: @use_tree ref, + int use_tree_list: @use_tree_list ref +); + +use_tree_lists( + unique int id: @use_tree_list +); + +#keyset[id, index] +use_tree_list_use_trees( + int id: @use_tree_list ref, + int index: int ref, + int use_tree: @use_tree ref +); + +variant_lists( + unique int id: @variant_list +); + +#keyset[id, index] +variant_list_variants( + int id: @variant_list ref, + int index: int ref, + int variant: @variant ref +); + +visibilities( + unique int id: @visibility +); + +#keyset[id] +visibility_paths( + int id: @visibility ref, + int path: @path ref +); + +where_clauses( + unique int id: @where_clause +); + +#keyset[id, index] +where_clause_predicates( + int id: @where_clause ref, + int index: int ref, + int predicate: @where_pred ref +); + +where_preds( + unique int id: @where_pred +); + +#keyset[id] +where_pred_generic_param_lists( + int id: @where_pred ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +where_pred_lifetimes( + int id: @where_pred ref, + int lifetime: @lifetime ref +); + +#keyset[id] +where_pred_type_reprs( + int id: @where_pred ref, + int type_repr: @type_repr ref +); + +#keyset[id] +where_pred_type_bound_lists( + int id: @where_pred ref, + int type_bound_list: @type_bound_list ref +); + +array_expr_internals( + unique int id: @array_expr_internal +); + +#keyset[id, index] +array_expr_internal_attrs( + int id: @array_expr_internal ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id, index] +array_expr_internal_exprs( + int id: @array_expr_internal ref, + int index: int ref, + int expr: @expr ref +); + +#keyset[id] +array_expr_internal_is_semicolon( + int id: @array_expr_internal ref +); + +array_type_reprs( + unique int id: @array_type_repr +); + +#keyset[id] +array_type_repr_const_args( + int id: @array_type_repr ref, + int const_arg: @const_arg ref +); + +#keyset[id] +array_type_repr_element_type_reprs( + int id: @array_type_repr ref, + int element_type_repr: @type_repr ref +); + +asm_clobber_abis( + unique int id: @asm_clobber_abi +); + +asm_consts( + unique int id: @asm_const +); + +#keyset[id] +asm_const_exprs( + int id: @asm_const ref, + int expr: @expr ref +); + +#keyset[id] +asm_const_is_const( + int id: @asm_const ref +); + +asm_exprs( + unique int id: @asm_expr +); + +#keyset[id, index] +asm_expr_asm_pieces( + int id: @asm_expr ref, + int index: int ref, + int asm_piece: @asm_piece ref +); + +#keyset[id, index] +asm_expr_attrs( + int id: @asm_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id, index] +asm_expr_templates( + int id: @asm_expr ref, + int index: int ref, + int template: @expr ref +); + +asm_labels( + unique int id: @asm_label +); + +#keyset[id] +asm_label_block_exprs( + int id: @asm_label ref, + int block_expr: @block_expr ref +); + +asm_operand_nameds( + unique int id: @asm_operand_named +); + +#keyset[id] +asm_operand_named_asm_operands( + int id: @asm_operand_named ref, + int asm_operand: @asm_operand ref +); + +#keyset[id] +asm_operand_named_names( + int id: @asm_operand_named ref, + int name: @name ref +); + +asm_options_lists( + unique int id: @asm_options_list +); + +#keyset[id, index] +asm_options_list_asm_options( + int id: @asm_options_list ref, + int index: int ref, + int asm_option: @asm_option ref +); + +asm_reg_operands( + unique int id: @asm_reg_operand +); + +#keyset[id] +asm_reg_operand_asm_dir_specs( + int id: @asm_reg_operand ref, + int asm_dir_spec: @asm_dir_spec ref +); + +#keyset[id] +asm_reg_operand_asm_operand_exprs( + int id: @asm_reg_operand ref, + int asm_operand_expr: @asm_operand_expr ref +); + +#keyset[id] +asm_reg_operand_asm_reg_specs( + int id: @asm_reg_operand ref, + int asm_reg_spec: @asm_reg_spec ref +); + +asm_syms( + unique int id: @asm_sym +); + +#keyset[id] +asm_sym_paths( + int id: @asm_sym ref, + int path: @path ref +); + +assoc_type_args( + unique int id: @assoc_type_arg +); + +#keyset[id] +assoc_type_arg_const_args( + int id: @assoc_type_arg ref, + int const_arg: @const_arg ref +); + +#keyset[id] +assoc_type_arg_generic_arg_lists( + int id: @assoc_type_arg ref, + int generic_arg_list: @generic_arg_list ref +); + +#keyset[id] +assoc_type_arg_identifiers( + int id: @assoc_type_arg ref, + int identifier: @name_ref ref +); + +#keyset[id] +assoc_type_arg_param_lists( + int id: @assoc_type_arg ref, + int param_list: @param_list ref +); + +#keyset[id] +assoc_type_arg_ret_types( + int id: @assoc_type_arg ref, + int ret_type: @ret_type_repr ref +); + +#keyset[id] +assoc_type_arg_return_type_syntaxes( + int id: @assoc_type_arg ref, + int return_type_syntax: @return_type_syntax ref +); + +#keyset[id] +assoc_type_arg_type_reprs( + int id: @assoc_type_arg ref, + int type_repr: @type_repr ref +); + +#keyset[id] +assoc_type_arg_type_bound_lists( + int id: @assoc_type_arg ref, + int type_bound_list: @type_bound_list ref +); + +await_exprs( + unique int id: @await_expr +); + +#keyset[id, index] +await_expr_attrs( + int id: @await_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +await_expr_exprs( + int id: @await_expr ref, + int expr: @expr ref +); + +become_exprs( + unique int id: @become_expr +); + +#keyset[id, index] +become_expr_attrs( + int id: @become_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +become_expr_exprs( + int id: @become_expr ref, + int expr: @expr ref +); + +binary_exprs( + unique int id: @binary_expr +); + +#keyset[id, index] +binary_expr_attrs( + int id: @binary_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +binary_expr_lhs( + int id: @binary_expr ref, + int lhs: @expr ref +); + +#keyset[id] +binary_expr_operator_names( + int id: @binary_expr ref, + string operator_name: string ref +); + +#keyset[id] +binary_expr_rhs( + int id: @binary_expr ref, + int rhs: @expr ref +); + +box_pats( + unique int id: @box_pat +); + +#keyset[id] +box_pat_pats( + int id: @box_pat ref, + int pat: @pat ref +); + +break_exprs( + unique int id: @break_expr +); + +#keyset[id, index] +break_expr_attrs( + int id: @break_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +break_expr_exprs( + int id: @break_expr ref, + int expr: @expr ref +); + +#keyset[id] +break_expr_lifetimes( + int id: @break_expr ref, + int lifetime: @lifetime ref +); + +@call_expr_base = + @call_expr +| @method_call_expr +; + +#keyset[id] +call_expr_base_arg_lists( + int id: @call_expr_base ref, + int arg_list: @arg_list ref +); + +#keyset[id, index] +call_expr_base_attrs( + int id: @call_expr_base ref, + int index: int ref, + int attr: @attr ref +); + +cast_exprs( + unique int id: @cast_expr +); + +#keyset[id, index] +cast_expr_attrs( + int id: @cast_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +cast_expr_exprs( + int id: @cast_expr ref, + int expr: @expr ref +); + +#keyset[id] +cast_expr_type_reprs( + int id: @cast_expr ref, + int type_repr: @type_repr ref +); + +closure_exprs( + unique int id: @closure_expr +); + +#keyset[id] +closure_expr_bodies( + int id: @closure_expr ref, + int body: @expr ref +); + +#keyset[id] +closure_expr_closure_binders( + int id: @closure_expr ref, + int closure_binder: @closure_binder ref +); + +#keyset[id] +closure_expr_is_async( + int id: @closure_expr ref +); + +#keyset[id] +closure_expr_is_const( + int id: @closure_expr ref +); + +#keyset[id] +closure_expr_is_gen( + int id: @closure_expr ref +); + +#keyset[id] +closure_expr_is_move( + int id: @closure_expr ref +); + +#keyset[id] +closure_expr_is_static( + int id: @closure_expr ref +); + +#keyset[id] +closure_expr_ret_types( + int id: @closure_expr ref, + int ret_type: @ret_type_repr ref +); + +comments( + unique int id: @comment, + int parent: @ast_node ref, + string text: string ref +); + +const_args( + unique int id: @const_arg +); + +#keyset[id] +const_arg_exprs( + int id: @const_arg ref, + int expr: @expr ref +); + +const_block_pats( + unique int id: @const_block_pat +); + +#keyset[id] +const_block_pat_block_exprs( + int id: @const_block_pat ref, + int block_expr: @block_expr ref +); + +#keyset[id] +const_block_pat_is_const( + int id: @const_block_pat ref +); + +const_params( + unique int id: @const_param +); + +#keyset[id, index] +const_param_attrs( + int id: @const_param ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +const_param_default_vals( + int id: @const_param ref, + int default_val: @const_arg ref +); + +#keyset[id] +const_param_is_const( + int id: @const_param ref +); + +#keyset[id] +const_param_names( + int id: @const_param ref, + int name: @name ref +); + +#keyset[id] +const_param_type_reprs( + int id: @const_param ref, + int type_repr: @type_repr ref +); + +continue_exprs( + unique int id: @continue_expr +); + +#keyset[id, index] +continue_expr_attrs( + int id: @continue_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +continue_expr_lifetimes( + int id: @continue_expr ref, + int lifetime: @lifetime ref +); + +dyn_trait_type_reprs( + unique int id: @dyn_trait_type_repr +); + +#keyset[id] +dyn_trait_type_repr_type_bound_lists( + int id: @dyn_trait_type_repr ref, + int type_bound_list: @type_bound_list ref +); + +expr_stmts( + unique int id: @expr_stmt +); + +#keyset[id] +expr_stmt_exprs( + int id: @expr_stmt ref, + int expr: @expr ref +); + +field_exprs( + unique int id: @field_expr +); + +#keyset[id, index] +field_expr_attrs( + int id: @field_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +field_expr_containers( + int id: @field_expr ref, + int container: @expr ref +); + +#keyset[id] +field_expr_identifiers( + int id: @field_expr ref, + int identifier: @name_ref ref +); + +fn_ptr_type_reprs( + unique int id: @fn_ptr_type_repr +); + +#keyset[id] +fn_ptr_type_repr_abis( + int id: @fn_ptr_type_repr ref, + int abi: @abi ref +); + +#keyset[id] +fn_ptr_type_repr_is_async( + int id: @fn_ptr_type_repr ref +); + +#keyset[id] +fn_ptr_type_repr_is_const( + int id: @fn_ptr_type_repr ref +); + +#keyset[id] +fn_ptr_type_repr_is_unsafe( + int id: @fn_ptr_type_repr ref +); + +#keyset[id] +fn_ptr_type_repr_param_lists( + int id: @fn_ptr_type_repr ref, + int param_list: @param_list ref +); + +#keyset[id] +fn_ptr_type_repr_ret_types( + int id: @fn_ptr_type_repr ref, + int ret_type: @ret_type_repr ref +); + +for_type_reprs( + unique int id: @for_type_repr +); + +#keyset[id] +for_type_repr_generic_param_lists( + int id: @for_type_repr ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +for_type_repr_type_reprs( + int id: @for_type_repr ref, + int type_repr: @type_repr ref +); + +format_args_exprs( + unique int id: @format_args_expr +); + +#keyset[id, index] +format_args_expr_args( + int id: @format_args_expr ref, + int index: int ref, + int arg: @format_args_arg ref +); + +#keyset[id, index] +format_args_expr_attrs( + int id: @format_args_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +format_args_expr_templates( + int id: @format_args_expr ref, + int template: @expr ref +); + +ident_pats( + unique int id: @ident_pat +); + +#keyset[id, index] +ident_pat_attrs( + int id: @ident_pat ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +ident_pat_is_mut( + int id: @ident_pat ref +); + +#keyset[id] +ident_pat_is_ref( + int id: @ident_pat ref +); + +#keyset[id] +ident_pat_names( + int id: @ident_pat ref, + int name: @name ref +); + +#keyset[id] +ident_pat_pats( + int id: @ident_pat ref, + int pat: @pat ref +); + +if_exprs( + unique int id: @if_expr +); + +#keyset[id, index] +if_expr_attrs( + int id: @if_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +if_expr_conditions( + int id: @if_expr ref, + int condition: @expr ref +); + +#keyset[id] +if_expr_elses( + int id: @if_expr ref, + int else: @expr ref +); + +#keyset[id] +if_expr_thens( + int id: @if_expr ref, + int then: @block_expr ref +); + +impl_trait_type_reprs( + unique int id: @impl_trait_type_repr +); + +#keyset[id] +impl_trait_type_repr_type_bound_lists( + int id: @impl_trait_type_repr ref, + int type_bound_list: @type_bound_list ref +); + +index_exprs( + unique int id: @index_expr +); + +#keyset[id, index] +index_expr_attrs( + int id: @index_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +index_expr_bases( + int id: @index_expr ref, + int base: @expr ref +); + +#keyset[id] +index_expr_indices( + int id: @index_expr ref, + int index: @expr ref +); + +infer_type_reprs( + unique int id: @infer_type_repr +); + +@item = + @adt +| @const +| @extern_block +| @extern_crate +| @function +| @impl +| @macro_call +| @macro_def +| @macro_rules +| @module +| @static +| @trait +| @trait_alias +| @type_alias +| @use +; + +#keyset[id] +item_attribute_macro_expansions( + int id: @item ref, + int attribute_macro_expansion: @macro_items ref +); + +@labelable_expr = + @block_expr +| @looping_expr +; + +#keyset[id] +labelable_expr_labels( + int id: @labelable_expr ref, + int label: @label ref +); + +let_exprs( + unique int id: @let_expr +); + +#keyset[id, index] +let_expr_attrs( + int id: @let_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +let_expr_scrutinees( + int id: @let_expr ref, + int scrutinee: @expr ref +); + +#keyset[id] +let_expr_pats( + int id: @let_expr ref, + int pat: @pat ref +); + +let_stmts( + unique int id: @let_stmt +); + +#keyset[id, index] +let_stmt_attrs( + int id: @let_stmt ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +let_stmt_initializers( + int id: @let_stmt ref, + int initializer: @expr ref +); + +#keyset[id] +let_stmt_let_elses( + int id: @let_stmt ref, + int let_else: @let_else ref +); + +#keyset[id] +let_stmt_pats( + int id: @let_stmt ref, + int pat: @pat ref +); + +#keyset[id] +let_stmt_type_reprs( + int id: @let_stmt ref, + int type_repr: @type_repr ref +); + +lifetimes( + unique int id: @lifetime +); + +#keyset[id] +lifetime_texts( + int id: @lifetime ref, + string text: string ref +); + +lifetime_args( + unique int id: @lifetime_arg +); + +#keyset[id] +lifetime_arg_lifetimes( + int id: @lifetime_arg ref, + int lifetime: @lifetime ref +); + +lifetime_params( + unique int id: @lifetime_param +); + +#keyset[id, index] +lifetime_param_attrs( + int id: @lifetime_param ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +lifetime_param_lifetimes( + int id: @lifetime_param ref, + int lifetime: @lifetime ref +); + +#keyset[id] +lifetime_param_type_bound_lists( + int id: @lifetime_param ref, + int type_bound_list: @type_bound_list ref +); + +literal_exprs( + unique int id: @literal_expr +); + +#keyset[id, index] +literal_expr_attrs( + int id: @literal_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +literal_expr_text_values( + int id: @literal_expr ref, + string text_value: string ref +); + +literal_pats( + unique int id: @literal_pat +); + +#keyset[id] +literal_pat_literals( + int id: @literal_pat ref, + int literal: @literal_expr ref +); + +macro_block_exprs( + unique int id: @macro_block_expr +); + +#keyset[id] +macro_block_expr_tail_exprs( + int id: @macro_block_expr ref, + int tail_expr: @expr ref +); + +#keyset[id, index] +macro_block_expr_statements( + int id: @macro_block_expr ref, + int index: int ref, + int statement: @stmt ref +); + +macro_exprs( + unique int id: @macro_expr +); + +#keyset[id] +macro_expr_macro_calls( + int id: @macro_expr ref, + int macro_call: @macro_call ref +); + +macro_pats( + unique int id: @macro_pat +); + +#keyset[id] +macro_pat_macro_calls( + int id: @macro_pat ref, + int macro_call: @macro_call ref +); + +macro_type_reprs( + unique int id: @macro_type_repr +); + +#keyset[id] +macro_type_repr_macro_calls( + int id: @macro_type_repr ref, + int macro_call: @macro_call ref +); + +match_exprs( + unique int id: @match_expr +); + +#keyset[id, index] +match_expr_attrs( + int id: @match_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +match_expr_scrutinees( + int id: @match_expr ref, + int scrutinee: @expr ref +); + +#keyset[id] +match_expr_match_arm_lists( + int id: @match_expr ref, + int match_arm_list: @match_arm_list ref +); + +name_refs( + unique int id: @name_ref +); + +#keyset[id] +name_ref_texts( + int id: @name_ref ref, + string text: string ref +); + +never_type_reprs( + unique int id: @never_type_repr +); + +offset_of_exprs( + unique int id: @offset_of_expr +); + +#keyset[id, index] +offset_of_expr_attrs( + int id: @offset_of_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id, index] +offset_of_expr_fields( + int id: @offset_of_expr ref, + int index: int ref, + int field: @name_ref ref +); + +#keyset[id] +offset_of_expr_type_reprs( + int id: @offset_of_expr ref, + int type_repr: @type_repr ref +); + +or_pats( + unique int id: @or_pat +); + +#keyset[id, index] +or_pat_pats( + int id: @or_pat ref, + int index: int ref, + int pat: @pat ref +); + +params( + unique int id: @param +); + +#keyset[id] +param_pats( + int id: @param ref, + int pat: @pat ref +); + +paren_exprs( + unique int id: @paren_expr +); + +#keyset[id, index] +paren_expr_attrs( + int id: @paren_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +paren_expr_exprs( + int id: @paren_expr ref, + int expr: @expr ref +); + +paren_pats( + unique int id: @paren_pat +); + +#keyset[id] +paren_pat_pats( + int id: @paren_pat ref, + int pat: @pat ref +); + +paren_type_reprs( + unique int id: @paren_type_repr +); + +#keyset[id] +paren_type_repr_type_reprs( + int id: @paren_type_repr ref, + int type_repr: @type_repr ref +); + +@path_ast_node = + @path_expr +| @path_pat +| @struct_expr +| @struct_pat +| @tuple_struct_pat +; + +#keyset[id] +path_ast_node_paths( + int id: @path_ast_node ref, + int path: @path ref +); + +@path_expr_base = + @path_expr +; + +path_type_reprs( + unique int id: @path_type_repr +); + +#keyset[id] +path_type_repr_paths( + int id: @path_type_repr ref, + int path: @path ref +); + +prefix_exprs( + unique int id: @prefix_expr +); + +#keyset[id, index] +prefix_expr_attrs( + int id: @prefix_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +prefix_expr_exprs( + int id: @prefix_expr ref, + int expr: @expr ref +); + +#keyset[id] +prefix_expr_operator_names( + int id: @prefix_expr ref, + string operator_name: string ref +); + +ptr_type_reprs( + unique int id: @ptr_type_repr +); + +#keyset[id] +ptr_type_repr_is_const( + int id: @ptr_type_repr ref +); + +#keyset[id] +ptr_type_repr_is_mut( + int id: @ptr_type_repr ref +); + +#keyset[id] +ptr_type_repr_type_reprs( + int id: @ptr_type_repr ref, + int type_repr: @type_repr ref +); + +range_exprs( + unique int id: @range_expr +); + +#keyset[id, index] +range_expr_attrs( + int id: @range_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +range_expr_ends( + int id: @range_expr ref, + int end: @expr ref +); + +#keyset[id] +range_expr_operator_names( + int id: @range_expr ref, + string operator_name: string ref +); + +#keyset[id] +range_expr_starts( + int id: @range_expr ref, + int start: @expr ref +); + +range_pats( + unique int id: @range_pat +); + +#keyset[id] +range_pat_ends( + int id: @range_pat ref, + int end: @pat ref +); + +#keyset[id] +range_pat_operator_names( + int id: @range_pat ref, + string operator_name: string ref +); + +#keyset[id] +range_pat_starts( + int id: @range_pat ref, + int start: @pat ref +); + +ref_exprs( + unique int id: @ref_expr +); + +#keyset[id, index] +ref_expr_attrs( + int id: @ref_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +ref_expr_exprs( + int id: @ref_expr ref, + int expr: @expr ref +); + +#keyset[id] +ref_expr_is_const( + int id: @ref_expr ref +); + +#keyset[id] +ref_expr_is_mut( + int id: @ref_expr ref +); + +#keyset[id] +ref_expr_is_raw( + int id: @ref_expr ref +); + +ref_pats( + unique int id: @ref_pat +); + +#keyset[id] +ref_pat_is_mut( + int id: @ref_pat ref +); + +#keyset[id] +ref_pat_pats( + int id: @ref_pat ref, + int pat: @pat ref +); + +ref_type_reprs( + unique int id: @ref_type_repr +); + +#keyset[id] +ref_type_repr_is_mut( + int id: @ref_type_repr ref +); + +#keyset[id] +ref_type_repr_lifetimes( + int id: @ref_type_repr ref, + int lifetime: @lifetime ref +); + +#keyset[id] +ref_type_repr_type_reprs( + int id: @ref_type_repr ref, + int type_repr: @type_repr ref +); + +rest_pats( + unique int id: @rest_pat +); + +#keyset[id, index] +rest_pat_attrs( + int id: @rest_pat ref, + int index: int ref, + int attr: @attr ref +); + +return_exprs( + unique int id: @return_expr +); + +#keyset[id, index] +return_expr_attrs( + int id: @return_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +return_expr_exprs( + int id: @return_expr ref, + int expr: @expr ref +); + +self_params( + unique int id: @self_param +); + +#keyset[id] +self_param_is_ref( + int id: @self_param ref +); + +#keyset[id] +self_param_is_mut( + int id: @self_param ref +); + +#keyset[id] +self_param_lifetimes( + int id: @self_param ref, + int lifetime: @lifetime ref +); + +#keyset[id] +self_param_names( + int id: @self_param ref, + int name: @name ref +); + +slice_pats( + unique int id: @slice_pat +); + +#keyset[id, index] +slice_pat_pats( + int id: @slice_pat ref, + int index: int ref, + int pat: @pat ref +); + +slice_type_reprs( + unique int id: @slice_type_repr +); + +#keyset[id] +slice_type_repr_type_reprs( + int id: @slice_type_repr ref, + int type_repr: @type_repr ref +); + +struct_field_lists( + unique int id: @struct_field_list +); + +#keyset[id, index] +struct_field_list_fields( + int id: @struct_field_list ref, + int index: int ref, + int field: @struct_field ref +); + +try_exprs( + unique int id: @try_expr +); + +#keyset[id, index] +try_expr_attrs( + int id: @try_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +try_expr_exprs( + int id: @try_expr ref, + int expr: @expr ref +); + +tuple_exprs( + unique int id: @tuple_expr +); + +#keyset[id, index] +tuple_expr_attrs( + int id: @tuple_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id, index] +tuple_expr_fields( + int id: @tuple_expr ref, + int index: int ref, + int field: @expr ref +); + +tuple_field_lists( + unique int id: @tuple_field_list +); + +#keyset[id, index] +tuple_field_list_fields( + int id: @tuple_field_list ref, + int index: int ref, + int field: @tuple_field ref +); + +tuple_pats( + unique int id: @tuple_pat +); + +#keyset[id, index] +tuple_pat_fields( + int id: @tuple_pat ref, + int index: int ref, + int field: @pat ref +); + +tuple_type_reprs( + unique int id: @tuple_type_repr +); + +#keyset[id, index] +tuple_type_repr_fields( + int id: @tuple_type_repr ref, + int index: int ref, + int field: @type_repr ref +); + +type_args( + unique int id: @type_arg +); + +#keyset[id] +type_arg_type_reprs( + int id: @type_arg ref, + int type_repr: @type_repr ref +); + +type_params( + unique int id: @type_param +); + +#keyset[id, index] +type_param_attrs( + int id: @type_param ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +type_param_default_types( + int id: @type_param ref, + int default_type: @type_repr ref +); + +#keyset[id] +type_param_names( + int id: @type_param ref, + int name: @name ref +); + +#keyset[id] +type_param_type_bound_lists( + int id: @type_param ref, + int type_bound_list: @type_bound_list ref +); + +underscore_exprs( + unique int id: @underscore_expr +); + +#keyset[id, index] +underscore_expr_attrs( + int id: @underscore_expr ref, + int index: int ref, + int attr: @attr ref +); + +variants( + unique int id: @variant +); + +#keyset[id, index] +variant_attrs( + int id: @variant ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +variant_discriminants( + int id: @variant ref, + int discriminant: @expr ref +); + +#keyset[id] +variant_field_lists( + int id: @variant ref, + int field_list: @field_list ref +); + +#keyset[id] +variant_names( + int id: @variant ref, + int name: @name ref +); + +#keyset[id] +variant_visibilities( + int id: @variant ref, + int visibility: @visibility ref +); + +wildcard_pats( + unique int id: @wildcard_pat +); + +yeet_exprs( + unique int id: @yeet_expr +); + +#keyset[id, index] +yeet_expr_attrs( + int id: @yeet_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +yeet_expr_exprs( + int id: @yeet_expr ref, + int expr: @expr ref +); + +yield_exprs( + unique int id: @yield_expr +); + +#keyset[id, index] +yield_expr_attrs( + int id: @yield_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +yield_expr_exprs( + int id: @yield_expr ref, + int expr: @expr ref +); + +@adt = + @enum +| @struct +| @union +; + +#keyset[id, index] +adt_derive_macro_expansions( + int id: @adt ref, + int index: int ref, + int derive_macro_expansion: @macro_items ref +); + +block_exprs( + unique int id: @block_expr +); + +#keyset[id, index] +block_expr_attrs( + int id: @block_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +block_expr_is_async( + int id: @block_expr ref +); + +#keyset[id] +block_expr_is_const( + int id: @block_expr ref +); + +#keyset[id] +block_expr_is_gen( + int id: @block_expr ref +); + +#keyset[id] +block_expr_is_move( + int id: @block_expr ref +); + +#keyset[id] +block_expr_is_try( + int id: @block_expr ref +); + +#keyset[id] +block_expr_is_unsafe( + int id: @block_expr ref +); + +#keyset[id] +block_expr_stmt_lists( + int id: @block_expr ref, + int stmt_list: @stmt_list ref +); + +call_exprs( + unique int id: @call_expr +); + +#keyset[id] +call_expr_functions( + int id: @call_expr ref, + int function: @expr ref +); + +consts( + unique int id: @const +); + +#keyset[id, index] +const_attrs( + int id: @const ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +const_bodies( + int id: @const ref, + int body: @expr ref +); + +#keyset[id] +const_generic_param_lists( + int id: @const ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +const_is_const( + int id: @const ref +); + +#keyset[id] +const_is_default( + int id: @const ref +); + +#keyset[id] +const_names( + int id: @const ref, + int name: @name ref +); + +#keyset[id] +const_type_reprs( + int id: @const ref, + int type_repr: @type_repr ref +); + +#keyset[id] +const_visibilities( + int id: @const ref, + int visibility: @visibility ref +); + +#keyset[id] +const_where_clauses( + int id: @const ref, + int where_clause: @where_clause ref +); + +#keyset[id] +const_has_implementation( + int id: @const ref +); + +extern_blocks( + unique int id: @extern_block +); + +#keyset[id] +extern_block_abis( + int id: @extern_block ref, + int abi: @abi ref +); + +#keyset[id, index] +extern_block_attrs( + int id: @extern_block ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +extern_block_extern_item_lists( + int id: @extern_block ref, + int extern_item_list: @extern_item_list ref +); + +#keyset[id] +extern_block_is_unsafe( + int id: @extern_block ref +); + +extern_crates( + unique int id: @extern_crate +); + +#keyset[id, index] +extern_crate_attrs( + int id: @extern_crate ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +extern_crate_identifiers( + int id: @extern_crate ref, + int identifier: @name_ref ref +); + +#keyset[id] +extern_crate_renames( + int id: @extern_crate ref, + int rename: @rename ref +); + +#keyset[id] +extern_crate_visibilities( + int id: @extern_crate ref, + int visibility: @visibility ref +); + +functions( + unique int id: @function +); + +#keyset[id] +function_abis( + int id: @function ref, + int abi: @abi ref +); + +#keyset[id] +function_bodies( + int id: @function ref, + int body: @block_expr ref +); + +#keyset[id] +function_generic_param_lists( + int id: @function ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +function_is_async( + int id: @function ref +); + +#keyset[id] +function_is_const( + int id: @function ref +); + +#keyset[id] +function_is_default( + int id: @function ref +); + +#keyset[id] +function_is_gen( + int id: @function ref +); + +#keyset[id] +function_is_unsafe( + int id: @function ref +); + +#keyset[id] +function_names( + int id: @function ref, + int name: @name ref +); + +#keyset[id] +function_ret_types( + int id: @function ref, + int ret_type: @ret_type_repr ref +); + +#keyset[id] +function_visibilities( + int id: @function ref, + int visibility: @visibility ref +); + +#keyset[id] +function_where_clauses( + int id: @function ref, + int where_clause: @where_clause ref +); + +#keyset[id] +function_has_implementation( + int id: @function ref +); + +impls( + unique int id: @impl +); + +#keyset[id] +impl_assoc_item_lists( + int id: @impl ref, + int assoc_item_list: @assoc_item_list ref +); + +#keyset[id, index] +impl_attrs( + int id: @impl ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +impl_generic_param_lists( + int id: @impl ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +impl_is_const( + int id: @impl ref +); + +#keyset[id] +impl_is_default( + int id: @impl ref +); + +#keyset[id] +impl_is_unsafe( + int id: @impl ref +); + +#keyset[id] +impl_self_ties( + int id: @impl ref, + int self_ty: @type_repr ref +); + +#keyset[id] +impl_traits( + int id: @impl ref, + int trait: @type_repr ref +); + +#keyset[id] +impl_visibilities( + int id: @impl ref, + int visibility: @visibility ref +); + +#keyset[id] +impl_where_clauses( + int id: @impl ref, + int where_clause: @where_clause ref +); + +@looping_expr = + @for_expr +| @loop_expr +| @while_expr +; + +#keyset[id] +looping_expr_loop_bodies( + int id: @looping_expr ref, + int loop_body: @block_expr ref +); + +macro_calls( + unique int id: @macro_call +); + +#keyset[id, index] +macro_call_attrs( + int id: @macro_call ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +macro_call_paths( + int id: @macro_call ref, + int path: @path ref +); + +#keyset[id] +macro_call_token_trees( + int id: @macro_call ref, + int token_tree: @token_tree ref +); + +#keyset[id] +macro_call_macro_call_expansions( + int id: @macro_call ref, + int macro_call_expansion: @ast_node ref +); + +macro_defs( + unique int id: @macro_def +); + +#keyset[id] +macro_def_args( + int id: @macro_def ref, + int args: @token_tree ref +); + +#keyset[id, index] +macro_def_attrs( + int id: @macro_def ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +macro_def_bodies( + int id: @macro_def ref, + int body: @token_tree ref +); + +#keyset[id] +macro_def_names( + int id: @macro_def ref, + int name: @name ref +); + +#keyset[id] +macro_def_visibilities( + int id: @macro_def ref, + int visibility: @visibility ref +); + +macro_rules( + unique int id: @macro_rules +); + +#keyset[id, index] +macro_rules_attrs( + int id: @macro_rules ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +macro_rules_names( + int id: @macro_rules ref, + int name: @name ref +); + +#keyset[id] +macro_rules_token_trees( + int id: @macro_rules ref, + int token_tree: @token_tree ref +); + +#keyset[id] +macro_rules_visibilities( + int id: @macro_rules ref, + int visibility: @visibility ref +); + +method_call_exprs( + unique int id: @method_call_expr +); + +#keyset[id] +method_call_expr_generic_arg_lists( + int id: @method_call_expr ref, + int generic_arg_list: @generic_arg_list ref +); + +#keyset[id] +method_call_expr_identifiers( + int id: @method_call_expr ref, + int identifier: @name_ref ref +); + +#keyset[id] +method_call_expr_receivers( + int id: @method_call_expr ref, + int receiver: @expr ref +); + +modules( + unique int id: @module +); + +#keyset[id, index] +module_attrs( + int id: @module ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +module_item_lists( + int id: @module ref, + int item_list: @item_list ref +); + +#keyset[id] +module_names( + int id: @module ref, + int name: @name ref +); + +#keyset[id] +module_visibilities( + int id: @module ref, + int visibility: @visibility ref +); + +path_exprs( + unique int id: @path_expr +); + +#keyset[id, index] +path_expr_attrs( + int id: @path_expr ref, + int index: int ref, + int attr: @attr ref +); + +path_pats( + unique int id: @path_pat +); + +statics( + unique int id: @static +); + +#keyset[id, index] +static_attrs( + int id: @static ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +static_bodies( + int id: @static ref, + int body: @expr ref +); + +#keyset[id] +static_is_mut( + int id: @static ref +); + +#keyset[id] +static_is_static( + int id: @static ref +); + +#keyset[id] +static_is_unsafe( + int id: @static ref +); + +#keyset[id] +static_names( + int id: @static ref, + int name: @name ref +); + +#keyset[id] +static_type_reprs( + int id: @static ref, + int type_repr: @type_repr ref +); + +#keyset[id] +static_visibilities( + int id: @static ref, + int visibility: @visibility ref +); + +struct_exprs( + unique int id: @struct_expr +); + +#keyset[id] +struct_expr_struct_expr_field_lists( + int id: @struct_expr ref, + int struct_expr_field_list: @struct_expr_field_list ref +); + +struct_pats( + unique int id: @struct_pat +); + +#keyset[id] +struct_pat_struct_pat_field_lists( + int id: @struct_pat ref, + int struct_pat_field_list: @struct_pat_field_list ref +); + +traits( + unique int id: @trait +); + +#keyset[id] +trait_assoc_item_lists( + int id: @trait ref, + int assoc_item_list: @assoc_item_list ref +); + +#keyset[id, index] +trait_attrs( + int id: @trait ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +trait_generic_param_lists( + int id: @trait ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +trait_is_auto( + int id: @trait ref +); + +#keyset[id] +trait_is_unsafe( + int id: @trait ref +); + +#keyset[id] +trait_names( + int id: @trait ref, + int name: @name ref +); + +#keyset[id] +trait_type_bound_lists( + int id: @trait ref, + int type_bound_list: @type_bound_list ref +); + +#keyset[id] +trait_visibilities( + int id: @trait ref, + int visibility: @visibility ref +); + +#keyset[id] +trait_where_clauses( + int id: @trait ref, + int where_clause: @where_clause ref +); + +trait_aliases( + unique int id: @trait_alias +); + +#keyset[id, index] +trait_alias_attrs( + int id: @trait_alias ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +trait_alias_generic_param_lists( + int id: @trait_alias ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +trait_alias_names( + int id: @trait_alias ref, + int name: @name ref +); + +#keyset[id] +trait_alias_type_bound_lists( + int id: @trait_alias ref, + int type_bound_list: @type_bound_list ref +); + +#keyset[id] +trait_alias_visibilities( + int id: @trait_alias ref, + int visibility: @visibility ref +); + +#keyset[id] +trait_alias_where_clauses( + int id: @trait_alias ref, + int where_clause: @where_clause ref +); + +tuple_struct_pats( + unique int id: @tuple_struct_pat +); + +#keyset[id, index] +tuple_struct_pat_fields( + int id: @tuple_struct_pat ref, + int index: int ref, + int field: @pat ref +); + +type_aliases( + unique int id: @type_alias +); + +#keyset[id, index] +type_alias_attrs( + int id: @type_alias ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +type_alias_generic_param_lists( + int id: @type_alias ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +type_alias_is_default( + int id: @type_alias ref +); + +#keyset[id] +type_alias_names( + int id: @type_alias ref, + int name: @name ref +); + +#keyset[id] +type_alias_type_reprs( + int id: @type_alias ref, + int type_repr: @type_repr ref +); + +#keyset[id] +type_alias_type_bound_lists( + int id: @type_alias ref, + int type_bound_list: @type_bound_list ref +); + +#keyset[id] +type_alias_visibilities( + int id: @type_alias ref, + int visibility: @visibility ref +); + +#keyset[id] +type_alias_where_clauses( + int id: @type_alias ref, + int where_clause: @where_clause ref +); + +uses( + unique int id: @use +); + +#keyset[id, index] +use_attrs( + int id: @use ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +use_use_trees( + int id: @use ref, + int use_tree: @use_tree ref +); + +#keyset[id] +use_visibilities( + int id: @use ref, + int visibility: @visibility ref +); + +enums( + unique int id: @enum +); + +#keyset[id, index] +enum_attrs( + int id: @enum ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +enum_generic_param_lists( + int id: @enum ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +enum_names( + int id: @enum ref, + int name: @name ref +); + +#keyset[id] +enum_variant_lists( + int id: @enum ref, + int variant_list: @variant_list ref +); + +#keyset[id] +enum_visibilities( + int id: @enum ref, + int visibility: @visibility ref +); + +#keyset[id] +enum_where_clauses( + int id: @enum ref, + int where_clause: @where_clause ref +); + +for_exprs( + unique int id: @for_expr +); + +#keyset[id, index] +for_expr_attrs( + int id: @for_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +for_expr_iterables( + int id: @for_expr ref, + int iterable: @expr ref +); + +#keyset[id] +for_expr_pats( + int id: @for_expr ref, + int pat: @pat ref +); + +loop_exprs( + unique int id: @loop_expr +); + +#keyset[id, index] +loop_expr_attrs( + int id: @loop_expr ref, + int index: int ref, + int attr: @attr ref +); + +structs( + unique int id: @struct +); + +#keyset[id, index] +struct_attrs( + int id: @struct ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +struct_field_lists_( + int id: @struct ref, + int field_list: @field_list ref +); + +#keyset[id] +struct_generic_param_lists( + int id: @struct ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +struct_names( + int id: @struct ref, + int name: @name ref +); + +#keyset[id] +struct_visibilities( + int id: @struct ref, + int visibility: @visibility ref +); + +#keyset[id] +struct_where_clauses( + int id: @struct ref, + int where_clause: @where_clause ref +); + +unions( + unique int id: @union +); + +#keyset[id, index] +union_attrs( + int id: @union ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +union_generic_param_lists( + int id: @union ref, + int generic_param_list: @generic_param_list ref +); + +#keyset[id] +union_names( + int id: @union ref, + int name: @name ref +); + +#keyset[id] +union_struct_field_lists( + int id: @union ref, + int struct_field_list: @struct_field_list ref +); + +#keyset[id] +union_visibilities( + int id: @union ref, + int visibility: @visibility ref +); + +#keyset[id] +union_where_clauses( + int id: @union ref, + int where_clause: @where_clause ref +); + +while_exprs( + unique int id: @while_expr +); + +#keyset[id, index] +while_expr_attrs( + int id: @while_expr ref, + int index: int ref, + int attr: @attr ref +); + +#keyset[id] +while_expr_conditions( + int id: @while_expr ref, + int condition: @expr ref +); diff --git a/rust/ql/lib/upgrades/e3b3765116ecb8d796979f0b4787926cb8d691b5/upgrade.properties b/rust/ql/lib/upgrades/e3b3765116ecb8d796979f0b4787926cb8d691b5/upgrade.properties new file mode 100644 index 00000000000..9b83871fb9b --- /dev/null +++ b/rust/ql/lib/upgrades/e3b3765116ecb8d796979f0b4787926cb8d691b5/upgrade.properties @@ -0,0 +1,2 @@ +description: Add databaseMetadata relation +compatibility: full diff --git a/shared/tree-sitter-extractor/src/generator/mod.rs b/shared/tree-sitter-extractor/src/generator/mod.rs index fc0abc7f273..6652e8ebefb 100644 --- a/shared/tree-sitter-extractor/src/generator/mod.rs +++ b/shared/tree-sitter-extractor/src/generator/mod.rs @@ -33,16 +33,6 @@ pub fn generate( writeln!(dbscheme_writer, include_str!("prefix.dbscheme"))?; - // Eventually all languages will have the metadata relation (for overlay support), at which - // point this could be moved to prefix.dbscheme. - if overlay_support { - writeln!(dbscheme_writer, "/*- Database metadata -*/",)?; - dbscheme::write( - &mut dbscheme_writer, - &[dbscheme::Entry::Table(create_database_metadata())], - )?; - } - let mut ql_writer = LineWriter::new(File::create(ql_library_path)?); writeln!( ql_writer, @@ -478,26 +468,3 @@ fn create_token_case<'a>(name: &'a str, token_kinds: Map<&'a str, usize>) -> dbs branches, } } - -fn create_database_metadata() -> dbscheme::Table<'static> { - dbscheme::Table { - name: "databaseMetadata", - keysets: None, - columns: vec![ - dbscheme::Column { - db_type: dbscheme::DbColumnType::String, - name: "metadataKey", - unique: false, - ql_type: ql::Type::String, - ql_type_is_ref: true, - }, - dbscheme::Column { - db_type: dbscheme::DbColumnType::String, - name: "value", - unique: false, - ql_type: ql::Type::String, - ql_type_is_ref: true, - }, - ], - } -} diff --git a/shared/tree-sitter-extractor/src/generator/prefix.dbscheme b/shared/tree-sitter-extractor/src/generator/prefix.dbscheme index 96c7feaaf19..16921105a72 100644 --- a/shared/tree-sitter-extractor/src/generator/prefix.dbscheme +++ b/shared/tree-sitter-extractor/src/generator/prefix.dbscheme @@ -104,3 +104,9 @@ yaml_locations(unique int locatable: @yaml_locatable ref, int location: @location_default ref); @yaml_locatable = @yaml_node | @yaml_error; + +/*- Database metadata -*/ +databaseMetadata( + string metadataKey: string ref, + string value: string ref +); From 867826466e7e1936bfaaf5df74cbbd4292c93809 Mon Sep 17 00:00:00 2001 From: Nick Rolfe Date: Wed, 25 Jun 2025 13:49:02 +0100 Subject: [PATCH 063/111] Ruby/QL: unconditionally generate discard predicates --- ql/extractor/src/generator.rs | 2 +- .../src/codeql_ql/ast/internal/TreeSitter.qll | 100 ++++++++++++++++++ ruby/extractor/src/generator.rs | 2 +- .../src/generator/mod.rs | 42 ++++---- 4 files changed, 121 insertions(+), 25 deletions(-) diff --git a/ql/extractor/src/generator.rs b/ql/extractor/src/generator.rs index ea663896e64..1dca6969f34 100644 --- a/ql/extractor/src/generator.rs +++ b/ql/extractor/src/generator.rs @@ -36,5 +36,5 @@ pub fn run(options: Options) -> std::io::Result<()> { }, ]; - generate(languages, options.dbscheme, options.library, false) + generate(languages, options.dbscheme, options.library) } diff --git a/ql/ql/src/codeql_ql/ast/internal/TreeSitter.qll b/ql/ql/src/codeql_ql/ast/internal/TreeSitter.qll index 562af993d89..a83095629ab 100644 --- a/ql/ql/src/codeql_ql/ast/internal/TreeSitter.qll +++ b/ql/ql/src/codeql_ql/ast/internal/TreeSitter.qll @@ -5,6 +5,10 @@ import codeql.Locations as L +/** Holds if the database is an overlay. */ +overlay[local] +private predicate isOverlay() { databaseMetadata("isOverlay", "true") } + module QL { /** The base class for all AST nodes */ class AstNode extends @ql_ast_node { @@ -48,6 +52,30 @@ module QL { final override string getAPrimaryQlClass() { result = "ReservedWord" } } + /** Gets the file containing the given `node`. */ + overlay[local] + private @file getNodeFile(@ql_ast_node node) { + exists(@location_default loc | ql_ast_node_location(node, loc) | + locations_default(loc, result, _, _, _, _) + ) + } + + /** Holds if `file` was extracted as part of the overlay database. */ + overlay[local] + private predicate discardFile(@file file) { isOverlay() and file = getNodeFile(_) } + + /** Holds if `node` is in the `file` and is part of the overlay base database. */ + overlay[local] + private predicate discardableAstNode(@file file, @ql_ast_node node) { + not isOverlay() and file = getNodeFile(node) + } + + /** Holds if `node` should be discarded, because it is part of the overlay base and is in a file that was also extracted as part of the overlay database. */ + overlay[discard_entity] + private predicate discardAstNode(@ql_ast_node node) { + exists(@file file | discardableAstNode(file, node) and discardFile(file)) + } + /** A class representing `add_expr` nodes. */ class AddExpr extends @ql_add_expr, AstNode { /** Gets the name of the primary QL class for this element. */ @@ -1318,6 +1346,30 @@ module Dbscheme { final override string getAPrimaryQlClass() { result = "ReservedWord" } } + /** Gets the file containing the given `node`. */ + overlay[local] + private @file getNodeFile(@dbscheme_ast_node node) { + exists(@location_default loc | dbscheme_ast_node_location(node, loc) | + locations_default(loc, result, _, _, _, _) + ) + } + + /** Holds if `file` was extracted as part of the overlay database. */ + overlay[local] + private predicate discardFile(@file file) { isOverlay() and file = getNodeFile(_) } + + /** Holds if `node` is in the `file` and is part of the overlay base database. */ + overlay[local] + private predicate discardableAstNode(@file file, @dbscheme_ast_node node) { + not isOverlay() and file = getNodeFile(node) + } + + /** Holds if `node` should be discarded, because it is part of the overlay base and is in a file that was also extracted as part of the overlay database. */ + overlay[discard_entity] + private predicate discardAstNode(@dbscheme_ast_node node) { + exists(@file file | discardableAstNode(file, node) and discardFile(file)) + } + /** A class representing `annotName` tokens. */ class AnnotName extends @dbscheme_token_annot_name, Token { /** Gets the name of the primary QL class for this element. */ @@ -1654,6 +1706,30 @@ module Blame { final override string getAPrimaryQlClass() { result = "ReservedWord" } } + /** Gets the file containing the given `node`. */ + overlay[local] + private @file getNodeFile(@blame_ast_node node) { + exists(@location_default loc | blame_ast_node_location(node, loc) | + locations_default(loc, result, _, _, _, _) + ) + } + + /** Holds if `file` was extracted as part of the overlay database. */ + overlay[local] + private predicate discardFile(@file file) { isOverlay() and file = getNodeFile(_) } + + /** Holds if `node` is in the `file` and is part of the overlay base database. */ + overlay[local] + private predicate discardableAstNode(@file file, @blame_ast_node node) { + not isOverlay() and file = getNodeFile(node) + } + + /** Holds if `node` should be discarded, because it is part of the overlay base and is in a file that was also extracted as part of the overlay database. */ + overlay[discard_entity] + private predicate discardAstNode(@blame_ast_node node) { + exists(@file file | discardableAstNode(file, node) and discardFile(file)) + } + /** A class representing `blame_entry` nodes. */ class BlameEntry extends @blame_blame_entry, AstNode { /** Gets the name of the primary QL class for this element. */ @@ -1767,6 +1843,30 @@ module JSON { final override string getAPrimaryQlClass() { result = "ReservedWord" } } + /** Gets the file containing the given `node`. */ + overlay[local] + private @file getNodeFile(@json_ast_node node) { + exists(@location_default loc | json_ast_node_location(node, loc) | + locations_default(loc, result, _, _, _, _) + ) + } + + /** Holds if `file` was extracted as part of the overlay database. */ + overlay[local] + private predicate discardFile(@file file) { isOverlay() and file = getNodeFile(_) } + + /** Holds if `node` is in the `file` and is part of the overlay base database. */ + overlay[local] + private predicate discardableAstNode(@file file, @json_ast_node node) { + not isOverlay() and file = getNodeFile(node) + } + + /** Holds if `node` should be discarded, because it is part of the overlay base and is in a file that was also extracted as part of the overlay database. */ + overlay[discard_entity] + private predicate discardAstNode(@json_ast_node node) { + exists(@file file | discardableAstNode(file, node) and discardFile(file)) + } + class UnderscoreValue extends @json_underscore_value, AstNode { } /** A class representing `array` nodes. */ diff --git a/ruby/extractor/src/generator.rs b/ruby/extractor/src/generator.rs index 1601d2edda6..00d878243ae 100644 --- a/ruby/extractor/src/generator.rs +++ b/ruby/extractor/src/generator.rs @@ -28,5 +28,5 @@ pub fn run(options: Options) -> std::io::Result<()> { }, ]; - generate(languages, options.dbscheme, options.library, true) + generate(languages, options.dbscheme, options.library) } diff --git a/shared/tree-sitter-extractor/src/generator/mod.rs b/shared/tree-sitter-extractor/src/generator/mod.rs index 6652e8ebefb..e4bd1ac4eb0 100644 --- a/shared/tree-sitter-extractor/src/generator/mod.rs +++ b/shared/tree-sitter-extractor/src/generator/mod.rs @@ -17,7 +17,6 @@ pub fn generate( languages: Vec, dbscheme_path: PathBuf, ql_library_path: PathBuf, - overlay_support: bool, ) -> std::io::Result<()> { let dbscheme_file = File::create(dbscheme_path).map_err(|e| { tracing::error!("Failed to create dbscheme file: {}", e); @@ -50,14 +49,12 @@ pub fn generate( })], )?; - if overlay_support { - ql::write( - &mut ql_writer, - &[ql::TopLevel::Predicate( - ql_gen::create_is_overlay_predicate(), - )], - )?; - } + ql::write( + &mut ql_writer, + &[ql::TopLevel::Predicate( + ql_gen::create_is_overlay_predicate(), + )], + )?; for language in languages { let prefix = node_types::to_snake_case(&language.name); @@ -103,20 +100,19 @@ pub fn generate( ql::TopLevel::Class(ql_gen::create_reserved_word_class(&reserved_word_name)), ]; - if overlay_support { - body.push(ql::TopLevel::Predicate( - ql_gen::create_get_node_file_predicate(&ast_node_name, &node_location_table_name), - )); - body.push(ql::TopLevel::Predicate( - ql_gen::create_discard_file_predicate(), - )); - body.push(ql::TopLevel::Predicate( - ql_gen::create_discardable_ast_node_predicate(&ast_node_name), - )); - body.push(ql::TopLevel::Predicate( - ql_gen::create_discard_ast_node_predicate(&ast_node_name), - )); - } + // Overlay discard predicates + body.push(ql::TopLevel::Predicate( + ql_gen::create_get_node_file_predicate(&ast_node_name, &node_location_table_name), + )); + body.push(ql::TopLevel::Predicate( + ql_gen::create_discard_file_predicate(), + )); + body.push(ql::TopLevel::Predicate( + ql_gen::create_discardable_ast_node_predicate(&ast_node_name), + )); + body.push(ql::TopLevel::Predicate( + ql_gen::create_discard_ast_node_predicate(&ast_node_name), + )); body.append(&mut ql_gen::convert_nodes(&nodes)); ql::write( From 93bad3c799e4ea53846bb640bf52c1fa2bd9aae9 Mon Sep 17 00:00:00 2001 From: "REDMOND\\brodes" Date: Wed, 25 Jun 2025 11:02:30 -0400 Subject: [PATCH 064/111] Crypto: Misc bug fixes and updated expected files. --- .../OpenSSL/Operations/CipherOperation.qll | 5 +-- .../Operations/EVPPKeyCtxInitializer.qll | 2 +- .../OpenSSL/Operations/HashOperation.qll | 5 +-- .../OpenSSL/Operations/KeyGenOperation.qll | 5 +-- .../Operations/OpenSSLOperationBase.qll | 18 ++++++++-- .../OpenSSL/Operations/SignatureOperation.qll | 5 +-- .../library-tests/quantum/node_edges.expected | 34 +++++++++++++++++++ .../quantum/node_properties.expected | 7 +++- .../library-tests/quantum/nodes.expected | 11 ++++++ 9 files changed, 71 insertions(+), 21 deletions(-) diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/CipherOperation.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/CipherOperation.qll index c8b329d402d..7536f8574c9 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/CipherOperation.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/CipherOperation.qll @@ -263,10 +263,7 @@ class EvpCipherOperationInstance extends Crypto::KeyOperationInstance instanceof } override Crypto::ArtifactOutputDataFlowNode getOutputArtifact() { - exists(OperationStep s | - s.flowsToOperationStep(this) and - result = s.getOutput(CiphertextIO()) - ) + super.getOutputStepFlowingToStep(CiphertextIO()).getOutput(CiphertextIO()) = result } override Crypto::ConsumerInputDataFlowNode getInputConsumer() { diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPPKeyCtxInitializer.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPPKeyCtxInitializer.qll index d4282400f2a..2208407e53c 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPPKeyCtxInitializer.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/EVPPKeyCtxInitializer.qll @@ -29,7 +29,7 @@ class EvpNewKeyCtx extends OperationStep instanceof Call { result.asExpr() = keyArg and type = KeyIO() or this.getTarget().getName() = "EVP_PKEY_CTX_new_from_pkey" and - result.asDefiningArgument() = this.getArgument(0) and + result.asExpr() = this.getArgument(0) and type = OsslLibContextIO() } diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/HashOperation.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/HashOperation.qll index b62bc1cf98e..94e15d483a4 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/HashOperation.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/HashOperation.qll @@ -129,10 +129,7 @@ class EvpDigestFinalOperationInstance extends Crypto::HashOperationInstance inst } override Crypto::ArtifactOutputDataFlowNode getOutputArtifact() { - exists(OperationStep s | - s.flowsToOperationStep(this) and - result = s.getOutput(DigestIO()) - ) + super.getOutputStepFlowingToStep(DigestIO()).getOutput(DigestIO()) = result } override Crypto::ConsumerInputDataFlowNode getInputConsumer() { diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/KeyGenOperation.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/KeyGenOperation.qll index a0ff4a6341b..42cf8a6940f 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/KeyGenOperation.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/KeyGenOperation.qll @@ -174,10 +174,7 @@ class KeyGenOperationInstance extends Crypto::KeyGenerationOperationInstance ins override Crypto::KeyArtifactType getOutputKeyType() { result = Crypto::TAsymmetricKeyType() } override Crypto::ArtifactOutputDataFlowNode getOutputKeyArtifact() { - exists(OperationStep s | - s.flowsToOperationStep(this) and - result = s.getOutput(KeyIO()) - ) + super.getOutputStepFlowingToStep(KeyIO()).getOutput(KeyIO()) = result } override Crypto::ConsumerInputDataFlowNode getKeySizeConsumer() { diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/OpenSSLOperationBase.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/OpenSSLOperationBase.qll index 6289593edb7..69e3b56b1fe 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/OpenSSLOperationBase.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/OpenSSLOperationBase.qll @@ -222,17 +222,17 @@ abstract class OperationStep extends Call { * not both. * Note: Any 'update' that sets a value is not considered to be 'resetting' an input. * I.e., there is a difference between changing a configuration before use and - * the oepration allows for multiple inputs (like plaintext for cipher update calls before final). + * the operation allows for multiple inputs (like plaintext for cipher update calls before final). */ OperationStep getDominatingInitializersToStep(IOType type) { result.flowsToOperationStep(this) and result.setsValue(type) and ( + // Do not consider a 'reset' to occur on updates result.getStepType() = UpdateStep() or not exists(OperationStep reset | - reset != this and - reset != result and + result != reset and reset.setsValue(type) and reset.flowsToOperationStep(this) and result.flowsToOperationStep(reset) @@ -240,6 +240,18 @@ abstract class OperationStep extends Call { ) } + /** + * Gets all output of `type` that flow to `this` + * if `this` is a final step and the output is not from + * a separate final step. + */ + OperationStep getOutputStepFlowingToStep(IOType type) { + this.getStepType() = FinalStep() and + result.flowsToOperationStep(this) and + exists(result.getOutput(type)) and + (result = this or result.getStepType() != FinalStep()) + } + /** * Gets an AVC for the primary algorithm for this operation. * A primary algorithm is an AVC that flows to a ctx input directly or diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/SignatureOperation.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/SignatureOperation.qll index 84b7a1cb8c2..b9b498ee8df 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/SignatureOperation.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/SignatureOperation.qll @@ -240,10 +240,7 @@ class EvpSignatureOperationInstance extends Crypto::SignatureOperationInstance i } override Crypto::ArtifactOutputDataFlowNode getOutputArtifact() { - exists(OperationStep s | - s.flowsToOperationStep(this) and - result = s.getOutput(SignatureIO()) - ) + super.getOutputStepFlowingToStep(SignatureIO()).getOutput(SignatureIO()) = result } override Crypto::ConsumerInputDataFlowNode getInputConsumer() { diff --git a/cpp/ql/test/experimental/library-tests/quantum/node_edges.expected b/cpp/ql/test/experimental/library-tests/quantum/node_edges.expected index e9e3bf868ae..652194fc60c 100644 --- a/cpp/ql/test/experimental/library-tests/quantum/node_edges.expected +++ b/cpp/ql/test/experimental/library-tests/quantum/node_edges.expected @@ -30,6 +30,7 @@ | openssl_basic.c:144:13:144:22 | HashOperation | Message | openssl_basic.c:144:24:144:30 | Message | | openssl_basic.c:144:24:144:30 | Message | Source | openssl_basic.c:181:49:181:87 | Constant | | openssl_basic.c:144:46:144:51 | Digest | Source | openssl_basic.c:144:46:144:51 | Digest | +| openssl_basic.c:155:22:155:41 | Key | Algorithm | openssl_basic.c:155:22:155:41 | Key | | openssl_basic.c:155:22:155:41 | KeyGeneration | Algorithm | openssl_basic.c:155:22:155:41 | KeyGeneration | | openssl_basic.c:155:22:155:41 | KeyGeneration | Output | openssl_basic.c:155:22:155:41 | Key | | openssl_basic.c:155:43:155:55 | MACAlgorithm | H | openssl_basic.c:160:39:160:48 | HashAlgorithm | @@ -40,8 +41,11 @@ | openssl_basic.c:167:9:167:27 | SignOperation | Input | openssl_basic.c:163:35:163:41 | Message | | openssl_basic.c:167:9:167:27 | SignOperation | Key | openssl_basic.c:160:59:160:62 | Key | | openssl_basic.c:167:9:167:27 | SignOperation | Output | openssl_basic.c:167:34:167:36 | SignatureOutput | +| openssl_pkey.c:21:10:21:28 | KeyGeneration | Algorithm | openssl_pkey.c:21:10:21:28 | KeyGeneration | +| openssl_pkey.c:21:10:21:28 | KeyGeneration | Output | openssl_pkey.c:21:30:21:32 | Key | | openssl_pkey.c:21:10:21:28 | KeyOperationAlgorithm | Mode | openssl_pkey.c:21:10:21:28 | KeyOperationAlgorithm | | openssl_pkey.c:21:10:21:28 | KeyOperationAlgorithm | Padding | openssl_pkey.c:21:10:21:28 | KeyOperationAlgorithm | +| openssl_pkey.c:21:30:21:32 | Key | Algorithm | openssl_pkey.c:21:30:21:32 | Key | | openssl_pkey.c:50:31:50:42 | KeyOperationAlgorithm | Mode | openssl_pkey.c:50:31:50:42 | KeyOperationAlgorithm | | openssl_pkey.c:50:31:50:42 | KeyOperationAlgorithm | Padding | openssl_pkey.c:50:31:50:42 | KeyOperationAlgorithm | | openssl_pkey.c:55:9:55:23 | KeyGeneration | Algorithm | openssl_pkey.c:50:31:50:42 | KeyOperationAlgorithm | @@ -77,6 +81,13 @@ | openssl_signature.c:133:52:133:55 | Key | Source | openssl_signature.c:548:34:548:37 | Key | | openssl_signature.c:133:52:133:55 | Key | Source | openssl_signature.c:578:34:578:37 | Key | | openssl_signature.c:134:38:134:44 | Message | Source | openssl_signature.c:602:37:602:77 | Constant | +| openssl_signature.c:135:9:135:27 | SignOperation | Algorithm | openssl_signature.c:543:35:543:46 | KeyOperationAlgorithm | +| openssl_signature.c:135:9:135:27 | SignOperation | Algorithm | openssl_signature.c:565:50:565:54 | KeyOperationAlgorithm | +| openssl_signature.c:135:9:135:27 | SignOperation | HashAlgorithm | openssl_signature.c:684:24:684:33 | HashAlgorithm | +| openssl_signature.c:135:9:135:27 | SignOperation | HashAlgorithm | openssl_signature.c:740:24:740:33 | HashAlgorithm | +| openssl_signature.c:135:9:135:27 | SignOperation | Input | openssl_signature.c:134:38:134:44 | Message | +| openssl_signature.c:135:9:135:27 | SignOperation | Key | openssl_signature.c:133:52:133:55 | Key | +| openssl_signature.c:135:9:135:27 | SignOperation | Output | openssl_signature.c:135:37:135:40 | SignatureOutput | | openssl_signature.c:142:9:142:27 | SignOperation | Algorithm | openssl_signature.c:543:35:543:46 | KeyOperationAlgorithm | | openssl_signature.c:142:9:142:27 | SignOperation | Algorithm | openssl_signature.c:565:50:565:54 | KeyOperationAlgorithm | | openssl_signature.c:142:9:142:27 | SignOperation | HashAlgorithm | openssl_signature.c:684:24:684:33 | HashAlgorithm | @@ -87,6 +98,13 @@ | openssl_signature.c:190:57:190:60 | Key | Source | openssl_signature.c:548:34:548:37 | Key | | openssl_signature.c:190:57:190:60 | Key | Source | openssl_signature.c:578:34:578:37 | Key | | openssl_signature.c:196:38:196:44 | Message | Source | openssl_signature.c:602:37:602:77 | Constant | +| openssl_signature.c:197:9:197:27 | SignOperation | Algorithm | openssl_signature.c:543:35:543:46 | KeyOperationAlgorithm | +| openssl_signature.c:197:9:197:27 | SignOperation | Algorithm | openssl_signature.c:565:50:565:54 | KeyOperationAlgorithm | +| openssl_signature.c:197:9:197:27 | SignOperation | HashAlgorithm | openssl_signature.c:684:24:684:33 | HashAlgorithm | +| openssl_signature.c:197:9:197:27 | SignOperation | HashAlgorithm | openssl_signature.c:740:24:740:33 | HashAlgorithm | +| openssl_signature.c:197:9:197:27 | SignOperation | Input | openssl_signature.c:196:38:196:44 | Message | +| openssl_signature.c:197:9:197:27 | SignOperation | Key | openssl_signature.c:190:57:190:60 | Key | +| openssl_signature.c:197:9:197:27 | SignOperation | Output | openssl_signature.c:197:37:197:40 | SignatureOutput | | openssl_signature.c:204:9:204:27 | SignOperation | Algorithm | openssl_signature.c:543:35:543:46 | KeyOperationAlgorithm | | openssl_signature.c:204:9:204:27 | SignOperation | Algorithm | openssl_signature.c:565:50:565:54 | KeyOperationAlgorithm | | openssl_signature.c:204:9:204:27 | SignOperation | HashAlgorithm | openssl_signature.c:684:24:684:33 | HashAlgorithm | @@ -96,6 +114,14 @@ | openssl_signature.c:204:9:204:27 | SignOperation | Output | openssl_signature.c:204:37:204:46 | SignatureOutput | | openssl_signature.c:260:39:260:42 | Key | Source | openssl_signature.c:548:34:548:37 | Key | | openssl_signature.c:260:39:260:42 | Key | Source | openssl_signature.c:578:34:578:37 | Key | +| openssl_signature.c:263:9:263:21 | SignOperation | Algorithm | openssl_signature.c:543:35:543:46 | KeyOperationAlgorithm | +| openssl_signature.c:263:9:263:21 | SignOperation | Algorithm | openssl_signature.c:565:50:565:54 | KeyOperationAlgorithm | +| openssl_signature.c:263:9:263:21 | SignOperation | HashAlgorithm | openssl_signature.c:684:24:684:33 | HashAlgorithm | +| openssl_signature.c:263:9:263:21 | SignOperation | HashAlgorithm | openssl_signature.c:740:24:740:33 | HashAlgorithm | +| openssl_signature.c:263:9:263:21 | SignOperation | Input | openssl_signature.c:263:54:263:59 | Message | +| openssl_signature.c:263:9:263:21 | SignOperation | Key | openssl_signature.c:260:39:260:42 | Key | +| openssl_signature.c:263:9:263:21 | SignOperation | Output | openssl_signature.c:263:33:263:36 | SignatureOutput | +| openssl_signature.c:263:54:263:59 | Message | Source | openssl_signature.c:263:54:263:59 | Message | | openssl_signature.c:270:9:270:21 | SignOperation | Algorithm | openssl_signature.c:543:35:543:46 | KeyOperationAlgorithm | | openssl_signature.c:270:9:270:21 | SignOperation | Algorithm | openssl_signature.c:565:50:565:54 | KeyOperationAlgorithm | | openssl_signature.c:270:9:270:21 | SignOperation | HashAlgorithm | openssl_signature.c:684:24:684:33 | HashAlgorithm | @@ -107,6 +133,14 @@ | openssl_signature.c:321:39:321:42 | Key | Source | openssl_signature.c:548:34:548:37 | Key | | openssl_signature.c:321:39:321:42 | Key | Source | openssl_signature.c:578:34:578:37 | Key | | openssl_signature.c:326:48:326:54 | Message | Source | openssl_signature.c:602:37:602:77 | Constant | +| openssl_signature.c:327:9:327:35 | SignOperation | Algorithm | openssl_signature.c:543:35:543:46 | KeyOperationAlgorithm | +| openssl_signature.c:327:9:327:35 | SignOperation | Algorithm | openssl_signature.c:565:50:565:54 | KeyOperationAlgorithm | +| openssl_signature.c:327:9:327:35 | SignOperation | Algorithm | openssl_signature.c:702:60:702:71 | KeyOperationAlgorithm | +| openssl_signature.c:327:9:327:35 | SignOperation | Algorithm | openssl_signature.c:758:60:758:64 | KeyOperationAlgorithm | +| openssl_signature.c:327:9:327:35 | SignOperation | HashAlgorithm | openssl_signature.c:327:9:327:35 | SignOperation | +| openssl_signature.c:327:9:327:35 | SignOperation | Input | openssl_signature.c:326:48:326:54 | Message | +| openssl_signature.c:327:9:327:35 | SignOperation | Key | openssl_signature.c:321:39:321:42 | Key | +| openssl_signature.c:327:9:327:35 | SignOperation | Output | openssl_signature.c:327:47:327:50 | SignatureOutput | | openssl_signature.c:334:9:334:35 | SignOperation | Algorithm | openssl_signature.c:543:35:543:46 | KeyOperationAlgorithm | | openssl_signature.c:334:9:334:35 | SignOperation | Algorithm | openssl_signature.c:565:50:565:54 | KeyOperationAlgorithm | | openssl_signature.c:334:9:334:35 | SignOperation | Algorithm | openssl_signature.c:702:60:702:71 | KeyOperationAlgorithm | diff --git a/cpp/ql/test/experimental/library-tests/quantum/node_properties.expected b/cpp/ql/test/experimental/library-tests/quantum/node_properties.expected index 1ac047ad334..2a9cac52beb 100644 --- a/cpp/ql/test/experimental/library-tests/quantum/node_properties.expected +++ b/cpp/ql/test/experimental/library-tests/quantum/node_properties.expected @@ -20,7 +20,7 @@ | openssl_basic.c:144:67:144:73 | HashAlgorithm | DigestSize | 128 | openssl_basic.c:144:67:144:73 | openssl_basic.c:144:67:144:73 | | openssl_basic.c:144:67:144:73 | HashAlgorithm | Name | MD5 | openssl_basic.c:144:67:144:73 | openssl_basic.c:144:67:144:73 | | openssl_basic.c:144:67:144:73 | HashAlgorithm | RawName | EVP_md5 | openssl_basic.c:144:67:144:73 | openssl_basic.c:144:67:144:73 | -| openssl_basic.c:155:22:155:41 | Key | KeyType | Symmetric | openssl_basic.c:155:22:155:41 | openssl_basic.c:155:22:155:41 | +| openssl_basic.c:155:22:155:41 | Key | KeyType | Asymmetric | openssl_basic.c:155:22:155:41 | openssl_basic.c:155:22:155:41 | | openssl_basic.c:155:43:155:55 | MACAlgorithm | Name | HMAC | openssl_basic.c:155:43:155:55 | openssl_basic.c:155:43:155:55 | | openssl_basic.c:155:43:155:55 | MACAlgorithm | RawName | 855 | openssl_basic.c:155:43:155:55 | openssl_basic.c:155:43:155:55 | | openssl_basic.c:160:39:160:48 | HashAlgorithm | DigestSize | 256 | openssl_basic.c:160:39:160:48 | openssl_basic.c:160:39:160:48 | @@ -34,6 +34,7 @@ | openssl_basic.c:218:32:218:33 | Constant | Description | 32 | openssl_basic.c:218:32:218:33 | openssl_basic.c:218:32:218:33 | | openssl_pkey.c:21:10:21:28 | KeyOperationAlgorithm | Name | RSA | openssl_pkey.c:21:10:21:28 | openssl_pkey.c:21:10:21:28 | | openssl_pkey.c:21:10:21:28 | KeyOperationAlgorithm | RawName | RSA_generate_key_ex | openssl_pkey.c:21:10:21:28 | openssl_pkey.c:21:10:21:28 | +| openssl_pkey.c:21:30:21:32 | Key | KeyType | Asymmetric | openssl_pkey.c:21:30:21:32 | openssl_pkey.c:21:30:21:32 | | openssl_pkey.c:45:49:45:65 | Constant | Description | Hello, OpenSSL! | openssl_pkey.c:45:49:45:65 | openssl_pkey.c:45:49:45:65 | | openssl_pkey.c:50:31:50:42 | KeyOperationAlgorithm | Name | RSA | openssl_pkey.c:50:31:50:42 | openssl_pkey.c:50:31:50:42 | | openssl_pkey.c:50:31:50:42 | KeyOperationAlgorithm | RawName | 6 | openssl_pkey.c:50:31:50:42 | openssl_pkey.c:50:31:50:42 | @@ -44,12 +45,16 @@ | openssl_signature.c:80:9:80:21 | SignOperation | KeyOperationSubtype | Sign | openssl_signature.c:80:9:80:21 | openssl_signature.c:80:9:80:21 | | openssl_signature.c:80:53:80:56 | Key | KeyType | Unknown | openssl_signature.c:80:53:80:56 | openssl_signature.c:80:53:80:56 | | openssl_signature.c:133:52:133:55 | Key | KeyType | Unknown | openssl_signature.c:133:52:133:55 | openssl_signature.c:133:52:133:55 | +| openssl_signature.c:135:9:135:27 | SignOperation | KeyOperationSubtype | Sign | openssl_signature.c:135:9:135:27 | openssl_signature.c:135:9:135:27 | | openssl_signature.c:142:9:142:27 | SignOperation | KeyOperationSubtype | Sign | openssl_signature.c:142:9:142:27 | openssl_signature.c:142:9:142:27 | | openssl_signature.c:190:57:190:60 | Key | KeyType | Unknown | openssl_signature.c:190:57:190:60 | openssl_signature.c:190:57:190:60 | +| openssl_signature.c:197:9:197:27 | SignOperation | KeyOperationSubtype | Sign | openssl_signature.c:197:9:197:27 | openssl_signature.c:197:9:197:27 | | openssl_signature.c:204:9:204:27 | SignOperation | KeyOperationSubtype | Sign | openssl_signature.c:204:9:204:27 | openssl_signature.c:204:9:204:27 | | openssl_signature.c:260:39:260:42 | Key | KeyType | Unknown | openssl_signature.c:260:39:260:42 | openssl_signature.c:260:39:260:42 | +| openssl_signature.c:263:9:263:21 | SignOperation | KeyOperationSubtype | Sign | openssl_signature.c:263:9:263:21 | openssl_signature.c:263:9:263:21 | | openssl_signature.c:270:9:270:21 | SignOperation | KeyOperationSubtype | Sign | openssl_signature.c:270:9:270:21 | openssl_signature.c:270:9:270:21 | | openssl_signature.c:321:39:321:42 | Key | KeyType | Unknown | openssl_signature.c:321:39:321:42 | openssl_signature.c:321:39:321:42 | +| openssl_signature.c:327:9:327:35 | SignOperation | KeyOperationSubtype | Sign | openssl_signature.c:327:9:327:35 | openssl_signature.c:327:9:327:35 | | openssl_signature.c:334:9:334:35 | SignOperation | KeyOperationSubtype | Sign | openssl_signature.c:334:9:334:35 | openssl_signature.c:334:9:334:35 | | openssl_signature.c:521:46:521:66 | PaddingAlgorithm | Name | PSS | openssl_signature.c:521:46:521:66 | openssl_signature.c:521:46:521:66 | | openssl_signature.c:521:46:521:66 | PaddingAlgorithm | RawName | 6 | openssl_signature.c:521:46:521:66 | openssl_signature.c:521:46:521:66 | diff --git a/cpp/ql/test/experimental/library-tests/quantum/nodes.expected b/cpp/ql/test/experimental/library-tests/quantum/nodes.expected index 5c3b212b080..9b5bf547604 100644 --- a/cpp/ql/test/experimental/library-tests/quantum/nodes.expected +++ b/cpp/ql/test/experimental/library-tests/quantum/nodes.expected @@ -34,7 +34,9 @@ | openssl_basic.c:180:42:180:59 | Constant | | openssl_basic.c:181:49:181:87 | Constant | | openssl_basic.c:218:32:218:33 | Constant | +| openssl_pkey.c:21:10:21:28 | KeyGeneration | | openssl_pkey.c:21:10:21:28 | KeyOperationAlgorithm | +| openssl_pkey.c:21:30:21:32 | Key | | openssl_pkey.c:45:49:45:65 | Constant | | openssl_pkey.c:50:31:50:42 | KeyOperationAlgorithm | | openssl_pkey.c:54:47:54:50 | Constant | @@ -54,18 +56,27 @@ | openssl_signature.c:80:53:80:56 | Key | | openssl_signature.c:133:52:133:55 | Key | | openssl_signature.c:134:38:134:44 | Message | +| openssl_signature.c:135:9:135:27 | SignOperation | +| openssl_signature.c:135:37:135:40 | SignatureOutput | | openssl_signature.c:142:9:142:27 | SignOperation | | openssl_signature.c:142:37:142:46 | SignatureOutput | | openssl_signature.c:190:57:190:60 | Key | | openssl_signature.c:196:38:196:44 | Message | +| openssl_signature.c:197:9:197:27 | SignOperation | +| openssl_signature.c:197:37:197:40 | SignatureOutput | | openssl_signature.c:204:9:204:27 | SignOperation | | openssl_signature.c:204:37:204:46 | SignatureOutput | | openssl_signature.c:260:39:260:42 | Key | +| openssl_signature.c:263:9:263:21 | SignOperation | +| openssl_signature.c:263:33:263:36 | SignatureOutput | +| openssl_signature.c:263:54:263:59 | Message | | openssl_signature.c:270:9:270:21 | SignOperation | | openssl_signature.c:270:33:270:42 | SignatureOutput | | openssl_signature.c:270:60:270:65 | Message | | openssl_signature.c:321:39:321:42 | Key | | openssl_signature.c:326:48:326:54 | Message | +| openssl_signature.c:327:9:327:35 | SignOperation | +| openssl_signature.c:327:47:327:50 | SignatureOutput | | openssl_signature.c:334:9:334:35 | SignOperation | | openssl_signature.c:334:47:334:56 | SignatureOutput | | openssl_signature.c:521:46:521:66 | PaddingAlgorithm | From 072765abca7515bbe3085042b7b8245fa2712c1b Mon Sep 17 00:00:00 2001 From: "REDMOND\\brodes" Date: Wed, 25 Jun 2025 11:16:49 -0400 Subject: [PATCH 065/111] Crypto: Code scanning warning corrections. --- .../experimental/quantum/OpenSSL/CtxTypes.qll | 69 ------------------- .../OpenSSL/Operations/CipherOperation.qll | 3 +- .../OpenSSL/Operations/HashOperation.qll | 10 +-- .../Operations/OpenSSLOperationBase.qll | 14 +--- 4 files changed, 7 insertions(+), 89 deletions(-) delete mode 100644 cpp/ql/lib/experimental/quantum/OpenSSL/CtxTypes.qll diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/CtxTypes.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/CtxTypes.qll deleted file mode 100644 index f0362ef02c2..00000000000 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/CtxTypes.qll +++ /dev/null @@ -1,69 +0,0 @@ -/** - * In OpenSSL, flow between 'context' parameters is often used to - * store state/config of how an operation will eventually be performed. - * Tracing algorithms and configurations to operations therefore - * requires tracing context parameters for many OpenSSL apis. - * - * This library provides a dataflow analysis to track context parameters - * between any two functions accepting openssl context parameters. - * The dataflow takes into consideration flowing through duplication and copy calls - * as well as flow through flow killers (free/reset calls). - * - * TODO: we may need to revisit 'free' as a dataflow killer, depending on how - * we want to model use after frees. - * - * This library also provides classes to represent context Types and relevant - * arguments/expressions. - */ - -import semmle.code.cpp.dataflow.new.DataFlow - -/** - * An openSSL CTX type, which is type for which the stripped underlying type - * matches the pattern 'evp_%ctx_%st'. - * This includes types like: - * - EVP_CIPHER_CTX - * - EVP_MD_CTX - * - EVP_PKEY_CTX - */ -class CtxType extends Type { - CtxType() { - // It is possible for users to use the underlying type of the CTX variables - // these have a name matching 'evp_%ctx_%st - this.getUnspecifiedType().stripType().getName().matches("evp_%ctx_%st") - or - // In principal the above check should be sufficient, but in case of build mode none issues - // i.e., if a typedef cannot be resolved, - // or issues with properly stubbing test cases, we also explicitly check for the wrapping type defs - // i.e., patterns matching 'EVP_%_CTX' - exists(Type base | base = this or base = this.(DerivedType).getBaseType() | - base.getName().matches("EVP_%_CTX") - ) - } -} - -/** - * A pointer to a CtxType - */ -class CtxPointerExpr extends Expr { - CtxPointerExpr() { - this.getType() instanceof CtxType and - this.getType() instanceof PointerType - } -} - -/** - * A call argument of type CtxPointerExpr. - */ -class CtxPointerArgument extends CtxPointerExpr { - CtxPointerArgument() { exists(Call c | c.getAnArgument() = this) } - - Call getCall() { result.getAnArgument() = this } -} - -/** - * A call returning a CtxPointerExpr. - */ -private class CtxPointerReturn extends CtxPointerExpr instanceof Call { - Call getCall() { result = this } -} diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/CipherOperation.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/CipherOperation.qll index 7536f8574c9..0248d86228b 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/CipherOperation.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/CipherOperation.qll @@ -154,8 +154,7 @@ class EvpCipherUpdateCall extends OperationStep { } /** - * see: https://docs.openssl.org/master/man3/EVP_EncryptInit/#synopsis - * Base configuration for all EVP cipher operations. + * A base configuration for all EVP cipher operations. */ abstract class EvpCipherOperationFinalStep extends OperationStep { override DataFlow::Node getInput(IOType type) { diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/HashOperation.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/HashOperation.qll index 94e15d483a4..f4f4c5a3edc 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/HashOperation.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/HashOperation.qll @@ -56,7 +56,7 @@ class EvpDigestUpdateCall extends OperationStep { /** * A base class for final digest operations. */ -abstract class EVPFinalDigestOperationStep extends OperationStep { +abstract class EvpFinalDigestOperationStep extends OperationStep { override OperationStepType getStepType() { result = FinalStep() } } @@ -64,7 +64,7 @@ abstract class EVPFinalDigestOperationStep extends OperationStep { * A call to `EVP_Q_digest` * https://docs.openssl.org/3.0/man3/EVP_DigestInit/#synopsis */ -class EvpQDigestOperation extends EVPFinalDigestOperationStep { +class EvpQDigestOperation extends EvpFinalDigestOperationStep { EvpQDigestOperation() { this.(Call).getTarget().getName() = "EVP_Q_digest" } override DataFlow::Node getInput(IOType type) { @@ -83,7 +83,7 @@ class EvpQDigestOperation extends EVPFinalDigestOperationStep { } } -class EvpDigestOperation extends EVPFinalDigestOperationStep { +class EvpDigestOperation extends EvpFinalDigestOperationStep { EvpDigestOperation() { this.(Call).getTarget().getName() = "EVP_Digest" } override DataFlow::Node getInput(IOType type) { @@ -100,7 +100,7 @@ class EvpDigestOperation extends EVPFinalDigestOperationStep { /** * A call to EVP_DigestFinal variants */ -class EvpDigestFinalCall extends EVPFinalDigestOperationStep { +class EvpDigestFinalCall extends EvpFinalDigestOperationStep { EvpDigestFinalCall() { this.(Call).getTarget().getName() in [ "EVP_DigestFinal", "EVP_DigestFinal_ex", "EVP_DigestFinalXOF" @@ -122,7 +122,7 @@ class EvpDigestFinalCall extends EVPFinalDigestOperationStep { /** * An openssl digest final hash operation instance */ -class EvpDigestFinalOperationInstance extends Crypto::HashOperationInstance instanceof EVPFinalDigestOperationStep +class EvpDigestFinalOperationInstance extends Crypto::HashOperationInstance instanceof EvpFinalDigestOperationStep { override Crypto::AlgorithmValueConsumer getAnAlgorithmValueConsumer() { super.getPrimaryAlgorithmValueConsumer() = result diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/OpenSSLOperationBase.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/OpenSSLOperationBase.qll index 69e3b56b1fe..f1ab394ad78 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/OpenSSLOperationBase.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/OpenSSLOperationBase.qll @@ -6,8 +6,6 @@ import semmle.code.cpp.dataflow.new.DataFlow // even if only importing the operation by itself. import EVPPKeyCtxInitializer -//TODO: this needs to just be ctx type definitions -// private import experimental.quantum.OpenSSL.CtxTypes /** * An openSSL CTX type, which is type for which the stripped underlying type * matches the pattern 'evp_%ctx_%st'. @@ -51,13 +49,6 @@ class CtxPointerArgument extends CtxPointerExpr { Call getCall() { result.getAnArgument() = this } } -/** - * A call returning a CtxPointerExpr. - */ -private class CtxPointerReturn extends CtxPointerExpr instanceof Call { - Call getCall() { result = this } -} - /** * The type of inputs and ouputs for an `OperationStep`. */ @@ -330,9 +321,6 @@ abstract class OperationStep extends Call { * we will use both cases as primary inputs. */ class AvcContextCreationStep extends OperationStep instanceof OpenSslAlgorithmValueConsumer { - DataFlow::Node output; - DataFlow::Node input; - override DataFlow::Node getOutput(IOType type) { type = ContextIO() and result = super.getResultNode() } @@ -477,7 +465,7 @@ module OperationStepFlowConfig implements DataFlow::ConfigSig { // is defined. exists(OperationStep s | s.getAnInput() = node1 and s.getAnOutput() = node2) // TODO: consideration for additional alises defined as follows: - // if an output from an operation step itself flows from teh output of another operation step + // if an output from an operation step itself flows from the output of another operation step // then the source of that flow's outputs (all of them) are potential aliases } } From 9cd2241bf646d1966ec64b7ac7c2991e47a4a94d Mon Sep 17 00:00:00 2001 From: "REDMOND\\brodes" Date: Wed, 25 Jun 2025 11:36:40 -0400 Subject: [PATCH 066/111] Crypto: Remove accidentally uploaded temporary file. --- .../Operations/OpenSSLOperationBase_bak.qll | 316 ------------------ 1 file changed, 316 deletions(-) delete mode 100644 cpp/ql/lib/experimental/quantum/OpenSSL/Operations/OpenSSLOperationBase_bak.qll diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/OpenSSLOperationBase_bak.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/OpenSSLOperationBase_bak.qll deleted file mode 100644 index 34d7f6acec8..00000000000 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/OpenSSLOperationBase_bak.qll +++ /dev/null @@ -1,316 +0,0 @@ -private import experimental.quantum.Language -private import experimental.quantum.OpenSSL.AvcFlow -private import experimental.quantum.OpenSSL.CtxFlow -private import experimental.quantum.OpenSSL.KeyFlow -private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumers -// Importing these intializers here to ensure the are part of any model that is -// using OpenSslOperationBase. This further ensures that initializers are tied to opeartions -// even if only importing the operation by itself. -import EVPPKeyCtxInitializer - -module EncValToInitEncArgConfig implements DataFlow::ConfigSig { - predicate isSource(DataFlow::Node source) { source.asExpr().getValue().toInt() in [0, 1] } - - predicate isSink(DataFlow::Node sink) { - exists(EvpKeyOperationSubtypeInitializer initCall | - sink.asExpr() = initCall.getKeyOperationSubtypeArg() - ) - } -} - -module EncValToInitEncArgFlow = DataFlow::Global; - -private predicate argToAvc(Expr arg, Crypto::AlgorithmValueConsumer avc) { - // NOTE: because we trace through keys to their sources we must consider that the arg is an avc - // Consider this example: - // EVP_PKEY *pkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, key, key_len); - // The key may trace into a signing operation. Tracing through the key we will get the arg taking `EVP_PKEY_HMAC` - // as the algorithm value consumer (the input node of the AVC). The output node of this AVC - // is the call return of `EVP_PKEY_new_mac_key`. If we trace from the AVC result to - // the input argument this will not be possible (from the return to the call argument is a backwards flow). - // Therefore, we must consider the input node of the AVC as the argument. - // This should only occur due to tracing through keys to find configuration data. - avc.getInputNode().asExpr() = arg - or - AvcToCallArgFlow::flow(avc.(OpenSslAlgorithmValueConsumer).getResultNode(), - DataFlow::exprNode(arg)) -} - -/** - * A class for all OpenSsl operations. - */ -abstract class OpenSslOperation extends Crypto::OperationInstance instanceof Call { - /** - * Gets the argument that specifies the algorithm for the operation. - * This argument might not be immediately present at the specified operation. - * For example, it might be set in an initialization call. - * Modelers of the operation are resonsible for linking the operation to any - * initialization calls, and providing that argument as a returned value here. - */ - abstract Expr getAlgorithmArg(); - - /** - * Algorithm is specified in initialization call or is implicitly established by the key. - */ - override Crypto::AlgorithmValueConsumer getAnAlgorithmValueConsumer() { - argToAvc(this.getAlgorithmArg(), result) - } -} - -/** - * A Call to an initialization function for an operation. - * These are not operations in the sense of Crypto::OperationInstance, - * but they are used to initialize the context for the operation. - * There may be multiple initialization calls for the same operation. - * Intended for use with EvPOperation. - */ -abstract class EvpInitializer extends Call { - /** - * Gets the context argument or return that ties together initialization, updates and/or final calls. - * The context is the context coming into the initializer and is the output as well. - * This is assumed to be the same argument. - */ - abstract CtxPointerSource getContext(); -} - -/** - * A call to initialize a key size. - */ -abstract class EvpKeySizeInitializer extends EvpInitializer { - abstract Expr getKeySizeArg(); -} - -/** - * A call to initialize a key operation subtype. - */ -abstract class EvpKeyOperationSubtypeInitializer extends EvpInitializer { - abstract Expr getKeyOperationSubtypeArg(); - - private Crypto::KeyOperationSubtype intToCipherOperationSubtype(int i) { - i = 0 and - result instanceof Crypto::TEncryptMode - or - i = 1 and result instanceof Crypto::TDecryptMode - } - - Crypto::KeyOperationSubtype getKeyOperationSubtype() { - exists(DataFlow::Node a, DataFlow::Node b | - EncValToInitEncArgFlow::flow(a, b) and - b.asExpr() = this.getKeyOperationSubtypeArg() and - result = this.intToCipherOperationSubtype(a.asExpr().getValue().toInt()) - ) - or - // Infer the subtype from the initialization call, and ignore the argument - this.(Call).getTarget().getName().toLowerCase().matches("%encrypt%") and - result instanceof Crypto::TEncryptMode - or - this.(Call).getTarget().getName().toLowerCase().matches("%decrypt%") and - result instanceof Crypto::TDecryptMode - } -} - -/** - * An primary algorithm initializer initializes the primary algorithm for a given operation. - * For example, for a signing operation, the algorithm initializer may initialize algorithms - * like RSA. Other algorithsm may be initialized on an operation, as part of a larger - * operation/protocol. For example, hashing operations on signing operations; however, - * these are not the primary algorithm. Any other algorithms initialized on an operation - * require a specialized initializer, such as EvpHashAlgorithmInitializer. - */ -abstract class EvpPrimaryAlgorithmInitializer extends EvpInitializer { - abstract Expr getAlgorithmArg(); - - Crypto::AlgorithmValueConsumer getAlgorithmValueConsumer() { - argToAvc(this.getAlgorithmArg(), result) - } -} - -/** - * A call to initialize a key. - */ -abstract class EvpKeyInitializer extends EvpInitializer { - abstract Expr getKeyArg(); -} - -/** - * A key initializer may initialize the algorithm and the key size through - * the key. Extend any instance of key initializer provide initialization - * of the algorithm and key size from the key. - */ -class EvpInitializerThroughKey extends EvpPrimaryAlgorithmInitializer, EvpKeySizeInitializer, - EvpKeyInitializer -{ - Expr arg; - CtxPointerSource context; - - EvpInitializerThroughKey() { - exists(EvpKeyInitializer keyInit | - arg = keyInit.getKeyArg() and this = keyInit and context = keyInit.getContext() - ) - } - - override CtxPointerSource getContext() { result = context } - - override Expr getAlgorithmArg() { - result = - getSourceKeyCreationInstanceFromArg(this.getKeyArg()).(OpenSslOperation).getAlgorithmArg() - } - - override Expr getKeySizeArg() { - result = getSourceKeyCreationInstanceFromArg(this.getKeyArg()).getKeySizeConsumer().asExpr() - } - - override Expr getKeyArg() { result = arg } -} - -/** - * A default initializer for any key operation that accepts a key as input. - * A key initializer allows for a mechanic to go backwards to the key creation operation - * and find the algorithm and key size. - * If a user were to stipualte a key consumer for an operation but fail to indicate it as an - * initializer, automatic tracing to the creation operation would not occur. - * USERS SHOULD NOT NEED TO USE OR EXTEND THIS CLASS DIRECTLY. - * - * TODO: re-evaluate this approach - */ -class DefaultKeyInitializer extends EvpKeyInitializer instanceof Crypto::KeyOperationInstance { - Expr arg; - - DefaultKeyInitializer() { - exists(Call c | - c.getAChild*() = arg and - arg = this.(Crypto::KeyOperationInstance).getKeyConsumer().asExpr() and - c = this - ) - } - - override Expr getKeyArg() { result = arg } - - override CtxPointerSource getContext() { result = this.(EvpOperation).getContext() } -} - -abstract class EvpIVInitializer extends EvpInitializer { - abstract Expr getIVArg(); -} - -/** - * A call to initialize padding. - */ -abstract class EvpPaddingInitializer extends EvpInitializer { - /** - * Gets the padding mode argument. - * e.g., `EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING)` argument 1 (0-based) - */ - abstract Expr getPaddingArg(); -} - -/** - * A call to initialize a salt length. - */ -abstract class EvpSaltLengthInitializer extends EvpInitializer { - /** - * Gets the salt length argument. - * e.g., `EVP_PKEY_CTX_set_scrypt_salt_len(ctx, 16)` argument 1 (0-based) - */ - abstract Expr getSaltLengthArg(); -} - -/** - * A call to initialize a hash algorithm. - */ -abstract class EvpHashAlgorithmInitializer extends EvpInitializer { - abstract Expr getHashAlgorithmArg(); - - Crypto::AlgorithmValueConsumer getHashAlgorithmValueConsumer() { - argToAvc(this.getHashAlgorithmArg(), result) - } -} - -/** - * A Call to an "update" function. - * These are not operations in the sense of Crypto::OperationInstance, - * but produce intermediate results for the operation that are later finalized - * (see EvpFinal). - * Intended for use with EvPOperation. - */ -abstract class EvpUpdate extends Call { - /** - * Gets the context argument that ties together initialization, updates and/or final calls. - */ - abstract CtxPointerSource getContext(); - - /** - * Update calls always have some input data like plaintext or message digest. - */ - abstract Expr getInputArg(); - - /** - * Update calls sometimes have some output data like a plaintext. - */ - Expr getOutputArg() { none() } -} - -/** - * The base class for all operations of the EVP API. - * This captures one-shot APIs (with and without an initilizer call) and final calls. - * Provides some default methods for Crypto::KeyOperationInstance class. - */ -abstract class EvpOperation extends OpenSslOperation { - /** - * Gets the context argument that ties together initialization, updates and/or final calls. - */ - abstract CtxPointerSource getContext(); - - /** - * Some input data like plaintext or message digest. - * Either argument provided direcly in the call or all arguments that were provided in update calls. - */ - abstract Expr getInputArg(); - - /** - * Some output data like ciphertext or signature. - */ - abstract Expr getOutputArg(); - - /** - * Finds the initialization call, may be none. - */ - EvpInitializer getInitCall() { ctxSrcToSrcFlow(result.getContext(), this.getContext()) } - - Crypto::ArtifactOutputDataFlowNode getOutputArtifact() { - result = DataFlow::exprNode(this.getOutputArg()) - } - - /** - * Input consumer is the input argument of the call. - */ - Crypto::ConsumerInputDataFlowNode getInputConsumer() { - result = DataFlow::exprNode(this.getInputArg()) - } -} - -/** - * An EVP final call, - * which is typicall used in an update/final pattern. - * Final operations are typically identified by "final" in the name, - * e.g., "EVP_DigestFinal", "EVP_EncryptFinal", etc. - * however, this is not a strict rule. - */ -abstract class EvpFinal extends EvpOperation { - /** - * All update calls that were executed before this final call. - */ - EvpUpdate getUpdateCalls() { ctxSrcToSrcFlow(result.getContext(), this.getContext()) } - - /** - * Gets the input data provided to all update calls. - * If more input data was provided in the final call, override the method. - */ - override Expr getInputArg() { result = this.getUpdateCalls().getInputArg() } - - /** - * Gets the output data provided to all update calls. - * If more output data was provided in the final call, override the method. - */ - override Expr getOutputArg() { result = this.getUpdateCalls().getOutputArg() } -} From f9147cfb2b5b23247ca97f636548eeb634ed95d5 Mon Sep 17 00:00:00 2001 From: "REDMOND\\brodes" Date: Wed, 25 Jun 2025 12:26:41 -0400 Subject: [PATCH 067/111] Crypto: Remove experimental qll file --- .../OpenSSL/GetInstanceToInitOrUseFlow.qll | 185 ------------------ 1 file changed, 185 deletions(-) delete mode 100644 cpp/ql/lib/experimental/quantum/OpenSSL/GetInstanceToInitOrUseFlow.qll diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/GetInstanceToInitOrUseFlow.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/GetInstanceToInitOrUseFlow.qll deleted file mode 100644 index 6c6ff0807b6..00000000000 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/GetInstanceToInitOrUseFlow.qll +++ /dev/null @@ -1,185 +0,0 @@ -// import semmle.code.cpp.dataflow.new.DataFlow -// signature class GetInstanceCallSig instanceof Call; -// signature class InitCallSig instanceof Call; -// signature class UseCallSig instanceof Call { -// /** -// * Holds if the use is not a final use, such as an `update()` call before `doFinal()` -// */ -// predicate isIntermediate(); -// } -// module GetInstanceInitUseFlowAnalysis< -// GetInstanceCallSig GetInstance, InitCallSig Init, UseCallSig Uses> -// { -newtype TFlowState = - TUninitialized() or - TInitialized(Init call) or - TIntermediateUse(Use call) - -abstract class InitFlowState extends TFlowState { - string toString() { - this = TUninitialized() and result = "Uninitialized" - or - this = TInitialized(_) and result = "Initialized" - // TODO: add intermediate use - } -} - -class UninitializedFlowState extends InitFlowState, TUninitialized { } - -class InitializedFlowState extends InitFlowState, TInitialized { - Init call; - DataFlow::Node node1; - DataFlow::Node node2; - - InitializedFlowState() { - this = TInitialized(call) and - node2.asExpr() = call.(Call).getQualifier() and - DataFlow::localFlowStep(node1, node2) and - node1 != node2 - } - - Init getInitCall() { result = call } - - DataFlow::Node getFstNode() { result = node1 } - - DataFlow::Node getSndNode() { result = node2 } -} - -class IntermediateUseState extends InitFlowState, TIntermediateUse { - Uses call; - DataFlow::Node node1; - DataFlow::Node node2; - - IntermediateUseState() { - this = TIntermediateUse(call) and - call.isIntermediate() and - node1.asExpr() = call.(Call).getQualifier() and - node2 = node1 - } - - Use getUseCall() { result = call } - - DataFlow::Node getFstNode() { result = node1 } - - DataFlow::Node getSndNode() { result = node2 } -} - -/** - * A flow config from a `GetInstance` to the `Init` or `Use` through any - * intermediate uses or inits. - */ -module GetInstanceToInitOrUseConfig implements DataFlow::StateConfigSig { - class FlowState = InitFlowState; - - predicate isSource(DataFlow::Node src, FlowState state) { - state instanceof UninitializedFlowState and - src.asExpr() instanceof GetInstance - or - src = state.(InitializedFlowState).getSndNode() - or - src = state.(IntermediateUseState).getSndNode() - } - - // TODO: document this, but this is intentional (avoid cross products?) - predicate isSink(DataFlow::Node sink, FlowState state) { none() } - - predicate isSink(DataFlow::Node sink) { - none() - // exists(Init c | c.(Call).getQualifier() = sink.asExpr()) - // or - // exists(Use c | not c.isIntermediate() and c.(Call).getQualifier() = sink.asExpr()) - } - - predicate isAdditionalFlowStep( - DataFlow::Node node1, FlowState state1, DataFlow::Node node2, FlowState state2 - ) { - state1 = state1 and - ( - node1 = state2.(InitializedFlowState).getFstNode() and - node2 = state2.(InitializedFlowState).getSndNode() - or - node1 = state2.(IntermediateUseState).getFstNode() and - node2 = state2.(IntermediateUseState).getSndNode() - ) - } - - predicate isBarrier(DataFlow::Node node, FlowState state) { - // exists(CipherInitCall call | node.asExpr() = call.getQualifier() | - // state instanceof UninitializedFlowState - // or - // state.(InitializedFlowState).getInitCall() != call - // ) - none() - } -} -// module GetInstanceToInitToUseFlow = DataFlow::GlobalWithState; -// GetInstance getInstantiationFromUse( -// Use use, GetInstanceToInitToUseFlow::PathNode src, GetInstanceToInitToUseFlow::PathNode sink -// ) { -// src.getNode().asExpr() = result and -// sink.getNode().asExpr() = use.( Call).getQualifier() and -// GetInstanceToInitToUseFlow::flowPath(src, sink) -// } -// GetInstance getInstantiationFromInit( -// Init init, GetInstanceToInitToUseFlow::PathNode src, GetInstanceToInitToUseFlow::PathNode sink -// ) { -// src.getNode().asExpr() = result and -// sink.getNode().asExpr() = init.( Call).getQualifier() and -// GetInstanceToInitToUseFlow::flowPath(src, sink) -// } -// Init getInitFromUse( -// Use use, GetInstanceToInitToUseFlow::PathNode src, GetInstanceToInitToUseFlow::PathNode sink -// ) { -// src.getNode().asExpr() = result.( Call).getQualifier() and -// sink.getNode().asExpr() = use.( Call).getQualifier() and -// GetInstanceToInitToUseFlow::flowPath(src, sink) -// } -// predicate hasInit(Use use) { exists(getInitFromUse(use, _, _)) } -// Use getAnIntermediateUseFromFinalUse( -// Use final, GetInstanceToInitToUseFlow::PathNode src, GetInstanceToInitToUseFlow::PathNode sink -// ) { -// not final.isIntermediate() and -// result.isIntermediate() and -// src.getNode().asExpr() = result.( Call).getQualifier() and -// sink.getNode().asExpr() = final.( Call).getQualifier() and -// GetInstanceToInitToUseFlow::flowPath(src, sink) -// } -// } -// module GetInstanceToInitToUseConfig implements DataFlow::StateConfigSig { -// class FlowState = InitFlowState; -// predicate isSource(DataFlow::Node src, FlowState state) { -// state instanceof UninitializedFlowState and -// src.asExpr() instanceof GetInstance -// or -// src = state.(InitializedFlowState).getSndNode() -// or -// src = state.(IntermediateUseState).getSndNode() -// } -// // TODO: document this, but this is intentional (avoid cross products?) -// predicate isSink(DataFlow::Node sink, FlowState state) { none() } -// predicate isSink(DataFlow::Node sink) { -// exists(Init c | c.( Call).getQualifier() = sink.asExpr()) -// or -// exists(Use c | not c.isIntermediate() and c.( Call).getQualifier() = sink.asExpr()) -// } -// predicate isAdditionalFlowStep( -// DataFlow::Node node1, FlowState state1, DataFlow::Node node2, FlowState state2 -// ) { -// state1 = state1 and -// ( -// node1 = state2.(InitializedFlowState).getFstNode() and -// node2 = state2.(InitializedFlowState).getSndNode() -// or -// node1 = state2.(IntermediateUseState).getFstNode() and -// node2 = state2.(IntermediateUseState).getSndNode() -// ) -// } -// predicate isBarrier(DataFlow::Node node, FlowState state) { -// exists(CipherInitCall call | node.asExpr() = call.getQualifier() | -// state instanceof UninitializedFlowState -// or -// state.(InitializedFlowState).getInitCall() != call -// ) -// } -// } -// module GetInstanceToInitToUseFlow = DataFlow::GlobalWithState; From 8280cbcaa1324175c2c3ddc591103b6852e86aac Mon Sep 17 00:00:00 2001 From: "REDMOND\\brodes" Date: Wed, 25 Jun 2025 13:55:47 -0400 Subject: [PATCH 068/111] Crypto: Update JCA model to include new model.qll updates. --- java/ql/lib/experimental/quantum/JCA.qll | 2 ++ 1 file changed, 2 insertions(+) diff --git a/java/ql/lib/experimental/quantum/JCA.qll b/java/ql/lib/experimental/quantum/JCA.qll index 16afa26347f..872df482fb6 100644 --- a/java/ql/lib/experimental/quantum/JCA.qll +++ b/java/ql/lib/experimental/quantum/JCA.qll @@ -1105,6 +1105,8 @@ module JCAModel { } override int getKeySizeFixed() { none() } + + override Crypto::ConsumerInputDataFlowNode getRawKeyValueConsumer() { none() } } class KeyGeneratorCipherAlgorithm extends CipherStringLiteralAlgorithmInstance { From 14472bf7440e185df0df7fd0b3b210a487476ceb Mon Sep 17 00:00:00 2001 From: Nicolas Will Date: Wed, 25 Jun 2025 20:08:14 +0200 Subject: [PATCH 069/111] Crypto: Refactor type name mapping and fix QL-for-QL alerts --- .../BlockAlgorithmInstance.qll | 27 +- .../CipherAlgorithmInstance.qll | 2 +- .../EllipticCurveAlgorithmInstance.qll | 12 +- .../MACAlgorithmInstance.qll | 6 +- .../PaddingAlgorithmInstance.qll | 29 +- .../SignatureAlgorithmInstance.qll | 2 +- java/ql/lib/experimental/quantum/JCA.qll | 61 +-- .../codeql/quantum/experimental/Model.qll | 486 ++---------------- .../quantum/experimental/Standardization.qll | 477 +++++++++++++++++ 9 files changed, 584 insertions(+), 518 deletions(-) create mode 100644 shared/quantum/codeql/quantum/experimental/Standardization.qll diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/BlockAlgorithmInstance.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/BlockAlgorithmInstance.qll index 04369523a45..cf595ff1e83 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/BlockAlgorithmInstance.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/BlockAlgorithmInstance.qll @@ -5,36 +5,37 @@ private import experimental.quantum.OpenSSL.AlgorithmInstances.KnownAlgorithmCon private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.DirectAlgorithmValueConsumer private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumerBase private import AlgToAVCFlow +private import codeql.quantum.experimental.Standardization::Types::KeyOpAlg as KeyOpAlg /** * Given a `KnownOpenSslBlockModeAlgorithmExpr`, converts this to a block family type. * Does not bind if there is no mapping (no mapping to 'unknown' or 'other'). */ predicate knownOpenSslConstantToBlockModeFamilyType( - KnownOpenSslBlockModeAlgorithmExpr e, Crypto::TBlockCipherModeOfOperationType type + KnownOpenSslBlockModeAlgorithmExpr e, KeyOpAlg::ModeOfOperationType type ) { exists(string name | name = e.(KnownOpenSslAlgorithmExpr).getNormalizedName() and ( - name = "CBC" and type instanceof Crypto::CBC + name = "CBC" and type instanceof KeyOpAlg::CBC or - name = "CFB%" and type instanceof Crypto::CFB + name = "CFB%" and type instanceof KeyOpAlg::CFB or - name = "CTR" and type instanceof Crypto::CTR + name = "CTR" and type instanceof KeyOpAlg::CTR or - name = "GCM" and type instanceof Crypto::GCM + name = "GCM" and type instanceof KeyOpAlg::GCM or - name = "OFB" and type instanceof Crypto::OFB + name = "OFB" and type instanceof KeyOpAlg::OFB or - name = "XTS" and type instanceof Crypto::XTS + name = "XTS" and type instanceof KeyOpAlg::XTS or - name = "CCM" and type instanceof Crypto::CCM + name = "CCM" and type instanceof KeyOpAlg::CCM or - name = "GCM" and type instanceof Crypto::GCM + name = "GCM" and type instanceof KeyOpAlg::GCM or - name = "CCM" and type instanceof Crypto::CCM + name = "CCM" and type instanceof KeyOpAlg::CCM or - name = "ECB" and type instanceof Crypto::ECB + name = "ECB" and type instanceof KeyOpAlg::ECB ) ) } @@ -64,10 +65,10 @@ class KnownOpenSslBlockModeConstantAlgorithmInstance extends OpenSslAlgorithmIns getterCall = this } - override Crypto::TBlockCipherModeOfOperationType getModeType() { + override KeyOpAlg::ModeOfOperationType getModeType() { knownOpenSslConstantToBlockModeFamilyType(this, result) or - not knownOpenSslConstantToBlockModeFamilyType(this, _) and result = Crypto::OtherMode() + not knownOpenSslConstantToBlockModeFamilyType(this, _) and result = KeyOpAlg::OtherMode() } // NOTE: I'm not going to attempt to parse out the mode specific part, so returning diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/CipherAlgorithmInstance.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/CipherAlgorithmInstance.qll index 0fb8ecf9539..5ce8f1f53cb 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/CipherAlgorithmInstance.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/CipherAlgorithmInstance.qll @@ -113,7 +113,7 @@ class KnownOpenSslCipherConstantAlgorithmInstance extends OpenSslAlgorithmInstan this.(KnownOpenSslCipherAlgorithmExpr).getExplicitKeySize() = result } - override Crypto::KeyOpAlg::Algorithm getAlgorithmType() { + override KeyOpAlg::AlgorithmType getAlgorithmType() { knownOpenSslConstantToCipherFamilyType(this, result) or not knownOpenSslConstantToCipherFamilyType(this, _) and diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/EllipticCurveAlgorithmInstance.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/EllipticCurveAlgorithmInstance.qll index 78cba496286..82a2b1357f2 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/EllipticCurveAlgorithmInstance.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/EllipticCurveAlgorithmInstance.qll @@ -39,8 +39,14 @@ class KnownOpenSslEllipticCurveConstantAlgorithmInstance extends OpenSslAlgorith result = this.(Call).getTarget().getName() } - override Crypto::TEllipticCurveType getEllipticCurveType() { - Crypto::ellipticCurveNameToKeySizeAndFamilyMapping(this.getParsedEllipticCurveName(), _, result) + override Crypto::EllipticCurveFamilyType getEllipticCurveFamilyType() { + if + Crypto::ellipticCurveNameToKnownKeySizeAndFamilyMapping(this.getParsedEllipticCurveName(), _, + _) + then + Crypto::ellipticCurveNameToKnownKeySizeAndFamilyMapping(this.getParsedEllipticCurveName(), _, + result) + else result = Crypto::OtherEllipticCurveType() } override string getParsedEllipticCurveName() { @@ -48,7 +54,7 @@ class KnownOpenSslEllipticCurveConstantAlgorithmInstance extends OpenSslAlgorith } override int getKeySize() { - Crypto::ellipticCurveNameToKeySizeAndFamilyMapping(this.(KnownOpenSslAlgorithmExpr) + Crypto::ellipticCurveNameToKnownKeySizeAndFamilyMapping(this.(KnownOpenSslAlgorithmExpr) .getNormalizedName(), result, _) } } diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/MACAlgorithmInstance.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/MACAlgorithmInstance.qll index ac1898d7bdf..f12bad03d46 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/MACAlgorithmInstance.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/MACAlgorithmInstance.qll @@ -39,10 +39,10 @@ class KnownOpenSslMacConstantAlgorithmInstance extends OpenSslAlgorithmInstance, result = this.(Call).getTarget().getName() } - override Crypto::TMacType getMacType() { - this instanceof KnownOpenSslHMacAlgorithmExpr and result instanceof Crypto::THMAC + override Crypto::MacType getMacType() { + this instanceof KnownOpenSslHMacAlgorithmExpr and result = Crypto::HMAC() or - this instanceof KnownOpenSslCMacAlgorithmExpr and result instanceof Crypto::TCMAC + this instanceof KnownOpenSslCMacAlgorithmExpr and result = Crypto::CMAC() } } diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/PaddingAlgorithmInstance.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/PaddingAlgorithmInstance.qll index 89af70fb6c3..eeb31f29926 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/PaddingAlgorithmInstance.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/PaddingAlgorithmInstance.qll @@ -5,6 +5,7 @@ private import experimental.quantum.OpenSSL.AlgorithmInstances.KnownAlgorithmCon private import AlgToAVCFlow private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.DirectAlgorithmValueConsumer private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumerBase +private import codeql.quantum.experimental.Standardization::Types::KeyOpAlg as KeyOpAlg /** * A class to define padding specific integer values. @@ -28,18 +29,18 @@ class OpenSslPaddingLiteral extends Literal { * Does not bind if there is no mapping (no mapping to 'unknown' or 'other'). */ predicate knownOpenSslConstantToPaddingFamilyType( - KnownOpenSslPaddingAlgorithmExpr e, Crypto::TPaddingType type + KnownOpenSslPaddingAlgorithmExpr e, KeyOpAlg::PaddingSchemeType type ) { exists(string name | name = e.(KnownOpenSslAlgorithmExpr).getNormalizedName() and ( - name = "OAEP" and type = Crypto::OAEP() + name = "OAEP" and type = KeyOpAlg::OAEP() or - name = "PSS" and type = Crypto::PSS() + name = "PSS" and type = KeyOpAlg::PSS() or - name = "PKCS7" and type = Crypto::PKCS7() + name = "PKCS7" and type = KeyOpAlg::PKCS7() or - name = "PKCS1V15" and type = Crypto::PKCS1_v1_5() + name = "PKCS1V15" and type = KeyOpAlg::PKCS1_v1_5() ) ) } @@ -98,24 +99,24 @@ class KnownOpenSslPaddingConstantAlgorithmInstance extends OpenSslAlgorithmInsta override OpenSslAlgorithmValueConsumer getAvc() { result = getterCall } - Crypto::TPaddingType getKnownPaddingType() { - this.(Literal).getValue().toInt() in [1, 7, 8] and result = Crypto::PKCS1_v1_5() + KeyOpAlg::PaddingSchemeType getKnownPaddingType() { + this.(Literal).getValue().toInt() in [1, 7, 8] and result = KeyOpAlg::PKCS1_v1_5() or - this.(Literal).getValue().toInt() = 3 and result = Crypto::NoPadding() + this.(Literal).getValue().toInt() = 3 and result = KeyOpAlg::NoPadding() or - this.(Literal).getValue().toInt() = 4 and result = Crypto::OAEP() + this.(Literal).getValue().toInt() = 4 and result = KeyOpAlg::OAEP() or - this.(Literal).getValue().toInt() = 5 and result = Crypto::ANSI_X9_23() + this.(Literal).getValue().toInt() = 5 and result = KeyOpAlg::ANSI_X9_23() or - this.(Literal).getValue().toInt() = 6 and result = Crypto::PSS() + this.(Literal).getValue().toInt() = 6 and result = KeyOpAlg::PSS() } - override Crypto::TPaddingType getPaddingType() { + override KeyOpAlg::PaddingSchemeType getPaddingType() { isPaddingSpecificConsumer = true and ( result = this.getKnownPaddingType() or - not exists(this.getKnownPaddingType()) and result = Crypto::OtherPadding() + not exists(this.getKnownPaddingType()) and result = KeyOpAlg::OtherPadding() ) or isPaddingSpecificConsumer = false and @@ -165,7 +166,7 @@ class OaepPaddingAlgorithmInstance extends Crypto::OaepPaddingAlgorithmInstance, KnownOpenSslPaddingConstantAlgorithmInstance { OaepPaddingAlgorithmInstance() { - this.(Crypto::PaddingAlgorithmInstance).getPaddingType() = Crypto::OAEP() + this.(Crypto::PaddingAlgorithmInstance).getPaddingType() = KeyOpAlg::OAEP() } override Crypto::HashAlgorithmInstance getOaepEncodingHashAlgorithm() { diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/SignatureAlgorithmInstance.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/SignatureAlgorithmInstance.qll index afd67410c0a..cc2e5771ffc 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/SignatureAlgorithmInstance.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/SignatureAlgorithmInstance.qll @@ -73,7 +73,7 @@ class KnownOpenSslSignatureConstantAlgorithmInstance extends OpenSslAlgorithmIns none() } - override KeyOpAlg::Algorithm getAlgorithmType() { + override KeyOpAlg::AlgorithmType getAlgorithmType() { knownOpenSslConstantToSignatureFamilyType(this, result) or not knownOpenSslConstantToSignatureFamilyType(this, _) and diff --git a/java/ql/lib/experimental/quantum/JCA.qll b/java/ql/lib/experimental/quantum/JCA.qll index 08898f256c4..56a57e4298d 100644 --- a/java/ql/lib/experimental/quantum/JCA.qll +++ b/java/ql/lib/experimental/quantum/JCA.qll @@ -5,7 +5,7 @@ import semmle.code.java.controlflow.Dominance module JCAModel { import Language - import Crypto::KeyOpAlg as KeyOpAlg + import codeql.quantum.experimental.Standardization::Types::KeyOpAlg as KeyOpAlg abstract class CipherAlgorithmValueConsumer extends Crypto::AlgorithmValueConsumer { } @@ -115,7 +115,7 @@ module JCAModel { } bindingset[name] - Crypto::THashType hash_name_to_type_known(string name, int digestLength) { + Crypto::HashType hash_name_to_type_known(string name, int digestLength) { name = "SHA-1" and result instanceof Crypto::SHA1 and digestLength = 160 or name = ["SHA-256", "SHA-384", "SHA-512"] and @@ -152,24 +152,22 @@ module JCAModel { } bindingset[name] - private predicate mode_name_to_type_known( - Crypto::TBlockCipherModeOfOperationType type, string name - ) { - type = Crypto::ECB() and name = "ECB" + private predicate mode_name_to_type_known(KeyOpAlg::ModeOfOperationType type, string name) { + type = KeyOpAlg::ECB() and name = "ECB" or - type = Crypto::CBC() and name = "CBC" + type = KeyOpAlg::CBC() and name = "CBC" or - type = Crypto::GCM() and name = "GCM" + type = KeyOpAlg::GCM() and name = "GCM" or - type = Crypto::CTR() and name = "CTR" + type = KeyOpAlg::CTR() and name = "CTR" or - type = Crypto::XTS() and name = "XTS" + type = KeyOpAlg::XTS() and name = "XTS" or - type = Crypto::CCM() and name = "CCM" + type = KeyOpAlg::CCM() and name = "CCM" or - type = Crypto::SIV() and name = "SIV" + type = KeyOpAlg::SIV() and name = "SIV" or - type = Crypto::OCB() and name = "OCB" + type = KeyOpAlg::OCB() and name = "OCB" } bindingset[name] @@ -206,7 +204,7 @@ module JCAModel { bindingset[name] predicate mac_name_to_mac_type_known(Crypto::TMacType type, string name) { - type = Crypto::THMAC() and + type = Crypto::HMAC() and name.toUpperCase().matches("HMAC%") } @@ -298,18 +296,18 @@ module JCAModel { override string getRawPaddingAlgorithmName() { result = super.getPadding() } bindingset[name] - private predicate paddingToNameMappingKnown(Crypto::TPaddingType type, string name) { - type instanceof Crypto::NoPadding and name = "NOPADDING" + private predicate paddingToNameMappingKnown(KeyOpAlg::PaddingSchemeType type, string name) { + type instanceof KeyOpAlg::NoPadding and name = "NOPADDING" or - type instanceof Crypto::PKCS7 and name = ["PKCS5Padding", "PKCS7Padding"] // TODO: misnomer in the JCA? + type instanceof KeyOpAlg::PKCS7 and name = ["PKCS5Padding", "PKCS7Padding"] // TODO: misnomer in the JCA? or - type instanceof Crypto::OAEP and name.matches("OAEP%") // TODO: handle OAEPWith% + type instanceof KeyOpAlg::OAEP and name.matches("OAEP%") // TODO: handle OAEPWith% } - override Crypto::TPaddingType getPaddingType() { + override KeyOpAlg::PaddingSchemeType getPaddingType() { if this.paddingToNameMappingKnown(_, super.getPadding()) then this.paddingToNameMappingKnown(result, super.getPadding()) - else result instanceof Crypto::OtherPadding + else result instanceof KeyOpAlg::OtherPadding } } @@ -320,10 +318,10 @@ module JCAModel { override string getRawModeAlgorithmName() { result = super.getMode() } - override Crypto::TBlockCipherModeOfOperationType getModeType() { + override KeyOpAlg::ModeOfOperationType getModeType() { if mode_name_to_type_known(_, super.getMode()) then mode_name_to_type_known(result, super.getMode()) - else result instanceof Crypto::OtherMode + else result instanceof KeyOpAlg::OtherMode } } @@ -347,7 +345,7 @@ module JCAModel { override string getRawAlgorithmName() { result = super.getValue() } - override KeyOpAlg::Algorithm getAlgorithmType() { + override KeyOpAlg::AlgorithmType getAlgorithmType() { if cipher_name_to_type_known(_, super.getAlgorithmName()) then cipher_name_to_type_known(result, super.getAlgorithmName()) else result instanceof KeyOpAlg::TUnknownKeyOperationAlgorithmType @@ -1249,7 +1247,7 @@ module JCAModel { result = super.getRawKdfAlgorithmName().splitAt("WithHmac", 1) } - override Crypto::TMacType getMacType() { result instanceof Crypto::THMAC } + override Crypto::MacType getMacType() { result = Crypto::HMAC() } override Crypto::AlgorithmValueConsumer getHmacAlgorithmValueConsumer() { result = this } @@ -1487,10 +1485,10 @@ module JCAModel { override string getRawMacAlgorithmName() { result = super.getValue() } - override Crypto::TMacType getMacType() { + override Crypto::MacType getMacType() { if mac_name_to_mac_type_known(_, super.getValue()) then mac_name_to_mac_type_known(result, super.getValue()) - else result instanceof Crypto::TOtherMACType + else result = Crypto::OtherMacType() } } @@ -1597,15 +1595,18 @@ module JCAModel { override string getRawEllipticCurveName() { result = super.getValue() } - override Crypto::TEllipticCurveType getEllipticCurveType() { - if Crypto::ellipticCurveNameToKeySizeAndFamilyMapping(this.getRawEllipticCurveName(), _, _) + override Crypto::EllipticCurveFamilyType getEllipticCurveFamilyType() { + if + Crypto::ellipticCurveNameToKnownKeySizeAndFamilyMapping(this.getRawEllipticCurveName(), _, _) then - Crypto::ellipticCurveNameToKeySizeAndFamilyMapping(this.getRawEllipticCurveName(), _, result) + Crypto::ellipticCurveNameToKnownKeySizeAndFamilyMapping(this.getRawEllipticCurveName(), _, + result) else result = Crypto::OtherEllipticCurveType() } override int getKeySize() { - Crypto::ellipticCurveNameToKeySizeAndFamilyMapping(this.getRawEllipticCurveName(), result, _) + Crypto::ellipticCurveNameToKnownKeySizeAndFamilyMapping(this.getRawEllipticCurveName(), + result, _) } EllipticCurveAlgorithmValueConsumer getConsumer() { result = consumer } diff --git a/shared/quantum/codeql/quantum/experimental/Model.qll b/shared/quantum/codeql/quantum/experimental/Model.qll index e41dae15656..d9fef2c4a19 100644 --- a/shared/quantum/codeql/quantum/experimental/Model.qll +++ b/shared/quantum/codeql/quantum/experimental/Model.qll @@ -29,6 +29,8 @@ signature module InputSig { } module CryptographyBase Input> { + import Standardization::Types + final class LocatableElement = Input::LocatableElement; final class UnknownLocation = Input::UnknownLocation; @@ -552,192 +554,6 @@ module CryptographyBase Input> { final override ConsumerInputDataFlowNode getInputNode() { result = inputNode } } - /** - * The `KeyOpAlg` module defines key operation algorithms types (e.g., symmetric ciphers, signatures, etc.) - * and provides mapping of those types to string names and structural properties. - */ - module KeyOpAlg { - /** - * An algorithm used in key operations. - */ - newtype TAlgorithm = - TSymmetricCipher(TSymmetricCipherType t) or - TAsymmetricCipher(TAsymmetricCipherType t) or - TSignature(TSignatureAlgorithmType t) or - TKeyEncapsulation(TKEMAlgorithmType t) or - TUnknownKeyOperationAlgorithmType() - - // Parameterized algorithm types - newtype TSymmetricCipherType = - AES() or - ARIA() or - BLOWFISH() or - CAMELLIA() or - CAST5() or - CHACHA20() or - DES() or - DESX() or - GOST() or - IDEA() or - KUZNYECHIK() or - MAGMA() or - TripleDES() or - DoubleDES() or - RC2() or - RC4() or - RC5() or - SEED() or - SM4() or - OtherSymmetricCipherType() - - newtype TAsymmetricCipherType = - RSA() or - OtherAsymmetricCipherType() - - newtype TSignatureAlgorithmType = - DSA() or - ECDSA() or - EDDSA() or // e.g., ED25519 or ED448 - OtherSignatureAlgorithmType() - - newtype TKEMAlgorithmType = - Kyber() or - FrodoKEM() or - OtherKEMAlgorithmType() - - newtype TCipherStructureType = - Block() or - Stream() or - UnknownCipherStructureType() - - class CipherStructureType extends TCipherStructureType { - string toString() { - result = "Block" and this = Block() - or - result = "Stream" and this = Stream() - or - result = "Unknown" and this = UnknownCipherStructureType() - } - } - - predicate fixedImplicitCipherKeySize(TAlgorithm type, int size) { - type = TSymmetricCipher(DES()) and size = 56 - or - type = TSymmetricCipher(DESX()) and size = 184 - or - type = TSymmetricCipher(DoubleDES()) and size = 112 - or - type = TSymmetricCipher(TripleDES()) and size = 168 - or - type = TSymmetricCipher(CHACHA20()) and size = 256 - or - type = TSymmetricCipher(IDEA()) and size = 128 - or - type = TSymmetricCipher(KUZNYECHIK()) and size = 256 - or - type = TSymmetricCipher(MAGMA()) and size = 256 - or - type = TSymmetricCipher(SM4()) and size = 128 - or - type = TSymmetricCipher(SEED()) and size = 128 - } - - predicate symmetric_cipher_to_name_and_structure( - TSymmetricCipherType type, string name, CipherStructureType s - ) { - type = AES() and name = "AES" and s = Block() - or - type = ARIA() and name = "ARIA" and s = Block() - or - type = BLOWFISH() and name = "Blowfish" and s = Block() - or - type = CAMELLIA() and name = "Camellia" and s = Block() - or - type = CAST5() and name = "CAST5" and s = Block() - or - type = CHACHA20() and name = "ChaCha20" and s = Stream() - or - type = DES() and name = "DES" and s = Block() - or - type = DESX() and name = "DESX" and s = Block() - or - type = GOST() and name = "GOST" and s = Block() - or - type = IDEA() and name = "IDEA" and s = Block() - or - type = KUZNYECHIK() and name = "Kuznyechik" and s = Block() - or - type = MAGMA() and name = "Magma" and s = Block() - or - type = TripleDES() and name = "TripleDES" and s = Block() - or - type = DoubleDES() and name = "DoubleDES" and s = Block() - or - type = RC2() and name = "RC2" and s = Block() - or - type = RC4() and name = "RC4" and s = Stream() - or - type = RC5() and name = "RC5" and s = Block() - or - type = SEED() and name = "SEED" and s = Block() - or - type = SM4() and name = "SM4" and s = Block() - or - type = OtherSymmetricCipherType() and - name = "UnknownSymmetricCipher" and - s = UnknownCipherStructureType() - } - - predicate type_to_name(Algorithm type, string name) { - // Symmetric cipher algorithm - symmetric_cipher_to_name_and_structure(type.(SymmetricCipherAlgorithm).getType(), name, _) - or - // Asymmetric cipher algorithms - type = TAsymmetricCipher(RSA()) and name = "RSA" - or - type = TAsymmetricCipher(OtherAsymmetricCipherType()) and name = "UnknownAsymmetricCipher" - or - // Signature algorithms - type = TSignature(DSA()) and name = "DSA" - or - type = TSignature(ECDSA()) and name = "ECDSA" - or - type = TSignature(EDDSA()) and name = "EDSA" - or - type = TSignature(OtherSignatureAlgorithmType()) and name = "UnknownSignature" - or - // Key Encapsulation Mechanisms - type = TKeyEncapsulation(Kyber()) and name = "Kyber" - or - type = TKeyEncapsulation(FrodoKEM()) and name = "FrodoKEM" - or - type = TKeyEncapsulation(OtherKEMAlgorithmType()) and name = "UnknownKEM" - or - // Unknown - type = TUnknownKeyOperationAlgorithmType() and name = "Unknown" - } - - class Algorithm extends TAlgorithm { - string toString() { type_to_name(this, result) } - } - - class SymmetricCipherAlgorithm extends Algorithm, TSymmetricCipher { - TSymmetricCipherType type; - - SymmetricCipherAlgorithm() { this = TSymmetricCipher(type) } - - TSymmetricCipherType getType() { result = type } - } - - class AsymmetricCipherAlgorithm extends Algorithm, TAsymmetricCipher { - TAsymmetricCipherType type; - - AsymmetricCipherAlgorithm() { this = TAsymmetricCipher(type) } - - TAsymmetricCipherType getType() { result = type } - } - } - /** * A key-based cryptographic operation instance, encompassing: * 1. **Ciphers**: Encryption and decryption, both symmetric and asymmetric @@ -836,7 +652,7 @@ module CryptographyBase Input> { * * This predicate should always hold. */ - abstract KeyOpAlg::Algorithm getAlgorithmType(); + abstract KeyOpAlg::AlgorithmType getAlgorithmType(); /** * Gets the mode of operation, such as "CBC", "GCM", or "ECB". @@ -888,19 +704,6 @@ module CryptographyBase Input> { predicate shouldHavePaddingScheme() { any() } } - newtype TBlockCipherModeOfOperationType = - ECB() or // Not secure, widely used - CBC() or // Vulnerable to padding oracle attacks - CFB() or - GCM() or // Widely used AEAD mode (TLS 1.3, SSH, IPsec) - CTR() or // Fast stream-like encryption (SSH, disk encryption) - XTS() or // Standard for full-disk encryption (BitLocker, LUKS, FileVault) - CCM() or // Used in lightweight cryptography (IoT, WPA2) - SIV() or // Misuse-resistant encryption, used in secure storage - OCB() or // Efficient AEAD mode - OFB() or - OtherMode() - abstract class ModeOfOperationAlgorithmInstance extends AlgorithmInstance { /** * Gets the type of this mode of operation, e.g., "ECB" or "CBC". @@ -909,7 +712,7 @@ module CryptographyBase Input> { * * If a type cannot be determined, the result is `OtherMode`. */ - abstract TBlockCipherModeOfOperationType getModeType(); + abstract KeyOpAlg::ModeOfOperationType getModeType(); /** * Gets the isolated name as it appears in source, e.g., "CBC" in "AES/CBC/PKCS7Padding". @@ -934,11 +737,11 @@ module CryptographyBase Input> { * * If a type cannot be determined, the result is `OtherPadding`. */ - abstract TPaddingType getPaddingType(); + abstract KeyOpAlg::PaddingSchemeType getPaddingType(); } abstract class OaepPaddingAlgorithmInstance extends PaddingAlgorithmInstance { - OaepPaddingAlgorithmInstance() { this.getPaddingType() instanceof OAEP } + OaepPaddingAlgorithmInstance() { this.getPaddingType() instanceof KeyOpAlg::OAEP } /** * Gets the hash algorithm used in this padding scheme. @@ -951,16 +754,11 @@ module CryptographyBase Input> { abstract HashAlgorithmInstance getMgf1HashAlgorithm(); } - newtype TMacType = - THMAC() or - TCMAC() or - TOtherMACType() - abstract class MacAlgorithmInstance extends AlgorithmInstance { /** * Gets the type of this MAC algorithm, e.g., "HMAC" or "CMAC". */ - abstract TMacType getMacType(); + abstract MacType getMacType(); /** * Gets the isolated name as it appears in source, e.g., "HMAC-SHA256" in "HMAC-SHA256/UnrelatedInformation". @@ -983,7 +781,7 @@ module CryptographyBase Input> { } abstract class HmacAlgorithmInstance extends MacAlgorithmInstance { - HmacAlgorithmInstance() { this.getMacType() instanceof THMAC } + HmacAlgorithmInstance() { this.getMacType() = HMAC() } /** * Gets the hash algorithm used by this HMAC algorithm. @@ -999,7 +797,7 @@ module CryptographyBase Input> { */ abstract string getRawEllipticCurveName(); - abstract TEllipticCurveType getEllipticCurveType(); + abstract TEllipticCurveFamilyType getEllipticCurveFamilyType(); abstract int getKeySize(); @@ -1165,24 +963,14 @@ module CryptographyBase Input> { final override string getKeyCreationTypeDescription() { result = "KeyLoad" } } - // Key agreement algorithms - newtype TKeyAgreementType = - DH() or // Diffie-Hellman - EDH() or // Ephemeral Diffie-Hellman - ECDH() or // Elliptic Curve Diffie-Hellman - // NOTE: for now ESDH is considered simply EDH - //ESDH() or // Ephemeral-Static Diffie-Hellman - // Note: x25519 and x448 are applications of ECDH - OtherKeyAgreementType() - abstract class KeyAgreementAlgorithmInstance extends AlgorithmInstance { abstract TKeyAgreementType getKeyAgreementType(); abstract string getRawKeyAgreementAlgorithmName(); } - abstract class ECDHKeyAgreementAlgorithmInstance extends KeyAgreementAlgorithmInstance { - ECDHKeyAgreementAlgorithmInstance() { this.getKeyAgreementType() instanceof ECDH } + abstract class EcdhKeyAgreementAlgorithmInstance extends KeyAgreementAlgorithmInstance { + EcdhKeyAgreementAlgorithmInstance() { this.getKeyAgreementType() instanceof ECDH } /** * Gets the consumer for the elliptic curve used in the key agreement operation. @@ -1265,7 +1053,7 @@ module CryptographyBase Input> { } private predicate isEllipticCurveAvc(AlgorithmValueConsumer avc) { - exists(ECDHKeyAgreementAlgorithmInstance alg | + exists(EcdhKeyAgreementAlgorithmInstance alg | avc = alg.getEllipticCurveAlgorithmValueConsumer() ) or exists(KeyGenerationOperationInstance op | op.getAnAlgorithmValueConsumer() = avc) @@ -1320,13 +1108,13 @@ module CryptographyBase Input> { TPaddingAlgorithm(PaddingAlgorithmInstance e) or // All other operations THashOperation(HashOperationInstance e) or - TMACOperation(MacOperationInstance e) or + TMacOperation(MacOperationInstance e) or TKeyAgreementOperation(KeyAgreementSecretGenerationOperationInstance e) or // All other algorithms TEllipticCurve(EllipticCurveInstanceOrValueConsumer e) or THashAlgorithm(HashAlgorithmInstanceOrValueConsumer e) or TKeyDerivationAlgorithm(KeyDerivationAlgorithmInstanceOrValueConsumer e) or - TMACAlgorithm(MacAlgorithmInstanceOrValueConsumer e) or + TMacAlgorithm(MacAlgorithmInstanceOrValueConsumer e) or TKeyAgreementAlgorithm(KeyAgreementAlgorithmInstanceOrValueConsumer e) or // Generic source nodes, i.e., sources of data that are not resolvable to a specific known asset. TGenericSourceNode(GenericSourceInstance e) { @@ -1774,10 +1562,10 @@ module CryptographyBase Input> { /** * A MAC operation that produces a MAC value. */ - final class MacOperationNode extends OperationNode, TMACOperation { + final class MacOperationNode extends OperationNode, TMacOperation { MacOperationInstance instance; - MacOperationNode() { this = TMACOperation(instance) } + MacOperationNode() { this = TMacOperation(instance) } final override string getInternalType() { result = "MACOperation" } @@ -1809,10 +1597,10 @@ module CryptographyBase Input> { /** * A MAC algorithm, such as HMAC or CMAC. */ - class MacAlgorithmNode extends AlgorithmNode, TMACAlgorithm { + class MacAlgorithmNode extends AlgorithmNode, TMacAlgorithm { MacAlgorithmInstanceOrValueConsumer instance; - MacAlgorithmNode() { this = TMACAlgorithm(instance) } + MacAlgorithmNode() { this = TMacAlgorithm(instance) } final override string getInternalType() { result = "MACAlgorithm" } @@ -1822,14 +1610,9 @@ module CryptographyBase Input> { result = instance.asAlg().getRawMacAlgorithmName() } - TMacType getMacType() { result = instance.asAlg().getMacType() } + MacType getMacType() { result = instance.asAlg().getMacType() } - final private predicate macToNameMapping(TMacType type, string name) { - type instanceof THMAC and - name = "HMAC" - } - - override string getAlgorithmName() { this.macToNameMapping(this.getMacType(), result) } + override string getAlgorithmName() { result = this.getMacType().toString() } } final class HmacAlgorithmNode extends MacAlgorithmNode { @@ -2248,42 +2031,11 @@ module CryptographyBase Input> { * * If a type cannot be determined, the result is `OtherMode`. */ - TBlockCipherModeOfOperationType getModeType() { result = instance.getModeType() } + KeyOpAlg::ModeOfOperationType getModeType() { result = instance.getModeType() } - final private predicate modeToNameMapping(TBlockCipherModeOfOperationType type, string name) { - type = ECB() and name = "ECB" - or - type = CBC() and name = "CBC" - or - type = GCM() and name = "GCM" - or - type = CTR() and name = "CTR" - or - type = XTS() and name = "XTS" - or - type = CCM() and name = "CCM" - or - type = SIV() and name = "SIV" - or - type = OCB() and name = "OCB" - or - type = CFB() and name = "CFB" - or - type = OFB() and name = "OFB" - } - - override string getAlgorithmName() { this.modeToNameMapping(this.getModeType(), result) } + override string getAlgorithmName() { result = this.getModeType().toString() } } - newtype TPaddingType = - PKCS1_v1_5() or // RSA encryption/signing padding - PSS() or - PKCS7() or // Standard block cipher padding (PKCS5 for 8-byte blocks) - ANSI_X9_23() or // Zero-padding except last byte = padding length - NoPadding() or // Explicit no-padding - OAEP() or // RSA OAEP padding - OtherPadding() - class PaddingAlgorithmNode extends AlgorithmNode, TPaddingAlgorithm { PaddingAlgorithmInstance instance; @@ -2293,23 +2045,9 @@ module CryptographyBase Input> { override LocatableElement asElement() { result = instance } - TPaddingType getPaddingType() { result = instance.getPaddingType() } + KeyOpAlg::PaddingSchemeType getPaddingType() { result = instance.getPaddingType() } - final private predicate paddingToNameMapping(TPaddingType type, string name) { - type = ANSI_X9_23() and name = "ANSI_X9_23" - or - type = NoPadding() and name = "NoPadding" - or - type = OAEP() and name = "OAEP" - or - type = PKCS1_v1_5() and name = "PKCS1_v1_5" - or - type = PKCS7() and name = "PKCS7" - or - type = PSS() and name = "PSS" - } - - override string getAlgorithmName() { this.paddingToNameMapping(this.getPaddingType(), result) } + override string getAlgorithmName() { result = this.getPaddingType().toString() } override string getRawAlgorithmName() { result = instance.getRawPaddingAlgorithmName() } } @@ -2354,14 +2092,10 @@ module CryptographyBase Input> { override string getInternalType() { result = "KeyOperationAlgorithm" } final KeyOpAlg::CipherStructureType getSymmetricCipherStructure() { - KeyOpAlg::symmetric_cipher_to_name_and_structure(this.getAlgorithmType() - .(KeyOpAlg::SymmetricCipherAlgorithm) - .getType(), _, result) + result = this.getAlgorithmType().(KeyOpAlg::SymmetricCipherAlgorithmType).getStructureType() } - final override string getAlgorithmName() { - KeyOpAlg::type_to_name(this.getAlgorithmType(), result) - } + final override string getAlgorithmName() { result = this.getAlgorithmType().toString() } final override string getRawAlgorithmName() { result = instance.asAlg().getRawAlgorithmName() } @@ -2371,7 +2105,7 @@ module CryptographyBase Input> { int getKeySizeFixed() { result = instance.asAlg().getKeySizeFixed() or - KeyOpAlg::fixedImplicitCipherKeySize(instance.asAlg().getAlgorithmType(), result) + result = instance.asAlg().getAlgorithmType().getImplicitKeySize() } /** @@ -2384,7 +2118,7 @@ module CryptographyBase Input> { /** * Gets the type of this key operation algorithm, e.g., "SymmetricEncryption(_)" or "" */ - KeyOpAlg::Algorithm getAlgorithmType() { result = instance.asAlg().getAlgorithmType() } + KeyOpAlg::AlgorithmType getAlgorithmType() { result = instance.asAlg().getAlgorithmType() } predicate isAsymmetric() { this.getAlgorithmType() instanceof KeyOpAlg::TAsymmetricCipher @@ -2490,24 +2224,6 @@ module CryptographyBase Input> { } } - newtype THashType = - BLAKE2B() or - BLAKE2S() or - GOSTHash() or - MD2() or - MD4() or - MD5() or - MDC2() or - POLY1305() or - SHA1() or - SHA2() or - SHA3() or - SHAKE() or - SM3() or - RIPEMD160() or - WHIRLPOOL() or - OtherHashType() - /** * A hashing algorithm that transforms variable-length input into a fixed-size hash value. */ @@ -2522,42 +2238,14 @@ module CryptographyBase Input> { override string getRawAlgorithmName() { result = instance.asAlg().getRawHashAlgorithmName() } - final private predicate hashTypeToNameMapping(THashType type, string name) { - type = BLAKE2B() and name = "BLAKE2B" - or - type = BLAKE2S() and name = "BLAKE2S" - or - type = RIPEMD160() and name = "RIPEMD160" - or - type = MD2() and name = "MD2" - or - type = MD4() and name = "MD4" - or - type = MD5() and name = "MD5" - or - type = POLY1305() and name = "POLY1305" - or - type = SHA1() and name = "SHA1" - or - type = SHA2() and name = "SHA2" - or - type = SHA3() and name = "SHA3" - or - type = SHAKE() and name = "SHAKE" - or - type = SM3() and name = "SM3" - or - type = WHIRLPOOL() and name = "WHIRLPOOL" - } - /** * Gets the type of this hashing algorithm, e.g., MD5 or SHA. * * When modeling a new hashing algorithm, use this predicate to specify the type of the algorithm. */ - THashType getHashFamily() { result = instance.asAlg().getHashFamily() } + HashType getHashFamily() { result = instance.asAlg().getHashFamily() } - override string getAlgorithmName() { this.hashTypeToNameMapping(this.getHashFamily(), result) } + override string getAlgorithmName() { result = this.getHashFamily().toString() } int getDigestLength() { result = instance.asAlg().getFixedDigestLength() or @@ -2577,116 +2265,6 @@ module CryptographyBase Input> { } } - /** - * Elliptic curve algorithms - */ - newtype TEllipticCurveType = - NIST() or - SEC() or - NUMS() or - PRIME() or - BRAINPOOL() or - CURVE25519() or - CURVE448() or - C2() or - SM2() or - ES() or - OtherEllipticCurveType() - - private predicate isBrainpoolCurve(string curveName, int keySize) { - // ALL BRAINPOOL CURVES - keySize in [160, 192, 224, 256, 320, 384, 512] and - ( - curveName = "BRAINPOOLP" + keySize + "R1" - or - curveName = "BRAINPOOLP" + keySize + "T1" - ) - } - - private predicate isSecCurve(string curveName, int keySize) { - // ALL SEC CURVES - keySize in [112, 113, 128, 131, 160, 163, 192, 193, 224, 233, 239, 256, 283, 384, 409, 521, 571] and - exists(string suff | suff in ["R1", "R2", "K1"] | - curveName = "SECT" + keySize + suff or - curveName = "SECP" + keySize + suff - ) - } - - private predicate isC2Curve(string curveName, int keySize) { - // ALL C2 CURVES - keySize in [163, 176, 191, 208, 239, 272, 304, 359, 368, 431] and - exists(string pre, string suff | - pre in ["PNB", "ONB", "TNB"] and suff in ["V1", "V2", "V3", "V4", "V5", "W1", "R1"] - | - curveName = "C2" + pre + keySize + suff - ) - } - - private predicate isPrimeCurve(string curveName, int keySize) { - // ALL PRIME CURVES - keySize in [192, 239, 256] and - exists(string suff | suff in ["V1", "V2", "V3"] | curveName = "PRIME" + keySize + suff) - } - - private predicate isNumsCurve(string curveName, int keySize) { - // ALL NUMS CURVES - keySize in [256, 384, 512] and - exists(string suff | suff = "T1" | curveName = "NUMSP" + keySize + suff) - } - - /** - * Holds if `name` corresponds to a known elliptic curve. - * - * Note: As an exception, this predicate may be used for library modeling, as curve names are largely standardized. - * - * When modeling, verify that this predicate offers sufficient coverage for the library and handle edge-cases. - */ - bindingset[curveName] - predicate isEllipticCurveAlgorithmName(string curveName) { - ellipticCurveNameToKeySizeAndFamilyMapping(curveName, _, _) - } - - /** - * Relates elliptic curve names to their key size and family. - * - * Note: As an exception, this predicate may be used for library modeling, as curve names are largely standardized. - * - * When modeling, verify that this predicate offers sufficient coverage for the library and handle edge-cases. - */ - bindingset[rawName] - predicate ellipticCurveNameToKeySizeAndFamilyMapping( - string rawName, int keySize, TEllipticCurveType curveFamily - ) { - exists(string curveName | curveName = rawName.toUpperCase() | - isSecCurve(curveName, keySize) and curveFamily = SEC() - or - isBrainpoolCurve(curveName, keySize) and curveFamily = BRAINPOOL() - or - isC2Curve(curveName, keySize) and curveFamily = C2() - or - isPrimeCurve(curveName, keySize) and curveFamily = PRIME() - or - isNumsCurve(curveName, keySize) and curveFamily = NUMS() - or - curveName = "ES256" and keySize = 256 and curveFamily = ES() - or - curveName = "CURVE25519" and keySize = 255 and curveFamily = CURVE25519() - or - curveName = "CURVE448" and keySize = 448 and curveFamily = CURVE448() - or - // TODO: separate these into key agreement logic or sign/verify (ECDSA / ECDH) - // or - // curveName = "X25519" and keySize = 255 and curveFamily = CURVE25519() - // or - // curveName = "ED25519" and keySize = 255 and curveFamily = CURVE25519() - // or - // curveName = "ED448" and keySize = 448 and curveFamily = CURVE448() - // or - // curveName = "X448" and keySize = 448 and curveFamily = CURVE448() - curveName = "SM2" and keySize in [256, 512] and curveFamily = SM2() - ) - } - final class EllipticCurveNode extends AlgorithmNode, TEllipticCurve { EllipticCurveInstanceOrValueConsumer instance; @@ -2712,7 +2290,9 @@ module CryptographyBase Input> { override string getAlgorithmName() { result = this.getRawAlgorithmName() } - TEllipticCurveType getEllipticCurveType() { result = instance.asAlg().getEllipticCurveType() } + EllipticCurveFamilyType getEllipticCurveFamilyType() { + result = instance.asAlg().getEllipticCurveFamilyType() + } override predicate properties(string key, string value, Location location) { super.properties(key, value, location) diff --git a/shared/quantum/codeql/quantum/experimental/Standardization.qll b/shared/quantum/codeql/quantum/experimental/Standardization.qll new file mode 100644 index 00000000000..4d90e7590ce --- /dev/null +++ b/shared/quantum/codeql/quantum/experimental/Standardization.qll @@ -0,0 +1,477 @@ +/** + * The `KeyOpAlg` module defines key operation algorithms types (e.g., symmetric ciphers, signatures, etc.) + * and provides mapping of those types to string names and structural properties. + */ +module Types { + module KeyOpAlg { + /** + * An algorithm used in key operations. + */ + newtype TAlgorithm = + TSymmetricCipher(TSymmetricCipherType t) or + TAsymmetricCipher(TAsymmetricCipherType t) or + TSignature(TSignatureAlgorithmType t) or + TKeyEncapsulation(TKemAlgorithmType t) or + TUnknownKeyOperationAlgorithmType() + + // Parameterized algorithm types + newtype TSymmetricCipherType = + AES() or + ARIA() or + BLOWFISH() or + CAMELLIA() or + CAST5() or + CHACHA20() or + DES() or + DESX() or + GOST() or + IDEA() or + KUZNYECHIK() or + MAGMA() or + TripleDES() or + DoubleDES() or + RC2() or + RC4() or + RC5() or + SEED() or + SM4() or + OtherSymmetricCipherType() + + newtype TAsymmetricCipherType = + RSA() or + OtherAsymmetricCipherType() + + newtype TSignatureAlgorithmType = + DSA() or + ECDSA() or + EDDSA() or // e.g., ED25519 or ED448 + OtherSignatureAlgorithmType() + + newtype TKemAlgorithmType = + Kyber() or + FrodoKEM() or + OtherKEMAlgorithmType() + + newtype TCipherStructureType = + Block() or + Stream() or + UnknownCipherStructureType() + + class CipherStructureType extends TCipherStructureType { + string toString() { + result = "Block" and this = Block() + or + result = "Stream" and this = Stream() + or + result = "Unknown" and this = UnknownCipherStructureType() + } + } + + private predicate symmetric_cipher_to_name_and_structure( + TSymmetricCipherType type, string name, CipherStructureType s + ) { + type = AES() and name = "AES" and s = Block() + or + type = ARIA() and name = "ARIA" and s = Block() + or + type = BLOWFISH() and name = "Blowfish" and s = Block() + or + type = CAMELLIA() and name = "Camellia" and s = Block() + or + type = CAST5() and name = "CAST5" and s = Block() + or + type = CHACHA20() and name = "ChaCha20" and s = Stream() + or + type = DES() and name = "DES" and s = Block() + or + type = DESX() and name = "DESX" and s = Block() + or + type = GOST() and name = "GOST" and s = Block() + or + type = IDEA() and name = "IDEA" and s = Block() + or + type = KUZNYECHIK() and name = "Kuznyechik" and s = Block() + or + type = MAGMA() and name = "Magma" and s = Block() + or + type = TripleDES() and name = "TripleDES" and s = Block() + or + type = DoubleDES() and name = "DoubleDES" and s = Block() + or + type = RC2() and name = "RC2" and s = Block() + or + type = RC4() and name = "RC4" and s = Stream() + or + type = RC5() and name = "RC5" and s = Block() + or + type = SEED() and name = "SEED" and s = Block() + or + type = SM4() and name = "SM4" and s = Block() + or + type = OtherSymmetricCipherType() and + name = "UnknownSymmetricCipher" and + s = UnknownCipherStructureType() + } + + class AlgorithmType extends TAlgorithm { + string toString() { + // Symmetric cipher algorithm + symmetric_cipher_to_name_and_structure(this.(SymmetricCipherAlgorithmType).getType(), + result, _) + or + // Asymmetric cipher algorithms + this = TAsymmetricCipher(RSA()) and result = "RSA" + or + this = TAsymmetricCipher(OtherAsymmetricCipherType()) and result = "UnknownAsymmetricCipher" + or + // Signature algorithms + this = TSignature(DSA()) and result = "DSA" + or + this = TSignature(ECDSA()) and result = "ECDSA" + or + this = TSignature(EDDSA()) and result = "EDSA" + or + this = TSignature(OtherSignatureAlgorithmType()) and result = "UnknownSignature" + or + // Key Encapsulation Mechanisms + this = TKeyEncapsulation(Kyber()) and result = "Kyber" + or + this = TKeyEncapsulation(FrodoKEM()) and result = "FrodoKEM" + or + this = TKeyEncapsulation(OtherKEMAlgorithmType()) and result = "UnknownKEM" + or + // Unknown + this = TUnknownKeyOperationAlgorithmType() and result = "Unknown" + } + + int getImplicitKeySize() { + this = TSymmetricCipher(DES()) and result = 56 + or + this = TSymmetricCipher(DESX()) and result = 184 + or + this = TSymmetricCipher(DoubleDES()) and result = 112 + or + this = TSymmetricCipher(TripleDES()) and result = 168 + or + this = TSymmetricCipher(CHACHA20()) and result = 256 + or + this = TSymmetricCipher(IDEA()) and result = 128 + or + this = TSymmetricCipher(KUZNYECHIK()) and result = 256 + or + this = TSymmetricCipher(MAGMA()) and result = 256 + or + this = TSymmetricCipher(SM4()) and result = 128 + or + this = TSymmetricCipher(SEED()) and result = 128 + } + } + + class SymmetricCipherAlgorithmType extends AlgorithmType, TSymmetricCipher { + TSymmetricCipherType type; + + SymmetricCipherAlgorithmType() { this = TSymmetricCipher(type) } + + TSymmetricCipherType getType() { result = type } + + TCipherStructureType getStructureType() { + symmetric_cipher_to_name_and_structure(type, _, result) + } + } + + class AsymmetricCipherAlgorithmType extends AlgorithmType, TAsymmetricCipher { + TAsymmetricCipherType type; + + AsymmetricCipherAlgorithmType() { this = TAsymmetricCipher(type) } + + TAsymmetricCipherType getType() { result = type } + } + + newtype TModeOfOperationType = + ECB() or // Not secure, widely used + CBC() or // Vulnerable to padding oracle attacks + CFB() or + GCM() or // Widely used AEAD mode (TLS 1.3, SSH, IPsec) + CTR() or // Fast stream-like encryption (SSH, disk encryption) + XTS() or // Standard for full-disk encryption (BitLocker, LUKS, FileVault) + CCM() or // Used in lightweight cryptography (IoT, WPA2) + SIV() or // Misuse-resistant encryption, used in secure storage + OCB() or // Efficient AEAD mode + OFB() or + OtherMode() + + class ModeOfOperationType extends TModeOfOperationType { + string toString() { + this = ECB() and result = "ECB" + or + this = CBC() and result = "CBC" + or + this = GCM() and result = "GCM" + or + this = CTR() and result = "CTR" + or + this = XTS() and result = "XTS" + or + this = CCM() and result = "CCM" + or + this = SIV() and result = "SIV" + or + this = OCB() and result = "OCB" + or + this = CFB() and result = "CFB" + or + this = OFB() and result = "OFB" + } + } + + newtype TPaddingSchemeType = + PKCS1_v1_5() or // RSA encryption/signing padding + PSS() or + PKCS7() or // Standard block cipher padding (PKCS5 for 8-byte blocks) + ANSI_X9_23() or // Zero-padding except last byte = padding length + NoPadding() or // Explicit no-padding + OAEP() or // RSA OAEP padding + OtherPadding() + + class PaddingSchemeType extends TPaddingSchemeType { + string toString() { + this = ANSI_X9_23() and result = "ANSI_X9_23" + or + this = NoPadding() and result = "NoPadding" + or + this = OAEP() and result = "OAEP" + or + this = PKCS1_v1_5() and result = "PKCS1_v1_5" + or + this = PKCS7() and result = "PKCS7" + or + this = PSS() and result = "PSS" + or + this = OtherPadding() and result = "UnknownPadding" + } + } + } + + newtype THashType = + BLAKE2B() or + BLAKE2S() or + GOSTHash() or + MD2() or + MD4() or + MD5() or + MDC2() or + POLY1305() or + SHA1() or + SHA2() or + SHA3() or + SHAKE() or + SM3() or + RIPEMD160() or + WHIRLPOOL() or + OtherHashType() + + class HashType extends THashType { + final string toString() { + this = BLAKE2B() and result = "BLAKE2B" + or + this = BLAKE2S() and result = "BLAKE2S" + or + this = RIPEMD160() and result = "RIPEMD160" + or + this = MD2() and result = "MD2" + or + this = MD4() and result = "MD4" + or + this = MD5() and result = "MD5" + or + this = POLY1305() and result = "POLY1305" + or + this = SHA1() and result = "SHA1" + or + this = SHA2() and result = "SHA2" + or + this = SHA3() and result = "SHA3" + or + this = SHAKE() and result = "SHAKE" + or + this = SM3() and result = "SM3" + or + this = WHIRLPOOL() and result = "WHIRLPOOL" + or + this = OtherHashType() and result = "UnknownHash" + } + } + + newtype TMacType = + HMAC() or + CMAC() or + OtherMacType() + + class MacType extends TMacType { + string toString() { + this = HMAC() and result = "HMAC" + or + this = CMAC() and result = "CMAC" + or + this = OtherMacType() and result = "UnknownMacType" + } + } + + // Key agreement algorithms + newtype TKeyAgreementType = + DH() or // Diffie-Hellman + EDH() or // Ephemeral Diffie-Hellman + ECDH() or // Elliptic Curve Diffie-Hellman + // NOTE: for now ESDH is considered simply EDH + //ESDH() or // Ephemeral-Static Diffie-Hellman + // Note: x25519 and x448 are applications of ECDH + OtherKeyAgreementType() + + class KeyAgreementType extends TKeyAgreementType { + string toString() { + this = DH() and result = "DH" + or + this = EDH() and result = "EDH" + or + this = ECDH() and result = "ECDH" + or + this = OtherKeyAgreementType() and result = "UnknownKeyAgreementType" + } + } + + /** + * Elliptic curve algorithms + */ + newtype TEllipticCurveFamilyType = + NIST() or + SEC() or + NUMS() or + PRIME() or + BRAINPOOL() or + CURVE25519() or + CURVE448() or + C2() or + SM2() or + ES() or + OtherEllipticCurveType() + + class EllipticCurveFamilyType extends TEllipticCurveFamilyType { + string toString() { + this = NIST() and result = "NIST" + or + this = SEC() and result = "SEC" + or + this = NUMS() and result = "NUMS" + or + this = PRIME() and result = "PRIME" + or + this = BRAINPOOL() and result = "BRAINPOOL" + or + this = CURVE25519() and result = "CURVE25519" + or + this = CURVE448() and result = "CURVE448" + or + this = C2() and result = "C2" + or + this = SM2() and result = "SM2" + or + this = ES() and result = "ES" + or + this = OtherEllipticCurveType() and result = "UnknownEllipticCurveType" + } + } + + private predicate isBrainpoolCurve(string curveName, int keySize) { + // ALL BRAINPOOL CURVES + keySize in [160, 192, 224, 256, 320, 384, 512] and + ( + curveName = "BRAINPOOLP" + keySize + "R1" + or + curveName = "BRAINPOOLP" + keySize + "T1" + ) + } + + private predicate isSecCurve(string curveName, int keySize) { + // ALL SEC CURVES + keySize in [112, 113, 128, 131, 160, 163, 192, 193, 224, 233, 239, 256, 283, 384, 409, 521, 571] and + exists(string suff | suff in ["R1", "R2", "K1"] | + curveName = "SECT" + keySize + suff or + curveName = "SECP" + keySize + suff + ) + } + + private predicate isC2Curve(string curveName, int keySize) { + // ALL C2 CURVES + keySize in [163, 176, 191, 208, 239, 272, 304, 359, 368, 431] and + exists(string pre, string suff | + pre in ["PNB", "ONB", "TNB"] and suff in ["V1", "V2", "V3", "V4", "V5", "W1", "R1"] + | + curveName = "C2" + pre + keySize + suff + ) + } + + private predicate isPrimeCurve(string curveName, int keySize) { + // ALL PRIME CURVES + keySize in [192, 239, 256] and + exists(string suff | suff in ["V1", "V2", "V3"] | curveName = "PRIME" + keySize + suff) + } + + private predicate isNumsCurve(string curveName, int keySize) { + // ALL NUMS CURVES + keySize in [256, 384, 512] and + exists(string suff | suff = "T1" | curveName = "NUMSP" + keySize + suff) + } + + /** + * Holds if `name` corresponds to a known elliptic curve. + * + * Note: As an exception, this predicate may be used for library modeling, as curve names are largely standardized. + * + * When modeling, verify that this predicate offers sufficient coverage for the library and handle edge-cases. + */ + bindingset[curveName] + predicate isEllipticCurveAlgorithmName(string curveName) { + ellipticCurveNameToKnownKeySizeAndFamilyMapping(curveName, _, _) + } + + /** + * Relates elliptic curve names to their key size and family. + * + * Note: As an exception, this predicate may be used for library modeling, as curve names are largely standardized. + * + * When modeling, verify that this predicate offers sufficient coverage for the library and handle edge-cases. + */ + bindingset[rawName] + predicate ellipticCurveNameToKnownKeySizeAndFamilyMapping( + string rawName, int keySize, TEllipticCurveFamilyType curveFamily + ) { + exists(string curveName | curveName = rawName.toUpperCase() | + isSecCurve(curveName, keySize) and curveFamily = SEC() + or + isBrainpoolCurve(curveName, keySize) and curveFamily = BRAINPOOL() + or + isC2Curve(curveName, keySize) and curveFamily = C2() + or + isPrimeCurve(curveName, keySize) and curveFamily = PRIME() + or + isNumsCurve(curveName, keySize) and curveFamily = NUMS() + or + curveName = "ES256" and keySize = 256 and curveFamily = ES() + or + curveName = "CURVE25519" and keySize = 255 and curveFamily = CURVE25519() + or + curveName = "CURVE448" and keySize = 448 and curveFamily = CURVE448() + or + // TODO: separate these into key agreement logic or sign/verify (ECDSA / ECDH) + // or + // curveName = "X25519" and keySize = 255 and curveFamily = CURVE25519() + // or + // curveName = "ED25519" and keySize = 255 and curveFamily = CURVE25519() + // or + // curveName = "ED448" and keySize = 448 and curveFamily = CURVE448() + // or + // curveName = "X448" and keySize = 448 and curveFamily = CURVE448() + curveName = "SM2" and keySize in [256, 512] and curveFamily = SM2() + ) + } +} From b8097501b65a363af063e2be52be5d1bbe63d15c Mon Sep 17 00:00:00 2001 From: Nicolas Will Date: Wed, 25 Jun 2025 20:12:51 +0200 Subject: [PATCH 070/111] Update cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/KnownAlgorithmConstants.qll Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- .../OpenSSL/AlgorithmInstances/KnownAlgorithmConstants.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/KnownAlgorithmConstants.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/KnownAlgorithmConstants.qll index aa3ce0cc21c..4328253f1a4 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/KnownAlgorithmConstants.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/KnownAlgorithmConstants.qll @@ -210,7 +210,7 @@ string getAlgorithmAlias(string alias) { } /** - * Holds for aliases of known alagorithms defined by users + * Holds for aliases of known algorithms defined by users * (through obj_name_add and various macros pointing to this function). * * The `target` and `alias` are converted to lowercase to be of a standard form. From 8e6031df143ed9b8eb944a4e4971e9ebead78703 Mon Sep 17 00:00:00 2001 From: Nicolas Will Date: Wed, 25 Jun 2025 20:25:33 +0200 Subject: [PATCH 071/111] Crypto: Fix further acronym casing and remove unused field --- .../CipherAlgorithmInstance.qll | 4 +-- .../HashAlgorithmInstance.qll | 2 +- .../PaddingAlgorithmInstance.qll | 4 +-- java/ql/lib/experimental/quantum/JCA.qll | 6 ++-- .../quantum/experimental/Standardization.qll | 30 +++++++++---------- 5 files changed, 22 insertions(+), 24 deletions(-) diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/CipherAlgorithmInstance.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/CipherAlgorithmInstance.qll index 5ce8f1f53cb..47ffd67924a 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/CipherAlgorithmInstance.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/CipherAlgorithmInstance.qll @@ -33,9 +33,9 @@ predicate knownOpenSslConstantToCipherFamilyType( or name.matches("CAST5%") and type = KeyOpAlg::TSymmetricCipher(KeyOpAlg::CAST5()) or - name.matches("2DES%") and type = KeyOpAlg::TSymmetricCipher(KeyOpAlg::DoubleDES()) + name.matches("2DES%") and type = KeyOpAlg::TSymmetricCipher(KeyOpAlg::DOUBLE_DES()) or - name.matches("3DES%") and type = KeyOpAlg::TSymmetricCipher(KeyOpAlg::TripleDES()) + name.matches("3DES%") and type = KeyOpAlg::TSymmetricCipher(KeyOpAlg::TRIPLE_DES()) or name.matches("DES%") and type = KeyOpAlg::TSymmetricCipher(KeyOpAlg::DES()) or diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/HashAlgorithmInstance.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/HashAlgorithmInstance.qll index 489b56f2004..2be84b68f61 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/HashAlgorithmInstance.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/HashAlgorithmInstance.qll @@ -15,7 +15,7 @@ predicate knownOpenSslConstantToHashFamilyType( or name = "BLAKE2S" and type instanceof Crypto::BLAKE2S or - name.matches("GOST%") and type instanceof Crypto::GOSTHash + name.matches("GOST%") and type instanceof Crypto::GOST_HASH or name = "MD2" and type instanceof Crypto::MD2 or diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/PaddingAlgorithmInstance.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/PaddingAlgorithmInstance.qll index eeb31f29926..d487e05d066 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/PaddingAlgorithmInstance.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/PaddingAlgorithmInstance.qll @@ -40,7 +40,7 @@ predicate knownOpenSslConstantToPaddingFamilyType( or name = "PKCS7" and type = KeyOpAlg::PKCS7() or - name = "PKCS1V15" and type = KeyOpAlg::PKCS1_v1_5() + name = "PKCS1V15" and type = KeyOpAlg::PKCS1_V1_5() ) ) } @@ -100,7 +100,7 @@ class KnownOpenSslPaddingConstantAlgorithmInstance extends OpenSslAlgorithmInsta override OpenSslAlgorithmValueConsumer getAvc() { result = getterCall } KeyOpAlg::PaddingSchemeType getKnownPaddingType() { - this.(Literal).getValue().toInt() in [1, 7, 8] and result = KeyOpAlg::PKCS1_v1_5() + this.(Literal).getValue().toInt() in [1, 7, 8] and result = KeyOpAlg::PKCS1_V1_5() or this.(Literal).getValue().toInt() = 3 and result = KeyOpAlg::NoPadding() or diff --git a/java/ql/lib/experimental/quantum/JCA.qll b/java/ql/lib/experimental/quantum/JCA.qll index 56a57e4298d..9acb6b40e2c 100644 --- a/java/ql/lib/experimental/quantum/JCA.qll +++ b/java/ql/lib/experimental/quantum/JCA.qll @@ -180,7 +180,7 @@ module JCAModel { type = KeyOpAlg::TSymmetricCipher(KeyOpAlg::DES()) or upper = "TRIPLEDES" and - type = KeyOpAlg::TSymmetricCipher(KeyOpAlg::TripleDES()) + type = KeyOpAlg::TSymmetricCipher(KeyOpAlg::TRIPLE_DES()) or upper = "IDEA" and type = KeyOpAlg::TSymmetricCipher(KeyOpAlg::IDEA()) @@ -1522,9 +1522,7 @@ module JCAModel { } class MacGetInstanceAlgorithmValueConsumer extends Crypto::AlgorithmValueConsumer { - MacGetInstanceCall call; - - MacGetInstanceAlgorithmValueConsumer() { this = call.getAlgorithmArg() } + MacGetInstanceAlgorithmValueConsumer() { this = any(MacGetInstanceCall c).getAlgorithmArg() } override Crypto::ConsumerInputDataFlowNode getInputNode() { result.asExpr() = this } diff --git a/shared/quantum/codeql/quantum/experimental/Standardization.qll b/shared/quantum/codeql/quantum/experimental/Standardization.qll index 4d90e7590ce..962f6458b39 100644 --- a/shared/quantum/codeql/quantum/experimental/Standardization.qll +++ b/shared/quantum/codeql/quantum/experimental/Standardization.qll @@ -28,8 +28,8 @@ module Types { IDEA() or KUZNYECHIK() or MAGMA() or - TripleDES() or - DoubleDES() or + TRIPLE_DES() or + DOUBLE_DES() or RC2() or RC4() or RC5() or @@ -48,9 +48,9 @@ module Types { OtherSignatureAlgorithmType() newtype TKemAlgorithmType = - Kyber() or - FrodoKEM() or - OtherKEMAlgorithmType() + KYBER() or + FRODO_KEM() or + OtherKemAlgorithmType() newtype TCipherStructureType = Block() or @@ -94,9 +94,9 @@ module Types { or type = MAGMA() and name = "Magma" and s = Block() or - type = TripleDES() and name = "TripleDES" and s = Block() + type = TRIPLE_DES() and name = "TripleDES" and s = Block() or - type = DoubleDES() and name = "DoubleDES" and s = Block() + type = DOUBLE_DES() and name = "DoubleDES" and s = Block() or type = RC2() and name = "RC2" and s = Block() or @@ -134,11 +134,11 @@ module Types { this = TSignature(OtherSignatureAlgorithmType()) and result = "UnknownSignature" or // Key Encapsulation Mechanisms - this = TKeyEncapsulation(Kyber()) and result = "Kyber" + this = TKeyEncapsulation(KYBER()) and result = "Kyber" or - this = TKeyEncapsulation(FrodoKEM()) and result = "FrodoKEM" + this = TKeyEncapsulation(FRODO_KEM()) and result = "FrodoKEM" or - this = TKeyEncapsulation(OtherKEMAlgorithmType()) and result = "UnknownKEM" + this = TKeyEncapsulation(OtherKemAlgorithmType()) and result = "UnknownKEM" or // Unknown this = TUnknownKeyOperationAlgorithmType() and result = "Unknown" @@ -149,9 +149,9 @@ module Types { or this = TSymmetricCipher(DESX()) and result = 184 or - this = TSymmetricCipher(DoubleDES()) and result = 112 + this = TSymmetricCipher(DOUBLE_DES()) and result = 112 or - this = TSymmetricCipher(TripleDES()) and result = 168 + this = TSymmetricCipher(TRIPLE_DES()) and result = 168 or this = TSymmetricCipher(CHACHA20()) and result = 256 or @@ -225,7 +225,7 @@ module Types { } newtype TPaddingSchemeType = - PKCS1_v1_5() or // RSA encryption/signing padding + PKCS1_V1_5() or // RSA encryption/signing padding PSS() or PKCS7() or // Standard block cipher padding (PKCS5 for 8-byte blocks) ANSI_X9_23() or // Zero-padding except last byte = padding length @@ -241,7 +241,7 @@ module Types { or this = OAEP() and result = "OAEP" or - this = PKCS1_v1_5() and result = "PKCS1_v1_5" + this = PKCS1_V1_5() and result = "PKCS1_v1_5" or this = PKCS7() and result = "PKCS7" or @@ -255,7 +255,7 @@ module Types { newtype THashType = BLAKE2B() or BLAKE2S() or - GOSTHash() or + GOST_HASH() or MD2() or MD4() or MD5() or From ad7358ac4ff36f00f6858e45f1b36fff7b3ae985 Mon Sep 17 00:00:00 2001 From: Nicolas Will Date: Wed, 25 Jun 2025 20:26:38 +0200 Subject: [PATCH 072/111] Crypto: Deduplicate "GCM" mapping from OpenSSL modeling --- .../OpenSSL/AlgorithmInstances/BlockAlgorithmInstance.qll | 2 -- 1 file changed, 2 deletions(-) diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/BlockAlgorithmInstance.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/BlockAlgorithmInstance.qll index cf595ff1e83..4bd4b449766 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/BlockAlgorithmInstance.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/BlockAlgorithmInstance.qll @@ -31,8 +31,6 @@ predicate knownOpenSslConstantToBlockModeFamilyType( or name = "CCM" and type instanceof KeyOpAlg::CCM or - name = "GCM" and type instanceof KeyOpAlg::GCM - or name = "CCM" and type instanceof KeyOpAlg::CCM or name = "ECB" and type instanceof KeyOpAlg::ECB From 98479ff6c3b4a1a0230c749ed5a154385e560474 Mon Sep 17 00:00:00 2001 From: Nicolas Will Date: Wed, 25 Jun 2025 20:34:26 +0200 Subject: [PATCH 073/111] Crypto: Update queries to use new type names --- java/ql/src/experimental/quantum/Examples/TestAESGCMNonce.ql | 2 +- .../quantum/InventorySlices/KnownAsymmetricCipherAlgorithm.ql | 2 +- .../quantum/InventorySlices/KnownCipherAlgorithm.ql | 4 ++-- .../quantum/InventorySlices/KnownSymmetricCipherAlgorithm.ql | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/java/ql/src/experimental/quantum/Examples/TestAESGCMNonce.ql b/java/ql/src/experimental/quantum/Examples/TestAESGCMNonce.ql index 096cfa82216..4c25f5d7beb 100644 --- a/java/ql/src/experimental/quantum/Examples/TestAESGCMNonce.ql +++ b/java/ql/src/experimental/quantum/Examples/TestAESGCMNonce.ql @@ -7,7 +7,7 @@ import experimental.quantum.Language class AESGCMAlgorithmNode extends Crypto::KeyOperationAlgorithmNode { AESGCMAlgorithmNode() { this.getAlgorithmType() = Crypto::KeyOpAlg::TSymmetricCipher(Crypto::KeyOpAlg::AES()) and - this.getModeOfOperation().getModeType() = Crypto::GCM() + this.getModeOfOperation().getModeType() = Crypto::KeyOpAlg::GCM() } } diff --git a/java/ql/src/experimental/quantum/InventorySlices/KnownAsymmetricCipherAlgorithm.ql b/java/ql/src/experimental/quantum/InventorySlices/KnownAsymmetricCipherAlgorithm.ql index 69643d92cd2..ab4a2e72e5a 100644 --- a/java/ql/src/experimental/quantum/InventorySlices/KnownAsymmetricCipherAlgorithm.ql +++ b/java/ql/src/experimental/quantum/InventorySlices/KnownAsymmetricCipherAlgorithm.ql @@ -11,5 +11,5 @@ import java import experimental.quantum.Language from Crypto::KeyOperationAlgorithmNode a -where a.getAlgorithmType() instanceof Crypto::KeyOpAlg::AsymmetricCipherAlgorithm +where a.getAlgorithmType() instanceof Crypto::KeyOpAlg::AsymmetricCipherAlgorithmType select a, a.getAlgorithmName() diff --git a/java/ql/src/experimental/quantum/InventorySlices/KnownCipherAlgorithm.ql b/java/ql/src/experimental/quantum/InventorySlices/KnownCipherAlgorithm.ql index da3371a59b3..e8c83912617 100644 --- a/java/ql/src/experimental/quantum/InventorySlices/KnownCipherAlgorithm.ql +++ b/java/ql/src/experimental/quantum/InventorySlices/KnownCipherAlgorithm.ql @@ -13,6 +13,6 @@ import experimental.quantum.Language // TODO: should there be a cipher algorithm node? from Crypto::KeyOperationAlgorithmNode a where - a.getAlgorithmType() instanceof Crypto::KeyOpAlg::AsymmetricCipherAlgorithm or - a.getAlgorithmType() instanceof Crypto::KeyOpAlg::SymmetricCipherAlgorithm + a.getAlgorithmType() instanceof Crypto::KeyOpAlg::AsymmetricCipherAlgorithmType or + a.getAlgorithmType() instanceof Crypto::KeyOpAlg::SymmetricCipherAlgorithmType select a, a.getAlgorithmName() diff --git a/java/ql/src/experimental/quantum/InventorySlices/KnownSymmetricCipherAlgorithm.ql b/java/ql/src/experimental/quantum/InventorySlices/KnownSymmetricCipherAlgorithm.ql index e4a8d3ff867..7f2d550da74 100644 --- a/java/ql/src/experimental/quantum/InventorySlices/KnownSymmetricCipherAlgorithm.ql +++ b/java/ql/src/experimental/quantum/InventorySlices/KnownSymmetricCipherAlgorithm.ql @@ -11,5 +11,5 @@ import java import experimental.quantum.Language from Crypto::KeyOperationAlgorithmNode a -where a.getAlgorithmType() instanceof Crypto::KeyOpAlg::SymmetricCipherAlgorithm +where a.getAlgorithmType() instanceof Crypto::KeyOpAlg::SymmetricCipherAlgorithmType select a, a.getAlgorithmName() From 7477471bc5f21b7ea0ba93d2d36c1843a4814a82 Mon Sep 17 00:00:00 2001 From: "REDMOND\\brodes" Date: Wed, 25 Jun 2025 15:25:51 -0400 Subject: [PATCH 074/111] Crypto: Bug fix in output model --- .../quantum/OpenSSL/Operations/CipherOperation.qll | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/CipherOperation.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/CipherOperation.qll index 0248d86228b..96af476117b 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/CipherOperation.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/CipherOperation.qll @@ -181,7 +181,7 @@ class EvpCipherCall extends EvpCipherOperationFinalStep { } override DataFlow::Node getOutput(IOType type) { - super.getInput(type) = result + super.getOutput(type) = result or result.asExpr() = this.getArgument(1) and type = CiphertextIO() } @@ -199,7 +199,7 @@ class EvpCipherFinalCall extends EvpCipherOperationFinalStep { } override DataFlow::Node getOutput(IOType type) { - super.getInput(type) = result + super.getOutput(type) = result or result.asDefiningArgument() = this.getArgument(1) and type = CiphertextIO() @@ -224,7 +224,7 @@ class EvpPKeyCipherOperation extends EvpCipherOperationFinalStep { } override DataFlow::Node getOutput(IOType type) { - super.getInput(type) = result + super.getOutput(type) = result or result.asExpr() = this.getArgument(1) and type = CiphertextIO() // TODO: could indicate text lengths here, as well From a4ed5da50b69cc2bc83376acdbdb833941957dcc Mon Sep 17 00:00:00 2001 From: Tom Hvitved Date: Wed, 25 Jun 2025 21:17:12 +0200 Subject: [PATCH 075/111] Rust: Add data flow tests involving traits --- .../PathResolutionConsistency.expected | 2 +- .../dataflow/global/inline-flow.expected | 401 ++++++++++-------- .../library-tests/dataflow/global/main.rs | 79 +++- .../dataflow/global/viableCallable.expected | 154 ++++--- 4 files changed, 368 insertions(+), 268 deletions(-) diff --git a/rust/ql/test/library-tests/dataflow/global/CONSISTENCY/PathResolutionConsistency.expected b/rust/ql/test/library-tests/dataflow/global/CONSISTENCY/PathResolutionConsistency.expected index 9ba640cff8d..85ca3c35e7c 100644 --- a/rust/ql/test/library-tests/dataflow/global/CONSISTENCY/PathResolutionConsistency.expected +++ b/rust/ql/test/library-tests/dataflow/global/CONSISTENCY/PathResolutionConsistency.expected @@ -1,2 +1,2 @@ multipleCallTargets -| main.rs:225:14:225:29 | ...::deref(...) | +| main.rs:272:14:272:29 | ...::deref(...) | diff --git a/rust/ql/test/library-tests/dataflow/global/inline-flow.expected b/rust/ql/test/library-tests/dataflow/global/inline-flow.expected index 451d5996de5..6d1d75c74da 100644 --- a/rust/ql/test/library-tests/dataflow/global/inline-flow.expected +++ b/rust/ql/test/library-tests/dataflow/global/inline-flow.expected @@ -48,85 +48,100 @@ edges | main.rs:86:13:86:27 | pass_through(...) | main.rs:86:9:86:9 | b | provenance | | | main.rs:86:26:86:26 | a | main.rs:82:21:82:26 | ...: i64 | provenance | | | main.rs:86:26:86:26 | a | main.rs:86:13:86:27 | pass_through(...) | provenance | | -| main.rs:98:22:98:27 | ...: i64 | main.rs:99:14:99:14 | n | provenance | | -| main.rs:102:30:108:5 | { ... } | main.rs:121:13:121:25 | mn.get_data() | provenance | | -| main.rs:106:13:106:21 | source(...) | main.rs:102:30:108:5 | { ... } | provenance | | -| main.rs:110:27:110:32 | ...: i64 | main.rs:110:42:116:5 | { ... } | provenance | | -| main.rs:121:9:121:9 | a | main.rs:122:10:122:10 | a | provenance | | -| main.rs:121:13:121:25 | mn.get_data() | main.rs:121:9:121:9 | a | provenance | | -| main.rs:127:9:127:9 | a | main.rs:128:16:128:16 | a | provenance | | -| main.rs:127:13:127:21 | source(...) | main.rs:127:9:127:9 | a | provenance | | -| main.rs:128:16:128:16 | a | main.rs:98:22:98:27 | ...: i64 | provenance | | -| main.rs:133:9:133:9 | a | main.rs:134:29:134:29 | a | provenance | | -| main.rs:133:13:133:21 | source(...) | main.rs:133:9:133:9 | a | provenance | | -| main.rs:134:9:134:9 | b | main.rs:135:10:135:10 | b | provenance | | -| main.rs:134:13:134:30 | mn.data_through(...) | main.rs:134:9:134:9 | b | provenance | | -| main.rs:134:29:134:29 | a | main.rs:110:27:110:32 | ...: i64 | provenance | | -| main.rs:134:29:134:29 | a | main.rs:134:13:134:30 | mn.data_through(...) | provenance | | -| main.rs:140:9:140:9 | a | main.rs:141:25:141:25 | a | provenance | | -| main.rs:140:13:140:21 | source(...) | main.rs:140:9:140:9 | a | provenance | | -| main.rs:141:25:141:25 | a | main.rs:98:22:98:27 | ...: i64 | provenance | | -| main.rs:146:9:146:9 | a | main.rs:147:38:147:38 | a | provenance | | -| main.rs:146:13:146:22 | source(...) | main.rs:146:9:146:9 | a | provenance | | -| main.rs:147:9:147:9 | b | main.rs:148:10:148:10 | b | provenance | | -| main.rs:147:13:147:39 | ...::data_through(...) | main.rs:147:9:147:9 | b | provenance | | -| main.rs:147:38:147:38 | a | main.rs:110:27:110:32 | ...: i64 | provenance | | -| main.rs:147:38:147:38 | a | main.rs:147:13:147:39 | ...::data_through(...) | provenance | | -| main.rs:159:12:159:17 | ...: i64 | main.rs:160:24:160:24 | n | provenance | | -| main.rs:160:9:160:26 | MyInt {...} [MyInt] | main.rs:159:28:161:5 | { ... } [MyInt] | provenance | | -| main.rs:160:24:160:24 | n | main.rs:160:9:160:26 | MyInt {...} [MyInt] | provenance | | -| main.rs:165:9:165:9 | n [MyInt] | main.rs:166:9:166:26 | MyInt {...} [MyInt] | provenance | | -| main.rs:165:13:165:34 | ...::new(...) [MyInt] | main.rs:165:9:165:9 | n [MyInt] | provenance | | -| main.rs:165:24:165:33 | source(...) | main.rs:159:12:159:17 | ...: i64 | provenance | | -| main.rs:165:24:165:33 | source(...) | main.rs:165:13:165:34 | ...::new(...) [MyInt] | provenance | | -| main.rs:166:9:166:26 | MyInt {...} [MyInt] | main.rs:166:24:166:24 | m | provenance | | -| main.rs:166:24:166:24 | m | main.rs:167:10:167:10 | m | provenance | | -| main.rs:173:12:173:15 | SelfParam [MyInt] | main.rs:175:24:175:27 | self [MyInt] | provenance | | -| main.rs:175:9:175:35 | MyInt {...} [MyInt] | main.rs:173:42:176:5 | { ... } [MyInt] | provenance | | -| main.rs:175:24:175:27 | self [MyInt] | main.rs:175:24:175:33 | self.value | provenance | | -| main.rs:175:24:175:33 | self.value | main.rs:175:9:175:35 | MyInt {...} [MyInt] | provenance | | -| main.rs:195:9:195:9 | a [MyInt] | main.rs:197:13:197:13 | a [MyInt] | provenance | | -| main.rs:195:13:195:38 | MyInt {...} [MyInt] | main.rs:195:9:195:9 | a [MyInt] | provenance | | -| main.rs:195:28:195:36 | source(...) | main.rs:195:13:195:38 | MyInt {...} [MyInt] | provenance | | -| main.rs:197:9:197:9 | c [MyInt] | main.rs:198:10:198:10 | c [MyInt] | provenance | | -| main.rs:197:13:197:13 | a [MyInt] | main.rs:173:12:173:15 | SelfParam [MyInt] | provenance | | -| main.rs:197:13:197:13 | a [MyInt] | main.rs:197:13:197:17 | ... + ... [MyInt] | provenance | | -| main.rs:197:13:197:17 | ... + ... [MyInt] | main.rs:197:9:197:9 | c [MyInt] | provenance | | -| main.rs:198:10:198:10 | c [MyInt] | main.rs:198:10:198:16 | c.value | provenance | | -| main.rs:205:9:205:9 | a [MyInt] | main.rs:173:12:173:15 | SelfParam [MyInt] | provenance | | -| main.rs:205:9:205:9 | a [MyInt] | main.rs:207:13:207:20 | a.add(...) [MyInt] | provenance | | -| main.rs:205:13:205:38 | MyInt {...} [MyInt] | main.rs:205:9:205:9 | a [MyInt] | provenance | | -| main.rs:205:28:205:36 | source(...) | main.rs:205:13:205:38 | MyInt {...} [MyInt] | provenance | | -| main.rs:207:9:207:9 | d [MyInt] | main.rs:208:10:208:10 | d [MyInt] | provenance | | -| main.rs:207:13:207:20 | a.add(...) [MyInt] | main.rs:207:9:207:9 | d [MyInt] | provenance | | -| main.rs:208:10:208:10 | d [MyInt] | main.rs:208:10:208:16 | d.value | provenance | | -| main.rs:242:18:242:21 | SelfParam [MyInt] | main.rs:242:48:244:5 | { ... } [MyInt] | provenance | | -| main.rs:246:26:246:37 | ...: MyInt [MyInt] | main.rs:246:49:248:5 | { ... } [MyInt] | provenance | | -| main.rs:252:9:252:9 | a [MyInt] | main.rs:254:49:254:49 | a [MyInt] | provenance | | +| main.rs:104:22:104:27 | ...: i64 | main.rs:105:14:105:14 | n | provenance | | +| main.rs:108:30:110:5 | { ... } | main.rs:138:13:138:25 | mn.get_data() | provenance | | +| main.rs:109:35:109:43 | source(...) | main.rs:108:30:110:5 | { ... } | provenance | | +| main.rs:112:27:112:32 | ...: i64 | main.rs:112:42:114:5 | { ... } | provenance | | +| main.rs:118:28:118:33 | ...: i64 | main.rs:119:14:119:14 | n | provenance | | +| main.rs:122:36:124:5 | { ... } | main.rs:142:13:142:31 | mn.get_data_trait() | provenance | | +| main.rs:123:35:123:44 | source(...) | main.rs:122:36:124:5 | { ... } | provenance | | +| main.rs:126:33:126:38 | ...: i64 | main.rs:126:48:128:5 | { ... } | provenance | | +| main.rs:138:9:138:9 | a | main.rs:139:10:139:10 | a | provenance | | +| main.rs:138:13:138:25 | mn.get_data() | main.rs:138:9:138:9 | a | provenance | | +| main.rs:142:9:142:9 | a | main.rs:143:10:143:10 | a | provenance | | +| main.rs:142:13:142:31 | mn.get_data_trait() | main.rs:142:9:142:9 | a | provenance | | +| main.rs:155:9:155:9 | a | main.rs:156:16:156:16 | a | provenance | | +| main.rs:155:13:155:21 | source(...) | main.rs:155:9:155:9 | a | provenance | | +| main.rs:156:16:156:16 | a | main.rs:104:22:104:27 | ...: i64 | provenance | | +| main.rs:159:9:159:9 | a | main.rs:160:22:160:22 | a | provenance | | +| main.rs:159:13:159:22 | source(...) | main.rs:159:9:159:9 | a | provenance | | +| main.rs:160:22:160:22 | a | main.rs:118:28:118:33 | ...: i64 | provenance | | +| main.rs:173:9:173:9 | a | main.rs:174:29:174:29 | a | provenance | | +| main.rs:173:13:173:21 | source(...) | main.rs:173:9:173:9 | a | provenance | | +| main.rs:174:9:174:9 | b | main.rs:175:10:175:10 | b | provenance | | +| main.rs:174:13:174:30 | mn.data_through(...) | main.rs:174:9:174:9 | b | provenance | | +| main.rs:174:29:174:29 | a | main.rs:112:27:112:32 | ...: i64 | provenance | | +| main.rs:174:29:174:29 | a | main.rs:174:13:174:30 | mn.data_through(...) | provenance | | +| main.rs:178:9:178:9 | a | main.rs:179:35:179:35 | a | provenance | | +| main.rs:178:13:178:22 | source(...) | main.rs:178:9:178:9 | a | provenance | | +| main.rs:179:9:179:9 | b | main.rs:180:10:180:10 | b | provenance | | +| main.rs:179:13:179:36 | mn.data_through_trait(...) | main.rs:179:9:179:9 | b | provenance | | +| main.rs:179:35:179:35 | a | main.rs:126:33:126:38 | ...: i64 | provenance | | +| main.rs:179:35:179:35 | a | main.rs:179:13:179:36 | mn.data_through_trait(...) | provenance | | +| main.rs:187:9:187:9 | a | main.rs:188:25:188:25 | a | provenance | | +| main.rs:187:13:187:21 | source(...) | main.rs:187:9:187:9 | a | provenance | | +| main.rs:188:25:188:25 | a | main.rs:104:22:104:27 | ...: i64 | provenance | | +| main.rs:193:9:193:9 | a | main.rs:194:38:194:38 | a | provenance | | +| main.rs:193:13:193:22 | source(...) | main.rs:193:9:193:9 | a | provenance | | +| main.rs:194:9:194:9 | b | main.rs:195:10:195:10 | b | provenance | | +| main.rs:194:13:194:39 | ...::data_through(...) | main.rs:194:9:194:9 | b | provenance | | +| main.rs:194:38:194:38 | a | main.rs:112:27:112:32 | ...: i64 | provenance | | +| main.rs:194:38:194:38 | a | main.rs:194:13:194:39 | ...::data_through(...) | provenance | | +| main.rs:206:12:206:17 | ...: i64 | main.rs:207:24:207:24 | n | provenance | | +| main.rs:207:9:207:26 | MyInt {...} [MyInt] | main.rs:206:28:208:5 | { ... } [MyInt] | provenance | | +| main.rs:207:24:207:24 | n | main.rs:207:9:207:26 | MyInt {...} [MyInt] | provenance | | +| main.rs:212:9:212:9 | n [MyInt] | main.rs:213:9:213:26 | MyInt {...} [MyInt] | provenance | | +| main.rs:212:13:212:34 | ...::new(...) [MyInt] | main.rs:212:9:212:9 | n [MyInt] | provenance | | +| main.rs:212:24:212:33 | source(...) | main.rs:206:12:206:17 | ...: i64 | provenance | | +| main.rs:212:24:212:33 | source(...) | main.rs:212:13:212:34 | ...::new(...) [MyInt] | provenance | | +| main.rs:213:9:213:26 | MyInt {...} [MyInt] | main.rs:213:24:213:24 | m | provenance | | +| main.rs:213:24:213:24 | m | main.rs:214:10:214:10 | m | provenance | | +| main.rs:220:12:220:15 | SelfParam [MyInt] | main.rs:222:24:222:27 | self [MyInt] | provenance | | +| main.rs:222:9:222:35 | MyInt {...} [MyInt] | main.rs:220:42:223:5 | { ... } [MyInt] | provenance | | +| main.rs:222:24:222:27 | self [MyInt] | main.rs:222:24:222:33 | self.value | provenance | | +| main.rs:222:24:222:33 | self.value | main.rs:222:9:222:35 | MyInt {...} [MyInt] | provenance | | +| main.rs:242:9:242:9 | a [MyInt] | main.rs:244:13:244:13 | a [MyInt] | provenance | | +| main.rs:242:13:242:38 | MyInt {...} [MyInt] | main.rs:242:9:242:9 | a [MyInt] | provenance | | +| main.rs:242:28:242:36 | source(...) | main.rs:242:13:242:38 | MyInt {...} [MyInt] | provenance | | +| main.rs:244:9:244:9 | c [MyInt] | main.rs:245:10:245:10 | c [MyInt] | provenance | | +| main.rs:244:13:244:13 | a [MyInt] | main.rs:220:12:220:15 | SelfParam [MyInt] | provenance | | +| main.rs:244:13:244:13 | a [MyInt] | main.rs:244:13:244:17 | ... + ... [MyInt] | provenance | | +| main.rs:244:13:244:17 | ... + ... [MyInt] | main.rs:244:9:244:9 | c [MyInt] | provenance | | +| main.rs:245:10:245:10 | c [MyInt] | main.rs:245:10:245:16 | c.value | provenance | | +| main.rs:252:9:252:9 | a [MyInt] | main.rs:220:12:220:15 | SelfParam [MyInt] | provenance | | +| main.rs:252:9:252:9 | a [MyInt] | main.rs:254:13:254:20 | a.add(...) [MyInt] | provenance | | | main.rs:252:13:252:38 | MyInt {...} [MyInt] | main.rs:252:9:252:9 | a [MyInt] | provenance | | | main.rs:252:28:252:36 | source(...) | main.rs:252:13:252:38 | MyInt {...} [MyInt] | provenance | | -| main.rs:254:9:254:26 | MyInt {...} [MyInt] | main.rs:254:24:254:24 | c | provenance | | -| main.rs:254:24:254:24 | c | main.rs:255:10:255:10 | c | provenance | | -| main.rs:254:30:254:53 | ...::take_self(...) [MyInt] | main.rs:254:9:254:26 | MyInt {...} [MyInt] | provenance | | -| main.rs:254:49:254:49 | a [MyInt] | main.rs:242:18:242:21 | SelfParam [MyInt] | provenance | | -| main.rs:254:49:254:49 | a [MyInt] | main.rs:254:30:254:53 | ...::take_self(...) [MyInt] | provenance | | -| main.rs:258:9:258:9 | b [MyInt] | main.rs:259:54:259:54 | b [MyInt] | provenance | | -| main.rs:258:13:258:39 | MyInt {...} [MyInt] | main.rs:258:9:258:9 | b [MyInt] | provenance | | -| main.rs:258:28:258:37 | source(...) | main.rs:258:13:258:39 | MyInt {...} [MyInt] | provenance | | -| main.rs:259:9:259:26 | MyInt {...} [MyInt] | main.rs:259:24:259:24 | c | provenance | | -| main.rs:259:24:259:24 | c | main.rs:260:10:260:10 | c | provenance | | -| main.rs:259:30:259:55 | ...::take_second(...) [MyInt] | main.rs:259:9:259:26 | MyInt {...} [MyInt] | provenance | | -| main.rs:259:54:259:54 | b [MyInt] | main.rs:246:26:246:37 | ...: MyInt [MyInt] | provenance | | -| main.rs:259:54:259:54 | b [MyInt] | main.rs:259:30:259:55 | ...::take_second(...) [MyInt] | provenance | | -| main.rs:268:32:272:1 | { ... } | main.rs:287:41:287:54 | async_source(...) | provenance | | -| main.rs:269:9:269:9 | a | main.rs:268:32:272:1 | { ... } | provenance | | -| main.rs:269:9:269:9 | a | main.rs:270:10:270:10 | a | provenance | | -| main.rs:269:13:269:21 | source(...) | main.rs:269:9:269:9 | a | provenance | | -| main.rs:279:13:279:13 | c | main.rs:280:14:280:14 | c | provenance | | -| main.rs:279:17:279:25 | source(...) | main.rs:279:13:279:13 | c | provenance | | -| main.rs:287:9:287:9 | a | main.rs:288:10:288:10 | a | provenance | | -| main.rs:287:13:287:55 | ...::block_on(...) | main.rs:287:9:287:9 | a | provenance | | -| main.rs:287:41:287:54 | async_source(...) | main.rs:287:13:287:55 | ...::block_on(...) | provenance | MaD:1 | +| main.rs:254:9:254:9 | d [MyInt] | main.rs:255:10:255:10 | d [MyInt] | provenance | | +| main.rs:254:13:254:20 | a.add(...) [MyInt] | main.rs:254:9:254:9 | d [MyInt] | provenance | | +| main.rs:255:10:255:10 | d [MyInt] | main.rs:255:10:255:16 | d.value | provenance | | +| main.rs:289:18:289:21 | SelfParam [MyInt] | main.rs:289:48:291:5 | { ... } [MyInt] | provenance | | +| main.rs:293:26:293:37 | ...: MyInt [MyInt] | main.rs:293:49:295:5 | { ... } [MyInt] | provenance | | +| main.rs:299:9:299:9 | a [MyInt] | main.rs:301:50:301:50 | a [MyInt] | provenance | | +| main.rs:299:13:299:38 | MyInt {...} [MyInt] | main.rs:299:9:299:9 | a [MyInt] | provenance | | +| main.rs:299:28:299:36 | source(...) | main.rs:299:13:299:38 | MyInt {...} [MyInt] | provenance | | +| main.rs:301:9:301:26 | MyInt {...} [MyInt] | main.rs:301:24:301:24 | c | provenance | | +| main.rs:301:24:301:24 | c | main.rs:302:10:302:10 | c | provenance | | +| main.rs:301:30:301:54 | ...::take_self(...) [MyInt] | main.rs:301:9:301:26 | MyInt {...} [MyInt] | provenance | | +| main.rs:301:50:301:50 | a [MyInt] | main.rs:289:18:289:21 | SelfParam [MyInt] | provenance | | +| main.rs:301:50:301:50 | a [MyInt] | main.rs:301:30:301:54 | ...::take_self(...) [MyInt] | provenance | | +| main.rs:305:9:305:9 | b [MyInt] | main.rs:306:55:306:55 | b [MyInt] | provenance | | +| main.rs:305:13:305:39 | MyInt {...} [MyInt] | main.rs:305:9:305:9 | b [MyInt] | provenance | | +| main.rs:305:28:305:37 | source(...) | main.rs:305:13:305:39 | MyInt {...} [MyInt] | provenance | | +| main.rs:306:9:306:26 | MyInt {...} [MyInt] | main.rs:306:24:306:24 | c | provenance | | +| main.rs:306:24:306:24 | c | main.rs:307:10:307:10 | c | provenance | | +| main.rs:306:30:306:56 | ...::take_second(...) [MyInt] | main.rs:306:9:306:26 | MyInt {...} [MyInt] | provenance | | +| main.rs:306:55:306:55 | b [MyInt] | main.rs:293:26:293:37 | ...: MyInt [MyInt] | provenance | | +| main.rs:306:55:306:55 | b [MyInt] | main.rs:306:30:306:56 | ...::take_second(...) [MyInt] | provenance | | +| main.rs:315:32:319:1 | { ... } | main.rs:334:41:334:54 | async_source(...) | provenance | | +| main.rs:316:9:316:9 | a | main.rs:315:32:319:1 | { ... } | provenance | | +| main.rs:316:9:316:9 | a | main.rs:317:10:317:10 | a | provenance | | +| main.rs:316:13:316:21 | source(...) | main.rs:316:9:316:9 | a | provenance | | +| main.rs:326:13:326:13 | c | main.rs:327:14:327:14 | c | provenance | | +| main.rs:326:17:326:25 | source(...) | main.rs:326:13:326:13 | c | provenance | | +| main.rs:334:9:334:9 | a | main.rs:335:10:335:10 | a | provenance | | +| main.rs:334:13:334:55 | ...::block_on(...) | main.rs:334:9:334:9 | a | provenance | | +| main.rs:334:41:334:54 | async_source(...) | main.rs:334:13:334:55 | ...::block_on(...) | provenance | MaD:1 | nodes | main.rs:12:28:14:1 | { ... } | semmle.label | { ... } | | main.rs:13:5:13:13 | source(...) | semmle.label | source(...) | @@ -179,94 +194,112 @@ nodes | main.rs:86:13:86:27 | pass_through(...) | semmle.label | pass_through(...) | | main.rs:86:26:86:26 | a | semmle.label | a | | main.rs:87:10:87:10 | b | semmle.label | b | -| main.rs:98:22:98:27 | ...: i64 | semmle.label | ...: i64 | -| main.rs:99:14:99:14 | n | semmle.label | n | -| main.rs:102:30:108:5 | { ... } | semmle.label | { ... } | -| main.rs:106:13:106:21 | source(...) | semmle.label | source(...) | -| main.rs:110:27:110:32 | ...: i64 | semmle.label | ...: i64 | -| main.rs:110:42:116:5 | { ... } | semmle.label | { ... } | -| main.rs:121:9:121:9 | a | semmle.label | a | -| main.rs:121:13:121:25 | mn.get_data() | semmle.label | mn.get_data() | -| main.rs:122:10:122:10 | a | semmle.label | a | -| main.rs:127:9:127:9 | a | semmle.label | a | -| main.rs:127:13:127:21 | source(...) | semmle.label | source(...) | -| main.rs:128:16:128:16 | a | semmle.label | a | -| main.rs:133:9:133:9 | a | semmle.label | a | -| main.rs:133:13:133:21 | source(...) | semmle.label | source(...) | -| main.rs:134:9:134:9 | b | semmle.label | b | -| main.rs:134:13:134:30 | mn.data_through(...) | semmle.label | mn.data_through(...) | -| main.rs:134:29:134:29 | a | semmle.label | a | -| main.rs:135:10:135:10 | b | semmle.label | b | -| main.rs:140:9:140:9 | a | semmle.label | a | -| main.rs:140:13:140:21 | source(...) | semmle.label | source(...) | -| main.rs:141:25:141:25 | a | semmle.label | a | -| main.rs:146:9:146:9 | a | semmle.label | a | -| main.rs:146:13:146:22 | source(...) | semmle.label | source(...) | -| main.rs:147:9:147:9 | b | semmle.label | b | -| main.rs:147:13:147:39 | ...::data_through(...) | semmle.label | ...::data_through(...) | -| main.rs:147:38:147:38 | a | semmle.label | a | -| main.rs:148:10:148:10 | b | semmle.label | b | -| main.rs:159:12:159:17 | ...: i64 | semmle.label | ...: i64 | -| main.rs:159:28:161:5 | { ... } [MyInt] | semmle.label | { ... } [MyInt] | -| main.rs:160:9:160:26 | MyInt {...} [MyInt] | semmle.label | MyInt {...} [MyInt] | -| main.rs:160:24:160:24 | n | semmle.label | n | -| main.rs:165:9:165:9 | n [MyInt] | semmle.label | n [MyInt] | -| main.rs:165:13:165:34 | ...::new(...) [MyInt] | semmle.label | ...::new(...) [MyInt] | -| main.rs:165:24:165:33 | source(...) | semmle.label | source(...) | -| main.rs:166:9:166:26 | MyInt {...} [MyInt] | semmle.label | MyInt {...} [MyInt] | -| main.rs:166:24:166:24 | m | semmle.label | m | -| main.rs:167:10:167:10 | m | semmle.label | m | -| main.rs:173:12:173:15 | SelfParam [MyInt] | semmle.label | SelfParam [MyInt] | -| main.rs:173:42:176:5 | { ... } [MyInt] | semmle.label | { ... } [MyInt] | -| main.rs:175:9:175:35 | MyInt {...} [MyInt] | semmle.label | MyInt {...} [MyInt] | -| main.rs:175:24:175:27 | self [MyInt] | semmle.label | self [MyInt] | -| main.rs:175:24:175:33 | self.value | semmle.label | self.value | -| main.rs:195:9:195:9 | a [MyInt] | semmle.label | a [MyInt] | -| main.rs:195:13:195:38 | MyInt {...} [MyInt] | semmle.label | MyInt {...} [MyInt] | -| main.rs:195:28:195:36 | source(...) | semmle.label | source(...) | -| main.rs:197:9:197:9 | c [MyInt] | semmle.label | c [MyInt] | -| main.rs:197:13:197:13 | a [MyInt] | semmle.label | a [MyInt] | -| main.rs:197:13:197:17 | ... + ... [MyInt] | semmle.label | ... + ... [MyInt] | -| main.rs:198:10:198:10 | c [MyInt] | semmle.label | c [MyInt] | -| main.rs:198:10:198:16 | c.value | semmle.label | c.value | -| main.rs:205:9:205:9 | a [MyInt] | semmle.label | a [MyInt] | -| main.rs:205:13:205:38 | MyInt {...} [MyInt] | semmle.label | MyInt {...} [MyInt] | -| main.rs:205:28:205:36 | source(...) | semmle.label | source(...) | -| main.rs:207:9:207:9 | d [MyInt] | semmle.label | d [MyInt] | -| main.rs:207:13:207:20 | a.add(...) [MyInt] | semmle.label | a.add(...) [MyInt] | -| main.rs:208:10:208:10 | d [MyInt] | semmle.label | d [MyInt] | -| main.rs:208:10:208:16 | d.value | semmle.label | d.value | -| main.rs:242:18:242:21 | SelfParam [MyInt] | semmle.label | SelfParam [MyInt] | -| main.rs:242:48:244:5 | { ... } [MyInt] | semmle.label | { ... } [MyInt] | -| main.rs:246:26:246:37 | ...: MyInt [MyInt] | semmle.label | ...: MyInt [MyInt] | -| main.rs:246:49:248:5 | { ... } [MyInt] | semmle.label | { ... } [MyInt] | +| main.rs:104:22:104:27 | ...: i64 | semmle.label | ...: i64 | +| main.rs:105:14:105:14 | n | semmle.label | n | +| main.rs:108:30:110:5 | { ... } | semmle.label | { ... } | +| main.rs:109:35:109:43 | source(...) | semmle.label | source(...) | +| main.rs:112:27:112:32 | ...: i64 | semmle.label | ...: i64 | +| main.rs:112:42:114:5 | { ... } | semmle.label | { ... } | +| main.rs:118:28:118:33 | ...: i64 | semmle.label | ...: i64 | +| main.rs:119:14:119:14 | n | semmle.label | n | +| main.rs:122:36:124:5 | { ... } | semmle.label | { ... } | +| main.rs:123:35:123:44 | source(...) | semmle.label | source(...) | +| main.rs:126:33:126:38 | ...: i64 | semmle.label | ...: i64 | +| main.rs:126:48:128:5 | { ... } | semmle.label | { ... } | +| main.rs:138:9:138:9 | a | semmle.label | a | +| main.rs:138:13:138:25 | mn.get_data() | semmle.label | mn.get_data() | +| main.rs:139:10:139:10 | a | semmle.label | a | +| main.rs:142:9:142:9 | a | semmle.label | a | +| main.rs:142:13:142:31 | mn.get_data_trait() | semmle.label | mn.get_data_trait() | +| main.rs:143:10:143:10 | a | semmle.label | a | +| main.rs:155:9:155:9 | a | semmle.label | a | +| main.rs:155:13:155:21 | source(...) | semmle.label | source(...) | +| main.rs:156:16:156:16 | a | semmle.label | a | +| main.rs:159:9:159:9 | a | semmle.label | a | +| main.rs:159:13:159:22 | source(...) | semmle.label | source(...) | +| main.rs:160:22:160:22 | a | semmle.label | a | +| main.rs:173:9:173:9 | a | semmle.label | a | +| main.rs:173:13:173:21 | source(...) | semmle.label | source(...) | +| main.rs:174:9:174:9 | b | semmle.label | b | +| main.rs:174:13:174:30 | mn.data_through(...) | semmle.label | mn.data_through(...) | +| main.rs:174:29:174:29 | a | semmle.label | a | +| main.rs:175:10:175:10 | b | semmle.label | b | +| main.rs:178:9:178:9 | a | semmle.label | a | +| main.rs:178:13:178:22 | source(...) | semmle.label | source(...) | +| main.rs:179:9:179:9 | b | semmle.label | b | +| main.rs:179:13:179:36 | mn.data_through_trait(...) | semmle.label | mn.data_through_trait(...) | +| main.rs:179:35:179:35 | a | semmle.label | a | +| main.rs:180:10:180:10 | b | semmle.label | b | +| main.rs:187:9:187:9 | a | semmle.label | a | +| main.rs:187:13:187:21 | source(...) | semmle.label | source(...) | +| main.rs:188:25:188:25 | a | semmle.label | a | +| main.rs:193:9:193:9 | a | semmle.label | a | +| main.rs:193:13:193:22 | source(...) | semmle.label | source(...) | +| main.rs:194:9:194:9 | b | semmle.label | b | +| main.rs:194:13:194:39 | ...::data_through(...) | semmle.label | ...::data_through(...) | +| main.rs:194:38:194:38 | a | semmle.label | a | +| main.rs:195:10:195:10 | b | semmle.label | b | +| main.rs:206:12:206:17 | ...: i64 | semmle.label | ...: i64 | +| main.rs:206:28:208:5 | { ... } [MyInt] | semmle.label | { ... } [MyInt] | +| main.rs:207:9:207:26 | MyInt {...} [MyInt] | semmle.label | MyInt {...} [MyInt] | +| main.rs:207:24:207:24 | n | semmle.label | n | +| main.rs:212:9:212:9 | n [MyInt] | semmle.label | n [MyInt] | +| main.rs:212:13:212:34 | ...::new(...) [MyInt] | semmle.label | ...::new(...) [MyInt] | +| main.rs:212:24:212:33 | source(...) | semmle.label | source(...) | +| main.rs:213:9:213:26 | MyInt {...} [MyInt] | semmle.label | MyInt {...} [MyInt] | +| main.rs:213:24:213:24 | m | semmle.label | m | +| main.rs:214:10:214:10 | m | semmle.label | m | +| main.rs:220:12:220:15 | SelfParam [MyInt] | semmle.label | SelfParam [MyInt] | +| main.rs:220:42:223:5 | { ... } [MyInt] | semmle.label | { ... } [MyInt] | +| main.rs:222:9:222:35 | MyInt {...} [MyInt] | semmle.label | MyInt {...} [MyInt] | +| main.rs:222:24:222:27 | self [MyInt] | semmle.label | self [MyInt] | +| main.rs:222:24:222:33 | self.value | semmle.label | self.value | +| main.rs:242:9:242:9 | a [MyInt] | semmle.label | a [MyInt] | +| main.rs:242:13:242:38 | MyInt {...} [MyInt] | semmle.label | MyInt {...} [MyInt] | +| main.rs:242:28:242:36 | source(...) | semmle.label | source(...) | +| main.rs:244:9:244:9 | c [MyInt] | semmle.label | c [MyInt] | +| main.rs:244:13:244:13 | a [MyInt] | semmle.label | a [MyInt] | +| main.rs:244:13:244:17 | ... + ... [MyInt] | semmle.label | ... + ... [MyInt] | +| main.rs:245:10:245:10 | c [MyInt] | semmle.label | c [MyInt] | +| main.rs:245:10:245:16 | c.value | semmle.label | c.value | | main.rs:252:9:252:9 | a [MyInt] | semmle.label | a [MyInt] | | main.rs:252:13:252:38 | MyInt {...} [MyInt] | semmle.label | MyInt {...} [MyInt] | | main.rs:252:28:252:36 | source(...) | semmle.label | source(...) | -| main.rs:254:9:254:26 | MyInt {...} [MyInt] | semmle.label | MyInt {...} [MyInt] | -| main.rs:254:24:254:24 | c | semmle.label | c | -| main.rs:254:30:254:53 | ...::take_self(...) [MyInt] | semmle.label | ...::take_self(...) [MyInt] | -| main.rs:254:49:254:49 | a [MyInt] | semmle.label | a [MyInt] | -| main.rs:255:10:255:10 | c | semmle.label | c | -| main.rs:258:9:258:9 | b [MyInt] | semmle.label | b [MyInt] | -| main.rs:258:13:258:39 | MyInt {...} [MyInt] | semmle.label | MyInt {...} [MyInt] | -| main.rs:258:28:258:37 | source(...) | semmle.label | source(...) | -| main.rs:259:9:259:26 | MyInt {...} [MyInt] | semmle.label | MyInt {...} [MyInt] | -| main.rs:259:24:259:24 | c | semmle.label | c | -| main.rs:259:30:259:55 | ...::take_second(...) [MyInt] | semmle.label | ...::take_second(...) [MyInt] | -| main.rs:259:54:259:54 | b [MyInt] | semmle.label | b [MyInt] | -| main.rs:260:10:260:10 | c | semmle.label | c | -| main.rs:268:32:272:1 | { ... } | semmle.label | { ... } | -| main.rs:269:9:269:9 | a | semmle.label | a | -| main.rs:269:13:269:21 | source(...) | semmle.label | source(...) | -| main.rs:270:10:270:10 | a | semmle.label | a | -| main.rs:279:13:279:13 | c | semmle.label | c | -| main.rs:279:17:279:25 | source(...) | semmle.label | source(...) | -| main.rs:280:14:280:14 | c | semmle.label | c | -| main.rs:287:9:287:9 | a | semmle.label | a | -| main.rs:287:13:287:55 | ...::block_on(...) | semmle.label | ...::block_on(...) | -| main.rs:287:41:287:54 | async_source(...) | semmle.label | async_source(...) | -| main.rs:288:10:288:10 | a | semmle.label | a | +| main.rs:254:9:254:9 | d [MyInt] | semmle.label | d [MyInt] | +| main.rs:254:13:254:20 | a.add(...) [MyInt] | semmle.label | a.add(...) [MyInt] | +| main.rs:255:10:255:10 | d [MyInt] | semmle.label | d [MyInt] | +| main.rs:255:10:255:16 | d.value | semmle.label | d.value | +| main.rs:289:18:289:21 | SelfParam [MyInt] | semmle.label | SelfParam [MyInt] | +| main.rs:289:48:291:5 | { ... } [MyInt] | semmle.label | { ... } [MyInt] | +| main.rs:293:26:293:37 | ...: MyInt [MyInt] | semmle.label | ...: MyInt [MyInt] | +| main.rs:293:49:295:5 | { ... } [MyInt] | semmle.label | { ... } [MyInt] | +| main.rs:299:9:299:9 | a [MyInt] | semmle.label | a [MyInt] | +| main.rs:299:13:299:38 | MyInt {...} [MyInt] | semmle.label | MyInt {...} [MyInt] | +| main.rs:299:28:299:36 | source(...) | semmle.label | source(...) | +| main.rs:301:9:301:26 | MyInt {...} [MyInt] | semmle.label | MyInt {...} [MyInt] | +| main.rs:301:24:301:24 | c | semmle.label | c | +| main.rs:301:30:301:54 | ...::take_self(...) [MyInt] | semmle.label | ...::take_self(...) [MyInt] | +| main.rs:301:50:301:50 | a [MyInt] | semmle.label | a [MyInt] | +| main.rs:302:10:302:10 | c | semmle.label | c | +| main.rs:305:9:305:9 | b [MyInt] | semmle.label | b [MyInt] | +| main.rs:305:13:305:39 | MyInt {...} [MyInt] | semmle.label | MyInt {...} [MyInt] | +| main.rs:305:28:305:37 | source(...) | semmle.label | source(...) | +| main.rs:306:9:306:26 | MyInt {...} [MyInt] | semmle.label | MyInt {...} [MyInt] | +| main.rs:306:24:306:24 | c | semmle.label | c | +| main.rs:306:30:306:56 | ...::take_second(...) [MyInt] | semmle.label | ...::take_second(...) [MyInt] | +| main.rs:306:55:306:55 | b [MyInt] | semmle.label | b [MyInt] | +| main.rs:307:10:307:10 | c | semmle.label | c | +| main.rs:315:32:319:1 | { ... } | semmle.label | { ... } | +| main.rs:316:9:316:9 | a | semmle.label | a | +| main.rs:316:13:316:21 | source(...) | semmle.label | source(...) | +| main.rs:317:10:317:10 | a | semmle.label | a | +| main.rs:326:13:326:13 | c | semmle.label | c | +| main.rs:326:17:326:25 | source(...) | semmle.label | source(...) | +| main.rs:327:14:327:14 | c | semmle.label | c | +| main.rs:334:9:334:9 | a | semmle.label | a | +| main.rs:334:13:334:55 | ...::block_on(...) | semmle.label | ...::block_on(...) | +| main.rs:334:41:334:54 | async_source(...) | semmle.label | async_source(...) | +| main.rs:335:10:335:10 | a | semmle.label | a | subpaths | main.rs:38:23:38:31 | source(...) | main.rs:26:28:26:33 | ...: i64 | main.rs:26:17:26:25 | SelfParam [Return] [&ref, MyStruct] | main.rs:38:6:38:11 | [post] &mut a [&ref, MyStruct] | | main.rs:39:10:39:10 | a [MyStruct] | main.rs:30:17:30:21 | SelfParam [&ref, MyStruct] | main.rs:30:31:32:5 | { ... } | main.rs:39:10:39:21 | a.get_data() | @@ -275,13 +308,14 @@ subpaths | main.rs:67:26:67:26 | a | main.rs:61:17:61:22 | ...: i64 | main.rs:61:32:63:1 | { ... } | main.rs:67:13:67:27 | pass_through(...) | | main.rs:72:26:75:5 | { ... } | main.rs:61:17:61:22 | ...: i64 | main.rs:61:32:63:1 | { ... } | main.rs:72:13:75:6 | pass_through(...) | | main.rs:86:26:86:26 | a | main.rs:82:21:82:26 | ...: i64 | main.rs:82:36:84:5 | { ... } | main.rs:86:13:86:27 | pass_through(...) | -| main.rs:134:29:134:29 | a | main.rs:110:27:110:32 | ...: i64 | main.rs:110:42:116:5 | { ... } | main.rs:134:13:134:30 | mn.data_through(...) | -| main.rs:147:38:147:38 | a | main.rs:110:27:110:32 | ...: i64 | main.rs:110:42:116:5 | { ... } | main.rs:147:13:147:39 | ...::data_through(...) | -| main.rs:165:24:165:33 | source(...) | main.rs:159:12:159:17 | ...: i64 | main.rs:159:28:161:5 | { ... } [MyInt] | main.rs:165:13:165:34 | ...::new(...) [MyInt] | -| main.rs:197:13:197:13 | a [MyInt] | main.rs:173:12:173:15 | SelfParam [MyInt] | main.rs:173:42:176:5 | { ... } [MyInt] | main.rs:197:13:197:17 | ... + ... [MyInt] | -| main.rs:205:9:205:9 | a [MyInt] | main.rs:173:12:173:15 | SelfParam [MyInt] | main.rs:173:42:176:5 | { ... } [MyInt] | main.rs:207:13:207:20 | a.add(...) [MyInt] | -| main.rs:254:49:254:49 | a [MyInt] | main.rs:242:18:242:21 | SelfParam [MyInt] | main.rs:242:48:244:5 | { ... } [MyInt] | main.rs:254:30:254:53 | ...::take_self(...) [MyInt] | -| main.rs:259:54:259:54 | b [MyInt] | main.rs:246:26:246:37 | ...: MyInt [MyInt] | main.rs:246:49:248:5 | { ... } [MyInt] | main.rs:259:30:259:55 | ...::take_second(...) [MyInt] | +| main.rs:174:29:174:29 | a | main.rs:112:27:112:32 | ...: i64 | main.rs:112:42:114:5 | { ... } | main.rs:174:13:174:30 | mn.data_through(...) | +| main.rs:179:35:179:35 | a | main.rs:126:33:126:38 | ...: i64 | main.rs:126:48:128:5 | { ... } | main.rs:179:13:179:36 | mn.data_through_trait(...) | +| main.rs:194:38:194:38 | a | main.rs:112:27:112:32 | ...: i64 | main.rs:112:42:114:5 | { ... } | main.rs:194:13:194:39 | ...::data_through(...) | +| main.rs:212:24:212:33 | source(...) | main.rs:206:12:206:17 | ...: i64 | main.rs:206:28:208:5 | { ... } [MyInt] | main.rs:212:13:212:34 | ...::new(...) [MyInt] | +| main.rs:244:13:244:13 | a [MyInt] | main.rs:220:12:220:15 | SelfParam [MyInt] | main.rs:220:42:223:5 | { ... } [MyInt] | main.rs:244:13:244:17 | ... + ... [MyInt] | +| main.rs:252:9:252:9 | a [MyInt] | main.rs:220:12:220:15 | SelfParam [MyInt] | main.rs:220:42:223:5 | { ... } [MyInt] | main.rs:254:13:254:20 | a.add(...) [MyInt] | +| main.rs:301:50:301:50 | a [MyInt] | main.rs:289:18:289:21 | SelfParam [MyInt] | main.rs:289:48:291:5 | { ... } [MyInt] | main.rs:301:30:301:54 | ...::take_self(...) [MyInt] | +| main.rs:306:55:306:55 | b [MyInt] | main.rs:293:26:293:37 | ...: MyInt [MyInt] | main.rs:293:49:295:5 | { ... } [MyInt] | main.rs:306:30:306:56 | ...::take_second(...) [MyInt] | testFailures #select | main.rs:18:10:18:10 | a | main.rs:13:5:13:13 | source(...) | main.rs:18:10:18:10 | a | $@ | main.rs:13:5:13:13 | source(...) | source(...) | @@ -291,16 +325,19 @@ testFailures | main.rs:68:10:68:10 | b | main.rs:66:13:66:21 | source(...) | main.rs:68:10:68:10 | b | $@ | main.rs:66:13:66:21 | source(...) | source(...) | | main.rs:76:10:76:10 | a | main.rs:74:9:74:18 | source(...) | main.rs:76:10:76:10 | a | $@ | main.rs:74:9:74:18 | source(...) | source(...) | | main.rs:87:10:87:10 | b | main.rs:80:13:80:22 | source(...) | main.rs:87:10:87:10 | b | $@ | main.rs:80:13:80:22 | source(...) | source(...) | -| main.rs:99:14:99:14 | n | main.rs:127:13:127:21 | source(...) | main.rs:99:14:99:14 | n | $@ | main.rs:127:13:127:21 | source(...) | source(...) | -| main.rs:99:14:99:14 | n | main.rs:140:13:140:21 | source(...) | main.rs:99:14:99:14 | n | $@ | main.rs:140:13:140:21 | source(...) | source(...) | -| main.rs:122:10:122:10 | a | main.rs:106:13:106:21 | source(...) | main.rs:122:10:122:10 | a | $@ | main.rs:106:13:106:21 | source(...) | source(...) | -| main.rs:135:10:135:10 | b | main.rs:133:13:133:21 | source(...) | main.rs:135:10:135:10 | b | $@ | main.rs:133:13:133:21 | source(...) | source(...) | -| main.rs:148:10:148:10 | b | main.rs:146:13:146:22 | source(...) | main.rs:148:10:148:10 | b | $@ | main.rs:146:13:146:22 | source(...) | source(...) | -| main.rs:167:10:167:10 | m | main.rs:165:24:165:33 | source(...) | main.rs:167:10:167:10 | m | $@ | main.rs:165:24:165:33 | source(...) | source(...) | -| main.rs:198:10:198:16 | c.value | main.rs:195:28:195:36 | source(...) | main.rs:198:10:198:16 | c.value | $@ | main.rs:195:28:195:36 | source(...) | source(...) | -| main.rs:208:10:208:16 | d.value | main.rs:205:28:205:36 | source(...) | main.rs:208:10:208:16 | d.value | $@ | main.rs:205:28:205:36 | source(...) | source(...) | -| main.rs:255:10:255:10 | c | main.rs:252:28:252:36 | source(...) | main.rs:255:10:255:10 | c | $@ | main.rs:252:28:252:36 | source(...) | source(...) | -| main.rs:260:10:260:10 | c | main.rs:258:28:258:37 | source(...) | main.rs:260:10:260:10 | c | $@ | main.rs:258:28:258:37 | source(...) | source(...) | -| main.rs:270:10:270:10 | a | main.rs:269:13:269:21 | source(...) | main.rs:270:10:270:10 | a | $@ | main.rs:269:13:269:21 | source(...) | source(...) | -| main.rs:280:14:280:14 | c | main.rs:279:17:279:25 | source(...) | main.rs:280:14:280:14 | c | $@ | main.rs:279:17:279:25 | source(...) | source(...) | -| main.rs:288:10:288:10 | a | main.rs:269:13:269:21 | source(...) | main.rs:288:10:288:10 | a | $@ | main.rs:269:13:269:21 | source(...) | source(...) | +| main.rs:105:14:105:14 | n | main.rs:155:13:155:21 | source(...) | main.rs:105:14:105:14 | n | $@ | main.rs:155:13:155:21 | source(...) | source(...) | +| main.rs:105:14:105:14 | n | main.rs:187:13:187:21 | source(...) | main.rs:105:14:105:14 | n | $@ | main.rs:187:13:187:21 | source(...) | source(...) | +| main.rs:119:14:119:14 | n | main.rs:159:13:159:22 | source(...) | main.rs:119:14:119:14 | n | $@ | main.rs:159:13:159:22 | source(...) | source(...) | +| main.rs:139:10:139:10 | a | main.rs:109:35:109:43 | source(...) | main.rs:139:10:139:10 | a | $@ | main.rs:109:35:109:43 | source(...) | source(...) | +| main.rs:143:10:143:10 | a | main.rs:123:35:123:44 | source(...) | main.rs:143:10:143:10 | a | $@ | main.rs:123:35:123:44 | source(...) | source(...) | +| main.rs:175:10:175:10 | b | main.rs:173:13:173:21 | source(...) | main.rs:175:10:175:10 | b | $@ | main.rs:173:13:173:21 | source(...) | source(...) | +| main.rs:180:10:180:10 | b | main.rs:178:13:178:22 | source(...) | main.rs:180:10:180:10 | b | $@ | main.rs:178:13:178:22 | source(...) | source(...) | +| main.rs:195:10:195:10 | b | main.rs:193:13:193:22 | source(...) | main.rs:195:10:195:10 | b | $@ | main.rs:193:13:193:22 | source(...) | source(...) | +| main.rs:214:10:214:10 | m | main.rs:212:24:212:33 | source(...) | main.rs:214:10:214:10 | m | $@ | main.rs:212:24:212:33 | source(...) | source(...) | +| main.rs:245:10:245:16 | c.value | main.rs:242:28:242:36 | source(...) | main.rs:245:10:245:16 | c.value | $@ | main.rs:242:28:242:36 | source(...) | source(...) | +| main.rs:255:10:255:16 | d.value | main.rs:252:28:252:36 | source(...) | main.rs:255:10:255:16 | d.value | $@ | main.rs:252:28:252:36 | source(...) | source(...) | +| main.rs:302:10:302:10 | c | main.rs:299:28:299:36 | source(...) | main.rs:302:10:302:10 | c | $@ | main.rs:299:28:299:36 | source(...) | source(...) | +| main.rs:307:10:307:10 | c | main.rs:305:28:305:37 | source(...) | main.rs:307:10:307:10 | c | $@ | main.rs:305:28:305:37 | source(...) | source(...) | +| main.rs:317:10:317:10 | a | main.rs:316:13:316:21 | source(...) | main.rs:317:10:317:10 | a | $@ | main.rs:316:13:316:21 | source(...) | source(...) | +| main.rs:327:14:327:14 | c | main.rs:326:17:326:25 | source(...) | main.rs:327:14:327:14 | c | $@ | main.rs:326:17:326:25 | source(...) | source(...) | +| main.rs:335:10:335:10 | a | main.rs:316:13:316:21 | source(...) | main.rs:335:10:335:10 | a | $@ | main.rs:316:13:316:21 | source(...) | source(...) | diff --git a/rust/ql/test/library-tests/dataflow/global/main.rs b/rust/ql/test/library-tests/dataflow/global/main.rs index fb5acfb7c60..3c83ca6bd6d 100644 --- a/rust/ql/test/library-tests/dataflow/global/main.rs +++ b/rust/ql/test/library-tests/dataflow/global/main.rs @@ -94,38 +94,78 @@ struct MyFlag { flag: bool, } +trait MyTrait { + fn data_in_trait(self, n: i64); + fn get_data_trait(self) -> i64; + fn data_through_trait(self, n: i64) -> i64; +} + impl MyFlag { fn data_in(self, n: i64) { sink(n); // $ hasValueFlow=1 hasValueFlow=8 } fn get_data(self) -> i64 { - if self.flag { - 0 - } else { - source(2) - } + if self.flag { 0 } else { source(2) } } fn data_through(self, n: i64) -> i64 { - if self.flag { - 0 - } else { - n - } + if self.flag { 0 } else { n } } } +impl MyTrait for MyFlag { + fn data_in_trait(self, n: i64) { + sink(n); // $ hasValueFlow=22 $ MISSING: hasValueFlow=31 + } + + fn get_data_trait(self) -> i64 { + if self.flag { 0 } else { source(21) } + } + + fn data_through_trait(self, n: i64) -> i64 { + if self.flag { 0 } else { n } + } +} + +fn data_out_of_method_trait_dispatch(x: T) { + let a = x.get_data_trait(); + sink(a); // $ MISSING: hasValueFlow=21 +} + fn data_out_of_method() { let mn = MyFlag { flag: true }; let a = mn.get_data(); sink(a); // $ hasValueFlow=2 + + let mn = MyFlag { flag: true }; + let a = mn.get_data_trait(); + sink(a); // $ hasValueFlow=21 + + data_out_of_method_trait_dispatch(MyFlag { flag: true }); +} + +fn data_in_to_method_call_trait_dispatch(x: T) { + let a = source(31); + x.data_in_trait(a); } fn data_in_to_method_call() { let mn = MyFlag { flag: true }; let a = source(1); - mn.data_in(a) + mn.data_in(a); + + let mn = MyFlag { flag: true }; + let a = source(22); + mn.data_in_trait(a); + + data_in_to_method_call_trait_dispatch(MyFlag { flag: true }); +} + +fn data_through_method_trait_dispatch(x: T) { + let a = source(34); + let b = x.data_through_trait(a); + sink(b); // $ MISSING: hasValueFlow=34 } fn data_through_method() { @@ -133,6 +173,13 @@ fn data_through_method() { let a = source(4); let b = mn.data_through(a); sink(b); // $ hasValueFlow=4 + + let mn = MyFlag { flag: true }; + let a = source(24); + let b = mn.data_through_trait(a); + sink(b); // $ hasValueFlow=24 + + data_through_method_trait_dispatch(MyFlag { flag: true }); } fn data_in_to_method_called_as_function() { @@ -230,13 +277,13 @@ fn test_operator_overloading() { sink(c); // $ hasTaintFlow=28 MISSING: hasValueFlow=28 } -trait MyTrait { +trait MyTrait2 { type Output; fn take_self(self, _other: Self::Output) -> Self::Output; fn take_second(self, other: Self::Output) -> Self::Output; } -impl MyTrait for MyInt { +impl MyTrait2 for MyInt { type Output = MyInt; fn take_self(self, _other: MyInt) -> MyInt { @@ -251,17 +298,17 @@ impl MyTrait for MyInt { fn data_through_trait_method_called_as_function() { let a = MyInt { value: source(8) }; let b = MyInt { value: 2 }; - let MyInt { value: c } = MyTrait::take_self(a, b); + let MyInt { value: c } = MyTrait2::take_self(a, b); sink(c); // $ hasValueFlow=8 let a = MyInt { value: 0 }; let b = MyInt { value: source(37) }; - let MyInt { value: c } = MyTrait::take_second(a, b); + let MyInt { value: c } = MyTrait2::take_second(a, b); sink(c); // $ hasValueFlow=37 let a = MyInt { value: 0 }; let b = MyInt { value: source(38) }; - let MyInt { value: c } = MyTrait::take_self(a, b); + let MyInt { value: c } = MyTrait2::take_self(a, b); sink(c); } diff --git a/rust/ql/test/library-tests/dataflow/global/viableCallable.expected b/rust/ql/test/library-tests/dataflow/global/viableCallable.expected index 6fdac9700b6..664e720e984 100644 --- a/rust/ql/test/library-tests/dataflow/global/viableCallable.expected +++ b/rust/ql/test/library-tests/dataflow/global/viableCallable.expected @@ -23,73 +23,89 @@ | main.rs:80:13:80:22 | source(...) | main.rs:1:1:3:1 | fn source | | main.rs:86:13:86:27 | pass_through(...) | main.rs:82:5:84:5 | fn pass_through | | main.rs:87:5:87:11 | sink(...) | main.rs:5:1:7:1 | fn sink | -| main.rs:99:9:99:15 | sink(...) | main.rs:5:1:7:1 | fn sink | -| main.rs:106:13:106:21 | source(...) | main.rs:1:1:3:1 | fn source | -| main.rs:121:13:121:25 | mn.get_data() | main.rs:102:5:108:5 | fn get_data | -| main.rs:122:5:122:11 | sink(...) | main.rs:5:1:7:1 | fn sink | -| main.rs:127:13:127:21 | source(...) | main.rs:1:1:3:1 | fn source | -| main.rs:128:5:128:17 | mn.data_in(...) | main.rs:98:5:100:5 | fn data_in | -| main.rs:133:13:133:21 | source(...) | main.rs:1:1:3:1 | fn source | -| main.rs:134:13:134:30 | mn.data_through(...) | main.rs:110:5:116:5 | fn data_through | -| main.rs:135:5:135:11 | sink(...) | main.rs:5:1:7:1 | fn sink | -| main.rs:140:13:140:21 | source(...) | main.rs:1:1:3:1 | fn source | -| main.rs:141:5:141:26 | ...::data_in(...) | main.rs:98:5:100:5 | fn data_in | -| main.rs:146:13:146:22 | source(...) | main.rs:1:1:3:1 | fn source | -| main.rs:147:13:147:39 | ...::data_through(...) | main.rs:110:5:116:5 | fn data_through | -| main.rs:148:5:148:11 | sink(...) | main.rs:5:1:7:1 | fn sink | -| main.rs:165:13:165:34 | ...::new(...) | main.rs:158:5:161:5 | fn new | -| main.rs:165:24:165:33 | source(...) | main.rs:1:1:3:1 | fn source | -| main.rs:167:5:167:11 | sink(...) | main.rs:5:1:7:1 | fn sink | -| main.rs:181:10:181:14 | * ... | main.rs:188:5:190:5 | fn deref | -| main.rs:189:11:189:15 | * ... | main.rs:188:5:190:5 | fn deref | -| main.rs:195:28:195:36 | source(...) | main.rs:1:1:3:1 | fn source | -| main.rs:197:13:197:17 | ... + ... | main.rs:173:5:176:5 | fn add | -| main.rs:198:5:198:17 | sink(...) | main.rs:5:1:7:1 | fn sink | -| main.rs:201:28:201:36 | source(...) | main.rs:1:1:3:1 | fn source | -| main.rs:202:13:202:17 | ... + ... | main.rs:173:5:176:5 | fn add | -| main.rs:203:5:203:17 | sink(...) | main.rs:5:1:7:1 | fn sink | -| main.rs:205:28:205:36 | source(...) | main.rs:1:1:3:1 | fn source | -| main.rs:207:13:207:20 | a.add(...) | main.rs:173:5:176:5 | fn add | -| main.rs:208:5:208:17 | sink(...) | main.rs:5:1:7:1 | fn sink | -| main.rs:212:28:212:37 | source(...) | main.rs:1:1:3:1 | fn source | -| main.rs:215:5:215:17 | sink(...) | main.rs:5:1:7:1 | fn sink | -| main.rs:218:28:218:37 | source(...) | main.rs:1:1:3:1 | fn source | -| main.rs:219:5:219:10 | ... *= ... | main.rs:180:5:182:5 | fn mul_assign | -| main.rs:220:5:220:17 | sink(...) | main.rs:5:1:7:1 | fn sink | -| main.rs:223:28:223:37 | source(...) | main.rs:1:1:3:1 | fn source | -| main.rs:226:5:226:11 | sink(...) | main.rs:5:1:7:1 | fn sink | -| main.rs:228:28:228:37 | source(...) | main.rs:1:1:3:1 | fn source | -| main.rs:229:13:229:14 | * ... | main.rs:188:5:190:5 | fn deref | -| main.rs:230:5:230:11 | sink(...) | main.rs:5:1:7:1 | fn sink | +| main.rs:105:9:105:15 | sink(...) | main.rs:5:1:7:1 | fn sink | +| main.rs:109:35:109:43 | source(...) | main.rs:1:1:3:1 | fn source | +| main.rs:119:9:119:15 | sink(...) | main.rs:5:1:7:1 | fn sink | +| main.rs:123:35:123:44 | source(...) | main.rs:1:1:3:1 | fn source | +| main.rs:133:5:133:11 | sink(...) | main.rs:5:1:7:1 | fn sink | +| main.rs:138:13:138:25 | mn.get_data() | main.rs:108:5:110:5 | fn get_data | +| main.rs:139:5:139:11 | sink(...) | main.rs:5:1:7:1 | fn sink | +| main.rs:142:13:142:31 | mn.get_data_trait() | main.rs:122:5:124:5 | fn get_data_trait | +| main.rs:143:5:143:11 | sink(...) | main.rs:5:1:7:1 | fn sink | +| main.rs:145:5:145:60 | data_out_of_method_trait_dispatch(...) | main.rs:131:1:134:1 | fn data_out_of_method_trait_dispatch | +| main.rs:149:13:149:22 | source(...) | main.rs:1:1:3:1 | fn source | +| main.rs:155:13:155:21 | source(...) | main.rs:1:1:3:1 | fn source | +| main.rs:156:5:156:17 | mn.data_in(...) | main.rs:104:5:106:5 | fn data_in | +| main.rs:159:13:159:22 | source(...) | main.rs:1:1:3:1 | fn source | +| main.rs:160:5:160:23 | mn.data_in_trait(...) | main.rs:118:5:120:5 | fn data_in_trait | +| main.rs:162:5:162:64 | data_in_to_method_call_trait_dispatch(...) | main.rs:148:1:151:1 | fn data_in_to_method_call_trait_dispatch | +| main.rs:166:13:166:22 | source(...) | main.rs:1:1:3:1 | fn source | +| main.rs:168:5:168:11 | sink(...) | main.rs:5:1:7:1 | fn sink | +| main.rs:173:13:173:21 | source(...) | main.rs:1:1:3:1 | fn source | +| main.rs:174:13:174:30 | mn.data_through(...) | main.rs:112:5:114:5 | fn data_through | +| main.rs:175:5:175:11 | sink(...) | main.rs:5:1:7:1 | fn sink | +| main.rs:178:13:178:22 | source(...) | main.rs:1:1:3:1 | fn source | +| main.rs:179:13:179:36 | mn.data_through_trait(...) | main.rs:126:5:128:5 | fn data_through_trait | +| main.rs:180:5:180:11 | sink(...) | main.rs:5:1:7:1 | fn sink | +| main.rs:182:5:182:61 | data_through_method_trait_dispatch(...) | main.rs:165:1:169:1 | fn data_through_method_trait_dispatch | +| main.rs:187:13:187:21 | source(...) | main.rs:1:1:3:1 | fn source | +| main.rs:188:5:188:26 | ...::data_in(...) | main.rs:104:5:106:5 | fn data_in | +| main.rs:193:13:193:22 | source(...) | main.rs:1:1:3:1 | fn source | +| main.rs:194:13:194:39 | ...::data_through(...) | main.rs:112:5:114:5 | fn data_through | +| main.rs:195:5:195:11 | sink(...) | main.rs:5:1:7:1 | fn sink | +| main.rs:212:13:212:34 | ...::new(...) | main.rs:205:5:208:5 | fn new | +| main.rs:212:24:212:33 | source(...) | main.rs:1:1:3:1 | fn source | +| main.rs:214:5:214:11 | sink(...) | main.rs:5:1:7:1 | fn sink | +| main.rs:228:10:228:14 | * ... | main.rs:235:5:237:5 | fn deref | +| main.rs:236:11:236:15 | * ... | main.rs:235:5:237:5 | fn deref | +| main.rs:242:28:242:36 | source(...) | main.rs:1:1:3:1 | fn source | +| main.rs:244:13:244:17 | ... + ... | main.rs:220:5:223:5 | fn add | +| main.rs:245:5:245:17 | sink(...) | main.rs:5:1:7:1 | fn sink | +| main.rs:248:28:248:36 | source(...) | main.rs:1:1:3:1 | fn source | +| main.rs:249:13:249:17 | ... + ... | main.rs:220:5:223:5 | fn add | +| main.rs:250:5:250:17 | sink(...) | main.rs:5:1:7:1 | fn sink | | main.rs:252:28:252:36 | source(...) | main.rs:1:1:3:1 | fn source | -| main.rs:254:30:254:53 | ...::take_self(...) | main.rs:242:5:244:5 | fn take_self | -| main.rs:255:5:255:11 | sink(...) | main.rs:5:1:7:1 | fn sink | -| main.rs:258:28:258:37 | source(...) | main.rs:1:1:3:1 | fn source | -| main.rs:259:30:259:55 | ...::take_second(...) | main.rs:246:5:248:5 | fn take_second | -| main.rs:260:5:260:11 | sink(...) | main.rs:5:1:7:1 | fn sink | -| main.rs:263:28:263:37 | source(...) | main.rs:1:1:3:1 | fn source | -| main.rs:264:30:264:53 | ...::take_self(...) | main.rs:242:5:244:5 | fn take_self | -| main.rs:265:5:265:11 | sink(...) | main.rs:5:1:7:1 | fn sink | -| main.rs:269:13:269:21 | source(...) | main.rs:1:1:3:1 | fn source | -| main.rs:270:5:270:11 | sink(...) | main.rs:5:1:7:1 | fn sink | -| main.rs:275:13:275:26 | async_source(...) | main.rs:268:1:272:1 | fn async_source | -| main.rs:276:5:276:11 | sink(...) | main.rs:5:1:7:1 | fn sink | -| main.rs:279:17:279:25 | source(...) | main.rs:1:1:3:1 | fn source | -| main.rs:280:9:280:15 | sink(...) | main.rs:5:1:7:1 | fn sink | -| main.rs:283:5:283:17 | sink(...) | main.rs:5:1:7:1 | fn sink | -| main.rs:287:13:287:55 | ...::block_on(...) | file://:0:0:0:0 | fn block_on | -| main.rs:287:41:287:54 | async_source(...) | main.rs:268:1:272:1 | fn async_source | -| main.rs:288:5:288:11 | sink(...) | main.rs:5:1:7:1 | fn sink | -| main.rs:290:5:290:62 | ...::block_on(...) | file://:0:0:0:0 | fn block_on | -| main.rs:290:33:290:61 | test_async_await_async_part(...) | main.rs:274:1:284:1 | fn test_async_await_async_part | -| main.rs:294:5:294:22 | data_out_of_call(...) | main.rs:16:1:19:1 | fn data_out_of_call | -| main.rs:295:5:295:35 | data_out_of_call_side_effect1(...) | main.rs:35:1:40:1 | fn data_out_of_call_side_effect1 | -| main.rs:296:5:296:35 | data_out_of_call_side_effect2(...) | main.rs:42:1:50:1 | fn data_out_of_call_side_effect2 | -| main.rs:297:5:297:21 | data_in_to_call(...) | main.rs:56:1:59:1 | fn data_in_to_call | -| main.rs:298:5:298:23 | data_through_call(...) | main.rs:65:1:69:1 | fn data_through_call | -| main.rs:299:5:299:34 | data_through_nested_function(...) | main.rs:79:1:88:1 | fn data_through_nested_function | -| main.rs:301:5:301:24 | data_out_of_method(...) | main.rs:119:1:123:1 | fn data_out_of_method | -| main.rs:302:5:302:28 | data_in_to_method_call(...) | main.rs:125:1:129:1 | fn data_in_to_method_call | -| main.rs:303:5:303:25 | data_through_method(...) | main.rs:131:1:136:1 | fn data_through_method | -| main.rs:305:5:305:31 | test_operator_overloading(...) | main.rs:193:1:231:1 | fn test_operator_overloading | -| main.rs:306:5:306:22 | test_async_await(...) | main.rs:286:1:291:1 | fn test_async_await | +| main.rs:254:13:254:20 | a.add(...) | main.rs:220:5:223:5 | fn add | +| main.rs:255:5:255:17 | sink(...) | main.rs:5:1:7:1 | fn sink | +| main.rs:259:28:259:37 | source(...) | main.rs:1:1:3:1 | fn source | +| main.rs:262:5:262:17 | sink(...) | main.rs:5:1:7:1 | fn sink | +| main.rs:265:28:265:37 | source(...) | main.rs:1:1:3:1 | fn source | +| main.rs:266:5:266:10 | ... *= ... | main.rs:227:5:229:5 | fn mul_assign | +| main.rs:267:5:267:17 | sink(...) | main.rs:5:1:7:1 | fn sink | +| main.rs:270:28:270:37 | source(...) | main.rs:1:1:3:1 | fn source | +| main.rs:273:5:273:11 | sink(...) | main.rs:5:1:7:1 | fn sink | +| main.rs:275:28:275:37 | source(...) | main.rs:1:1:3:1 | fn source | +| main.rs:276:13:276:14 | * ... | main.rs:235:5:237:5 | fn deref | +| main.rs:277:5:277:11 | sink(...) | main.rs:5:1:7:1 | fn sink | +| main.rs:299:28:299:36 | source(...) | main.rs:1:1:3:1 | fn source | +| main.rs:301:30:301:54 | ...::take_self(...) | main.rs:289:5:291:5 | fn take_self | +| main.rs:302:5:302:11 | sink(...) | main.rs:5:1:7:1 | fn sink | +| main.rs:305:28:305:37 | source(...) | main.rs:1:1:3:1 | fn source | +| main.rs:306:30:306:56 | ...::take_second(...) | main.rs:293:5:295:5 | fn take_second | +| main.rs:307:5:307:11 | sink(...) | main.rs:5:1:7:1 | fn sink | +| main.rs:310:28:310:37 | source(...) | main.rs:1:1:3:1 | fn source | +| main.rs:311:30:311:54 | ...::take_self(...) | main.rs:289:5:291:5 | fn take_self | +| main.rs:312:5:312:11 | sink(...) | main.rs:5:1:7:1 | fn sink | +| main.rs:316:13:316:21 | source(...) | main.rs:1:1:3:1 | fn source | +| main.rs:317:5:317:11 | sink(...) | main.rs:5:1:7:1 | fn sink | +| main.rs:322:13:322:26 | async_source(...) | main.rs:315:1:319:1 | fn async_source | +| main.rs:323:5:323:11 | sink(...) | main.rs:5:1:7:1 | fn sink | +| main.rs:326:17:326:25 | source(...) | main.rs:1:1:3:1 | fn source | +| main.rs:327:9:327:15 | sink(...) | main.rs:5:1:7:1 | fn sink | +| main.rs:330:5:330:17 | sink(...) | main.rs:5:1:7:1 | fn sink | +| main.rs:334:13:334:55 | ...::block_on(...) | file://:0:0:0:0 | fn block_on | +| main.rs:334:41:334:54 | async_source(...) | main.rs:315:1:319:1 | fn async_source | +| main.rs:335:5:335:11 | sink(...) | main.rs:5:1:7:1 | fn sink | +| main.rs:337:5:337:62 | ...::block_on(...) | file://:0:0:0:0 | fn block_on | +| main.rs:337:33:337:61 | test_async_await_async_part(...) | main.rs:321:1:331:1 | fn test_async_await_async_part | +| main.rs:341:5:341:22 | data_out_of_call(...) | main.rs:16:1:19:1 | fn data_out_of_call | +| main.rs:342:5:342:35 | data_out_of_call_side_effect1(...) | main.rs:35:1:40:1 | fn data_out_of_call_side_effect1 | +| main.rs:343:5:343:35 | data_out_of_call_side_effect2(...) | main.rs:42:1:50:1 | fn data_out_of_call_side_effect2 | +| main.rs:344:5:344:21 | data_in_to_call(...) | main.rs:56:1:59:1 | fn data_in_to_call | +| main.rs:345:5:345:23 | data_through_call(...) | main.rs:65:1:69:1 | fn data_through_call | +| main.rs:346:5:346:34 | data_through_nested_function(...) | main.rs:79:1:88:1 | fn data_through_nested_function | +| main.rs:348:5:348:24 | data_out_of_method(...) | main.rs:136:1:146:1 | fn data_out_of_method | +| main.rs:349:5:349:28 | data_in_to_method_call(...) | main.rs:153:1:163:1 | fn data_in_to_method_call | +| main.rs:350:5:350:25 | data_through_method(...) | main.rs:171:1:183:1 | fn data_through_method | +| main.rs:352:5:352:31 | test_operator_overloading(...) | main.rs:240:1:278:1 | fn test_operator_overloading | +| main.rs:353:5:353:22 | test_async_await(...) | main.rs:333:1:338:1 | fn test_async_await | From 5e265b10c7f65fefca2dab42f6b581de6d125565 Mon Sep 17 00:00:00 2001 From: Tom Hvitved Date: Wed, 25 Jun 2025 14:38:54 +0200 Subject: [PATCH 076/111] Rust: Trait call dispatch in dataflow --- rust/ql/.generated.list | 1 - rust/ql/.gitattributes | 1 - .../rust/dataflow/internal/DataFlowImpl.qll | 6 +- .../rust/elements/internal/AssocItemImpl.qll | 17 +++++- .../rust/elements/internal/CallImpl.qll | 11 ++++ .../codeql/rust/internal/PathResolution.qll | 7 +++ .../dataflow/global/inline-flow.expected | 57 +++++++++++++++++++ .../library-tests/dataflow/global/main.rs | 8 +-- .../dataflow/global/viableCallable.expected | 4 ++ 9 files changed, 101 insertions(+), 11 deletions(-) diff --git a/rust/ql/.generated.list b/rust/ql/.generated.list index b53665e8af1..62f6ca7470d 100644 --- a/rust/ql/.generated.list +++ b/rust/ql/.generated.list @@ -226,7 +226,6 @@ lib/codeql/rust/elements/internal/AsmRegSpecConstructor.qll bf3e0783645622691183 lib/codeql/rust/elements/internal/AsmRegSpecImpl.qll 7ad0a5b86922e321da9f8c7ea8aefa88068b27bcea3890f981b061a204ab576d 65f13c423ef42209bd514523f21dd1e43cc4f5c191bdb85ba7128c76241f78a8 lib/codeql/rust/elements/internal/AsmSymConstructor.qll 9c7e8471081b9173f01592d4b9d22584a0d1cee6b4851050d642ddaa4017659e adc5b4b2a8cd7164da4867d83aa08c6e54c45614c1f4fc9aa1cbbedd3c20a1b3 lib/codeql/rust/elements/internal/AsmSymImpl.qll e173807c5b6cf856f5f4eaedb2be41d48db95dd8a973e1dc857a883383feec50 ab19c9f479c0272a5257ab45977c9f9dd60380fe33b4ade14f3dddf2970112de -lib/codeql/rust/elements/internal/AssocItemImpl.qll 33be2a25b94eb32c44b973351f0babf6d46d35d5a0a06f1064418c94c40b01e9 5e42adb18b5c2f9246573d7965ce91013370f16d92d8f7bda31232cef7a549c6 lib/codeql/rust/elements/internal/AssocItemListConstructor.qll 1977164a68d52707ddee2f16e4d5a3de07280864510648750016010baec61637 bb750f1a016b42a32583b423655279e967be5def66f6b68c5018ec1e022e25e1 lib/codeql/rust/elements/internal/AssocItemListImpl.qll 70e82744464827326bfc394dab417f39905db155fb631f804bf1f27e23892698 760c7b42137d010e15920f9623e461daaf16518ab44a36a15259e549ecd4fa7a lib/codeql/rust/elements/internal/AssocTypeArgConstructor.qll 58b4ac5a532e55d71f77a5af8eadaf7ba53a8715c398f48285dac1db3a6c87a3 f0d889f32d9ea7bd633b495df014e39af24454608253200c05721022948bd856 diff --git a/rust/ql/.gitattributes b/rust/ql/.gitattributes index 03d6e465cf0..37081514e73 100644 --- a/rust/ql/.gitattributes +++ b/rust/ql/.gitattributes @@ -228,7 +228,6 @@ /lib/codeql/rust/elements/internal/AsmRegSpecImpl.qll linguist-generated /lib/codeql/rust/elements/internal/AsmSymConstructor.qll linguist-generated /lib/codeql/rust/elements/internal/AsmSymImpl.qll linguist-generated -/lib/codeql/rust/elements/internal/AssocItemImpl.qll linguist-generated /lib/codeql/rust/elements/internal/AssocItemListConstructor.qll linguist-generated /lib/codeql/rust/elements/internal/AssocItemListImpl.qll linguist-generated /lib/codeql/rust/elements/internal/AssocTypeArgConstructor.qll linguist-generated diff --git a/rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll b/rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll index fb3a46d7866..7cd200a83c7 100644 --- a/rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll +++ b/rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll @@ -404,10 +404,10 @@ module RustDataFlow implements InputSig { /** Gets a viable implementation of the target of the given `Call`. */ DataFlowCallable viableCallable(DataFlowCall call) { - exists(Callable target | target = call.asCallCfgNode().getCall().getStaticTarget() | - target = result.asCfgScope() + exists(Call c | c = call.asCallCfgNode().getCall() | + result.asCfgScope() = c.getARuntimeTarget() or - target = result.asSummarizedCallable() + result.asSummarizedCallable() = c.getStaticTarget() ) } diff --git a/rust/ql/lib/codeql/rust/elements/internal/AssocItemImpl.qll b/rust/ql/lib/codeql/rust/elements/internal/AssocItemImpl.qll index 68e2945d377..e731dd5a521 100644 --- a/rust/ql/lib/codeql/rust/elements/internal/AssocItemImpl.qll +++ b/rust/ql/lib/codeql/rust/elements/internal/AssocItemImpl.qll @@ -1,4 +1,3 @@ -// generated by codegen, remove this comment if you wish to edit this file /** * This module provides a hand-modifiable wrapper around the generated class `AssocItem`. * @@ -12,6 +11,10 @@ private import codeql.rust.elements.internal.generated.AssocItem * be referenced directly. */ module Impl { + private import rust + private import codeql.rust.internal.PathResolution + + // the following QLdoc is generated: if you need to edit it, do it in the schema file /** * An associated item in a `Trait` or `Impl`. * @@ -21,5 +24,15 @@ module Impl { * // ^^^^^^^^^^^^^ * ``` */ - class AssocItem extends Generated::AssocItem { } + class AssocItem extends Generated::AssocItem { + /** Holds if this item implements trait item `other`. */ + pragma[nomagic] + predicate implements(AssocItem other) { + exists(TraitItemNode t, ImplItemNode i, string name | + other = t.getAssocItem(pragma[only_bind_into](name)) and + t = i.resolveTraitTy() and + this = i.getAssocItem(pragma[only_bind_into](name)) + ) + } + } } diff --git a/rust/ql/lib/codeql/rust/elements/internal/CallImpl.qll b/rust/ql/lib/codeql/rust/elements/internal/CallImpl.qll index 9cd45ca7670..bfa6f9b7242 100644 --- a/rust/ql/lib/codeql/rust/elements/internal/CallImpl.qll +++ b/rust/ql/lib/codeql/rust/elements/internal/CallImpl.qll @@ -65,6 +65,17 @@ module Impl { not exists(TypeInference::resolveMethodCallTarget(this)) and result = this.(CallExpr).getStaticTarget() } + + /** Gets a runtime target of this call, if any. */ + pragma[nomagic] + Function getARuntimeTarget() { + result.hasImplementation() and + ( + result = this.getStaticTarget() + or + result.implements(this.getStaticTarget()) + ) + } } /** Holds if the call expression dispatches to a trait method. */ diff --git a/rust/ql/lib/codeql/rust/internal/PathResolution.qll b/rust/ql/lib/codeql/rust/internal/PathResolution.qll index 2f8c051d770..2be4d0f24b5 100644 --- a/rust/ql/lib/codeql/rust/internal/PathResolution.qll +++ b/rust/ql/lib/codeql/rust/internal/PathResolution.qll @@ -540,6 +540,13 @@ abstract class ImplOrTraitItemNode extends ItemNode { /** Gets an associated item belonging to this trait or `impl` block. */ abstract AssocItemNode getAnAssocItem(); + /** Gets the associated item named `name` belonging to this trait or `impl` block. */ + pragma[nomagic] + AssocItemNode getAssocItem(string name) { + result = this.getAnAssocItem() and + result.getName() = name + } + /** Holds if this trait or `impl` block declares an associated item named `name`. */ pragma[nomagic] predicate hasAssocItem(string name) { name = this.getAnAssocItem().getName() } diff --git a/rust/ql/test/library-tests/dataflow/global/inline-flow.expected b/rust/ql/test/library-tests/dataflow/global/inline-flow.expected index 6d1d75c74da..da5840528f5 100644 --- a/rust/ql/test/library-tests/dataflow/global/inline-flow.expected +++ b/rust/ql/test/library-tests/dataflow/global/inline-flow.expected @@ -53,19 +53,31 @@ edges | main.rs:109:35:109:43 | source(...) | main.rs:108:30:110:5 | { ... } | provenance | | | main.rs:112:27:112:32 | ...: i64 | main.rs:112:42:114:5 | { ... } | provenance | | | main.rs:118:28:118:33 | ...: i64 | main.rs:119:14:119:14 | n | provenance | | +| main.rs:122:36:124:5 | { ... } | main.rs:132:13:132:30 | x.get_data_trait() | provenance | | | main.rs:122:36:124:5 | { ... } | main.rs:142:13:142:31 | mn.get_data_trait() | provenance | | | main.rs:123:35:123:44 | source(...) | main.rs:122:36:124:5 | { ... } | provenance | | | main.rs:126:33:126:38 | ...: i64 | main.rs:126:48:128:5 | { ... } | provenance | | +| main.rs:132:9:132:9 | a | main.rs:133:10:133:10 | a | provenance | | +| main.rs:132:13:132:30 | x.get_data_trait() | main.rs:132:9:132:9 | a | provenance | | | main.rs:138:9:138:9 | a | main.rs:139:10:139:10 | a | provenance | | | main.rs:138:13:138:25 | mn.get_data() | main.rs:138:9:138:9 | a | provenance | | | main.rs:142:9:142:9 | a | main.rs:143:10:143:10 | a | provenance | | | main.rs:142:13:142:31 | mn.get_data_trait() | main.rs:142:9:142:9 | a | provenance | | +| main.rs:149:9:149:9 | a | main.rs:150:21:150:21 | a | provenance | | +| main.rs:149:13:149:22 | source(...) | main.rs:149:9:149:9 | a | provenance | | +| main.rs:150:21:150:21 | a | main.rs:118:28:118:33 | ...: i64 | provenance | | | main.rs:155:9:155:9 | a | main.rs:156:16:156:16 | a | provenance | | | main.rs:155:13:155:21 | source(...) | main.rs:155:9:155:9 | a | provenance | | | main.rs:156:16:156:16 | a | main.rs:104:22:104:27 | ...: i64 | provenance | | | main.rs:159:9:159:9 | a | main.rs:160:22:160:22 | a | provenance | | | main.rs:159:13:159:22 | source(...) | main.rs:159:9:159:9 | a | provenance | | | main.rs:160:22:160:22 | a | main.rs:118:28:118:33 | ...: i64 | provenance | | +| main.rs:166:9:166:9 | a | main.rs:167:34:167:34 | a | provenance | | +| main.rs:166:13:166:22 | source(...) | main.rs:166:9:166:9 | a | provenance | | +| main.rs:167:9:167:9 | b | main.rs:168:10:168:10 | b | provenance | | +| main.rs:167:13:167:35 | x.data_through_trait(...) | main.rs:167:9:167:9 | b | provenance | | +| main.rs:167:34:167:34 | a | main.rs:126:33:126:38 | ...: i64 | provenance | | +| main.rs:167:34:167:34 | a | main.rs:167:13:167:35 | x.data_through_trait(...) | provenance | | | main.rs:173:9:173:9 | a | main.rs:174:29:174:29 | a | provenance | | | main.rs:173:13:173:21 | source(...) | main.rs:173:9:173:9 | a | provenance | | | main.rs:174:9:174:9 | b | main.rs:175:10:175:10 | b | provenance | | @@ -100,6 +112,11 @@ edges | main.rs:222:9:222:35 | MyInt {...} [MyInt] | main.rs:220:42:223:5 | { ... } [MyInt] | provenance | | | main.rs:222:24:222:27 | self [MyInt] | main.rs:222:24:222:33 | self.value | provenance | | | main.rs:222:24:222:33 | self.value | main.rs:222:9:222:35 | MyInt {...} [MyInt] | provenance | | +| main.rs:227:30:227:39 | ...: MyInt [MyInt] | main.rs:228:25:228:27 | rhs [MyInt] | provenance | | +| main.rs:228:10:228:14 | [post] * ... [MyInt] | main.rs:228:11:228:14 | [post] self [&ref, MyInt] | provenance | | +| main.rs:228:11:228:14 | [post] self [&ref, MyInt] | main.rs:227:19:227:27 | SelfParam [Return] [&ref, MyInt] | provenance | | +| main.rs:228:25:228:27 | rhs [MyInt] | main.rs:228:25:228:33 | rhs.value | provenance | | +| main.rs:228:25:228:33 | rhs.value | main.rs:228:10:228:14 | [post] * ... [MyInt] | provenance | | | main.rs:242:9:242:9 | a [MyInt] | main.rs:244:13:244:13 | a [MyInt] | provenance | | | main.rs:242:13:242:38 | MyInt {...} [MyInt] | main.rs:242:9:242:9 | a [MyInt] | provenance | | | main.rs:242:28:242:36 | source(...) | main.rs:242:13:242:38 | MyInt {...} [MyInt] | provenance | | @@ -115,6 +132,14 @@ edges | main.rs:254:9:254:9 | d [MyInt] | main.rs:255:10:255:10 | d [MyInt] | provenance | | | main.rs:254:13:254:20 | a.add(...) [MyInt] | main.rs:254:9:254:9 | d [MyInt] | provenance | | | main.rs:255:10:255:10 | d [MyInt] | main.rs:255:10:255:16 | d.value | provenance | | +| main.rs:259:9:259:9 | b [MyInt] | main.rs:261:35:261:35 | b [MyInt] | provenance | | +| main.rs:259:13:259:39 | MyInt {...} [MyInt] | main.rs:259:9:259:9 | b [MyInt] | provenance | | +| main.rs:259:28:259:37 | source(...) | main.rs:259:13:259:39 | MyInt {...} [MyInt] | provenance | | +| main.rs:261:27:261:32 | [post] &mut a [&ref, MyInt] | main.rs:261:32:261:32 | [post] a [MyInt] | provenance | | +| main.rs:261:32:261:32 | [post] a [MyInt] | main.rs:262:10:262:10 | a [MyInt] | provenance | | +| main.rs:261:35:261:35 | b [MyInt] | main.rs:227:30:227:39 | ...: MyInt [MyInt] | provenance | | +| main.rs:261:35:261:35 | b [MyInt] | main.rs:261:27:261:32 | [post] &mut a [&ref, MyInt] | provenance | | +| main.rs:262:10:262:10 | a [MyInt] | main.rs:262:10:262:16 | a.value | provenance | | | main.rs:289:18:289:21 | SelfParam [MyInt] | main.rs:289:48:291:5 | { ... } [MyInt] | provenance | | | main.rs:293:26:293:37 | ...: MyInt [MyInt] | main.rs:293:49:295:5 | { ... } [MyInt] | provenance | | | main.rs:299:9:299:9 | a [MyInt] | main.rs:301:50:301:50 | a [MyInt] | provenance | | @@ -206,18 +231,30 @@ nodes | main.rs:123:35:123:44 | source(...) | semmle.label | source(...) | | main.rs:126:33:126:38 | ...: i64 | semmle.label | ...: i64 | | main.rs:126:48:128:5 | { ... } | semmle.label | { ... } | +| main.rs:132:9:132:9 | a | semmle.label | a | +| main.rs:132:13:132:30 | x.get_data_trait() | semmle.label | x.get_data_trait() | +| main.rs:133:10:133:10 | a | semmle.label | a | | main.rs:138:9:138:9 | a | semmle.label | a | | main.rs:138:13:138:25 | mn.get_data() | semmle.label | mn.get_data() | | main.rs:139:10:139:10 | a | semmle.label | a | | main.rs:142:9:142:9 | a | semmle.label | a | | main.rs:142:13:142:31 | mn.get_data_trait() | semmle.label | mn.get_data_trait() | | main.rs:143:10:143:10 | a | semmle.label | a | +| main.rs:149:9:149:9 | a | semmle.label | a | +| main.rs:149:13:149:22 | source(...) | semmle.label | source(...) | +| main.rs:150:21:150:21 | a | semmle.label | a | | main.rs:155:9:155:9 | a | semmle.label | a | | main.rs:155:13:155:21 | source(...) | semmle.label | source(...) | | main.rs:156:16:156:16 | a | semmle.label | a | | main.rs:159:9:159:9 | a | semmle.label | a | | main.rs:159:13:159:22 | source(...) | semmle.label | source(...) | | main.rs:160:22:160:22 | a | semmle.label | a | +| main.rs:166:9:166:9 | a | semmle.label | a | +| main.rs:166:13:166:22 | source(...) | semmle.label | source(...) | +| main.rs:167:9:167:9 | b | semmle.label | b | +| main.rs:167:13:167:35 | x.data_through_trait(...) | semmle.label | x.data_through_trait(...) | +| main.rs:167:34:167:34 | a | semmle.label | a | +| main.rs:168:10:168:10 | b | semmle.label | b | | main.rs:173:9:173:9 | a | semmle.label | a | | main.rs:173:13:173:21 | source(...) | semmle.label | source(...) | | main.rs:174:9:174:9 | b | semmle.label | b | @@ -254,6 +291,12 @@ nodes | main.rs:222:9:222:35 | MyInt {...} [MyInt] | semmle.label | MyInt {...} [MyInt] | | main.rs:222:24:222:27 | self [MyInt] | semmle.label | self [MyInt] | | main.rs:222:24:222:33 | self.value | semmle.label | self.value | +| main.rs:227:19:227:27 | SelfParam [Return] [&ref, MyInt] | semmle.label | SelfParam [Return] [&ref, MyInt] | +| main.rs:227:30:227:39 | ...: MyInt [MyInt] | semmle.label | ...: MyInt [MyInt] | +| main.rs:228:10:228:14 | [post] * ... [MyInt] | semmle.label | [post] * ... [MyInt] | +| main.rs:228:11:228:14 | [post] self [&ref, MyInt] | semmle.label | [post] self [&ref, MyInt] | +| main.rs:228:25:228:27 | rhs [MyInt] | semmle.label | rhs [MyInt] | +| main.rs:228:25:228:33 | rhs.value | semmle.label | rhs.value | | main.rs:242:9:242:9 | a [MyInt] | semmle.label | a [MyInt] | | main.rs:242:13:242:38 | MyInt {...} [MyInt] | semmle.label | MyInt {...} [MyInt] | | main.rs:242:28:242:36 | source(...) | semmle.label | source(...) | @@ -269,6 +312,14 @@ nodes | main.rs:254:13:254:20 | a.add(...) [MyInt] | semmle.label | a.add(...) [MyInt] | | main.rs:255:10:255:10 | d [MyInt] | semmle.label | d [MyInt] | | main.rs:255:10:255:16 | d.value | semmle.label | d.value | +| main.rs:259:9:259:9 | b [MyInt] | semmle.label | b [MyInt] | +| main.rs:259:13:259:39 | MyInt {...} [MyInt] | semmle.label | MyInt {...} [MyInt] | +| main.rs:259:28:259:37 | source(...) | semmle.label | source(...) | +| main.rs:261:27:261:32 | [post] &mut a [&ref, MyInt] | semmle.label | [post] &mut a [&ref, MyInt] | +| main.rs:261:32:261:32 | [post] a [MyInt] | semmle.label | [post] a [MyInt] | +| main.rs:261:35:261:35 | b [MyInt] | semmle.label | b [MyInt] | +| main.rs:262:10:262:10 | a [MyInt] | semmle.label | a [MyInt] | +| main.rs:262:10:262:16 | a.value | semmle.label | a.value | | main.rs:289:18:289:21 | SelfParam [MyInt] | semmle.label | SelfParam [MyInt] | | main.rs:289:48:291:5 | { ... } [MyInt] | semmle.label | { ... } [MyInt] | | main.rs:293:26:293:37 | ...: MyInt [MyInt] | semmle.label | ...: MyInt [MyInt] | @@ -308,12 +359,14 @@ subpaths | main.rs:67:26:67:26 | a | main.rs:61:17:61:22 | ...: i64 | main.rs:61:32:63:1 | { ... } | main.rs:67:13:67:27 | pass_through(...) | | main.rs:72:26:75:5 | { ... } | main.rs:61:17:61:22 | ...: i64 | main.rs:61:32:63:1 | { ... } | main.rs:72:13:75:6 | pass_through(...) | | main.rs:86:26:86:26 | a | main.rs:82:21:82:26 | ...: i64 | main.rs:82:36:84:5 | { ... } | main.rs:86:13:86:27 | pass_through(...) | +| main.rs:167:34:167:34 | a | main.rs:126:33:126:38 | ...: i64 | main.rs:126:48:128:5 | { ... } | main.rs:167:13:167:35 | x.data_through_trait(...) | | main.rs:174:29:174:29 | a | main.rs:112:27:112:32 | ...: i64 | main.rs:112:42:114:5 | { ... } | main.rs:174:13:174:30 | mn.data_through(...) | | main.rs:179:35:179:35 | a | main.rs:126:33:126:38 | ...: i64 | main.rs:126:48:128:5 | { ... } | main.rs:179:13:179:36 | mn.data_through_trait(...) | | main.rs:194:38:194:38 | a | main.rs:112:27:112:32 | ...: i64 | main.rs:112:42:114:5 | { ... } | main.rs:194:13:194:39 | ...::data_through(...) | | main.rs:212:24:212:33 | source(...) | main.rs:206:12:206:17 | ...: i64 | main.rs:206:28:208:5 | { ... } [MyInt] | main.rs:212:13:212:34 | ...::new(...) [MyInt] | | main.rs:244:13:244:13 | a [MyInt] | main.rs:220:12:220:15 | SelfParam [MyInt] | main.rs:220:42:223:5 | { ... } [MyInt] | main.rs:244:13:244:17 | ... + ... [MyInt] | | main.rs:252:9:252:9 | a [MyInt] | main.rs:220:12:220:15 | SelfParam [MyInt] | main.rs:220:42:223:5 | { ... } [MyInt] | main.rs:254:13:254:20 | a.add(...) [MyInt] | +| main.rs:261:35:261:35 | b [MyInt] | main.rs:227:30:227:39 | ...: MyInt [MyInt] | main.rs:227:19:227:27 | SelfParam [Return] [&ref, MyInt] | main.rs:261:27:261:32 | [post] &mut a [&ref, MyInt] | | main.rs:301:50:301:50 | a [MyInt] | main.rs:289:18:289:21 | SelfParam [MyInt] | main.rs:289:48:291:5 | { ... } [MyInt] | main.rs:301:30:301:54 | ...::take_self(...) [MyInt] | | main.rs:306:55:306:55 | b [MyInt] | main.rs:293:26:293:37 | ...: MyInt [MyInt] | main.rs:293:49:295:5 | { ... } [MyInt] | main.rs:306:30:306:56 | ...::take_second(...) [MyInt] | testFailures @@ -327,15 +380,19 @@ testFailures | main.rs:87:10:87:10 | b | main.rs:80:13:80:22 | source(...) | main.rs:87:10:87:10 | b | $@ | main.rs:80:13:80:22 | source(...) | source(...) | | main.rs:105:14:105:14 | n | main.rs:155:13:155:21 | source(...) | main.rs:105:14:105:14 | n | $@ | main.rs:155:13:155:21 | source(...) | source(...) | | main.rs:105:14:105:14 | n | main.rs:187:13:187:21 | source(...) | main.rs:105:14:105:14 | n | $@ | main.rs:187:13:187:21 | source(...) | source(...) | +| main.rs:119:14:119:14 | n | main.rs:149:13:149:22 | source(...) | main.rs:119:14:119:14 | n | $@ | main.rs:149:13:149:22 | source(...) | source(...) | | main.rs:119:14:119:14 | n | main.rs:159:13:159:22 | source(...) | main.rs:119:14:119:14 | n | $@ | main.rs:159:13:159:22 | source(...) | source(...) | +| main.rs:133:10:133:10 | a | main.rs:123:35:123:44 | source(...) | main.rs:133:10:133:10 | a | $@ | main.rs:123:35:123:44 | source(...) | source(...) | | main.rs:139:10:139:10 | a | main.rs:109:35:109:43 | source(...) | main.rs:139:10:139:10 | a | $@ | main.rs:109:35:109:43 | source(...) | source(...) | | main.rs:143:10:143:10 | a | main.rs:123:35:123:44 | source(...) | main.rs:143:10:143:10 | a | $@ | main.rs:123:35:123:44 | source(...) | source(...) | +| main.rs:168:10:168:10 | b | main.rs:166:13:166:22 | source(...) | main.rs:168:10:168:10 | b | $@ | main.rs:166:13:166:22 | source(...) | source(...) | | main.rs:175:10:175:10 | b | main.rs:173:13:173:21 | source(...) | main.rs:175:10:175:10 | b | $@ | main.rs:173:13:173:21 | source(...) | source(...) | | main.rs:180:10:180:10 | b | main.rs:178:13:178:22 | source(...) | main.rs:180:10:180:10 | b | $@ | main.rs:178:13:178:22 | source(...) | source(...) | | main.rs:195:10:195:10 | b | main.rs:193:13:193:22 | source(...) | main.rs:195:10:195:10 | b | $@ | main.rs:193:13:193:22 | source(...) | source(...) | | main.rs:214:10:214:10 | m | main.rs:212:24:212:33 | source(...) | main.rs:214:10:214:10 | m | $@ | main.rs:212:24:212:33 | source(...) | source(...) | | main.rs:245:10:245:16 | c.value | main.rs:242:28:242:36 | source(...) | main.rs:245:10:245:16 | c.value | $@ | main.rs:242:28:242:36 | source(...) | source(...) | | main.rs:255:10:255:16 | d.value | main.rs:252:28:252:36 | source(...) | main.rs:255:10:255:16 | d.value | $@ | main.rs:252:28:252:36 | source(...) | source(...) | +| main.rs:262:10:262:16 | a.value | main.rs:259:28:259:37 | source(...) | main.rs:262:10:262:16 | a.value | $@ | main.rs:259:28:259:37 | source(...) | source(...) | | main.rs:302:10:302:10 | c | main.rs:299:28:299:36 | source(...) | main.rs:302:10:302:10 | c | $@ | main.rs:299:28:299:36 | source(...) | source(...) | | main.rs:307:10:307:10 | c | main.rs:305:28:305:37 | source(...) | main.rs:307:10:307:10 | c | $@ | main.rs:305:28:305:37 | source(...) | source(...) | | main.rs:317:10:317:10 | a | main.rs:316:13:316:21 | source(...) | main.rs:317:10:317:10 | a | $@ | main.rs:316:13:316:21 | source(...) | source(...) | diff --git a/rust/ql/test/library-tests/dataflow/global/main.rs b/rust/ql/test/library-tests/dataflow/global/main.rs index 3c83ca6bd6d..b66ef27726b 100644 --- a/rust/ql/test/library-tests/dataflow/global/main.rs +++ b/rust/ql/test/library-tests/dataflow/global/main.rs @@ -116,7 +116,7 @@ impl MyFlag { impl MyTrait for MyFlag { fn data_in_trait(self, n: i64) { - sink(n); // $ hasValueFlow=22 $ MISSING: hasValueFlow=31 + sink(n); // $ hasValueFlow=22 $ hasValueFlow=31 } fn get_data_trait(self) -> i64 { @@ -130,7 +130,7 @@ impl MyTrait for MyFlag { fn data_out_of_method_trait_dispatch(x: T) { let a = x.get_data_trait(); - sink(a); // $ MISSING: hasValueFlow=21 + sink(a); // $ hasValueFlow=21 } fn data_out_of_method() { @@ -165,7 +165,7 @@ fn data_in_to_method_call() { fn data_through_method_trait_dispatch(x: T) { let a = source(34); let b = x.data_through_trait(a); - sink(b); // $ MISSING: hasValueFlow=34 + sink(b); // $ hasValueFlow=34 } fn data_through_method() { @@ -259,7 +259,7 @@ fn test_operator_overloading() { let b = MyInt { value: source(34) }; // The line below is what `*=` desugars to. MulAssign::mul_assign(&mut a, b); - sink(a.value); // $ MISSING: hasValueFlow=34 + sink(a.value); // $ hasValueFlow=34 let mut a = MyInt { value: 0 }; let b = MyInt { value: source(35) }; diff --git a/rust/ql/test/library-tests/dataflow/global/viableCallable.expected b/rust/ql/test/library-tests/dataflow/global/viableCallable.expected index 664e720e984..9c7a9e19141 100644 --- a/rust/ql/test/library-tests/dataflow/global/viableCallable.expected +++ b/rust/ql/test/library-tests/dataflow/global/viableCallable.expected @@ -27,6 +27,7 @@ | main.rs:109:35:109:43 | source(...) | main.rs:1:1:3:1 | fn source | | main.rs:119:9:119:15 | sink(...) | main.rs:5:1:7:1 | fn sink | | main.rs:123:35:123:44 | source(...) | main.rs:1:1:3:1 | fn source | +| main.rs:132:13:132:30 | x.get_data_trait() | main.rs:122:5:124:5 | fn get_data_trait | | main.rs:133:5:133:11 | sink(...) | main.rs:5:1:7:1 | fn sink | | main.rs:138:13:138:25 | mn.get_data() | main.rs:108:5:110:5 | fn get_data | | main.rs:139:5:139:11 | sink(...) | main.rs:5:1:7:1 | fn sink | @@ -34,12 +35,14 @@ | main.rs:143:5:143:11 | sink(...) | main.rs:5:1:7:1 | fn sink | | main.rs:145:5:145:60 | data_out_of_method_trait_dispatch(...) | main.rs:131:1:134:1 | fn data_out_of_method_trait_dispatch | | main.rs:149:13:149:22 | source(...) | main.rs:1:1:3:1 | fn source | +| main.rs:150:5:150:22 | x.data_in_trait(...) | main.rs:118:5:120:5 | fn data_in_trait | | main.rs:155:13:155:21 | source(...) | main.rs:1:1:3:1 | fn source | | main.rs:156:5:156:17 | mn.data_in(...) | main.rs:104:5:106:5 | fn data_in | | main.rs:159:13:159:22 | source(...) | main.rs:1:1:3:1 | fn source | | main.rs:160:5:160:23 | mn.data_in_trait(...) | main.rs:118:5:120:5 | fn data_in_trait | | main.rs:162:5:162:64 | data_in_to_method_call_trait_dispatch(...) | main.rs:148:1:151:1 | fn data_in_to_method_call_trait_dispatch | | main.rs:166:13:166:22 | source(...) | main.rs:1:1:3:1 | fn source | +| main.rs:167:13:167:35 | x.data_through_trait(...) | main.rs:126:5:128:5 | fn data_through_trait | | main.rs:168:5:168:11 | sink(...) | main.rs:5:1:7:1 | fn sink | | main.rs:173:13:173:21 | source(...) | main.rs:1:1:3:1 | fn source | | main.rs:174:13:174:30 | mn.data_through(...) | main.rs:112:5:114:5 | fn data_through | @@ -68,6 +71,7 @@ | main.rs:254:13:254:20 | a.add(...) | main.rs:220:5:223:5 | fn add | | main.rs:255:5:255:17 | sink(...) | main.rs:5:1:7:1 | fn sink | | main.rs:259:28:259:37 | source(...) | main.rs:1:1:3:1 | fn source | +| main.rs:261:5:261:36 | ...::mul_assign(...) | main.rs:227:5:229:5 | fn mul_assign | | main.rs:262:5:262:17 | sink(...) | main.rs:5:1:7:1 | fn sink | | main.rs:265:28:265:37 | source(...) | main.rs:1:1:3:1 | fn source | | main.rs:266:5:266:10 | ... *= ... | main.rs:227:5:229:5 | fn mul_assign | From 3e54c61f52f62e2c342e1e29be579c3bfbf51d7e Mon Sep 17 00:00:00 2001 From: Tom Hvitved Date: Wed, 25 Jun 2025 20:48:46 +0200 Subject: [PATCH 077/111] Rust: Add MaD trait tests --- .../library-tests/dataflow/models/main.rs | 84 ++- .../dataflow/models/models.expected | 655 ++++++++++-------- .../dataflow/models/models.ext.yml | 2 + 3 files changed, 439 insertions(+), 302 deletions(-) diff --git a/rust/ql/test/library-tests/dataflow/models/main.rs b/rust/ql/test/library-tests/dataflow/models/main.rs index 54337a1f021..e9348419d57 100644 --- a/rust/ql/test/library-tests/dataflow/models/main.rs +++ b/rust/ql/test/library-tests/dataflow/models/main.rs @@ -2,8 +2,8 @@ fn source(i: i64) -> i64 { 1000 + i } -fn sink(s: i64) { - println!("{}", s); +fn sink(s: T) { + println!("{:?}", s); } // has a flow model @@ -176,7 +176,10 @@ fn test_set_tuple_element() { } // has a flow model -pub fn apply(n: i64, f: F) -> i64 where F : FnOnce(i64) -> i64 { +pub fn apply(n: i64, f: F) -> i64 +where + F: FnOnce(i64) -> i64, +{ 0 } @@ -288,6 +291,81 @@ fn test_arg_source() { sink(i) // $ hasValueFlow=i } +struct MyStruct2(i64); + +impl PartialEq for MyStruct { + fn eq(&self, other: &Self) -> bool { + true + } +} + +impl PartialEq for MyStruct2 { + fn eq(&self, other: &Self) -> bool { + self.0 == other.0 + } +} + +impl Eq for MyStruct {} + +impl Eq for MyStruct2 {} + +use std::cmp::Ordering; + +impl PartialOrd for MyStruct { + fn partial_cmp(&self, other: &Self) -> Option { + Some(Ordering::Equal) + } +} + +impl PartialOrd for MyStruct2 { + fn partial_cmp(&self, other: &Self) -> Option { + Some(self.0.cmp(&other.0)) + } +} + +impl Ord for MyStruct { + fn cmp(&self, other: &Self) -> Ordering { + Ordering::Equal + } +} + +impl Ord for MyStruct2 { + fn cmp(&self, other: &Self) -> Ordering { + self.0.cmp(&other.0) + } + + fn max(self, other: Self) -> Self { + other + } +} + +fn test_trait_model(x: T) { + let x1 = source(20).max(0); + sink(x1); // $ hasValueFlow=20 + + let x2 = (MyStruct { + field1: source(23), + field2: 0, + }) + .max(MyStruct { + field1: 0, + field2: 0, + }); + sink(x2.field1); // $ hasValueFlow=23 + + let x3 = MyStruct2(source(24)).max(MyStruct2(0)); + sink(x3.0); // no flow, because the model does not apply when the target is in source code + + let x4 = source(25).max(1); + sink(x4); // $ hasValueFlow=25 + + let x5 = source(26).lt(&1); + sink(x5); // $ MISSING: hasTaintFlow=26 + + let x6 = source(27) < 1; + sink(x6); // $ MISSING: hasTaintFlow=27 +} + #[tokio::main] async fn main() { test_identify(); diff --git a/rust/ql/test/library-tests/dataflow/models/models.expected b/rust/ql/test/library-tests/dataflow/models/models.expected index 9016ebae47e..ad236a80088 100644 --- a/rust/ql/test/library-tests/dataflow/models/models.expected +++ b/rust/ql/test/library-tests/dataflow/models/models.expected @@ -6,20 +6,21 @@ models | 5 | Source: main::arg_source; Argument[0]; test-source | | 6 | Source: main::enum_source; ReturnValue.Field[main::MyFieldEnum::D::field_d]; test-source | | 7 | Source: main::simple_source; ReturnValue; test-source | -| 8 | Summary: main::apply; Argument[0]; Argument[1].Parameter[0]; value | -| 9 | Summary: main::apply; Argument[1].ReturnValue; ReturnValue; value | -| 10 | Summary: main::coerce; Argument[0]; ReturnValue; taint | -| 11 | Summary: main::get_array_element; Argument[0].Element; ReturnValue; value | -| 12 | Summary: main::get_async_number; Argument[0]; ReturnValue.Future; value | -| 13 | Summary: main::get_struct_field; Argument[0].Field[main::MyStruct::field1]; ReturnValue; value | -| 14 | Summary: main::get_tuple_element; Argument[0].Field[0]; ReturnValue; value | -| 15 | Summary: main::get_var_field; Argument[0].Field[main::MyFieldEnum::C::field_c]; ReturnValue; value | -| 16 | Summary: main::get_var_pos; Argument[0].Field[main::MyPosEnum::A(0)]; ReturnValue; value | -| 17 | Summary: main::set_array_element; Argument[0]; ReturnValue.Element; value | -| 18 | Summary: main::set_struct_field; Argument[0]; ReturnValue.Field[main::MyStruct::field2]; value | -| 19 | Summary: main::set_tuple_element; Argument[0]; ReturnValue.Field[1]; value | -| 20 | Summary: main::set_var_field; Argument[0]; ReturnValue.Field[main::MyFieldEnum::D::field_d]; value | -| 21 | Summary: main::set_var_pos; Argument[0]; ReturnValue.Field[main::MyPosEnum::B(0)]; value | +| 8 | Summary: <_ as core::cmp::Ord>::max; Argument[self]; ReturnValue; value | +| 9 | Summary: main::apply; Argument[0]; Argument[1].Parameter[0]; value | +| 10 | Summary: main::apply; Argument[1].ReturnValue; ReturnValue; value | +| 11 | Summary: main::coerce; Argument[0]; ReturnValue; taint | +| 12 | Summary: main::get_array_element; Argument[0].Element; ReturnValue; value | +| 13 | Summary: main::get_async_number; Argument[0]; ReturnValue.Future; value | +| 14 | Summary: main::get_struct_field; Argument[0].Field[main::MyStruct::field1]; ReturnValue; value | +| 15 | Summary: main::get_tuple_element; Argument[0].Field[0]; ReturnValue; value | +| 16 | Summary: main::get_var_field; Argument[0].Field[main::MyFieldEnum::C::field_c]; ReturnValue; value | +| 17 | Summary: main::get_var_pos; Argument[0].Field[main::MyPosEnum::A(0)]; ReturnValue; value | +| 18 | Summary: main::set_array_element; Argument[0]; ReturnValue.Element; value | +| 19 | Summary: main::set_struct_field; Argument[0]; ReturnValue.Field[main::MyStruct::field2]; value | +| 20 | Summary: main::set_tuple_element; Argument[0]; ReturnValue.Field[1]; value | +| 21 | Summary: main::set_var_field; Argument[0]; ReturnValue.Field[main::MyFieldEnum::D::field_d]; value | +| 22 | Summary: main::set_var_pos; Argument[0]; ReturnValue.Field[main::MyPosEnum::B(0)]; value | edges | main.rs:15:9:15:9 | s | main.rs:16:19:16:19 | s | provenance | | | main.rs:15:9:15:9 | s | main.rs:16:19:16:19 | s | provenance | | @@ -29,7 +30,7 @@ edges | main.rs:16:19:16:19 | s | main.rs:16:10:16:20 | identity(...) | provenance | QL | | main.rs:25:9:25:9 | s | main.rs:26:17:26:17 | s | provenance | | | main.rs:25:13:25:22 | source(...) | main.rs:25:9:25:9 | s | provenance | | -| main.rs:26:17:26:17 | s | main.rs:26:10:26:18 | coerce(...) | provenance | MaD:10 | +| main.rs:26:17:26:17 | s | main.rs:26:10:26:18 | coerce(...) | provenance | MaD:11 | | main.rs:40:9:40:9 | s | main.rs:41:27:41:27 | s | provenance | | | main.rs:40:9:40:9 | s | main.rs:41:27:41:27 | s | provenance | | | main.rs:40:13:40:21 | source(...) | main.rs:40:9:40:9 | s | provenance | | @@ -40,8 +41,8 @@ edges | main.rs:41:14:41:28 | ...::A(...) [A] | main.rs:41:9:41:10 | e1 [A] | provenance | | | main.rs:41:27:41:27 | s | main.rs:41:14:41:28 | ...::A(...) [A] | provenance | | | main.rs:41:27:41:27 | s | main.rs:41:14:41:28 | ...::A(...) [A] | provenance | | -| main.rs:42:22:42:23 | e1 [A] | main.rs:42:10:42:24 | get_var_pos(...) | provenance | MaD:16 | -| main.rs:42:22:42:23 | e1 [A] | main.rs:42:10:42:24 | get_var_pos(...) | provenance | MaD:16 | +| main.rs:42:22:42:23 | e1 [A] | main.rs:42:10:42:24 | get_var_pos(...) | provenance | MaD:17 | +| main.rs:42:22:42:23 | e1 [A] | main.rs:42:10:42:24 | get_var_pos(...) | provenance | MaD:17 | | main.rs:53:9:53:9 | s | main.rs:54:26:54:26 | s | provenance | | | main.rs:53:9:53:9 | s | main.rs:54:26:54:26 | s | provenance | | | main.rs:53:13:53:21 | source(...) | main.rs:53:9:53:9 | s | provenance | | @@ -50,8 +51,8 @@ edges | main.rs:54:9:54:10 | e1 [B] | main.rs:55:11:55:12 | e1 [B] | provenance | | | main.rs:54:14:54:27 | set_var_pos(...) [B] | main.rs:54:9:54:10 | e1 [B] | provenance | | | main.rs:54:14:54:27 | set_var_pos(...) [B] | main.rs:54:9:54:10 | e1 [B] | provenance | | -| main.rs:54:26:54:26 | s | main.rs:54:14:54:27 | set_var_pos(...) [B] | provenance | MaD:21 | -| main.rs:54:26:54:26 | s | main.rs:54:14:54:27 | set_var_pos(...) [B] | provenance | MaD:21 | +| main.rs:54:26:54:26 | s | main.rs:54:14:54:27 | set_var_pos(...) [B] | provenance | MaD:22 | +| main.rs:54:26:54:26 | s | main.rs:54:14:54:27 | set_var_pos(...) [B] | provenance | MaD:22 | | main.rs:55:11:55:12 | e1 [B] | main.rs:57:9:57:23 | ...::B(...) [B] | provenance | | | main.rs:55:11:55:12 | e1 [B] | main.rs:57:9:57:23 | ...::B(...) [B] | provenance | | | main.rs:57:9:57:23 | ...::B(...) [B] | main.rs:57:22:57:22 | i | provenance | | @@ -68,8 +69,8 @@ edges | main.rs:73:14:73:42 | ...::C {...} [C] | main.rs:73:9:73:10 | e1 [C] | provenance | | | main.rs:73:40:73:40 | s | main.rs:73:14:73:42 | ...::C {...} [C] | provenance | | | main.rs:73:40:73:40 | s | main.rs:73:14:73:42 | ...::C {...} [C] | provenance | | -| main.rs:74:24:74:25 | e1 [C] | main.rs:74:10:74:26 | get_var_field(...) | provenance | MaD:15 | -| main.rs:74:24:74:25 | e1 [C] | main.rs:74:10:74:26 | get_var_field(...) | provenance | MaD:15 | +| main.rs:74:24:74:25 | e1 [C] | main.rs:74:10:74:26 | get_var_field(...) | provenance | MaD:16 | +| main.rs:74:24:74:25 | e1 [C] | main.rs:74:10:74:26 | get_var_field(...) | provenance | MaD:16 | | main.rs:85:9:85:9 | s | main.rs:86:28:86:28 | s | provenance | | | main.rs:85:9:85:9 | s | main.rs:86:28:86:28 | s | provenance | | | main.rs:85:13:85:21 | source(...) | main.rs:85:9:85:9 | s | provenance | | @@ -78,8 +79,8 @@ edges | main.rs:86:9:86:10 | e1 [D] | main.rs:87:11:87:12 | e1 [D] | provenance | | | main.rs:86:14:86:29 | set_var_field(...) [D] | main.rs:86:9:86:10 | e1 [D] | provenance | | | main.rs:86:14:86:29 | set_var_field(...) [D] | main.rs:86:9:86:10 | e1 [D] | provenance | | -| main.rs:86:28:86:28 | s | main.rs:86:14:86:29 | set_var_field(...) [D] | provenance | MaD:20 | -| main.rs:86:28:86:28 | s | main.rs:86:14:86:29 | set_var_field(...) [D] | provenance | MaD:20 | +| main.rs:86:28:86:28 | s | main.rs:86:14:86:29 | set_var_field(...) [D] | provenance | MaD:21 | +| main.rs:86:28:86:28 | s | main.rs:86:14:86:29 | set_var_field(...) [D] | provenance | MaD:21 | | main.rs:87:11:87:12 | e1 [D] | main.rs:89:9:89:37 | ...::D {...} [D] | provenance | | | main.rs:87:11:87:12 | e1 [D] | main.rs:89:9:89:37 | ...::D {...} [D] | provenance | | | main.rs:89:9:89:37 | ...::D {...} [D] | main.rs:89:35:89:35 | i | provenance | | @@ -96,8 +97,8 @@ edges | main.rs:105:21:108:5 | MyStruct {...} [MyStruct.field1] | main.rs:105:9:105:17 | my_struct [MyStruct.field1] | provenance | | | main.rs:106:17:106:17 | s | main.rs:105:21:108:5 | MyStruct {...} [MyStruct.field1] | provenance | | | main.rs:106:17:106:17 | s | main.rs:105:21:108:5 | MyStruct {...} [MyStruct.field1] | provenance | | -| main.rs:109:27:109:35 | my_struct [MyStruct.field1] | main.rs:109:10:109:36 | get_struct_field(...) | provenance | MaD:13 | -| main.rs:109:27:109:35 | my_struct [MyStruct.field1] | main.rs:109:10:109:36 | get_struct_field(...) | provenance | MaD:13 | +| main.rs:109:27:109:35 | my_struct [MyStruct.field1] | main.rs:109:10:109:36 | get_struct_field(...) | provenance | MaD:14 | +| main.rs:109:27:109:35 | my_struct [MyStruct.field1] | main.rs:109:10:109:36 | get_struct_field(...) | provenance | MaD:14 | | main.rs:126:9:126:9 | s | main.rs:127:38:127:38 | s | provenance | | | main.rs:126:9:126:9 | s | main.rs:127:38:127:38 | s | provenance | | | main.rs:126:13:126:21 | source(...) | main.rs:126:9:126:9 | s | provenance | | @@ -106,16 +107,16 @@ edges | main.rs:127:9:127:17 | my_struct [MyStruct.field2] | main.rs:129:10:129:18 | my_struct [MyStruct.field2] | provenance | | | main.rs:127:21:127:39 | set_struct_field(...) [MyStruct.field2] | main.rs:127:9:127:17 | my_struct [MyStruct.field2] | provenance | | | main.rs:127:21:127:39 | set_struct_field(...) [MyStruct.field2] | main.rs:127:9:127:17 | my_struct [MyStruct.field2] | provenance | | -| main.rs:127:38:127:38 | s | main.rs:127:21:127:39 | set_struct_field(...) [MyStruct.field2] | provenance | MaD:18 | -| main.rs:127:38:127:38 | s | main.rs:127:21:127:39 | set_struct_field(...) [MyStruct.field2] | provenance | MaD:18 | +| main.rs:127:38:127:38 | s | main.rs:127:21:127:39 | set_struct_field(...) [MyStruct.field2] | provenance | MaD:19 | +| main.rs:127:38:127:38 | s | main.rs:127:21:127:39 | set_struct_field(...) [MyStruct.field2] | provenance | MaD:19 | | main.rs:129:10:129:18 | my_struct [MyStruct.field2] | main.rs:129:10:129:25 | my_struct.field2 | provenance | | | main.rs:129:10:129:18 | my_struct [MyStruct.field2] | main.rs:129:10:129:25 | my_struct.field2 | provenance | | | main.rs:138:9:138:9 | s | main.rs:139:29:139:29 | s | provenance | | | main.rs:138:9:138:9 | s | main.rs:139:29:139:29 | s | provenance | | | main.rs:138:13:138:21 | source(...) | main.rs:138:9:138:9 | s | provenance | | | main.rs:138:13:138:21 | source(...) | main.rs:138:9:138:9 | s | provenance | | -| main.rs:139:28:139:30 | [...] [element] | main.rs:139:10:139:31 | get_array_element(...) | provenance | MaD:11 | -| main.rs:139:28:139:30 | [...] [element] | main.rs:139:10:139:31 | get_array_element(...) | provenance | MaD:11 | +| main.rs:139:28:139:30 | [...] [element] | main.rs:139:10:139:31 | get_array_element(...) | provenance | MaD:12 | +| main.rs:139:28:139:30 | [...] [element] | main.rs:139:10:139:31 | get_array_element(...) | provenance | MaD:12 | | main.rs:139:29:139:29 | s | main.rs:139:28:139:30 | [...] [element] | provenance | | | main.rs:139:29:139:29 | s | main.rs:139:28:139:30 | [...] [element] | provenance | | | main.rs:148:9:148:9 | s | main.rs:149:33:149:33 | s | provenance | | @@ -126,8 +127,8 @@ edges | main.rs:149:9:149:11 | arr [element] | main.rs:150:10:150:12 | arr [element] | provenance | | | main.rs:149:15:149:34 | set_array_element(...) [element] | main.rs:149:9:149:11 | arr [element] | provenance | | | main.rs:149:15:149:34 | set_array_element(...) [element] | main.rs:149:9:149:11 | arr [element] | provenance | | -| main.rs:149:33:149:33 | s | main.rs:149:15:149:34 | set_array_element(...) [element] | provenance | MaD:17 | -| main.rs:149:33:149:33 | s | main.rs:149:15:149:34 | set_array_element(...) [element] | provenance | MaD:17 | +| main.rs:149:33:149:33 | s | main.rs:149:15:149:34 | set_array_element(...) [element] | provenance | MaD:18 | +| main.rs:149:33:149:33 | s | main.rs:149:15:149:34 | set_array_element(...) [element] | provenance | MaD:18 | | main.rs:150:10:150:12 | arr [element] | main.rs:150:10:150:15 | arr[0] | provenance | | | main.rs:150:10:150:12 | arr [element] | main.rs:150:10:150:15 | arr[0] | provenance | | | main.rs:159:9:159:9 | s | main.rs:160:14:160:14 | s | provenance | | @@ -140,8 +141,8 @@ edges | main.rs:160:13:160:18 | TupleExpr [tuple.0] | main.rs:160:9:160:9 | t [tuple.0] | provenance | | | main.rs:160:14:160:14 | s | main.rs:160:13:160:18 | TupleExpr [tuple.0] | provenance | | | main.rs:160:14:160:14 | s | main.rs:160:13:160:18 | TupleExpr [tuple.0] | provenance | | -| main.rs:161:28:161:28 | t [tuple.0] | main.rs:161:10:161:29 | get_tuple_element(...) | provenance | MaD:14 | -| main.rs:161:28:161:28 | t [tuple.0] | main.rs:161:10:161:29 | get_tuple_element(...) | provenance | MaD:14 | +| main.rs:161:28:161:28 | t [tuple.0] | main.rs:161:10:161:29 | get_tuple_element(...) | provenance | MaD:15 | +| main.rs:161:28:161:28 | t [tuple.0] | main.rs:161:10:161:29 | get_tuple_element(...) | provenance | MaD:15 | | main.rs:172:9:172:9 | s | main.rs:173:31:173:31 | s | provenance | | | main.rs:172:9:172:9 | s | main.rs:173:31:173:31 | s | provenance | | | main.rs:172:13:172:22 | source(...) | main.rs:172:9:172:9 | s | provenance | | @@ -150,120 +151,142 @@ edges | main.rs:173:9:173:9 | t [tuple.1] | main.rs:175:10:175:10 | t [tuple.1] | provenance | | | main.rs:173:13:173:32 | set_tuple_element(...) [tuple.1] | main.rs:173:9:173:9 | t [tuple.1] | provenance | | | main.rs:173:13:173:32 | set_tuple_element(...) [tuple.1] | main.rs:173:9:173:9 | t [tuple.1] | provenance | | -| main.rs:173:31:173:31 | s | main.rs:173:13:173:32 | set_tuple_element(...) [tuple.1] | provenance | MaD:19 | -| main.rs:173:31:173:31 | s | main.rs:173:13:173:32 | set_tuple_element(...) [tuple.1] | provenance | MaD:19 | +| main.rs:173:31:173:31 | s | main.rs:173:13:173:32 | set_tuple_element(...) [tuple.1] | provenance | MaD:20 | +| main.rs:173:31:173:31 | s | main.rs:173:13:173:32 | set_tuple_element(...) [tuple.1] | provenance | MaD:20 | | main.rs:175:10:175:10 | t [tuple.1] | main.rs:175:10:175:12 | t.1 | provenance | | | main.rs:175:10:175:10 | t [tuple.1] | main.rs:175:10:175:12 | t.1 | provenance | | -| main.rs:184:9:184:9 | s | main.rs:189:11:189:11 | s | provenance | | -| main.rs:184:9:184:9 | s | main.rs:189:11:189:11 | s | provenance | | -| main.rs:184:13:184:22 | source(...) | main.rs:184:9:184:9 | s | provenance | | -| main.rs:184:13:184:22 | source(...) | main.rs:184:9:184:9 | s | provenance | | -| main.rs:185:14:185:14 | ... | main.rs:186:14:186:14 | n | provenance | | -| main.rs:185:14:185:14 | ... | main.rs:186:14:186:14 | n | provenance | | -| main.rs:189:11:189:11 | s | main.rs:185:14:185:14 | ... | provenance | MaD:8 | -| main.rs:189:11:189:11 | s | main.rs:185:14:185:14 | ... | provenance | MaD:8 | -| main.rs:193:13:193:22 | source(...) | main.rs:195:23:195:23 | f [captured s] | provenance | | -| main.rs:193:13:193:22 | source(...) | main.rs:195:23:195:23 | f [captured s] | provenance | | -| main.rs:194:40:194:40 | s | main.rs:194:17:194:42 | if ... {...} else {...} | provenance | | -| main.rs:194:40:194:40 | s | main.rs:194:17:194:42 | if ... {...} else {...} | provenance | | -| main.rs:195:9:195:9 | t | main.rs:196:10:196:10 | t | provenance | | -| main.rs:195:9:195:9 | t | main.rs:196:10:196:10 | t | provenance | | -| main.rs:195:13:195:24 | apply(...) | main.rs:195:9:195:9 | t | provenance | | -| main.rs:195:13:195:24 | apply(...) | main.rs:195:9:195:9 | t | provenance | | -| main.rs:195:23:195:23 | f [captured s] | main.rs:194:40:194:40 | s | provenance | MaD:8 | -| main.rs:195:23:195:23 | f [captured s] | main.rs:194:40:194:40 | s | provenance | MaD:8 | -| main.rs:195:23:195:23 | f [captured s] | main.rs:194:40:194:40 | s | provenance | MaD:9 | -| main.rs:195:23:195:23 | f [captured s] | main.rs:194:40:194:40 | s | provenance | MaD:9 | -| main.rs:195:23:195:23 | f [captured s] | main.rs:195:13:195:24 | apply(...) | provenance | MaD:8 | -| main.rs:195:23:195:23 | f [captured s] | main.rs:195:13:195:24 | apply(...) | provenance | MaD:8 | -| main.rs:195:23:195:23 | f [captured s] | main.rs:195:13:195:24 | apply(...) | provenance | MaD:9 | -| main.rs:195:23:195:23 | f [captured s] | main.rs:195:13:195:24 | apply(...) | provenance | MaD:9 | -| main.rs:200:9:200:9 | s | main.rs:202:19:202:19 | s | provenance | | -| main.rs:200:9:200:9 | s | main.rs:202:19:202:19 | s | provenance | | -| main.rs:200:13:200:22 | source(...) | main.rs:200:9:200:9 | s | provenance | | -| main.rs:200:13:200:22 | source(...) | main.rs:200:9:200:9 | s | provenance | | -| main.rs:201:14:201:14 | ... | main.rs:201:17:201:42 | if ... {...} else {...} | provenance | | -| main.rs:201:14:201:14 | ... | main.rs:201:17:201:42 | if ... {...} else {...} | provenance | | -| main.rs:202:9:202:9 | t | main.rs:203:10:203:10 | t | provenance | | -| main.rs:202:9:202:9 | t | main.rs:203:10:203:10 | t | provenance | | -| main.rs:202:13:202:23 | apply(...) | main.rs:202:9:202:9 | t | provenance | | -| main.rs:202:13:202:23 | apply(...) | main.rs:202:9:202:9 | t | provenance | | -| main.rs:202:19:202:19 | s | main.rs:201:14:201:14 | ... | provenance | MaD:8 | -| main.rs:202:19:202:19 | s | main.rs:201:14:201:14 | ... | provenance | MaD:8 | -| main.rs:202:19:202:19 | s | main.rs:202:13:202:23 | apply(...) | provenance | MaD:8 | -| main.rs:202:19:202:19 | s | main.rs:202:13:202:23 | apply(...) | provenance | MaD:8 | -| main.rs:212:9:212:9 | s | main.rs:213:30:213:30 | s | provenance | | -| main.rs:212:9:212:9 | s | main.rs:213:30:213:30 | s | provenance | | -| main.rs:212:13:212:22 | source(...) | main.rs:212:9:212:9 | s | provenance | | -| main.rs:212:13:212:22 | source(...) | main.rs:212:9:212:9 | s | provenance | | -| main.rs:213:9:213:9 | t | main.rs:214:10:214:10 | t | provenance | | -| main.rs:213:9:213:9 | t | main.rs:214:10:214:10 | t | provenance | | -| main.rs:213:13:213:31 | get_async_number(...) [future] | main.rs:213:13:213:37 | await ... | provenance | | -| main.rs:213:13:213:31 | get_async_number(...) [future] | main.rs:213:13:213:37 | await ... | provenance | | -| main.rs:213:13:213:37 | await ... | main.rs:213:9:213:9 | t | provenance | | -| main.rs:213:13:213:37 | await ... | main.rs:213:9:213:9 | t | provenance | | -| main.rs:213:30:213:30 | s | main.rs:213:13:213:31 | get_async_number(...) [future] | provenance | MaD:12 | -| main.rs:213:30:213:30 | s | main.rs:213:13:213:31 | get_async_number(...) [future] | provenance | MaD:12 | -| main.rs:233:9:233:9 | s [D] | main.rs:234:11:234:11 | s [D] | provenance | | -| main.rs:233:9:233:9 | s [D] | main.rs:234:11:234:11 | s [D] | provenance | | -| main.rs:233:13:233:23 | enum_source | main.rs:233:13:233:27 | enum_source(...) [D] | provenance | Src:MaD:6 | -| main.rs:233:13:233:23 | enum_source | main.rs:233:13:233:27 | enum_source(...) [D] | provenance | Src:MaD:6 | -| main.rs:233:13:233:27 | enum_source(...) [D] | main.rs:233:9:233:9 | s [D] | provenance | | -| main.rs:233:13:233:27 | enum_source(...) [D] | main.rs:233:9:233:9 | s [D] | provenance | | -| main.rs:234:11:234:11 | s [D] | main.rs:236:9:236:37 | ...::D {...} [D] | provenance | | -| main.rs:234:11:234:11 | s [D] | main.rs:236:9:236:37 | ...::D {...} [D] | provenance | | -| main.rs:236:9:236:37 | ...::D {...} [D] | main.rs:236:35:236:35 | i | provenance | | -| main.rs:236:9:236:37 | ...::D {...} [D] | main.rs:236:35:236:35 | i | provenance | | -| main.rs:236:35:236:35 | i | main.rs:236:47:236:47 | i | provenance | | -| main.rs:236:35:236:35 | i | main.rs:236:47:236:47 | i | provenance | | -| main.rs:242:9:242:9 | s [C] | main.rs:243:11:243:11 | s [C] | provenance | | -| main.rs:242:9:242:9 | s [C] | main.rs:243:11:243:11 | s [C] | provenance | | -| main.rs:242:13:242:24 | e.source(...) [C] | main.rs:242:9:242:9 | s [C] | provenance | | -| main.rs:242:13:242:24 | e.source(...) [C] | main.rs:242:9:242:9 | s [C] | provenance | | -| main.rs:242:15:242:20 | source | main.rs:242:13:242:24 | e.source(...) [C] | provenance | Src:MaD:4 | -| main.rs:242:15:242:20 | source | main.rs:242:13:242:24 | e.source(...) [C] | provenance | Src:MaD:4 | -| main.rs:243:11:243:11 | s [C] | main.rs:244:9:244:37 | ...::C {...} [C] | provenance | | -| main.rs:243:11:243:11 | s [C] | main.rs:244:9:244:37 | ...::C {...} [C] | provenance | | -| main.rs:244:9:244:37 | ...::C {...} [C] | main.rs:244:35:244:35 | i | provenance | | -| main.rs:244:9:244:37 | ...::C {...} [C] | main.rs:244:35:244:35 | i | provenance | | -| main.rs:244:35:244:35 | i | main.rs:244:47:244:47 | i | provenance | | -| main.rs:244:35:244:35 | i | main.rs:244:47:244:47 | i | provenance | | -| main.rs:253:9:253:9 | s | main.rs:254:41:254:41 | s | provenance | | -| main.rs:253:9:253:9 | s | main.rs:254:41:254:41 | s | provenance | | -| main.rs:253:13:253:22 | source(...) | main.rs:253:9:253:9 | s | provenance | | -| main.rs:253:13:253:22 | source(...) | main.rs:253:9:253:9 | s | provenance | | -| main.rs:254:15:254:43 | ...::C {...} [C] | main.rs:254:5:254:13 | enum_sink | provenance | MaD:2 Sink:MaD:2 | -| main.rs:254:15:254:43 | ...::C {...} [C] | main.rs:254:5:254:13 | enum_sink | provenance | MaD:2 Sink:MaD:2 | -| main.rs:254:41:254:41 | s | main.rs:254:15:254:43 | ...::C {...} [C] | provenance | | -| main.rs:254:41:254:41 | s | main.rs:254:15:254:43 | ...::C {...} [C] | provenance | | -| main.rs:259:9:259:9 | s | main.rs:260:39:260:39 | s | provenance | | -| main.rs:259:9:259:9 | s | main.rs:260:39:260:39 | s | provenance | | -| main.rs:259:13:259:22 | source(...) | main.rs:259:9:259:9 | s | provenance | | -| main.rs:259:13:259:22 | source(...) | main.rs:259:9:259:9 | s | provenance | | -| main.rs:260:9:260:9 | e [D] | main.rs:261:5:261:5 | e [D] | provenance | | -| main.rs:260:9:260:9 | e [D] | main.rs:261:5:261:5 | e [D] | provenance | | -| main.rs:260:13:260:41 | ...::D {...} [D] | main.rs:260:9:260:9 | e [D] | provenance | | -| main.rs:260:13:260:41 | ...::D {...} [D] | main.rs:260:9:260:9 | e [D] | provenance | | -| main.rs:260:39:260:39 | s | main.rs:260:13:260:41 | ...::D {...} [D] | provenance | | -| main.rs:260:39:260:39 | s | main.rs:260:13:260:41 | ...::D {...} [D] | provenance | | -| main.rs:261:5:261:5 | e [D] | main.rs:261:7:261:10 | sink | provenance | MaD:1 Sink:MaD:1 | -| main.rs:261:5:261:5 | e [D] | main.rs:261:7:261:10 | sink | provenance | MaD:1 Sink:MaD:1 | -| main.rs:270:9:270:9 | s | main.rs:271:10:271:10 | s | provenance | | -| main.rs:270:9:270:9 | s | main.rs:271:10:271:10 | s | provenance | | -| main.rs:270:13:270:25 | simple_source | main.rs:270:13:270:29 | simple_source(...) | provenance | Src:MaD:7 MaD:7 | -| main.rs:270:13:270:25 | simple_source | main.rs:270:13:270:29 | simple_source(...) | provenance | Src:MaD:7 MaD:7 | -| main.rs:270:13:270:29 | simple_source(...) | main.rs:270:9:270:9 | s | provenance | | -| main.rs:270:13:270:29 | simple_source(...) | main.rs:270:9:270:9 | s | provenance | | -| main.rs:278:9:278:9 | s | main.rs:279:17:279:17 | s | provenance | | -| main.rs:278:9:278:9 | s | main.rs:279:17:279:17 | s | provenance | | -| main.rs:278:13:278:22 | source(...) | main.rs:278:9:278:9 | s | provenance | | -| main.rs:278:13:278:22 | source(...) | main.rs:278:9:278:9 | s | provenance | | -| main.rs:279:17:279:17 | s | main.rs:279:5:279:15 | simple_sink | provenance | MaD:3 Sink:MaD:3 | -| main.rs:279:17:279:17 | s | main.rs:279:5:279:15 | simple_sink | provenance | MaD:3 Sink:MaD:3 | -| main.rs:287:5:287:14 | arg_source | main.rs:287:16:287:16 | [post] i | provenance | Src:MaD:5 MaD:5 | -| main.rs:287:5:287:14 | arg_source | main.rs:287:16:287:16 | [post] i | provenance | Src:MaD:5 MaD:5 | -| main.rs:287:16:287:16 | [post] i | main.rs:288:10:288:10 | i | provenance | | -| main.rs:287:16:287:16 | [post] i | main.rs:288:10:288:10 | i | provenance | | +| main.rs:187:9:187:9 | s | main.rs:192:11:192:11 | s | provenance | | +| main.rs:187:9:187:9 | s | main.rs:192:11:192:11 | s | provenance | | +| main.rs:187:13:187:22 | source(...) | main.rs:187:9:187:9 | s | provenance | | +| main.rs:187:13:187:22 | source(...) | main.rs:187:9:187:9 | s | provenance | | +| main.rs:188:14:188:14 | ... | main.rs:189:14:189:14 | n | provenance | | +| main.rs:188:14:188:14 | ... | main.rs:189:14:189:14 | n | provenance | | +| main.rs:192:11:192:11 | s | main.rs:188:14:188:14 | ... | provenance | MaD:9 | +| main.rs:192:11:192:11 | s | main.rs:188:14:188:14 | ... | provenance | MaD:9 | +| main.rs:196:13:196:22 | source(...) | main.rs:198:23:198:23 | f [captured s] | provenance | | +| main.rs:196:13:196:22 | source(...) | main.rs:198:23:198:23 | f [captured s] | provenance | | +| main.rs:197:40:197:40 | s | main.rs:197:17:197:42 | if ... {...} else {...} | provenance | | +| main.rs:197:40:197:40 | s | main.rs:197:17:197:42 | if ... {...} else {...} | provenance | | +| main.rs:198:9:198:9 | t | main.rs:199:10:199:10 | t | provenance | | +| main.rs:198:9:198:9 | t | main.rs:199:10:199:10 | t | provenance | | +| main.rs:198:13:198:24 | apply(...) | main.rs:198:9:198:9 | t | provenance | | +| main.rs:198:13:198:24 | apply(...) | main.rs:198:9:198:9 | t | provenance | | +| main.rs:198:23:198:23 | f [captured s] | main.rs:197:40:197:40 | s | provenance | MaD:9 | +| main.rs:198:23:198:23 | f [captured s] | main.rs:197:40:197:40 | s | provenance | MaD:9 | +| main.rs:198:23:198:23 | f [captured s] | main.rs:197:40:197:40 | s | provenance | MaD:10 | +| main.rs:198:23:198:23 | f [captured s] | main.rs:197:40:197:40 | s | provenance | MaD:10 | +| main.rs:198:23:198:23 | f [captured s] | main.rs:198:13:198:24 | apply(...) | provenance | MaD:9 | +| main.rs:198:23:198:23 | f [captured s] | main.rs:198:13:198:24 | apply(...) | provenance | MaD:9 | +| main.rs:198:23:198:23 | f [captured s] | main.rs:198:13:198:24 | apply(...) | provenance | MaD:10 | +| main.rs:198:23:198:23 | f [captured s] | main.rs:198:13:198:24 | apply(...) | provenance | MaD:10 | +| main.rs:203:9:203:9 | s | main.rs:205:19:205:19 | s | provenance | | +| main.rs:203:9:203:9 | s | main.rs:205:19:205:19 | s | provenance | | +| main.rs:203:13:203:22 | source(...) | main.rs:203:9:203:9 | s | provenance | | +| main.rs:203:13:203:22 | source(...) | main.rs:203:9:203:9 | s | provenance | | +| main.rs:204:14:204:14 | ... | main.rs:204:17:204:42 | if ... {...} else {...} | provenance | | +| main.rs:204:14:204:14 | ... | main.rs:204:17:204:42 | if ... {...} else {...} | provenance | | +| main.rs:205:9:205:9 | t | main.rs:206:10:206:10 | t | provenance | | +| main.rs:205:9:205:9 | t | main.rs:206:10:206:10 | t | provenance | | +| main.rs:205:13:205:23 | apply(...) | main.rs:205:9:205:9 | t | provenance | | +| main.rs:205:13:205:23 | apply(...) | main.rs:205:9:205:9 | t | provenance | | +| main.rs:205:19:205:19 | s | main.rs:204:14:204:14 | ... | provenance | MaD:9 | +| main.rs:205:19:205:19 | s | main.rs:204:14:204:14 | ... | provenance | MaD:9 | +| main.rs:205:19:205:19 | s | main.rs:205:13:205:23 | apply(...) | provenance | MaD:9 | +| main.rs:205:19:205:19 | s | main.rs:205:13:205:23 | apply(...) | provenance | MaD:9 | +| main.rs:215:9:215:9 | s | main.rs:216:30:216:30 | s | provenance | | +| main.rs:215:9:215:9 | s | main.rs:216:30:216:30 | s | provenance | | +| main.rs:215:13:215:22 | source(...) | main.rs:215:9:215:9 | s | provenance | | +| main.rs:215:13:215:22 | source(...) | main.rs:215:9:215:9 | s | provenance | | +| main.rs:216:9:216:9 | t | main.rs:217:10:217:10 | t | provenance | | +| main.rs:216:9:216:9 | t | main.rs:217:10:217:10 | t | provenance | | +| main.rs:216:13:216:31 | get_async_number(...) [future] | main.rs:216:13:216:37 | await ... | provenance | | +| main.rs:216:13:216:31 | get_async_number(...) [future] | main.rs:216:13:216:37 | await ... | provenance | | +| main.rs:216:13:216:37 | await ... | main.rs:216:9:216:9 | t | provenance | | +| main.rs:216:13:216:37 | await ... | main.rs:216:9:216:9 | t | provenance | | +| main.rs:216:30:216:30 | s | main.rs:216:13:216:31 | get_async_number(...) [future] | provenance | MaD:13 | +| main.rs:216:30:216:30 | s | main.rs:216:13:216:31 | get_async_number(...) [future] | provenance | MaD:13 | +| main.rs:236:9:236:9 | s [D] | main.rs:237:11:237:11 | s [D] | provenance | | +| main.rs:236:9:236:9 | s [D] | main.rs:237:11:237:11 | s [D] | provenance | | +| main.rs:236:13:236:23 | enum_source | main.rs:236:13:236:27 | enum_source(...) [D] | provenance | Src:MaD:6 | +| main.rs:236:13:236:23 | enum_source | main.rs:236:13:236:27 | enum_source(...) [D] | provenance | Src:MaD:6 | +| main.rs:236:13:236:27 | enum_source(...) [D] | main.rs:236:9:236:9 | s [D] | provenance | | +| main.rs:236:13:236:27 | enum_source(...) [D] | main.rs:236:9:236:9 | s [D] | provenance | | +| main.rs:237:11:237:11 | s [D] | main.rs:239:9:239:37 | ...::D {...} [D] | provenance | | +| main.rs:237:11:237:11 | s [D] | main.rs:239:9:239:37 | ...::D {...} [D] | provenance | | +| main.rs:239:9:239:37 | ...::D {...} [D] | main.rs:239:35:239:35 | i | provenance | | +| main.rs:239:9:239:37 | ...::D {...} [D] | main.rs:239:35:239:35 | i | provenance | | +| main.rs:239:35:239:35 | i | main.rs:239:47:239:47 | i | provenance | | +| main.rs:239:35:239:35 | i | main.rs:239:47:239:47 | i | provenance | | +| main.rs:245:9:245:9 | s [C] | main.rs:246:11:246:11 | s [C] | provenance | | +| main.rs:245:9:245:9 | s [C] | main.rs:246:11:246:11 | s [C] | provenance | | +| main.rs:245:13:245:24 | e.source(...) [C] | main.rs:245:9:245:9 | s [C] | provenance | | +| main.rs:245:13:245:24 | e.source(...) [C] | main.rs:245:9:245:9 | s [C] | provenance | | +| main.rs:245:15:245:20 | source | main.rs:245:13:245:24 | e.source(...) [C] | provenance | Src:MaD:4 | +| main.rs:245:15:245:20 | source | main.rs:245:13:245:24 | e.source(...) [C] | provenance | Src:MaD:4 | +| main.rs:246:11:246:11 | s [C] | main.rs:247:9:247:37 | ...::C {...} [C] | provenance | | +| main.rs:246:11:246:11 | s [C] | main.rs:247:9:247:37 | ...::C {...} [C] | provenance | | +| main.rs:247:9:247:37 | ...::C {...} [C] | main.rs:247:35:247:35 | i | provenance | | +| main.rs:247:9:247:37 | ...::C {...} [C] | main.rs:247:35:247:35 | i | provenance | | +| main.rs:247:35:247:35 | i | main.rs:247:47:247:47 | i | provenance | | +| main.rs:247:35:247:35 | i | main.rs:247:47:247:47 | i | provenance | | +| main.rs:256:9:256:9 | s | main.rs:257:41:257:41 | s | provenance | | +| main.rs:256:9:256:9 | s | main.rs:257:41:257:41 | s | provenance | | +| main.rs:256:13:256:22 | source(...) | main.rs:256:9:256:9 | s | provenance | | +| main.rs:256:13:256:22 | source(...) | main.rs:256:9:256:9 | s | provenance | | +| main.rs:257:15:257:43 | ...::C {...} [C] | main.rs:257:5:257:13 | enum_sink | provenance | MaD:2 Sink:MaD:2 | +| main.rs:257:15:257:43 | ...::C {...} [C] | main.rs:257:5:257:13 | enum_sink | provenance | MaD:2 Sink:MaD:2 | +| main.rs:257:41:257:41 | s | main.rs:257:15:257:43 | ...::C {...} [C] | provenance | | +| main.rs:257:41:257:41 | s | main.rs:257:15:257:43 | ...::C {...} [C] | provenance | | +| main.rs:262:9:262:9 | s | main.rs:263:39:263:39 | s | provenance | | +| main.rs:262:9:262:9 | s | main.rs:263:39:263:39 | s | provenance | | +| main.rs:262:13:262:22 | source(...) | main.rs:262:9:262:9 | s | provenance | | +| main.rs:262:13:262:22 | source(...) | main.rs:262:9:262:9 | s | provenance | | +| main.rs:263:9:263:9 | e [D] | main.rs:264:5:264:5 | e [D] | provenance | | +| main.rs:263:9:263:9 | e [D] | main.rs:264:5:264:5 | e [D] | provenance | | +| main.rs:263:13:263:41 | ...::D {...} [D] | main.rs:263:9:263:9 | e [D] | provenance | | +| main.rs:263:13:263:41 | ...::D {...} [D] | main.rs:263:9:263:9 | e [D] | provenance | | +| main.rs:263:39:263:39 | s | main.rs:263:13:263:41 | ...::D {...} [D] | provenance | | +| main.rs:263:39:263:39 | s | main.rs:263:13:263:41 | ...::D {...} [D] | provenance | | +| main.rs:264:5:264:5 | e [D] | main.rs:264:7:264:10 | sink | provenance | MaD:1 Sink:MaD:1 | +| main.rs:264:5:264:5 | e [D] | main.rs:264:7:264:10 | sink | provenance | MaD:1 Sink:MaD:1 | +| main.rs:273:9:273:9 | s | main.rs:274:10:274:10 | s | provenance | | +| main.rs:273:9:273:9 | s | main.rs:274:10:274:10 | s | provenance | | +| main.rs:273:13:273:25 | simple_source | main.rs:273:13:273:29 | simple_source(...) | provenance | Src:MaD:7 MaD:7 | +| main.rs:273:13:273:25 | simple_source | main.rs:273:13:273:29 | simple_source(...) | provenance | Src:MaD:7 MaD:7 | +| main.rs:273:13:273:29 | simple_source(...) | main.rs:273:9:273:9 | s | provenance | | +| main.rs:273:13:273:29 | simple_source(...) | main.rs:273:9:273:9 | s | provenance | | +| main.rs:281:9:281:9 | s | main.rs:282:17:282:17 | s | provenance | | +| main.rs:281:9:281:9 | s | main.rs:282:17:282:17 | s | provenance | | +| main.rs:281:13:281:22 | source(...) | main.rs:281:9:281:9 | s | provenance | | +| main.rs:281:13:281:22 | source(...) | main.rs:281:9:281:9 | s | provenance | | +| main.rs:282:17:282:17 | s | main.rs:282:5:282:15 | simple_sink | provenance | MaD:3 Sink:MaD:3 | +| main.rs:282:17:282:17 | s | main.rs:282:5:282:15 | simple_sink | provenance | MaD:3 Sink:MaD:3 | +| main.rs:290:5:290:14 | arg_source | main.rs:290:16:290:16 | [post] i | provenance | Src:MaD:5 MaD:5 | +| main.rs:290:5:290:14 | arg_source | main.rs:290:16:290:16 | [post] i | provenance | Src:MaD:5 MaD:5 | +| main.rs:290:16:290:16 | [post] i | main.rs:291:10:291:10 | i | provenance | | +| main.rs:290:16:290:16 | [post] i | main.rs:291:10:291:10 | i | provenance | | +| main.rs:343:9:343:10 | x1 | main.rs:344:10:344:11 | x1 | provenance | | +| main.rs:343:9:343:10 | x1 | main.rs:344:10:344:11 | x1 | provenance | | +| main.rs:343:14:343:23 | source(...) | main.rs:343:14:343:30 | ... .max(...) | provenance | MaD:8 | +| main.rs:343:14:343:23 | source(...) | main.rs:343:14:343:30 | ... .max(...) | provenance | MaD:8 | +| main.rs:343:14:343:30 | ... .max(...) | main.rs:343:9:343:10 | x1 | provenance | | +| main.rs:343:14:343:30 | ... .max(...) | main.rs:343:9:343:10 | x1 | provenance | | +| main.rs:346:9:346:10 | x2 [MyStruct.field1] | main.rs:354:10:354:11 | x2 [MyStruct.field1] | provenance | | +| main.rs:346:9:346:10 | x2 [MyStruct.field1] | main.rs:354:10:354:11 | x2 [MyStruct.field1] | provenance | | +| main.rs:346:14:353:6 | ... .max(...) [MyStruct.field1] | main.rs:346:9:346:10 | x2 [MyStruct.field1] | provenance | | +| main.rs:346:14:353:6 | ... .max(...) [MyStruct.field1] | main.rs:346:9:346:10 | x2 [MyStruct.field1] | provenance | | +| main.rs:346:15:349:5 | MyStruct {...} [MyStruct.field1] | main.rs:346:14:353:6 | ... .max(...) [MyStruct.field1] | provenance | MaD:8 | +| main.rs:346:15:349:5 | MyStruct {...} [MyStruct.field1] | main.rs:346:14:353:6 | ... .max(...) [MyStruct.field1] | provenance | MaD:8 | +| main.rs:347:17:347:26 | source(...) | main.rs:346:15:349:5 | MyStruct {...} [MyStruct.field1] | provenance | | +| main.rs:347:17:347:26 | source(...) | main.rs:346:15:349:5 | MyStruct {...} [MyStruct.field1] | provenance | | +| main.rs:354:10:354:11 | x2 [MyStruct.field1] | main.rs:354:10:354:18 | x2.field1 | provenance | | +| main.rs:354:10:354:11 | x2 [MyStruct.field1] | main.rs:354:10:354:18 | x2.field1 | provenance | | +| main.rs:359:9:359:10 | x4 | main.rs:360:10:360:11 | x4 | provenance | | +| main.rs:359:9:359:10 | x4 | main.rs:360:10:360:11 | x4 | provenance | | +| main.rs:359:14:359:23 | source(...) | main.rs:359:14:359:30 | ... .max(...) | provenance | MaD:8 | +| main.rs:359:14:359:23 | source(...) | main.rs:359:14:359:30 | ... .max(...) | provenance | MaD:8 | +| main.rs:359:14:359:30 | ... .max(...) | main.rs:359:9:359:10 | x4 | provenance | | +| main.rs:359:14:359:30 | ... .max(...) | main.rs:359:9:359:10 | x4 | provenance | | nodes | main.rs:15:9:15:9 | s | semmle.label | s | | main.rs:15:9:15:9 | s | semmle.label | s | @@ -421,139 +444,167 @@ nodes | main.rs:175:10:175:10 | t [tuple.1] | semmle.label | t [tuple.1] | | main.rs:175:10:175:12 | t.1 | semmle.label | t.1 | | main.rs:175:10:175:12 | t.1 | semmle.label | t.1 | -| main.rs:184:9:184:9 | s | semmle.label | s | -| main.rs:184:9:184:9 | s | semmle.label | s | -| main.rs:184:13:184:22 | source(...) | semmle.label | source(...) | -| main.rs:184:13:184:22 | source(...) | semmle.label | source(...) | -| main.rs:185:14:185:14 | ... | semmle.label | ... | -| main.rs:185:14:185:14 | ... | semmle.label | ... | -| main.rs:186:14:186:14 | n | semmle.label | n | -| main.rs:186:14:186:14 | n | semmle.label | n | -| main.rs:189:11:189:11 | s | semmle.label | s | -| main.rs:189:11:189:11 | s | semmle.label | s | -| main.rs:193:13:193:22 | source(...) | semmle.label | source(...) | -| main.rs:193:13:193:22 | source(...) | semmle.label | source(...) | -| main.rs:194:17:194:42 | if ... {...} else {...} | semmle.label | if ... {...} else {...} | -| main.rs:194:17:194:42 | if ... {...} else {...} | semmle.label | if ... {...} else {...} | -| main.rs:194:40:194:40 | s | semmle.label | s | -| main.rs:194:40:194:40 | s | semmle.label | s | -| main.rs:195:9:195:9 | t | semmle.label | t | -| main.rs:195:9:195:9 | t | semmle.label | t | -| main.rs:195:13:195:24 | apply(...) | semmle.label | apply(...) | -| main.rs:195:13:195:24 | apply(...) | semmle.label | apply(...) | -| main.rs:195:23:195:23 | f [captured s] | semmle.label | f [captured s] | -| main.rs:195:23:195:23 | f [captured s] | semmle.label | f [captured s] | -| main.rs:196:10:196:10 | t | semmle.label | t | -| main.rs:196:10:196:10 | t | semmle.label | t | -| main.rs:200:9:200:9 | s | semmle.label | s | -| main.rs:200:9:200:9 | s | semmle.label | s | -| main.rs:200:13:200:22 | source(...) | semmle.label | source(...) | -| main.rs:200:13:200:22 | source(...) | semmle.label | source(...) | -| main.rs:201:14:201:14 | ... | semmle.label | ... | -| main.rs:201:14:201:14 | ... | semmle.label | ... | -| main.rs:201:17:201:42 | if ... {...} else {...} | semmle.label | if ... {...} else {...} | -| main.rs:201:17:201:42 | if ... {...} else {...} | semmle.label | if ... {...} else {...} | -| main.rs:202:9:202:9 | t | semmle.label | t | -| main.rs:202:9:202:9 | t | semmle.label | t | -| main.rs:202:13:202:23 | apply(...) | semmle.label | apply(...) | -| main.rs:202:13:202:23 | apply(...) | semmle.label | apply(...) | -| main.rs:202:19:202:19 | s | semmle.label | s | -| main.rs:202:19:202:19 | s | semmle.label | s | -| main.rs:203:10:203:10 | t | semmle.label | t | -| main.rs:203:10:203:10 | t | semmle.label | t | -| main.rs:212:9:212:9 | s | semmle.label | s | -| main.rs:212:9:212:9 | s | semmle.label | s | -| main.rs:212:13:212:22 | source(...) | semmle.label | source(...) | -| main.rs:212:13:212:22 | source(...) | semmle.label | source(...) | -| main.rs:213:9:213:9 | t | semmle.label | t | -| main.rs:213:9:213:9 | t | semmle.label | t | -| main.rs:213:13:213:31 | get_async_number(...) [future] | semmle.label | get_async_number(...) [future] | -| main.rs:213:13:213:31 | get_async_number(...) [future] | semmle.label | get_async_number(...) [future] | -| main.rs:213:13:213:37 | await ... | semmle.label | await ... | -| main.rs:213:13:213:37 | await ... | semmle.label | await ... | -| main.rs:213:30:213:30 | s | semmle.label | s | -| main.rs:213:30:213:30 | s | semmle.label | s | -| main.rs:214:10:214:10 | t | semmle.label | t | -| main.rs:214:10:214:10 | t | semmle.label | t | -| main.rs:233:9:233:9 | s [D] | semmle.label | s [D] | -| main.rs:233:9:233:9 | s [D] | semmle.label | s [D] | -| main.rs:233:13:233:23 | enum_source | semmle.label | enum_source | -| main.rs:233:13:233:23 | enum_source | semmle.label | enum_source | -| main.rs:233:13:233:27 | enum_source(...) [D] | semmle.label | enum_source(...) [D] | -| main.rs:233:13:233:27 | enum_source(...) [D] | semmle.label | enum_source(...) [D] | -| main.rs:234:11:234:11 | s [D] | semmle.label | s [D] | -| main.rs:234:11:234:11 | s [D] | semmle.label | s [D] | -| main.rs:236:9:236:37 | ...::D {...} [D] | semmle.label | ...::D {...} [D] | -| main.rs:236:9:236:37 | ...::D {...} [D] | semmle.label | ...::D {...} [D] | -| main.rs:236:35:236:35 | i | semmle.label | i | -| main.rs:236:35:236:35 | i | semmle.label | i | -| main.rs:236:47:236:47 | i | semmle.label | i | -| main.rs:236:47:236:47 | i | semmle.label | i | -| main.rs:242:9:242:9 | s [C] | semmle.label | s [C] | -| main.rs:242:9:242:9 | s [C] | semmle.label | s [C] | -| main.rs:242:13:242:24 | e.source(...) [C] | semmle.label | e.source(...) [C] | -| main.rs:242:13:242:24 | e.source(...) [C] | semmle.label | e.source(...) [C] | -| main.rs:242:15:242:20 | source | semmle.label | source | -| main.rs:242:15:242:20 | source | semmle.label | source | -| main.rs:243:11:243:11 | s [C] | semmle.label | s [C] | -| main.rs:243:11:243:11 | s [C] | semmle.label | s [C] | -| main.rs:244:9:244:37 | ...::C {...} [C] | semmle.label | ...::C {...} [C] | -| main.rs:244:9:244:37 | ...::C {...} [C] | semmle.label | ...::C {...} [C] | -| main.rs:244:35:244:35 | i | semmle.label | i | -| main.rs:244:35:244:35 | i | semmle.label | i | -| main.rs:244:47:244:47 | i | semmle.label | i | -| main.rs:244:47:244:47 | i | semmle.label | i | -| main.rs:253:9:253:9 | s | semmle.label | s | -| main.rs:253:9:253:9 | s | semmle.label | s | -| main.rs:253:13:253:22 | source(...) | semmle.label | source(...) | -| main.rs:253:13:253:22 | source(...) | semmle.label | source(...) | -| main.rs:254:5:254:13 | enum_sink | semmle.label | enum_sink | -| main.rs:254:5:254:13 | enum_sink | semmle.label | enum_sink | -| main.rs:254:15:254:43 | ...::C {...} [C] | semmle.label | ...::C {...} [C] | -| main.rs:254:15:254:43 | ...::C {...} [C] | semmle.label | ...::C {...} [C] | -| main.rs:254:41:254:41 | s | semmle.label | s | -| main.rs:254:41:254:41 | s | semmle.label | s | -| main.rs:259:9:259:9 | s | semmle.label | s | -| main.rs:259:9:259:9 | s | semmle.label | s | -| main.rs:259:13:259:22 | source(...) | semmle.label | source(...) | -| main.rs:259:13:259:22 | source(...) | semmle.label | source(...) | -| main.rs:260:9:260:9 | e [D] | semmle.label | e [D] | -| main.rs:260:9:260:9 | e [D] | semmle.label | e [D] | -| main.rs:260:13:260:41 | ...::D {...} [D] | semmle.label | ...::D {...} [D] | -| main.rs:260:13:260:41 | ...::D {...} [D] | semmle.label | ...::D {...} [D] | -| main.rs:260:39:260:39 | s | semmle.label | s | -| main.rs:260:39:260:39 | s | semmle.label | s | -| main.rs:261:5:261:5 | e [D] | semmle.label | e [D] | -| main.rs:261:5:261:5 | e [D] | semmle.label | e [D] | -| main.rs:261:7:261:10 | sink | semmle.label | sink | -| main.rs:261:7:261:10 | sink | semmle.label | sink | -| main.rs:270:9:270:9 | s | semmle.label | s | -| main.rs:270:9:270:9 | s | semmle.label | s | -| main.rs:270:13:270:25 | simple_source | semmle.label | simple_source | -| main.rs:270:13:270:25 | simple_source | semmle.label | simple_source | -| main.rs:270:13:270:29 | simple_source(...) | semmle.label | simple_source(...) | -| main.rs:270:13:270:29 | simple_source(...) | semmle.label | simple_source(...) | -| main.rs:271:10:271:10 | s | semmle.label | s | -| main.rs:271:10:271:10 | s | semmle.label | s | -| main.rs:278:9:278:9 | s | semmle.label | s | -| main.rs:278:9:278:9 | s | semmle.label | s | -| main.rs:278:13:278:22 | source(...) | semmle.label | source(...) | -| main.rs:278:13:278:22 | source(...) | semmle.label | source(...) | -| main.rs:279:5:279:15 | simple_sink | semmle.label | simple_sink | -| main.rs:279:5:279:15 | simple_sink | semmle.label | simple_sink | -| main.rs:279:17:279:17 | s | semmle.label | s | -| main.rs:279:17:279:17 | s | semmle.label | s | -| main.rs:287:5:287:14 | arg_source | semmle.label | arg_source | -| main.rs:287:5:287:14 | arg_source | semmle.label | arg_source | -| main.rs:287:16:287:16 | [post] i | semmle.label | [post] i | -| main.rs:287:16:287:16 | [post] i | semmle.label | [post] i | -| main.rs:288:10:288:10 | i | semmle.label | i | -| main.rs:288:10:288:10 | i | semmle.label | i | +| main.rs:187:9:187:9 | s | semmle.label | s | +| main.rs:187:9:187:9 | s | semmle.label | s | +| main.rs:187:13:187:22 | source(...) | semmle.label | source(...) | +| main.rs:187:13:187:22 | source(...) | semmle.label | source(...) | +| main.rs:188:14:188:14 | ... | semmle.label | ... | +| main.rs:188:14:188:14 | ... | semmle.label | ... | +| main.rs:189:14:189:14 | n | semmle.label | n | +| main.rs:189:14:189:14 | n | semmle.label | n | +| main.rs:192:11:192:11 | s | semmle.label | s | +| main.rs:192:11:192:11 | s | semmle.label | s | +| main.rs:196:13:196:22 | source(...) | semmle.label | source(...) | +| main.rs:196:13:196:22 | source(...) | semmle.label | source(...) | +| main.rs:197:17:197:42 | if ... {...} else {...} | semmle.label | if ... {...} else {...} | +| main.rs:197:17:197:42 | if ... {...} else {...} | semmle.label | if ... {...} else {...} | +| main.rs:197:40:197:40 | s | semmle.label | s | +| main.rs:197:40:197:40 | s | semmle.label | s | +| main.rs:198:9:198:9 | t | semmle.label | t | +| main.rs:198:9:198:9 | t | semmle.label | t | +| main.rs:198:13:198:24 | apply(...) | semmle.label | apply(...) | +| main.rs:198:13:198:24 | apply(...) | semmle.label | apply(...) | +| main.rs:198:23:198:23 | f [captured s] | semmle.label | f [captured s] | +| main.rs:198:23:198:23 | f [captured s] | semmle.label | f [captured s] | +| main.rs:199:10:199:10 | t | semmle.label | t | +| main.rs:199:10:199:10 | t | semmle.label | t | +| main.rs:203:9:203:9 | s | semmle.label | s | +| main.rs:203:9:203:9 | s | semmle.label | s | +| main.rs:203:13:203:22 | source(...) | semmle.label | source(...) | +| main.rs:203:13:203:22 | source(...) | semmle.label | source(...) | +| main.rs:204:14:204:14 | ... | semmle.label | ... | +| main.rs:204:14:204:14 | ... | semmle.label | ... | +| main.rs:204:17:204:42 | if ... {...} else {...} | semmle.label | if ... {...} else {...} | +| main.rs:204:17:204:42 | if ... {...} else {...} | semmle.label | if ... {...} else {...} | +| main.rs:205:9:205:9 | t | semmle.label | t | +| main.rs:205:9:205:9 | t | semmle.label | t | +| main.rs:205:13:205:23 | apply(...) | semmle.label | apply(...) | +| main.rs:205:13:205:23 | apply(...) | semmle.label | apply(...) | +| main.rs:205:19:205:19 | s | semmle.label | s | +| main.rs:205:19:205:19 | s | semmle.label | s | +| main.rs:206:10:206:10 | t | semmle.label | t | +| main.rs:206:10:206:10 | t | semmle.label | t | +| main.rs:215:9:215:9 | s | semmle.label | s | +| main.rs:215:9:215:9 | s | semmle.label | s | +| main.rs:215:13:215:22 | source(...) | semmle.label | source(...) | +| main.rs:215:13:215:22 | source(...) | semmle.label | source(...) | +| main.rs:216:9:216:9 | t | semmle.label | t | +| main.rs:216:9:216:9 | t | semmle.label | t | +| main.rs:216:13:216:31 | get_async_number(...) [future] | semmle.label | get_async_number(...) [future] | +| main.rs:216:13:216:31 | get_async_number(...) [future] | semmle.label | get_async_number(...) [future] | +| main.rs:216:13:216:37 | await ... | semmle.label | await ... | +| main.rs:216:13:216:37 | await ... | semmle.label | await ... | +| main.rs:216:30:216:30 | s | semmle.label | s | +| main.rs:216:30:216:30 | s | semmle.label | s | +| main.rs:217:10:217:10 | t | semmle.label | t | +| main.rs:217:10:217:10 | t | semmle.label | t | +| main.rs:236:9:236:9 | s [D] | semmle.label | s [D] | +| main.rs:236:9:236:9 | s [D] | semmle.label | s [D] | +| main.rs:236:13:236:23 | enum_source | semmle.label | enum_source | +| main.rs:236:13:236:23 | enum_source | semmle.label | enum_source | +| main.rs:236:13:236:27 | enum_source(...) [D] | semmle.label | enum_source(...) [D] | +| main.rs:236:13:236:27 | enum_source(...) [D] | semmle.label | enum_source(...) [D] | +| main.rs:237:11:237:11 | s [D] | semmle.label | s [D] | +| main.rs:237:11:237:11 | s [D] | semmle.label | s [D] | +| main.rs:239:9:239:37 | ...::D {...} [D] | semmle.label | ...::D {...} [D] | +| main.rs:239:9:239:37 | ...::D {...} [D] | semmle.label | ...::D {...} [D] | +| main.rs:239:35:239:35 | i | semmle.label | i | +| main.rs:239:35:239:35 | i | semmle.label | i | +| main.rs:239:47:239:47 | i | semmle.label | i | +| main.rs:239:47:239:47 | i | semmle.label | i | +| main.rs:245:9:245:9 | s [C] | semmle.label | s [C] | +| main.rs:245:9:245:9 | s [C] | semmle.label | s [C] | +| main.rs:245:13:245:24 | e.source(...) [C] | semmle.label | e.source(...) [C] | +| main.rs:245:13:245:24 | e.source(...) [C] | semmle.label | e.source(...) [C] | +| main.rs:245:15:245:20 | source | semmle.label | source | +| main.rs:245:15:245:20 | source | semmle.label | source | +| main.rs:246:11:246:11 | s [C] | semmle.label | s [C] | +| main.rs:246:11:246:11 | s [C] | semmle.label | s [C] | +| main.rs:247:9:247:37 | ...::C {...} [C] | semmle.label | ...::C {...} [C] | +| main.rs:247:9:247:37 | ...::C {...} [C] | semmle.label | ...::C {...} [C] | +| main.rs:247:35:247:35 | i | semmle.label | i | +| main.rs:247:35:247:35 | i | semmle.label | i | +| main.rs:247:47:247:47 | i | semmle.label | i | +| main.rs:247:47:247:47 | i | semmle.label | i | +| main.rs:256:9:256:9 | s | semmle.label | s | +| main.rs:256:9:256:9 | s | semmle.label | s | +| main.rs:256:13:256:22 | source(...) | semmle.label | source(...) | +| main.rs:256:13:256:22 | source(...) | semmle.label | source(...) | +| main.rs:257:5:257:13 | enum_sink | semmle.label | enum_sink | +| main.rs:257:5:257:13 | enum_sink | semmle.label | enum_sink | +| main.rs:257:15:257:43 | ...::C {...} [C] | semmle.label | ...::C {...} [C] | +| main.rs:257:15:257:43 | ...::C {...} [C] | semmle.label | ...::C {...} [C] | +| main.rs:257:41:257:41 | s | semmle.label | s | +| main.rs:257:41:257:41 | s | semmle.label | s | +| main.rs:262:9:262:9 | s | semmle.label | s | +| main.rs:262:9:262:9 | s | semmle.label | s | +| main.rs:262:13:262:22 | source(...) | semmle.label | source(...) | +| main.rs:262:13:262:22 | source(...) | semmle.label | source(...) | +| main.rs:263:9:263:9 | e [D] | semmle.label | e [D] | +| main.rs:263:9:263:9 | e [D] | semmle.label | e [D] | +| main.rs:263:13:263:41 | ...::D {...} [D] | semmle.label | ...::D {...} [D] | +| main.rs:263:13:263:41 | ...::D {...} [D] | semmle.label | ...::D {...} [D] | +| main.rs:263:39:263:39 | s | semmle.label | s | +| main.rs:263:39:263:39 | s | semmle.label | s | +| main.rs:264:5:264:5 | e [D] | semmle.label | e [D] | +| main.rs:264:5:264:5 | e [D] | semmle.label | e [D] | +| main.rs:264:7:264:10 | sink | semmle.label | sink | +| main.rs:264:7:264:10 | sink | semmle.label | sink | +| main.rs:273:9:273:9 | s | semmle.label | s | +| main.rs:273:9:273:9 | s | semmle.label | s | +| main.rs:273:13:273:25 | simple_source | semmle.label | simple_source | +| main.rs:273:13:273:25 | simple_source | semmle.label | simple_source | +| main.rs:273:13:273:29 | simple_source(...) | semmle.label | simple_source(...) | +| main.rs:273:13:273:29 | simple_source(...) | semmle.label | simple_source(...) | +| main.rs:274:10:274:10 | s | semmle.label | s | +| main.rs:274:10:274:10 | s | semmle.label | s | +| main.rs:281:9:281:9 | s | semmle.label | s | +| main.rs:281:9:281:9 | s | semmle.label | s | +| main.rs:281:13:281:22 | source(...) | semmle.label | source(...) | +| main.rs:281:13:281:22 | source(...) | semmle.label | source(...) | +| main.rs:282:5:282:15 | simple_sink | semmle.label | simple_sink | +| main.rs:282:5:282:15 | simple_sink | semmle.label | simple_sink | +| main.rs:282:17:282:17 | s | semmle.label | s | +| main.rs:282:17:282:17 | s | semmle.label | s | +| main.rs:290:5:290:14 | arg_source | semmle.label | arg_source | +| main.rs:290:5:290:14 | arg_source | semmle.label | arg_source | +| main.rs:290:16:290:16 | [post] i | semmle.label | [post] i | +| main.rs:290:16:290:16 | [post] i | semmle.label | [post] i | +| main.rs:291:10:291:10 | i | semmle.label | i | +| main.rs:291:10:291:10 | i | semmle.label | i | +| main.rs:343:9:343:10 | x1 | semmle.label | x1 | +| main.rs:343:9:343:10 | x1 | semmle.label | x1 | +| main.rs:343:14:343:23 | source(...) | semmle.label | source(...) | +| main.rs:343:14:343:23 | source(...) | semmle.label | source(...) | +| main.rs:343:14:343:30 | ... .max(...) | semmle.label | ... .max(...) | +| main.rs:343:14:343:30 | ... .max(...) | semmle.label | ... .max(...) | +| main.rs:344:10:344:11 | x1 | semmle.label | x1 | +| main.rs:344:10:344:11 | x1 | semmle.label | x1 | +| main.rs:346:9:346:10 | x2 [MyStruct.field1] | semmle.label | x2 [MyStruct.field1] | +| main.rs:346:9:346:10 | x2 [MyStruct.field1] | semmle.label | x2 [MyStruct.field1] | +| main.rs:346:14:353:6 | ... .max(...) [MyStruct.field1] | semmle.label | ... .max(...) [MyStruct.field1] | +| main.rs:346:14:353:6 | ... .max(...) [MyStruct.field1] | semmle.label | ... .max(...) [MyStruct.field1] | +| main.rs:346:15:349:5 | MyStruct {...} [MyStruct.field1] | semmle.label | MyStruct {...} [MyStruct.field1] | +| main.rs:346:15:349:5 | MyStruct {...} [MyStruct.field1] | semmle.label | MyStruct {...} [MyStruct.field1] | +| main.rs:347:17:347:26 | source(...) | semmle.label | source(...) | +| main.rs:347:17:347:26 | source(...) | semmle.label | source(...) | +| main.rs:354:10:354:11 | x2 [MyStruct.field1] | semmle.label | x2 [MyStruct.field1] | +| main.rs:354:10:354:11 | x2 [MyStruct.field1] | semmle.label | x2 [MyStruct.field1] | +| main.rs:354:10:354:18 | x2.field1 | semmle.label | x2.field1 | +| main.rs:354:10:354:18 | x2.field1 | semmle.label | x2.field1 | +| main.rs:359:9:359:10 | x4 | semmle.label | x4 | +| main.rs:359:9:359:10 | x4 | semmle.label | x4 | +| main.rs:359:14:359:23 | source(...) | semmle.label | source(...) | +| main.rs:359:14:359:23 | source(...) | semmle.label | source(...) | +| main.rs:359:14:359:30 | ... .max(...) | semmle.label | ... .max(...) | +| main.rs:359:14:359:30 | ... .max(...) | semmle.label | ... .max(...) | +| main.rs:360:10:360:11 | x4 | semmle.label | x4 | +| main.rs:360:10:360:11 | x4 | semmle.label | x4 | subpaths -| main.rs:195:23:195:23 | f [captured s] | main.rs:194:40:194:40 | s | main.rs:194:17:194:42 | if ... {...} else {...} | main.rs:195:13:195:24 | apply(...) | -| main.rs:195:23:195:23 | f [captured s] | main.rs:194:40:194:40 | s | main.rs:194:17:194:42 | if ... {...} else {...} | main.rs:195:13:195:24 | apply(...) | -| main.rs:202:19:202:19 | s | main.rs:201:14:201:14 | ... | main.rs:201:17:201:42 | if ... {...} else {...} | main.rs:202:13:202:23 | apply(...) | -| main.rs:202:19:202:19 | s | main.rs:201:14:201:14 | ... | main.rs:201:17:201:42 | if ... {...} else {...} | main.rs:202:13:202:23 | apply(...) | +| main.rs:198:23:198:23 | f [captured s] | main.rs:197:40:197:40 | s | main.rs:197:17:197:42 | if ... {...} else {...} | main.rs:198:13:198:24 | apply(...) | +| main.rs:198:23:198:23 | f [captured s] | main.rs:197:40:197:40 | s | main.rs:197:17:197:42 | if ... {...} else {...} | main.rs:198:13:198:24 | apply(...) | +| main.rs:205:19:205:19 | s | main.rs:204:14:204:14 | ... | main.rs:204:17:204:42 | if ... {...} else {...} | main.rs:205:13:205:23 | apply(...) | +| main.rs:205:19:205:19 | s | main.rs:204:14:204:14 | ... | main.rs:204:17:204:42 | if ... {...} else {...} | main.rs:205:13:205:23 | apply(...) | testFailures invalidSpecComponent #select @@ -580,25 +631,31 @@ invalidSpecComponent | main.rs:161:10:161:29 | get_tuple_element(...) | main.rs:159:13:159:22 | source(...) | main.rs:161:10:161:29 | get_tuple_element(...) | $@ | main.rs:159:13:159:22 | source(...) | source(...) | | main.rs:175:10:175:12 | t.1 | main.rs:172:13:172:22 | source(...) | main.rs:175:10:175:12 | t.1 | $@ | main.rs:172:13:172:22 | source(...) | source(...) | | main.rs:175:10:175:12 | t.1 | main.rs:172:13:172:22 | source(...) | main.rs:175:10:175:12 | t.1 | $@ | main.rs:172:13:172:22 | source(...) | source(...) | -| main.rs:186:14:186:14 | n | main.rs:184:13:184:22 | source(...) | main.rs:186:14:186:14 | n | $@ | main.rs:184:13:184:22 | source(...) | source(...) | -| main.rs:186:14:186:14 | n | main.rs:184:13:184:22 | source(...) | main.rs:186:14:186:14 | n | $@ | main.rs:184:13:184:22 | source(...) | source(...) | -| main.rs:196:10:196:10 | t | main.rs:193:13:193:22 | source(...) | main.rs:196:10:196:10 | t | $@ | main.rs:193:13:193:22 | source(...) | source(...) | -| main.rs:196:10:196:10 | t | main.rs:193:13:193:22 | source(...) | main.rs:196:10:196:10 | t | $@ | main.rs:193:13:193:22 | source(...) | source(...) | -| main.rs:203:10:203:10 | t | main.rs:200:13:200:22 | source(...) | main.rs:203:10:203:10 | t | $@ | main.rs:200:13:200:22 | source(...) | source(...) | -| main.rs:203:10:203:10 | t | main.rs:200:13:200:22 | source(...) | main.rs:203:10:203:10 | t | $@ | main.rs:200:13:200:22 | source(...) | source(...) | -| main.rs:214:10:214:10 | t | main.rs:212:13:212:22 | source(...) | main.rs:214:10:214:10 | t | $@ | main.rs:212:13:212:22 | source(...) | source(...) | -| main.rs:214:10:214:10 | t | main.rs:212:13:212:22 | source(...) | main.rs:214:10:214:10 | t | $@ | main.rs:212:13:212:22 | source(...) | source(...) | -| main.rs:236:47:236:47 | i | main.rs:233:13:233:23 | enum_source | main.rs:236:47:236:47 | i | $@ | main.rs:233:13:233:23 | enum_source | enum_source | -| main.rs:236:47:236:47 | i | main.rs:233:13:233:23 | enum_source | main.rs:236:47:236:47 | i | $@ | main.rs:233:13:233:23 | enum_source | enum_source | -| main.rs:244:47:244:47 | i | main.rs:242:15:242:20 | source | main.rs:244:47:244:47 | i | $@ | main.rs:242:15:242:20 | source | source | -| main.rs:244:47:244:47 | i | main.rs:242:15:242:20 | source | main.rs:244:47:244:47 | i | $@ | main.rs:242:15:242:20 | source | source | -| main.rs:254:5:254:13 | enum_sink | main.rs:253:13:253:22 | source(...) | main.rs:254:5:254:13 | enum_sink | $@ | main.rs:253:13:253:22 | source(...) | source(...) | -| main.rs:254:5:254:13 | enum_sink | main.rs:253:13:253:22 | source(...) | main.rs:254:5:254:13 | enum_sink | $@ | main.rs:253:13:253:22 | source(...) | source(...) | -| main.rs:261:7:261:10 | sink | main.rs:259:13:259:22 | source(...) | main.rs:261:7:261:10 | sink | $@ | main.rs:259:13:259:22 | source(...) | source(...) | -| main.rs:261:7:261:10 | sink | main.rs:259:13:259:22 | source(...) | main.rs:261:7:261:10 | sink | $@ | main.rs:259:13:259:22 | source(...) | source(...) | -| main.rs:271:10:271:10 | s | main.rs:270:13:270:25 | simple_source | main.rs:271:10:271:10 | s | $@ | main.rs:270:13:270:25 | simple_source | simple_source | -| main.rs:271:10:271:10 | s | main.rs:270:13:270:25 | simple_source | main.rs:271:10:271:10 | s | $@ | main.rs:270:13:270:25 | simple_source | simple_source | -| main.rs:279:5:279:15 | simple_sink | main.rs:278:13:278:22 | source(...) | main.rs:279:5:279:15 | simple_sink | $@ | main.rs:278:13:278:22 | source(...) | source(...) | -| main.rs:279:5:279:15 | simple_sink | main.rs:278:13:278:22 | source(...) | main.rs:279:5:279:15 | simple_sink | $@ | main.rs:278:13:278:22 | source(...) | source(...) | -| main.rs:288:10:288:10 | i | main.rs:287:5:287:14 | arg_source | main.rs:288:10:288:10 | i | $@ | main.rs:287:5:287:14 | arg_source | arg_source | -| main.rs:288:10:288:10 | i | main.rs:287:5:287:14 | arg_source | main.rs:288:10:288:10 | i | $@ | main.rs:287:5:287:14 | arg_source | arg_source | +| main.rs:189:14:189:14 | n | main.rs:187:13:187:22 | source(...) | main.rs:189:14:189:14 | n | $@ | main.rs:187:13:187:22 | source(...) | source(...) | +| main.rs:189:14:189:14 | n | main.rs:187:13:187:22 | source(...) | main.rs:189:14:189:14 | n | $@ | main.rs:187:13:187:22 | source(...) | source(...) | +| main.rs:199:10:199:10 | t | main.rs:196:13:196:22 | source(...) | main.rs:199:10:199:10 | t | $@ | main.rs:196:13:196:22 | source(...) | source(...) | +| main.rs:199:10:199:10 | t | main.rs:196:13:196:22 | source(...) | main.rs:199:10:199:10 | t | $@ | main.rs:196:13:196:22 | source(...) | source(...) | +| main.rs:206:10:206:10 | t | main.rs:203:13:203:22 | source(...) | main.rs:206:10:206:10 | t | $@ | main.rs:203:13:203:22 | source(...) | source(...) | +| main.rs:206:10:206:10 | t | main.rs:203:13:203:22 | source(...) | main.rs:206:10:206:10 | t | $@ | main.rs:203:13:203:22 | source(...) | source(...) | +| main.rs:217:10:217:10 | t | main.rs:215:13:215:22 | source(...) | main.rs:217:10:217:10 | t | $@ | main.rs:215:13:215:22 | source(...) | source(...) | +| main.rs:217:10:217:10 | t | main.rs:215:13:215:22 | source(...) | main.rs:217:10:217:10 | t | $@ | main.rs:215:13:215:22 | source(...) | source(...) | +| main.rs:239:47:239:47 | i | main.rs:236:13:236:23 | enum_source | main.rs:239:47:239:47 | i | $@ | main.rs:236:13:236:23 | enum_source | enum_source | +| main.rs:239:47:239:47 | i | main.rs:236:13:236:23 | enum_source | main.rs:239:47:239:47 | i | $@ | main.rs:236:13:236:23 | enum_source | enum_source | +| main.rs:247:47:247:47 | i | main.rs:245:15:245:20 | source | main.rs:247:47:247:47 | i | $@ | main.rs:245:15:245:20 | source | source | +| main.rs:247:47:247:47 | i | main.rs:245:15:245:20 | source | main.rs:247:47:247:47 | i | $@ | main.rs:245:15:245:20 | source | source | +| main.rs:257:5:257:13 | enum_sink | main.rs:256:13:256:22 | source(...) | main.rs:257:5:257:13 | enum_sink | $@ | main.rs:256:13:256:22 | source(...) | source(...) | +| main.rs:257:5:257:13 | enum_sink | main.rs:256:13:256:22 | source(...) | main.rs:257:5:257:13 | enum_sink | $@ | main.rs:256:13:256:22 | source(...) | source(...) | +| main.rs:264:7:264:10 | sink | main.rs:262:13:262:22 | source(...) | main.rs:264:7:264:10 | sink | $@ | main.rs:262:13:262:22 | source(...) | source(...) | +| main.rs:264:7:264:10 | sink | main.rs:262:13:262:22 | source(...) | main.rs:264:7:264:10 | sink | $@ | main.rs:262:13:262:22 | source(...) | source(...) | +| main.rs:274:10:274:10 | s | main.rs:273:13:273:25 | simple_source | main.rs:274:10:274:10 | s | $@ | main.rs:273:13:273:25 | simple_source | simple_source | +| main.rs:274:10:274:10 | s | main.rs:273:13:273:25 | simple_source | main.rs:274:10:274:10 | s | $@ | main.rs:273:13:273:25 | simple_source | simple_source | +| main.rs:282:5:282:15 | simple_sink | main.rs:281:13:281:22 | source(...) | main.rs:282:5:282:15 | simple_sink | $@ | main.rs:281:13:281:22 | source(...) | source(...) | +| main.rs:282:5:282:15 | simple_sink | main.rs:281:13:281:22 | source(...) | main.rs:282:5:282:15 | simple_sink | $@ | main.rs:281:13:281:22 | source(...) | source(...) | +| main.rs:291:10:291:10 | i | main.rs:290:5:290:14 | arg_source | main.rs:291:10:291:10 | i | $@ | main.rs:290:5:290:14 | arg_source | arg_source | +| main.rs:291:10:291:10 | i | main.rs:290:5:290:14 | arg_source | main.rs:291:10:291:10 | i | $@ | main.rs:290:5:290:14 | arg_source | arg_source | +| main.rs:344:10:344:11 | x1 | main.rs:343:14:343:23 | source(...) | main.rs:344:10:344:11 | x1 | $@ | main.rs:343:14:343:23 | source(...) | source(...) | +| main.rs:344:10:344:11 | x1 | main.rs:343:14:343:23 | source(...) | main.rs:344:10:344:11 | x1 | $@ | main.rs:343:14:343:23 | source(...) | source(...) | +| main.rs:354:10:354:18 | x2.field1 | main.rs:347:17:347:26 | source(...) | main.rs:354:10:354:18 | x2.field1 | $@ | main.rs:347:17:347:26 | source(...) | source(...) | +| main.rs:354:10:354:18 | x2.field1 | main.rs:347:17:347:26 | source(...) | main.rs:354:10:354:18 | x2.field1 | $@ | main.rs:347:17:347:26 | source(...) | source(...) | +| main.rs:360:10:360:11 | x4 | main.rs:359:14:359:23 | source(...) | main.rs:360:10:360:11 | x4 | $@ | main.rs:359:14:359:23 | source(...) | source(...) | +| main.rs:360:10:360:11 | x4 | main.rs:359:14:359:23 | source(...) | main.rs:360:10:360:11 | x4 | $@ | main.rs:359:14:359:23 | source(...) | source(...) | diff --git a/rust/ql/test/library-tests/dataflow/models/models.ext.yml b/rust/ql/test/library-tests/dataflow/models/models.ext.yml index ba5fc48cf24..eb51ac64f50 100644 --- a/rust/ql/test/library-tests/dataflow/models/models.ext.yml +++ b/rust/ql/test/library-tests/dataflow/models/models.ext.yml @@ -32,3 +32,5 @@ extensions: - ["main::apply", "Argument[0]", "Argument[1].Parameter[0]", "value", "manual"] - ["main::apply", "Argument[1].ReturnValue", "ReturnValue", "value", "manual"] - ["main::get_async_number", "Argument[0]", "ReturnValue.Future", "value", "manual"] + - ["<_ as core::cmp::Ord>::max", "Argument[self]", "ReturnValue", "value", "manual"] + - ["<_ as core::cmp::PartialOrd>::lt", "Argument[self].Reference", "ReturnValue", "taint", "manual"] From 8c240399c16767eb1be2bc8a0b5f5e551196ce9c Mon Sep 17 00:00:00 2001 From: Tom Hvitved Date: Wed, 25 Jun 2025 20:49:31 +0200 Subject: [PATCH 078/111] Rust: Apply MaD trait models to implementations --- .../rust/dataflow/internal/DataFlowImpl.qll | 12 +- .../rust/dataflow/internal/ModelsAsData.qll | 6 + .../library-tests/dataflow/models/main.rs | 4 +- .../dataflow/models/models.expected | 111 ++++++++++-------- 4 files changed, 83 insertions(+), 50 deletions(-) diff --git a/rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll b/rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll index 7cd200a83c7..7f86995c941 100644 --- a/rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll +++ b/rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll @@ -407,7 +407,17 @@ module RustDataFlow implements InputSig { exists(Call c | c = call.asCallCfgNode().getCall() | result.asCfgScope() = c.getARuntimeTarget() or - result.asSummarizedCallable() = c.getStaticTarget() + exists(SummarizedCallable sc, Function staticTarget | + staticTarget = c.getStaticTarget() and + sc = result.asSummarizedCallable() + | + sc = staticTarget + or + // only apply trait models to concrete implementations when they are not + // defined in source code + staticTarget.implements(sc) and + not staticTarget.fromSource() + ) ) } diff --git a/rust/ql/lib/codeql/rust/dataflow/internal/ModelsAsData.qll b/rust/ql/lib/codeql/rust/dataflow/internal/ModelsAsData.qll index bc1f58824b3..112fe6de5dc 100644 --- a/rust/ql/lib/codeql/rust/dataflow/internal/ModelsAsData.qll +++ b/rust/ql/lib/codeql/rust/dataflow/internal/ModelsAsData.qll @@ -32,6 +32,8 @@ * - `Field[t(i)]`: position `i` inside the variant/struct with canonical path `v`, for example * `Field[core::option::Option::Some(0)]`. * - `Field[i]`: the `i`th element of a tuple. + * - `Reference`: the referenced value. + * - `Future`: the value being computed asynchronously. * 3. The `kind` column is a tag that can be referenced from QL to determine to * which classes the interpreted elements should be added. For example, for * sources `"remote"` indicates a default remote flow source, and for summaries @@ -211,6 +213,10 @@ private class SummarizedCallableFromModel extends SummarizedCallable::Range { this.getCanonicalPath() = path } + override predicate hasProvenance(Provenance provenance) { + summaryModel(path, _, _, _, provenance, _) + } + override predicate propagatesFlow( string input, string output, boolean preservesValue, string model ) { diff --git a/rust/ql/test/library-tests/dataflow/models/main.rs b/rust/ql/test/library-tests/dataflow/models/main.rs index e9348419d57..0430b6f8dff 100644 --- a/rust/ql/test/library-tests/dataflow/models/main.rs +++ b/rust/ql/test/library-tests/dataflow/models/main.rs @@ -360,10 +360,10 @@ fn test_trait_model(x: T) { sink(x4); // $ hasValueFlow=25 let x5 = source(26).lt(&1); - sink(x5); // $ MISSING: hasTaintFlow=26 + sink(x5); // $ hasTaintFlow=26 let x6 = source(27) < 1; - sink(x6); // $ MISSING: hasTaintFlow=27 + sink(x6); // $ hasTaintFlow=27 } #[tokio::main] diff --git a/rust/ql/test/library-tests/dataflow/models/models.expected b/rust/ql/test/library-tests/dataflow/models/models.expected index ad236a80088..db7489809b8 100644 --- a/rust/ql/test/library-tests/dataflow/models/models.expected +++ b/rust/ql/test/library-tests/dataflow/models/models.expected @@ -7,20 +7,21 @@ models | 6 | Source: main::enum_source; ReturnValue.Field[main::MyFieldEnum::D::field_d]; test-source | | 7 | Source: main::simple_source; ReturnValue; test-source | | 8 | Summary: <_ as core::cmp::Ord>::max; Argument[self]; ReturnValue; value | -| 9 | Summary: main::apply; Argument[0]; Argument[1].Parameter[0]; value | -| 10 | Summary: main::apply; Argument[1].ReturnValue; ReturnValue; value | -| 11 | Summary: main::coerce; Argument[0]; ReturnValue; taint | -| 12 | Summary: main::get_array_element; Argument[0].Element; ReturnValue; value | -| 13 | Summary: main::get_async_number; Argument[0]; ReturnValue.Future; value | -| 14 | Summary: main::get_struct_field; Argument[0].Field[main::MyStruct::field1]; ReturnValue; value | -| 15 | Summary: main::get_tuple_element; Argument[0].Field[0]; ReturnValue; value | -| 16 | Summary: main::get_var_field; Argument[0].Field[main::MyFieldEnum::C::field_c]; ReturnValue; value | -| 17 | Summary: main::get_var_pos; Argument[0].Field[main::MyPosEnum::A(0)]; ReturnValue; value | -| 18 | Summary: main::set_array_element; Argument[0]; ReturnValue.Element; value | -| 19 | Summary: main::set_struct_field; Argument[0]; ReturnValue.Field[main::MyStruct::field2]; value | -| 20 | Summary: main::set_tuple_element; Argument[0]; ReturnValue.Field[1]; value | -| 21 | Summary: main::set_var_field; Argument[0]; ReturnValue.Field[main::MyFieldEnum::D::field_d]; value | -| 22 | Summary: main::set_var_pos; Argument[0]; ReturnValue.Field[main::MyPosEnum::B(0)]; value | +| 9 | Summary: <_ as core::cmp::PartialOrd>::lt; Argument[self].Reference; ReturnValue; taint | +| 10 | Summary: main::apply; Argument[0]; Argument[1].Parameter[0]; value | +| 11 | Summary: main::apply; Argument[1].ReturnValue; ReturnValue; value | +| 12 | Summary: main::coerce; Argument[0]; ReturnValue; taint | +| 13 | Summary: main::get_array_element; Argument[0].Element; ReturnValue; value | +| 14 | Summary: main::get_async_number; Argument[0]; ReturnValue.Future; value | +| 15 | Summary: main::get_struct_field; Argument[0].Field[main::MyStruct::field1]; ReturnValue; value | +| 16 | Summary: main::get_tuple_element; Argument[0].Field[0]; ReturnValue; value | +| 17 | Summary: main::get_var_field; Argument[0].Field[main::MyFieldEnum::C::field_c]; ReturnValue; value | +| 18 | Summary: main::get_var_pos; Argument[0].Field[main::MyPosEnum::A(0)]; ReturnValue; value | +| 19 | Summary: main::set_array_element; Argument[0]; ReturnValue.Element; value | +| 20 | Summary: main::set_struct_field; Argument[0]; ReturnValue.Field[main::MyStruct::field2]; value | +| 21 | Summary: main::set_tuple_element; Argument[0]; ReturnValue.Field[1]; value | +| 22 | Summary: main::set_var_field; Argument[0]; ReturnValue.Field[main::MyFieldEnum::D::field_d]; value | +| 23 | Summary: main::set_var_pos; Argument[0]; ReturnValue.Field[main::MyPosEnum::B(0)]; value | edges | main.rs:15:9:15:9 | s | main.rs:16:19:16:19 | s | provenance | | | main.rs:15:9:15:9 | s | main.rs:16:19:16:19 | s | provenance | | @@ -30,7 +31,7 @@ edges | main.rs:16:19:16:19 | s | main.rs:16:10:16:20 | identity(...) | provenance | QL | | main.rs:25:9:25:9 | s | main.rs:26:17:26:17 | s | provenance | | | main.rs:25:13:25:22 | source(...) | main.rs:25:9:25:9 | s | provenance | | -| main.rs:26:17:26:17 | s | main.rs:26:10:26:18 | coerce(...) | provenance | MaD:11 | +| main.rs:26:17:26:17 | s | main.rs:26:10:26:18 | coerce(...) | provenance | MaD:12 | | main.rs:40:9:40:9 | s | main.rs:41:27:41:27 | s | provenance | | | main.rs:40:9:40:9 | s | main.rs:41:27:41:27 | s | provenance | | | main.rs:40:13:40:21 | source(...) | main.rs:40:9:40:9 | s | provenance | | @@ -41,8 +42,8 @@ edges | main.rs:41:14:41:28 | ...::A(...) [A] | main.rs:41:9:41:10 | e1 [A] | provenance | | | main.rs:41:27:41:27 | s | main.rs:41:14:41:28 | ...::A(...) [A] | provenance | | | main.rs:41:27:41:27 | s | main.rs:41:14:41:28 | ...::A(...) [A] | provenance | | -| main.rs:42:22:42:23 | e1 [A] | main.rs:42:10:42:24 | get_var_pos(...) | provenance | MaD:17 | -| main.rs:42:22:42:23 | e1 [A] | main.rs:42:10:42:24 | get_var_pos(...) | provenance | MaD:17 | +| main.rs:42:22:42:23 | e1 [A] | main.rs:42:10:42:24 | get_var_pos(...) | provenance | MaD:18 | +| main.rs:42:22:42:23 | e1 [A] | main.rs:42:10:42:24 | get_var_pos(...) | provenance | MaD:18 | | main.rs:53:9:53:9 | s | main.rs:54:26:54:26 | s | provenance | | | main.rs:53:9:53:9 | s | main.rs:54:26:54:26 | s | provenance | | | main.rs:53:13:53:21 | source(...) | main.rs:53:9:53:9 | s | provenance | | @@ -51,8 +52,8 @@ edges | main.rs:54:9:54:10 | e1 [B] | main.rs:55:11:55:12 | e1 [B] | provenance | | | main.rs:54:14:54:27 | set_var_pos(...) [B] | main.rs:54:9:54:10 | e1 [B] | provenance | | | main.rs:54:14:54:27 | set_var_pos(...) [B] | main.rs:54:9:54:10 | e1 [B] | provenance | | -| main.rs:54:26:54:26 | s | main.rs:54:14:54:27 | set_var_pos(...) [B] | provenance | MaD:22 | -| main.rs:54:26:54:26 | s | main.rs:54:14:54:27 | set_var_pos(...) [B] | provenance | MaD:22 | +| main.rs:54:26:54:26 | s | main.rs:54:14:54:27 | set_var_pos(...) [B] | provenance | MaD:23 | +| main.rs:54:26:54:26 | s | main.rs:54:14:54:27 | set_var_pos(...) [B] | provenance | MaD:23 | | main.rs:55:11:55:12 | e1 [B] | main.rs:57:9:57:23 | ...::B(...) [B] | provenance | | | main.rs:55:11:55:12 | e1 [B] | main.rs:57:9:57:23 | ...::B(...) [B] | provenance | | | main.rs:57:9:57:23 | ...::B(...) [B] | main.rs:57:22:57:22 | i | provenance | | @@ -69,8 +70,8 @@ edges | main.rs:73:14:73:42 | ...::C {...} [C] | main.rs:73:9:73:10 | e1 [C] | provenance | | | main.rs:73:40:73:40 | s | main.rs:73:14:73:42 | ...::C {...} [C] | provenance | | | main.rs:73:40:73:40 | s | main.rs:73:14:73:42 | ...::C {...} [C] | provenance | | -| main.rs:74:24:74:25 | e1 [C] | main.rs:74:10:74:26 | get_var_field(...) | provenance | MaD:16 | -| main.rs:74:24:74:25 | e1 [C] | main.rs:74:10:74:26 | get_var_field(...) | provenance | MaD:16 | +| main.rs:74:24:74:25 | e1 [C] | main.rs:74:10:74:26 | get_var_field(...) | provenance | MaD:17 | +| main.rs:74:24:74:25 | e1 [C] | main.rs:74:10:74:26 | get_var_field(...) | provenance | MaD:17 | | main.rs:85:9:85:9 | s | main.rs:86:28:86:28 | s | provenance | | | main.rs:85:9:85:9 | s | main.rs:86:28:86:28 | s | provenance | | | main.rs:85:13:85:21 | source(...) | main.rs:85:9:85:9 | s | provenance | | @@ -79,8 +80,8 @@ edges | main.rs:86:9:86:10 | e1 [D] | main.rs:87:11:87:12 | e1 [D] | provenance | | | main.rs:86:14:86:29 | set_var_field(...) [D] | main.rs:86:9:86:10 | e1 [D] | provenance | | | main.rs:86:14:86:29 | set_var_field(...) [D] | main.rs:86:9:86:10 | e1 [D] | provenance | | -| main.rs:86:28:86:28 | s | main.rs:86:14:86:29 | set_var_field(...) [D] | provenance | MaD:21 | -| main.rs:86:28:86:28 | s | main.rs:86:14:86:29 | set_var_field(...) [D] | provenance | MaD:21 | +| main.rs:86:28:86:28 | s | main.rs:86:14:86:29 | set_var_field(...) [D] | provenance | MaD:22 | +| main.rs:86:28:86:28 | s | main.rs:86:14:86:29 | set_var_field(...) [D] | provenance | MaD:22 | | main.rs:87:11:87:12 | e1 [D] | main.rs:89:9:89:37 | ...::D {...} [D] | provenance | | | main.rs:87:11:87:12 | e1 [D] | main.rs:89:9:89:37 | ...::D {...} [D] | provenance | | | main.rs:89:9:89:37 | ...::D {...} [D] | main.rs:89:35:89:35 | i | provenance | | @@ -97,8 +98,8 @@ edges | main.rs:105:21:108:5 | MyStruct {...} [MyStruct.field1] | main.rs:105:9:105:17 | my_struct [MyStruct.field1] | provenance | | | main.rs:106:17:106:17 | s | main.rs:105:21:108:5 | MyStruct {...} [MyStruct.field1] | provenance | | | main.rs:106:17:106:17 | s | main.rs:105:21:108:5 | MyStruct {...} [MyStruct.field1] | provenance | | -| main.rs:109:27:109:35 | my_struct [MyStruct.field1] | main.rs:109:10:109:36 | get_struct_field(...) | provenance | MaD:14 | -| main.rs:109:27:109:35 | my_struct [MyStruct.field1] | main.rs:109:10:109:36 | get_struct_field(...) | provenance | MaD:14 | +| main.rs:109:27:109:35 | my_struct [MyStruct.field1] | main.rs:109:10:109:36 | get_struct_field(...) | provenance | MaD:15 | +| main.rs:109:27:109:35 | my_struct [MyStruct.field1] | main.rs:109:10:109:36 | get_struct_field(...) | provenance | MaD:15 | | main.rs:126:9:126:9 | s | main.rs:127:38:127:38 | s | provenance | | | main.rs:126:9:126:9 | s | main.rs:127:38:127:38 | s | provenance | | | main.rs:126:13:126:21 | source(...) | main.rs:126:9:126:9 | s | provenance | | @@ -107,16 +108,16 @@ edges | main.rs:127:9:127:17 | my_struct [MyStruct.field2] | main.rs:129:10:129:18 | my_struct [MyStruct.field2] | provenance | | | main.rs:127:21:127:39 | set_struct_field(...) [MyStruct.field2] | main.rs:127:9:127:17 | my_struct [MyStruct.field2] | provenance | | | main.rs:127:21:127:39 | set_struct_field(...) [MyStruct.field2] | main.rs:127:9:127:17 | my_struct [MyStruct.field2] | provenance | | -| main.rs:127:38:127:38 | s | main.rs:127:21:127:39 | set_struct_field(...) [MyStruct.field2] | provenance | MaD:19 | -| main.rs:127:38:127:38 | s | main.rs:127:21:127:39 | set_struct_field(...) [MyStruct.field2] | provenance | MaD:19 | +| main.rs:127:38:127:38 | s | main.rs:127:21:127:39 | set_struct_field(...) [MyStruct.field2] | provenance | MaD:20 | +| main.rs:127:38:127:38 | s | main.rs:127:21:127:39 | set_struct_field(...) [MyStruct.field2] | provenance | MaD:20 | | main.rs:129:10:129:18 | my_struct [MyStruct.field2] | main.rs:129:10:129:25 | my_struct.field2 | provenance | | | main.rs:129:10:129:18 | my_struct [MyStruct.field2] | main.rs:129:10:129:25 | my_struct.field2 | provenance | | | main.rs:138:9:138:9 | s | main.rs:139:29:139:29 | s | provenance | | | main.rs:138:9:138:9 | s | main.rs:139:29:139:29 | s | provenance | | | main.rs:138:13:138:21 | source(...) | main.rs:138:9:138:9 | s | provenance | | | main.rs:138:13:138:21 | source(...) | main.rs:138:9:138:9 | s | provenance | | -| main.rs:139:28:139:30 | [...] [element] | main.rs:139:10:139:31 | get_array_element(...) | provenance | MaD:12 | -| main.rs:139:28:139:30 | [...] [element] | main.rs:139:10:139:31 | get_array_element(...) | provenance | MaD:12 | +| main.rs:139:28:139:30 | [...] [element] | main.rs:139:10:139:31 | get_array_element(...) | provenance | MaD:13 | +| main.rs:139:28:139:30 | [...] [element] | main.rs:139:10:139:31 | get_array_element(...) | provenance | MaD:13 | | main.rs:139:29:139:29 | s | main.rs:139:28:139:30 | [...] [element] | provenance | | | main.rs:139:29:139:29 | s | main.rs:139:28:139:30 | [...] [element] | provenance | | | main.rs:148:9:148:9 | s | main.rs:149:33:149:33 | s | provenance | | @@ -127,8 +128,8 @@ edges | main.rs:149:9:149:11 | arr [element] | main.rs:150:10:150:12 | arr [element] | provenance | | | main.rs:149:15:149:34 | set_array_element(...) [element] | main.rs:149:9:149:11 | arr [element] | provenance | | | main.rs:149:15:149:34 | set_array_element(...) [element] | main.rs:149:9:149:11 | arr [element] | provenance | | -| main.rs:149:33:149:33 | s | main.rs:149:15:149:34 | set_array_element(...) [element] | provenance | MaD:18 | -| main.rs:149:33:149:33 | s | main.rs:149:15:149:34 | set_array_element(...) [element] | provenance | MaD:18 | +| main.rs:149:33:149:33 | s | main.rs:149:15:149:34 | set_array_element(...) [element] | provenance | MaD:19 | +| main.rs:149:33:149:33 | s | main.rs:149:15:149:34 | set_array_element(...) [element] | provenance | MaD:19 | | main.rs:150:10:150:12 | arr [element] | main.rs:150:10:150:15 | arr[0] | provenance | | | main.rs:150:10:150:12 | arr [element] | main.rs:150:10:150:15 | arr[0] | provenance | | | main.rs:159:9:159:9 | s | main.rs:160:14:160:14 | s | provenance | | @@ -141,8 +142,8 @@ edges | main.rs:160:13:160:18 | TupleExpr [tuple.0] | main.rs:160:9:160:9 | t [tuple.0] | provenance | | | main.rs:160:14:160:14 | s | main.rs:160:13:160:18 | TupleExpr [tuple.0] | provenance | | | main.rs:160:14:160:14 | s | main.rs:160:13:160:18 | TupleExpr [tuple.0] | provenance | | -| main.rs:161:28:161:28 | t [tuple.0] | main.rs:161:10:161:29 | get_tuple_element(...) | provenance | MaD:15 | -| main.rs:161:28:161:28 | t [tuple.0] | main.rs:161:10:161:29 | get_tuple_element(...) | provenance | MaD:15 | +| main.rs:161:28:161:28 | t [tuple.0] | main.rs:161:10:161:29 | get_tuple_element(...) | provenance | MaD:16 | +| main.rs:161:28:161:28 | t [tuple.0] | main.rs:161:10:161:29 | get_tuple_element(...) | provenance | MaD:16 | | main.rs:172:9:172:9 | s | main.rs:173:31:173:31 | s | provenance | | | main.rs:172:9:172:9 | s | main.rs:173:31:173:31 | s | provenance | | | main.rs:172:13:172:22 | source(...) | main.rs:172:9:172:9 | s | provenance | | @@ -151,8 +152,8 @@ edges | main.rs:173:9:173:9 | t [tuple.1] | main.rs:175:10:175:10 | t [tuple.1] | provenance | | | main.rs:173:13:173:32 | set_tuple_element(...) [tuple.1] | main.rs:173:9:173:9 | t [tuple.1] | provenance | | | main.rs:173:13:173:32 | set_tuple_element(...) [tuple.1] | main.rs:173:9:173:9 | t [tuple.1] | provenance | | -| main.rs:173:31:173:31 | s | main.rs:173:13:173:32 | set_tuple_element(...) [tuple.1] | provenance | MaD:20 | -| main.rs:173:31:173:31 | s | main.rs:173:13:173:32 | set_tuple_element(...) [tuple.1] | provenance | MaD:20 | +| main.rs:173:31:173:31 | s | main.rs:173:13:173:32 | set_tuple_element(...) [tuple.1] | provenance | MaD:21 | +| main.rs:173:31:173:31 | s | main.rs:173:13:173:32 | set_tuple_element(...) [tuple.1] | provenance | MaD:21 | | main.rs:175:10:175:10 | t [tuple.1] | main.rs:175:10:175:12 | t.1 | provenance | | | main.rs:175:10:175:10 | t [tuple.1] | main.rs:175:10:175:12 | t.1 | provenance | | | main.rs:187:9:187:9 | s | main.rs:192:11:192:11 | s | provenance | | @@ -161,8 +162,8 @@ edges | main.rs:187:13:187:22 | source(...) | main.rs:187:9:187:9 | s | provenance | | | main.rs:188:14:188:14 | ... | main.rs:189:14:189:14 | n | provenance | | | main.rs:188:14:188:14 | ... | main.rs:189:14:189:14 | n | provenance | | -| main.rs:192:11:192:11 | s | main.rs:188:14:188:14 | ... | provenance | MaD:9 | -| main.rs:192:11:192:11 | s | main.rs:188:14:188:14 | ... | provenance | MaD:9 | +| main.rs:192:11:192:11 | s | main.rs:188:14:188:14 | ... | provenance | MaD:10 | +| main.rs:192:11:192:11 | s | main.rs:188:14:188:14 | ... | provenance | MaD:10 | | main.rs:196:13:196:22 | source(...) | main.rs:198:23:198:23 | f [captured s] | provenance | | | main.rs:196:13:196:22 | source(...) | main.rs:198:23:198:23 | f [captured s] | provenance | | | main.rs:197:40:197:40 | s | main.rs:197:17:197:42 | if ... {...} else {...} | provenance | | @@ -171,14 +172,14 @@ edges | main.rs:198:9:198:9 | t | main.rs:199:10:199:10 | t | provenance | | | main.rs:198:13:198:24 | apply(...) | main.rs:198:9:198:9 | t | provenance | | | main.rs:198:13:198:24 | apply(...) | main.rs:198:9:198:9 | t | provenance | | -| main.rs:198:23:198:23 | f [captured s] | main.rs:197:40:197:40 | s | provenance | MaD:9 | -| main.rs:198:23:198:23 | f [captured s] | main.rs:197:40:197:40 | s | provenance | MaD:9 | | main.rs:198:23:198:23 | f [captured s] | main.rs:197:40:197:40 | s | provenance | MaD:10 | | main.rs:198:23:198:23 | f [captured s] | main.rs:197:40:197:40 | s | provenance | MaD:10 | -| main.rs:198:23:198:23 | f [captured s] | main.rs:198:13:198:24 | apply(...) | provenance | MaD:9 | -| main.rs:198:23:198:23 | f [captured s] | main.rs:198:13:198:24 | apply(...) | provenance | MaD:9 | +| main.rs:198:23:198:23 | f [captured s] | main.rs:197:40:197:40 | s | provenance | MaD:11 | +| main.rs:198:23:198:23 | f [captured s] | main.rs:197:40:197:40 | s | provenance | MaD:11 | | main.rs:198:23:198:23 | f [captured s] | main.rs:198:13:198:24 | apply(...) | provenance | MaD:10 | | main.rs:198:23:198:23 | f [captured s] | main.rs:198:13:198:24 | apply(...) | provenance | MaD:10 | +| main.rs:198:23:198:23 | f [captured s] | main.rs:198:13:198:24 | apply(...) | provenance | MaD:11 | +| main.rs:198:23:198:23 | f [captured s] | main.rs:198:13:198:24 | apply(...) | provenance | MaD:11 | | main.rs:203:9:203:9 | s | main.rs:205:19:205:19 | s | provenance | | | main.rs:203:9:203:9 | s | main.rs:205:19:205:19 | s | provenance | | | main.rs:203:13:203:22 | source(...) | main.rs:203:9:203:9 | s | provenance | | @@ -189,10 +190,10 @@ edges | main.rs:205:9:205:9 | t | main.rs:206:10:206:10 | t | provenance | | | main.rs:205:13:205:23 | apply(...) | main.rs:205:9:205:9 | t | provenance | | | main.rs:205:13:205:23 | apply(...) | main.rs:205:9:205:9 | t | provenance | | -| main.rs:205:19:205:19 | s | main.rs:204:14:204:14 | ... | provenance | MaD:9 | -| main.rs:205:19:205:19 | s | main.rs:204:14:204:14 | ... | provenance | MaD:9 | -| main.rs:205:19:205:19 | s | main.rs:205:13:205:23 | apply(...) | provenance | MaD:9 | -| main.rs:205:19:205:19 | s | main.rs:205:13:205:23 | apply(...) | provenance | MaD:9 | +| main.rs:205:19:205:19 | s | main.rs:204:14:204:14 | ... | provenance | MaD:10 | +| main.rs:205:19:205:19 | s | main.rs:204:14:204:14 | ... | provenance | MaD:10 | +| main.rs:205:19:205:19 | s | main.rs:205:13:205:23 | apply(...) | provenance | MaD:10 | +| main.rs:205:19:205:19 | s | main.rs:205:13:205:23 | apply(...) | provenance | MaD:10 | | main.rs:215:9:215:9 | s | main.rs:216:30:216:30 | s | provenance | | | main.rs:215:9:215:9 | s | main.rs:216:30:216:30 | s | provenance | | | main.rs:215:13:215:22 | source(...) | main.rs:215:9:215:9 | s | provenance | | @@ -203,8 +204,8 @@ edges | main.rs:216:13:216:31 | get_async_number(...) [future] | main.rs:216:13:216:37 | await ... | provenance | | | main.rs:216:13:216:37 | await ... | main.rs:216:9:216:9 | t | provenance | | | main.rs:216:13:216:37 | await ... | main.rs:216:9:216:9 | t | provenance | | -| main.rs:216:30:216:30 | s | main.rs:216:13:216:31 | get_async_number(...) [future] | provenance | MaD:13 | -| main.rs:216:30:216:30 | s | main.rs:216:13:216:31 | get_async_number(...) [future] | provenance | MaD:13 | +| main.rs:216:30:216:30 | s | main.rs:216:13:216:31 | get_async_number(...) [future] | provenance | MaD:14 | +| main.rs:216:30:216:30 | s | main.rs:216:13:216:31 | get_async_number(...) [future] | provenance | MaD:14 | | main.rs:236:9:236:9 | s [D] | main.rs:237:11:237:11 | s [D] | provenance | | | main.rs:236:9:236:9 | s [D] | main.rs:237:11:237:11 | s [D] | provenance | | | main.rs:236:13:236:23 | enum_source | main.rs:236:13:236:27 | enum_source(...) [D] | provenance | Src:MaD:6 | @@ -287,6 +288,12 @@ edges | main.rs:359:14:359:23 | source(...) | main.rs:359:14:359:30 | ... .max(...) | provenance | MaD:8 | | main.rs:359:14:359:30 | ... .max(...) | main.rs:359:9:359:10 | x4 | provenance | | | main.rs:359:14:359:30 | ... .max(...) | main.rs:359:9:359:10 | x4 | provenance | | +| main.rs:362:9:362:10 | x5 | main.rs:363:10:363:11 | x5 | provenance | | +| main.rs:362:14:362:23 | source(...) | main.rs:362:14:362:30 | ... .lt(...) | provenance | MaD:9 | +| main.rs:362:14:362:30 | ... .lt(...) | main.rs:362:9:362:10 | x5 | provenance | | +| main.rs:365:9:365:10 | x6 | main.rs:366:10:366:11 | x6 | provenance | | +| main.rs:365:14:365:23 | source(...) | main.rs:365:14:365:27 | ... < ... | provenance | MaD:9 | +| main.rs:365:14:365:27 | ... < ... | main.rs:365:9:365:10 | x6 | provenance | | nodes | main.rs:15:9:15:9 | s | semmle.label | s | | main.rs:15:9:15:9 | s | semmle.label | s | @@ -600,6 +607,14 @@ nodes | main.rs:359:14:359:30 | ... .max(...) | semmle.label | ... .max(...) | | main.rs:360:10:360:11 | x4 | semmle.label | x4 | | main.rs:360:10:360:11 | x4 | semmle.label | x4 | +| main.rs:362:9:362:10 | x5 | semmle.label | x5 | +| main.rs:362:14:362:23 | source(...) | semmle.label | source(...) | +| main.rs:362:14:362:30 | ... .lt(...) | semmle.label | ... .lt(...) | +| main.rs:363:10:363:11 | x5 | semmle.label | x5 | +| main.rs:365:9:365:10 | x6 | semmle.label | x6 | +| main.rs:365:14:365:23 | source(...) | semmle.label | source(...) | +| main.rs:365:14:365:27 | ... < ... | semmle.label | ... < ... | +| main.rs:366:10:366:11 | x6 | semmle.label | x6 | subpaths | main.rs:198:23:198:23 | f [captured s] | main.rs:197:40:197:40 | s | main.rs:197:17:197:42 | if ... {...} else {...} | main.rs:198:13:198:24 | apply(...) | | main.rs:198:23:198:23 | f [captured s] | main.rs:197:40:197:40 | s | main.rs:197:17:197:42 | if ... {...} else {...} | main.rs:198:13:198:24 | apply(...) | @@ -659,3 +674,5 @@ invalidSpecComponent | main.rs:354:10:354:18 | x2.field1 | main.rs:347:17:347:26 | source(...) | main.rs:354:10:354:18 | x2.field1 | $@ | main.rs:347:17:347:26 | source(...) | source(...) | | main.rs:360:10:360:11 | x4 | main.rs:359:14:359:23 | source(...) | main.rs:360:10:360:11 | x4 | $@ | main.rs:359:14:359:23 | source(...) | source(...) | | main.rs:360:10:360:11 | x4 | main.rs:359:14:359:23 | source(...) | main.rs:360:10:360:11 | x4 | $@ | main.rs:359:14:359:23 | source(...) | source(...) | +| main.rs:363:10:363:11 | x5 | main.rs:362:14:362:23 | source(...) | main.rs:363:10:363:11 | x5 | $@ | main.rs:362:14:362:23 | source(...) | source(...) | +| main.rs:366:10:366:11 | x6 | main.rs:365:14:365:23 | source(...) | main.rs:366:10:366:11 | x6 | $@ | main.rs:365:14:365:23 | source(...) | source(...) | From ed7f68279f719ad4fe5bb350fda58bf85d74dfe5 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Wed, 25 Jun 2025 14:34:19 +0200 Subject: [PATCH 079/111] C#: Add cs/sql-injection tests for APIs in Microsoft.Data.SqlClient. --- .../CWE-089-2/SqlInjection.cs | 33 +++++++++++++++++++ .../CWE-089-2/SqlInjection.expected | 21 ++++++++++++ .../CWE-089-2/SqlInjection.ext.yml | 7 ++++ .../CWE-089-2/SqlInjection.qlref | 4 +++ .../Security Features/CWE-089-2/options | 4 +++ 5 files changed, 69 insertions(+) create mode 100644 csharp/ql/test/query-tests/Security Features/CWE-089-2/SqlInjection.cs create mode 100644 csharp/ql/test/query-tests/Security Features/CWE-089-2/SqlInjection.expected create mode 100644 csharp/ql/test/query-tests/Security Features/CWE-089-2/SqlInjection.ext.yml create mode 100644 csharp/ql/test/query-tests/Security Features/CWE-089-2/SqlInjection.qlref create mode 100644 csharp/ql/test/query-tests/Security Features/CWE-089-2/options diff --git a/csharp/ql/test/query-tests/Security Features/CWE-089-2/SqlInjection.cs b/csharp/ql/test/query-tests/Security Features/CWE-089-2/SqlInjection.cs new file mode 100644 index 00000000000..739f0ea30ee --- /dev/null +++ b/csharp/ql/test/query-tests/Security Features/CWE-089-2/SqlInjection.cs @@ -0,0 +1,33 @@ +using System; +using Microsoft.Data; +using Microsoft.Data.SqlClient; + +namespace Test +{ + class SqlInjection + { + string connectionString; + System.Windows.Forms.TextBox box1; + + public void MakeSqlCommand() + { + // BAD: Text from a local textbox + using (var connection = new SqlConnection(connectionString)) + { + var queryString = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='" + + box1.Text + "' ORDER BY PRICE"; // $ Source[cs/sql-injection] + var cmd = new SqlCommand(queryString); // $ Alert[cs/sql-injection] + var adapter = new SqlDataAdapter(cmd); // $ Alert[cs/sql-injection] + } + + // BAD: Input from the command line. + using (var connection = new SqlConnection(connectionString)) + { + var queryString = "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='" + + Console.ReadLine() + "' ORDER BY PRICE"; // $ Source[cs/sql-injection] + var cmd = new SqlCommand(queryString); // $ Alert[cs/sql-injection] + var adapter = new SqlDataAdapter(cmd); // $ Alert[cs/sql-injection] + } + } + } +} diff --git a/csharp/ql/test/query-tests/Security Features/CWE-089-2/SqlInjection.expected b/csharp/ql/test/query-tests/Security Features/CWE-089-2/SqlInjection.expected new file mode 100644 index 00000000000..830dcd9e2e8 --- /dev/null +++ b/csharp/ql/test/query-tests/Security Features/CWE-089-2/SqlInjection.expected @@ -0,0 +1,21 @@ +#select +| SqlInjection.cs:19:42:19:52 | access to local variable queryString | SqlInjection.cs:18:21:18:29 | access to property Text : String | SqlInjection.cs:19:42:19:52 | access to local variable queryString | This query depends on $@. | SqlInjection.cs:18:21:18:29 | access to property Text : String | this TextBox text | +| SqlInjection.cs:28:42:28:52 | access to local variable queryString | SqlInjection.cs:27:21:27:38 | call to method ReadLine : String | SqlInjection.cs:28:42:28:52 | access to local variable queryString | This query depends on $@. | SqlInjection.cs:27:21:27:38 | call to method ReadLine : String | this read from stdin | +edges +| SqlInjection.cs:17:21:17:31 | access to local variable queryString : String | SqlInjection.cs:19:42:19:52 | access to local variable queryString | provenance | | +| SqlInjection.cs:18:21:18:29 | access to property Text : String | SqlInjection.cs:17:21:17:31 | access to local variable queryString : String | provenance | | +| SqlInjection.cs:26:21:26:31 | access to local variable queryString : String | SqlInjection.cs:28:42:28:52 | access to local variable queryString | provenance | | +| SqlInjection.cs:27:21:27:38 | call to method ReadLine : String | SqlInjection.cs:26:21:26:31 | access to local variable queryString : String | provenance | Src:MaD:1 | +models +| 1 | Source: System; Console; false; ReadLine; ; ; ReturnValue; stdin; manual | +nodes +| SqlInjection.cs:17:21:17:31 | access to local variable queryString : String | semmle.label | access to local variable queryString : String | +| SqlInjection.cs:18:21:18:29 | access to property Text : String | semmle.label | access to property Text : String | +| SqlInjection.cs:19:42:19:52 | access to local variable queryString | semmle.label | access to local variable queryString | +| SqlInjection.cs:26:21:26:31 | access to local variable queryString : String | semmle.label | access to local variable queryString : String | +| SqlInjection.cs:27:21:27:38 | call to method ReadLine : String | semmle.label | call to method ReadLine : String | +| SqlInjection.cs:28:42:28:52 | access to local variable queryString | semmle.label | access to local variable queryString | +subpaths +testFailures +| SqlInjection.cs:20:56:20:83 | // ... | Missing result: Alert[cs/sql-injection] | +| SqlInjection.cs:29:56:29:83 | // ... | Missing result: Alert[cs/sql-injection] | diff --git a/csharp/ql/test/query-tests/Security Features/CWE-089-2/SqlInjection.ext.yml b/csharp/ql/test/query-tests/Security Features/CWE-089-2/SqlInjection.ext.yml new file mode 100644 index 00000000000..82f107ae1d7 --- /dev/null +++ b/csharp/ql/test/query-tests/Security Features/CWE-089-2/SqlInjection.ext.yml @@ -0,0 +1,7 @@ +extensions: + + - addsTo: + pack: codeql/threat-models + extensible: threatModelConfiguration + data: + - ["local", true, 0] \ No newline at end of file diff --git a/csharp/ql/test/query-tests/Security Features/CWE-089-2/SqlInjection.qlref b/csharp/ql/test/query-tests/Security Features/CWE-089-2/SqlInjection.qlref new file mode 100644 index 00000000000..1421faac807 --- /dev/null +++ b/csharp/ql/test/query-tests/Security Features/CWE-089-2/SqlInjection.qlref @@ -0,0 +1,4 @@ +query: Security Features/CWE-089/SqlInjection.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql diff --git a/csharp/ql/test/query-tests/Security Features/CWE-089-2/options b/csharp/ql/test/query-tests/Security Features/CWE-089-2/options new file mode 100644 index 00000000000..5601356ee48 --- /dev/null +++ b/csharp/ql/test/query-tests/Security Features/CWE-089-2/options @@ -0,0 +1,4 @@ +semmle-extractor-options: /nostdlib /noconfig +semmle-extractor-options: --load-sources-from-project:${testdir}/../../../resources/stubs/Microsoft.Data.SqlClient/6.0.2/Microsoft.Data.SqlClient.csproj +semmle-extractor-options: ${testdir}/../../../resources/stubs/System.Windows.cs +semmle-extractor-options: --load-sources-from-project:${testdir}/../../../resources/stubs/_frameworks/Microsoft.AspNetCore.App/Microsoft.AspNetCore.App.csproj From f3eafd33ff77e8c8372694b26e4b66466ea896ad Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Wed, 25 Jun 2025 14:59:10 +0200 Subject: [PATCH 080/111] C#: Exclude Microsoft.Data.SqlClient.SqlCommand from the best effort SqlSink creation. --- .../lib/semmle/code/csharp/frameworks/Sql.qll | 1 + .../CWE-089-2/SqlInjection.expected | 18 ++++-------------- 2 files changed, 5 insertions(+), 14 deletions(-) diff --git a/csharp/ql/lib/semmle/code/csharp/frameworks/Sql.qll b/csharp/ql/lib/semmle/code/csharp/frameworks/Sql.qll index 75f72352deb..77d749a0333 100644 --- a/csharp/ql/lib/semmle/code/csharp/frameworks/Sql.qll +++ b/csharp/ql/lib/semmle/code/csharp/frameworks/Sql.qll @@ -35,6 +35,7 @@ class IDbCommandConstructionSqlExpr extends SqlExpr, ObjectCreation { ic.getParameter(0).getType() instanceof StringType and not exists(Type t | t = ic.getDeclaringType() | // Known sealed classes: + t.hasFullyQualifiedName("Microsoft.Data.SqlClient", "SqlCommand") or t.hasFullyQualifiedName("System.Data.SqlClient", "SqlCommand") or t.hasFullyQualifiedName("System.Data.Odbc", "OdbcCommand") or t.hasFullyQualifiedName("System.Data.OleDb", "OleDbCommand") or diff --git a/csharp/ql/test/query-tests/Security Features/CWE-089-2/SqlInjection.expected b/csharp/ql/test/query-tests/Security Features/CWE-089-2/SqlInjection.expected index 830dcd9e2e8..32f8543b731 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-089-2/SqlInjection.expected +++ b/csharp/ql/test/query-tests/Security Features/CWE-089-2/SqlInjection.expected @@ -1,21 +1,11 @@ #select -| SqlInjection.cs:19:42:19:52 | access to local variable queryString | SqlInjection.cs:18:21:18:29 | access to property Text : String | SqlInjection.cs:19:42:19:52 | access to local variable queryString | This query depends on $@. | SqlInjection.cs:18:21:18:29 | access to property Text : String | this TextBox text | -| SqlInjection.cs:28:42:28:52 | access to local variable queryString | SqlInjection.cs:27:21:27:38 | call to method ReadLine : String | SqlInjection.cs:28:42:28:52 | access to local variable queryString | This query depends on $@. | SqlInjection.cs:27:21:27:38 | call to method ReadLine : String | this read from stdin | edges -| SqlInjection.cs:17:21:17:31 | access to local variable queryString : String | SqlInjection.cs:19:42:19:52 | access to local variable queryString | provenance | | -| SqlInjection.cs:18:21:18:29 | access to property Text : String | SqlInjection.cs:17:21:17:31 | access to local variable queryString : String | provenance | | -| SqlInjection.cs:26:21:26:31 | access to local variable queryString : String | SqlInjection.cs:28:42:28:52 | access to local variable queryString | provenance | | -| SqlInjection.cs:27:21:27:38 | call to method ReadLine : String | SqlInjection.cs:26:21:26:31 | access to local variable queryString : String | provenance | Src:MaD:1 | -models -| 1 | Source: System; Console; false; ReadLine; ; ; ReturnValue; stdin; manual | nodes -| SqlInjection.cs:17:21:17:31 | access to local variable queryString : String | semmle.label | access to local variable queryString : String | -| SqlInjection.cs:18:21:18:29 | access to property Text : String | semmle.label | access to property Text : String | -| SqlInjection.cs:19:42:19:52 | access to local variable queryString | semmle.label | access to local variable queryString | -| SqlInjection.cs:26:21:26:31 | access to local variable queryString : String | semmle.label | access to local variable queryString : String | -| SqlInjection.cs:27:21:27:38 | call to method ReadLine : String | semmle.label | call to method ReadLine : String | -| SqlInjection.cs:28:42:28:52 | access to local variable queryString | semmle.label | access to local variable queryString | subpaths testFailures +| SqlInjection.cs:18:53:18:81 | // ... | Missing result: Source[cs/sql-injection] | +| SqlInjection.cs:19:56:19:83 | // ... | Missing result: Alert[cs/sql-injection] | | SqlInjection.cs:20:56:20:83 | // ... | Missing result: Alert[cs/sql-injection] | +| SqlInjection.cs:27:62:27:90 | // ... | Missing result: Source[cs/sql-injection] | +| SqlInjection.cs:28:56:28:83 | // ... | Missing result: Alert[cs/sql-injection] | | SqlInjection.cs:29:56:29:83 | // ... | Missing result: Alert[cs/sql-injection] | From becd46a47e250813c25fc9a93100bbb6e7c5a0f1 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Wed, 25 Jun 2025 15:17:49 +0200 Subject: [PATCH 081/111] C#: Add MaD models for Microsoft.Data.SqlClient. --- .../ext/Microsoft.Data.SqlClient.model.yml | 20 +++++++++ .../CWE-089-2/SqlInjection.expected | 42 +++++++++++++++---- 2 files changed, 55 insertions(+), 7 deletions(-) create mode 100644 csharp/ql/lib/ext/Microsoft.Data.SqlClient.model.yml diff --git a/csharp/ql/lib/ext/Microsoft.Data.SqlClient.model.yml b/csharp/ql/lib/ext/Microsoft.Data.SqlClient.model.yml new file mode 100644 index 00000000000..ca888c801b0 --- /dev/null +++ b/csharp/ql/lib/ext/Microsoft.Data.SqlClient.model.yml @@ -0,0 +1,20 @@ +extensions: + - addsTo: + pack: codeql/csharp-all + extensible: sinkModel + data: + - ["Microsoft.Data.SqlClient", "SqlCommand", False, "SqlCommand", "(System.String)", "", "Argument[0]", "sql-injection", "manual"] + - ["Microsoft.Data.SqlClient", "SqlCommand", False, "SqlCommand", "(System.String,Microsoft.Data.SqlClient.SqlConnection)", "", "Argument[0]", "sql-injection", "manual"] + - ["Microsoft.Data.SqlClient", "SqlCommand", False, "SqlCommand", "(System.String,Microsoft.Data.SqlClient.SqlConnection,Microsoft.Data.SqlClient.SqlTransaction)", "", "Argument[0]", "sql-injection", "manual"] + - ["Microsoft.Data.SqlClient", "SqlCommand", False, "SqlCommand", "(System.String,Microsoft.Data.SqlClient.SqlConnection,Microsoft.Data.SqlClient.SqlTransaction,Microsoft.Data.SqlClient.SqlCommandColumnEncryptionSetting)", "", "Argument[0]", "sql-injection", "manual"] + - ["Microsoft.Data.SqlClient", "SqlDataAdapter", False, "SqlDataAdapter", "(Microsoft.Data.SqlClient.SqlCommand)", "", "Argument[0]", "sql-injection", "manual"] + - ["Microsoft.Data.SqlClient", "SqlDataAdapter", False, "SqlDataAdapter", "(System.String,Microsoft.Data.SqlClient.SqlConnection)", "", "Argument[0]", "sql-injection", "manual"] + - ["Microsoft.Data.SqlClient", "SqlDataAdapter", False, "SqlDataAdapter", "(System.String,System.String)", "", "Argument[0]", "sql-injection", "manual"] + - addsTo: + pack: codeql/csharp-all + extensible: summaryModel + data: + - ["Microsoft.Data.SqlClient", "SqlCommand", False, "SqlCommand", "(System.String)", "", "Argument[0]", "Argument[this]", "taint", "manual"] + - ["Microsoft.Data.SqlClient", "SqlCommand", False, "SqlCommand", "(System.String,Microsoft.Data.SqlClient.SqlConnection)", "", "Argument[0]", "Argument[this]", "taint", "manual"] + - ["Microsoft.Data.SqlClient", "SqlCommand", False, "SqlCommand", "(System.String,Microsoft.Data.SqlClient.SqlConnection,Microsoft.Data.SqlClient.SqlTransaction)", "", "Argument[0]", "Argument[this]", "taint", "manual"] + - ["Microsoft.Data.SqlClient", "SqlCommand", False, "SqlCommand", "(System.String,Microsoft.Data.SqlClient.SqlConnection,Microsoft.Data.SqlClient.SqlTransaction,Microsoft.Data.SqlClient.SqlCommandColumnEncryptionSetting)", "", "Argument[0]", "Argument[this]", "taint", "manual"] diff --git a/csharp/ql/test/query-tests/Security Features/CWE-089-2/SqlInjection.expected b/csharp/ql/test/query-tests/Security Features/CWE-089-2/SqlInjection.expected index 32f8543b731..d6582d877ed 100644 --- a/csharp/ql/test/query-tests/Security Features/CWE-089-2/SqlInjection.expected +++ b/csharp/ql/test/query-tests/Security Features/CWE-089-2/SqlInjection.expected @@ -1,11 +1,39 @@ #select +| SqlInjection.cs:19:42:19:52 | access to local variable queryString | SqlInjection.cs:18:21:18:29 | access to property Text : String | SqlInjection.cs:19:42:19:52 | access to local variable queryString | This query depends on $@. | SqlInjection.cs:18:21:18:29 | access to property Text : String | this TextBox text | +| SqlInjection.cs:20:50:20:52 | access to local variable cmd | SqlInjection.cs:18:21:18:29 | access to property Text : String | SqlInjection.cs:20:50:20:52 | access to local variable cmd | This query depends on $@. | SqlInjection.cs:18:21:18:29 | access to property Text : String | this TextBox text | +| SqlInjection.cs:28:42:28:52 | access to local variable queryString | SqlInjection.cs:27:21:27:38 | call to method ReadLine : String | SqlInjection.cs:28:42:28:52 | access to local variable queryString | This query depends on $@. | SqlInjection.cs:27:21:27:38 | call to method ReadLine : String | this read from stdin | +| SqlInjection.cs:29:50:29:52 | access to local variable cmd | SqlInjection.cs:27:21:27:38 | call to method ReadLine : String | SqlInjection.cs:29:50:29:52 | access to local variable cmd | This query depends on $@. | SqlInjection.cs:27:21:27:38 | call to method ReadLine : String | this read from stdin | edges +| SqlInjection.cs:17:21:17:31 | access to local variable queryString : String | SqlInjection.cs:19:42:19:52 | access to local variable queryString | provenance | Sink:MaD:1 | +| SqlInjection.cs:17:21:17:31 | access to local variable queryString : String | SqlInjection.cs:19:42:19:52 | access to local variable queryString : String | provenance | | +| SqlInjection.cs:18:21:18:29 | access to property Text : String | SqlInjection.cs:17:21:17:31 | access to local variable queryString : String | provenance | | +| SqlInjection.cs:19:21:19:23 | access to local variable cmd : SqlCommand | SqlInjection.cs:20:50:20:52 | access to local variable cmd | provenance | Sink:MaD:2 | +| SqlInjection.cs:19:27:19:53 | object creation of type SqlCommand : SqlCommand | SqlInjection.cs:19:21:19:23 | access to local variable cmd : SqlCommand | provenance | | +| SqlInjection.cs:19:42:19:52 | access to local variable queryString : String | SqlInjection.cs:19:27:19:53 | object creation of type SqlCommand : SqlCommand | provenance | MaD:4 | +| SqlInjection.cs:26:21:26:31 | access to local variable queryString : String | SqlInjection.cs:28:42:28:52 | access to local variable queryString | provenance | Sink:MaD:1 | +| SqlInjection.cs:26:21:26:31 | access to local variable queryString : String | SqlInjection.cs:28:42:28:52 | access to local variable queryString : String | provenance | | +| SqlInjection.cs:27:21:27:38 | call to method ReadLine : String | SqlInjection.cs:26:21:26:31 | access to local variable queryString : String | provenance | Src:MaD:3 | +| SqlInjection.cs:28:21:28:23 | access to local variable cmd : SqlCommand | SqlInjection.cs:29:50:29:52 | access to local variable cmd | provenance | Sink:MaD:2 | +| SqlInjection.cs:28:27:28:53 | object creation of type SqlCommand : SqlCommand | SqlInjection.cs:28:21:28:23 | access to local variable cmd : SqlCommand | provenance | | +| SqlInjection.cs:28:42:28:52 | access to local variable queryString : String | SqlInjection.cs:28:27:28:53 | object creation of type SqlCommand : SqlCommand | provenance | MaD:4 | +models +| 1 | Sink: Microsoft.Data.SqlClient; SqlCommand; false; SqlCommand; (System.String); ; Argument[0]; sql-injection; manual | +| 2 | Sink: Microsoft.Data.SqlClient; SqlDataAdapter; false; SqlDataAdapter; (Microsoft.Data.SqlClient.SqlCommand); ; Argument[0]; sql-injection; manual | +| 3 | Source: System; Console; false; ReadLine; ; ; ReturnValue; stdin; manual | +| 4 | Summary: Microsoft.Data.SqlClient; SqlCommand; false; SqlCommand; (System.String); ; Argument[0]; Argument[this]; taint; manual | nodes +| SqlInjection.cs:17:21:17:31 | access to local variable queryString : String | semmle.label | access to local variable queryString : String | +| SqlInjection.cs:18:21:18:29 | access to property Text : String | semmle.label | access to property Text : String | +| SqlInjection.cs:19:21:19:23 | access to local variable cmd : SqlCommand | semmle.label | access to local variable cmd : SqlCommand | +| SqlInjection.cs:19:27:19:53 | object creation of type SqlCommand : SqlCommand | semmle.label | object creation of type SqlCommand : SqlCommand | +| SqlInjection.cs:19:42:19:52 | access to local variable queryString | semmle.label | access to local variable queryString | +| SqlInjection.cs:19:42:19:52 | access to local variable queryString : String | semmle.label | access to local variable queryString : String | +| SqlInjection.cs:20:50:20:52 | access to local variable cmd | semmle.label | access to local variable cmd | +| SqlInjection.cs:26:21:26:31 | access to local variable queryString : String | semmle.label | access to local variable queryString : String | +| SqlInjection.cs:27:21:27:38 | call to method ReadLine : String | semmle.label | call to method ReadLine : String | +| SqlInjection.cs:28:21:28:23 | access to local variable cmd : SqlCommand | semmle.label | access to local variable cmd : SqlCommand | +| SqlInjection.cs:28:27:28:53 | object creation of type SqlCommand : SqlCommand | semmle.label | object creation of type SqlCommand : SqlCommand | +| SqlInjection.cs:28:42:28:52 | access to local variable queryString | semmle.label | access to local variable queryString | +| SqlInjection.cs:28:42:28:52 | access to local variable queryString : String | semmle.label | access to local variable queryString : String | +| SqlInjection.cs:29:50:29:52 | access to local variable cmd | semmle.label | access to local variable cmd | subpaths -testFailures -| SqlInjection.cs:18:53:18:81 | // ... | Missing result: Source[cs/sql-injection] | -| SqlInjection.cs:19:56:19:83 | // ... | Missing result: Alert[cs/sql-injection] | -| SqlInjection.cs:20:56:20:83 | // ... | Missing result: Alert[cs/sql-injection] | -| SqlInjection.cs:27:62:27:90 | // ... | Missing result: Source[cs/sql-injection] | -| SqlInjection.cs:28:56:28:83 | // ... | Missing result: Alert[cs/sql-injection] | -| SqlInjection.cs:29:56:29:83 | // ... | Missing result: Alert[cs/sql-injection] | From cfadd30f9800e0d0fab301db02054c3c063d3a56 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Wed, 25 Jun 2025 15:24:11 +0200 Subject: [PATCH 082/111] C#: Add change-note. --- csharp/ql/src/change-notes/2025-06-25-sqlcommand-models.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 csharp/ql/src/change-notes/2025-06-25-sqlcommand-models.md diff --git a/csharp/ql/src/change-notes/2025-06-25-sqlcommand-models.md b/csharp/ql/src/change-notes/2025-06-25-sqlcommand-models.md new file mode 100644 index 00000000000..8d800aa7580 --- /dev/null +++ b/csharp/ql/src/change-notes/2025-06-25-sqlcommand-models.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Added explicit SQL injection Models as Data models for `Microsoft.Data.SqlClient.SqlCommand` and `Microsoft.Data.SqlClient.SqlDataAdapter`. This reduces false negatives for the query `cs/sql-injection`. From 8a7516528d76917012cd8322592bf1f14830a8a6 Mon Sep 17 00:00:00 2001 From: Vasco-jofra <11303847+Vasco-jofra@users.noreply.github.com> Date: Thu, 26 Jun 2025 09:29:07 +0200 Subject: [PATCH 083/111] Update formatting --- javascript/ql/src/experimental/semmle/javascript/SQL.qll | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/javascript/ql/src/experimental/semmle/javascript/SQL.qll b/javascript/ql/src/experimental/semmle/javascript/SQL.qll index 5127881085d..f91172ccc14 100644 --- a/javascript/ql/src/experimental/semmle/javascript/SQL.qll +++ b/javascript/ql/src/experimental/semmle/javascript/SQL.qll @@ -154,8 +154,8 @@ module ExperimentalSql { RepositoryCall() { ( - repository = API::moduleImport("typeorm").getMember("Repository").getInstance() or - repository = dataSource().getMember("getRepository").getReturn() + repository = API::moduleImport("typeorm").getMember("Repository").getInstance() or + repository = dataSource().getMember("getRepository").getReturn() ) and this = repository.getMember(_).asSource() } From fc2b18ae8a7a4005c348abb15d6a70d40fd31659 Mon Sep 17 00:00:00 2001 From: Jonas Jensen Date: Mon, 7 Oct 2024 13:20:55 +0200 Subject: [PATCH 084/111] Java: Diff-informed CleartextStorageCookie.ql This query shares implementation with several other queries about cleartext storage, but it's the only one of them that's in the code-scanning suite. The sharing mechanism remains the same as before, but now each query has to override `getASelectedLocation` to become diff-informed. Two other data-flow configurations are used in this query, but they can't easily be made diff-informed. --- .../security/CleartextStorageCookieQuery.qll | 12 ++++++++++- .../java/security/CleartextStorageQuery.qll | 20 ++++++++++++++++++- 2 files changed, 30 insertions(+), 2 deletions(-) diff --git a/java/ql/lib/semmle/code/java/security/CleartextStorageCookieQuery.qll b/java/ql/lib/semmle/code/java/security/CleartextStorageCookieQuery.qll index 1f262ad57d6..1c99821386d 100644 --- a/java/ql/lib/semmle/code/java/security/CleartextStorageCookieQuery.qll +++ b/java/ql/lib/semmle/code/java/security/CleartextStorageCookieQuery.qll @@ -7,7 +7,17 @@ private import semmle.code.java.dataflow.FlowSinks private import semmle.code.java.dataflow.FlowSources private class CookieCleartextStorageSink extends CleartextStorageSink { - CookieCleartextStorageSink() { this.asExpr() = cookieInput(_) } + Cookie cookie; + + CookieCleartextStorageSink() { this.asExpr() = cookieInput(cookie) } + + override Location getASelectedLocation() { + result = this.getLocation() + or + result = cookie.getLocation() + or + result = cookie.getAStore().getLocation() + } } /** The instantiation of a cookie, which can act as storage. */ diff --git a/java/ql/lib/semmle/code/java/security/CleartextStorageQuery.qll b/java/ql/lib/semmle/code/java/security/CleartextStorageQuery.qll index a607fd8c8d2..21d82bef657 100644 --- a/java/ql/lib/semmle/code/java/security/CleartextStorageQuery.qll +++ b/java/ql/lib/semmle/code/java/security/CleartextStorageQuery.qll @@ -5,7 +5,14 @@ private import semmle.code.java.dataflow.TaintTracking private import semmle.code.java.security.SensitiveActions /** A sink representing persistent storage that saves data in clear text. */ -abstract class CleartextStorageSink extends DataFlow::Node { } +abstract class CleartextStorageSink extends DataFlow::Node { + /** + * Gets a location that will be selected in the diff-informed query where + * this sink is found. If this has no results for any sink, that's taken to + * mean the query is not diff-informed. + */ + Location getASelectedLocation() { none() } +} /** A sanitizer for flows tracking sensitive data being stored in persistent storage. */ abstract class CleartextStorageSanitizer extends DataFlow::Node { } @@ -46,6 +53,17 @@ private module SensitiveSourceFlowConfig implements DataFlow::ConfigSig { predicate isAdditionalFlowStep(DataFlow::Node n1, DataFlow::Node n2) { any(CleartextStorageAdditionalTaintStep c).step(n1, n2) } + + predicate observeDiffInformedIncrementalMode() { + // This configuration is used by several queries. A query can opt in to + // diff-informed mode by implementing `getASelectedLocation` on its sinks, + // indicating that it has considered which sinks are selected. + exists(CleartextStorageSink sink | exists(sink.getASelectedLocation())) + } + + Location getASelectedSinkLocation(DataFlow::Node sink) { + result = sink.(CleartextStorageSink).getASelectedLocation() + } } private module SensitiveSourceFlow = TaintTracking::Global; From 1e0dd2a935514a25dcfa751ecbb60aa90d4657b6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tam=C3=A1s=20Vajk?= Date: Thu, 26 Jun 2025 11:34:43 +0200 Subject: [PATCH 085/111] Apply suggestion from @michaelnebel Co-authored-by: Michael Nebel --- .../Concurrency/ScheduledThreadPoolExecutorZeroThread.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/ql/src/Likely Bugs/Concurrency/ScheduledThreadPoolExecutorZeroThread.md b/java/ql/src/Likely Bugs/Concurrency/ScheduledThreadPoolExecutorZeroThread.md index 428414b8f1a..424407f5cc6 100644 --- a/java/ql/src/Likely Bugs/Concurrency/ScheduledThreadPoolExecutorZeroThread.md +++ b/java/ql/src/Likely Bugs/Concurrency/ScheduledThreadPoolExecutorZeroThread.md @@ -1,6 +1,6 @@ ## Overview -According the Java documentation on `ScheduledThreadPoolExecutor`, it is not a good idea to set `corePoolSize` to zero, since doing so indicates the executor to keep 0 threads in its pool and the executor will serve no purpose. +According to the Java documentation on `ScheduledThreadPoolExecutor`, it is not a good idea to set `corePoolSize` to zero, since doing so indicates the executor to keep 0 threads in its pool and the executor will serve no purpose. ## Recommendation From 64f27e2adfa330d6703f290216234da40149ea5c Mon Sep 17 00:00:00 2001 From: Kasper Svendsen Date: Wed, 25 Jun 2025 13:18:55 +0200 Subject: [PATCH 086/111] Java: Add abstraction for discardable locatables --- java/ql/lib/semmle/code/java/Expr.qll | 11 +----- java/ql/lib/semmle/code/java/Javadoc.qll | 11 +----- java/ql/lib/semmle/code/java/Member.qll | 30 +++------------ java/ql/lib/semmle/code/java/Overlay.qll | 43 ++++++++++++++++++++++ java/ql/lib/semmle/code/java/Statement.qll | 11 +----- java/ql/lib/semmle/code/java/Variable.qll | 11 +----- 6 files changed, 52 insertions(+), 65 deletions(-) diff --git a/java/ql/lib/semmle/code/java/Expr.qll b/java/ql/lib/semmle/code/java/Expr.qll index cafffae52bd..282d90eaeee 100644 --- a/java/ql/lib/semmle/code/java/Expr.qll +++ b/java/ql/lib/semmle/code/java/Expr.qll @@ -2704,13 +2704,4 @@ class RecordPatternExpr extends Expr, @recordpatternexpr { } overlay[local] -private predicate discardableExpr(string file, @expr e) { - not isOverlay() and - file = getRawFile(e) -} - -/** Discard base expressions in files fully extracted in the overlay. */ -overlay[discard_entity] -private predicate discardExpr(@expr e) { - exists(string file | discardableExpr(file, e) and extractedInOverlay(file)) -} +private class DiscardableExpr extends DiscardableLocatable, @expr { } diff --git a/java/ql/lib/semmle/code/java/Javadoc.qll b/java/ql/lib/semmle/code/java/Javadoc.qll index 101bab2723e..ac7a3c2cd6a 100644 --- a/java/ql/lib/semmle/code/java/Javadoc.qll +++ b/java/ql/lib/semmle/code/java/Javadoc.qll @@ -199,13 +199,4 @@ class KtCommentSection extends @ktcommentsection { } overlay[local] -private predicate discardableJavadoc(string file, @javadoc d) { - not isOverlay() and - exists(@member m | file = getRawFile(m) and hasJavadoc(m, d)) -} - -/** Discard javadoc entities in files fully extracted in the overlay. */ -overlay[discard_entity] -private predicate discardJavadoc(@javadoc d) { - exists(string file | discardableJavadoc(file, d) and extractedInOverlay(file)) -} +private class DiscardableJavadoc extends DiscardableLocatable, @javadoc { } diff --git a/java/ql/lib/semmle/code/java/Member.qll b/java/ql/lib/semmle/code/java/Member.qll index 805ab0bf940..1e814117e9e 100644 --- a/java/ql/lib/semmle/code/java/Member.qll +++ b/java/ql/lib/semmle/code/java/Member.qll @@ -906,31 +906,11 @@ class ExtensionMethod extends Method { } overlay[local] -private predicate discardableMethod(string file, @method m) { - not isOverlay() and - file = getRawFile(m) and - exists(@classorinterface c | methods(m, _, _, _, c, _) and isAnonymClass(c, _)) -} - -/** Discard base methods on anonymous classes in files fully extracted in the overlay. */ -overlay[discard_entity] -private predicate discardAnonMethod(@method m) { - exists(string file | discardableMethod(file, m) and extractedInOverlay(file)) +private class DiscardableAnonymousMethod extends DiscardableLocatable, @method { + DiscardableAnonymousMethod() { + exists(@classorinterface c | methods(this, _, _, _, c, _) and isAnonymClass(c, _)) + } } overlay[local] -private predicate discardableBaseMethod(string file, @method m) { - not isOverlay() and - file = getRawFile(m) -} - -overlay[local] -private predicate usedOverlayMethod(@method m) { isOverlay() and methods(m, _, _, _, _, _) } - -/** Discard base methods in files fully extracted in the overlay that were not extracted in the overlay. */ -overlay[discard_entity] -private predicate discardMethod(@method m) { - exists(string file | - discardableBaseMethod(file, m) and extractedInOverlay(file) and not usedOverlayMethod(m) - ) -} +private class DiscardableMethod extends DiscardableReferableLocatable, @method { } diff --git a/java/ql/lib/semmle/code/java/Overlay.qll b/java/ql/lib/semmle/code/java/Overlay.qll index 4ed0c185fb5..69178b1740a 100644 --- a/java/ql/lib/semmle/code/java/Overlay.qll +++ b/java/ql/lib/semmle/code/java/Overlay.qll @@ -35,3 +35,46 @@ predicate extractedInOverlay(string file) { // ignore skeleton extracted files in the overlay exists(@locatable l | numlines(l, _, _, _) and file = getRawFile(l)) } + +/** + * A `@locatable` that should be discarded in the base variant if its file is + * extracted in the overlay variant. + */ +overlay[local] +abstract class DiscardableLocatable extends @locatable { + /** Gets the raw file for a locatable in base. */ + string getRawFileInBase() { not isOverlay() and result = getRawFile(this) } + + /** Gets a textual representation of this discardable locatable. */ + string toString() { none() } +} + +overlay[discard_entity] +private predicate discardLocatable(@locatable el) { + extractedInOverlay(el.(DiscardableLocatable).getRawFileInBase()) +} + +/** + * A `@locatable` that should be discarded in the base variant if its file is + * extracted in the overlay variant and it is itself not extracted in the + * overlay, that is, it is deleted in the overlay. + */ +overlay[local] +abstract class DiscardableReferableLocatable extends @locatable { + /** Gets the raw file for a locatable in base. */ + string getRawFileInBase() { not isOverlay() and result = getRawFile(this) } + + /** Holds if the locatable exists in the overlay. */ + predicate existsInOverlay() { isOverlay() and exists(this) } + + /** Gets a textual representation of this discardable locatable. */ + string toString() { none() } +} + +overlay[discard_entity] +private predicate discardReferableLocatable(@locatable el) { + exists(DiscardableReferableLocatable drl | drl = el | + extractedInOverlay(drl.getRawFileInBase()) and + not drl.existsInOverlay() + ) +} diff --git a/java/ql/lib/semmle/code/java/Statement.qll b/java/ql/lib/semmle/code/java/Statement.qll index d1e7e748bc3..a4872a32c91 100644 --- a/java/ql/lib/semmle/code/java/Statement.qll +++ b/java/ql/lib/semmle/code/java/Statement.qll @@ -990,13 +990,4 @@ class SuperConstructorInvocationStmt extends Stmt, ConstructorCall, @superconstr } overlay[local] -private predicate discardableStmt(string file, @stmt s) { - not isOverlay() and - file = getRawFile(s) -} - -/** Discard base statements in files fully extracted in the overlay. */ -overlay[discard_entity] -private predicate discardStmt(@stmt s) { - exists(string file | discardableStmt(file, s) and extractedInOverlay(file)) -} +private class DiscardableStmt extends DiscardableLocatable, @stmt { } diff --git a/java/ql/lib/semmle/code/java/Variable.qll b/java/ql/lib/semmle/code/java/Variable.qll index 9b8b42b71fb..cb76fe3a9c9 100644 --- a/java/ql/lib/semmle/code/java/Variable.qll +++ b/java/ql/lib/semmle/code/java/Variable.qll @@ -136,13 +136,4 @@ class Parameter extends Element, @param, LocalScopeVariable { } overlay[local] -private predicate discardableLocalVarDecl(string file, @localscopevariable l) { - not isOverlay() and - file = getRawFile(l) -} - -/** Discard base local scoped variables in files fully extracted in the overlay. */ -overlay[discard_entity] -private predicate discardLocalVarDecl(@localscopevariable l) { - exists(string file | discardableLocalVarDecl(file, l) and extractedInOverlay(file)) -} +private class DiscardableLocalScopeVariable extends DiscardableLocatable, @localscopevariable { } From 1bd543a8a26ca7f727f9f1662db3b6775101d331 Mon Sep 17 00:00:00 2001 From: Tamas Vajk Date: Thu, 26 Jun 2025 11:36:32 +0200 Subject: [PATCH 087/111] Improve readability of the ID --- .../Concurrency/ScheduledThreadPoolExecutorZeroThread.ql | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/java/ql/src/Likely Bugs/Concurrency/ScheduledThreadPoolExecutorZeroThread.ql b/java/ql/src/Likely Bugs/Concurrency/ScheduledThreadPoolExecutorZeroThread.ql index cb6928a5b80..0b8acb5a088 100644 --- a/java/ql/src/Likely Bugs/Concurrency/ScheduledThreadPoolExecutorZeroThread.ql +++ b/java/ql/src/Likely Bugs/Concurrency/ScheduledThreadPoolExecutorZeroThread.ql @@ -1,11 +1,12 @@ /** - * @id java/javautilconcurrentscheduledthreadpoolexecutor + * @id java/java-util-concurrent-scheduledthreadpoolexecutor * @name Zero threads set for `java.util.concurrent.ScheduledThreadPoolExecutor` * @description Setting `java.util.concurrent.ScheduledThreadPoolExecutor` to have 0 threads serves * no purpose and may indicate programmer error. * @kind problem * @precision very-high * @problem.severity recommendation + * @previous-id java/javautilconcurrentscheduledthreadpoolexecutor * @tags quality * reliability * correctness From 712e64e4a8eda3dc7eec973e6a4e719b3de7b53f Mon Sep 17 00:00:00 2001 From: Kasper Svendsen Date: Thu, 26 Jun 2025 13:19:49 +0200 Subject: [PATCH 088/111] Overlay: Add overlay annotations to shared Guards library --- shared/controlflow/codeql/controlflow/Guards.qll | 2 ++ 1 file changed, 2 insertions(+) diff --git a/shared/controlflow/codeql/controlflow/Guards.qll b/shared/controlflow/codeql/controlflow/Guards.qll index 887eef9021a..d78d6ec8e8a 100644 --- a/shared/controlflow/codeql/controlflow/Guards.qll +++ b/shared/controlflow/codeql/controlflow/Guards.qll @@ -47,6 +47,8 @@ * using the result of Range Analysis to provide a final and more complete * controls relation. */ +overlay[local?] +module; private import codeql.util.Boolean private import codeql.util.Location From e0b3a2c5f9c07a6e58d85bbd14dc4d6412978a64 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nora=20Dimitrijevi=C4=87?= Date: Thu, 26 Jun 2025 10:09:12 +0200 Subject: [PATCH 089/111] Java: convert ArbitraryApkInstallation test to .qlref --- .../CWE-094/ApkInstallationTest.expected | 0 .../security/CWE-094/ApkInstallationTest.ql | 19 ------------------- .../ApkInstallation.java | 12 ++++++------ .../ApkInstallationTest.expected | 16 ++++++++++++++++ .../ApkInstallationTest.qlref | 4 ++++ .../CWE-094/ApkInstallationTest/options | 1 + 6 files changed, 27 insertions(+), 25 deletions(-) delete mode 100644 java/ql/test/query-tests/security/CWE-094/ApkInstallationTest.expected delete mode 100644 java/ql/test/query-tests/security/CWE-094/ApkInstallationTest.ql rename java/ql/test/query-tests/security/CWE-094/{ => ApkInstallationTest}/ApkInstallation.java (83%) create mode 100644 java/ql/test/query-tests/security/CWE-094/ApkInstallationTest/ApkInstallationTest.expected create mode 100644 java/ql/test/query-tests/security/CWE-094/ApkInstallationTest/ApkInstallationTest.qlref create mode 100644 java/ql/test/query-tests/security/CWE-094/ApkInstallationTest/options diff --git a/java/ql/test/query-tests/security/CWE-094/ApkInstallationTest.expected b/java/ql/test/query-tests/security/CWE-094/ApkInstallationTest.expected deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/java/ql/test/query-tests/security/CWE-094/ApkInstallationTest.ql b/java/ql/test/query-tests/security/CWE-094/ApkInstallationTest.ql deleted file mode 100644 index a4efceebc18..00000000000 --- a/java/ql/test/query-tests/security/CWE-094/ApkInstallationTest.ql +++ /dev/null @@ -1,19 +0,0 @@ -import java -import semmle.code.java.dataflow.DataFlow -import semmle.code.java.security.ArbitraryApkInstallationQuery -import utils.test.InlineExpectationsTest - -module HasApkInstallationTest implements TestSig { - string getARelevantTag() { result = "hasApkInstallation" } - - predicate hasActualResult(Location location, string element, string tag, string value) { - tag = "hasApkInstallation" and - exists(DataFlow::Node sink | ApkInstallationFlow::flowTo(sink) | - sink.getLocation() = location and - element = sink.toString() and - value = "" - ) - } -} - -import MakeTest diff --git a/java/ql/test/query-tests/security/CWE-094/ApkInstallation.java b/java/ql/test/query-tests/security/CWE-094/ApkInstallationTest/ApkInstallation.java similarity index 83% rename from java/ql/test/query-tests/security/CWE-094/ApkInstallation.java rename to java/ql/test/query-tests/security/CWE-094/ApkInstallationTest/ApkInstallation.java index 680ad633083..ee6a0c56b70 100644 --- a/java/ql/test/query-tests/security/CWE-094/ApkInstallation.java +++ b/java/ql/test/query-tests/security/CWE-094/ApkInstallationTest/ApkInstallation.java @@ -11,7 +11,7 @@ public class ApkInstallation extends Activity { public void installAPK(String path) { // BAD: the path is not checked Intent intent = new Intent(Intent.ACTION_VIEW); - intent.setDataAndType(Uri.fromFile(new File(path)), "application/vnd.android.package-archive"); // $ hasApkInstallation + intent.setDataAndType(Uri.fromFile(new File(path)), "application/vnd.android.package-archive"); // $ Alert startActivity(intent); } @@ -19,7 +19,7 @@ public class ApkInstallation extends Activity { Intent intent = new Intent(Intent.ACTION_VIEW); intent.setType(APK_MIMETYPE); // BAD: the path is not checked - intent.setData(Uri.fromFile(new File(path))); // $ hasApkInstallation + intent.setData(Uri.fromFile(new File(path))); // $ Alert startActivity(intent); } @@ -27,7 +27,7 @@ public class ApkInstallation extends Activity { // BAD: file is from external storage File file = new File(Environment.getExternalStorageDirectory(), path); Intent intent = new Intent(Intent.ACTION_VIEW); - intent.setDataAndType(Uri.fromFile(file), APK_MIMETYPE); // $ hasApkInstallation + intent.setDataAndType(Uri.fromFile(file), APK_MIMETYPE); // $ Alert startActivity(intent); } @@ -35,14 +35,14 @@ public class ApkInstallation extends Activity { // BAD: file is from external storage File file = new File(Environment.getExternalStorageDirectory(), path); Intent intent = new Intent(Intent.ACTION_INSTALL_PACKAGE); - intent.setData(Uri.fromFile(file)); // $ hasApkInstallation + intent.setData(Uri.fromFile(file)); // $ Alert startActivity(intent); } public void installAPKInstallPackageLiteral(String path) { File file = new File(Environment.getExternalStorageDirectory(), path); Intent intent = new Intent("android.intent.action.INSTALL_PACKAGE"); - intent.setData(Uri.fromFile(file)); // $ hasApkInstallation + intent.setData(Uri.fromFile(file)); // $ Alert startActivity(intent); } @@ -50,7 +50,7 @@ public class ApkInstallation extends Activity { Intent intent = new Intent(this, OtherActivity.class); intent.setAction(Intent.ACTION_VIEW); // BAD: the file is from unknown source - intent.setData(Uri.fromFile(file)); // $ hasApkInstallation + intent.setData(Uri.fromFile(file)); // $ Alert } } diff --git a/java/ql/test/query-tests/security/CWE-094/ApkInstallationTest/ApkInstallationTest.expected b/java/ql/test/query-tests/security/CWE-094/ApkInstallationTest/ApkInstallationTest.expected new file mode 100644 index 00000000000..7a6b0ccde88 --- /dev/null +++ b/java/ql/test/query-tests/security/CWE-094/ApkInstallationTest/ApkInstallationTest.expected @@ -0,0 +1,16 @@ +#select +| ApkInstallation.java:14:31:14:58 | fromFile(...) | ApkInstallation.java:14:31:14:58 | fromFile(...) | ApkInstallation.java:14:31:14:58 | fromFile(...) | Arbitrary Android APK installation. | +| ApkInstallation.java:22:24:22:51 | fromFile(...) | ApkInstallation.java:22:24:22:51 | fromFile(...) | ApkInstallation.java:22:24:22:51 | fromFile(...) | Arbitrary Android APK installation. | +| ApkInstallation.java:30:31:30:48 | fromFile(...) | ApkInstallation.java:30:31:30:48 | fromFile(...) | ApkInstallation.java:30:31:30:48 | fromFile(...) | Arbitrary Android APK installation. | +| ApkInstallation.java:38:24:38:41 | fromFile(...) | ApkInstallation.java:38:24:38:41 | fromFile(...) | ApkInstallation.java:38:24:38:41 | fromFile(...) | Arbitrary Android APK installation. | +| ApkInstallation.java:45:24:45:41 | fromFile(...) | ApkInstallation.java:45:24:45:41 | fromFile(...) | ApkInstallation.java:45:24:45:41 | fromFile(...) | Arbitrary Android APK installation. | +| ApkInstallation.java:53:24:53:41 | fromFile(...) | ApkInstallation.java:53:24:53:41 | fromFile(...) | ApkInstallation.java:53:24:53:41 | fromFile(...) | Arbitrary Android APK installation. | +edges +nodes +| ApkInstallation.java:14:31:14:58 | fromFile(...) | semmle.label | fromFile(...) | +| ApkInstallation.java:22:24:22:51 | fromFile(...) | semmle.label | fromFile(...) | +| ApkInstallation.java:30:31:30:48 | fromFile(...) | semmle.label | fromFile(...) | +| ApkInstallation.java:38:24:38:41 | fromFile(...) | semmle.label | fromFile(...) | +| ApkInstallation.java:45:24:45:41 | fromFile(...) | semmle.label | fromFile(...) | +| ApkInstallation.java:53:24:53:41 | fromFile(...) | semmle.label | fromFile(...) | +subpaths diff --git a/java/ql/test/query-tests/security/CWE-094/ApkInstallationTest/ApkInstallationTest.qlref b/java/ql/test/query-tests/security/CWE-094/ApkInstallationTest/ApkInstallationTest.qlref new file mode 100644 index 00000000000..7566db8af78 --- /dev/null +++ b/java/ql/test/query-tests/security/CWE-094/ApkInstallationTest/ApkInstallationTest.qlref @@ -0,0 +1,4 @@ +query: Security/CWE/CWE-094/ArbitraryApkInstallation.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql diff --git a/java/ql/test/query-tests/security/CWE-094/ApkInstallationTest/options b/java/ql/test/query-tests/security/CWE-094/ApkInstallationTest/options new file mode 100644 index 00000000000..d7c8332682b --- /dev/null +++ b/java/ql/test/query-tests/security/CWE-094/ApkInstallationTest/options @@ -0,0 +1 @@ +//semmle-extractor-options: --javac-args -cp ${testdir}/../../../../stubs/validation-api-2.0.1.Final:${testdir}/../../../../stubs/springframework-5.8.x:${testdir}/../../../../stubs/apache-commons-jexl-2.1.1:${testdir}/../../../../stubs/apache-commons-jexl-3.1:${testdir}/../../../../stubs/apache-commons-logging-1.2:${testdir}/../../../../stubs/mvel2-2.4.7:${testdir}/../../../../stubs/groovy-all-3.0.7:${testdir}/../../../../stubs/servlet-api-2.4:${testdir}/../../../../stubs/scriptengine:${testdir}/../../../../stubs/jsr223-api:${testdir}/../../../../stubs/apache-freemarker-2.3.31:${testdir}/../../../../stubs/jinjava-2.6.0:${testdir}/../../../../stubs/pebble-3.1.5:${testdir}/../../../../stubs/thymeleaf-3.0.14:${testdir}/../../../../stubs/apache-velocity-2.3:${testdir}/../../../..//stubs/google-android-9.0.0 From 89f1ee03014b533648e987cc95f7d1cad1312e2f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nora=20Dimitrijevi=C4=87?= Date: Thu, 26 Jun 2025 11:48:44 +0200 Subject: [PATCH 090/111] Ruby: add meta/TaintedNodes.ql test --- .../meta/TaintedNodes/TaintedNodes.expected | 79 ++++++++++++++++ .../meta/TaintedNodes/TaintedNodes.qlref | 4 + .../meta/TaintedNodes/tainted_path.rb | 94 +++++++++++++++++++ 3 files changed, 177 insertions(+) create mode 100644 ruby/ql/test/query-tests/meta/TaintedNodes/TaintedNodes.expected create mode 100644 ruby/ql/test/query-tests/meta/TaintedNodes/TaintedNodes.qlref create mode 100644 ruby/ql/test/query-tests/meta/TaintedNodes/tainted_path.rb diff --git a/ruby/ql/test/query-tests/meta/TaintedNodes/TaintedNodes.expected b/ruby/ql/test/query-tests/meta/TaintedNodes/TaintedNodes.expected new file mode 100644 index 00000000000..26956a4ad92 --- /dev/null +++ b/ruby/ql/test/query-tests/meta/TaintedNodes/TaintedNodes.expected @@ -0,0 +1,79 @@ +| tainted_path.rb:4:5:4:24 | ... = ... | Tainted node | +| tainted_path.rb:4:12:4:17 | call to params | Tainted node | +| tainted_path.rb:4:12:4:24 | ...[...] | Tainted node | +| tainted_path.rb:5:26:5:29 | path | Tainted node | +| tainted_path.rb:10:5:10:43 | ... = ... | Tainted node | +| tainted_path.rb:10:12:10:43 | call to absolute_path | Tainted node | +| tainted_path.rb:10:31:10:36 | call to params | Tainted node | +| tainted_path.rb:10:31:10:43 | ...[...] | Tainted node | +| tainted_path.rb:11:26:11:29 | path | Tainted node | +| tainted_path.rb:16:5:16:47 | ... = ... | Tainted node | +| tainted_path.rb:16:12:16:47 | "#{...}/foo" | Tainted node | +| tainted_path.rb:16:13:16:42 | #{...} | Tainted node | +| tainted_path.rb:16:15:16:41 | call to dirname | Tainted node | +| tainted_path.rb:16:28:16:33 | call to params | Tainted node | +| tainted_path.rb:16:28:16:40 | ...[...] | Tainted node | +| tainted_path.rb:17:26:17:29 | path | Tainted node | +| tainted_path.rb:22:5:22:41 | ... = ... | Tainted node | +| tainted_path.rb:22:12:22:41 | call to expand_path | Tainted node | +| tainted_path.rb:22:29:22:34 | call to params | Tainted node | +| tainted_path.rb:22:29:22:41 | ...[...] | Tainted node | +| tainted_path.rb:23:26:23:29 | path | Tainted node | +| tainted_path.rb:28:5:28:34 | ... = ... | Tainted node | +| tainted_path.rb:28:12:28:34 | call to path | Tainted node | +| tainted_path.rb:28:22:28:27 | call to params | Tainted node | +| tainted_path.rb:28:22:28:34 | ...[...] | Tainted node | +| tainted_path.rb:29:26:29:29 | path | Tainted node | +| tainted_path.rb:34:5:34:41 | ... = ... | Tainted node | +| tainted_path.rb:34:12:34:41 | call to realdirpath | Tainted node | +| tainted_path.rb:34:29:34:34 | call to params | Tainted node | +| tainted_path.rb:34:29:34:41 | ...[...] | Tainted node | +| tainted_path.rb:35:26:35:29 | path | Tainted node | +| tainted_path.rb:40:5:40:38 | ... = ... | Tainted node | +| tainted_path.rb:40:12:40:38 | call to realpath | Tainted node | +| tainted_path.rb:40:26:40:31 | call to params | Tainted node | +| tainted_path.rb:40:26:40:38 | ...[...] | Tainted node | +| tainted_path.rb:41:26:41:29 | path | Tainted node | +| tainted_path.rb:47:5:47:63 | ... = ... | Tainted node | +| tainted_path.rb:47:12:47:63 | call to join | Tainted node | +| tainted_path.rb:47:43:47:48 | call to params | Tainted node | +| tainted_path.rb:47:43:47:55 | ...[...] | Tainted node | +| tainted_path.rb:48:26:48:29 | path | Tainted node | +| tainted_path.rb:53:26:53:31 | call to params | Tainted node | +| tainted_path.rb:53:26:53:38 | ...[...] | Tainted node | +| tainted_path.rb:59:5:59:53 | ... = ... | Tainted node | +| tainted_path.rb:59:12:59:53 | call to new | Tainted node | +| tainted_path.rb:59:40:59:45 | call to params | Tainted node | +| tainted_path.rb:59:40:59:52 | ...[...] | Tainted node | +| tainted_path.rb:60:26:60:29 | path | Tainted node | +| tainted_path.rb:65:5:65:63 | ... = ... | Tainted node | +| tainted_path.rb:65:12:65:53 | call to new | Tainted node | +| tainted_path.rb:65:12:65:63 | call to sanitized | Tainted node | +| tainted_path.rb:65:40:65:45 | call to params | Tainted node | +| tainted_path.rb:65:40:65:52 | ...[...] | Tainted node | +| tainted_path.rb:66:26:66:29 | path | Tainted node | +| tainted_path.rb:71:5:71:53 | ... = ... | Tainted node | +| tainted_path.rb:71:12:71:53 | call to new | Tainted node | +| tainted_path.rb:71:40:71:45 | call to params | Tainted node | +| tainted_path.rb:71:40:71:52 | ...[...] | Tainted node | +| tainted_path.rb:72:15:72:18 | path | Tainted node | +| tainted_path.rb:77:5:77:53 | ... = ... | Tainted node | +| tainted_path.rb:77:12:77:53 | call to new | Tainted node | +| tainted_path.rb:77:40:77:45 | call to params | Tainted node | +| tainted_path.rb:77:40:77:52 | ...[...] | Tainted node | +| tainted_path.rb:78:19:78:22 | path | Tainted node | +| tainted_path.rb:79:14:79:17 | path | Tainted node | +| tainted_path.rb:84:5:84:53 | ... = ... | Tainted node | +| tainted_path.rb:84:12:84:53 | call to new | Tainted node | +| tainted_path.rb:84:40:84:45 | call to params | Tainted node | +| tainted_path.rb:84:40:84:52 | ...[...] | Tainted node | +| tainted_path.rb:85:10:85:13 | path | Tainted node | +| tainted_path.rb:86:25:86:28 | path | Tainted node | +| tainted_path.rb:90:5:90:53 | ... = ... | Tainted node | +| tainted_path.rb:90:12:90:53 | call to new | Tainted node | +| tainted_path.rb:90:40:90:45 | call to params | Tainted node | +| tainted_path.rb:90:40:90:52 | ...[...] | Tainted node | +| tainted_path.rb:91:10:91:43 | "Debug: require_relative(#{...})" | Tainted node | +| tainted_path.rb:91:35:91:41 | #{...} | Tainted node | +| tainted_path.rb:91:37:91:40 | path | Tainted node | +| tainted_path.rb:92:11:92:14 | path | Tainted node | diff --git a/ruby/ql/test/query-tests/meta/TaintedNodes/TaintedNodes.qlref b/ruby/ql/test/query-tests/meta/TaintedNodes/TaintedNodes.qlref new file mode 100644 index 00000000000..0fd4f30b68a --- /dev/null +++ b/ruby/ql/test/query-tests/meta/TaintedNodes/TaintedNodes.qlref @@ -0,0 +1,4 @@ +query: queries/meta/TaintedNodes.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql diff --git a/ruby/ql/test/query-tests/meta/TaintedNodes/tainted_path.rb b/ruby/ql/test/query-tests/meta/TaintedNodes/tainted_path.rb new file mode 100644 index 00000000000..a85c0ad975d --- /dev/null +++ b/ruby/ql/test/query-tests/meta/TaintedNodes/tainted_path.rb @@ -0,0 +1,94 @@ +class FooController < ActionController::Base + # BAD + def route0 + path = params[:path] # $ Alert + @content = File.read path # $ Alert + end + + # BAD - File.absolute_path preserves taint + def route1 + path = File.absolute_path params[:path] # $ Alert + @content = File.read path # $ Alert + end + + # BAD - File.dirname preserves taint + def route2 + path = "#{File.dirname(params[:path])}/foo" # $ Alert + @content = File.read path # $ Alert + end + + # BAD - File.expand_path preserves taint + def route3 + path = File.expand_path params[:path] # $ Alert + @content = File.read path # $ Alert + end + + # BAD - File.path preserves taint + def route4 + path = File.path params[:path] # $ Alert + @content = File.read path # $ Alert + end + + # BAD - File.realdirpath preserves taint + def route5 + path = File.realdirpath params[:path] # $ Alert + @content = File.read path # $ Alert + end + + # BAD - File.realpath preserves taint + def route6 + path = File.realpath params[:path] # $ Alert + @content = File.read path # $ Alert + end + + # BAD - tainted arguments in any position propagate to the return value of + # File.join + def route7 + path = File.join("foo", "bar", "baz", params[:path], "qux") # $ Alert + @content = File.read path # $ Alert + end + + # GOOD - File.basename does not preserve taint + def route8 + path = File.basename params[:path] # $ Alert + @content = File.read path # Sanitized + end + + # BAD + def route9 + path = ActiveStorage::Filename.new(params[:path]) # $ Alert + @content = File.read path # $ Alert + end + + # GOOD - explicitly sanitized + def route10 + path = ActiveStorage::Filename.new(params[:path]).sanitized # $ Alert + @content = File.read path # $ SPURIOUS: Alert (should have been sanitized) + end + + # BAD + def route11 + path = ActiveStorage::Filename.new(params[:path]) # $ Alert + send_file path # $ Alert + end + + # BAD + def route12 + path = ActiveStorage::Filename.new(params[:path]) # $ Alert + bla (Dir.glob path) # $ Alert + bla (Dir[path]) # $ Alert + end + + # BAD + def route13 + path = ActiveStorage::Filename.new(params[:path]) # $ Alert + load(path) # $ Alert + autoload(:MyModule, path) # $ Alert + end + + def require_relative() + path = ActiveStorage::Filename.new(params[:path]) # $ Alert + puts "Debug: require_relative(#{path})" # $ Alert + super(path) # $ Alert + end +end From b70aa804e562b2f9f3e7ac912add2b902bca7c0f Mon Sep 17 00:00:00 2001 From: Tom Hvitved Date: Thu, 26 Jun 2025 11:54:36 +0200 Subject: [PATCH 091/111] Rust: Cache `DataFlow::Node.{toString,getLocation}` --- .../codeql/rust/dataflow/internal/Node.qll | 31 +++++++++---------- .../lib/codeql/rust/internal/CachedStages.qll | 4 ++- 2 files changed, 18 insertions(+), 17 deletions(-) diff --git a/rust/ql/lib/codeql/rust/dataflow/internal/Node.qll b/rust/ql/lib/codeql/rust/dataflow/internal/Node.qll index b18ccbacbd6..a1bdc367d0a 100644 --- a/rust/ql/lib/codeql/rust/dataflow/internal/Node.qll +++ b/rust/ql/lib/codeql/rust/dataflow/internal/Node.qll @@ -17,13 +17,19 @@ private import codeql.rust.dataflow.FlowSummary private import Node as Node private import DataFlowImpl private import FlowSummaryImpl as FlowSummaryImpl +private import codeql.rust.internal.CachedStages /** An element, viewed as a node in a data flow graph. */ -abstract class NodePublic extends TNode { +// It is important to not make this class `abstract`, as it otherwise results in +// a needless charpred, which will result in recomputation of internal non-cached +// predicates +class NodePublic extends TNode { /** Gets the location of this node. */ + cached abstract Location getLocation(); /** Gets a textual representation of this node. */ + cached abstract string toString(); /** @@ -55,17 +61,6 @@ abstract class Node extends NodePublic { CfgNode getCfgNode() { none() } } -/** A node type that is not implemented. */ -final class NaNode extends Node { - NaNode() { none() } - - override CfgScope getCfgScope() { none() } - - override string toString() { result = "N/A" } - - override Location getLocation() { none() } -} - /** A data flow node used to model flow summaries. */ class FlowSummaryNode extends Node, TFlowSummaryNode { FlowSummaryImpl::Private::SummaryNode getSummaryNode() { this = TFlowSummaryNode(result) } @@ -108,6 +103,7 @@ class FlowSummaryNode extends Node, TFlowSummaryNode { } override Location getLocation() { + Stages::DataFlowStage::ref() and exists(this.getSummarizedCallable()) and result instanceof EmptyLocation or @@ -116,7 +112,10 @@ class FlowSummaryNode extends Node, TFlowSummaryNode { result = this.getSinkElement().getLocation() } - override string toString() { result = this.getSummaryNode().toString() } + override string toString() { + Stages::DataFlowStage::ref() and + result = this.getSummaryNode().toString() + } } /** A data flow node that corresponds directly to a CFG node for an AST node. */ @@ -440,9 +439,9 @@ private class CapturePostUpdateNode extends PostUpdateNode, CaptureNode { final override string toString() { result = PostUpdateNode.super.toString() } } -final class CastNode = NaNode; - -private import codeql.rust.internal.CachedStages +final class CastNode extends ExprNode { + CastNode() { none() } +} cached newtype TNode = diff --git a/rust/ql/lib/codeql/rust/internal/CachedStages.qll b/rust/ql/lib/codeql/rust/internal/CachedStages.qll index 2a7447ed7a3..0c2099d4dcd 100644 --- a/rust/ql/lib/codeql/rust/internal/CachedStages.qll +++ b/rust/ql/lib/codeql/rust/internal/CachedStages.qll @@ -186,7 +186,9 @@ module Stages { predicate backref() { 1 = 1 or - exists(Node n) + exists(any(Node n).toString()) + or + exists(any(Node n).getLocation()) or RustTaintTracking::defaultAdditionalTaintStep(_, _, _) or From 9a48459951440515e8e4f5337b72561a4d3ebcdc Mon Sep 17 00:00:00 2001 From: Tom Hvitved Date: Thu, 26 Jun 2025 15:14:08 +0200 Subject: [PATCH 092/111] Add change note --- rust/ql/lib/change-notes/2025-06-26-dataflow-traits.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 rust/ql/lib/change-notes/2025-06-26-dataflow-traits.md diff --git a/rust/ql/lib/change-notes/2025-06-26-dataflow-traits.md b/rust/ql/lib/change-notes/2025-06-26-dataflow-traits.md new file mode 100644 index 00000000000..c3513958ccd --- /dev/null +++ b/rust/ql/lib/change-notes/2025-06-26-dataflow-traits.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Implemented support for data flow through trait functions. For the purpose of data flow, calls to trait functions dispatch to all possible implementations. From 3083bdb0b4017ea9cc2d28b8390388f2affbee73 Mon Sep 17 00:00:00 2001 From: Eric Bickle <2086875+ebickle@users.noreply.github.com> Date: Thu, 26 Jun 2025 06:47:24 -0700 Subject: [PATCH 093/111] C++: Update MaD line numbers in flow.expected --- .../dataflow/external-models/flow.expected | 62 +++++++++---------- 1 file changed, 31 insertions(+), 31 deletions(-) diff --git a/cpp/ql/test/library-tests/dataflow/external-models/flow.expected b/cpp/ql/test/library-tests/dataflow/external-models/flow.expected index 385af7a4e2c..b7916b2db66 100644 --- a/cpp/ql/test/library-tests/dataflow/external-models/flow.expected +++ b/cpp/ql/test/library-tests/dataflow/external-models/flow.expected @@ -10,48 +10,48 @@ edges | asio_streams.cpp:100:44:100:62 | call to buffer | asio_streams.cpp:103:29:103:39 | *send_buffer | provenance | Sink:MaD:6 | | asio_streams.cpp:100:64:100:71 | *send_str | asio_streams.cpp:56:18:56:23 | [summary param] *0 in buffer | provenance | | | asio_streams.cpp:100:64:100:71 | *send_str | asio_streams.cpp:100:44:100:62 | call to buffer | provenance | MaD:10 | -| test.cpp:4:5:4:17 | [summary param] 0 in ymlStepManual | test.cpp:4:5:4:17 | [summary] to write: ReturnValue in ymlStepManual | provenance | MaD:26955 | -| test.cpp:5:5:5:20 | [summary param] 0 in ymlStepGenerated | test.cpp:5:5:5:20 | [summary] to write: ReturnValue in ymlStepGenerated | provenance | MaD:26956 | -| test.cpp:6:5:6:27 | [summary param] 0 in ymlStepManual_with_body | test.cpp:6:5:6:27 | [summary] to write: ReturnValue in ymlStepManual_with_body | provenance | MaD:26957 | +| test.cpp:4:5:4:17 | [summary param] 0 in ymlStepManual | test.cpp:4:5:4:17 | [summary] to write: ReturnValue in ymlStepManual | provenance | MaD:26957 | +| test.cpp:5:5:5:20 | [summary param] 0 in ymlStepGenerated | test.cpp:5:5:5:20 | [summary] to write: ReturnValue in ymlStepGenerated | provenance | MaD:26958 | +| test.cpp:6:5:6:27 | [summary param] 0 in ymlStepManual_with_body | test.cpp:6:5:6:27 | [summary] to write: ReturnValue in ymlStepManual_with_body | provenance | MaD:26959 | | test.cpp:7:47:7:52 | value2 | test.cpp:7:64:7:69 | value2 | provenance | | | test.cpp:7:64:7:69 | value2 | test.cpp:7:5:7:30 | *ymlStepGenerated_with_body | provenance | | -| test.cpp:10:10:10:18 | call to ymlSource | test.cpp:10:10:10:18 | call to ymlSource | provenance | Src:MaD:26953 | -| test.cpp:10:10:10:18 | call to ymlSource | test.cpp:14:10:14:10 | x | provenance | Sink:MaD:26954 | +| test.cpp:10:10:10:18 | call to ymlSource | test.cpp:10:10:10:18 | call to ymlSource | provenance | Src:MaD:26955 | +| test.cpp:10:10:10:18 | call to ymlSource | test.cpp:14:10:14:10 | x | provenance | Sink:MaD:26956 | | test.cpp:10:10:10:18 | call to ymlSource | test.cpp:17:24:17:24 | x | provenance | | | test.cpp:10:10:10:18 | call to ymlSource | test.cpp:21:27:21:27 | x | provenance | | | test.cpp:10:10:10:18 | call to ymlSource | test.cpp:25:35:25:35 | x | provenance | | | test.cpp:10:10:10:18 | call to ymlSource | test.cpp:32:41:32:41 | x | provenance | | | test.cpp:17:10:17:22 | call to ymlStepManual | test.cpp:17:10:17:22 | call to ymlStepManual | provenance | | -| test.cpp:17:10:17:22 | call to ymlStepManual | test.cpp:18:10:18:10 | y | provenance | Sink:MaD:26954 | +| test.cpp:17:10:17:22 | call to ymlStepManual | test.cpp:18:10:18:10 | y | provenance | Sink:MaD:26956 | | test.cpp:17:24:17:24 | x | test.cpp:4:5:4:17 | [summary param] 0 in ymlStepManual | provenance | | -| test.cpp:17:24:17:24 | x | test.cpp:17:10:17:22 | call to ymlStepManual | provenance | MaD:26955 | +| test.cpp:17:24:17:24 | x | test.cpp:17:10:17:22 | call to ymlStepManual | provenance | MaD:26957 | | test.cpp:21:10:21:25 | call to ymlStepGenerated | test.cpp:21:10:21:25 | call to ymlStepGenerated | provenance | | -| test.cpp:21:10:21:25 | call to ymlStepGenerated | test.cpp:22:10:22:10 | z | provenance | Sink:MaD:26954 | +| test.cpp:21:10:21:25 | call to ymlStepGenerated | test.cpp:22:10:22:10 | z | provenance | Sink:MaD:26956 | | test.cpp:21:27:21:27 | x | test.cpp:5:5:5:20 | [summary param] 0 in ymlStepGenerated | provenance | | -| test.cpp:21:27:21:27 | x | test.cpp:21:10:21:25 | call to ymlStepGenerated | provenance | MaD:26956 | +| test.cpp:21:27:21:27 | x | test.cpp:21:10:21:25 | call to ymlStepGenerated | provenance | MaD:26958 | | test.cpp:25:11:25:33 | call to ymlStepManual_with_body | test.cpp:25:11:25:33 | call to ymlStepManual_with_body | provenance | | -| test.cpp:25:11:25:33 | call to ymlStepManual_with_body | test.cpp:26:10:26:11 | y2 | provenance | Sink:MaD:26954 | +| test.cpp:25:11:25:33 | call to ymlStepManual_with_body | test.cpp:26:10:26:11 | y2 | provenance | Sink:MaD:26956 | | test.cpp:25:35:25:35 | x | test.cpp:6:5:6:27 | [summary param] 0 in ymlStepManual_with_body | provenance | | -| test.cpp:25:35:25:35 | x | test.cpp:25:11:25:33 | call to ymlStepManual_with_body | provenance | MaD:26957 | +| test.cpp:25:35:25:35 | x | test.cpp:25:11:25:33 | call to ymlStepManual_with_body | provenance | MaD:26959 | | test.cpp:32:11:32:36 | call to ymlStepGenerated_with_body | test.cpp:32:11:32:36 | call to ymlStepGenerated_with_body | provenance | | -| test.cpp:32:11:32:36 | call to ymlStepGenerated_with_body | test.cpp:33:10:33:11 | z2 | provenance | Sink:MaD:26954 | +| test.cpp:32:11:32:36 | call to ymlStepGenerated_with_body | test.cpp:33:10:33:11 | z2 | provenance | Sink:MaD:26956 | | test.cpp:32:41:32:41 | x | test.cpp:7:47:7:52 | value2 | provenance | | | test.cpp:32:41:32:41 | x | test.cpp:32:11:32:36 | call to ymlStepGenerated_with_body | provenance | | -| windows.cpp:17:8:17:25 | [summary param] *0 in CommandLineToArgvA | windows.cpp:17:8:17:25 | [summary] to write: ReturnValue[**] in CommandLineToArgvA | provenance | MaD:341 | -| windows.cpp:22:15:22:29 | *call to GetCommandLineA | windows.cpp:22:15:22:29 | *call to GetCommandLineA | provenance | Src:MaD:325 | +| windows.cpp:17:8:17:25 | [summary param] *0 in CommandLineToArgvA | windows.cpp:17:8:17:25 | [summary] to write: ReturnValue[**] in CommandLineToArgvA | provenance | MaD:343 | +| windows.cpp:22:15:22:29 | *call to GetCommandLineA | windows.cpp:22:15:22:29 | *call to GetCommandLineA | provenance | Src:MaD:327 | | windows.cpp:22:15:22:29 | *call to GetCommandLineA | windows.cpp:24:8:24:11 | * ... | provenance | | | windows.cpp:22:15:22:29 | *call to GetCommandLineA | windows.cpp:27:36:27:38 | *cmd | provenance | | | windows.cpp:27:17:27:34 | **call to CommandLineToArgvA | windows.cpp:27:17:27:34 | **call to CommandLineToArgvA | provenance | | | windows.cpp:27:17:27:34 | **call to CommandLineToArgvA | windows.cpp:30:8:30:15 | * ... | provenance | | | windows.cpp:27:36:27:38 | *cmd | windows.cpp:17:8:17:25 | [summary param] *0 in CommandLineToArgvA | provenance | | -| windows.cpp:27:36:27:38 | *cmd | windows.cpp:27:17:27:34 | **call to CommandLineToArgvA | provenance | MaD:341 | -| windows.cpp:34:17:34:38 | *call to GetEnvironmentStringsA | windows.cpp:34:17:34:38 | *call to GetEnvironmentStringsA | provenance | Src:MaD:327 | +| windows.cpp:27:36:27:38 | *cmd | windows.cpp:27:17:27:34 | **call to CommandLineToArgvA | provenance | MaD:343 | +| windows.cpp:34:17:34:38 | *call to GetEnvironmentStringsA | windows.cpp:34:17:34:38 | *call to GetEnvironmentStringsA | provenance | Src:MaD:329 | | windows.cpp:34:17:34:38 | *call to GetEnvironmentStringsA | windows.cpp:36:10:36:13 | * ... | provenance | | -| windows.cpp:39:36:39:38 | GetEnvironmentVariableA output argument | windows.cpp:41:10:41:13 | * ... | provenance | Src:MaD:329 | +| windows.cpp:39:36:39:38 | GetEnvironmentVariableA output argument | windows.cpp:41:10:41:13 | * ... | provenance | Src:MaD:331 | | windows.cpp:90:6:90:15 | [summary param] *3 in ReadFileEx [*hEvent] | windows.cpp:90:6:90:15 | [summary] read: Argument[*3].Field[*hEvent] in ReadFileEx | provenance | | | windows.cpp:90:6:90:15 | [summary param] *3 in ReadFileEx [hEvent] | windows.cpp:90:6:90:15 | [summary] read: Argument[*3].Field[hEvent] in ReadFileEx | provenance | | -| windows.cpp:90:6:90:15 | [summary] read: Argument[*3].Field[*hEvent] in ReadFileEx | windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2].Field[*hEvent] in ReadFileEx | provenance | MaD:343 | -| windows.cpp:90:6:90:15 | [summary] read: Argument[*3].Field[hEvent] in ReadFileEx | windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2].Field[hEvent] in ReadFileEx | provenance | MaD:343 | +| windows.cpp:90:6:90:15 | [summary] read: Argument[*3].Field[*hEvent] in ReadFileEx | windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2].Field[*hEvent] in ReadFileEx | provenance | MaD:345 | +| windows.cpp:90:6:90:15 | [summary] read: Argument[*3].Field[hEvent] in ReadFileEx | windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2].Field[hEvent] in ReadFileEx | provenance | MaD:345 | | windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2] in ReadFileEx [*hEvent] | windows.cpp:147:16:147:27 | *lpOverlapped [*hEvent] | provenance | | | windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2] in ReadFileEx [hEvent] | windows.cpp:157:16:157:27 | *lpOverlapped [hEvent] | provenance | | | windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2].Field[*hEvent] in ReadFileEx | windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2] in ReadFileEx [*hEvent] | provenance | | @@ -67,36 +67,36 @@ edges | windows.cpp:159:12:159:55 | hEvent | windows.cpp:160:8:160:8 | c | provenance | | | windows.cpp:159:35:159:46 | *lpOverlapped [hEvent] | windows.cpp:159:12:159:55 | hEvent | provenance | | | windows.cpp:159:35:159:46 | *lpOverlapped [hEvent] | windows.cpp:159:12:159:55 | hEvent | provenance | | -| windows.cpp:168:35:168:40 | ReadFile output argument | windows.cpp:170:10:170:16 | * ... | provenance | Src:MaD:331 | -| windows.cpp:177:23:177:28 | ReadFileEx output argument | windows.cpp:179:10:179:16 | * ... | provenance | Src:MaD:332 | -| windows.cpp:189:21:189:26 | ReadFile output argument | windows.cpp:190:5:190:56 | *... = ... | provenance | Src:MaD:331 | +| windows.cpp:168:35:168:40 | ReadFile output argument | windows.cpp:170:10:170:16 | * ... | provenance | Src:MaD:333 | +| windows.cpp:177:23:177:28 | ReadFileEx output argument | windows.cpp:179:10:179:16 | * ... | provenance | Src:MaD:334 | +| windows.cpp:189:21:189:26 | ReadFile output argument | windows.cpp:190:5:190:56 | *... = ... | provenance | Src:MaD:333 | | windows.cpp:190:5:190:14 | *overlapped [post update] [*hEvent] | windows.cpp:192:53:192:63 | *& ... [*hEvent] | provenance | | | windows.cpp:190:5:190:56 | *... = ... | windows.cpp:190:5:190:14 | *overlapped [post update] [*hEvent] | provenance | | | windows.cpp:192:53:192:63 | *& ... [*hEvent] | windows.cpp:90:6:90:15 | [summary param] *3 in ReadFileEx [*hEvent] | provenance | | -| windows.cpp:198:21:198:26 | ReadFile output argument | windows.cpp:199:5:199:57 | ... = ... | provenance | Src:MaD:331 | +| windows.cpp:198:21:198:26 | ReadFile output argument | windows.cpp:199:5:199:57 | ... = ... | provenance | Src:MaD:333 | | windows.cpp:199:5:199:14 | *overlapped [post update] [hEvent] | windows.cpp:201:53:201:63 | *& ... [hEvent] | provenance | | | windows.cpp:199:5:199:57 | ... = ... | windows.cpp:199:5:199:14 | *overlapped [post update] [hEvent] | provenance | | | windows.cpp:201:53:201:63 | *& ... [hEvent] | windows.cpp:90:6:90:15 | [summary param] *3 in ReadFileEx [hEvent] | provenance | | -| windows.cpp:209:84:209:89 | NtReadFile output argument | windows.cpp:211:10:211:16 | * ... | provenance | Src:MaD:340 | -| windows.cpp:286:23:286:35 | *call to MapViewOfFile | windows.cpp:286:23:286:35 | *call to MapViewOfFile | provenance | Src:MaD:333 | +| windows.cpp:209:84:209:89 | NtReadFile output argument | windows.cpp:211:10:211:16 | * ... | provenance | Src:MaD:342 | +| windows.cpp:286:23:286:35 | *call to MapViewOfFile | windows.cpp:286:23:286:35 | *call to MapViewOfFile | provenance | Src:MaD:335 | | windows.cpp:286:23:286:35 | *call to MapViewOfFile | windows.cpp:287:20:287:52 | *pMapView | provenance | | | windows.cpp:287:20:287:52 | *pMapView | windows.cpp:289:10:289:16 | * ... | provenance | | -| windows.cpp:293:23:293:36 | *call to MapViewOfFile2 | windows.cpp:293:23:293:36 | *call to MapViewOfFile2 | provenance | Src:MaD:334 | +| windows.cpp:293:23:293:36 | *call to MapViewOfFile2 | windows.cpp:293:23:293:36 | *call to MapViewOfFile2 | provenance | Src:MaD:336 | | windows.cpp:293:23:293:36 | *call to MapViewOfFile2 | windows.cpp:294:20:294:52 | *pMapView | provenance | | | windows.cpp:294:20:294:52 | *pMapView | windows.cpp:296:10:296:16 | * ... | provenance | | -| windows.cpp:302:23:302:36 | *call to MapViewOfFile3 | windows.cpp:302:23:302:36 | *call to MapViewOfFile3 | provenance | Src:MaD:335 | +| windows.cpp:302:23:302:36 | *call to MapViewOfFile3 | windows.cpp:302:23:302:36 | *call to MapViewOfFile3 | provenance | Src:MaD:337 | | windows.cpp:302:23:302:36 | *call to MapViewOfFile3 | windows.cpp:303:20:303:52 | *pMapView | provenance | | | windows.cpp:303:20:303:52 | *pMapView | windows.cpp:305:10:305:16 | * ... | provenance | | -| windows.cpp:311:23:311:43 | *call to MapViewOfFile3FromApp | windows.cpp:311:23:311:43 | *call to MapViewOfFile3FromApp | provenance | Src:MaD:336 | +| windows.cpp:311:23:311:43 | *call to MapViewOfFile3FromApp | windows.cpp:311:23:311:43 | *call to MapViewOfFile3FromApp | provenance | Src:MaD:338 | | windows.cpp:311:23:311:43 | *call to MapViewOfFile3FromApp | windows.cpp:312:20:312:52 | *pMapView | provenance | | | windows.cpp:312:20:312:52 | *pMapView | windows.cpp:314:10:314:16 | * ... | provenance | | -| windows.cpp:318:23:318:37 | *call to MapViewOfFileEx | windows.cpp:318:23:318:37 | *call to MapViewOfFileEx | provenance | Src:MaD:337 | +| windows.cpp:318:23:318:37 | *call to MapViewOfFileEx | windows.cpp:318:23:318:37 | *call to MapViewOfFileEx | provenance | Src:MaD:339 | | windows.cpp:318:23:318:37 | *call to MapViewOfFileEx | windows.cpp:319:20:319:52 | *pMapView | provenance | | | windows.cpp:319:20:319:52 | *pMapView | windows.cpp:321:10:321:16 | * ... | provenance | | -| windows.cpp:325:23:325:42 | *call to MapViewOfFileFromApp | windows.cpp:325:23:325:42 | *call to MapViewOfFileFromApp | provenance | Src:MaD:338 | +| windows.cpp:325:23:325:42 | *call to MapViewOfFileFromApp | windows.cpp:325:23:325:42 | *call to MapViewOfFileFromApp | provenance | Src:MaD:340 | | windows.cpp:325:23:325:42 | *call to MapViewOfFileFromApp | windows.cpp:326:20:326:52 | *pMapView | provenance | | | windows.cpp:326:20:326:52 | *pMapView | windows.cpp:328:10:328:16 | * ... | provenance | | -| windows.cpp:332:23:332:40 | *call to MapViewOfFileNuma2 | windows.cpp:332:23:332:40 | *call to MapViewOfFileNuma2 | provenance | Src:MaD:339 | +| windows.cpp:332:23:332:40 | *call to MapViewOfFileNuma2 | windows.cpp:332:23:332:40 | *call to MapViewOfFileNuma2 | provenance | Src:MaD:341 | | windows.cpp:332:23:332:40 | *call to MapViewOfFileNuma2 | windows.cpp:333:20:333:52 | *pMapView | provenance | | | windows.cpp:333:20:333:52 | *pMapView | windows.cpp:335:10:335:16 | * ... | provenance | | nodes From 505d8806c71d7f259ebe50d7c45e8dce64e2a3a3 Mon Sep 17 00:00:00 2001 From: "REDMOND\\brodes" Date: Thu, 26 Jun 2025 11:51:49 -0400 Subject: [PATCH 094/111] Crypto: Add key input support for the graph for key generation operations. --- .../OpenSSL/Operations/KeyGenOperation.qll | 6 +++- .../library-tests/quantum/node_edges.expected | 4 +++ .../quantum/node_properties.expected | 2 ++ .../library-tests/quantum/nodes.expected | 2 ++ .../codeql/quantum/experimental/Model.qll | 30 ++++++++++++++----- 5 files changed, 35 insertions(+), 9 deletions(-) diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/KeyGenOperation.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/KeyGenOperation.qll index 42cf8a6940f..2c146aec97f 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/KeyGenOperation.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/KeyGenOperation.qll @@ -177,6 +177,10 @@ class KeyGenOperationInstance extends Crypto::KeyGenerationOperationInstance ins super.getOutputStepFlowingToStep(KeyIO()).getOutput(KeyIO()) = result } + override predicate hasKeyValueConsumer() { + exists(OperationStep s | s.flowsToOperationStep(this) and s.setsValue(KeyIO())) + } + override Crypto::ConsumerInputDataFlowNode getKeySizeConsumer() { super.getDominatingInitializersToStep(KeySizeIO()).getInput(KeySizeIO()) = result } @@ -194,7 +198,7 @@ class KeyGenOperationInstance extends Crypto::KeyGenerationOperationInstance ins // .getKeySize() } - override Crypto::ConsumerInputDataFlowNode getRawKeyValueConsumer() { + override Crypto::ConsumerInputDataFlowNode getKeyValueConsumer() { super.getDominatingInitializersToStep(KeyIO()).getInput(KeyIO()) = result } } diff --git a/cpp/ql/test/experimental/library-tests/quantum/node_edges.expected b/cpp/ql/test/experimental/library-tests/quantum/node_edges.expected index 652194fc60c..27be8e5cfba 100644 --- a/cpp/ql/test/experimental/library-tests/quantum/node_edges.expected +++ b/cpp/ql/test/experimental/library-tests/quantum/node_edges.expected @@ -32,8 +32,10 @@ | openssl_basic.c:144:46:144:51 | Digest | Source | openssl_basic.c:144:46:144:51 | Digest | | openssl_basic.c:155:22:155:41 | Key | Algorithm | openssl_basic.c:155:22:155:41 | Key | | openssl_basic.c:155:22:155:41 | KeyGeneration | Algorithm | openssl_basic.c:155:22:155:41 | KeyGeneration | +| openssl_basic.c:155:22:155:41 | KeyGeneration | KeyInput | openssl_basic.c:155:64:155:66 | Key | | openssl_basic.c:155:22:155:41 | KeyGeneration | Output | openssl_basic.c:155:22:155:41 | Key | | openssl_basic.c:155:43:155:55 | MACAlgorithm | H | openssl_basic.c:160:39:160:48 | HashAlgorithm | +| openssl_basic.c:155:64:155:66 | Key | Source | openssl_basic.c:179:43:179:76 | Constant | | openssl_basic.c:160:59:160:62 | Key | Source | openssl_basic.c:155:22:155:41 | Key | | openssl_basic.c:163:35:163:41 | Message | Source | openssl_basic.c:181:49:181:87 | Constant | | openssl_basic.c:167:9:167:27 | SignOperation | Algorithm | openssl_basic.c:167:9:167:27 | SignOperation | @@ -154,7 +156,9 @@ | openssl_signature.c:548:9:548:23 | KeyGeneration | Algorithm | openssl_signature.c:543:35:543:46 | KeyOperationAlgorithm | | openssl_signature.c:548:9:548:23 | KeyGeneration | Output | openssl_signature.c:548:34:548:37 | Key | | openssl_signature.c:548:34:548:37 | Key | Algorithm | openssl_signature.c:543:35:543:46 | KeyOperationAlgorithm | +| openssl_signature.c:575:32:575:37 | Key | Source | openssl_signature.c:575:32:575:37 | Key | | openssl_signature.c:578:9:578:23 | KeyGeneration | Algorithm | openssl_signature.c:565:50:565:54 | KeyOperationAlgorithm | +| openssl_signature.c:578:9:578:23 | KeyGeneration | KeyInput | openssl_signature.c:575:32:575:37 | Key | | openssl_signature.c:578:9:578:23 | KeyGeneration | Output | openssl_signature.c:578:34:578:37 | Key | | openssl_signature.c:578:34:578:37 | Key | Algorithm | openssl_signature.c:565:50:565:54 | KeyOperationAlgorithm | | openssl_signature.c:702:60:702:71 | KeyOperationAlgorithm | Padding | openssl_signature.c:702:60:702:71 | KeyOperationAlgorithm | diff --git a/cpp/ql/test/experimental/library-tests/quantum/node_properties.expected b/cpp/ql/test/experimental/library-tests/quantum/node_properties.expected index 2a9cac52beb..52a7c61502b 100644 --- a/cpp/ql/test/experimental/library-tests/quantum/node_properties.expected +++ b/cpp/ql/test/experimental/library-tests/quantum/node_properties.expected @@ -23,6 +23,7 @@ | openssl_basic.c:155:22:155:41 | Key | KeyType | Asymmetric | openssl_basic.c:155:22:155:41 | openssl_basic.c:155:22:155:41 | | openssl_basic.c:155:43:155:55 | MACAlgorithm | Name | HMAC | openssl_basic.c:155:43:155:55 | openssl_basic.c:155:43:155:55 | | openssl_basic.c:155:43:155:55 | MACAlgorithm | RawName | 855 | openssl_basic.c:155:43:155:55 | openssl_basic.c:155:43:155:55 | +| openssl_basic.c:155:64:155:66 | Key | KeyType | Unknown | openssl_basic.c:155:64:155:66 | openssl_basic.c:155:64:155:66 | | openssl_basic.c:160:39:160:48 | HashAlgorithm | DigestSize | 256 | openssl_basic.c:160:39:160:48 | openssl_basic.c:160:39:160:48 | | openssl_basic.c:160:39:160:48 | HashAlgorithm | Name | SHA2 | openssl_basic.c:160:39:160:48 | openssl_basic.c:160:39:160:48 | | openssl_basic.c:160:39:160:48 | HashAlgorithm | RawName | EVP_sha256 | openssl_basic.c:160:39:160:48 | openssl_basic.c:160:39:160:48 | @@ -65,6 +66,7 @@ | openssl_signature.c:565:50:565:54 | KeyOperationAlgorithm | Name | DSA | openssl_signature.c:565:50:565:54 | openssl_signature.c:565:50:565:54 | | openssl_signature.c:565:50:565:54 | KeyOperationAlgorithm | RawName | dsa | openssl_signature.c:565:50:565:54 | openssl_signature.c:565:50:565:54 | | openssl_signature.c:569:55:569:58 | Constant | Description | 2048 | openssl_signature.c:569:55:569:58 | openssl_signature.c:569:55:569:58 | +| openssl_signature.c:575:32:575:37 | Key | KeyType | Unknown | openssl_signature.c:575:32:575:37 | openssl_signature.c:575:32:575:37 | | openssl_signature.c:578:34:578:37 | Key | KeyType | Asymmetric | openssl_signature.c:578:34:578:37 | openssl_signature.c:578:34:578:37 | | openssl_signature.c:602:37:602:77 | Constant | Description | Test message for OpenSSL signature APIs | openssl_signature.c:602:37:602:77 | openssl_signature.c:602:37:602:77 | | openssl_signature.c:684:24:684:33 | HashAlgorithm | DigestSize | 256 | openssl_signature.c:684:24:684:33 | openssl_signature.c:684:24:684:33 | diff --git a/cpp/ql/test/experimental/library-tests/quantum/nodes.expected b/cpp/ql/test/experimental/library-tests/quantum/nodes.expected index 9b5bf547604..223f7bfca6c 100644 --- a/cpp/ql/test/experimental/library-tests/quantum/nodes.expected +++ b/cpp/ql/test/experimental/library-tests/quantum/nodes.expected @@ -25,6 +25,7 @@ | openssl_basic.c:155:22:155:41 | Key | | openssl_basic.c:155:22:155:41 | KeyGeneration | | openssl_basic.c:155:43:155:55 | MACAlgorithm | +| openssl_basic.c:155:64:155:66 | Key | | openssl_basic.c:160:39:160:48 | HashAlgorithm | | openssl_basic.c:160:59:160:62 | Key | | openssl_basic.c:163:35:163:41 | Message | @@ -86,6 +87,7 @@ | openssl_signature.c:548:34:548:37 | Key | | openssl_signature.c:565:50:565:54 | KeyOperationAlgorithm | | openssl_signature.c:569:55:569:58 | Constant | +| openssl_signature.c:575:32:575:37 | Key | | openssl_signature.c:578:9:578:23 | KeyGeneration | | openssl_signature.c:578:34:578:37 | Key | | openssl_signature.c:602:37:602:77 | Constant | diff --git a/shared/quantum/codeql/quantum/experimental/Model.qll b/shared/quantum/codeql/quantum/experimental/Model.qll index 99ba0499b62..e369c68f2a1 100644 --- a/shared/quantum/codeql/quantum/experimental/Model.qll +++ b/shared/quantum/codeql/quantum/experimental/Model.qll @@ -295,6 +295,8 @@ module CryptographyBase Input> { ( exists(KeyCreationOperationInstance op | input = op.getKeySizeConsumer()) or + exists(KeyGenerationOperationInstance op | input = op.getKeyValueConsumer()) + or exists(KeyDerivationOperationInstance op | input = op.getIterationCountConsumer() or input = op.getOutputKeySizeConsumer() @@ -539,6 +541,8 @@ module CryptographyBase Input> { ( exists(KeyOperationInstance op | inputNode = op.getKeyConsumer()) or + exists(KeyGenerationOperationInstance op | inputNode = op.getKeyValueConsumer()) + or exists(MacOperationInstance op | inputNode = op.getKeyConsumer()) or exists(KeyAgreementSecretGenerationOperationInstance op | @@ -959,10 +963,18 @@ module CryptographyBase Input> { final override string getKeyCreationTypeDescription() { result = "KeyGeneration" } /** - * Gets a consumer of a raw value that is used to generate the key. - * Not all key generation operations require a raw value. + * Gets the consumer of a key for this key generaiton operation. + * This occurs when a key generation operaiton is based on a raw key value + * or it generates another key or key context from a previously generated key. */ - abstract ConsumerInputDataFlowNode getRawKeyValueConsumer(); + abstract ConsumerInputDataFlowNode getKeyValueConsumer(); + + /** + * Holds if the key generation operation has a key consumer + * i.e., an input that is explicitly used for the key value. + * This value should correspond to the value returned by `getKeyValueConsumer()`. + */ + abstract predicate hasKeyValueConsumer(); } abstract class KeyLoadOperationInstance extends KeyCreationOperationInstance { @@ -1708,10 +1720,8 @@ module CryptographyBase Input> { node instanceof KeyCreationCandidateAlgorithmNode } - NodeBase getARawValueSource() { - result = keyGenInstance.getRawKeyValueConsumer().getConsumer().getAGenericSourceNode() - or - result = keyGenInstance.getRawKeyValueConsumer().getConsumer().getAKnownSourceNode() + KeyArtifactNode getKeyArtifact() { + result.asElement() = keyGenInstance.getKeyValueConsumer().getConsumer() } override NodeBase getChild(string key) { @@ -1720,7 +1730,11 @@ module CryptographyBase Input> { // [ALWAYS_KNOWN] key = "Output" and result = this.getOutputKeyArtifact() - //TODO: how do I output the raw key if known? If not known, it may not require/have a raw value consumer, don't output + or + // [KnOWN_OR_UNKNOWN] only if a raw key is a known input + key = "KeyInput" and + keyGenInstance.hasKeyValueConsumer() and + result = this.getKeyArtifact() } } From dc8d22a46886f1d5fa460b6d1ff48298df435276 Mon Sep 17 00:00:00 2001 From: "REDMOND\\brodes" Date: Thu, 26 Jun 2025 15:48:10 -0400 Subject: [PATCH 095/111] Crypto: Fix JCA to account for new key gen instance API in model.qll. --- java/ql/lib/experimental/quantum/JCA.qll | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/java/ql/lib/experimental/quantum/JCA.qll b/java/ql/lib/experimental/quantum/JCA.qll index 5983c4b69f3..70a12cd3db8 100644 --- a/java/ql/lib/experimental/quantum/JCA.qll +++ b/java/ql/lib/experimental/quantum/JCA.qll @@ -1104,7 +1104,9 @@ module JCAModel { override int getKeySizeFixed() { none() } - override Crypto::ConsumerInputDataFlowNode getRawKeyValueConsumer() { none() } + override Crypto::ConsumerInputDataFlowNode getKeyValueConsumer() { none() } + + override predicate hasKeyValueConsumer() { none() } } class KeyGeneratorCipherAlgorithm extends CipherStringLiteralAlgorithmInstance { From 0aee4f76f9b4badb957b2dca70f6b9b63797d3fe Mon Sep 17 00:00:00 2001 From: "REDMOND\\brodes" Date: Thu, 26 Jun 2025 16:35:01 -0400 Subject: [PATCH 096/111] Crypto: Minor change to force CI/CD checks to restart, prior ql check failures do not make sense. --- java/ql/lib/experimental/quantum/JCA.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/ql/lib/experimental/quantum/JCA.qll b/java/ql/lib/experimental/quantum/JCA.qll index 70a12cd3db8..01d67b106d7 100644 --- a/java/ql/lib/experimental/quantum/JCA.qll +++ b/java/ql/lib/experimental/quantum/JCA.qll @@ -1028,7 +1028,7 @@ module JCAModel { KeyGeneratorGetInstanceCall getInstantiationCall() { result = instantiationCall } } - // TODO: Link getAlgorithm from KeyPairGenerator to algorithm instances or AVCs? High priority. + //TODO: Link getAlgorithm from KeyPairGenerator to algorithm instances or AVCs? High priority. class KeyGeneratorGetInstanceCall extends MethodCall { KeyGeneratorGetInstanceCall() { this.getCallee().hasQualifiedName("javax.crypto", "KeyGenerator", "getInstance") From 0996e6083eaf403a3eff29135fbfda099306ab10 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Thu, 26 Jun 2025 17:27:33 +0200 Subject: [PATCH 097/111] C++: Pretty print MaD ids in test output --- .../semmle/code/cpp/dataflow/ExternalFlow.qll | 43 ++++++++ cpp/ql/lib/utils/test/PrettyPrintModels.ql | 6 ++ .../dataflow/external-models/flow.expected | 98 ++++++++++++------- .../dataflow/external-models/flow.ql | 3 +- .../CWE-089/SqlTainted/SqlTainted.expected | 23 +++-- .../CWE/CWE-089/SqlTainted/SqlTainted.qlref | 6 +- .../Security/CWE/CWE-089/SqlTainted/test.c | 18 ++-- .../Security/CWE/CWE-089/SqlTainted/test.cpp | 4 +- 8 files changed, 141 insertions(+), 60 deletions(-) create mode 100644 cpp/ql/lib/utils/test/PrettyPrintModels.ql diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/ExternalFlow.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/ExternalFlow.qll index 456768081a1..b279c4965f3 100644 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/ExternalFlow.qll +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/ExternalFlow.qll @@ -229,6 +229,49 @@ private predicate summaryModel0( ) } +/** + * Holds if the given extension tuple `madId` should pretty-print as `model`. + * + * This predicate should only be used in tests. + */ +predicate interpretModelForTest(QlBuiltins::ExtensionId madId, string model) { + exists( + string namespace, string type, boolean subtypes, string name, string signature, string ext, + string output, string kind, string provenance + | + Extensions::sourceModel(namespace, type, subtypes, name, signature, ext, output, kind, + provenance, madId) + | + model = + "Source: " + namespace + "; " + type + "; " + subtypes + "; " + name + "; " + signature + "; " + + ext + "; " + output + "; " + kind + "; " + provenance + ) + or + exists( + string namespace, string type, boolean subtypes, string name, string signature, string ext, + string input, string kind, string provenance + | + Extensions::sinkModel(namespace, type, subtypes, name, signature, ext, input, kind, provenance, + madId) + | + model = + "Sink: " + namespace + "; " + type + "; " + subtypes + "; " + name + "; " + signature + "; " + + ext + "; " + input + "; " + kind + "; " + provenance + ) + or + exists( + string namespace, string type, boolean subtypes, string name, string signature, string ext, + string input, string output, string kind, string provenance + | + Extensions::summaryModel(namespace, type, subtypes, name, signature, ext, input, output, kind, + provenance, madId) + | + model = + "Summary: " + namespace + "; " + type + "; " + subtypes + "; " + name + "; " + signature + + "; " + ext + "; " + input + "; " + output + "; " + kind + "; " + provenance + ) +} + /** * Holds if `input` is `input0`, but with all occurrences of `@` replaced * by `n` repetitions of `*` (and similarly for `output` and `output0`). diff --git a/cpp/ql/lib/utils/test/PrettyPrintModels.ql b/cpp/ql/lib/utils/test/PrettyPrintModels.ql new file mode 100644 index 00000000000..8cc172cfbf1 --- /dev/null +++ b/cpp/ql/lib/utils/test/PrettyPrintModels.ql @@ -0,0 +1,6 @@ +/** + * @kind test-postprocess + */ + +import semmle.code.cpp.dataflow.ExternalFlow +import codeql.dataflow.test.ProvenancePathGraph::TestPostProcessing::TranslateProvenanceResults diff --git a/cpp/ql/test/library-tests/dataflow/external-models/flow.expected b/cpp/ql/test/library-tests/dataflow/external-models/flow.expected index b7916b2db66..40b9275766c 100644 --- a/cpp/ql/test/library-tests/dataflow/external-models/flow.expected +++ b/cpp/ql/test/library-tests/dataflow/external-models/flow.expected @@ -1,57 +1,80 @@ -testFailures +models +| 1 | Sink: ; ; false; ymlSink; ; ; Argument[0]; test-sink; manual | +| 2 | Sink: boost::asio; ; false; write; ; ; Argument[*1]; remote-sink; manual | +| 3 | Source: ; ; false; GetCommandLineA; ; ; ReturnValue[*]; local; manual | +| 4 | Source: ; ; false; GetEnvironmentStringsA; ; ; ReturnValue[*]; local; manual | +| 5 | Source: ; ; false; GetEnvironmentVariableA; ; ; Argument[*1]; local; manual | +| 6 | Source: ; ; false; MapViewOfFile2; ; ; ReturnValue[*]; local; manual | +| 7 | Source: ; ; false; MapViewOfFile3; ; ; ReturnValue[*]; local; manual | +| 8 | Source: ; ; false; MapViewOfFile3FromApp; ; ; ReturnValue[*]; local; manual | +| 9 | Source: ; ; false; MapViewOfFile; ; ; ReturnValue[*]; local; manual | +| 10 | Source: ; ; false; MapViewOfFileEx; ; ; ReturnValue[*]; local; manual | +| 11 | Source: ; ; false; MapViewOfFileFromApp; ; ; ReturnValue[*]; local; manual | +| 12 | Source: ; ; false; MapViewOfFileNuma2; ; ; ReturnValue[*]; local; manual | +| 13 | Source: ; ; false; NtReadFile; ; ; Argument[*5]; local; manual | +| 14 | Source: ; ; false; ReadFile; ; ; Argument[*1]; local; manual | +| 15 | Source: ; ; false; ReadFileEx; ; ; Argument[*1]; local; manual | +| 16 | Source: ; ; false; ymlSource; ; ; ReturnValue; local; manual | +| 17 | Source: boost::asio; ; false; read_until; ; ; Argument[*1]; remote; manual | +| 18 | Summary: ; ; false; CommandLineToArgvA; ; ; Argument[*0]; ReturnValue[**]; taint; manual | +| 19 | Summary: ; ; false; ReadFileEx; ; ; Argument[*3].Field[@hEvent]; Argument[4].Parameter[*2].Field[@hEvent]; value; manual | +| 20 | Summary: ; ; false; ymlStepGenerated; ; ; Argument[0]; ReturnValue; taint; df-generated | +| 21 | Summary: ; ; false; ymlStepManual; ; ; Argument[0]; ReturnValue; taint; manual | +| 22 | Summary: ; ; false; ymlStepManual_with_body; ; ; Argument[0]; ReturnValue; taint; manual | +| 23 | Summary: boost::asio; ; false; buffer; ; ; Argument[*0]; ReturnValue; taint; manual | edges -| asio_streams.cpp:56:18:56:23 | [summary param] *0 in buffer | asio_streams.cpp:56:18:56:23 | [summary] to write: ReturnValue in buffer | provenance | MaD:10 | -| asio_streams.cpp:87:34:87:44 | read_until output argument | asio_streams.cpp:91:7:91:17 | recv_buffer | provenance | Src:MaD:2 | -| asio_streams.cpp:87:34:87:44 | read_until output argument | asio_streams.cpp:93:29:93:39 | *recv_buffer | provenance | Src:MaD:2 Sink:MaD:6 | +| asio_streams.cpp:56:18:56:23 | [summary param] *0 in buffer | asio_streams.cpp:56:18:56:23 | [summary] to write: ReturnValue in buffer | provenance | MaD:23 | +| asio_streams.cpp:87:34:87:44 | read_until output argument | asio_streams.cpp:91:7:91:17 | recv_buffer | provenance | Src:MaD:17 | +| asio_streams.cpp:87:34:87:44 | read_until output argument | asio_streams.cpp:93:29:93:39 | *recv_buffer | provenance | Src:MaD:17 Sink:MaD:2 | | asio_streams.cpp:97:37:97:44 | call to source | asio_streams.cpp:98:7:98:14 | send_str | provenance | TaintFunction | | asio_streams.cpp:97:37:97:44 | call to source | asio_streams.cpp:100:64:100:71 | *send_str | provenance | TaintFunction | | asio_streams.cpp:100:44:100:62 | call to buffer | asio_streams.cpp:100:44:100:62 | call to buffer | provenance | | | asio_streams.cpp:100:44:100:62 | call to buffer | asio_streams.cpp:101:7:101:17 | send_buffer | provenance | | -| asio_streams.cpp:100:44:100:62 | call to buffer | asio_streams.cpp:103:29:103:39 | *send_buffer | provenance | Sink:MaD:6 | +| asio_streams.cpp:100:44:100:62 | call to buffer | asio_streams.cpp:103:29:103:39 | *send_buffer | provenance | Sink:MaD:2 | | asio_streams.cpp:100:64:100:71 | *send_str | asio_streams.cpp:56:18:56:23 | [summary param] *0 in buffer | provenance | | -| asio_streams.cpp:100:64:100:71 | *send_str | asio_streams.cpp:100:44:100:62 | call to buffer | provenance | MaD:10 | -| test.cpp:4:5:4:17 | [summary param] 0 in ymlStepManual | test.cpp:4:5:4:17 | [summary] to write: ReturnValue in ymlStepManual | provenance | MaD:26957 | -| test.cpp:5:5:5:20 | [summary param] 0 in ymlStepGenerated | test.cpp:5:5:5:20 | [summary] to write: ReturnValue in ymlStepGenerated | provenance | MaD:26958 | -| test.cpp:6:5:6:27 | [summary param] 0 in ymlStepManual_with_body | test.cpp:6:5:6:27 | [summary] to write: ReturnValue in ymlStepManual_with_body | provenance | MaD:26959 | +| asio_streams.cpp:100:64:100:71 | *send_str | asio_streams.cpp:100:44:100:62 | call to buffer | provenance | MaD:23 | +| test.cpp:4:5:4:17 | [summary param] 0 in ymlStepManual | test.cpp:4:5:4:17 | [summary] to write: ReturnValue in ymlStepManual | provenance | MaD:21 | +| test.cpp:5:5:5:20 | [summary param] 0 in ymlStepGenerated | test.cpp:5:5:5:20 | [summary] to write: ReturnValue in ymlStepGenerated | provenance | MaD:20 | +| test.cpp:6:5:6:27 | [summary param] 0 in ymlStepManual_with_body | test.cpp:6:5:6:27 | [summary] to write: ReturnValue in ymlStepManual_with_body | provenance | MaD:22 | | test.cpp:7:47:7:52 | value2 | test.cpp:7:64:7:69 | value2 | provenance | | | test.cpp:7:64:7:69 | value2 | test.cpp:7:5:7:30 | *ymlStepGenerated_with_body | provenance | | -| test.cpp:10:10:10:18 | call to ymlSource | test.cpp:10:10:10:18 | call to ymlSource | provenance | Src:MaD:26955 | -| test.cpp:10:10:10:18 | call to ymlSource | test.cpp:14:10:14:10 | x | provenance | Sink:MaD:26956 | +| test.cpp:10:10:10:18 | call to ymlSource | test.cpp:10:10:10:18 | call to ymlSource | provenance | Src:MaD:16 | +| test.cpp:10:10:10:18 | call to ymlSource | test.cpp:14:10:14:10 | x | provenance | Sink:MaD:1 | | test.cpp:10:10:10:18 | call to ymlSource | test.cpp:17:24:17:24 | x | provenance | | | test.cpp:10:10:10:18 | call to ymlSource | test.cpp:21:27:21:27 | x | provenance | | | test.cpp:10:10:10:18 | call to ymlSource | test.cpp:25:35:25:35 | x | provenance | | | test.cpp:10:10:10:18 | call to ymlSource | test.cpp:32:41:32:41 | x | provenance | | | test.cpp:17:10:17:22 | call to ymlStepManual | test.cpp:17:10:17:22 | call to ymlStepManual | provenance | | -| test.cpp:17:10:17:22 | call to ymlStepManual | test.cpp:18:10:18:10 | y | provenance | Sink:MaD:26956 | +| test.cpp:17:10:17:22 | call to ymlStepManual | test.cpp:18:10:18:10 | y | provenance | Sink:MaD:1 | | test.cpp:17:24:17:24 | x | test.cpp:4:5:4:17 | [summary param] 0 in ymlStepManual | provenance | | -| test.cpp:17:24:17:24 | x | test.cpp:17:10:17:22 | call to ymlStepManual | provenance | MaD:26957 | +| test.cpp:17:24:17:24 | x | test.cpp:17:10:17:22 | call to ymlStepManual | provenance | MaD:21 | | test.cpp:21:10:21:25 | call to ymlStepGenerated | test.cpp:21:10:21:25 | call to ymlStepGenerated | provenance | | -| test.cpp:21:10:21:25 | call to ymlStepGenerated | test.cpp:22:10:22:10 | z | provenance | Sink:MaD:26956 | +| test.cpp:21:10:21:25 | call to ymlStepGenerated | test.cpp:22:10:22:10 | z | provenance | Sink:MaD:1 | | test.cpp:21:27:21:27 | x | test.cpp:5:5:5:20 | [summary param] 0 in ymlStepGenerated | provenance | | -| test.cpp:21:27:21:27 | x | test.cpp:21:10:21:25 | call to ymlStepGenerated | provenance | MaD:26958 | +| test.cpp:21:27:21:27 | x | test.cpp:21:10:21:25 | call to ymlStepGenerated | provenance | MaD:20 | | test.cpp:25:11:25:33 | call to ymlStepManual_with_body | test.cpp:25:11:25:33 | call to ymlStepManual_with_body | provenance | | -| test.cpp:25:11:25:33 | call to ymlStepManual_with_body | test.cpp:26:10:26:11 | y2 | provenance | Sink:MaD:26956 | +| test.cpp:25:11:25:33 | call to ymlStepManual_with_body | test.cpp:26:10:26:11 | y2 | provenance | Sink:MaD:1 | | test.cpp:25:35:25:35 | x | test.cpp:6:5:6:27 | [summary param] 0 in ymlStepManual_with_body | provenance | | -| test.cpp:25:35:25:35 | x | test.cpp:25:11:25:33 | call to ymlStepManual_with_body | provenance | MaD:26959 | +| test.cpp:25:35:25:35 | x | test.cpp:25:11:25:33 | call to ymlStepManual_with_body | provenance | MaD:22 | | test.cpp:32:11:32:36 | call to ymlStepGenerated_with_body | test.cpp:32:11:32:36 | call to ymlStepGenerated_with_body | provenance | | -| test.cpp:32:11:32:36 | call to ymlStepGenerated_with_body | test.cpp:33:10:33:11 | z2 | provenance | Sink:MaD:26956 | +| test.cpp:32:11:32:36 | call to ymlStepGenerated_with_body | test.cpp:33:10:33:11 | z2 | provenance | Sink:MaD:1 | | test.cpp:32:41:32:41 | x | test.cpp:7:47:7:52 | value2 | provenance | | | test.cpp:32:41:32:41 | x | test.cpp:32:11:32:36 | call to ymlStepGenerated_with_body | provenance | | -| windows.cpp:17:8:17:25 | [summary param] *0 in CommandLineToArgvA | windows.cpp:17:8:17:25 | [summary] to write: ReturnValue[**] in CommandLineToArgvA | provenance | MaD:343 | -| windows.cpp:22:15:22:29 | *call to GetCommandLineA | windows.cpp:22:15:22:29 | *call to GetCommandLineA | provenance | Src:MaD:327 | +| windows.cpp:17:8:17:25 | [summary param] *0 in CommandLineToArgvA | windows.cpp:17:8:17:25 | [summary] to write: ReturnValue[**] in CommandLineToArgvA | provenance | MaD:18 | +| windows.cpp:22:15:22:29 | *call to GetCommandLineA | windows.cpp:22:15:22:29 | *call to GetCommandLineA | provenance | Src:MaD:3 | | windows.cpp:22:15:22:29 | *call to GetCommandLineA | windows.cpp:24:8:24:11 | * ... | provenance | | | windows.cpp:22:15:22:29 | *call to GetCommandLineA | windows.cpp:27:36:27:38 | *cmd | provenance | | | windows.cpp:27:17:27:34 | **call to CommandLineToArgvA | windows.cpp:27:17:27:34 | **call to CommandLineToArgvA | provenance | | | windows.cpp:27:17:27:34 | **call to CommandLineToArgvA | windows.cpp:30:8:30:15 | * ... | provenance | | | windows.cpp:27:36:27:38 | *cmd | windows.cpp:17:8:17:25 | [summary param] *0 in CommandLineToArgvA | provenance | | -| windows.cpp:27:36:27:38 | *cmd | windows.cpp:27:17:27:34 | **call to CommandLineToArgvA | provenance | MaD:343 | -| windows.cpp:34:17:34:38 | *call to GetEnvironmentStringsA | windows.cpp:34:17:34:38 | *call to GetEnvironmentStringsA | provenance | Src:MaD:329 | +| windows.cpp:27:36:27:38 | *cmd | windows.cpp:27:17:27:34 | **call to CommandLineToArgvA | provenance | MaD:18 | +| windows.cpp:34:17:34:38 | *call to GetEnvironmentStringsA | windows.cpp:34:17:34:38 | *call to GetEnvironmentStringsA | provenance | Src:MaD:4 | | windows.cpp:34:17:34:38 | *call to GetEnvironmentStringsA | windows.cpp:36:10:36:13 | * ... | provenance | | -| windows.cpp:39:36:39:38 | GetEnvironmentVariableA output argument | windows.cpp:41:10:41:13 | * ... | provenance | Src:MaD:331 | +| windows.cpp:39:36:39:38 | GetEnvironmentVariableA output argument | windows.cpp:41:10:41:13 | * ... | provenance | Src:MaD:5 | | windows.cpp:90:6:90:15 | [summary param] *3 in ReadFileEx [*hEvent] | windows.cpp:90:6:90:15 | [summary] read: Argument[*3].Field[*hEvent] in ReadFileEx | provenance | | | windows.cpp:90:6:90:15 | [summary param] *3 in ReadFileEx [hEvent] | windows.cpp:90:6:90:15 | [summary] read: Argument[*3].Field[hEvent] in ReadFileEx | provenance | | -| windows.cpp:90:6:90:15 | [summary] read: Argument[*3].Field[*hEvent] in ReadFileEx | windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2].Field[*hEvent] in ReadFileEx | provenance | MaD:345 | -| windows.cpp:90:6:90:15 | [summary] read: Argument[*3].Field[hEvent] in ReadFileEx | windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2].Field[hEvent] in ReadFileEx | provenance | MaD:345 | +| windows.cpp:90:6:90:15 | [summary] read: Argument[*3].Field[*hEvent] in ReadFileEx | windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2].Field[*hEvent] in ReadFileEx | provenance | MaD:19 | +| windows.cpp:90:6:90:15 | [summary] read: Argument[*3].Field[hEvent] in ReadFileEx | windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2].Field[hEvent] in ReadFileEx | provenance | MaD:19 | | windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2] in ReadFileEx [*hEvent] | windows.cpp:147:16:147:27 | *lpOverlapped [*hEvent] | provenance | | | windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2] in ReadFileEx [hEvent] | windows.cpp:157:16:157:27 | *lpOverlapped [hEvent] | provenance | | | windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2].Field[*hEvent] in ReadFileEx | windows.cpp:90:6:90:15 | [summary] to write: Argument[4].Parameter[*2] in ReadFileEx [*hEvent] | provenance | | @@ -67,36 +90,36 @@ edges | windows.cpp:159:12:159:55 | hEvent | windows.cpp:160:8:160:8 | c | provenance | | | windows.cpp:159:35:159:46 | *lpOverlapped [hEvent] | windows.cpp:159:12:159:55 | hEvent | provenance | | | windows.cpp:159:35:159:46 | *lpOverlapped [hEvent] | windows.cpp:159:12:159:55 | hEvent | provenance | | -| windows.cpp:168:35:168:40 | ReadFile output argument | windows.cpp:170:10:170:16 | * ... | provenance | Src:MaD:333 | -| windows.cpp:177:23:177:28 | ReadFileEx output argument | windows.cpp:179:10:179:16 | * ... | provenance | Src:MaD:334 | -| windows.cpp:189:21:189:26 | ReadFile output argument | windows.cpp:190:5:190:56 | *... = ... | provenance | Src:MaD:333 | +| windows.cpp:168:35:168:40 | ReadFile output argument | windows.cpp:170:10:170:16 | * ... | provenance | Src:MaD:14 | +| windows.cpp:177:23:177:28 | ReadFileEx output argument | windows.cpp:179:10:179:16 | * ... | provenance | Src:MaD:15 | +| windows.cpp:189:21:189:26 | ReadFile output argument | windows.cpp:190:5:190:56 | *... = ... | provenance | Src:MaD:14 | | windows.cpp:190:5:190:14 | *overlapped [post update] [*hEvent] | windows.cpp:192:53:192:63 | *& ... [*hEvent] | provenance | | | windows.cpp:190:5:190:56 | *... = ... | windows.cpp:190:5:190:14 | *overlapped [post update] [*hEvent] | provenance | | | windows.cpp:192:53:192:63 | *& ... [*hEvent] | windows.cpp:90:6:90:15 | [summary param] *3 in ReadFileEx [*hEvent] | provenance | | -| windows.cpp:198:21:198:26 | ReadFile output argument | windows.cpp:199:5:199:57 | ... = ... | provenance | Src:MaD:333 | +| windows.cpp:198:21:198:26 | ReadFile output argument | windows.cpp:199:5:199:57 | ... = ... | provenance | Src:MaD:14 | | windows.cpp:199:5:199:14 | *overlapped [post update] [hEvent] | windows.cpp:201:53:201:63 | *& ... [hEvent] | provenance | | | windows.cpp:199:5:199:57 | ... = ... | windows.cpp:199:5:199:14 | *overlapped [post update] [hEvent] | provenance | | | windows.cpp:201:53:201:63 | *& ... [hEvent] | windows.cpp:90:6:90:15 | [summary param] *3 in ReadFileEx [hEvent] | provenance | | -| windows.cpp:209:84:209:89 | NtReadFile output argument | windows.cpp:211:10:211:16 | * ... | provenance | Src:MaD:342 | -| windows.cpp:286:23:286:35 | *call to MapViewOfFile | windows.cpp:286:23:286:35 | *call to MapViewOfFile | provenance | Src:MaD:335 | +| windows.cpp:209:84:209:89 | NtReadFile output argument | windows.cpp:211:10:211:16 | * ... | provenance | Src:MaD:13 | +| windows.cpp:286:23:286:35 | *call to MapViewOfFile | windows.cpp:286:23:286:35 | *call to MapViewOfFile | provenance | Src:MaD:9 | | windows.cpp:286:23:286:35 | *call to MapViewOfFile | windows.cpp:287:20:287:52 | *pMapView | provenance | | | windows.cpp:287:20:287:52 | *pMapView | windows.cpp:289:10:289:16 | * ... | provenance | | -| windows.cpp:293:23:293:36 | *call to MapViewOfFile2 | windows.cpp:293:23:293:36 | *call to MapViewOfFile2 | provenance | Src:MaD:336 | +| windows.cpp:293:23:293:36 | *call to MapViewOfFile2 | windows.cpp:293:23:293:36 | *call to MapViewOfFile2 | provenance | Src:MaD:6 | | windows.cpp:293:23:293:36 | *call to MapViewOfFile2 | windows.cpp:294:20:294:52 | *pMapView | provenance | | | windows.cpp:294:20:294:52 | *pMapView | windows.cpp:296:10:296:16 | * ... | provenance | | -| windows.cpp:302:23:302:36 | *call to MapViewOfFile3 | windows.cpp:302:23:302:36 | *call to MapViewOfFile3 | provenance | Src:MaD:337 | +| windows.cpp:302:23:302:36 | *call to MapViewOfFile3 | windows.cpp:302:23:302:36 | *call to MapViewOfFile3 | provenance | Src:MaD:7 | | windows.cpp:302:23:302:36 | *call to MapViewOfFile3 | windows.cpp:303:20:303:52 | *pMapView | provenance | | | windows.cpp:303:20:303:52 | *pMapView | windows.cpp:305:10:305:16 | * ... | provenance | | -| windows.cpp:311:23:311:43 | *call to MapViewOfFile3FromApp | windows.cpp:311:23:311:43 | *call to MapViewOfFile3FromApp | provenance | Src:MaD:338 | +| windows.cpp:311:23:311:43 | *call to MapViewOfFile3FromApp | windows.cpp:311:23:311:43 | *call to MapViewOfFile3FromApp | provenance | Src:MaD:8 | | windows.cpp:311:23:311:43 | *call to MapViewOfFile3FromApp | windows.cpp:312:20:312:52 | *pMapView | provenance | | | windows.cpp:312:20:312:52 | *pMapView | windows.cpp:314:10:314:16 | * ... | provenance | | -| windows.cpp:318:23:318:37 | *call to MapViewOfFileEx | windows.cpp:318:23:318:37 | *call to MapViewOfFileEx | provenance | Src:MaD:339 | +| windows.cpp:318:23:318:37 | *call to MapViewOfFileEx | windows.cpp:318:23:318:37 | *call to MapViewOfFileEx | provenance | Src:MaD:10 | | windows.cpp:318:23:318:37 | *call to MapViewOfFileEx | windows.cpp:319:20:319:52 | *pMapView | provenance | | | windows.cpp:319:20:319:52 | *pMapView | windows.cpp:321:10:321:16 | * ... | provenance | | -| windows.cpp:325:23:325:42 | *call to MapViewOfFileFromApp | windows.cpp:325:23:325:42 | *call to MapViewOfFileFromApp | provenance | Src:MaD:340 | +| windows.cpp:325:23:325:42 | *call to MapViewOfFileFromApp | windows.cpp:325:23:325:42 | *call to MapViewOfFileFromApp | provenance | Src:MaD:11 | | windows.cpp:325:23:325:42 | *call to MapViewOfFileFromApp | windows.cpp:326:20:326:52 | *pMapView | provenance | | | windows.cpp:326:20:326:52 | *pMapView | windows.cpp:328:10:328:16 | * ... | provenance | | -| windows.cpp:332:23:332:40 | *call to MapViewOfFileNuma2 | windows.cpp:332:23:332:40 | *call to MapViewOfFileNuma2 | provenance | Src:MaD:341 | +| windows.cpp:332:23:332:40 | *call to MapViewOfFileNuma2 | windows.cpp:332:23:332:40 | *call to MapViewOfFileNuma2 | provenance | Src:MaD:12 | | windows.cpp:332:23:332:40 | *call to MapViewOfFileNuma2 | windows.cpp:333:20:333:52 | *pMapView | provenance | | | windows.cpp:333:20:333:52 | *pMapView | windows.cpp:335:10:335:16 | * ... | provenance | | nodes @@ -222,3 +245,4 @@ subpaths | test.cpp:25:35:25:35 | x | test.cpp:6:5:6:27 | [summary param] 0 in ymlStepManual_with_body | test.cpp:6:5:6:27 | [summary] to write: ReturnValue in ymlStepManual_with_body | test.cpp:25:11:25:33 | call to ymlStepManual_with_body | | test.cpp:32:41:32:41 | x | test.cpp:7:47:7:52 | value2 | test.cpp:7:5:7:30 | *ymlStepGenerated_with_body | test.cpp:32:11:32:36 | call to ymlStepGenerated_with_body | | windows.cpp:27:36:27:38 | *cmd | windows.cpp:17:8:17:25 | [summary param] *0 in CommandLineToArgvA | windows.cpp:17:8:17:25 | [summary] to write: ReturnValue[**] in CommandLineToArgvA | windows.cpp:27:17:27:34 | **call to CommandLineToArgvA | +testFailures diff --git a/cpp/ql/test/library-tests/dataflow/external-models/flow.ql b/cpp/ql/test/library-tests/dataflow/external-models/flow.ql index 7d41597c3b8..8419248c70d 100644 --- a/cpp/ql/test/library-tests/dataflow/external-models/flow.ql +++ b/cpp/ql/test/library-tests/dataflow/external-models/flow.ql @@ -1,7 +1,7 @@ import utils.test.dataflow.FlowTestCommon import cpp import semmle.code.cpp.security.FlowSources -import IRTest::IRFlow::PathGraph +import codeql.dataflow.test.ProvenancePathGraph module IRTest { private import semmle.code.cpp.ir.IR @@ -33,3 +33,4 @@ module IRTest { } import MakeTest> +import ShowProvenance diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-089/SqlTainted/SqlTainted.expected b/cpp/ql/test/query-tests/Security/CWE/CWE-089/SqlTainted/SqlTainted.expected index 7883e1ee5ae..df780acdd8d 100644 --- a/cpp/ql/test/query-tests/Security/CWE/CWE-089/SqlTainted/SqlTainted.expected +++ b/cpp/ql/test/query-tests/Security/CWE/CWE-089/SqlTainted/SqlTainted.expected @@ -1,3 +1,11 @@ +#select +| test.c:21:18:21:23 | query1 | test.c:14:27:14:30 | **argv | test.c:21:18:21:23 | *query1 | This argument to a SQL query function is derived from $@ and then passed to mysql_query(sqlArg). | test.c:14:27:14:30 | **argv | user input (a command-line argument) | +| test.c:51:18:51:23 | query1 | test.c:14:27:14:30 | **argv | test.c:51:18:51:23 | *query1 | This argument to a SQL query function is derived from $@ and then passed to mysql_query(sqlArg). | test.c:14:27:14:30 | **argv | user input (a command-line argument) | +| test.c:76:17:76:25 | userInput | test.c:75:8:75:16 | gets output argument | test.c:76:17:76:25 | *userInput | This argument to a SQL query function is derived from $@ and then passed to SQLPrepare(StatementText). | test.c:75:8:75:16 | gets output argument | user input (string read by gets) | +| test.c:77:20:77:28 | userInput | test.c:75:8:75:16 | gets output argument | test.c:77:20:77:28 | *userInput | This argument to a SQL query function is derived from $@ and then passed to SQLExecDirect(StatementText). | test.c:75:8:75:16 | gets output argument | user input (string read by gets) | +| test.c:106:24:106:29 | query1 | test.c:101:8:101:16 | gets output argument | test.c:106:24:106:29 | *query1 | This argument to a SQL query function is derived from $@. | test.c:101:8:101:16 | gets output argument | user input (string read by gets) | +| test.c:107:28:107:33 | query1 | test.c:101:8:101:16 | gets output argument | test.c:107:28:107:33 | *query1 | This argument to a SQL query function is derived from $@. | test.c:101:8:101:16 | gets output argument | user input (string read by gets) | +| test.cpp:43:27:43:33 | access to array | test.cpp:39:27:39:30 | **argv | test.cpp:43:27:43:33 | *access to array | This argument to a SQL query function is derived from $@ and then passed to pqxx::work::exec1((unnamed parameter 0)). | test.cpp:39:27:39:30 | **argv | user input (a command-line argument) | edges | test.c:14:27:14:30 | **argv | test.c:15:20:15:26 | *access to array | provenance | | | test.c:15:20:15:26 | *access to array | test.c:21:18:21:23 | *query1 | provenance | TaintFunction | @@ -9,9 +17,12 @@ edges | test.c:48:20:48:33 | *globalUsername | test.c:51:18:51:23 | *query1 | provenance | TaintFunction | | test.c:75:8:75:16 | gets output argument | test.c:76:17:76:25 | *userInput | provenance | | | test.c:75:8:75:16 | gets output argument | test.c:77:20:77:28 | *userInput | provenance | | -| test.c:101:8:101:16 | gets output argument | test.c:106:24:106:29 | *query1 | provenance | TaintFunction Sink:MaD:325 | -| test.c:101:8:101:16 | gets output argument | test.c:107:28:107:33 | *query1 | provenance | TaintFunction Sink:MaD:326 | +| test.c:101:8:101:16 | gets output argument | test.c:106:24:106:29 | *query1 | provenance | TaintFunction Sink:MaD:2 | +| test.c:101:8:101:16 | gets output argument | test.c:107:28:107:33 | *query1 | provenance | TaintFunction Sink:MaD:1 | | test.cpp:39:27:39:30 | **argv | test.cpp:43:27:43:33 | *access to array | provenance | | +models +| 1 | Sink: ; ; false; OCIStmtPrepare2; ; ; Argument[*3]; sql-injection; manual | +| 2 | Sink: ; ; false; OCIStmtPrepare; ; ; Argument[*2]; sql-injection; manual | nodes | test.c:14:27:14:30 | **argv | semmle.label | **argv | | test.c:15:20:15:26 | *access to array | semmle.label | *access to array | @@ -31,11 +42,3 @@ nodes | test.cpp:39:27:39:30 | **argv | semmle.label | **argv | | test.cpp:43:27:43:33 | *access to array | semmle.label | *access to array | subpaths -#select -| test.c:21:18:21:23 | query1 | test.c:14:27:14:30 | **argv | test.c:21:18:21:23 | *query1 | This argument to a SQL query function is derived from $@ and then passed to mysql_query(sqlArg). | test.c:14:27:14:30 | **argv | user input (a command-line argument) | -| test.c:51:18:51:23 | query1 | test.c:14:27:14:30 | **argv | test.c:51:18:51:23 | *query1 | This argument to a SQL query function is derived from $@ and then passed to mysql_query(sqlArg). | test.c:14:27:14:30 | **argv | user input (a command-line argument) | -| test.c:76:17:76:25 | userInput | test.c:75:8:75:16 | gets output argument | test.c:76:17:76:25 | *userInput | This argument to a SQL query function is derived from $@ and then passed to SQLPrepare(StatementText). | test.c:75:8:75:16 | gets output argument | user input (string read by gets) | -| test.c:77:20:77:28 | userInput | test.c:75:8:75:16 | gets output argument | test.c:77:20:77:28 | *userInput | This argument to a SQL query function is derived from $@ and then passed to SQLExecDirect(StatementText). | test.c:75:8:75:16 | gets output argument | user input (string read by gets) | -| test.c:106:24:106:29 | query1 | test.c:101:8:101:16 | gets output argument | test.c:106:24:106:29 | *query1 | This argument to a SQL query function is derived from $@. | test.c:101:8:101:16 | gets output argument | user input (string read by gets) | -| test.c:107:28:107:33 | query1 | test.c:101:8:101:16 | gets output argument | test.c:107:28:107:33 | *query1 | This argument to a SQL query function is derived from $@. | test.c:101:8:101:16 | gets output argument | user input (string read by gets) | -| test.cpp:43:27:43:33 | access to array | test.cpp:39:27:39:30 | **argv | test.cpp:43:27:43:33 | *access to array | This argument to a SQL query function is derived from $@ and then passed to pqxx::work::exec1((unnamed parameter 0)). | test.cpp:39:27:39:30 | **argv | user input (a command-line argument) | diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-089/SqlTainted/SqlTainted.qlref b/cpp/ql/test/query-tests/Security/CWE/CWE-089/SqlTainted/SqlTainted.qlref index 21a12e5eadd..0519b7976c3 100644 --- a/cpp/ql/test/query-tests/Security/CWE/CWE-089/SqlTainted/SqlTainted.qlref +++ b/cpp/ql/test/query-tests/Security/CWE/CWE-089/SqlTainted/SqlTainted.qlref @@ -1 +1,5 @@ -Security/CWE/CWE-089/SqlTainted.ql +query: Security/CWE/CWE-089/SqlTainted.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql + \ No newline at end of file diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-089/SqlTainted/test.c b/cpp/ql/test/query-tests/Security/CWE/CWE-089/SqlTainted/test.c index ad0fc710f40..11766347306 100644 --- a/cpp/ql/test/query-tests/Security/CWE/CWE-089/SqlTainted/test.c +++ b/cpp/ql/test/query-tests/Security/CWE/CWE-089/SqlTainted/test.c @@ -11,14 +11,14 @@ int atoi(const char *nptr); void exit(int i); ///// Test code ///// -int main(int argc, char** argv) { +int main(int argc, char** argv) { // $ Source char *userName = argv[2]; int userNumber = atoi(argv[3]); // a string from the user is injected directly into an SQL query. char query1[1000] = {0}; snprintf(query1, 1000, "SELECT UID FROM USERS where name = \"%s\"", userName); - mysql_query(0, query1); // BAD + mysql_query(0, query1); // $ Alert // the user string is encoded by a library routine. char userNameSanitized[1000] = {0}; @@ -48,7 +48,7 @@ void badFunc() { char *userName = globalUsername; char query1[1000] = {0}; snprintf(query1, 1000, "SELECT UID FROM USERS where name = \"%s\"", userName); - mysql_query(0, query1); // BAD + mysql_query(0, query1); // $ Alert } //ODBC Library Rountines @@ -72,9 +72,9 @@ SQLRETURN SQLPrepare( void ODBCTests(){ char userInput[100]; - gets(userInput); - SQLPrepare(0, userInput, 100); // BAD - SQLExecDirect(0, userInput, 100); // BAD + gets(userInput); // $ Source + SQLPrepare(0, userInput, 100); // $ Alert + SQLExecDirect(0, userInput, 100); // $ Alert } // Oracle Call Interface (OCI) Routines @@ -98,13 +98,13 @@ int OCIStmtPrepare2( void OCITests(){ char userInput[100]; - gets(userInput); + gets(userInput); // $ Source // a string from the user is injected directly into an SQL query. char query1[1000] = {0}; snprintf(query1, 1000, "SELECT UID FROM USERS where name = \"%s\"", userInput); - OCIStmtPrepare(0, 0, query1, 0, 0, 0); // BAD - OCIStmtPrepare2(0, 0, 0, query1, 0, 0, 0, 0, 0); // BAD + OCIStmtPrepare(0, 0, query1, 0, 0, 0); // $ Alert + OCIStmtPrepare2(0, 0, 0, query1, 0, 0, 0, 0, 0); // $ Alert // an integer from the user is injected into an SQL query. int userNumber = atoi(userInput); diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-089/SqlTainted/test.cpp b/cpp/ql/test/query-tests/Security/CWE/CWE-089/SqlTainted/test.cpp index 8bdf7dded23..9dc7aed970e 100644 --- a/cpp/ql/test/query-tests/Security/CWE/CWE-089/SqlTainted/test.cpp +++ b/cpp/ql/test/query-tests/Security/CWE/CWE-089/SqlTainted/test.cpp @@ -36,11 +36,11 @@ namespace pqxx { }; } -int main(int argc, char** argv) { +int main(int argc, char** argv) { // $ Source pqxx::connection c; pqxx::work w(c); - pqxx::row r = w.exec1(argv[1]); // BAD + pqxx::row r = w.exec1(argv[1]); // $ Alert pqxx::result r2 = w.exec(w.quote(argv[1])); // GOOD From 2863c7094a7369d90cfb0c0f43d9a39deda98fcf Mon Sep 17 00:00:00 2001 From: Kasper Svendsen Date: Fri, 27 Jun 2025 08:54:05 +0200 Subject: [PATCH 098/111] Overlay: Add overlay annotation to shared lib --- shared/quantum/codeql/quantum/experimental/Standardization.qll | 3 +++ 1 file changed, 3 insertions(+) diff --git a/shared/quantum/codeql/quantum/experimental/Standardization.qll b/shared/quantum/codeql/quantum/experimental/Standardization.qll index 962f6458b39..29c5b58d343 100644 --- a/shared/quantum/codeql/quantum/experimental/Standardization.qll +++ b/shared/quantum/codeql/quantum/experimental/Standardization.qll @@ -1,3 +1,6 @@ +overlay[local?] +module; + /** * The `KeyOpAlg` module defines key operation algorithms types (e.g., symmetric ciphers, signatures, etc.) * and provides mapping of those types to string names and structural properties. From c88049a9f49daa8db6d818a8973b2a84b6146b03 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Fri, 27 Jun 2025 09:06:08 +0200 Subject: [PATCH 099/111] Create copilot-instructions.md --- .github/copilot-instructions.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 .github/copilot-instructions.md diff --git a/.github/copilot-instructions.md b/.github/copilot-instructions.md new file mode 100644 index 00000000000..6621d59b7c2 --- /dev/null +++ b/.github/copilot-instructions.md @@ -0,0 +1,4 @@ +When reviewing code: +* do not review changes in files with `.expected` extension (they are automatically ensured to be correct). +* in `.ql` and `.qll` files, do not try to review the code itself as you don't understand the programming language + well enough to make comments in these languages. You can still check for typos or comment improvements. From 5096ce405fba71c375a8c2de3812324b1d016d39 Mon Sep 17 00:00:00 2001 From: Kasper Svendsen Date: Fri, 27 Jun 2025 10:50:28 +0200 Subject: [PATCH 100/111] Overlay: Add missing overlay[caller?] annotation --- java/ql/lib/semmle/code/java/controlflow/Guards.qll | 1 + 1 file changed, 1 insertion(+) diff --git a/java/ql/lib/semmle/code/java/controlflow/Guards.qll b/java/ql/lib/semmle/code/java/controlflow/Guards.qll index 18014c52f2e..8cead5b666b 100644 --- a/java/ql/lib/semmle/code/java/controlflow/Guards.qll +++ b/java/ql/lib/semmle/code/java/controlflow/Guards.qll @@ -440,6 +440,7 @@ private module CustomGuardInput implements Guards_v2::CustomGuardInputSig { } /** Holds if arguments at position `apos` match parameters at position `ppos`. */ + overlay[caller?] pragma[inline] predicate parameterMatch(ParameterPosition ppos, ArgumentPosition apos) { ppos = apos } From 3e31cd3ce5a19f42250f0d48005bf6e6bb63b5fb Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Fri, 27 Jun 2025 12:59:54 +0200 Subject: [PATCH 101/111] C++: Sync the product-flow field flow branch limits with the default one --- .../cpp/ir/dataflow/internal/ProductFlow.qll | 21 +++++-------------- 1 file changed, 5 insertions(+), 16 deletions(-) diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/ProductFlow.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/ProductFlow.qll index 354b453afdb..e804957190a 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/ProductFlow.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/ProductFlow.qll @@ -16,6 +16,7 @@ import semmle.code.cpp.dataflow.new.DataFlow private import DataFlowPrivate private import DataFlowUtil private import DataFlowImplCommon +private import DataFlowImplSpecific private import codeql.util.Unit /** @@ -95,10 +96,7 @@ module ProductFlow { * This can be overridden to a smaller value to improve performance (a * value of 0 disables field flow), or a larger value to get more results. */ - default int fieldFlowBranchLimit1() { - // NOTE: This should be synchronized with the default value in the shared dataflow library - result = 2 - } + default int fieldFlowBranchLimit1() { result = CppDataFlow::defaultFieldFlowBranchLimit() } /** * Gets the virtual dispatch branching limit when calculating field flow in the second @@ -107,10 +105,7 @@ module ProductFlow { * This can be overridden to a smaller value to improve performance (a * value of 0 disables field flow), or a larger value to get more results. */ - default int fieldFlowBranchLimit2() { - // NOTE: This should be synchronized with the default value in the shared dataflow library - result = 2 - } + default int fieldFlowBranchLimit2() { result = CppDataFlow::defaultFieldFlowBranchLimit() } } /** @@ -304,10 +299,7 @@ module ProductFlow { * This can be overridden to a smaller value to improve performance (a * value of 0 disables field flow), or a larger value to get more results. */ - default int fieldFlowBranchLimit1() { - // NOTE: This should be synchronized with the default value in the shared dataflow library - result = 2 - } + default int fieldFlowBranchLimit1() { result = CppDataFlow::defaultFieldFlowBranchLimit() } /** * Gets the virtual dispatch branching limit when calculating field flow in the second @@ -316,10 +308,7 @@ module ProductFlow { * This can be overridden to a smaller value to improve performance (a * value of 0 disables field flow), or a larger value to get more results. */ - default int fieldFlowBranchLimit2() { - // NOTE: This should be synchronized with the default value in the shared dataflow library - result = 2 - } + default int fieldFlowBranchLimit2() { result = CppDataFlow::defaultFieldFlowBranchLimit() } } /** From 122a0048510286f59c9cf7db36f3eead7e51ad71 Mon Sep 17 00:00:00 2001 From: Ben Rodes Date: Fri, 27 Jun 2025 08:28:05 -0400 Subject: [PATCH 102/111] Update cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/MACAlgorithmInstance.qll Co-authored-by: Nicolas Will --- .../quantum/OpenSSL/AlgorithmInstances/MACAlgorithmInstance.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/MACAlgorithmInstance.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/MACAlgorithmInstance.qll index 3e046cf6b72..97b183b7e7d 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/MACAlgorithmInstance.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/AlgorithmInstances/MACAlgorithmInstance.qll @@ -54,7 +54,7 @@ class KnownOpenSslHMacConstantAlgorithmInstance extends Crypto::HmacAlgorithmIns then // ASSUMPTION: if there is an explicit hash algorithm, it is already modeled // and we can simply grab that model's AVC - exists(OpenSslAlgorithmInstance inst | inst.getAvc() = result and inst = this) + this.(OpenSslAlgorithmInstance).getAvc() = result else // ASSUMPTION: If no explicit algorithm is given, then find // where the current AVC traces to a HashAlgorithmIO consuming operation step. From 9f0c62b5728c14b50ee747f5d02f370c92975227 Mon Sep 17 00:00:00 2001 From: "REDMOND\\brodes" Date: Fri, 27 Jun 2025 08:33:01 -0400 Subject: [PATCH 103/111] Crypto: Address PR comments. --- .../OpenSSL/Operations/CipherOperation.qll | 14 +++-- .../OpenSSL/Operations/HashOperation.qll | 58 +++++++++---------- 2 files changed, 35 insertions(+), 37 deletions(-) diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/CipherOperation.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/CipherOperation.qll index 96af476117b..44e30ddf9fc 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/CipherOperation.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/CipherOperation.qll @@ -12,9 +12,10 @@ abstract class EvpCipherInitializer extends OperationStep { or result.asExpr() = this.getArgument(1) and type = PrimaryAlgorithmIO() and - // Null for the algorithm indicates the algorithm is not actually set - // This pattern can occur during a multi-step initialization - // TODO/Note: not flowing 0 to the sink, assuming a direct use of NULL for now + // Constants that are not equal to zero or + // non-constants (e.g., variable accesses, which require data-flow to determine the value) + // A zero (null) value typically indicates use of this operation step to initialize + // other out parameters in a multi-step initialization. (exists(result.asExpr().getValue()) implies result.asExpr().getValue().toInt() != 0) } @@ -33,9 +34,10 @@ abstract class EvpEXInitializer extends EvpCipherInitializer { result = super.getInput(type) or ( - // Null key or nonce indicates the key/nonce is not actually set - // This pattern can occur during a multi-step initialization - // TODO/Note: not flowing 0 to the sink, assuming a direct use of NULL for now + // Constants that are not equal to zero or + // non-constants (e.g., variable accesses, which require data-flow to determine the value) + // A zero (null) value typically indicates use of this operation step to initialize + // other out parameters in a multi-step initialization. result.asExpr() = this.getArgument(3) and type = KeyIO() or result.asExpr() = this.getArgument(4) and type = IVorNonceIO() diff --git a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/HashOperation.qll b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/HashOperation.qll index f4f4c5a3edc..1878bfbe09f 100644 --- a/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/HashOperation.qll +++ b/cpp/ql/lib/experimental/quantum/OpenSSL/Operations/HashOperation.qll @@ -12,21 +12,19 @@ private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgor * - `EVP_DigestInit_ex` * - `EVP_DigestInit_ex2` */ -class EvpDigestInitVariantCalls extends OperationStep { +class EvpDigestInitVariantCalls extends OperationStep instanceof Call { EvpDigestInitVariantCalls() { - this.(Call).getTarget().getName() in [ - "EVP_DigestInit", "EVP_DigestInit_ex", "EVP_DigestInit_ex2" - ] + this.getTarget().getName() in ["EVP_DigestInit", "EVP_DigestInit_ex", "EVP_DigestInit_ex2"] } override DataFlow::Node getInput(IOType type) { - result.asExpr() = this.(Call).getArgument(0) and type = ContextIO() + result.asExpr() = this.getArgument(0) and type = ContextIO() or - result.asExpr() = this.(Call).getArgument(1) and type = PrimaryAlgorithmIO() + result.asExpr() = this.getArgument(1) and type = PrimaryAlgorithmIO() } override DataFlow::Node getOutput(IOType type) { - result.asExpr() = this.(Call).getArgument(0) and + result.asExpr() = this.getArgument(0) and type = ContextIO() } @@ -36,17 +34,17 @@ class EvpDigestInitVariantCalls extends OperationStep { /** * A call to `EVP_DigestUpdate`. */ -class EvpDigestUpdateCall extends OperationStep { - EvpDigestUpdateCall() { this.(Call).getTarget().getName() = "EVP_DigestUpdate" } +class EvpDigestUpdateCall extends OperationStep instanceof Call { + EvpDigestUpdateCall() { this.getTarget().getName() = "EVP_DigestUpdate" } override DataFlow::Node getInput(IOType type) { - result.asExpr() = this.(Call).getArgument(0) and type = ContextIO() + result.asExpr() = this.getArgument(0) and type = ContextIO() or - result.asExpr() = this.(Call).getArgument(1) and type = PlaintextIO() + result.asExpr() = this.getArgument(1) and type = PlaintextIO() } override DataFlow::Node getOutput(IOType type) { - result.asExpr() = this.(Call).getArgument(0) and + result.asExpr() = this.getArgument(0) and type = ContextIO() } @@ -64,58 +62,56 @@ abstract class EvpFinalDigestOperationStep extends OperationStep { * A call to `EVP_Q_digest` * https://docs.openssl.org/3.0/man3/EVP_DigestInit/#synopsis */ -class EvpQDigestOperation extends EvpFinalDigestOperationStep { - EvpQDigestOperation() { this.(Call).getTarget().getName() = "EVP_Q_digest" } +class EvpQDigestOperation extends EvpFinalDigestOperationStep instanceof Call { + EvpQDigestOperation() { this.getTarget().getName() = "EVP_Q_digest" } override DataFlow::Node getInput(IOType type) { - result.asExpr() = this.(Call).getArgument(1) and type = PrimaryAlgorithmIO() + result.asExpr() = this.getArgument(1) and type = PrimaryAlgorithmIO() or - result.asExpr() = this.(Call).getArgument(0) and type = ContextIO() + result.asExpr() = this.getArgument(0) and type = ContextIO() or - result.asExpr() = this.(Call).getArgument(3) and type = PlaintextIO() + result.asExpr() = this.getArgument(3) and type = PlaintextIO() } override DataFlow::Node getOutput(IOType type) { - result.asExpr() = this.(Call).getArgument(0) and + result.asExpr() = this.getArgument(0) and type = ContextIO() or - result.asDefiningArgument() = this.(Call).getArgument(5) and type = DigestIO() + result.asDefiningArgument() = this.getArgument(5) and type = DigestIO() } } -class EvpDigestOperation extends EvpFinalDigestOperationStep { - EvpDigestOperation() { this.(Call).getTarget().getName() = "EVP_Digest" } +class EvpDigestOperation extends EvpFinalDigestOperationStep instanceof Call { + EvpDigestOperation() { this.getTarget().getName() = "EVP_Digest" } override DataFlow::Node getInput(IOType type) { - result.asExpr() = this.(Call).getArgument(4) and type = PrimaryAlgorithmIO() + result.asExpr() = this.getArgument(4) and type = PrimaryAlgorithmIO() or - result.asExpr() = this.(Call).getArgument(0) and type = PlaintextIO() + result.asExpr() = this.getArgument(0) and type = PlaintextIO() } override DataFlow::Node getOutput(IOType type) { - result.asDefiningArgument() = this.(Call).getArgument(2) and type = DigestIO() + result.asDefiningArgument() = this.getArgument(2) and type = DigestIO() } } /** * A call to EVP_DigestFinal variants */ -class EvpDigestFinalCall extends EvpFinalDigestOperationStep { +class EvpDigestFinalCall extends EvpFinalDigestOperationStep instanceof Call { EvpDigestFinalCall() { - this.(Call).getTarget().getName() in [ - "EVP_DigestFinal", "EVP_DigestFinal_ex", "EVP_DigestFinalXOF" - ] + this.getTarget().getName() in ["EVP_DigestFinal", "EVP_DigestFinal_ex", "EVP_DigestFinalXOF"] } override DataFlow::Node getInput(IOType type) { - result.asExpr() = this.(Call).getArgument(0) and type = ContextIO() + result.asExpr() = this.getArgument(0) and type = ContextIO() } override DataFlow::Node getOutput(IOType type) { - result.asExpr() = this.(Call).getArgument(0) and + result.asExpr() = this.getArgument(0) and type = ContextIO() or - result.asDefiningArgument() = this.(Call).getArgument(1) and type = DigestIO() + result.asDefiningArgument() = this.getArgument(1) and type = DigestIO() } } From b4caba7c0edff36191b76b9e0a8f7f62bd96ca9b Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Wed, 25 Sep 2024 13:40:27 +0200 Subject: [PATCH 104/111] C++: Merge the location tables --- cpp/ql/lib/experimental/quantum/Language.qll | 2 +- cpp/ql/lib/semmle/code/cpp/Function.qll | 2 +- cpp/ql/lib/semmle/code/cpp/Location.qll | 26 +++--- cpp/ql/lib/semmle/code/cpp/Macro.qll | 3 +- cpp/ql/lib/semmle/code/cpp/Namespace.qll | 2 +- cpp/ql/lib/semmle/code/cpp/Specifier.qll | 2 +- .../lib/semmle/code/cpp/TemplateParameter.qll | 2 +- cpp/ql/lib/semmle/code/cpp/Type.qll | 2 +- cpp/ql/lib/semmle/code/cpp/exprs/Expr.qll | 4 +- .../ir/dataflow/internal/DataFlowPrivate.qll | 4 +- .../cpp/ir/dataflow/internal/DataFlowUtil.qll | 10 +-- .../cpp/ir/dataflow/internal/SsaInternals.qll | 2 +- .../aliased_ssa/IRConsistency.qll | 2 +- .../aliased_ssa/gvn/ValueNumbering.qll | 2 +- .../ir/implementation/raw/IRConsistency.qll | 2 +- .../implementation/raw/gvn/ValueNumbering.qll | 2 +- .../unaliased_ssa/IRConsistency.qll | 2 +- .../unaliased_ssa/gvn/ValueNumbering.qll | 2 +- .../cpp/ir/internal/ASTValueNumbering.qll | 2 +- .../code/cpp/ir/internal/IRCppLanguage.qll | 2 - .../cpp/rangeanalysis/new/RangeAnalysis.qll | 2 +- .../new/internal/semantic/analysis/Bound.qll | 2 +- cpp/ql/lib/semmlecode.cpp.dbscheme | 82 ++++++------------- .../src/jsf/4.07 Header Files/AV Rule 35.ql | 2 +- .../rangeanalysis/RangeAnalysis.ql | 2 +- .../includes/includes/locations.expected | 2 - 26 files changed, 66 insertions(+), 103 deletions(-) diff --git a/cpp/ql/lib/experimental/quantum/Language.qll b/cpp/ql/lib/experimental/quantum/Language.qll index 168c25cdfaa..ac446b092c4 100644 --- a/cpp/ql/lib/experimental/quantum/Language.qll +++ b/cpp/ql/lib/experimental/quantum/Language.qll @@ -8,7 +8,7 @@ module CryptoInput implements InputSig { class LocatableElement = Language::Locatable; - class UnknownLocation = Language::UnknownDefaultLocation; + class UnknownLocation = Language::UnknownLocation; LocatableElement dfn_to_element(DataFlow::Node node) { result = node.asExpr() or diff --git a/cpp/ql/lib/semmle/code/cpp/Function.qll b/cpp/ql/lib/semmle/code/cpp/Function.qll index cb3b00b64ad..a4d0cff2c37 100644 --- a/cpp/ql/lib/semmle/code/cpp/Function.qll +++ b/cpp/ql/lib/semmle/code/cpp/Function.qll @@ -901,7 +901,7 @@ class BuiltInFunction extends Function { /** Gets a dummy location for the built-in function. */ override Location getLocation() { suppressUnusedThis(this) and - result instanceof UnknownDefaultLocation + result instanceof UnknownLocation } } diff --git a/cpp/ql/lib/semmle/code/cpp/Location.qll b/cpp/ql/lib/semmle/code/cpp/Location.qll index c7579f5710a..1af519b6698 100644 --- a/cpp/ql/lib/semmle/code/cpp/Location.qll +++ b/cpp/ql/lib/semmle/code/cpp/Location.qll @@ -53,9 +53,7 @@ class Location extends @location { predicate fullLocationInfo( Container container, int startline, int startcolumn, int endline, int endcolumn ) { - locations_default(this, unresolveElement(container), startline, startcolumn, endline, endcolumn) or - locations_expr(this, unresolveElement(container), startline, startcolumn, endline, endcolumn) or - locations_stmt(this, unresolveElement(container), startline, startcolumn, endline, endcolumn) + locations_default(this, unresolveElement(container), startline, startcolumn, endline, endcolumn) } /** @@ -146,30 +144,32 @@ class Locatable extends Element { } * expressions, one for statements and one for other program elements. */ class UnknownLocation extends Location { - UnknownLocation() { this.getFile().getAbsolutePath() = "" } + UnknownLocation() { + this.getFile().getAbsolutePath() = "" and locations_default(this, _, 0, 0, 0, 0) + } } /** * A dummy location which is used when something doesn't have a location in * the source code but needs to have a `Location` associated with it. + * + * DEPRECATED: use `UnknownLocation` */ -class UnknownDefaultLocation extends UnknownLocation { - UnknownDefaultLocation() { locations_default(this, _, 0, 0, 0, 0) } -} +deprecated class UnknownDefaultLocation extends UnknownLocation { } /** * A dummy location which is used when an expression doesn't have a * location in the source code but needs to have a `Location` associated * with it. + * + * DEPRECATED: use `UnknownLocation` */ -class UnknownExprLocation extends UnknownLocation { - UnknownExprLocation() { locations_expr(this, _, 0, 0, 0, 0) } -} +deprecated class UnknownExprLocation extends UnknownLocation { } /** * A dummy location which is used when a statement doesn't have a location * in the source code but needs to have a `Location` associated with it. + * + * DEPRECATED: use `UnknownLocation` */ -class UnknownStmtLocation extends UnknownLocation { - UnknownStmtLocation() { locations_stmt(this, _, 0, 0, 0, 0) } -} +deprecated class UnknownStmtLocation extends UnknownLocation { } diff --git a/cpp/ql/lib/semmle/code/cpp/Macro.qll b/cpp/ql/lib/semmle/code/cpp/Macro.qll index bd916d4bc4e..515ea9380a7 100644 --- a/cpp/ql/lib/semmle/code/cpp/Macro.qll +++ b/cpp/ql/lib/semmle/code/cpp/Macro.qll @@ -259,7 +259,8 @@ predicate inMacroExpansion(Locatable element) { inmacroexpansion(unresolveElement(element), _) or macroLocation(element.getLocation()) and - not topLevelMacroAccess(element) + not topLevelMacroAccess(element) and + not element.getLocation() instanceof UnknownLocation } /** diff --git a/cpp/ql/lib/semmle/code/cpp/Namespace.qll b/cpp/ql/lib/semmle/code/cpp/Namespace.qll index b63beef3f4a..b545f938197 100644 --- a/cpp/ql/lib/semmle/code/cpp/Namespace.qll +++ b/cpp/ql/lib/semmle/code/cpp/Namespace.qll @@ -40,7 +40,7 @@ class Namespace extends NameQualifyingElement, @namespace { override Location getLocation() { if strictcount(this.getADeclarationEntry()) = 1 then result = this.getADeclarationEntry().getLocation() - else result instanceof UnknownDefaultLocation + else result instanceof UnknownLocation } /** Gets the simple name of this namespace. */ diff --git a/cpp/ql/lib/semmle/code/cpp/Specifier.qll b/cpp/ql/lib/semmle/code/cpp/Specifier.qll index 28ba2195656..f7af9501fb2 100644 --- a/cpp/ql/lib/semmle/code/cpp/Specifier.qll +++ b/cpp/ql/lib/semmle/code/cpp/Specifier.qll @@ -13,7 +13,7 @@ class Specifier extends Element, @specifier { /** Gets a dummy location for the specifier. */ override Location getLocation() { exists(this) and - result instanceof UnknownDefaultLocation + result instanceof UnknownLocation } override string getAPrimaryQlClass() { result = "Specifier" } diff --git a/cpp/ql/lib/semmle/code/cpp/TemplateParameter.qll b/cpp/ql/lib/semmle/code/cpp/TemplateParameter.qll index e4efb4e4636..6ece9cb82a4 100644 --- a/cpp/ql/lib/semmle/code/cpp/TemplateParameter.qll +++ b/cpp/ql/lib/semmle/code/cpp/TemplateParameter.qll @@ -105,7 +105,7 @@ class AutoType extends TypeTemplateParameter { override string getAPrimaryQlClass() { result = "AutoType" } - override Location getLocation() { result instanceof UnknownDefaultLocation } + override Location getLocation() { result instanceof UnknownLocation } } /** diff --git a/cpp/ql/lib/semmle/code/cpp/Type.qll b/cpp/ql/lib/semmle/code/cpp/Type.qll index 0256349972b..35b56882d7b 100644 --- a/cpp/ql/lib/semmle/code/cpp/Type.qll +++ b/cpp/ql/lib/semmle/code/cpp/Type.qll @@ -290,7 +290,7 @@ class Type extends Locatable, @type { */ Type stripType() { result = this } - override Location getLocation() { result instanceof UnknownDefaultLocation } + override Location getLocation() { result instanceof UnknownLocation } } /** diff --git a/cpp/ql/lib/semmle/code/cpp/exprs/Expr.qll b/cpp/ql/lib/semmle/code/cpp/exprs/Expr.qll index 2b9fb2649d5..60e2635f338 100644 --- a/cpp/ql/lib/semmle/code/cpp/exprs/Expr.qll +++ b/cpp/ql/lib/semmle/code/cpp/exprs/Expr.qll @@ -91,13 +91,13 @@ class Expr extends StmtParent, @expr { */ private Location getExprLocationOverride() { // Base case: the parent has a better location than `this`. - this.getDbLocation() instanceof UnknownExprLocation and + this.getDbLocation() instanceof UnknownLocation and result = this.getParent().(Expr).getDbLocation() and not result instanceof UnknownLocation or // Recursive case: the parent has a location override that's better than // what `this` has. - this.getDbLocation() instanceof UnknownExprLocation and + this.getDbLocation() instanceof UnknownLocation and result = this.getParent().(Expr).getExprLocationOverride() and not result instanceof UnknownLocation } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll index 39cc58d54b0..d776985720a 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll @@ -182,7 +182,7 @@ abstract class InstructionNode0 extends Node0Impl { override Location getLocationImpl() { if exists(instr.getAst().getLocation()) then result = instr.getAst().getLocation() - else result instanceof UnknownDefaultLocation + else result instanceof UnknownLocation } final override predicate isGLValue() { exists(getInstructionType(instr, true)) } @@ -227,7 +227,7 @@ abstract class OperandNode0 extends Node0Impl { override Location getLocationImpl() { if exists(op.getDef().getAst().getLocation()) then result = op.getDef().getAst().getLocation() - else result instanceof UnknownDefaultLocation + else result instanceof UnknownLocation } final override predicate isGLValue() { exists(getOperandType(op, true)) } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll index ab6a9da6d85..c72614ac5c3 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll @@ -847,7 +847,7 @@ class BodyLessParameterNodeImpl extends Node, TBodyLessParameterNodeImpl { result = unique( | | p.getLocation()) or count(p.getLocation()) != 1 and - result instanceof UnknownDefaultLocation + result instanceof UnknownLocation } final override string toStringImpl() { @@ -1115,7 +1115,7 @@ private module RawIndirectNodes { final override Location getLocationImpl() { if exists(this.getOperand().getLocation()) then result = this.getOperand().getLocation() - else result instanceof UnknownDefaultLocation + else result instanceof UnknownLocation } override string toStringImpl() { @@ -1161,7 +1161,7 @@ private module RawIndirectNodes { final override Location getLocationImpl() { if exists(this.getInstruction().getLocation()) then result = this.getInstruction().getLocation() - else result instanceof UnknownDefaultLocation + else result instanceof UnknownLocation } override string toStringImpl() { @@ -1257,7 +1257,7 @@ class FinalParameterNode extends Node, TFinalParameterNode { result = unique( | | p.getLocation()) or not exists(unique( | | p.getLocation())) and - result instanceof UnknownDefaultLocation + result instanceof UnknownLocation } override string toStringImpl() { result = stars(this) + p.toString() } @@ -1629,7 +1629,7 @@ class VariableNode extends Node, TGlobalLikeVariableNode { result = unique( | | v.getLocation()) or not exists(unique( | | v.getLocation())) and - result instanceof UnknownDefaultLocation + result instanceof UnknownLocation } override string toStringImpl() { result = stars(this) + v.toString() } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaInternals.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaInternals.qll index 7799081eae3..863825b375e 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaInternals.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/SsaInternals.qll @@ -516,7 +516,7 @@ class FinalParameterUse extends UseImpl, TFinalParameterUse { result = unique( | | p.getLocation()) or not exists(unique( | | p.getLocation())) and - result instanceof UnknownDefaultLocation + result instanceof UnknownLocation } override BaseIRVariable getBaseSourceVariable() { result.getIRVariable().getAst() = p } diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRConsistency.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRConsistency.qll index 67a6965ae9b..c29d743dadb 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRConsistency.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/IRConsistency.qll @@ -45,7 +45,7 @@ module InstructionConsistency { private class MissingIRFunction extends OptionalIRFunction, TMissingIRFunction { override string toString() { result = "" } - override Language::Location getLocation() { result instanceof Language::UnknownDefaultLocation } + override Language::Location getLocation() { result instanceof Language::UnknownLocation } } private OptionalIRFunction getInstructionIRFunction(Instruction instr) { diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/gvn/ValueNumbering.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/gvn/ValueNumbering.qll index 279b43a1ca8..b436bc8ccf1 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/gvn/ValueNumbering.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/gvn/ValueNumbering.qll @@ -26,7 +26,7 @@ class ValueNumber extends TValueNumber { l.getFile().getAbsolutePath(), l.getStartLine(), l.getStartColumn(), l.getEndLine(), l.getEndColumn() ) - else result instanceof Language::UnknownDefaultLocation + else result instanceof Language::UnknownLocation } /** diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRConsistency.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRConsistency.qll index 67a6965ae9b..c29d743dadb 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRConsistency.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/IRConsistency.qll @@ -45,7 +45,7 @@ module InstructionConsistency { private class MissingIRFunction extends OptionalIRFunction, TMissingIRFunction { override string toString() { result = "" } - override Language::Location getLocation() { result instanceof Language::UnknownDefaultLocation } + override Language::Location getLocation() { result instanceof Language::UnknownLocation } } private OptionalIRFunction getInstructionIRFunction(Instruction instr) { diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/gvn/ValueNumbering.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/gvn/ValueNumbering.qll index 279b43a1ca8..b436bc8ccf1 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/gvn/ValueNumbering.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/gvn/ValueNumbering.qll @@ -26,7 +26,7 @@ class ValueNumber extends TValueNumber { l.getFile().getAbsolutePath(), l.getStartLine(), l.getStartColumn(), l.getEndLine(), l.getEndColumn() ) - else result instanceof Language::UnknownDefaultLocation + else result instanceof Language::UnknownLocation } /** diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRConsistency.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRConsistency.qll index 67a6965ae9b..c29d743dadb 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRConsistency.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/IRConsistency.qll @@ -45,7 +45,7 @@ module InstructionConsistency { private class MissingIRFunction extends OptionalIRFunction, TMissingIRFunction { override string toString() { result = "" } - override Language::Location getLocation() { result instanceof Language::UnknownDefaultLocation } + override Language::Location getLocation() { result instanceof Language::UnknownLocation } } private OptionalIRFunction getInstructionIRFunction(Instruction instr) { diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/gvn/ValueNumbering.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/gvn/ValueNumbering.qll index 279b43a1ca8..b436bc8ccf1 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/gvn/ValueNumbering.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/gvn/ValueNumbering.qll @@ -26,7 +26,7 @@ class ValueNumber extends TValueNumber { l.getFile().getAbsolutePath(), l.getStartLine(), l.getStartColumn(), l.getEndLine(), l.getEndColumn() ) - else result instanceof Language::UnknownDefaultLocation + else result instanceof Language::UnknownLocation } /** diff --git a/cpp/ql/lib/semmle/code/cpp/ir/internal/ASTValueNumbering.qll b/cpp/ql/lib/semmle/code/cpp/ir/internal/ASTValueNumbering.qll index 2dd51d39151..4a40c90a1dd 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/internal/ASTValueNumbering.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/internal/ASTValueNumbering.qll @@ -76,7 +76,7 @@ class GVN extends TValueNumber { l.getFile().getAbsolutePath(), l.getStartLine(), l.getStartColumn(), l.getEndLine(), l.getEndColumn() ) - else result instanceof UnknownDefaultLocation + else result instanceof UnknownLocation } final string getKind() { diff --git a/cpp/ql/lib/semmle/code/cpp/ir/internal/IRCppLanguage.qll b/cpp/ql/lib/semmle/code/cpp/ir/internal/IRCppLanguage.qll index 28bbd40f8bf..a0e74f785e5 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/internal/IRCppLanguage.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/internal/IRCppLanguage.qll @@ -22,8 +22,6 @@ class Location = Cpp::Location; class UnknownLocation = Cpp::UnknownLocation; -class UnknownDefaultLocation = Cpp::UnknownDefaultLocation; - class File = Cpp::File; class AST = Cpp::Locatable; diff --git a/cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/RangeAnalysis.qll b/cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/RangeAnalysis.qll index 6bd7615d37b..845a71b2a50 100644 --- a/cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/RangeAnalysis.qll +++ b/cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/RangeAnalysis.qll @@ -89,7 +89,7 @@ class ZeroBound extends Bound instanceof IRBound::ZeroBound { result = super.getInstruction(delta).getUnconvertedResultExpression() } - override Location getLocation() { result instanceof UnknownDefaultLocation } + override Location getLocation() { result instanceof UnknownLocation } } /** diff --git a/cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/analysis/Bound.qll b/cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/analysis/Bound.qll index 27883aedf3e..4d873e8e3b3 100644 --- a/cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/analysis/Bound.qll +++ b/cpp/ql/lib/semmle/code/cpp/rangeanalysis/new/internal/semantic/analysis/Bound.qll @@ -61,7 +61,7 @@ class ZeroBound extends Bound, TBoundZero { result.(ConstantValueInstruction).getValue().toInt() = delta } - override Location getLocation() { result instanceof UnknownDefaultLocation } + override Location getLocation() { result instanceof UnknownLocation } } /** diff --git a/cpp/ql/lib/semmlecode.cpp.dbscheme b/cpp/ql/lib/semmlecode.cpp.dbscheme index 7bc12b02a43..e70d0b65318 100644 --- a/cpp/ql/lib/semmlecode.cpp.dbscheme +++ b/cpp/ql/lib/semmlecode.cpp.dbscheme @@ -218,10 +218,10 @@ extractor_version( string frontend_version: string ref ) -@location = @location_stmt | @location_expr | @location_default ; +@location = @location_default ; /** - * The location of an element that is not an expression or a statement. + * The location of an element. * The location spans column `startcolumn` of line `startline` to * column `endcolumn` of line `endline` in file `file`. * For more information, see @@ -237,40 +237,6 @@ locations_default( int endColumn: int ref ); -/** - * The location of a statement. - * The location spans column `startcolumn` of line `startline` to - * column `endcolumn` of line `endline` in file `file`. - * For more information, see - * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). - */ -locations_stmt( - /** The location of a statement. */ - unique int id: @location_stmt, - int container: @container ref, - int startLine: int ref, - int startColumn: int ref, - int endLine: int ref, - int endColumn: int ref -); - -/** - * The location of an expression. - * The location spans column `startcolumn` of line `startline` to - * column `endcolumn` of line `endline` in file `file`. - * For more information, see - * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). - */ -locations_expr( - /** The location of an expression. */ - unique int id: @location_expr, - int container: @container ref, - int startLine: int ref, - int startColumn: int ref, - int endLine: int ref, - int endColumn: int ref -); - /** An element for which line-count information is available. */ @sourceline = @file | @function | @variable | @enumconstant | @xmllocatable; @@ -287,7 +253,7 @@ diagnostics( string error_tag: string ref, string error_message: string ref, string full_error_message: string ref, - int location: @location_default ref + int location: @location ref ); files( @@ -332,7 +298,7 @@ case @macroinvocation.kind of macroinvocations( unique int id: @macroinvocation, int macro_id: @ppd_define ref, - int location: @location_default ref, + int location: @location ref, int kind: int ref ); @@ -453,7 +419,7 @@ fun_decls( int function: @function ref, int type_id: @type ref, string name: string ref, - int location: @location_default ref + int location: @location ref ); fun_def(unique int id: @fun_decl ref); fun_specialized(unique int id: @fun_decl ref); @@ -505,7 +471,7 @@ var_decls( int variable: @variable ref, int type_id: @type ref, string name: string ref, - int location: @location_default ref + int location: @location ref ); var_def(unique int id: @var_decl ref); var_specialized(int id: @var_decl ref); @@ -522,7 +488,7 @@ var_requires( type_decls( unique int id: @type_decl, int type_id: @type ref, - int location: @location_default ref + int location: @location ref ); type_def(unique int id: @type_decl ref); type_decl_top( @@ -536,8 +502,8 @@ type_requires( namespace_decls( unique int id: @namespace_decl, int namespace_id: @namespace ref, - int location: @location_default ref, - int bodylocation: @location_default ref + int location: @location ref, + int bodylocation: @location ref ); case @using.kind of @@ -549,7 +515,7 @@ case @using.kind of usings( unique int id: @using, int element_id: @element ref, - int location: @location_default ref, + int location: @location ref, int kind: int ref ); @@ -563,7 +529,7 @@ static_asserts( unique int id: @static_assert, int condition : @expr ref, string message : string ref, - int location: @location_default ref, + int location: @location ref, int enclosing : @element ref ); @@ -619,7 +585,7 @@ enumconstants( int index: int ref, int type_id: @type ref, string name: string ref, - int location: @location_default ref + int location: @location ref ); @variable = @localscopevariable | @globalvariable | @membervariable; @@ -980,7 +946,7 @@ template_template_argument_value( concept_templates( unique int concept_id: @concept_template, string name: string ref, - int location: @location_default ref + int location: @location ref ); concept_instantiation( unique int to: @concept_id ref, @@ -1084,7 +1050,7 @@ attributes( int kind: int ref, string name: string ref, string name_space: string ref, - int location: @location_default ref + int location: @location ref ); case @attribute.kind of @@ -1101,7 +1067,7 @@ attribute_args( int kind: int ref, int attribute: @attribute ref, int index: int ref, - int location: @location_default ref + int location: @location ref ); case @attribute_arg.kind of @@ -1190,7 +1156,7 @@ derivations( int sub: @type ref, int index: int ref, int super: @type ref, - int location: @location_default ref + int location: @location ref ); derspecifiers( @@ -1224,7 +1190,7 @@ frienddecls( unique int id: @frienddecl, int type_id: @type ref, int decl_id: @declaration ref, - int location: @location_default ref + int location: @location ref ); @declaredtype = @usertype ; @@ -1281,7 +1247,7 @@ frienddecls( comments( unique int id: @comment, string contents: string ref, - int location: @location_default ref + int location: @location ref ); commentbinding( @@ -1403,7 +1369,7 @@ namequalifiers( unique int id: @namequalifier, unique int qualifiableelement: @namequalifiableelement ref, int qualifyingelement: @namequalifyingelement ref, - int location: @location_default ref + int location: @location ref ); varbind( @@ -1672,7 +1638,7 @@ initialisers( unique int init: @initialiser, int var: @accessible ref, unique int expr: @expr ref, - int location: @location_expr ref + int location: @location ref ); braced_initialisers( @@ -1691,7 +1657,7 @@ expr_ancestor( exprs( unique int id: @expr, int kind: int ref, - int location: @location_expr ref + int location: @location ref ); expr_reuse( @@ -2165,7 +2131,7 @@ lambda_capture( int field: @membervariable ref, boolean captured_by_reference: boolean ref, boolean is_implicit: boolean ref, - int location: @location_default ref + int location: @location ref ); @funbindexpr = @routineexpr @@ -2193,7 +2159,7 @@ fold( stmts( unique int id: @stmt, int kind: int ref, - int location: @location_stmt ref + int location: @location ref ); case @stmt.kind of @@ -2378,7 +2344,7 @@ jumpinfo( preprocdirects( unique int id: @preprocdirect, int kind: int ref, - int location: @location_default ref + int location: @location ref ); case @preprocdirect.kind of 0 = @ppd_if diff --git a/cpp/ql/src/jsf/4.07 Header Files/AV Rule 35.ql b/cpp/ql/src/jsf/4.07 Header Files/AV Rule 35.ql index 704c5baa067..59a6838c23e 100644 --- a/cpp/ql/src/jsf/4.07 Header Files/AV Rule 35.ql +++ b/cpp/ql/src/jsf/4.07 Header Files/AV Rule 35.ql @@ -37,7 +37,7 @@ abstract class MaybePreprocessorDirective extends TMaybePreprocessorDirective { class NoPreprocessorDirective extends TNoPreprocessorDirective, MaybePreprocessorDirective { override string toString() { result = "" } - override Location getLocation() { result instanceof UnknownDefaultLocation } + override Location getLocation() { result instanceof UnknownLocation } } class SomePreprocessorDirective extends TSomePreprocessorDirective, MaybePreprocessorDirective { diff --git a/cpp/ql/test/experimental/library-tests/rangeanalysis/rangeanalysis/RangeAnalysis.ql b/cpp/ql/test/experimental/library-tests/rangeanalysis/rangeanalysis/RangeAnalysis.ql index 1b77763682a..240567b536c 100644 --- a/cpp/ql/test/experimental/library-tests/rangeanalysis/rangeanalysis/RangeAnalysis.ql +++ b/cpp/ql/test/experimental/library-tests/rangeanalysis/rangeanalysis/RangeAnalysis.ql @@ -15,5 +15,5 @@ query predicate instructionBounds( not valueNumber(b.getInstruction()) = valueNumber(i) and if reason instanceof CondReason then reasonLoc = reason.(CondReason).getCond().getLocation() - else reasonLoc instanceof UnknownDefaultLocation + else reasonLoc instanceof UnknownLocation } diff --git a/cpp/ql/test/library-tests/includes/includes/locations.expected b/cpp/ql/test/library-tests/includes/includes/locations.expected index 1b6b3b06892..c61055c8441 100644 --- a/cpp/ql/test/library-tests/includes/includes/locations.expected +++ b/cpp/ql/test/library-tests/includes/includes/locations.expected @@ -1,7 +1,5 @@ | bar.h:0:0:0:0 | bar.h:0:0:0:0 | | file://:0:0:0:0 | file://:0:0:0:0 | -| file://:0:0:0:0 | file://:0:0:0:0 | -| file://:0:0:0:0 | file://:0:0:0:0 | | includes.c:0:0:0:0 | includes.c:0:0:0:0 | | includes.c:2:1:2:15 | includes.c:2:1:2:15 | | includes.c:4:1:4:16 | includes.c:4:1:4:16 | From 7f47e31fb5c310a350ef251161848aeca41beef1 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Thu, 26 Jun 2025 14:03:48 +0200 Subject: [PATCH 105/111] C++: Add upgrade and downgrade scripts --- .../downgrades.ql | 161 ++ .../old.dbscheme | 2475 ++++++++++++++++ .../semmlecode.cpp.dbscheme | 2509 +++++++++++++++++ .../upgrade.properties | 8 + .../locations_default.ql | 18 + .../old.dbscheme | 2509 +++++++++++++++++ .../semmlecode.cpp.dbscheme | 2475 ++++++++++++++++ .../upgrade.properties | 5 + 8 files changed, 10160 insertions(+) create mode 100644 cpp/downgrades/e70d0b653187b93d9688f21c9db46bb1cd46ab78/downgrades.ql create mode 100644 cpp/downgrades/e70d0b653187b93d9688f21c9db46bb1cd46ab78/old.dbscheme create mode 100644 cpp/downgrades/e70d0b653187b93d9688f21c9db46bb1cd46ab78/semmlecode.cpp.dbscheme create mode 100644 cpp/downgrades/e70d0b653187b93d9688f21c9db46bb1cd46ab78/upgrade.properties create mode 100644 cpp/ql/lib/upgrades/7bc12b02a4363149f0727a4bce07952dbb9d98aa/locations_default.ql create mode 100644 cpp/ql/lib/upgrades/7bc12b02a4363149f0727a4bce07952dbb9d98aa/old.dbscheme create mode 100644 cpp/ql/lib/upgrades/7bc12b02a4363149f0727a4bce07952dbb9d98aa/semmlecode.cpp.dbscheme create mode 100644 cpp/ql/lib/upgrades/7bc12b02a4363149f0727a4bce07952dbb9d98aa/upgrade.properties diff --git a/cpp/downgrades/e70d0b653187b93d9688f21c9db46bb1cd46ab78/downgrades.ql b/cpp/downgrades/e70d0b653187b93d9688f21c9db46bb1cd46ab78/downgrades.ql new file mode 100644 index 00000000000..973fdeaba7c --- /dev/null +++ b/cpp/downgrades/e70d0b653187b93d9688f21c9db46bb1cd46ab78/downgrades.ql @@ -0,0 +1,161 @@ +class Accessible extends @accessible { + string toString() { none() } +} + +class Container extends @container { + string toString() { none() } +} + +class Expr extends @expr { + string toString() { none() } +} + +class Initialiser extends @initialiser { + string toString() { none() } +} + +class Location extends @location_default { + string toString() { none() } +} + +class Stmt extends @stmt { + string toString() { none() } +} + +predicate isLocationDefault(Location l) { + diagnostics(_, _, _, _, _, l) + or + macroinvocations(_, _, l, _) + or + fun_decls(_, _, _, _, l) + or + var_decls(_, _, _, _, l) + or + type_decls(_, _, l) + or + namespace_decls(_, _, l, _) + or + namespace_decls(_, _, _, l) + or + usings(_, _, l, _) + or + static_asserts(_, _, _, l, _) + or + enumconstants(_, _, _, _, _, l) + or + concept_templates(_, _, l) + or + attributes(_, _, _, _, l) + or + attribute_args(_, _, _, _, l) + or + derivations(_, _, _, _, l) + or + frienddecls(_, _, _, l) + or + comments(_, _, l) + or + namequalifiers(_, _, _, l) + or + lambda_capture(_, _, _, _, _, _, l) + or + preprocdirects(_, _, l) + or + xmllocations(_, l) + or + locations_default(l, _, 0, 0, 0, 0) // For containers. +} + +predicate isLocationExpr(Location l) { + initialisers(_, _, _, l) + or + exprs(_, _, l) +} + +predicate isLocationStmt(Location l) { stmts(_, _, l) } + +newtype TExprOrStmtLocation = + TExprLocation(Location l, Container c, int startLine, int startColumn, int endLine, int endColumn) { + isLocationExpr(l) and + (isLocationDefault(l) or isLocationStmt(l)) and + locations_default(l, c, startLine, startColumn, endLine, endColumn) + } or + TStmtLocation(Location l, Container c, int startLine, int startColumn, int endLine, int endColumn) { + isLocationStmt(l) and + (isLocationDefault(l) or isLocationExpr(l)) and + locations_default(l, c, startLine, startColumn, endLine, endColumn) + } + +module Fresh = QlBuiltins::NewEntity; + +class NewLocationBase = @location_default or Fresh::EntityId; + +class NewLocation extends NewLocationBase { + string toString() { none() } +} + +query predicate new_locations_default( + NewLocation l, Container c, int startLine, int startColumn, int endLine, int endColumn +) { + isLocationDefault(l) and + locations_default(l, c, startLine, startColumn, endLine, endColumn) +} + +query predicate new_locations_expr( + NewLocation l, Container c, int startLine, int startColumn, int endLine, int endColumn +) { + exists(Location l_old | + isLocationExpr(l_old) and + locations_default(l_old, c, startLine, startColumn, endLine, endColumn) + | + if not isLocationDefault(l_old) and not isLocationStmt(l) + then l = l_old + else l = Fresh::map(TExprLocation(l_old, c, startLine, startColumn, endLine, endColumn)) + ) +} + +query predicate new_locations_stmt( + NewLocation l, Container c, int startLine, int startColumn, int endLine, int endColumn +) { + exists(Location l_old | + isLocationStmt(l_old) and + locations_default(l_old, c, startLine, startColumn, endLine, endColumn) + | + if not isLocationDefault(l_old) and not isLocationExpr(l) + then l = l_old + else l = Fresh::map(TStmtLocation(l_old, c, startLine, startColumn, endLine, endColumn)) + ) +} + +query predicate new_exprs(Expr e, int kind, NewLocation l) { + exists(Location l_old, Container c, int startLine, int startColumn, int endLine, int endColumn | + exprs(e, kind, l_old) and + locations_default(l_old, c, startLine, startColumn, endLine, endColumn) + | + if not isLocationDefault(l_old) and not isLocationStmt(l) + then l = l_old + else l = Fresh::map(TExprLocation(l_old, c, startLine, startColumn, endLine, endColumn)) + ) +} + +query predicate new_initialisers(Initialiser i, Accessible v, Expr e, NewLocation l) { + exists(Location l_old, Container c, int startLine, int startColumn, int endLine, int endColumn | + initialisers(i, v, e, l_old) and + locations_default(l_old, c, startLine, startColumn, endLine, endColumn) + | + if not isLocationDefault(l_old) and not isLocationStmt(l) + then l = l_old + else l = Fresh::map(TExprLocation(l_old, c, startLine, startColumn, endLine, endColumn)) + ) +} + +query predicate new_stmts(Stmt s, int kind, NewLocation l) { + exists(Location l_old, Container c, int startLine, int startColumn, int endLine, int endColumn | + stmts(s, kind, l_old) and + locations_default(l_old, c, startLine, startColumn, endLine, endColumn) + | + if not isLocationDefault(l_old) and not isLocationExpr(l) + then l = l_old + else l = Fresh::map(TStmtLocation(l_old, c, startLine, startColumn, endLine, endColumn)) + ) +} diff --git a/cpp/downgrades/e70d0b653187b93d9688f21c9db46bb1cd46ab78/old.dbscheme b/cpp/downgrades/e70d0b653187b93d9688f21c9db46bb1cd46ab78/old.dbscheme new file mode 100644 index 00000000000..e70d0b65318 --- /dev/null +++ b/cpp/downgrades/e70d0b653187b93d9688f21c9db46bb1cd46ab78/old.dbscheme @@ -0,0 +1,2475 @@ + +/** + * An invocation of the compiler. Note that more than one file may be + * compiled per invocation. For example, this command compiles three + * source files: + * + * gcc -c f1.c f2.c f3.c + * + * The `id` simply identifies the invocation, while `cwd` is the working + * directory from which the compiler was invoked. + */ +compilations( + /** + * An invocation of the compiler. Note that more than one file may + * be compiled per invocation. For example, this command compiles + * three source files: + * + * gcc -c f1.c f2.c f3.c + */ + unique int id : @compilation, + string cwd : string ref +); + +/** + * The arguments that were passed to the extractor for a compiler + * invocation. If `id` is for the compiler invocation + * + * gcc -c f1.c f2.c f3.c + * + * then typically there will be rows for + * + * num | arg + * --- | --- + * 0 | *path to extractor* + * 1 | `--mimic` + * 2 | `/usr/bin/gcc` + * 3 | `-c` + * 4 | f1.c + * 5 | f2.c + * 6 | f3.c + */ +#keyset[id, num] +compilation_args( + int id : @compilation ref, + int num : int ref, + string arg : string ref +); + +/** + * Optionally, record the build mode for each compilation. + */ +compilation_build_mode( + unique int id : @compilation ref, + int mode : int ref +); + +/* +case @compilation_build_mode.mode of + 0 = @build_mode_none +| 1 = @build_mode_manual +| 2 = @build_mode_auto +; +*/ + +/** + * The source files that are compiled by a compiler invocation. + * If `id` is for the compiler invocation + * + * gcc -c f1.c f2.c f3.c + * + * then there will be rows for + * + * num | arg + * --- | --- + * 0 | f1.c + * 1 | f2.c + * 2 | f3.c + * + * Note that even if those files `#include` headers, those headers + * do not appear as rows. + */ +#keyset[id, num] +compilation_compiling_files( + int id : @compilation ref, + int num : int ref, + int file : @file ref +); + +/** + * The time taken by the extractor for a compiler invocation. + * + * For each file `num`, there will be rows for + * + * kind | seconds + * ---- | --- + * 1 | CPU seconds used by the extractor frontend + * 2 | Elapsed seconds during the extractor frontend + * 3 | CPU seconds used by the extractor backend + * 4 | Elapsed seconds during the extractor backend + */ +#keyset[id, num, kind] +compilation_time( + int id : @compilation ref, + int num : int ref, + /* kind: + 1 = frontend_cpu_seconds + 2 = frontend_elapsed_seconds + 3 = extractor_cpu_seconds + 4 = extractor_elapsed_seconds + */ + int kind : int ref, + float seconds : float ref +); + +/** + * An error or warning generated by the extractor. + * The diagnostic message `diagnostic` was generated during compiler + * invocation `compilation`, and is the `file_number_diagnostic_number`th + * message generated while extracting the `file_number`th file of that + * invocation. + */ +#keyset[compilation, file_number, file_number_diagnostic_number] +diagnostic_for( + int diagnostic : @diagnostic ref, + int compilation : @compilation ref, + int file_number : int ref, + int file_number_diagnostic_number : int ref +); + +/** + * If extraction was successful, then `cpu_seconds` and + * `elapsed_seconds` are the CPU time and elapsed time (respectively) + * that extraction took for compiler invocation `id`. + */ +compilation_finished( + unique int id : @compilation ref, + float cpu_seconds : float ref, + float elapsed_seconds : float ref +); + + +/** + * External data, loaded from CSV files during snapshot creation. See + * [Tutorial: Incorporating external data](https://help.semmle.com/wiki/display/SD/Tutorial%3A+Incorporating+external+data) + * for more information. + */ +externalData( + int id : @externalDataElement, + string path : string ref, + int column: int ref, + string value : string ref +); + +/** + * The source location of the snapshot. + */ +sourceLocationPrefix(string prefix : string ref); + +/** + * Information about packages that provide code used during compilation. + * The `id` is just a unique identifier. + * The `namespace` is typically the name of the package manager that + * provided the package (e.g. "dpkg" or "yum"). + * The `package_name` is the name of the package, and `version` is its + * version (as a string). + */ +external_packages( + unique int id: @external_package, + string namespace : string ref, + string package_name : string ref, + string version : string ref +); + +/** + * Holds if File `fileid` was provided by package `package`. + */ +header_to_external_package( + int fileid : @file ref, + int package : @external_package ref +); + +/* + * Version history + */ + +svnentries( + unique int id : @svnentry, + string revision : string ref, + string author : string ref, + date revisionDate : date ref, + int changeSize : int ref +) + +svnaffectedfiles( + int id : @svnentry ref, + int file : @file ref, + string action : string ref +) + +svnentrymsg( + unique int id : @svnentry ref, + string message : string ref +) + +svnchurn( + int commit : @svnentry ref, + int file : @file ref, + int addedLines : int ref, + int deletedLines : int ref +) + +/* + * C++ dbscheme + */ + +extractor_version( + string codeql_version: string ref, + string frontend_version: string ref +) + +@location = @location_default ; + +/** + * The location of an element. + * The location spans column `startcolumn` of line `startline` to + * column `endcolumn` of line `endline` in file `file`. + * For more information, see + * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). + */ +locations_default( + /** The location of an element that is not an expression or a statement. */ + unique int id: @location_default, + int container: @container ref, + int startLine: int ref, + int startColumn: int ref, + int endLine: int ref, + int endColumn: int ref +); + +/** An element for which line-count information is available. */ +@sourceline = @file | @function | @variable | @enumconstant | @xmllocatable; + +numlines( + int element_id: @sourceline ref, + int num_lines: int ref, + int num_code: int ref, + int num_comment: int ref +); + +diagnostics( + unique int id: @diagnostic, + int severity: int ref, + string error_tag: string ref, + string error_message: string ref, + string full_error_message: string ref, + int location: @location ref +); + +files( + unique int id: @file, + string name: string ref +); + +folders( + unique int id: @folder, + string name: string ref +); + +@container = @folder | @file + +containerparent( + int parent: @container ref, + unique int child: @container ref +); + +fileannotations( + int id: @file ref, + int kind: int ref, + string name: string ref, + string value: string ref +); + +inmacroexpansion( + int id: @element ref, + int inv: @macroinvocation ref +); + +affectedbymacroexpansion( + int id: @element ref, + int inv: @macroinvocation ref +); + +case @macroinvocation.kind of + 1 = @macro_expansion +| 2 = @other_macro_reference +; + +macroinvocations( + unique int id: @macroinvocation, + int macro_id: @ppd_define ref, + int location: @location ref, + int kind: int ref +); + +macroparent( + unique int id: @macroinvocation ref, + int parent_id: @macroinvocation ref +); + +// a macroinvocation may be part of another location +// the way to find a constant expression that uses a macro +// is thus to find a constant expression that has a location +// to which a macro invocation is bound +macrolocationbind( + int id: @macroinvocation ref, + int location: @location ref +); + +#keyset[invocation, argument_index] +macro_argument_unexpanded( + int invocation: @macroinvocation ref, + int argument_index: int ref, + string text: string ref +); + +#keyset[invocation, argument_index] +macro_argument_expanded( + int invocation: @macroinvocation ref, + int argument_index: int ref, + string text: string ref +); + +/* +case @function.kind of + 1 = @normal_function +| 2 = @constructor +| 3 = @destructor +| 4 = @conversion_function +| 5 = @operator +| 6 = @builtin_function // GCC built-in functions, e.g. __builtin___memcpy_chk +| 7 = @user_defined_literal +| 8 = @deduction_guide +; +*/ + +functions( + unique int id: @function, + string name: string ref, + int kind: int ref +); + +function_entry_point( + int id: @function ref, + unique int entry_point: @stmt ref +); + +function_return_type( + int id: @function ref, + int return_type: @type ref +); + +/** + * If `function` is a coroutine, then this gives the `std::experimental::resumable_traits` + * instance associated with it, and the variables representing the `handle` and `promise` + * for it. + */ +coroutine( + unique int function: @function ref, + int traits: @type ref +); + +/* +case @coroutine_placeholder_variable.kind of + 1 = @handle +| 2 = @promise +| 3 = @init_await_resume +; +*/ + +coroutine_placeholder_variable( + unique int placeholder_variable: @variable ref, + int kind: int ref, + int function: @function ref +) + +/** The `new` function used for allocating the coroutine state, if any. */ +coroutine_new( + unique int function: @function ref, + int new: @function ref +); + +/** The `delete` function used for deallocating the coroutine state, if any. */ +coroutine_delete( + unique int function: @function ref, + int delete: @function ref +); + +purefunctions(unique int id: @function ref); + +function_deleted(unique int id: @function ref); + +function_defaulted(unique int id: @function ref); + +function_prototyped(unique int id: @function ref) + +deduction_guide_for_class( + int id: @function ref, + int class_template: @usertype ref +) + +member_function_this_type( + unique int id: @function ref, + int this_type: @type ref +); + +#keyset[id, type_id] +fun_decls( + int id: @fun_decl, + int function: @function ref, + int type_id: @type ref, + string name: string ref, + int location: @location ref +); +fun_def(unique int id: @fun_decl ref); +fun_specialized(unique int id: @fun_decl ref); +fun_implicit(unique int id: @fun_decl ref); +fun_decl_specifiers( + int id: @fun_decl ref, + string name: string ref +) +#keyset[fun_decl, index] +fun_decl_throws( + int fun_decl: @fun_decl ref, + int index: int ref, + int type_id: @type ref +); +/* an empty throw specification is different from none */ +fun_decl_empty_throws(unique int fun_decl: @fun_decl ref); +fun_decl_noexcept( + int fun_decl: @fun_decl ref, + int constant: @expr ref +); +fun_decl_empty_noexcept(int fun_decl: @fun_decl ref); +fun_decl_typedef_type( + unique int fun_decl: @fun_decl ref, + int typedeftype_id: @usertype ref +); + +/* +case @fun_requires.kind of + 1 = @template_attached +| 2 = @function_attached +; +*/ + +fun_requires( + int id: @fun_decl ref, + int kind: int ref, + int constraint: @expr ref +); + +param_decl_bind( + unique int id: @var_decl ref, + int index: int ref, + int fun_decl: @fun_decl ref +); + +#keyset[id, type_id] +var_decls( + int id: @var_decl, + int variable: @variable ref, + int type_id: @type ref, + string name: string ref, + int location: @location ref +); +var_def(unique int id: @var_decl ref); +var_specialized(int id: @var_decl ref); +var_decl_specifiers( + int id: @var_decl ref, + string name: string ref +) +is_structured_binding(unique int id: @variable ref); +var_requires( + int id: @var_decl ref, + int constraint: @expr ref +); + +type_decls( + unique int id: @type_decl, + int type_id: @type ref, + int location: @location ref +); +type_def(unique int id: @type_decl ref); +type_decl_top( + unique int type_decl: @type_decl ref +); +type_requires( + int id: @type_decl ref, + int constraint: @expr ref +); + +namespace_decls( + unique int id: @namespace_decl, + int namespace_id: @namespace ref, + int location: @location ref, + int bodylocation: @location ref +); + +case @using.kind of + 1 = @using_declaration +| 2 = @using_directive +| 3 = @using_enum_declaration +; + +usings( + unique int id: @using, + int element_id: @element ref, + int location: @location ref, + int kind: int ref +); + +/** The element which contains the `using` declaration. */ +using_container( + int parent: @element ref, + int child: @using ref +); + +static_asserts( + unique int id: @static_assert, + int condition : @expr ref, + string message : string ref, + int location: @location ref, + int enclosing : @element ref +); + +// each function has an ordered list of parameters +#keyset[id, type_id] +#keyset[function, index, type_id] +params( + int id: @parameter, + int function: @parameterized_element ref, + int index: int ref, + int type_id: @type ref +); + +overrides( + int new: @function ref, + int old: @function ref +); + +#keyset[id, type_id] +membervariables( + int id: @membervariable, + int type_id: @type ref, + string name: string ref +); + +#keyset[id, type_id] +globalvariables( + int id: @globalvariable, + int type_id: @type ref, + string name: string ref +); + +#keyset[id, type_id] +localvariables( + int id: @localvariable, + int type_id: @type ref, + string name: string ref +); + +autoderivation( + unique int var: @variable ref, + int derivation_type: @type ref +); + +orphaned_variables( + int var: @localvariable ref, + int function: @function ref +) + +enumconstants( + unique int id: @enumconstant, + int parent: @usertype ref, + int index: int ref, + int type_id: @type ref, + string name: string ref, + int location: @location ref +); + +@variable = @localscopevariable | @globalvariable | @membervariable; + +@localscopevariable = @localvariable | @parameter; + +/** + * Built-in types are the fundamental types, e.g., integral, floating, and void. + */ +case @builtintype.kind of + 1 = @errortype +| 2 = @unknowntype +| 3 = @void +| 4 = @boolean +| 5 = @char +| 6 = @unsigned_char +| 7 = @signed_char +| 8 = @short +| 9 = @unsigned_short +| 10 = @signed_short +| 11 = @int +| 12 = @unsigned_int +| 13 = @signed_int +| 14 = @long +| 15 = @unsigned_long +| 16 = @signed_long +| 17 = @long_long +| 18 = @unsigned_long_long +| 19 = @signed_long_long +// ... 20 Microsoft-specific __int8 +// ... 21 Microsoft-specific __int16 +// ... 22 Microsoft-specific __int32 +// ... 23 Microsoft-specific __int64 +| 24 = @float +| 25 = @double +| 26 = @long_double +| 27 = @complex_float // C99-specific _Complex float +| 28 = @complex_double // C99-specific _Complex double +| 29 = @complex_long_double // C99-specific _Complex long double +| 30 = @imaginary_float // C99-specific _Imaginary float +| 31 = @imaginary_double // C99-specific _Imaginary double +| 32 = @imaginary_long_double // C99-specific _Imaginary long double +| 33 = @wchar_t // Microsoft-specific +| 34 = @decltype_nullptr // C++11 +| 35 = @int128 // __int128 +| 36 = @unsigned_int128 // unsigned __int128 +| 37 = @signed_int128 // signed __int128 +| 38 = @float128 // __float128 +| 39 = @complex_float128 // _Complex __float128 +| 40 = @decimal32 // _Decimal32 +| 41 = @decimal64 // _Decimal64 +| 42 = @decimal128 // _Decimal128 +| 43 = @char16_t +| 44 = @char32_t +| 45 = @std_float32 // _Float32 +| 46 = @float32x // _Float32x +| 47 = @std_float64 // _Float64 +| 48 = @float64x // _Float64x +| 49 = @std_float128 // _Float128 +// ... 50 _Float128x +| 51 = @char8_t +| 52 = @float16 // _Float16 +| 53 = @complex_float16 // _Complex _Float16 +| 54 = @fp16 // __fp16 +| 55 = @std_bfloat16 // __bf16 +| 56 = @std_float16 // std::float16_t +| 57 = @complex_std_float32 // _Complex _Float32 +| 58 = @complex_float32x // _Complex _Float32x +| 59 = @complex_std_float64 // _Complex _Float64 +| 60 = @complex_float64x // _Complex _Float64x +| 61 = @complex_std_float128 // _Complex _Float128 +| 62 = @mfp8 // __mfp8 +| 63 = @scalable_vector_count // __SVCount_t +| 64 = @complex_fp16 // _Complex __fp16 +| 65 = @complex_std_bfloat16 // _Complex __bf16 +| 66 = @complex_std_float16 // _Complex std::float16_t +; + +builtintypes( + unique int id: @builtintype, + string name: string ref, + int kind: int ref, + int size: int ref, + int sign: int ref, + int alignment: int ref +); + +/** + * Derived types are types that are directly derived from existing types and + * point to, refer to, transform type data to return a new type. + */ +case @derivedtype.kind of + 1 = @pointer +| 2 = @reference +| 3 = @type_with_specifiers +| 4 = @array +| 5 = @gnu_vector +| 6 = @routineptr +| 7 = @routinereference +| 8 = @rvalue_reference // C++11 +// ... 9 type_conforming_to_protocols deprecated +| 10 = @block +| 11 = @scalable_vector // Arm SVE +; + +derivedtypes( + unique int id: @derivedtype, + string name: string ref, + int kind: int ref, + int type_id: @type ref +); + +pointerishsize(unique int id: @derivedtype ref, + int size: int ref, + int alignment: int ref); + +arraysizes( + unique int id: @derivedtype ref, + int num_elements: int ref, + int bytesize: int ref, + int alignment: int ref +); + +tupleelements( + unique int id: @derivedtype ref, + int num_elements: int ref +); + +typedefbase( + unique int id: @usertype ref, + int type_id: @type ref +); + +/** + * An instance of the C++11 `decltype` operator or C23 `typeof`/`typeof_unqual` + * operator taking an expression as its argument. For example: + * ``` + * int a; + * decltype(1+a) b; + * typeof(1+a) c; + * ``` + * Here `expr` is `1+a`. + * + * Sometimes an additional pair of parentheses around the expression + * changes the semantics of the decltype, e.g. + * ``` + * struct A { double x; }; + * const A* a = new A(); + * decltype( a->x ); // type is double + * decltype((a->x)); // type is const double& + * ``` + * (Please consult the C++11 standard for more details). + * `parentheses_would_change_meaning` is `true` iff that is the case. + */ + +/* +case @decltype.kind of +| 0 = @decltype +| 1 = @typeof // The frontend does not differentiate between typeof and typeof_unqual +; +*/ + +#keyset[id, expr] +decltypes( + int id: @decltype, + int expr: @expr ref, + int kind: int ref, + int base_type: @type ref, + boolean parentheses_would_change_meaning: boolean ref +); + +/* +case @type_operator.kind of +| 0 = @typeof // The frontend does not differentiate between typeof and typeof_unqual +| 1 = @underlying_type +| 2 = @bases +| 3 = @direct_bases +| 4 = @add_lvalue_reference +| 5 = @add_pointer +| 6 = @add_rvalue_reference +| 7 = @decay +| 8 = @make_signed +| 9 = @make_unsigned +| 10 = @remove_all_extents +| 11 = @remove_const +| 12 = @remove_cv +| 13 = @remove_cvref +| 14 = @remove_extent +| 15 = @remove_pointer +| 16 = @remove_reference_t +| 17 = @remove_restrict +| 18 = @remove_volatile +| 19 = @remove_reference +; +*/ + +type_operators( + unique int id: @type_operator, + int arg_type: @type ref, + int kind: int ref, + int base_type: @type ref +) + +/* +case @usertype.kind of +| 0 = @unknown_usertype +| 1 = @struct +| 2 = @class +| 3 = @union +| 4 = @enum +// ... 5 = @typedef deprecated // classic C: typedef typedef type name +// ... 6 = @template deprecated +| 7 = @template_parameter +| 8 = @template_template_parameter +| 9 = @proxy_class // a proxy class associated with a template parameter +// ... 10 objc_class deprecated +// ... 11 objc_protocol deprecated +// ... 12 objc_category deprecated +| 13 = @scoped_enum +// ... 14 = @using_alias deprecated // a using name = type style typedef +| 15 = @template_struct +| 16 = @template_class +| 17 = @template_union +| 18 = @alias +; +*/ + +usertypes( + unique int id: @usertype, + string name: string ref, + int kind: int ref +); + +usertypesize( + unique int id: @usertype ref, + int size: int ref, + int alignment: int ref +); + +usertype_final(unique int id: @usertype ref); + +usertype_uuid( + unique int id: @usertype ref, + string uuid: string ref +); + +/* +case @usertype.alias_kind of +| 0 = @typedef +| 1 = @alias +*/ + +usertype_alias_kind( + int id: @usertype ref, + int alias_kind: int ref +) + +nontype_template_parameters( + int id: @expr ref +); + +type_template_type_constraint( + int id: @usertype ref, + int constraint: @expr ref +); + +mangled_name( + unique int id: @declaration ref, + int mangled_name : @mangledname, + boolean is_complete: boolean ref +); + +is_pod_class(unique int id: @usertype ref); +is_standard_layout_class(unique int id: @usertype ref); + +is_complete(unique int id: @usertype ref); + +is_class_template(unique int id: @usertype ref); +class_instantiation( + int to: @usertype ref, + int from: @usertype ref +); +class_template_argument( + int type_id: @usertype ref, + int index: int ref, + int arg_type: @type ref +); +class_template_argument_value( + int type_id: @usertype ref, + int index: int ref, + int arg_value: @expr ref +); + +@user_or_decltype = @usertype | @decltype; + +is_proxy_class_for( + unique int id: @usertype ref, + int templ_param_id: @user_or_decltype ref +); + +type_mentions( + unique int id: @type_mention, + int type_id: @type ref, + int location: @location ref, + // a_symbol_reference_kind from the frontend. + int kind: int ref +); + +is_function_template(unique int id: @function ref); +function_instantiation( + unique int to: @function ref, + int from: @function ref +); +function_template_argument( + int function_id: @function ref, + int index: int ref, + int arg_type: @type ref +); +function_template_argument_value( + int function_id: @function ref, + int index: int ref, + int arg_value: @expr ref +); + +is_variable_template(unique int id: @variable ref); +variable_instantiation( + unique int to: @variable ref, + int from: @variable ref +); +variable_template_argument( + int variable_id: @variable ref, + int index: int ref, + int arg_type: @type ref +); +variable_template_argument_value( + int variable_id: @variable ref, + int index: int ref, + int arg_value: @expr ref +); + +template_template_instantiation( + int to: @usertype ref, + int from: @usertype ref +); +template_template_argument( + int type_id: @usertype ref, + int index: int ref, + int arg_type: @type ref +); +template_template_argument_value( + int type_id: @usertype ref, + int index: int ref, + int arg_value: @expr ref +); + +@concept = @concept_template | @concept_id; + +concept_templates( + unique int concept_id: @concept_template, + string name: string ref, + int location: @location ref +); +concept_instantiation( + unique int to: @concept_id ref, + int from: @concept_template ref +); +is_type_constraint(int concept_id: @concept_id ref); +concept_template_argument( + int concept_id: @concept ref, + int index: int ref, + int arg_type: @type ref +); +concept_template_argument_value( + int concept_id: @concept ref, + int index: int ref, + int arg_value: @expr ref +); + +routinetypes( + unique int id: @routinetype, + int return_type: @type ref +); + +routinetypeargs( + int routine: @routinetype ref, + int index: int ref, + int type_id: @type ref +); + +ptrtomembers( + unique int id: @ptrtomember, + int type_id: @type ref, + int class_id: @type ref +); + +/* + specifiers for types, functions, and variables + + "public", + "protected", + "private", + + "const", + "volatile", + "static", + + "pure", + "virtual", + "sealed", // Microsoft + "__interface", // Microsoft + "inline", + "explicit", + + "near", // near far extension + "far", // near far extension + "__ptr32", // Microsoft + "__ptr64", // Microsoft + "__sptr", // Microsoft + "__uptr", // Microsoft + "dllimport", // Microsoft + "dllexport", // Microsoft + "thread", // Microsoft + "naked", // Microsoft + "microsoft_inline", // Microsoft + "forceinline", // Microsoft + "selectany", // Microsoft + "nothrow", // Microsoft + "novtable", // Microsoft + "noreturn", // Microsoft + "noinline", // Microsoft + "noalias", // Microsoft + "restrict", // Microsoft +*/ + +specifiers( + unique int id: @specifier, + unique string str: string ref +); + +typespecifiers( + int type_id: @type ref, + int spec_id: @specifier ref +); + +funspecifiers( + int func_id: @function ref, + int spec_id: @specifier ref +); + +varspecifiers( + int var_id: @accessible ref, + int spec_id: @specifier ref +); + +explicit_specifier_exprs( + unique int func_id: @function ref, + int constant: @expr ref +) + +attributes( + unique int id: @attribute, + int kind: int ref, + string name: string ref, + string name_space: string ref, + int location: @location ref +); + +case @attribute.kind of + 0 = @gnuattribute +| 1 = @stdattribute +| 2 = @declspec +| 3 = @msattribute +| 4 = @alignas +// ... 5 @objc_propertyattribute deprecated +; + +attribute_args( + unique int id: @attribute_arg, + int kind: int ref, + int attribute: @attribute ref, + int index: int ref, + int location: @location ref +); + +case @attribute_arg.kind of + 0 = @attribute_arg_empty +| 1 = @attribute_arg_token +| 2 = @attribute_arg_constant +| 3 = @attribute_arg_type +| 4 = @attribute_arg_constant_expr +| 5 = @attribute_arg_expr +; + +attribute_arg_value( + unique int arg: @attribute_arg ref, + string value: string ref +); +attribute_arg_type( + unique int arg: @attribute_arg ref, + int type_id: @type ref +); +attribute_arg_constant( + unique int arg: @attribute_arg ref, + int constant: @expr ref +) +attribute_arg_expr( + unique int arg: @attribute_arg ref, + int expr: @expr ref +) +attribute_arg_name( + unique int arg: @attribute_arg ref, + string name: string ref +); + +typeattributes( + int type_id: @type ref, + int spec_id: @attribute ref +); + +funcattributes( + int func_id: @function ref, + int spec_id: @attribute ref +); + +varattributes( + int var_id: @accessible ref, + int spec_id: @attribute ref +); + +namespaceattributes( + int namespace_id: @namespace ref, + int spec_id: @attribute ref +); + +stmtattributes( + int stmt_id: @stmt ref, + int spec_id: @attribute ref +); + +@type = @builtintype + | @derivedtype + | @usertype + | @routinetype + | @ptrtomember + | @decltype + | @type_operator; + +unspecifiedtype( + unique int type_id: @type ref, + int unspecified_type_id: @type ref +); + +member( + int parent: @type ref, + int index: int ref, + int child: @member ref +); + +@enclosingfunction_child = @usertype | @variable | @namespace + +enclosingfunction( + unique int child: @enclosingfunction_child ref, + int parent: @function ref +); + +derivations( + unique int derivation: @derivation, + int sub: @type ref, + int index: int ref, + int super: @type ref, + int location: @location ref +); + +derspecifiers( + int der_id: @derivation ref, + int spec_id: @specifier ref +); + +/** + * Contains the byte offset of the base class subobject within the derived + * class. Only holds for non-virtual base classes, but see table + * `virtual_base_offsets` for offsets of virtual base class subobjects. + */ +direct_base_offsets( + unique int der_id: @derivation ref, + int offset: int ref +); + +/** + * Contains the byte offset of the virtual base class subobject for class + * `super` within a most-derived object of class `sub`. `super` can be either a + * direct or indirect base class. + */ +#keyset[sub, super] +virtual_base_offsets( + int sub: @usertype ref, + int super: @usertype ref, + int offset: int ref +); + +frienddecls( + unique int id: @frienddecl, + int type_id: @type ref, + int decl_id: @declaration ref, + int location: @location ref +); + +@declaredtype = @usertype ; + +@declaration = @function + | @declaredtype + | @variable + | @enumconstant + | @frienddecl + | @concept_template; + +@member = @membervariable + | @function + | @declaredtype + | @enumconstant; + +@locatable = @diagnostic + | @declaration + | @ppd_include + | @ppd_define + | @macroinvocation + /*| @funcall*/ + | @xmllocatable + | @attribute + | @attribute_arg; + +@namedscope = @namespace | @usertype; + +@element = @locatable + | @file + | @folder + | @specifier + | @type + | @expr + | @namespace + | @initialiser + | @stmt + | @derivation + | @comment + | @preprocdirect + | @fun_decl + | @var_decl + | @type_decl + | @namespace_decl + | @using + | @namequalifier + | @specialnamequalifyingelement + | @static_assert + | @type_mention + | @lambdacapture; + +@exprparent = @element; + +comments( + unique int id: @comment, + string contents: string ref, + int location: @location ref +); + +commentbinding( + int id: @comment ref, + int element: @element ref +); + +exprconv( + int converted: @expr ref, + unique int conversion: @expr ref +); + +compgenerated(unique int id: @element ref); + +/** + * `destructor_call` destructs the `i`'th entity that should be + * destructed following `element`. Note that entities should be + * destructed in reverse construction order, so for a given `element` + * these should be called from highest to lowest `i`. + */ +#keyset[element, destructor_call] +#keyset[element, i] +synthetic_destructor_call( + int element: @element ref, + int i: int ref, + int destructor_call: @routineexpr ref +); + +namespaces( + unique int id: @namespace, + string name: string ref +); + +namespace_inline( + unique int id: @namespace ref +); + +namespacembrs( + int parentid: @namespace ref, + unique int memberid: @namespacembr ref +); + +@namespacembr = @declaration | @namespace; + +exprparents( + int expr_id: @expr ref, + int child_index: int ref, + int parent_id: @exprparent ref +); + +expr_isload(unique int expr_id: @expr ref); + +@cast = @c_style_cast + | @const_cast + | @dynamic_cast + | @reinterpret_cast + | @static_cast + ; + +/* +case @conversion.kind of + 0 = @simple_conversion // a numeric conversion, qualification conversion, or a reinterpret_cast +| 1 = @bool_conversion // conversion to 'bool' +| 2 = @base_class_conversion // a derived-to-base conversion +| 3 = @derived_class_conversion // a base-to-derived conversion +| 4 = @pm_base_class_conversion // a derived-to-base conversion of a pointer to member +| 5 = @pm_derived_class_conversion // a base-to-derived conversion of a pointer to member +| 6 = @glvalue_adjust // an adjustment of the type of a glvalue +| 7 = @prvalue_adjust // an adjustment of the type of a prvalue +; +*/ +/** + * Describes the semantics represented by a cast expression. This is largely + * independent of the source syntax of the cast, so it is separate from the + * regular expression kind. + */ +conversionkinds( + unique int expr_id: @cast ref, + int kind: int ref +); + +@conversion = @cast + | @array_to_pointer + | @parexpr + | @reference_to + | @ref_indirect + | @temp_init + | @c11_generic + ; + +/* +case @funbindexpr.kind of + 0 = @normal_call // a normal call +| 1 = @virtual_call // a virtual call +| 2 = @adl_call // a call whose target is only found by ADL +; +*/ +iscall( + unique int caller: @funbindexpr ref, + int kind: int ref +); + +numtemplatearguments( + unique int expr_id: @expr ref, + int num: int ref +); + +specialnamequalifyingelements( + unique int id: @specialnamequalifyingelement, + unique string name: string ref +); + +@namequalifiableelement = @expr | @namequalifier; +@namequalifyingelement = @namespace + | @specialnamequalifyingelement + | @usertype; + +namequalifiers( + unique int id: @namequalifier, + unique int qualifiableelement: @namequalifiableelement ref, + int qualifyingelement: @namequalifyingelement ref, + int location: @location ref +); + +varbind( + int expr: @varbindexpr ref, + int var: @accessible ref +); + +funbind( + int expr: @funbindexpr ref, + int fun: @function ref +); + +@any_new_expr = @new_expr + | @new_array_expr; + +@new_or_delete_expr = @any_new_expr + | @delete_expr + | @delete_array_expr; + +@prefix_crement_expr = @preincrexpr | @predecrexpr; + +@postfix_crement_expr = @postincrexpr | @postdecrexpr; + +@increment_expr = @preincrexpr | @postincrexpr; + +@decrement_expr = @predecrexpr | @postdecrexpr; + +@crement_expr = @increment_expr | @decrement_expr; + +@un_arith_op_expr = @arithnegexpr + | @unaryplusexpr + | @conjugation + | @realpartexpr + | @imagpartexpr + | @crement_expr + ; + +@un_bitwise_op_expr = @complementexpr; + +@un_log_op_expr = @notexpr; + +@un_op_expr = @address_of + | @indirect + | @un_arith_op_expr + | @un_bitwise_op_expr + | @builtinaddressof + | @vec_fill + | @un_log_op_expr + | @co_await + | @co_yield + ; + +@bin_log_op_expr = @andlogicalexpr | @orlogicalexpr; + +@cmp_op_expr = @eq_op_expr | @rel_op_expr; + +@eq_op_expr = @eqexpr | @neexpr; + +@rel_op_expr = @gtexpr + | @ltexpr + | @geexpr + | @leexpr + | @spaceshipexpr + ; + +@bin_bitwise_op_expr = @lshiftexpr + | @rshiftexpr + | @andexpr + | @orexpr + | @xorexpr + ; + +@p_arith_op_expr = @paddexpr + | @psubexpr + | @pdiffexpr + ; + +@bin_arith_op_expr = @addexpr + | @subexpr + | @mulexpr + | @divexpr + | @remexpr + | @jmulexpr + | @jdivexpr + | @fjaddexpr + | @jfaddexpr + | @fjsubexpr + | @jfsubexpr + | @minexpr + | @maxexpr + | @p_arith_op_expr + ; + +@bin_op_expr = @bin_arith_op_expr + | @bin_bitwise_op_expr + | @cmp_op_expr + | @bin_log_op_expr + ; + +@op_expr = @un_op_expr + | @bin_op_expr + | @assign_expr + | @conditionalexpr + ; + +@assign_arith_expr = @assignaddexpr + | @assignsubexpr + | @assignmulexpr + | @assigndivexpr + | @assignremexpr + ; + +@assign_bitwise_expr = @assignandexpr + | @assignorexpr + | @assignxorexpr + | @assignlshiftexpr + | @assignrshiftexpr + ; + +@assign_pointer_expr = @assignpaddexpr + | @assignpsubexpr + ; + +@assign_op_expr = @assign_arith_expr + | @assign_bitwise_expr + | @assign_pointer_expr + ; + +@assign_expr = @assignexpr | @assign_op_expr | @blockassignexpr + +/* + Binary encoding of the allocator form. + + case @allocator.form of + 0 = plain + | 1 = alignment + ; +*/ + +/** + * The allocator function associated with a `new` or `new[]` expression. + * The `form` column specified whether the allocation call contains an alignment + * argument. + */ +expr_allocator( + unique int expr: @any_new_expr ref, + int func: @function ref, + int form: int ref +); + +/* + Binary encoding of the deallocator form. + + case @deallocator.form of + 0 = plain + | 1 = size + | 2 = alignment + | 4 = destroying_delete + ; +*/ + +/** + * The deallocator function associated with a `delete`, `delete[]`, `new`, or + * `new[]` expression. For a `new` or `new[]` expression, the deallocator is the + * one used to free memory if the initialization throws an exception. + * The `form` column specifies whether the deallocation call contains a size + * argument, and alignment argument, or both. + */ +expr_deallocator( + unique int expr: @new_or_delete_expr ref, + int func: @function ref, + int form: int ref +); + +/** + * Holds if the `@conditionalexpr` is of the two operand form + * `guard ? : false`. + */ +expr_cond_two_operand( + unique int cond: @conditionalexpr ref +); + +/** + * The guard of `@conditionalexpr` `guard ? true : false` + */ +expr_cond_guard( + unique int cond: @conditionalexpr ref, + int guard: @expr ref +); + +/** + * The expression used when the guard of `@conditionalexpr` + * `guard ? true : false` holds. For the two operand form + * `guard ?: false` consider using `expr_cond_guard` instead. + */ +expr_cond_true( + unique int cond: @conditionalexpr ref, + int true: @expr ref +); + +/** + * The expression used when the guard of `@conditionalexpr` + * `guard ? true : false` does not hold. + */ +expr_cond_false( + unique int cond: @conditionalexpr ref, + int false: @expr ref +); + +/** A string representation of the value. */ +values( + unique int id: @value, + string str: string ref +); + +/** The actual text in the source code for the value, if any. */ +valuetext( + unique int id: @value ref, + string text: string ref +); + +valuebind( + int val: @value ref, + unique int expr: @expr ref +); + +fieldoffsets( + unique int id: @variable ref, + int byteoffset: int ref, + int bitoffset: int ref +); + +bitfield( + unique int id: @variable ref, + int bits: int ref, + int declared_bits: int ref +); + +/* TODO +memberprefix( + int member: @expr ref, + int prefix: @expr ref +); +*/ + +/* + kind(1) = mbrcallexpr + kind(2) = mbrptrcallexpr + kind(3) = mbrptrmbrcallexpr + kind(4) = ptrmbrptrmbrcallexpr + kind(5) = mbrreadexpr // x.y + kind(6) = mbrptrreadexpr // p->y + kind(7) = mbrptrmbrreadexpr // x.*pm + kind(8) = mbrptrmbrptrreadexpr // x->*pm + kind(9) = staticmbrreadexpr // static x.y + kind(10) = staticmbrptrreadexpr // static p->y +*/ +/* TODO +memberaccess( + int member: @expr ref, + int kind: int ref +); +*/ + +initialisers( + unique int init: @initialiser, + int var: @accessible ref, + unique int expr: @expr ref, + int location: @location ref +); + +braced_initialisers( + int init: @initialiser ref +); + +/** + * An ancestor for the expression, for cases in which we cannot + * otherwise find the expression's parent. + */ +expr_ancestor( + int exp: @expr ref, + int ancestor: @element ref +); + +exprs( + unique int id: @expr, + int kind: int ref, + int location: @location ref +); + +expr_reuse( + int reuse: @expr ref, + int original: @expr ref, + int value_category: int ref +) + +/* + case @value.category of + 1 = prval + | 2 = xval + | 3 = lval + ; +*/ +expr_types( + int id: @expr ref, + int typeid: @type ref, + int value_category: int ref +); + +case @expr.kind of + 1 = @errorexpr +| 2 = @address_of // & AddressOfExpr +| 3 = @reference_to // ReferenceToExpr (implicit?) +| 4 = @indirect // * PointerDereferenceExpr +| 5 = @ref_indirect // ReferenceDereferenceExpr (implicit?) +// ... +| 8 = @array_to_pointer // (???) +| 9 = @vacuous_destructor_call // VacuousDestructorCall +// ... +| 11 = @assume // Microsoft +| 12 = @parexpr +| 13 = @arithnegexpr +| 14 = @unaryplusexpr +| 15 = @complementexpr +| 16 = @notexpr +| 17 = @conjugation // GNU ~ operator +| 18 = @realpartexpr // GNU __real +| 19 = @imagpartexpr // GNU __imag +| 20 = @postincrexpr +| 21 = @postdecrexpr +| 22 = @preincrexpr +| 23 = @predecrexpr +| 24 = @conditionalexpr +| 25 = @addexpr +| 26 = @subexpr +| 27 = @mulexpr +| 28 = @divexpr +| 29 = @remexpr +| 30 = @jmulexpr // C99 mul imaginary +| 31 = @jdivexpr // C99 div imaginary +| 32 = @fjaddexpr // C99 add real + imaginary +| 33 = @jfaddexpr // C99 add imaginary + real +| 34 = @fjsubexpr // C99 sub real - imaginary +| 35 = @jfsubexpr // C99 sub imaginary - real +| 36 = @paddexpr // pointer add (pointer + int or int + pointer) +| 37 = @psubexpr // pointer sub (pointer - integer) +| 38 = @pdiffexpr // difference between two pointers +| 39 = @lshiftexpr +| 40 = @rshiftexpr +| 41 = @andexpr +| 42 = @orexpr +| 43 = @xorexpr +| 44 = @eqexpr +| 45 = @neexpr +| 46 = @gtexpr +| 47 = @ltexpr +| 48 = @geexpr +| 49 = @leexpr +| 50 = @minexpr // GNU minimum +| 51 = @maxexpr // GNU maximum +| 52 = @assignexpr +| 53 = @assignaddexpr +| 54 = @assignsubexpr +| 55 = @assignmulexpr +| 56 = @assigndivexpr +| 57 = @assignremexpr +| 58 = @assignlshiftexpr +| 59 = @assignrshiftexpr +| 60 = @assignandexpr +| 61 = @assignorexpr +| 62 = @assignxorexpr +| 63 = @assignpaddexpr // assign pointer add +| 64 = @assignpsubexpr // assign pointer sub +| 65 = @andlogicalexpr +| 66 = @orlogicalexpr +| 67 = @commaexpr +| 68 = @subscriptexpr // access to member of an array, e.g., a[5] +// ... 69 @objc_subscriptexpr deprecated +// ... 70 @cmdaccess deprecated +// ... +| 73 = @virtfunptrexpr +| 74 = @callexpr +// ... 75 @msgexpr_normal deprecated +// ... 76 @msgexpr_super deprecated +// ... 77 @atselectorexpr deprecated +// ... 78 @atprotocolexpr deprecated +| 79 = @vastartexpr +| 80 = @vaargexpr +| 81 = @vaendexpr +| 82 = @vacopyexpr +// ... 83 @atencodeexpr deprecated +| 84 = @varaccess +| 85 = @thisaccess +// ... 86 @objc_box_expr deprecated +| 87 = @new_expr +| 88 = @delete_expr +| 89 = @throw_expr +| 90 = @condition_decl // a variable declared in a condition, e.g., if(int x = y > 2) +| 91 = @braced_init_list +| 92 = @type_id +| 93 = @runtime_sizeof +| 94 = @runtime_alignof +| 95 = @sizeof_pack +| 96 = @expr_stmt // GNU extension +| 97 = @routineexpr +| 98 = @type_operand // used to access a type in certain contexts (haven't found any examples yet....) +| 99 = @offsetofexpr // offsetof ::= type and field +| 100 = @hasassignexpr // __has_assign ::= type +| 101 = @hascopyexpr // __has_copy ::= type +| 102 = @hasnothrowassign // __has_nothrow_assign ::= type +| 103 = @hasnothrowconstr // __has_nothrow_constructor ::= type +| 104 = @hasnothrowcopy // __has_nothrow_copy ::= type +| 105 = @hastrivialassign // __has_trivial_assign ::= type +| 106 = @hastrivialconstr // __has_trivial_constructor ::= type +| 107 = @hastrivialcopy // __has_trivial_copy ::= type +| 108 = @hasuserdestr // __has_user_destructor ::= type +| 109 = @hasvirtualdestr // __has_virtual_destructor ::= type +| 110 = @isabstractexpr // __is_abstract ::= type +| 111 = @isbaseofexpr // __is_base_of ::= type type +| 112 = @isclassexpr // __is_class ::= type +| 113 = @isconvtoexpr // __is_convertible_to ::= type type +| 114 = @isemptyexpr // __is_empty ::= type +| 115 = @isenumexpr // __is_enum ::= type +| 116 = @ispodexpr // __is_pod ::= type +| 117 = @ispolyexpr // __is_polymorphic ::= type +| 118 = @isunionexpr // __is_union ::= type +| 119 = @typescompexpr // GNU __builtin_types_compatible ::= type type +| 120 = @intaddrexpr // frontend internal builtin, used to implement offsetof +// ... +| 122 = @hastrivialdestructor // __has_trivial_destructor ::= type +| 123 = @literal +| 124 = @uuidof +| 127 = @aggregateliteral +| 128 = @delete_array_expr +| 129 = @new_array_expr +// ... 130 @objc_array_literal deprecated +// ... 131 @objc_dictionary_literal deprecated +| 132 = @foldexpr +// ... +| 200 = @ctordirectinit +| 201 = @ctorvirtualinit +| 202 = @ctorfieldinit +| 203 = @ctordelegatinginit +| 204 = @dtordirectdestruct +| 205 = @dtorvirtualdestruct +| 206 = @dtorfielddestruct +// ... +| 210 = @static_cast +| 211 = @reinterpret_cast +| 212 = @const_cast +| 213 = @dynamic_cast +| 214 = @c_style_cast +| 215 = @lambdaexpr +| 216 = @param_ref +| 217 = @noopexpr +// ... +| 294 = @istriviallyconstructibleexpr +| 295 = @isdestructibleexpr +| 296 = @isnothrowdestructibleexpr +| 297 = @istriviallydestructibleexpr +| 298 = @istriviallyassignableexpr +| 299 = @isnothrowassignableexpr +| 300 = @istrivialexpr +| 301 = @isstandardlayoutexpr +| 302 = @istriviallycopyableexpr +| 303 = @isliteraltypeexpr +| 304 = @hastrivialmoveconstructorexpr +| 305 = @hastrivialmoveassignexpr +| 306 = @hasnothrowmoveassignexpr +| 307 = @isconstructibleexpr +| 308 = @isnothrowconstructibleexpr +| 309 = @hasfinalizerexpr +| 310 = @isdelegateexpr +| 311 = @isinterfaceclassexpr +| 312 = @isrefarrayexpr +| 313 = @isrefclassexpr +| 314 = @issealedexpr +| 315 = @issimplevalueclassexpr +| 316 = @isvalueclassexpr +| 317 = @isfinalexpr +| 319 = @noexceptexpr +| 320 = @builtinshufflevector +| 321 = @builtinchooseexpr +| 322 = @builtinaddressof +| 323 = @vec_fill +| 324 = @builtinconvertvector +| 325 = @builtincomplex +| 326 = @spaceshipexpr +| 327 = @co_await +| 328 = @co_yield +| 329 = @temp_init +| 330 = @isassignable +| 331 = @isaggregate +| 332 = @hasuniqueobjectrepresentations +| 333 = @builtinbitcast +| 334 = @builtinshuffle +| 335 = @blockassignexpr +| 336 = @issame +| 337 = @isfunction +| 338 = @islayoutcompatible +| 339 = @ispointerinterconvertiblebaseof +| 340 = @isarray +| 341 = @arrayrank +| 342 = @arrayextent +| 343 = @isarithmetic +| 344 = @iscompletetype +| 345 = @iscompound +| 346 = @isconst +| 347 = @isfloatingpoint +| 348 = @isfundamental +| 349 = @isintegral +| 350 = @islvaluereference +| 351 = @ismemberfunctionpointer +| 352 = @ismemberobjectpointer +| 353 = @ismemberpointer +| 354 = @isobject +| 355 = @ispointer +| 356 = @isreference +| 357 = @isrvaluereference +| 358 = @isscalar +| 359 = @issigned +| 360 = @isunsigned +| 361 = @isvoid +| 362 = @isvolatile +| 363 = @reuseexpr +| 364 = @istriviallycopyassignable +| 365 = @isassignablenopreconditioncheck +| 366 = @referencebindstotemporary +| 367 = @issameas +| 368 = @builtinhasattribute +| 369 = @ispointerinterconvertiblewithclass +| 370 = @builtinispointerinterconvertiblewithclass +| 371 = @iscorrespondingmember +| 372 = @builtiniscorrespondingmember +| 373 = @isboundedarray +| 374 = @isunboundedarray +| 375 = @isreferenceable +| 378 = @isnothrowconvertible +| 379 = @referenceconstructsfromtemporary +| 380 = @referenceconvertsfromtemporary +| 381 = @isconvertible +| 382 = @isvalidwinrttype +| 383 = @iswinclass +| 384 = @iswininterface +| 385 = @istriviallyequalitycomparable +| 386 = @isscopedenum +| 387 = @istriviallyrelocatable +| 388 = @datasizeof +| 389 = @c11_generic +| 390 = @requires_expr +| 391 = @nested_requirement +| 392 = @compound_requirement +| 393 = @concept_id +; + +@var_args_expr = @vastartexpr + | @vaendexpr + | @vaargexpr + | @vacopyexpr + ; + +@builtin_op = @var_args_expr + | @noopexpr + | @offsetofexpr + | @intaddrexpr + | @hasassignexpr + | @hascopyexpr + | @hasnothrowassign + | @hasnothrowconstr + | @hasnothrowcopy + | @hastrivialassign + | @hastrivialconstr + | @hastrivialcopy + | @hastrivialdestructor + | @hasuserdestr + | @hasvirtualdestr + | @isabstractexpr + | @isbaseofexpr + | @isclassexpr + | @isconvtoexpr + | @isemptyexpr + | @isenumexpr + | @ispodexpr + | @ispolyexpr + | @isunionexpr + | @typescompexpr + | @builtinshufflevector + | @builtinconvertvector + | @builtinaddressof + | @istriviallyconstructibleexpr + | @isdestructibleexpr + | @isnothrowdestructibleexpr + | @istriviallydestructibleexpr + | @istriviallyassignableexpr + | @isnothrowassignableexpr + | @istrivialexpr + | @isstandardlayoutexpr + | @istriviallycopyableexpr + | @isliteraltypeexpr + | @hastrivialmoveconstructorexpr + | @hastrivialmoveassignexpr + | @hasnothrowmoveassignexpr + | @isconstructibleexpr + | @isnothrowconstructibleexpr + | @hasfinalizerexpr + | @isdelegateexpr + | @isinterfaceclassexpr + | @isrefarrayexpr + | @isrefclassexpr + | @issealedexpr + | @issimplevalueclassexpr + | @isvalueclassexpr + | @isfinalexpr + | @builtinchooseexpr + | @builtincomplex + | @isassignable + | @isaggregate + | @hasuniqueobjectrepresentations + | @builtinbitcast + | @builtinshuffle + | @issame + | @isfunction + | @islayoutcompatible + | @ispointerinterconvertiblebaseof + | @isarray + | @arrayrank + | @arrayextent + | @isarithmetic + | @iscompletetype + | @iscompound + | @isconst + | @isfloatingpoint + | @isfundamental + | @isintegral + | @islvaluereference + | @ismemberfunctionpointer + | @ismemberobjectpointer + | @ismemberpointer + | @isobject + | @ispointer + | @isreference + | @isrvaluereference + | @isscalar + | @issigned + | @isunsigned + | @isvoid + | @isvolatile + | @istriviallycopyassignable + | @isassignablenopreconditioncheck + | @referencebindstotemporary + | @issameas + | @builtinhasattribute + | @ispointerinterconvertiblewithclass + | @builtinispointerinterconvertiblewithclass + | @iscorrespondingmember + | @builtiniscorrespondingmember + | @isboundedarray + | @isunboundedarray + | @isreferenceable + | @isnothrowconvertible + | @referenceconstructsfromtemporary + | @referenceconvertsfromtemporary + | @isconvertible + | @isvalidwinrttype + | @iswinclass + | @iswininterface + | @istriviallyequalitycomparable + | @isscopedenum + | @istriviallyrelocatable + ; + +compound_requirement_is_noexcept( + int expr: @compound_requirement ref +); + +new_allocated_type( + unique int expr: @new_expr ref, + int type_id: @type ref +); + +new_array_allocated_type( + unique int expr: @new_array_expr ref, + int type_id: @type ref +); + +/** + * The field being initialized by an initializer expression within an aggregate + * initializer for a class/struct/union. Position is used to sort repeated initializers. + */ +#keyset[aggregate, position] +aggregate_field_init( + int aggregate: @aggregateliteral ref, + int initializer: @expr ref, + int field: @membervariable ref, + int position: int ref, + boolean is_designated: boolean ref +); + +/** + * The index of the element being initialized by an initializer expression + * within an aggregate initializer for an array. Position is used to sort repeated initializers. + */ +#keyset[aggregate, position] +aggregate_array_init( + int aggregate: @aggregateliteral ref, + int initializer: @expr ref, + int element_index: int ref, + int position: int ref, + boolean is_designated: boolean ref +); + +@ctorinit = @ctordirectinit + | @ctorvirtualinit + | @ctorfieldinit + | @ctordelegatinginit; +@dtordestruct = @dtordirectdestruct + | @dtorvirtualdestruct + | @dtorfielddestruct; + + +condition_decl_bind( + unique int expr: @condition_decl ref, + unique int decl: @declaration ref +); + +typeid_bind( + unique int expr: @type_id ref, + int type_id: @type ref +); + +uuidof_bind( + unique int expr: @uuidof ref, + int type_id: @type ref +); + +@sizeof_or_alignof = @runtime_sizeof | @runtime_alignof | @datasizeof | @sizeof_pack; + +sizeof_bind( + unique int expr: @sizeof_or_alignof ref, + int type_id: @type ref +); + +code_block( + unique int block: @literal ref, + unique int routine: @function ref +); + +lambdas( + unique int expr: @lambdaexpr ref, + string default_capture: string ref, + boolean has_explicit_return_type: boolean ref, + boolean has_explicit_parameter_list: boolean ref +); + +lambda_capture( + unique int id: @lambdacapture, + int lambda: @lambdaexpr ref, + int index: int ref, + int field: @membervariable ref, + boolean captured_by_reference: boolean ref, + boolean is_implicit: boolean ref, + int location: @location ref +); + +@funbindexpr = @routineexpr + | @new_expr + | @delete_expr + | @delete_array_expr + | @ctordirectinit + | @ctorvirtualinit + | @ctordelegatinginit + | @dtordirectdestruct + | @dtorvirtualdestruct; + +@varbindexpr = @varaccess | @ctorfieldinit | @dtorfielddestruct; +@addressable = @function | @variable ; +@accessible = @addressable | @enumconstant ; + +@access = @varaccess | @routineexpr ; + +fold( + int expr: @foldexpr ref, + string operator: string ref, + boolean is_left_fold: boolean ref +); + +stmts( + unique int id: @stmt, + int kind: int ref, + int location: @location ref +); + +case @stmt.kind of + 1 = @stmt_expr +| 2 = @stmt_if +| 3 = @stmt_while +| 4 = @stmt_goto +| 5 = @stmt_label +| 6 = @stmt_return +| 7 = @stmt_block +| 8 = @stmt_end_test_while // do { ... } while ( ... ) +| 9 = @stmt_for +| 10 = @stmt_switch_case +| 11 = @stmt_switch +| 13 = @stmt_asm // "asm" statement or the body of an asm function +| 15 = @stmt_try_block +| 16 = @stmt_microsoft_try // Microsoft +| 17 = @stmt_decl +| 18 = @stmt_set_vla_size // C99 +| 19 = @stmt_vla_decl // C99 +| 25 = @stmt_assigned_goto // GNU +| 26 = @stmt_empty +| 27 = @stmt_continue +| 28 = @stmt_break +| 29 = @stmt_range_based_for // C++11 +// ... 30 @stmt_at_autoreleasepool_block deprecated +// ... 31 @stmt_objc_for_in deprecated +// ... 32 @stmt_at_synchronized deprecated +| 33 = @stmt_handler +// ... 34 @stmt_finally_end deprecated +| 35 = @stmt_constexpr_if +| 37 = @stmt_co_return +| 38 = @stmt_consteval_if +| 39 = @stmt_not_consteval_if +| 40 = @stmt_leave +; + +type_vla( + int type_id: @type ref, + int decl: @stmt_vla_decl ref +); + +variable_vla( + int var: @variable ref, + int decl: @stmt_vla_decl ref +); + +type_is_vla(unique int type_id: @derivedtype ref) + +if_initialization( + unique int if_stmt: @stmt_if ref, + int init_id: @stmt ref +); + +if_then( + unique int if_stmt: @stmt_if ref, + int then_id: @stmt ref +); + +if_else( + unique int if_stmt: @stmt_if ref, + int else_id: @stmt ref +); + +constexpr_if_initialization( + unique int constexpr_if_stmt: @stmt_constexpr_if ref, + int init_id: @stmt ref +); + +constexpr_if_then( + unique int constexpr_if_stmt: @stmt_constexpr_if ref, + int then_id: @stmt ref +); + +constexpr_if_else( + unique int constexpr_if_stmt: @stmt_constexpr_if ref, + int else_id: @stmt ref +); + +@stmt_consteval_or_not_consteval_if = @stmt_consteval_if | @stmt_not_consteval_if; + +consteval_if_then( + unique int constexpr_if_stmt: @stmt_consteval_or_not_consteval_if ref, + int then_id: @stmt ref +); + +consteval_if_else( + unique int constexpr_if_stmt: @stmt_consteval_or_not_consteval_if ref, + int else_id: @stmt ref +); + +while_body( + unique int while_stmt: @stmt_while ref, + int body_id: @stmt ref +); + +do_body( + unique int do_stmt: @stmt_end_test_while ref, + int body_id: @stmt ref +); + +switch_initialization( + unique int switch_stmt: @stmt_switch ref, + int init_id: @stmt ref +); + +#keyset[switch_stmt, index] +switch_case( + int switch_stmt: @stmt_switch ref, + int index: int ref, + int case_id: @stmt_switch_case ref +); + +switch_body( + unique int switch_stmt: @stmt_switch ref, + int body_id: @stmt ref +); + +@stmt_for_or_range_based_for = @stmt_for + | @stmt_range_based_for; + +for_initialization( + unique int for_stmt: @stmt_for_or_range_based_for ref, + int init_id: @stmt ref +); + +for_condition( + unique int for_stmt: @stmt_for ref, + int condition_id: @expr ref +); + +for_update( + unique int for_stmt: @stmt_for ref, + int update_id: @expr ref +); + +for_body( + unique int for_stmt: @stmt_for ref, + int body_id: @stmt ref +); + +@stmtparent = @stmt | @expr_stmt ; +stmtparents( + unique int id: @stmt ref, + int index: int ref, + int parent: @stmtparent ref +); + +ishandler(unique int block: @stmt_block ref); + +@cfgnode = @stmt | @expr | @function | @initialiser ; + +stmt_decl_bind( + int stmt: @stmt_decl ref, + int num: int ref, + int decl: @declaration ref +); + +stmt_decl_entry_bind( + int stmt: @stmt_decl ref, + int num: int ref, + int decl_entry: @element ref +); + +@parameterized_element = @function | @stmt_block | @requires_expr; + +blockscope( + unique int block: @stmt_block ref, + int enclosing: @parameterized_element ref +); + +@jump = @stmt_goto | @stmt_break | @stmt_continue | @stmt_leave; + +@jumporlabel = @jump | @stmt_label | @literal; + +jumpinfo( + unique int id: @jumporlabel ref, + string str: string ref, + int target: @stmt ref +); + +preprocdirects( + unique int id: @preprocdirect, + int kind: int ref, + int location: @location ref +); +case @preprocdirect.kind of + 0 = @ppd_if +| 1 = @ppd_ifdef +| 2 = @ppd_ifndef +| 3 = @ppd_elif +| 4 = @ppd_else +| 5 = @ppd_endif +| 6 = @ppd_plain_include +| 7 = @ppd_define +| 8 = @ppd_undef +| 9 = @ppd_line +| 10 = @ppd_error +| 11 = @ppd_pragma +| 12 = @ppd_objc_import +| 13 = @ppd_include_next +| 14 = @ppd_ms_import +| 15 = @ppd_elifdef +| 16 = @ppd_elifndef +| 18 = @ppd_warning +; + +@ppd_include = @ppd_plain_include | @ppd_objc_import | @ppd_include_next | @ppd_ms_import; + +@ppd_branch = @ppd_if | @ppd_ifdef | @ppd_ifndef | @ppd_elif | @ppd_elifdef | @ppd_elifndef; + +preprocpair( + int begin : @ppd_branch ref, + int elseelifend : @preprocdirect ref +); + +preproctrue(int branch : @ppd_branch ref); +preprocfalse(int branch : @ppd_branch ref); + +preproctext( + unique int id: @preprocdirect ref, + string head: string ref, + string body: string ref +); + +includes( + unique int id: @ppd_include ref, + int included: @file ref +); + +link_targets( + int id: @link_target, + int binary: @file ref +); + +link_parent( + int element : @element ref, + int link_target : @link_target ref +); + +/* XML Files */ + +xmlEncoding(unique int id: @file ref, string encoding: string ref); + +xmlDTDs( + unique int id: @xmldtd, + string root: string ref, + string publicId: string ref, + string systemId: string ref, + int fileid: @file ref +); + +xmlElements( + unique int id: @xmlelement, + string name: string ref, + int parentid: @xmlparent ref, + int idx: int ref, + int fileid: @file ref +); + +xmlAttrs( + unique int id: @xmlattribute, + int elementid: @xmlelement ref, + string name: string ref, + string value: string ref, + int idx: int ref, + int fileid: @file ref +); + +xmlNs( + int id: @xmlnamespace, + string prefixName: string ref, + string URI: string ref, + int fileid: @file ref +); + +xmlHasNs( + int elementId: @xmlnamespaceable ref, + int nsId: @xmlnamespace ref, + int fileid: @file ref +); + +xmlComments( + unique int id: @xmlcomment, + string text: string ref, + int parentid: @xmlparent ref, + int fileid: @file ref +); + +xmlChars( + unique int id: @xmlcharacters, + string text: string ref, + int parentid: @xmlparent ref, + int idx: int ref, + int isCDATA: int ref, + int fileid: @file ref +); + +@xmlparent = @file | @xmlelement; +@xmlnamespaceable = @xmlelement | @xmlattribute; + +xmllocations( + int xmlElement: @xmllocatable ref, + int location: @location_default ref +); + +@xmllocatable = @xmlcharacters + | @xmlelement + | @xmlcomment + | @xmlattribute + | @xmldtd + | @file + | @xmlnamespace; diff --git a/cpp/downgrades/e70d0b653187b93d9688f21c9db46bb1cd46ab78/semmlecode.cpp.dbscheme b/cpp/downgrades/e70d0b653187b93d9688f21c9db46bb1cd46ab78/semmlecode.cpp.dbscheme new file mode 100644 index 00000000000..7bc12b02a43 --- /dev/null +++ b/cpp/downgrades/e70d0b653187b93d9688f21c9db46bb1cd46ab78/semmlecode.cpp.dbscheme @@ -0,0 +1,2509 @@ + +/** + * An invocation of the compiler. Note that more than one file may be + * compiled per invocation. For example, this command compiles three + * source files: + * + * gcc -c f1.c f2.c f3.c + * + * The `id` simply identifies the invocation, while `cwd` is the working + * directory from which the compiler was invoked. + */ +compilations( + /** + * An invocation of the compiler. Note that more than one file may + * be compiled per invocation. For example, this command compiles + * three source files: + * + * gcc -c f1.c f2.c f3.c + */ + unique int id : @compilation, + string cwd : string ref +); + +/** + * The arguments that were passed to the extractor for a compiler + * invocation. If `id` is for the compiler invocation + * + * gcc -c f1.c f2.c f3.c + * + * then typically there will be rows for + * + * num | arg + * --- | --- + * 0 | *path to extractor* + * 1 | `--mimic` + * 2 | `/usr/bin/gcc` + * 3 | `-c` + * 4 | f1.c + * 5 | f2.c + * 6 | f3.c + */ +#keyset[id, num] +compilation_args( + int id : @compilation ref, + int num : int ref, + string arg : string ref +); + +/** + * Optionally, record the build mode for each compilation. + */ +compilation_build_mode( + unique int id : @compilation ref, + int mode : int ref +); + +/* +case @compilation_build_mode.mode of + 0 = @build_mode_none +| 1 = @build_mode_manual +| 2 = @build_mode_auto +; +*/ + +/** + * The source files that are compiled by a compiler invocation. + * If `id` is for the compiler invocation + * + * gcc -c f1.c f2.c f3.c + * + * then there will be rows for + * + * num | arg + * --- | --- + * 0 | f1.c + * 1 | f2.c + * 2 | f3.c + * + * Note that even if those files `#include` headers, those headers + * do not appear as rows. + */ +#keyset[id, num] +compilation_compiling_files( + int id : @compilation ref, + int num : int ref, + int file : @file ref +); + +/** + * The time taken by the extractor for a compiler invocation. + * + * For each file `num`, there will be rows for + * + * kind | seconds + * ---- | --- + * 1 | CPU seconds used by the extractor frontend + * 2 | Elapsed seconds during the extractor frontend + * 3 | CPU seconds used by the extractor backend + * 4 | Elapsed seconds during the extractor backend + */ +#keyset[id, num, kind] +compilation_time( + int id : @compilation ref, + int num : int ref, + /* kind: + 1 = frontend_cpu_seconds + 2 = frontend_elapsed_seconds + 3 = extractor_cpu_seconds + 4 = extractor_elapsed_seconds + */ + int kind : int ref, + float seconds : float ref +); + +/** + * An error or warning generated by the extractor. + * The diagnostic message `diagnostic` was generated during compiler + * invocation `compilation`, and is the `file_number_diagnostic_number`th + * message generated while extracting the `file_number`th file of that + * invocation. + */ +#keyset[compilation, file_number, file_number_diagnostic_number] +diagnostic_for( + int diagnostic : @diagnostic ref, + int compilation : @compilation ref, + int file_number : int ref, + int file_number_diagnostic_number : int ref +); + +/** + * If extraction was successful, then `cpu_seconds` and + * `elapsed_seconds` are the CPU time and elapsed time (respectively) + * that extraction took for compiler invocation `id`. + */ +compilation_finished( + unique int id : @compilation ref, + float cpu_seconds : float ref, + float elapsed_seconds : float ref +); + + +/** + * External data, loaded from CSV files during snapshot creation. See + * [Tutorial: Incorporating external data](https://help.semmle.com/wiki/display/SD/Tutorial%3A+Incorporating+external+data) + * for more information. + */ +externalData( + int id : @externalDataElement, + string path : string ref, + int column: int ref, + string value : string ref +); + +/** + * The source location of the snapshot. + */ +sourceLocationPrefix(string prefix : string ref); + +/** + * Information about packages that provide code used during compilation. + * The `id` is just a unique identifier. + * The `namespace` is typically the name of the package manager that + * provided the package (e.g. "dpkg" or "yum"). + * The `package_name` is the name of the package, and `version` is its + * version (as a string). + */ +external_packages( + unique int id: @external_package, + string namespace : string ref, + string package_name : string ref, + string version : string ref +); + +/** + * Holds if File `fileid` was provided by package `package`. + */ +header_to_external_package( + int fileid : @file ref, + int package : @external_package ref +); + +/* + * Version history + */ + +svnentries( + unique int id : @svnentry, + string revision : string ref, + string author : string ref, + date revisionDate : date ref, + int changeSize : int ref +) + +svnaffectedfiles( + int id : @svnentry ref, + int file : @file ref, + string action : string ref +) + +svnentrymsg( + unique int id : @svnentry ref, + string message : string ref +) + +svnchurn( + int commit : @svnentry ref, + int file : @file ref, + int addedLines : int ref, + int deletedLines : int ref +) + +/* + * C++ dbscheme + */ + +extractor_version( + string codeql_version: string ref, + string frontend_version: string ref +) + +@location = @location_stmt | @location_expr | @location_default ; + +/** + * The location of an element that is not an expression or a statement. + * The location spans column `startcolumn` of line `startline` to + * column `endcolumn` of line `endline` in file `file`. + * For more information, see + * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). + */ +locations_default( + /** The location of an element that is not an expression or a statement. */ + unique int id: @location_default, + int container: @container ref, + int startLine: int ref, + int startColumn: int ref, + int endLine: int ref, + int endColumn: int ref +); + +/** + * The location of a statement. + * The location spans column `startcolumn` of line `startline` to + * column `endcolumn` of line `endline` in file `file`. + * For more information, see + * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). + */ +locations_stmt( + /** The location of a statement. */ + unique int id: @location_stmt, + int container: @container ref, + int startLine: int ref, + int startColumn: int ref, + int endLine: int ref, + int endColumn: int ref +); + +/** + * The location of an expression. + * The location spans column `startcolumn` of line `startline` to + * column `endcolumn` of line `endline` in file `file`. + * For more information, see + * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). + */ +locations_expr( + /** The location of an expression. */ + unique int id: @location_expr, + int container: @container ref, + int startLine: int ref, + int startColumn: int ref, + int endLine: int ref, + int endColumn: int ref +); + +/** An element for which line-count information is available. */ +@sourceline = @file | @function | @variable | @enumconstant | @xmllocatable; + +numlines( + int element_id: @sourceline ref, + int num_lines: int ref, + int num_code: int ref, + int num_comment: int ref +); + +diagnostics( + unique int id: @diagnostic, + int severity: int ref, + string error_tag: string ref, + string error_message: string ref, + string full_error_message: string ref, + int location: @location_default ref +); + +files( + unique int id: @file, + string name: string ref +); + +folders( + unique int id: @folder, + string name: string ref +); + +@container = @folder | @file + +containerparent( + int parent: @container ref, + unique int child: @container ref +); + +fileannotations( + int id: @file ref, + int kind: int ref, + string name: string ref, + string value: string ref +); + +inmacroexpansion( + int id: @element ref, + int inv: @macroinvocation ref +); + +affectedbymacroexpansion( + int id: @element ref, + int inv: @macroinvocation ref +); + +case @macroinvocation.kind of + 1 = @macro_expansion +| 2 = @other_macro_reference +; + +macroinvocations( + unique int id: @macroinvocation, + int macro_id: @ppd_define ref, + int location: @location_default ref, + int kind: int ref +); + +macroparent( + unique int id: @macroinvocation ref, + int parent_id: @macroinvocation ref +); + +// a macroinvocation may be part of another location +// the way to find a constant expression that uses a macro +// is thus to find a constant expression that has a location +// to which a macro invocation is bound +macrolocationbind( + int id: @macroinvocation ref, + int location: @location ref +); + +#keyset[invocation, argument_index] +macro_argument_unexpanded( + int invocation: @macroinvocation ref, + int argument_index: int ref, + string text: string ref +); + +#keyset[invocation, argument_index] +macro_argument_expanded( + int invocation: @macroinvocation ref, + int argument_index: int ref, + string text: string ref +); + +/* +case @function.kind of + 1 = @normal_function +| 2 = @constructor +| 3 = @destructor +| 4 = @conversion_function +| 5 = @operator +| 6 = @builtin_function // GCC built-in functions, e.g. __builtin___memcpy_chk +| 7 = @user_defined_literal +| 8 = @deduction_guide +; +*/ + +functions( + unique int id: @function, + string name: string ref, + int kind: int ref +); + +function_entry_point( + int id: @function ref, + unique int entry_point: @stmt ref +); + +function_return_type( + int id: @function ref, + int return_type: @type ref +); + +/** + * If `function` is a coroutine, then this gives the `std::experimental::resumable_traits` + * instance associated with it, and the variables representing the `handle` and `promise` + * for it. + */ +coroutine( + unique int function: @function ref, + int traits: @type ref +); + +/* +case @coroutine_placeholder_variable.kind of + 1 = @handle +| 2 = @promise +| 3 = @init_await_resume +; +*/ + +coroutine_placeholder_variable( + unique int placeholder_variable: @variable ref, + int kind: int ref, + int function: @function ref +) + +/** The `new` function used for allocating the coroutine state, if any. */ +coroutine_new( + unique int function: @function ref, + int new: @function ref +); + +/** The `delete` function used for deallocating the coroutine state, if any. */ +coroutine_delete( + unique int function: @function ref, + int delete: @function ref +); + +purefunctions(unique int id: @function ref); + +function_deleted(unique int id: @function ref); + +function_defaulted(unique int id: @function ref); + +function_prototyped(unique int id: @function ref) + +deduction_guide_for_class( + int id: @function ref, + int class_template: @usertype ref +) + +member_function_this_type( + unique int id: @function ref, + int this_type: @type ref +); + +#keyset[id, type_id] +fun_decls( + int id: @fun_decl, + int function: @function ref, + int type_id: @type ref, + string name: string ref, + int location: @location_default ref +); +fun_def(unique int id: @fun_decl ref); +fun_specialized(unique int id: @fun_decl ref); +fun_implicit(unique int id: @fun_decl ref); +fun_decl_specifiers( + int id: @fun_decl ref, + string name: string ref +) +#keyset[fun_decl, index] +fun_decl_throws( + int fun_decl: @fun_decl ref, + int index: int ref, + int type_id: @type ref +); +/* an empty throw specification is different from none */ +fun_decl_empty_throws(unique int fun_decl: @fun_decl ref); +fun_decl_noexcept( + int fun_decl: @fun_decl ref, + int constant: @expr ref +); +fun_decl_empty_noexcept(int fun_decl: @fun_decl ref); +fun_decl_typedef_type( + unique int fun_decl: @fun_decl ref, + int typedeftype_id: @usertype ref +); + +/* +case @fun_requires.kind of + 1 = @template_attached +| 2 = @function_attached +; +*/ + +fun_requires( + int id: @fun_decl ref, + int kind: int ref, + int constraint: @expr ref +); + +param_decl_bind( + unique int id: @var_decl ref, + int index: int ref, + int fun_decl: @fun_decl ref +); + +#keyset[id, type_id] +var_decls( + int id: @var_decl, + int variable: @variable ref, + int type_id: @type ref, + string name: string ref, + int location: @location_default ref +); +var_def(unique int id: @var_decl ref); +var_specialized(int id: @var_decl ref); +var_decl_specifiers( + int id: @var_decl ref, + string name: string ref +) +is_structured_binding(unique int id: @variable ref); +var_requires( + int id: @var_decl ref, + int constraint: @expr ref +); + +type_decls( + unique int id: @type_decl, + int type_id: @type ref, + int location: @location_default ref +); +type_def(unique int id: @type_decl ref); +type_decl_top( + unique int type_decl: @type_decl ref +); +type_requires( + int id: @type_decl ref, + int constraint: @expr ref +); + +namespace_decls( + unique int id: @namespace_decl, + int namespace_id: @namespace ref, + int location: @location_default ref, + int bodylocation: @location_default ref +); + +case @using.kind of + 1 = @using_declaration +| 2 = @using_directive +| 3 = @using_enum_declaration +; + +usings( + unique int id: @using, + int element_id: @element ref, + int location: @location_default ref, + int kind: int ref +); + +/** The element which contains the `using` declaration. */ +using_container( + int parent: @element ref, + int child: @using ref +); + +static_asserts( + unique int id: @static_assert, + int condition : @expr ref, + string message : string ref, + int location: @location_default ref, + int enclosing : @element ref +); + +// each function has an ordered list of parameters +#keyset[id, type_id] +#keyset[function, index, type_id] +params( + int id: @parameter, + int function: @parameterized_element ref, + int index: int ref, + int type_id: @type ref +); + +overrides( + int new: @function ref, + int old: @function ref +); + +#keyset[id, type_id] +membervariables( + int id: @membervariable, + int type_id: @type ref, + string name: string ref +); + +#keyset[id, type_id] +globalvariables( + int id: @globalvariable, + int type_id: @type ref, + string name: string ref +); + +#keyset[id, type_id] +localvariables( + int id: @localvariable, + int type_id: @type ref, + string name: string ref +); + +autoderivation( + unique int var: @variable ref, + int derivation_type: @type ref +); + +orphaned_variables( + int var: @localvariable ref, + int function: @function ref +) + +enumconstants( + unique int id: @enumconstant, + int parent: @usertype ref, + int index: int ref, + int type_id: @type ref, + string name: string ref, + int location: @location_default ref +); + +@variable = @localscopevariable | @globalvariable | @membervariable; + +@localscopevariable = @localvariable | @parameter; + +/** + * Built-in types are the fundamental types, e.g., integral, floating, and void. + */ +case @builtintype.kind of + 1 = @errortype +| 2 = @unknowntype +| 3 = @void +| 4 = @boolean +| 5 = @char +| 6 = @unsigned_char +| 7 = @signed_char +| 8 = @short +| 9 = @unsigned_short +| 10 = @signed_short +| 11 = @int +| 12 = @unsigned_int +| 13 = @signed_int +| 14 = @long +| 15 = @unsigned_long +| 16 = @signed_long +| 17 = @long_long +| 18 = @unsigned_long_long +| 19 = @signed_long_long +// ... 20 Microsoft-specific __int8 +// ... 21 Microsoft-specific __int16 +// ... 22 Microsoft-specific __int32 +// ... 23 Microsoft-specific __int64 +| 24 = @float +| 25 = @double +| 26 = @long_double +| 27 = @complex_float // C99-specific _Complex float +| 28 = @complex_double // C99-specific _Complex double +| 29 = @complex_long_double // C99-specific _Complex long double +| 30 = @imaginary_float // C99-specific _Imaginary float +| 31 = @imaginary_double // C99-specific _Imaginary double +| 32 = @imaginary_long_double // C99-specific _Imaginary long double +| 33 = @wchar_t // Microsoft-specific +| 34 = @decltype_nullptr // C++11 +| 35 = @int128 // __int128 +| 36 = @unsigned_int128 // unsigned __int128 +| 37 = @signed_int128 // signed __int128 +| 38 = @float128 // __float128 +| 39 = @complex_float128 // _Complex __float128 +| 40 = @decimal32 // _Decimal32 +| 41 = @decimal64 // _Decimal64 +| 42 = @decimal128 // _Decimal128 +| 43 = @char16_t +| 44 = @char32_t +| 45 = @std_float32 // _Float32 +| 46 = @float32x // _Float32x +| 47 = @std_float64 // _Float64 +| 48 = @float64x // _Float64x +| 49 = @std_float128 // _Float128 +// ... 50 _Float128x +| 51 = @char8_t +| 52 = @float16 // _Float16 +| 53 = @complex_float16 // _Complex _Float16 +| 54 = @fp16 // __fp16 +| 55 = @std_bfloat16 // __bf16 +| 56 = @std_float16 // std::float16_t +| 57 = @complex_std_float32 // _Complex _Float32 +| 58 = @complex_float32x // _Complex _Float32x +| 59 = @complex_std_float64 // _Complex _Float64 +| 60 = @complex_float64x // _Complex _Float64x +| 61 = @complex_std_float128 // _Complex _Float128 +| 62 = @mfp8 // __mfp8 +| 63 = @scalable_vector_count // __SVCount_t +| 64 = @complex_fp16 // _Complex __fp16 +| 65 = @complex_std_bfloat16 // _Complex __bf16 +| 66 = @complex_std_float16 // _Complex std::float16_t +; + +builtintypes( + unique int id: @builtintype, + string name: string ref, + int kind: int ref, + int size: int ref, + int sign: int ref, + int alignment: int ref +); + +/** + * Derived types are types that are directly derived from existing types and + * point to, refer to, transform type data to return a new type. + */ +case @derivedtype.kind of + 1 = @pointer +| 2 = @reference +| 3 = @type_with_specifiers +| 4 = @array +| 5 = @gnu_vector +| 6 = @routineptr +| 7 = @routinereference +| 8 = @rvalue_reference // C++11 +// ... 9 type_conforming_to_protocols deprecated +| 10 = @block +| 11 = @scalable_vector // Arm SVE +; + +derivedtypes( + unique int id: @derivedtype, + string name: string ref, + int kind: int ref, + int type_id: @type ref +); + +pointerishsize(unique int id: @derivedtype ref, + int size: int ref, + int alignment: int ref); + +arraysizes( + unique int id: @derivedtype ref, + int num_elements: int ref, + int bytesize: int ref, + int alignment: int ref +); + +tupleelements( + unique int id: @derivedtype ref, + int num_elements: int ref +); + +typedefbase( + unique int id: @usertype ref, + int type_id: @type ref +); + +/** + * An instance of the C++11 `decltype` operator or C23 `typeof`/`typeof_unqual` + * operator taking an expression as its argument. For example: + * ``` + * int a; + * decltype(1+a) b; + * typeof(1+a) c; + * ``` + * Here `expr` is `1+a`. + * + * Sometimes an additional pair of parentheses around the expression + * changes the semantics of the decltype, e.g. + * ``` + * struct A { double x; }; + * const A* a = new A(); + * decltype( a->x ); // type is double + * decltype((a->x)); // type is const double& + * ``` + * (Please consult the C++11 standard for more details). + * `parentheses_would_change_meaning` is `true` iff that is the case. + */ + +/* +case @decltype.kind of +| 0 = @decltype +| 1 = @typeof // The frontend does not differentiate between typeof and typeof_unqual +; +*/ + +#keyset[id, expr] +decltypes( + int id: @decltype, + int expr: @expr ref, + int kind: int ref, + int base_type: @type ref, + boolean parentheses_would_change_meaning: boolean ref +); + +/* +case @type_operator.kind of +| 0 = @typeof // The frontend does not differentiate between typeof and typeof_unqual +| 1 = @underlying_type +| 2 = @bases +| 3 = @direct_bases +| 4 = @add_lvalue_reference +| 5 = @add_pointer +| 6 = @add_rvalue_reference +| 7 = @decay +| 8 = @make_signed +| 9 = @make_unsigned +| 10 = @remove_all_extents +| 11 = @remove_const +| 12 = @remove_cv +| 13 = @remove_cvref +| 14 = @remove_extent +| 15 = @remove_pointer +| 16 = @remove_reference_t +| 17 = @remove_restrict +| 18 = @remove_volatile +| 19 = @remove_reference +; +*/ + +type_operators( + unique int id: @type_operator, + int arg_type: @type ref, + int kind: int ref, + int base_type: @type ref +) + +/* +case @usertype.kind of +| 0 = @unknown_usertype +| 1 = @struct +| 2 = @class +| 3 = @union +| 4 = @enum +// ... 5 = @typedef deprecated // classic C: typedef typedef type name +// ... 6 = @template deprecated +| 7 = @template_parameter +| 8 = @template_template_parameter +| 9 = @proxy_class // a proxy class associated with a template parameter +// ... 10 objc_class deprecated +// ... 11 objc_protocol deprecated +// ... 12 objc_category deprecated +| 13 = @scoped_enum +// ... 14 = @using_alias deprecated // a using name = type style typedef +| 15 = @template_struct +| 16 = @template_class +| 17 = @template_union +| 18 = @alias +; +*/ + +usertypes( + unique int id: @usertype, + string name: string ref, + int kind: int ref +); + +usertypesize( + unique int id: @usertype ref, + int size: int ref, + int alignment: int ref +); + +usertype_final(unique int id: @usertype ref); + +usertype_uuid( + unique int id: @usertype ref, + string uuid: string ref +); + +/* +case @usertype.alias_kind of +| 0 = @typedef +| 1 = @alias +*/ + +usertype_alias_kind( + int id: @usertype ref, + int alias_kind: int ref +) + +nontype_template_parameters( + int id: @expr ref +); + +type_template_type_constraint( + int id: @usertype ref, + int constraint: @expr ref +); + +mangled_name( + unique int id: @declaration ref, + int mangled_name : @mangledname, + boolean is_complete: boolean ref +); + +is_pod_class(unique int id: @usertype ref); +is_standard_layout_class(unique int id: @usertype ref); + +is_complete(unique int id: @usertype ref); + +is_class_template(unique int id: @usertype ref); +class_instantiation( + int to: @usertype ref, + int from: @usertype ref +); +class_template_argument( + int type_id: @usertype ref, + int index: int ref, + int arg_type: @type ref +); +class_template_argument_value( + int type_id: @usertype ref, + int index: int ref, + int arg_value: @expr ref +); + +@user_or_decltype = @usertype | @decltype; + +is_proxy_class_for( + unique int id: @usertype ref, + int templ_param_id: @user_or_decltype ref +); + +type_mentions( + unique int id: @type_mention, + int type_id: @type ref, + int location: @location ref, + // a_symbol_reference_kind from the frontend. + int kind: int ref +); + +is_function_template(unique int id: @function ref); +function_instantiation( + unique int to: @function ref, + int from: @function ref +); +function_template_argument( + int function_id: @function ref, + int index: int ref, + int arg_type: @type ref +); +function_template_argument_value( + int function_id: @function ref, + int index: int ref, + int arg_value: @expr ref +); + +is_variable_template(unique int id: @variable ref); +variable_instantiation( + unique int to: @variable ref, + int from: @variable ref +); +variable_template_argument( + int variable_id: @variable ref, + int index: int ref, + int arg_type: @type ref +); +variable_template_argument_value( + int variable_id: @variable ref, + int index: int ref, + int arg_value: @expr ref +); + +template_template_instantiation( + int to: @usertype ref, + int from: @usertype ref +); +template_template_argument( + int type_id: @usertype ref, + int index: int ref, + int arg_type: @type ref +); +template_template_argument_value( + int type_id: @usertype ref, + int index: int ref, + int arg_value: @expr ref +); + +@concept = @concept_template | @concept_id; + +concept_templates( + unique int concept_id: @concept_template, + string name: string ref, + int location: @location_default ref +); +concept_instantiation( + unique int to: @concept_id ref, + int from: @concept_template ref +); +is_type_constraint(int concept_id: @concept_id ref); +concept_template_argument( + int concept_id: @concept ref, + int index: int ref, + int arg_type: @type ref +); +concept_template_argument_value( + int concept_id: @concept ref, + int index: int ref, + int arg_value: @expr ref +); + +routinetypes( + unique int id: @routinetype, + int return_type: @type ref +); + +routinetypeargs( + int routine: @routinetype ref, + int index: int ref, + int type_id: @type ref +); + +ptrtomembers( + unique int id: @ptrtomember, + int type_id: @type ref, + int class_id: @type ref +); + +/* + specifiers for types, functions, and variables + + "public", + "protected", + "private", + + "const", + "volatile", + "static", + + "pure", + "virtual", + "sealed", // Microsoft + "__interface", // Microsoft + "inline", + "explicit", + + "near", // near far extension + "far", // near far extension + "__ptr32", // Microsoft + "__ptr64", // Microsoft + "__sptr", // Microsoft + "__uptr", // Microsoft + "dllimport", // Microsoft + "dllexport", // Microsoft + "thread", // Microsoft + "naked", // Microsoft + "microsoft_inline", // Microsoft + "forceinline", // Microsoft + "selectany", // Microsoft + "nothrow", // Microsoft + "novtable", // Microsoft + "noreturn", // Microsoft + "noinline", // Microsoft + "noalias", // Microsoft + "restrict", // Microsoft +*/ + +specifiers( + unique int id: @specifier, + unique string str: string ref +); + +typespecifiers( + int type_id: @type ref, + int spec_id: @specifier ref +); + +funspecifiers( + int func_id: @function ref, + int spec_id: @specifier ref +); + +varspecifiers( + int var_id: @accessible ref, + int spec_id: @specifier ref +); + +explicit_specifier_exprs( + unique int func_id: @function ref, + int constant: @expr ref +) + +attributes( + unique int id: @attribute, + int kind: int ref, + string name: string ref, + string name_space: string ref, + int location: @location_default ref +); + +case @attribute.kind of + 0 = @gnuattribute +| 1 = @stdattribute +| 2 = @declspec +| 3 = @msattribute +| 4 = @alignas +// ... 5 @objc_propertyattribute deprecated +; + +attribute_args( + unique int id: @attribute_arg, + int kind: int ref, + int attribute: @attribute ref, + int index: int ref, + int location: @location_default ref +); + +case @attribute_arg.kind of + 0 = @attribute_arg_empty +| 1 = @attribute_arg_token +| 2 = @attribute_arg_constant +| 3 = @attribute_arg_type +| 4 = @attribute_arg_constant_expr +| 5 = @attribute_arg_expr +; + +attribute_arg_value( + unique int arg: @attribute_arg ref, + string value: string ref +); +attribute_arg_type( + unique int arg: @attribute_arg ref, + int type_id: @type ref +); +attribute_arg_constant( + unique int arg: @attribute_arg ref, + int constant: @expr ref +) +attribute_arg_expr( + unique int arg: @attribute_arg ref, + int expr: @expr ref +) +attribute_arg_name( + unique int arg: @attribute_arg ref, + string name: string ref +); + +typeattributes( + int type_id: @type ref, + int spec_id: @attribute ref +); + +funcattributes( + int func_id: @function ref, + int spec_id: @attribute ref +); + +varattributes( + int var_id: @accessible ref, + int spec_id: @attribute ref +); + +namespaceattributes( + int namespace_id: @namespace ref, + int spec_id: @attribute ref +); + +stmtattributes( + int stmt_id: @stmt ref, + int spec_id: @attribute ref +); + +@type = @builtintype + | @derivedtype + | @usertype + | @routinetype + | @ptrtomember + | @decltype + | @type_operator; + +unspecifiedtype( + unique int type_id: @type ref, + int unspecified_type_id: @type ref +); + +member( + int parent: @type ref, + int index: int ref, + int child: @member ref +); + +@enclosingfunction_child = @usertype | @variable | @namespace + +enclosingfunction( + unique int child: @enclosingfunction_child ref, + int parent: @function ref +); + +derivations( + unique int derivation: @derivation, + int sub: @type ref, + int index: int ref, + int super: @type ref, + int location: @location_default ref +); + +derspecifiers( + int der_id: @derivation ref, + int spec_id: @specifier ref +); + +/** + * Contains the byte offset of the base class subobject within the derived + * class. Only holds for non-virtual base classes, but see table + * `virtual_base_offsets` for offsets of virtual base class subobjects. + */ +direct_base_offsets( + unique int der_id: @derivation ref, + int offset: int ref +); + +/** + * Contains the byte offset of the virtual base class subobject for class + * `super` within a most-derived object of class `sub`. `super` can be either a + * direct or indirect base class. + */ +#keyset[sub, super] +virtual_base_offsets( + int sub: @usertype ref, + int super: @usertype ref, + int offset: int ref +); + +frienddecls( + unique int id: @frienddecl, + int type_id: @type ref, + int decl_id: @declaration ref, + int location: @location_default ref +); + +@declaredtype = @usertype ; + +@declaration = @function + | @declaredtype + | @variable + | @enumconstant + | @frienddecl + | @concept_template; + +@member = @membervariable + | @function + | @declaredtype + | @enumconstant; + +@locatable = @diagnostic + | @declaration + | @ppd_include + | @ppd_define + | @macroinvocation + /*| @funcall*/ + | @xmllocatable + | @attribute + | @attribute_arg; + +@namedscope = @namespace | @usertype; + +@element = @locatable + | @file + | @folder + | @specifier + | @type + | @expr + | @namespace + | @initialiser + | @stmt + | @derivation + | @comment + | @preprocdirect + | @fun_decl + | @var_decl + | @type_decl + | @namespace_decl + | @using + | @namequalifier + | @specialnamequalifyingelement + | @static_assert + | @type_mention + | @lambdacapture; + +@exprparent = @element; + +comments( + unique int id: @comment, + string contents: string ref, + int location: @location_default ref +); + +commentbinding( + int id: @comment ref, + int element: @element ref +); + +exprconv( + int converted: @expr ref, + unique int conversion: @expr ref +); + +compgenerated(unique int id: @element ref); + +/** + * `destructor_call` destructs the `i`'th entity that should be + * destructed following `element`. Note that entities should be + * destructed in reverse construction order, so for a given `element` + * these should be called from highest to lowest `i`. + */ +#keyset[element, destructor_call] +#keyset[element, i] +synthetic_destructor_call( + int element: @element ref, + int i: int ref, + int destructor_call: @routineexpr ref +); + +namespaces( + unique int id: @namespace, + string name: string ref +); + +namespace_inline( + unique int id: @namespace ref +); + +namespacembrs( + int parentid: @namespace ref, + unique int memberid: @namespacembr ref +); + +@namespacembr = @declaration | @namespace; + +exprparents( + int expr_id: @expr ref, + int child_index: int ref, + int parent_id: @exprparent ref +); + +expr_isload(unique int expr_id: @expr ref); + +@cast = @c_style_cast + | @const_cast + | @dynamic_cast + | @reinterpret_cast + | @static_cast + ; + +/* +case @conversion.kind of + 0 = @simple_conversion // a numeric conversion, qualification conversion, or a reinterpret_cast +| 1 = @bool_conversion // conversion to 'bool' +| 2 = @base_class_conversion // a derived-to-base conversion +| 3 = @derived_class_conversion // a base-to-derived conversion +| 4 = @pm_base_class_conversion // a derived-to-base conversion of a pointer to member +| 5 = @pm_derived_class_conversion // a base-to-derived conversion of a pointer to member +| 6 = @glvalue_adjust // an adjustment of the type of a glvalue +| 7 = @prvalue_adjust // an adjustment of the type of a prvalue +; +*/ +/** + * Describes the semantics represented by a cast expression. This is largely + * independent of the source syntax of the cast, so it is separate from the + * regular expression kind. + */ +conversionkinds( + unique int expr_id: @cast ref, + int kind: int ref +); + +@conversion = @cast + | @array_to_pointer + | @parexpr + | @reference_to + | @ref_indirect + | @temp_init + | @c11_generic + ; + +/* +case @funbindexpr.kind of + 0 = @normal_call // a normal call +| 1 = @virtual_call // a virtual call +| 2 = @adl_call // a call whose target is only found by ADL +; +*/ +iscall( + unique int caller: @funbindexpr ref, + int kind: int ref +); + +numtemplatearguments( + unique int expr_id: @expr ref, + int num: int ref +); + +specialnamequalifyingelements( + unique int id: @specialnamequalifyingelement, + unique string name: string ref +); + +@namequalifiableelement = @expr | @namequalifier; +@namequalifyingelement = @namespace + | @specialnamequalifyingelement + | @usertype; + +namequalifiers( + unique int id: @namequalifier, + unique int qualifiableelement: @namequalifiableelement ref, + int qualifyingelement: @namequalifyingelement ref, + int location: @location_default ref +); + +varbind( + int expr: @varbindexpr ref, + int var: @accessible ref +); + +funbind( + int expr: @funbindexpr ref, + int fun: @function ref +); + +@any_new_expr = @new_expr + | @new_array_expr; + +@new_or_delete_expr = @any_new_expr + | @delete_expr + | @delete_array_expr; + +@prefix_crement_expr = @preincrexpr | @predecrexpr; + +@postfix_crement_expr = @postincrexpr | @postdecrexpr; + +@increment_expr = @preincrexpr | @postincrexpr; + +@decrement_expr = @predecrexpr | @postdecrexpr; + +@crement_expr = @increment_expr | @decrement_expr; + +@un_arith_op_expr = @arithnegexpr + | @unaryplusexpr + | @conjugation + | @realpartexpr + | @imagpartexpr + | @crement_expr + ; + +@un_bitwise_op_expr = @complementexpr; + +@un_log_op_expr = @notexpr; + +@un_op_expr = @address_of + | @indirect + | @un_arith_op_expr + | @un_bitwise_op_expr + | @builtinaddressof + | @vec_fill + | @un_log_op_expr + | @co_await + | @co_yield + ; + +@bin_log_op_expr = @andlogicalexpr | @orlogicalexpr; + +@cmp_op_expr = @eq_op_expr | @rel_op_expr; + +@eq_op_expr = @eqexpr | @neexpr; + +@rel_op_expr = @gtexpr + | @ltexpr + | @geexpr + | @leexpr + | @spaceshipexpr + ; + +@bin_bitwise_op_expr = @lshiftexpr + | @rshiftexpr + | @andexpr + | @orexpr + | @xorexpr + ; + +@p_arith_op_expr = @paddexpr + | @psubexpr + | @pdiffexpr + ; + +@bin_arith_op_expr = @addexpr + | @subexpr + | @mulexpr + | @divexpr + | @remexpr + | @jmulexpr + | @jdivexpr + | @fjaddexpr + | @jfaddexpr + | @fjsubexpr + | @jfsubexpr + | @minexpr + | @maxexpr + | @p_arith_op_expr + ; + +@bin_op_expr = @bin_arith_op_expr + | @bin_bitwise_op_expr + | @cmp_op_expr + | @bin_log_op_expr + ; + +@op_expr = @un_op_expr + | @bin_op_expr + | @assign_expr + | @conditionalexpr + ; + +@assign_arith_expr = @assignaddexpr + | @assignsubexpr + | @assignmulexpr + | @assigndivexpr + | @assignremexpr + ; + +@assign_bitwise_expr = @assignandexpr + | @assignorexpr + | @assignxorexpr + | @assignlshiftexpr + | @assignrshiftexpr + ; + +@assign_pointer_expr = @assignpaddexpr + | @assignpsubexpr + ; + +@assign_op_expr = @assign_arith_expr + | @assign_bitwise_expr + | @assign_pointer_expr + ; + +@assign_expr = @assignexpr | @assign_op_expr | @blockassignexpr + +/* + Binary encoding of the allocator form. + + case @allocator.form of + 0 = plain + | 1 = alignment + ; +*/ + +/** + * The allocator function associated with a `new` or `new[]` expression. + * The `form` column specified whether the allocation call contains an alignment + * argument. + */ +expr_allocator( + unique int expr: @any_new_expr ref, + int func: @function ref, + int form: int ref +); + +/* + Binary encoding of the deallocator form. + + case @deallocator.form of + 0 = plain + | 1 = size + | 2 = alignment + | 4 = destroying_delete + ; +*/ + +/** + * The deallocator function associated with a `delete`, `delete[]`, `new`, or + * `new[]` expression. For a `new` or `new[]` expression, the deallocator is the + * one used to free memory if the initialization throws an exception. + * The `form` column specifies whether the deallocation call contains a size + * argument, and alignment argument, or both. + */ +expr_deallocator( + unique int expr: @new_or_delete_expr ref, + int func: @function ref, + int form: int ref +); + +/** + * Holds if the `@conditionalexpr` is of the two operand form + * `guard ? : false`. + */ +expr_cond_two_operand( + unique int cond: @conditionalexpr ref +); + +/** + * The guard of `@conditionalexpr` `guard ? true : false` + */ +expr_cond_guard( + unique int cond: @conditionalexpr ref, + int guard: @expr ref +); + +/** + * The expression used when the guard of `@conditionalexpr` + * `guard ? true : false` holds. For the two operand form + * `guard ?: false` consider using `expr_cond_guard` instead. + */ +expr_cond_true( + unique int cond: @conditionalexpr ref, + int true: @expr ref +); + +/** + * The expression used when the guard of `@conditionalexpr` + * `guard ? true : false` does not hold. + */ +expr_cond_false( + unique int cond: @conditionalexpr ref, + int false: @expr ref +); + +/** A string representation of the value. */ +values( + unique int id: @value, + string str: string ref +); + +/** The actual text in the source code for the value, if any. */ +valuetext( + unique int id: @value ref, + string text: string ref +); + +valuebind( + int val: @value ref, + unique int expr: @expr ref +); + +fieldoffsets( + unique int id: @variable ref, + int byteoffset: int ref, + int bitoffset: int ref +); + +bitfield( + unique int id: @variable ref, + int bits: int ref, + int declared_bits: int ref +); + +/* TODO +memberprefix( + int member: @expr ref, + int prefix: @expr ref +); +*/ + +/* + kind(1) = mbrcallexpr + kind(2) = mbrptrcallexpr + kind(3) = mbrptrmbrcallexpr + kind(4) = ptrmbrptrmbrcallexpr + kind(5) = mbrreadexpr // x.y + kind(6) = mbrptrreadexpr // p->y + kind(7) = mbrptrmbrreadexpr // x.*pm + kind(8) = mbrptrmbrptrreadexpr // x->*pm + kind(9) = staticmbrreadexpr // static x.y + kind(10) = staticmbrptrreadexpr // static p->y +*/ +/* TODO +memberaccess( + int member: @expr ref, + int kind: int ref +); +*/ + +initialisers( + unique int init: @initialiser, + int var: @accessible ref, + unique int expr: @expr ref, + int location: @location_expr ref +); + +braced_initialisers( + int init: @initialiser ref +); + +/** + * An ancestor for the expression, for cases in which we cannot + * otherwise find the expression's parent. + */ +expr_ancestor( + int exp: @expr ref, + int ancestor: @element ref +); + +exprs( + unique int id: @expr, + int kind: int ref, + int location: @location_expr ref +); + +expr_reuse( + int reuse: @expr ref, + int original: @expr ref, + int value_category: int ref +) + +/* + case @value.category of + 1 = prval + | 2 = xval + | 3 = lval + ; +*/ +expr_types( + int id: @expr ref, + int typeid: @type ref, + int value_category: int ref +); + +case @expr.kind of + 1 = @errorexpr +| 2 = @address_of // & AddressOfExpr +| 3 = @reference_to // ReferenceToExpr (implicit?) +| 4 = @indirect // * PointerDereferenceExpr +| 5 = @ref_indirect // ReferenceDereferenceExpr (implicit?) +// ... +| 8 = @array_to_pointer // (???) +| 9 = @vacuous_destructor_call // VacuousDestructorCall +// ... +| 11 = @assume // Microsoft +| 12 = @parexpr +| 13 = @arithnegexpr +| 14 = @unaryplusexpr +| 15 = @complementexpr +| 16 = @notexpr +| 17 = @conjugation // GNU ~ operator +| 18 = @realpartexpr // GNU __real +| 19 = @imagpartexpr // GNU __imag +| 20 = @postincrexpr +| 21 = @postdecrexpr +| 22 = @preincrexpr +| 23 = @predecrexpr +| 24 = @conditionalexpr +| 25 = @addexpr +| 26 = @subexpr +| 27 = @mulexpr +| 28 = @divexpr +| 29 = @remexpr +| 30 = @jmulexpr // C99 mul imaginary +| 31 = @jdivexpr // C99 div imaginary +| 32 = @fjaddexpr // C99 add real + imaginary +| 33 = @jfaddexpr // C99 add imaginary + real +| 34 = @fjsubexpr // C99 sub real - imaginary +| 35 = @jfsubexpr // C99 sub imaginary - real +| 36 = @paddexpr // pointer add (pointer + int or int + pointer) +| 37 = @psubexpr // pointer sub (pointer - integer) +| 38 = @pdiffexpr // difference between two pointers +| 39 = @lshiftexpr +| 40 = @rshiftexpr +| 41 = @andexpr +| 42 = @orexpr +| 43 = @xorexpr +| 44 = @eqexpr +| 45 = @neexpr +| 46 = @gtexpr +| 47 = @ltexpr +| 48 = @geexpr +| 49 = @leexpr +| 50 = @minexpr // GNU minimum +| 51 = @maxexpr // GNU maximum +| 52 = @assignexpr +| 53 = @assignaddexpr +| 54 = @assignsubexpr +| 55 = @assignmulexpr +| 56 = @assigndivexpr +| 57 = @assignremexpr +| 58 = @assignlshiftexpr +| 59 = @assignrshiftexpr +| 60 = @assignandexpr +| 61 = @assignorexpr +| 62 = @assignxorexpr +| 63 = @assignpaddexpr // assign pointer add +| 64 = @assignpsubexpr // assign pointer sub +| 65 = @andlogicalexpr +| 66 = @orlogicalexpr +| 67 = @commaexpr +| 68 = @subscriptexpr // access to member of an array, e.g., a[5] +// ... 69 @objc_subscriptexpr deprecated +// ... 70 @cmdaccess deprecated +// ... +| 73 = @virtfunptrexpr +| 74 = @callexpr +// ... 75 @msgexpr_normal deprecated +// ... 76 @msgexpr_super deprecated +// ... 77 @atselectorexpr deprecated +// ... 78 @atprotocolexpr deprecated +| 79 = @vastartexpr +| 80 = @vaargexpr +| 81 = @vaendexpr +| 82 = @vacopyexpr +// ... 83 @atencodeexpr deprecated +| 84 = @varaccess +| 85 = @thisaccess +// ... 86 @objc_box_expr deprecated +| 87 = @new_expr +| 88 = @delete_expr +| 89 = @throw_expr +| 90 = @condition_decl // a variable declared in a condition, e.g., if(int x = y > 2) +| 91 = @braced_init_list +| 92 = @type_id +| 93 = @runtime_sizeof +| 94 = @runtime_alignof +| 95 = @sizeof_pack +| 96 = @expr_stmt // GNU extension +| 97 = @routineexpr +| 98 = @type_operand // used to access a type in certain contexts (haven't found any examples yet....) +| 99 = @offsetofexpr // offsetof ::= type and field +| 100 = @hasassignexpr // __has_assign ::= type +| 101 = @hascopyexpr // __has_copy ::= type +| 102 = @hasnothrowassign // __has_nothrow_assign ::= type +| 103 = @hasnothrowconstr // __has_nothrow_constructor ::= type +| 104 = @hasnothrowcopy // __has_nothrow_copy ::= type +| 105 = @hastrivialassign // __has_trivial_assign ::= type +| 106 = @hastrivialconstr // __has_trivial_constructor ::= type +| 107 = @hastrivialcopy // __has_trivial_copy ::= type +| 108 = @hasuserdestr // __has_user_destructor ::= type +| 109 = @hasvirtualdestr // __has_virtual_destructor ::= type +| 110 = @isabstractexpr // __is_abstract ::= type +| 111 = @isbaseofexpr // __is_base_of ::= type type +| 112 = @isclassexpr // __is_class ::= type +| 113 = @isconvtoexpr // __is_convertible_to ::= type type +| 114 = @isemptyexpr // __is_empty ::= type +| 115 = @isenumexpr // __is_enum ::= type +| 116 = @ispodexpr // __is_pod ::= type +| 117 = @ispolyexpr // __is_polymorphic ::= type +| 118 = @isunionexpr // __is_union ::= type +| 119 = @typescompexpr // GNU __builtin_types_compatible ::= type type +| 120 = @intaddrexpr // frontend internal builtin, used to implement offsetof +// ... +| 122 = @hastrivialdestructor // __has_trivial_destructor ::= type +| 123 = @literal +| 124 = @uuidof +| 127 = @aggregateliteral +| 128 = @delete_array_expr +| 129 = @new_array_expr +// ... 130 @objc_array_literal deprecated +// ... 131 @objc_dictionary_literal deprecated +| 132 = @foldexpr +// ... +| 200 = @ctordirectinit +| 201 = @ctorvirtualinit +| 202 = @ctorfieldinit +| 203 = @ctordelegatinginit +| 204 = @dtordirectdestruct +| 205 = @dtorvirtualdestruct +| 206 = @dtorfielddestruct +// ... +| 210 = @static_cast +| 211 = @reinterpret_cast +| 212 = @const_cast +| 213 = @dynamic_cast +| 214 = @c_style_cast +| 215 = @lambdaexpr +| 216 = @param_ref +| 217 = @noopexpr +// ... +| 294 = @istriviallyconstructibleexpr +| 295 = @isdestructibleexpr +| 296 = @isnothrowdestructibleexpr +| 297 = @istriviallydestructibleexpr +| 298 = @istriviallyassignableexpr +| 299 = @isnothrowassignableexpr +| 300 = @istrivialexpr +| 301 = @isstandardlayoutexpr +| 302 = @istriviallycopyableexpr +| 303 = @isliteraltypeexpr +| 304 = @hastrivialmoveconstructorexpr +| 305 = @hastrivialmoveassignexpr +| 306 = @hasnothrowmoveassignexpr +| 307 = @isconstructibleexpr +| 308 = @isnothrowconstructibleexpr +| 309 = @hasfinalizerexpr +| 310 = @isdelegateexpr +| 311 = @isinterfaceclassexpr +| 312 = @isrefarrayexpr +| 313 = @isrefclassexpr +| 314 = @issealedexpr +| 315 = @issimplevalueclassexpr +| 316 = @isvalueclassexpr +| 317 = @isfinalexpr +| 319 = @noexceptexpr +| 320 = @builtinshufflevector +| 321 = @builtinchooseexpr +| 322 = @builtinaddressof +| 323 = @vec_fill +| 324 = @builtinconvertvector +| 325 = @builtincomplex +| 326 = @spaceshipexpr +| 327 = @co_await +| 328 = @co_yield +| 329 = @temp_init +| 330 = @isassignable +| 331 = @isaggregate +| 332 = @hasuniqueobjectrepresentations +| 333 = @builtinbitcast +| 334 = @builtinshuffle +| 335 = @blockassignexpr +| 336 = @issame +| 337 = @isfunction +| 338 = @islayoutcompatible +| 339 = @ispointerinterconvertiblebaseof +| 340 = @isarray +| 341 = @arrayrank +| 342 = @arrayextent +| 343 = @isarithmetic +| 344 = @iscompletetype +| 345 = @iscompound +| 346 = @isconst +| 347 = @isfloatingpoint +| 348 = @isfundamental +| 349 = @isintegral +| 350 = @islvaluereference +| 351 = @ismemberfunctionpointer +| 352 = @ismemberobjectpointer +| 353 = @ismemberpointer +| 354 = @isobject +| 355 = @ispointer +| 356 = @isreference +| 357 = @isrvaluereference +| 358 = @isscalar +| 359 = @issigned +| 360 = @isunsigned +| 361 = @isvoid +| 362 = @isvolatile +| 363 = @reuseexpr +| 364 = @istriviallycopyassignable +| 365 = @isassignablenopreconditioncheck +| 366 = @referencebindstotemporary +| 367 = @issameas +| 368 = @builtinhasattribute +| 369 = @ispointerinterconvertiblewithclass +| 370 = @builtinispointerinterconvertiblewithclass +| 371 = @iscorrespondingmember +| 372 = @builtiniscorrespondingmember +| 373 = @isboundedarray +| 374 = @isunboundedarray +| 375 = @isreferenceable +| 378 = @isnothrowconvertible +| 379 = @referenceconstructsfromtemporary +| 380 = @referenceconvertsfromtemporary +| 381 = @isconvertible +| 382 = @isvalidwinrttype +| 383 = @iswinclass +| 384 = @iswininterface +| 385 = @istriviallyequalitycomparable +| 386 = @isscopedenum +| 387 = @istriviallyrelocatable +| 388 = @datasizeof +| 389 = @c11_generic +| 390 = @requires_expr +| 391 = @nested_requirement +| 392 = @compound_requirement +| 393 = @concept_id +; + +@var_args_expr = @vastartexpr + | @vaendexpr + | @vaargexpr + | @vacopyexpr + ; + +@builtin_op = @var_args_expr + | @noopexpr + | @offsetofexpr + | @intaddrexpr + | @hasassignexpr + | @hascopyexpr + | @hasnothrowassign + | @hasnothrowconstr + | @hasnothrowcopy + | @hastrivialassign + | @hastrivialconstr + | @hastrivialcopy + | @hastrivialdestructor + | @hasuserdestr + | @hasvirtualdestr + | @isabstractexpr + | @isbaseofexpr + | @isclassexpr + | @isconvtoexpr + | @isemptyexpr + | @isenumexpr + | @ispodexpr + | @ispolyexpr + | @isunionexpr + | @typescompexpr + | @builtinshufflevector + | @builtinconvertvector + | @builtinaddressof + | @istriviallyconstructibleexpr + | @isdestructibleexpr + | @isnothrowdestructibleexpr + | @istriviallydestructibleexpr + | @istriviallyassignableexpr + | @isnothrowassignableexpr + | @istrivialexpr + | @isstandardlayoutexpr + | @istriviallycopyableexpr + | @isliteraltypeexpr + | @hastrivialmoveconstructorexpr + | @hastrivialmoveassignexpr + | @hasnothrowmoveassignexpr + | @isconstructibleexpr + | @isnothrowconstructibleexpr + | @hasfinalizerexpr + | @isdelegateexpr + | @isinterfaceclassexpr + | @isrefarrayexpr + | @isrefclassexpr + | @issealedexpr + | @issimplevalueclassexpr + | @isvalueclassexpr + | @isfinalexpr + | @builtinchooseexpr + | @builtincomplex + | @isassignable + | @isaggregate + | @hasuniqueobjectrepresentations + | @builtinbitcast + | @builtinshuffle + | @issame + | @isfunction + | @islayoutcompatible + | @ispointerinterconvertiblebaseof + | @isarray + | @arrayrank + | @arrayextent + | @isarithmetic + | @iscompletetype + | @iscompound + | @isconst + | @isfloatingpoint + | @isfundamental + | @isintegral + | @islvaluereference + | @ismemberfunctionpointer + | @ismemberobjectpointer + | @ismemberpointer + | @isobject + | @ispointer + | @isreference + | @isrvaluereference + | @isscalar + | @issigned + | @isunsigned + | @isvoid + | @isvolatile + | @istriviallycopyassignable + | @isassignablenopreconditioncheck + | @referencebindstotemporary + | @issameas + | @builtinhasattribute + | @ispointerinterconvertiblewithclass + | @builtinispointerinterconvertiblewithclass + | @iscorrespondingmember + | @builtiniscorrespondingmember + | @isboundedarray + | @isunboundedarray + | @isreferenceable + | @isnothrowconvertible + | @referenceconstructsfromtemporary + | @referenceconvertsfromtemporary + | @isconvertible + | @isvalidwinrttype + | @iswinclass + | @iswininterface + | @istriviallyequalitycomparable + | @isscopedenum + | @istriviallyrelocatable + ; + +compound_requirement_is_noexcept( + int expr: @compound_requirement ref +); + +new_allocated_type( + unique int expr: @new_expr ref, + int type_id: @type ref +); + +new_array_allocated_type( + unique int expr: @new_array_expr ref, + int type_id: @type ref +); + +/** + * The field being initialized by an initializer expression within an aggregate + * initializer for a class/struct/union. Position is used to sort repeated initializers. + */ +#keyset[aggregate, position] +aggregate_field_init( + int aggregate: @aggregateliteral ref, + int initializer: @expr ref, + int field: @membervariable ref, + int position: int ref, + boolean is_designated: boolean ref +); + +/** + * The index of the element being initialized by an initializer expression + * within an aggregate initializer for an array. Position is used to sort repeated initializers. + */ +#keyset[aggregate, position] +aggregate_array_init( + int aggregate: @aggregateliteral ref, + int initializer: @expr ref, + int element_index: int ref, + int position: int ref, + boolean is_designated: boolean ref +); + +@ctorinit = @ctordirectinit + | @ctorvirtualinit + | @ctorfieldinit + | @ctordelegatinginit; +@dtordestruct = @dtordirectdestruct + | @dtorvirtualdestruct + | @dtorfielddestruct; + + +condition_decl_bind( + unique int expr: @condition_decl ref, + unique int decl: @declaration ref +); + +typeid_bind( + unique int expr: @type_id ref, + int type_id: @type ref +); + +uuidof_bind( + unique int expr: @uuidof ref, + int type_id: @type ref +); + +@sizeof_or_alignof = @runtime_sizeof | @runtime_alignof | @datasizeof | @sizeof_pack; + +sizeof_bind( + unique int expr: @sizeof_or_alignof ref, + int type_id: @type ref +); + +code_block( + unique int block: @literal ref, + unique int routine: @function ref +); + +lambdas( + unique int expr: @lambdaexpr ref, + string default_capture: string ref, + boolean has_explicit_return_type: boolean ref, + boolean has_explicit_parameter_list: boolean ref +); + +lambda_capture( + unique int id: @lambdacapture, + int lambda: @lambdaexpr ref, + int index: int ref, + int field: @membervariable ref, + boolean captured_by_reference: boolean ref, + boolean is_implicit: boolean ref, + int location: @location_default ref +); + +@funbindexpr = @routineexpr + | @new_expr + | @delete_expr + | @delete_array_expr + | @ctordirectinit + | @ctorvirtualinit + | @ctordelegatinginit + | @dtordirectdestruct + | @dtorvirtualdestruct; + +@varbindexpr = @varaccess | @ctorfieldinit | @dtorfielddestruct; +@addressable = @function | @variable ; +@accessible = @addressable | @enumconstant ; + +@access = @varaccess | @routineexpr ; + +fold( + int expr: @foldexpr ref, + string operator: string ref, + boolean is_left_fold: boolean ref +); + +stmts( + unique int id: @stmt, + int kind: int ref, + int location: @location_stmt ref +); + +case @stmt.kind of + 1 = @stmt_expr +| 2 = @stmt_if +| 3 = @stmt_while +| 4 = @stmt_goto +| 5 = @stmt_label +| 6 = @stmt_return +| 7 = @stmt_block +| 8 = @stmt_end_test_while // do { ... } while ( ... ) +| 9 = @stmt_for +| 10 = @stmt_switch_case +| 11 = @stmt_switch +| 13 = @stmt_asm // "asm" statement or the body of an asm function +| 15 = @stmt_try_block +| 16 = @stmt_microsoft_try // Microsoft +| 17 = @stmt_decl +| 18 = @stmt_set_vla_size // C99 +| 19 = @stmt_vla_decl // C99 +| 25 = @stmt_assigned_goto // GNU +| 26 = @stmt_empty +| 27 = @stmt_continue +| 28 = @stmt_break +| 29 = @stmt_range_based_for // C++11 +// ... 30 @stmt_at_autoreleasepool_block deprecated +// ... 31 @stmt_objc_for_in deprecated +// ... 32 @stmt_at_synchronized deprecated +| 33 = @stmt_handler +// ... 34 @stmt_finally_end deprecated +| 35 = @stmt_constexpr_if +| 37 = @stmt_co_return +| 38 = @stmt_consteval_if +| 39 = @stmt_not_consteval_if +| 40 = @stmt_leave +; + +type_vla( + int type_id: @type ref, + int decl: @stmt_vla_decl ref +); + +variable_vla( + int var: @variable ref, + int decl: @stmt_vla_decl ref +); + +type_is_vla(unique int type_id: @derivedtype ref) + +if_initialization( + unique int if_stmt: @stmt_if ref, + int init_id: @stmt ref +); + +if_then( + unique int if_stmt: @stmt_if ref, + int then_id: @stmt ref +); + +if_else( + unique int if_stmt: @stmt_if ref, + int else_id: @stmt ref +); + +constexpr_if_initialization( + unique int constexpr_if_stmt: @stmt_constexpr_if ref, + int init_id: @stmt ref +); + +constexpr_if_then( + unique int constexpr_if_stmt: @stmt_constexpr_if ref, + int then_id: @stmt ref +); + +constexpr_if_else( + unique int constexpr_if_stmt: @stmt_constexpr_if ref, + int else_id: @stmt ref +); + +@stmt_consteval_or_not_consteval_if = @stmt_consteval_if | @stmt_not_consteval_if; + +consteval_if_then( + unique int constexpr_if_stmt: @stmt_consteval_or_not_consteval_if ref, + int then_id: @stmt ref +); + +consteval_if_else( + unique int constexpr_if_stmt: @stmt_consteval_or_not_consteval_if ref, + int else_id: @stmt ref +); + +while_body( + unique int while_stmt: @stmt_while ref, + int body_id: @stmt ref +); + +do_body( + unique int do_stmt: @stmt_end_test_while ref, + int body_id: @stmt ref +); + +switch_initialization( + unique int switch_stmt: @stmt_switch ref, + int init_id: @stmt ref +); + +#keyset[switch_stmt, index] +switch_case( + int switch_stmt: @stmt_switch ref, + int index: int ref, + int case_id: @stmt_switch_case ref +); + +switch_body( + unique int switch_stmt: @stmt_switch ref, + int body_id: @stmt ref +); + +@stmt_for_or_range_based_for = @stmt_for + | @stmt_range_based_for; + +for_initialization( + unique int for_stmt: @stmt_for_or_range_based_for ref, + int init_id: @stmt ref +); + +for_condition( + unique int for_stmt: @stmt_for ref, + int condition_id: @expr ref +); + +for_update( + unique int for_stmt: @stmt_for ref, + int update_id: @expr ref +); + +for_body( + unique int for_stmt: @stmt_for ref, + int body_id: @stmt ref +); + +@stmtparent = @stmt | @expr_stmt ; +stmtparents( + unique int id: @stmt ref, + int index: int ref, + int parent: @stmtparent ref +); + +ishandler(unique int block: @stmt_block ref); + +@cfgnode = @stmt | @expr | @function | @initialiser ; + +stmt_decl_bind( + int stmt: @stmt_decl ref, + int num: int ref, + int decl: @declaration ref +); + +stmt_decl_entry_bind( + int stmt: @stmt_decl ref, + int num: int ref, + int decl_entry: @element ref +); + +@parameterized_element = @function | @stmt_block | @requires_expr; + +blockscope( + unique int block: @stmt_block ref, + int enclosing: @parameterized_element ref +); + +@jump = @stmt_goto | @stmt_break | @stmt_continue | @stmt_leave; + +@jumporlabel = @jump | @stmt_label | @literal; + +jumpinfo( + unique int id: @jumporlabel ref, + string str: string ref, + int target: @stmt ref +); + +preprocdirects( + unique int id: @preprocdirect, + int kind: int ref, + int location: @location_default ref +); +case @preprocdirect.kind of + 0 = @ppd_if +| 1 = @ppd_ifdef +| 2 = @ppd_ifndef +| 3 = @ppd_elif +| 4 = @ppd_else +| 5 = @ppd_endif +| 6 = @ppd_plain_include +| 7 = @ppd_define +| 8 = @ppd_undef +| 9 = @ppd_line +| 10 = @ppd_error +| 11 = @ppd_pragma +| 12 = @ppd_objc_import +| 13 = @ppd_include_next +| 14 = @ppd_ms_import +| 15 = @ppd_elifdef +| 16 = @ppd_elifndef +| 18 = @ppd_warning +; + +@ppd_include = @ppd_plain_include | @ppd_objc_import | @ppd_include_next | @ppd_ms_import; + +@ppd_branch = @ppd_if | @ppd_ifdef | @ppd_ifndef | @ppd_elif | @ppd_elifdef | @ppd_elifndef; + +preprocpair( + int begin : @ppd_branch ref, + int elseelifend : @preprocdirect ref +); + +preproctrue(int branch : @ppd_branch ref); +preprocfalse(int branch : @ppd_branch ref); + +preproctext( + unique int id: @preprocdirect ref, + string head: string ref, + string body: string ref +); + +includes( + unique int id: @ppd_include ref, + int included: @file ref +); + +link_targets( + int id: @link_target, + int binary: @file ref +); + +link_parent( + int element : @element ref, + int link_target : @link_target ref +); + +/* XML Files */ + +xmlEncoding(unique int id: @file ref, string encoding: string ref); + +xmlDTDs( + unique int id: @xmldtd, + string root: string ref, + string publicId: string ref, + string systemId: string ref, + int fileid: @file ref +); + +xmlElements( + unique int id: @xmlelement, + string name: string ref, + int parentid: @xmlparent ref, + int idx: int ref, + int fileid: @file ref +); + +xmlAttrs( + unique int id: @xmlattribute, + int elementid: @xmlelement ref, + string name: string ref, + string value: string ref, + int idx: int ref, + int fileid: @file ref +); + +xmlNs( + int id: @xmlnamespace, + string prefixName: string ref, + string URI: string ref, + int fileid: @file ref +); + +xmlHasNs( + int elementId: @xmlnamespaceable ref, + int nsId: @xmlnamespace ref, + int fileid: @file ref +); + +xmlComments( + unique int id: @xmlcomment, + string text: string ref, + int parentid: @xmlparent ref, + int fileid: @file ref +); + +xmlChars( + unique int id: @xmlcharacters, + string text: string ref, + int parentid: @xmlparent ref, + int idx: int ref, + int isCDATA: int ref, + int fileid: @file ref +); + +@xmlparent = @file | @xmlelement; +@xmlnamespaceable = @xmlelement | @xmlattribute; + +xmllocations( + int xmlElement: @xmllocatable ref, + int location: @location_default ref +); + +@xmllocatable = @xmlcharacters + | @xmlelement + | @xmlcomment + | @xmlattribute + | @xmldtd + | @file + | @xmlnamespace; diff --git a/cpp/downgrades/e70d0b653187b93d9688f21c9db46bb1cd46ab78/upgrade.properties b/cpp/downgrades/e70d0b653187b93d9688f21c9db46bb1cd46ab78/upgrade.properties new file mode 100644 index 00000000000..25f408d9b7e --- /dev/null +++ b/cpp/downgrades/e70d0b653187b93d9688f21c9db46bb1cd46ab78/upgrade.properties @@ -0,0 +1,8 @@ +description: Merge location tables +compatibility: partial +locations_default.rel: run downgrades.ql new_locations_default +locations_expr.rel: run downgrades.ql new_locations_expr +locations_stmt.rel: run downgrades.ql new_locations_stmt +exprs.rel: run downgrades.ql new_exprs +initialisers.rel: run downgrades.ql new_initialisers +stmts.rel: run downgrades.ql new_stmts diff --git a/cpp/ql/lib/upgrades/7bc12b02a4363149f0727a4bce07952dbb9d98aa/locations_default.ql b/cpp/ql/lib/upgrades/7bc12b02a4363149f0727a4bce07952dbb9d98aa/locations_default.ql new file mode 100644 index 00000000000..7e17030fb6f --- /dev/null +++ b/cpp/ql/lib/upgrades/7bc12b02a4363149f0727a4bce07952dbb9d98aa/locations_default.ql @@ -0,0 +1,18 @@ +class LocationBase = @location_default or @location_stmt or @location_expr; + +class Location extends LocationBase { + string toString() { none() } +} + +class Container extends @container { + string toString() { none() } +} + +from Location l, Container c, int startLine, int startColumn, int endLine, int endColumn +where + locations_default(l, c, startLine, startColumn, endLine, endColumn) + or + locations_stmt(l, c, startLine, startColumn, endLine, endColumn) + or + locations_expr(l, c, startLine, startColumn, endLine, endColumn) +select l, c, startLine, startColumn, endLine, endColumn diff --git a/cpp/ql/lib/upgrades/7bc12b02a4363149f0727a4bce07952dbb9d98aa/old.dbscheme b/cpp/ql/lib/upgrades/7bc12b02a4363149f0727a4bce07952dbb9d98aa/old.dbscheme new file mode 100644 index 00000000000..7bc12b02a43 --- /dev/null +++ b/cpp/ql/lib/upgrades/7bc12b02a4363149f0727a4bce07952dbb9d98aa/old.dbscheme @@ -0,0 +1,2509 @@ + +/** + * An invocation of the compiler. Note that more than one file may be + * compiled per invocation. For example, this command compiles three + * source files: + * + * gcc -c f1.c f2.c f3.c + * + * The `id` simply identifies the invocation, while `cwd` is the working + * directory from which the compiler was invoked. + */ +compilations( + /** + * An invocation of the compiler. Note that more than one file may + * be compiled per invocation. For example, this command compiles + * three source files: + * + * gcc -c f1.c f2.c f3.c + */ + unique int id : @compilation, + string cwd : string ref +); + +/** + * The arguments that were passed to the extractor for a compiler + * invocation. If `id` is for the compiler invocation + * + * gcc -c f1.c f2.c f3.c + * + * then typically there will be rows for + * + * num | arg + * --- | --- + * 0 | *path to extractor* + * 1 | `--mimic` + * 2 | `/usr/bin/gcc` + * 3 | `-c` + * 4 | f1.c + * 5 | f2.c + * 6 | f3.c + */ +#keyset[id, num] +compilation_args( + int id : @compilation ref, + int num : int ref, + string arg : string ref +); + +/** + * Optionally, record the build mode for each compilation. + */ +compilation_build_mode( + unique int id : @compilation ref, + int mode : int ref +); + +/* +case @compilation_build_mode.mode of + 0 = @build_mode_none +| 1 = @build_mode_manual +| 2 = @build_mode_auto +; +*/ + +/** + * The source files that are compiled by a compiler invocation. + * If `id` is for the compiler invocation + * + * gcc -c f1.c f2.c f3.c + * + * then there will be rows for + * + * num | arg + * --- | --- + * 0 | f1.c + * 1 | f2.c + * 2 | f3.c + * + * Note that even if those files `#include` headers, those headers + * do not appear as rows. + */ +#keyset[id, num] +compilation_compiling_files( + int id : @compilation ref, + int num : int ref, + int file : @file ref +); + +/** + * The time taken by the extractor for a compiler invocation. + * + * For each file `num`, there will be rows for + * + * kind | seconds + * ---- | --- + * 1 | CPU seconds used by the extractor frontend + * 2 | Elapsed seconds during the extractor frontend + * 3 | CPU seconds used by the extractor backend + * 4 | Elapsed seconds during the extractor backend + */ +#keyset[id, num, kind] +compilation_time( + int id : @compilation ref, + int num : int ref, + /* kind: + 1 = frontend_cpu_seconds + 2 = frontend_elapsed_seconds + 3 = extractor_cpu_seconds + 4 = extractor_elapsed_seconds + */ + int kind : int ref, + float seconds : float ref +); + +/** + * An error or warning generated by the extractor. + * The diagnostic message `diagnostic` was generated during compiler + * invocation `compilation`, and is the `file_number_diagnostic_number`th + * message generated while extracting the `file_number`th file of that + * invocation. + */ +#keyset[compilation, file_number, file_number_diagnostic_number] +diagnostic_for( + int diagnostic : @diagnostic ref, + int compilation : @compilation ref, + int file_number : int ref, + int file_number_diagnostic_number : int ref +); + +/** + * If extraction was successful, then `cpu_seconds` and + * `elapsed_seconds` are the CPU time and elapsed time (respectively) + * that extraction took for compiler invocation `id`. + */ +compilation_finished( + unique int id : @compilation ref, + float cpu_seconds : float ref, + float elapsed_seconds : float ref +); + + +/** + * External data, loaded from CSV files during snapshot creation. See + * [Tutorial: Incorporating external data](https://help.semmle.com/wiki/display/SD/Tutorial%3A+Incorporating+external+data) + * for more information. + */ +externalData( + int id : @externalDataElement, + string path : string ref, + int column: int ref, + string value : string ref +); + +/** + * The source location of the snapshot. + */ +sourceLocationPrefix(string prefix : string ref); + +/** + * Information about packages that provide code used during compilation. + * The `id` is just a unique identifier. + * The `namespace` is typically the name of the package manager that + * provided the package (e.g. "dpkg" or "yum"). + * The `package_name` is the name of the package, and `version` is its + * version (as a string). + */ +external_packages( + unique int id: @external_package, + string namespace : string ref, + string package_name : string ref, + string version : string ref +); + +/** + * Holds if File `fileid` was provided by package `package`. + */ +header_to_external_package( + int fileid : @file ref, + int package : @external_package ref +); + +/* + * Version history + */ + +svnentries( + unique int id : @svnentry, + string revision : string ref, + string author : string ref, + date revisionDate : date ref, + int changeSize : int ref +) + +svnaffectedfiles( + int id : @svnentry ref, + int file : @file ref, + string action : string ref +) + +svnentrymsg( + unique int id : @svnentry ref, + string message : string ref +) + +svnchurn( + int commit : @svnentry ref, + int file : @file ref, + int addedLines : int ref, + int deletedLines : int ref +) + +/* + * C++ dbscheme + */ + +extractor_version( + string codeql_version: string ref, + string frontend_version: string ref +) + +@location = @location_stmt | @location_expr | @location_default ; + +/** + * The location of an element that is not an expression or a statement. + * The location spans column `startcolumn` of line `startline` to + * column `endcolumn` of line `endline` in file `file`. + * For more information, see + * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). + */ +locations_default( + /** The location of an element that is not an expression or a statement. */ + unique int id: @location_default, + int container: @container ref, + int startLine: int ref, + int startColumn: int ref, + int endLine: int ref, + int endColumn: int ref +); + +/** + * The location of a statement. + * The location spans column `startcolumn` of line `startline` to + * column `endcolumn` of line `endline` in file `file`. + * For more information, see + * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). + */ +locations_stmt( + /** The location of a statement. */ + unique int id: @location_stmt, + int container: @container ref, + int startLine: int ref, + int startColumn: int ref, + int endLine: int ref, + int endColumn: int ref +); + +/** + * The location of an expression. + * The location spans column `startcolumn` of line `startline` to + * column `endcolumn` of line `endline` in file `file`. + * For more information, see + * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). + */ +locations_expr( + /** The location of an expression. */ + unique int id: @location_expr, + int container: @container ref, + int startLine: int ref, + int startColumn: int ref, + int endLine: int ref, + int endColumn: int ref +); + +/** An element for which line-count information is available. */ +@sourceline = @file | @function | @variable | @enumconstant | @xmllocatable; + +numlines( + int element_id: @sourceline ref, + int num_lines: int ref, + int num_code: int ref, + int num_comment: int ref +); + +diagnostics( + unique int id: @diagnostic, + int severity: int ref, + string error_tag: string ref, + string error_message: string ref, + string full_error_message: string ref, + int location: @location_default ref +); + +files( + unique int id: @file, + string name: string ref +); + +folders( + unique int id: @folder, + string name: string ref +); + +@container = @folder | @file + +containerparent( + int parent: @container ref, + unique int child: @container ref +); + +fileannotations( + int id: @file ref, + int kind: int ref, + string name: string ref, + string value: string ref +); + +inmacroexpansion( + int id: @element ref, + int inv: @macroinvocation ref +); + +affectedbymacroexpansion( + int id: @element ref, + int inv: @macroinvocation ref +); + +case @macroinvocation.kind of + 1 = @macro_expansion +| 2 = @other_macro_reference +; + +macroinvocations( + unique int id: @macroinvocation, + int macro_id: @ppd_define ref, + int location: @location_default ref, + int kind: int ref +); + +macroparent( + unique int id: @macroinvocation ref, + int parent_id: @macroinvocation ref +); + +// a macroinvocation may be part of another location +// the way to find a constant expression that uses a macro +// is thus to find a constant expression that has a location +// to which a macro invocation is bound +macrolocationbind( + int id: @macroinvocation ref, + int location: @location ref +); + +#keyset[invocation, argument_index] +macro_argument_unexpanded( + int invocation: @macroinvocation ref, + int argument_index: int ref, + string text: string ref +); + +#keyset[invocation, argument_index] +macro_argument_expanded( + int invocation: @macroinvocation ref, + int argument_index: int ref, + string text: string ref +); + +/* +case @function.kind of + 1 = @normal_function +| 2 = @constructor +| 3 = @destructor +| 4 = @conversion_function +| 5 = @operator +| 6 = @builtin_function // GCC built-in functions, e.g. __builtin___memcpy_chk +| 7 = @user_defined_literal +| 8 = @deduction_guide +; +*/ + +functions( + unique int id: @function, + string name: string ref, + int kind: int ref +); + +function_entry_point( + int id: @function ref, + unique int entry_point: @stmt ref +); + +function_return_type( + int id: @function ref, + int return_type: @type ref +); + +/** + * If `function` is a coroutine, then this gives the `std::experimental::resumable_traits` + * instance associated with it, and the variables representing the `handle` and `promise` + * for it. + */ +coroutine( + unique int function: @function ref, + int traits: @type ref +); + +/* +case @coroutine_placeholder_variable.kind of + 1 = @handle +| 2 = @promise +| 3 = @init_await_resume +; +*/ + +coroutine_placeholder_variable( + unique int placeholder_variable: @variable ref, + int kind: int ref, + int function: @function ref +) + +/** The `new` function used for allocating the coroutine state, if any. */ +coroutine_new( + unique int function: @function ref, + int new: @function ref +); + +/** The `delete` function used for deallocating the coroutine state, if any. */ +coroutine_delete( + unique int function: @function ref, + int delete: @function ref +); + +purefunctions(unique int id: @function ref); + +function_deleted(unique int id: @function ref); + +function_defaulted(unique int id: @function ref); + +function_prototyped(unique int id: @function ref) + +deduction_guide_for_class( + int id: @function ref, + int class_template: @usertype ref +) + +member_function_this_type( + unique int id: @function ref, + int this_type: @type ref +); + +#keyset[id, type_id] +fun_decls( + int id: @fun_decl, + int function: @function ref, + int type_id: @type ref, + string name: string ref, + int location: @location_default ref +); +fun_def(unique int id: @fun_decl ref); +fun_specialized(unique int id: @fun_decl ref); +fun_implicit(unique int id: @fun_decl ref); +fun_decl_specifiers( + int id: @fun_decl ref, + string name: string ref +) +#keyset[fun_decl, index] +fun_decl_throws( + int fun_decl: @fun_decl ref, + int index: int ref, + int type_id: @type ref +); +/* an empty throw specification is different from none */ +fun_decl_empty_throws(unique int fun_decl: @fun_decl ref); +fun_decl_noexcept( + int fun_decl: @fun_decl ref, + int constant: @expr ref +); +fun_decl_empty_noexcept(int fun_decl: @fun_decl ref); +fun_decl_typedef_type( + unique int fun_decl: @fun_decl ref, + int typedeftype_id: @usertype ref +); + +/* +case @fun_requires.kind of + 1 = @template_attached +| 2 = @function_attached +; +*/ + +fun_requires( + int id: @fun_decl ref, + int kind: int ref, + int constraint: @expr ref +); + +param_decl_bind( + unique int id: @var_decl ref, + int index: int ref, + int fun_decl: @fun_decl ref +); + +#keyset[id, type_id] +var_decls( + int id: @var_decl, + int variable: @variable ref, + int type_id: @type ref, + string name: string ref, + int location: @location_default ref +); +var_def(unique int id: @var_decl ref); +var_specialized(int id: @var_decl ref); +var_decl_specifiers( + int id: @var_decl ref, + string name: string ref +) +is_structured_binding(unique int id: @variable ref); +var_requires( + int id: @var_decl ref, + int constraint: @expr ref +); + +type_decls( + unique int id: @type_decl, + int type_id: @type ref, + int location: @location_default ref +); +type_def(unique int id: @type_decl ref); +type_decl_top( + unique int type_decl: @type_decl ref +); +type_requires( + int id: @type_decl ref, + int constraint: @expr ref +); + +namespace_decls( + unique int id: @namespace_decl, + int namespace_id: @namespace ref, + int location: @location_default ref, + int bodylocation: @location_default ref +); + +case @using.kind of + 1 = @using_declaration +| 2 = @using_directive +| 3 = @using_enum_declaration +; + +usings( + unique int id: @using, + int element_id: @element ref, + int location: @location_default ref, + int kind: int ref +); + +/** The element which contains the `using` declaration. */ +using_container( + int parent: @element ref, + int child: @using ref +); + +static_asserts( + unique int id: @static_assert, + int condition : @expr ref, + string message : string ref, + int location: @location_default ref, + int enclosing : @element ref +); + +// each function has an ordered list of parameters +#keyset[id, type_id] +#keyset[function, index, type_id] +params( + int id: @parameter, + int function: @parameterized_element ref, + int index: int ref, + int type_id: @type ref +); + +overrides( + int new: @function ref, + int old: @function ref +); + +#keyset[id, type_id] +membervariables( + int id: @membervariable, + int type_id: @type ref, + string name: string ref +); + +#keyset[id, type_id] +globalvariables( + int id: @globalvariable, + int type_id: @type ref, + string name: string ref +); + +#keyset[id, type_id] +localvariables( + int id: @localvariable, + int type_id: @type ref, + string name: string ref +); + +autoderivation( + unique int var: @variable ref, + int derivation_type: @type ref +); + +orphaned_variables( + int var: @localvariable ref, + int function: @function ref +) + +enumconstants( + unique int id: @enumconstant, + int parent: @usertype ref, + int index: int ref, + int type_id: @type ref, + string name: string ref, + int location: @location_default ref +); + +@variable = @localscopevariable | @globalvariable | @membervariable; + +@localscopevariable = @localvariable | @parameter; + +/** + * Built-in types are the fundamental types, e.g., integral, floating, and void. + */ +case @builtintype.kind of + 1 = @errortype +| 2 = @unknowntype +| 3 = @void +| 4 = @boolean +| 5 = @char +| 6 = @unsigned_char +| 7 = @signed_char +| 8 = @short +| 9 = @unsigned_short +| 10 = @signed_short +| 11 = @int +| 12 = @unsigned_int +| 13 = @signed_int +| 14 = @long +| 15 = @unsigned_long +| 16 = @signed_long +| 17 = @long_long +| 18 = @unsigned_long_long +| 19 = @signed_long_long +// ... 20 Microsoft-specific __int8 +// ... 21 Microsoft-specific __int16 +// ... 22 Microsoft-specific __int32 +// ... 23 Microsoft-specific __int64 +| 24 = @float +| 25 = @double +| 26 = @long_double +| 27 = @complex_float // C99-specific _Complex float +| 28 = @complex_double // C99-specific _Complex double +| 29 = @complex_long_double // C99-specific _Complex long double +| 30 = @imaginary_float // C99-specific _Imaginary float +| 31 = @imaginary_double // C99-specific _Imaginary double +| 32 = @imaginary_long_double // C99-specific _Imaginary long double +| 33 = @wchar_t // Microsoft-specific +| 34 = @decltype_nullptr // C++11 +| 35 = @int128 // __int128 +| 36 = @unsigned_int128 // unsigned __int128 +| 37 = @signed_int128 // signed __int128 +| 38 = @float128 // __float128 +| 39 = @complex_float128 // _Complex __float128 +| 40 = @decimal32 // _Decimal32 +| 41 = @decimal64 // _Decimal64 +| 42 = @decimal128 // _Decimal128 +| 43 = @char16_t +| 44 = @char32_t +| 45 = @std_float32 // _Float32 +| 46 = @float32x // _Float32x +| 47 = @std_float64 // _Float64 +| 48 = @float64x // _Float64x +| 49 = @std_float128 // _Float128 +// ... 50 _Float128x +| 51 = @char8_t +| 52 = @float16 // _Float16 +| 53 = @complex_float16 // _Complex _Float16 +| 54 = @fp16 // __fp16 +| 55 = @std_bfloat16 // __bf16 +| 56 = @std_float16 // std::float16_t +| 57 = @complex_std_float32 // _Complex _Float32 +| 58 = @complex_float32x // _Complex _Float32x +| 59 = @complex_std_float64 // _Complex _Float64 +| 60 = @complex_float64x // _Complex _Float64x +| 61 = @complex_std_float128 // _Complex _Float128 +| 62 = @mfp8 // __mfp8 +| 63 = @scalable_vector_count // __SVCount_t +| 64 = @complex_fp16 // _Complex __fp16 +| 65 = @complex_std_bfloat16 // _Complex __bf16 +| 66 = @complex_std_float16 // _Complex std::float16_t +; + +builtintypes( + unique int id: @builtintype, + string name: string ref, + int kind: int ref, + int size: int ref, + int sign: int ref, + int alignment: int ref +); + +/** + * Derived types are types that are directly derived from existing types and + * point to, refer to, transform type data to return a new type. + */ +case @derivedtype.kind of + 1 = @pointer +| 2 = @reference +| 3 = @type_with_specifiers +| 4 = @array +| 5 = @gnu_vector +| 6 = @routineptr +| 7 = @routinereference +| 8 = @rvalue_reference // C++11 +// ... 9 type_conforming_to_protocols deprecated +| 10 = @block +| 11 = @scalable_vector // Arm SVE +; + +derivedtypes( + unique int id: @derivedtype, + string name: string ref, + int kind: int ref, + int type_id: @type ref +); + +pointerishsize(unique int id: @derivedtype ref, + int size: int ref, + int alignment: int ref); + +arraysizes( + unique int id: @derivedtype ref, + int num_elements: int ref, + int bytesize: int ref, + int alignment: int ref +); + +tupleelements( + unique int id: @derivedtype ref, + int num_elements: int ref +); + +typedefbase( + unique int id: @usertype ref, + int type_id: @type ref +); + +/** + * An instance of the C++11 `decltype` operator or C23 `typeof`/`typeof_unqual` + * operator taking an expression as its argument. For example: + * ``` + * int a; + * decltype(1+a) b; + * typeof(1+a) c; + * ``` + * Here `expr` is `1+a`. + * + * Sometimes an additional pair of parentheses around the expression + * changes the semantics of the decltype, e.g. + * ``` + * struct A { double x; }; + * const A* a = new A(); + * decltype( a->x ); // type is double + * decltype((a->x)); // type is const double& + * ``` + * (Please consult the C++11 standard for more details). + * `parentheses_would_change_meaning` is `true` iff that is the case. + */ + +/* +case @decltype.kind of +| 0 = @decltype +| 1 = @typeof // The frontend does not differentiate between typeof and typeof_unqual +; +*/ + +#keyset[id, expr] +decltypes( + int id: @decltype, + int expr: @expr ref, + int kind: int ref, + int base_type: @type ref, + boolean parentheses_would_change_meaning: boolean ref +); + +/* +case @type_operator.kind of +| 0 = @typeof // The frontend does not differentiate between typeof and typeof_unqual +| 1 = @underlying_type +| 2 = @bases +| 3 = @direct_bases +| 4 = @add_lvalue_reference +| 5 = @add_pointer +| 6 = @add_rvalue_reference +| 7 = @decay +| 8 = @make_signed +| 9 = @make_unsigned +| 10 = @remove_all_extents +| 11 = @remove_const +| 12 = @remove_cv +| 13 = @remove_cvref +| 14 = @remove_extent +| 15 = @remove_pointer +| 16 = @remove_reference_t +| 17 = @remove_restrict +| 18 = @remove_volatile +| 19 = @remove_reference +; +*/ + +type_operators( + unique int id: @type_operator, + int arg_type: @type ref, + int kind: int ref, + int base_type: @type ref +) + +/* +case @usertype.kind of +| 0 = @unknown_usertype +| 1 = @struct +| 2 = @class +| 3 = @union +| 4 = @enum +// ... 5 = @typedef deprecated // classic C: typedef typedef type name +// ... 6 = @template deprecated +| 7 = @template_parameter +| 8 = @template_template_parameter +| 9 = @proxy_class // a proxy class associated with a template parameter +// ... 10 objc_class deprecated +// ... 11 objc_protocol deprecated +// ... 12 objc_category deprecated +| 13 = @scoped_enum +// ... 14 = @using_alias deprecated // a using name = type style typedef +| 15 = @template_struct +| 16 = @template_class +| 17 = @template_union +| 18 = @alias +; +*/ + +usertypes( + unique int id: @usertype, + string name: string ref, + int kind: int ref +); + +usertypesize( + unique int id: @usertype ref, + int size: int ref, + int alignment: int ref +); + +usertype_final(unique int id: @usertype ref); + +usertype_uuid( + unique int id: @usertype ref, + string uuid: string ref +); + +/* +case @usertype.alias_kind of +| 0 = @typedef +| 1 = @alias +*/ + +usertype_alias_kind( + int id: @usertype ref, + int alias_kind: int ref +) + +nontype_template_parameters( + int id: @expr ref +); + +type_template_type_constraint( + int id: @usertype ref, + int constraint: @expr ref +); + +mangled_name( + unique int id: @declaration ref, + int mangled_name : @mangledname, + boolean is_complete: boolean ref +); + +is_pod_class(unique int id: @usertype ref); +is_standard_layout_class(unique int id: @usertype ref); + +is_complete(unique int id: @usertype ref); + +is_class_template(unique int id: @usertype ref); +class_instantiation( + int to: @usertype ref, + int from: @usertype ref +); +class_template_argument( + int type_id: @usertype ref, + int index: int ref, + int arg_type: @type ref +); +class_template_argument_value( + int type_id: @usertype ref, + int index: int ref, + int arg_value: @expr ref +); + +@user_or_decltype = @usertype | @decltype; + +is_proxy_class_for( + unique int id: @usertype ref, + int templ_param_id: @user_or_decltype ref +); + +type_mentions( + unique int id: @type_mention, + int type_id: @type ref, + int location: @location ref, + // a_symbol_reference_kind from the frontend. + int kind: int ref +); + +is_function_template(unique int id: @function ref); +function_instantiation( + unique int to: @function ref, + int from: @function ref +); +function_template_argument( + int function_id: @function ref, + int index: int ref, + int arg_type: @type ref +); +function_template_argument_value( + int function_id: @function ref, + int index: int ref, + int arg_value: @expr ref +); + +is_variable_template(unique int id: @variable ref); +variable_instantiation( + unique int to: @variable ref, + int from: @variable ref +); +variable_template_argument( + int variable_id: @variable ref, + int index: int ref, + int arg_type: @type ref +); +variable_template_argument_value( + int variable_id: @variable ref, + int index: int ref, + int arg_value: @expr ref +); + +template_template_instantiation( + int to: @usertype ref, + int from: @usertype ref +); +template_template_argument( + int type_id: @usertype ref, + int index: int ref, + int arg_type: @type ref +); +template_template_argument_value( + int type_id: @usertype ref, + int index: int ref, + int arg_value: @expr ref +); + +@concept = @concept_template | @concept_id; + +concept_templates( + unique int concept_id: @concept_template, + string name: string ref, + int location: @location_default ref +); +concept_instantiation( + unique int to: @concept_id ref, + int from: @concept_template ref +); +is_type_constraint(int concept_id: @concept_id ref); +concept_template_argument( + int concept_id: @concept ref, + int index: int ref, + int arg_type: @type ref +); +concept_template_argument_value( + int concept_id: @concept ref, + int index: int ref, + int arg_value: @expr ref +); + +routinetypes( + unique int id: @routinetype, + int return_type: @type ref +); + +routinetypeargs( + int routine: @routinetype ref, + int index: int ref, + int type_id: @type ref +); + +ptrtomembers( + unique int id: @ptrtomember, + int type_id: @type ref, + int class_id: @type ref +); + +/* + specifiers for types, functions, and variables + + "public", + "protected", + "private", + + "const", + "volatile", + "static", + + "pure", + "virtual", + "sealed", // Microsoft + "__interface", // Microsoft + "inline", + "explicit", + + "near", // near far extension + "far", // near far extension + "__ptr32", // Microsoft + "__ptr64", // Microsoft + "__sptr", // Microsoft + "__uptr", // Microsoft + "dllimport", // Microsoft + "dllexport", // Microsoft + "thread", // Microsoft + "naked", // Microsoft + "microsoft_inline", // Microsoft + "forceinline", // Microsoft + "selectany", // Microsoft + "nothrow", // Microsoft + "novtable", // Microsoft + "noreturn", // Microsoft + "noinline", // Microsoft + "noalias", // Microsoft + "restrict", // Microsoft +*/ + +specifiers( + unique int id: @specifier, + unique string str: string ref +); + +typespecifiers( + int type_id: @type ref, + int spec_id: @specifier ref +); + +funspecifiers( + int func_id: @function ref, + int spec_id: @specifier ref +); + +varspecifiers( + int var_id: @accessible ref, + int spec_id: @specifier ref +); + +explicit_specifier_exprs( + unique int func_id: @function ref, + int constant: @expr ref +) + +attributes( + unique int id: @attribute, + int kind: int ref, + string name: string ref, + string name_space: string ref, + int location: @location_default ref +); + +case @attribute.kind of + 0 = @gnuattribute +| 1 = @stdattribute +| 2 = @declspec +| 3 = @msattribute +| 4 = @alignas +// ... 5 @objc_propertyattribute deprecated +; + +attribute_args( + unique int id: @attribute_arg, + int kind: int ref, + int attribute: @attribute ref, + int index: int ref, + int location: @location_default ref +); + +case @attribute_arg.kind of + 0 = @attribute_arg_empty +| 1 = @attribute_arg_token +| 2 = @attribute_arg_constant +| 3 = @attribute_arg_type +| 4 = @attribute_arg_constant_expr +| 5 = @attribute_arg_expr +; + +attribute_arg_value( + unique int arg: @attribute_arg ref, + string value: string ref +); +attribute_arg_type( + unique int arg: @attribute_arg ref, + int type_id: @type ref +); +attribute_arg_constant( + unique int arg: @attribute_arg ref, + int constant: @expr ref +) +attribute_arg_expr( + unique int arg: @attribute_arg ref, + int expr: @expr ref +) +attribute_arg_name( + unique int arg: @attribute_arg ref, + string name: string ref +); + +typeattributes( + int type_id: @type ref, + int spec_id: @attribute ref +); + +funcattributes( + int func_id: @function ref, + int spec_id: @attribute ref +); + +varattributes( + int var_id: @accessible ref, + int spec_id: @attribute ref +); + +namespaceattributes( + int namespace_id: @namespace ref, + int spec_id: @attribute ref +); + +stmtattributes( + int stmt_id: @stmt ref, + int spec_id: @attribute ref +); + +@type = @builtintype + | @derivedtype + | @usertype + | @routinetype + | @ptrtomember + | @decltype + | @type_operator; + +unspecifiedtype( + unique int type_id: @type ref, + int unspecified_type_id: @type ref +); + +member( + int parent: @type ref, + int index: int ref, + int child: @member ref +); + +@enclosingfunction_child = @usertype | @variable | @namespace + +enclosingfunction( + unique int child: @enclosingfunction_child ref, + int parent: @function ref +); + +derivations( + unique int derivation: @derivation, + int sub: @type ref, + int index: int ref, + int super: @type ref, + int location: @location_default ref +); + +derspecifiers( + int der_id: @derivation ref, + int spec_id: @specifier ref +); + +/** + * Contains the byte offset of the base class subobject within the derived + * class. Only holds for non-virtual base classes, but see table + * `virtual_base_offsets` for offsets of virtual base class subobjects. + */ +direct_base_offsets( + unique int der_id: @derivation ref, + int offset: int ref +); + +/** + * Contains the byte offset of the virtual base class subobject for class + * `super` within a most-derived object of class `sub`. `super` can be either a + * direct or indirect base class. + */ +#keyset[sub, super] +virtual_base_offsets( + int sub: @usertype ref, + int super: @usertype ref, + int offset: int ref +); + +frienddecls( + unique int id: @frienddecl, + int type_id: @type ref, + int decl_id: @declaration ref, + int location: @location_default ref +); + +@declaredtype = @usertype ; + +@declaration = @function + | @declaredtype + | @variable + | @enumconstant + | @frienddecl + | @concept_template; + +@member = @membervariable + | @function + | @declaredtype + | @enumconstant; + +@locatable = @diagnostic + | @declaration + | @ppd_include + | @ppd_define + | @macroinvocation + /*| @funcall*/ + | @xmllocatable + | @attribute + | @attribute_arg; + +@namedscope = @namespace | @usertype; + +@element = @locatable + | @file + | @folder + | @specifier + | @type + | @expr + | @namespace + | @initialiser + | @stmt + | @derivation + | @comment + | @preprocdirect + | @fun_decl + | @var_decl + | @type_decl + | @namespace_decl + | @using + | @namequalifier + | @specialnamequalifyingelement + | @static_assert + | @type_mention + | @lambdacapture; + +@exprparent = @element; + +comments( + unique int id: @comment, + string contents: string ref, + int location: @location_default ref +); + +commentbinding( + int id: @comment ref, + int element: @element ref +); + +exprconv( + int converted: @expr ref, + unique int conversion: @expr ref +); + +compgenerated(unique int id: @element ref); + +/** + * `destructor_call` destructs the `i`'th entity that should be + * destructed following `element`. Note that entities should be + * destructed in reverse construction order, so for a given `element` + * these should be called from highest to lowest `i`. + */ +#keyset[element, destructor_call] +#keyset[element, i] +synthetic_destructor_call( + int element: @element ref, + int i: int ref, + int destructor_call: @routineexpr ref +); + +namespaces( + unique int id: @namespace, + string name: string ref +); + +namespace_inline( + unique int id: @namespace ref +); + +namespacembrs( + int parentid: @namespace ref, + unique int memberid: @namespacembr ref +); + +@namespacembr = @declaration | @namespace; + +exprparents( + int expr_id: @expr ref, + int child_index: int ref, + int parent_id: @exprparent ref +); + +expr_isload(unique int expr_id: @expr ref); + +@cast = @c_style_cast + | @const_cast + | @dynamic_cast + | @reinterpret_cast + | @static_cast + ; + +/* +case @conversion.kind of + 0 = @simple_conversion // a numeric conversion, qualification conversion, or a reinterpret_cast +| 1 = @bool_conversion // conversion to 'bool' +| 2 = @base_class_conversion // a derived-to-base conversion +| 3 = @derived_class_conversion // a base-to-derived conversion +| 4 = @pm_base_class_conversion // a derived-to-base conversion of a pointer to member +| 5 = @pm_derived_class_conversion // a base-to-derived conversion of a pointer to member +| 6 = @glvalue_adjust // an adjustment of the type of a glvalue +| 7 = @prvalue_adjust // an adjustment of the type of a prvalue +; +*/ +/** + * Describes the semantics represented by a cast expression. This is largely + * independent of the source syntax of the cast, so it is separate from the + * regular expression kind. + */ +conversionkinds( + unique int expr_id: @cast ref, + int kind: int ref +); + +@conversion = @cast + | @array_to_pointer + | @parexpr + | @reference_to + | @ref_indirect + | @temp_init + | @c11_generic + ; + +/* +case @funbindexpr.kind of + 0 = @normal_call // a normal call +| 1 = @virtual_call // a virtual call +| 2 = @adl_call // a call whose target is only found by ADL +; +*/ +iscall( + unique int caller: @funbindexpr ref, + int kind: int ref +); + +numtemplatearguments( + unique int expr_id: @expr ref, + int num: int ref +); + +specialnamequalifyingelements( + unique int id: @specialnamequalifyingelement, + unique string name: string ref +); + +@namequalifiableelement = @expr | @namequalifier; +@namequalifyingelement = @namespace + | @specialnamequalifyingelement + | @usertype; + +namequalifiers( + unique int id: @namequalifier, + unique int qualifiableelement: @namequalifiableelement ref, + int qualifyingelement: @namequalifyingelement ref, + int location: @location_default ref +); + +varbind( + int expr: @varbindexpr ref, + int var: @accessible ref +); + +funbind( + int expr: @funbindexpr ref, + int fun: @function ref +); + +@any_new_expr = @new_expr + | @new_array_expr; + +@new_or_delete_expr = @any_new_expr + | @delete_expr + | @delete_array_expr; + +@prefix_crement_expr = @preincrexpr | @predecrexpr; + +@postfix_crement_expr = @postincrexpr | @postdecrexpr; + +@increment_expr = @preincrexpr | @postincrexpr; + +@decrement_expr = @predecrexpr | @postdecrexpr; + +@crement_expr = @increment_expr | @decrement_expr; + +@un_arith_op_expr = @arithnegexpr + | @unaryplusexpr + | @conjugation + | @realpartexpr + | @imagpartexpr + | @crement_expr + ; + +@un_bitwise_op_expr = @complementexpr; + +@un_log_op_expr = @notexpr; + +@un_op_expr = @address_of + | @indirect + | @un_arith_op_expr + | @un_bitwise_op_expr + | @builtinaddressof + | @vec_fill + | @un_log_op_expr + | @co_await + | @co_yield + ; + +@bin_log_op_expr = @andlogicalexpr | @orlogicalexpr; + +@cmp_op_expr = @eq_op_expr | @rel_op_expr; + +@eq_op_expr = @eqexpr | @neexpr; + +@rel_op_expr = @gtexpr + | @ltexpr + | @geexpr + | @leexpr + | @spaceshipexpr + ; + +@bin_bitwise_op_expr = @lshiftexpr + | @rshiftexpr + | @andexpr + | @orexpr + | @xorexpr + ; + +@p_arith_op_expr = @paddexpr + | @psubexpr + | @pdiffexpr + ; + +@bin_arith_op_expr = @addexpr + | @subexpr + | @mulexpr + | @divexpr + | @remexpr + | @jmulexpr + | @jdivexpr + | @fjaddexpr + | @jfaddexpr + | @fjsubexpr + | @jfsubexpr + | @minexpr + | @maxexpr + | @p_arith_op_expr + ; + +@bin_op_expr = @bin_arith_op_expr + | @bin_bitwise_op_expr + | @cmp_op_expr + | @bin_log_op_expr + ; + +@op_expr = @un_op_expr + | @bin_op_expr + | @assign_expr + | @conditionalexpr + ; + +@assign_arith_expr = @assignaddexpr + | @assignsubexpr + | @assignmulexpr + | @assigndivexpr + | @assignremexpr + ; + +@assign_bitwise_expr = @assignandexpr + | @assignorexpr + | @assignxorexpr + | @assignlshiftexpr + | @assignrshiftexpr + ; + +@assign_pointer_expr = @assignpaddexpr + | @assignpsubexpr + ; + +@assign_op_expr = @assign_arith_expr + | @assign_bitwise_expr + | @assign_pointer_expr + ; + +@assign_expr = @assignexpr | @assign_op_expr | @blockassignexpr + +/* + Binary encoding of the allocator form. + + case @allocator.form of + 0 = plain + | 1 = alignment + ; +*/ + +/** + * The allocator function associated with a `new` or `new[]` expression. + * The `form` column specified whether the allocation call contains an alignment + * argument. + */ +expr_allocator( + unique int expr: @any_new_expr ref, + int func: @function ref, + int form: int ref +); + +/* + Binary encoding of the deallocator form. + + case @deallocator.form of + 0 = plain + | 1 = size + | 2 = alignment + | 4 = destroying_delete + ; +*/ + +/** + * The deallocator function associated with a `delete`, `delete[]`, `new`, or + * `new[]` expression. For a `new` or `new[]` expression, the deallocator is the + * one used to free memory if the initialization throws an exception. + * The `form` column specifies whether the deallocation call contains a size + * argument, and alignment argument, or both. + */ +expr_deallocator( + unique int expr: @new_or_delete_expr ref, + int func: @function ref, + int form: int ref +); + +/** + * Holds if the `@conditionalexpr` is of the two operand form + * `guard ? : false`. + */ +expr_cond_two_operand( + unique int cond: @conditionalexpr ref +); + +/** + * The guard of `@conditionalexpr` `guard ? true : false` + */ +expr_cond_guard( + unique int cond: @conditionalexpr ref, + int guard: @expr ref +); + +/** + * The expression used when the guard of `@conditionalexpr` + * `guard ? true : false` holds. For the two operand form + * `guard ?: false` consider using `expr_cond_guard` instead. + */ +expr_cond_true( + unique int cond: @conditionalexpr ref, + int true: @expr ref +); + +/** + * The expression used when the guard of `@conditionalexpr` + * `guard ? true : false` does not hold. + */ +expr_cond_false( + unique int cond: @conditionalexpr ref, + int false: @expr ref +); + +/** A string representation of the value. */ +values( + unique int id: @value, + string str: string ref +); + +/** The actual text in the source code for the value, if any. */ +valuetext( + unique int id: @value ref, + string text: string ref +); + +valuebind( + int val: @value ref, + unique int expr: @expr ref +); + +fieldoffsets( + unique int id: @variable ref, + int byteoffset: int ref, + int bitoffset: int ref +); + +bitfield( + unique int id: @variable ref, + int bits: int ref, + int declared_bits: int ref +); + +/* TODO +memberprefix( + int member: @expr ref, + int prefix: @expr ref +); +*/ + +/* + kind(1) = mbrcallexpr + kind(2) = mbrptrcallexpr + kind(3) = mbrptrmbrcallexpr + kind(4) = ptrmbrptrmbrcallexpr + kind(5) = mbrreadexpr // x.y + kind(6) = mbrptrreadexpr // p->y + kind(7) = mbrptrmbrreadexpr // x.*pm + kind(8) = mbrptrmbrptrreadexpr // x->*pm + kind(9) = staticmbrreadexpr // static x.y + kind(10) = staticmbrptrreadexpr // static p->y +*/ +/* TODO +memberaccess( + int member: @expr ref, + int kind: int ref +); +*/ + +initialisers( + unique int init: @initialiser, + int var: @accessible ref, + unique int expr: @expr ref, + int location: @location_expr ref +); + +braced_initialisers( + int init: @initialiser ref +); + +/** + * An ancestor for the expression, for cases in which we cannot + * otherwise find the expression's parent. + */ +expr_ancestor( + int exp: @expr ref, + int ancestor: @element ref +); + +exprs( + unique int id: @expr, + int kind: int ref, + int location: @location_expr ref +); + +expr_reuse( + int reuse: @expr ref, + int original: @expr ref, + int value_category: int ref +) + +/* + case @value.category of + 1 = prval + | 2 = xval + | 3 = lval + ; +*/ +expr_types( + int id: @expr ref, + int typeid: @type ref, + int value_category: int ref +); + +case @expr.kind of + 1 = @errorexpr +| 2 = @address_of // & AddressOfExpr +| 3 = @reference_to // ReferenceToExpr (implicit?) +| 4 = @indirect // * PointerDereferenceExpr +| 5 = @ref_indirect // ReferenceDereferenceExpr (implicit?) +// ... +| 8 = @array_to_pointer // (???) +| 9 = @vacuous_destructor_call // VacuousDestructorCall +// ... +| 11 = @assume // Microsoft +| 12 = @parexpr +| 13 = @arithnegexpr +| 14 = @unaryplusexpr +| 15 = @complementexpr +| 16 = @notexpr +| 17 = @conjugation // GNU ~ operator +| 18 = @realpartexpr // GNU __real +| 19 = @imagpartexpr // GNU __imag +| 20 = @postincrexpr +| 21 = @postdecrexpr +| 22 = @preincrexpr +| 23 = @predecrexpr +| 24 = @conditionalexpr +| 25 = @addexpr +| 26 = @subexpr +| 27 = @mulexpr +| 28 = @divexpr +| 29 = @remexpr +| 30 = @jmulexpr // C99 mul imaginary +| 31 = @jdivexpr // C99 div imaginary +| 32 = @fjaddexpr // C99 add real + imaginary +| 33 = @jfaddexpr // C99 add imaginary + real +| 34 = @fjsubexpr // C99 sub real - imaginary +| 35 = @jfsubexpr // C99 sub imaginary - real +| 36 = @paddexpr // pointer add (pointer + int or int + pointer) +| 37 = @psubexpr // pointer sub (pointer - integer) +| 38 = @pdiffexpr // difference between two pointers +| 39 = @lshiftexpr +| 40 = @rshiftexpr +| 41 = @andexpr +| 42 = @orexpr +| 43 = @xorexpr +| 44 = @eqexpr +| 45 = @neexpr +| 46 = @gtexpr +| 47 = @ltexpr +| 48 = @geexpr +| 49 = @leexpr +| 50 = @minexpr // GNU minimum +| 51 = @maxexpr // GNU maximum +| 52 = @assignexpr +| 53 = @assignaddexpr +| 54 = @assignsubexpr +| 55 = @assignmulexpr +| 56 = @assigndivexpr +| 57 = @assignremexpr +| 58 = @assignlshiftexpr +| 59 = @assignrshiftexpr +| 60 = @assignandexpr +| 61 = @assignorexpr +| 62 = @assignxorexpr +| 63 = @assignpaddexpr // assign pointer add +| 64 = @assignpsubexpr // assign pointer sub +| 65 = @andlogicalexpr +| 66 = @orlogicalexpr +| 67 = @commaexpr +| 68 = @subscriptexpr // access to member of an array, e.g., a[5] +// ... 69 @objc_subscriptexpr deprecated +// ... 70 @cmdaccess deprecated +// ... +| 73 = @virtfunptrexpr +| 74 = @callexpr +// ... 75 @msgexpr_normal deprecated +// ... 76 @msgexpr_super deprecated +// ... 77 @atselectorexpr deprecated +// ... 78 @atprotocolexpr deprecated +| 79 = @vastartexpr +| 80 = @vaargexpr +| 81 = @vaendexpr +| 82 = @vacopyexpr +// ... 83 @atencodeexpr deprecated +| 84 = @varaccess +| 85 = @thisaccess +// ... 86 @objc_box_expr deprecated +| 87 = @new_expr +| 88 = @delete_expr +| 89 = @throw_expr +| 90 = @condition_decl // a variable declared in a condition, e.g., if(int x = y > 2) +| 91 = @braced_init_list +| 92 = @type_id +| 93 = @runtime_sizeof +| 94 = @runtime_alignof +| 95 = @sizeof_pack +| 96 = @expr_stmt // GNU extension +| 97 = @routineexpr +| 98 = @type_operand // used to access a type in certain contexts (haven't found any examples yet....) +| 99 = @offsetofexpr // offsetof ::= type and field +| 100 = @hasassignexpr // __has_assign ::= type +| 101 = @hascopyexpr // __has_copy ::= type +| 102 = @hasnothrowassign // __has_nothrow_assign ::= type +| 103 = @hasnothrowconstr // __has_nothrow_constructor ::= type +| 104 = @hasnothrowcopy // __has_nothrow_copy ::= type +| 105 = @hastrivialassign // __has_trivial_assign ::= type +| 106 = @hastrivialconstr // __has_trivial_constructor ::= type +| 107 = @hastrivialcopy // __has_trivial_copy ::= type +| 108 = @hasuserdestr // __has_user_destructor ::= type +| 109 = @hasvirtualdestr // __has_virtual_destructor ::= type +| 110 = @isabstractexpr // __is_abstract ::= type +| 111 = @isbaseofexpr // __is_base_of ::= type type +| 112 = @isclassexpr // __is_class ::= type +| 113 = @isconvtoexpr // __is_convertible_to ::= type type +| 114 = @isemptyexpr // __is_empty ::= type +| 115 = @isenumexpr // __is_enum ::= type +| 116 = @ispodexpr // __is_pod ::= type +| 117 = @ispolyexpr // __is_polymorphic ::= type +| 118 = @isunionexpr // __is_union ::= type +| 119 = @typescompexpr // GNU __builtin_types_compatible ::= type type +| 120 = @intaddrexpr // frontend internal builtin, used to implement offsetof +// ... +| 122 = @hastrivialdestructor // __has_trivial_destructor ::= type +| 123 = @literal +| 124 = @uuidof +| 127 = @aggregateliteral +| 128 = @delete_array_expr +| 129 = @new_array_expr +// ... 130 @objc_array_literal deprecated +// ... 131 @objc_dictionary_literal deprecated +| 132 = @foldexpr +// ... +| 200 = @ctordirectinit +| 201 = @ctorvirtualinit +| 202 = @ctorfieldinit +| 203 = @ctordelegatinginit +| 204 = @dtordirectdestruct +| 205 = @dtorvirtualdestruct +| 206 = @dtorfielddestruct +// ... +| 210 = @static_cast +| 211 = @reinterpret_cast +| 212 = @const_cast +| 213 = @dynamic_cast +| 214 = @c_style_cast +| 215 = @lambdaexpr +| 216 = @param_ref +| 217 = @noopexpr +// ... +| 294 = @istriviallyconstructibleexpr +| 295 = @isdestructibleexpr +| 296 = @isnothrowdestructibleexpr +| 297 = @istriviallydestructibleexpr +| 298 = @istriviallyassignableexpr +| 299 = @isnothrowassignableexpr +| 300 = @istrivialexpr +| 301 = @isstandardlayoutexpr +| 302 = @istriviallycopyableexpr +| 303 = @isliteraltypeexpr +| 304 = @hastrivialmoveconstructorexpr +| 305 = @hastrivialmoveassignexpr +| 306 = @hasnothrowmoveassignexpr +| 307 = @isconstructibleexpr +| 308 = @isnothrowconstructibleexpr +| 309 = @hasfinalizerexpr +| 310 = @isdelegateexpr +| 311 = @isinterfaceclassexpr +| 312 = @isrefarrayexpr +| 313 = @isrefclassexpr +| 314 = @issealedexpr +| 315 = @issimplevalueclassexpr +| 316 = @isvalueclassexpr +| 317 = @isfinalexpr +| 319 = @noexceptexpr +| 320 = @builtinshufflevector +| 321 = @builtinchooseexpr +| 322 = @builtinaddressof +| 323 = @vec_fill +| 324 = @builtinconvertvector +| 325 = @builtincomplex +| 326 = @spaceshipexpr +| 327 = @co_await +| 328 = @co_yield +| 329 = @temp_init +| 330 = @isassignable +| 331 = @isaggregate +| 332 = @hasuniqueobjectrepresentations +| 333 = @builtinbitcast +| 334 = @builtinshuffle +| 335 = @blockassignexpr +| 336 = @issame +| 337 = @isfunction +| 338 = @islayoutcompatible +| 339 = @ispointerinterconvertiblebaseof +| 340 = @isarray +| 341 = @arrayrank +| 342 = @arrayextent +| 343 = @isarithmetic +| 344 = @iscompletetype +| 345 = @iscompound +| 346 = @isconst +| 347 = @isfloatingpoint +| 348 = @isfundamental +| 349 = @isintegral +| 350 = @islvaluereference +| 351 = @ismemberfunctionpointer +| 352 = @ismemberobjectpointer +| 353 = @ismemberpointer +| 354 = @isobject +| 355 = @ispointer +| 356 = @isreference +| 357 = @isrvaluereference +| 358 = @isscalar +| 359 = @issigned +| 360 = @isunsigned +| 361 = @isvoid +| 362 = @isvolatile +| 363 = @reuseexpr +| 364 = @istriviallycopyassignable +| 365 = @isassignablenopreconditioncheck +| 366 = @referencebindstotemporary +| 367 = @issameas +| 368 = @builtinhasattribute +| 369 = @ispointerinterconvertiblewithclass +| 370 = @builtinispointerinterconvertiblewithclass +| 371 = @iscorrespondingmember +| 372 = @builtiniscorrespondingmember +| 373 = @isboundedarray +| 374 = @isunboundedarray +| 375 = @isreferenceable +| 378 = @isnothrowconvertible +| 379 = @referenceconstructsfromtemporary +| 380 = @referenceconvertsfromtemporary +| 381 = @isconvertible +| 382 = @isvalidwinrttype +| 383 = @iswinclass +| 384 = @iswininterface +| 385 = @istriviallyequalitycomparable +| 386 = @isscopedenum +| 387 = @istriviallyrelocatable +| 388 = @datasizeof +| 389 = @c11_generic +| 390 = @requires_expr +| 391 = @nested_requirement +| 392 = @compound_requirement +| 393 = @concept_id +; + +@var_args_expr = @vastartexpr + | @vaendexpr + | @vaargexpr + | @vacopyexpr + ; + +@builtin_op = @var_args_expr + | @noopexpr + | @offsetofexpr + | @intaddrexpr + | @hasassignexpr + | @hascopyexpr + | @hasnothrowassign + | @hasnothrowconstr + | @hasnothrowcopy + | @hastrivialassign + | @hastrivialconstr + | @hastrivialcopy + | @hastrivialdestructor + | @hasuserdestr + | @hasvirtualdestr + | @isabstractexpr + | @isbaseofexpr + | @isclassexpr + | @isconvtoexpr + | @isemptyexpr + | @isenumexpr + | @ispodexpr + | @ispolyexpr + | @isunionexpr + | @typescompexpr + | @builtinshufflevector + | @builtinconvertvector + | @builtinaddressof + | @istriviallyconstructibleexpr + | @isdestructibleexpr + | @isnothrowdestructibleexpr + | @istriviallydestructibleexpr + | @istriviallyassignableexpr + | @isnothrowassignableexpr + | @istrivialexpr + | @isstandardlayoutexpr + | @istriviallycopyableexpr + | @isliteraltypeexpr + | @hastrivialmoveconstructorexpr + | @hastrivialmoveassignexpr + | @hasnothrowmoveassignexpr + | @isconstructibleexpr + | @isnothrowconstructibleexpr + | @hasfinalizerexpr + | @isdelegateexpr + | @isinterfaceclassexpr + | @isrefarrayexpr + | @isrefclassexpr + | @issealedexpr + | @issimplevalueclassexpr + | @isvalueclassexpr + | @isfinalexpr + | @builtinchooseexpr + | @builtincomplex + | @isassignable + | @isaggregate + | @hasuniqueobjectrepresentations + | @builtinbitcast + | @builtinshuffle + | @issame + | @isfunction + | @islayoutcompatible + | @ispointerinterconvertiblebaseof + | @isarray + | @arrayrank + | @arrayextent + | @isarithmetic + | @iscompletetype + | @iscompound + | @isconst + | @isfloatingpoint + | @isfundamental + | @isintegral + | @islvaluereference + | @ismemberfunctionpointer + | @ismemberobjectpointer + | @ismemberpointer + | @isobject + | @ispointer + | @isreference + | @isrvaluereference + | @isscalar + | @issigned + | @isunsigned + | @isvoid + | @isvolatile + | @istriviallycopyassignable + | @isassignablenopreconditioncheck + | @referencebindstotemporary + | @issameas + | @builtinhasattribute + | @ispointerinterconvertiblewithclass + | @builtinispointerinterconvertiblewithclass + | @iscorrespondingmember + | @builtiniscorrespondingmember + | @isboundedarray + | @isunboundedarray + | @isreferenceable + | @isnothrowconvertible + | @referenceconstructsfromtemporary + | @referenceconvertsfromtemporary + | @isconvertible + | @isvalidwinrttype + | @iswinclass + | @iswininterface + | @istriviallyequalitycomparable + | @isscopedenum + | @istriviallyrelocatable + ; + +compound_requirement_is_noexcept( + int expr: @compound_requirement ref +); + +new_allocated_type( + unique int expr: @new_expr ref, + int type_id: @type ref +); + +new_array_allocated_type( + unique int expr: @new_array_expr ref, + int type_id: @type ref +); + +/** + * The field being initialized by an initializer expression within an aggregate + * initializer for a class/struct/union. Position is used to sort repeated initializers. + */ +#keyset[aggregate, position] +aggregate_field_init( + int aggregate: @aggregateliteral ref, + int initializer: @expr ref, + int field: @membervariable ref, + int position: int ref, + boolean is_designated: boolean ref +); + +/** + * The index of the element being initialized by an initializer expression + * within an aggregate initializer for an array. Position is used to sort repeated initializers. + */ +#keyset[aggregate, position] +aggregate_array_init( + int aggregate: @aggregateliteral ref, + int initializer: @expr ref, + int element_index: int ref, + int position: int ref, + boolean is_designated: boolean ref +); + +@ctorinit = @ctordirectinit + | @ctorvirtualinit + | @ctorfieldinit + | @ctordelegatinginit; +@dtordestruct = @dtordirectdestruct + | @dtorvirtualdestruct + | @dtorfielddestruct; + + +condition_decl_bind( + unique int expr: @condition_decl ref, + unique int decl: @declaration ref +); + +typeid_bind( + unique int expr: @type_id ref, + int type_id: @type ref +); + +uuidof_bind( + unique int expr: @uuidof ref, + int type_id: @type ref +); + +@sizeof_or_alignof = @runtime_sizeof | @runtime_alignof | @datasizeof | @sizeof_pack; + +sizeof_bind( + unique int expr: @sizeof_or_alignof ref, + int type_id: @type ref +); + +code_block( + unique int block: @literal ref, + unique int routine: @function ref +); + +lambdas( + unique int expr: @lambdaexpr ref, + string default_capture: string ref, + boolean has_explicit_return_type: boolean ref, + boolean has_explicit_parameter_list: boolean ref +); + +lambda_capture( + unique int id: @lambdacapture, + int lambda: @lambdaexpr ref, + int index: int ref, + int field: @membervariable ref, + boolean captured_by_reference: boolean ref, + boolean is_implicit: boolean ref, + int location: @location_default ref +); + +@funbindexpr = @routineexpr + | @new_expr + | @delete_expr + | @delete_array_expr + | @ctordirectinit + | @ctorvirtualinit + | @ctordelegatinginit + | @dtordirectdestruct + | @dtorvirtualdestruct; + +@varbindexpr = @varaccess | @ctorfieldinit | @dtorfielddestruct; +@addressable = @function | @variable ; +@accessible = @addressable | @enumconstant ; + +@access = @varaccess | @routineexpr ; + +fold( + int expr: @foldexpr ref, + string operator: string ref, + boolean is_left_fold: boolean ref +); + +stmts( + unique int id: @stmt, + int kind: int ref, + int location: @location_stmt ref +); + +case @stmt.kind of + 1 = @stmt_expr +| 2 = @stmt_if +| 3 = @stmt_while +| 4 = @stmt_goto +| 5 = @stmt_label +| 6 = @stmt_return +| 7 = @stmt_block +| 8 = @stmt_end_test_while // do { ... } while ( ... ) +| 9 = @stmt_for +| 10 = @stmt_switch_case +| 11 = @stmt_switch +| 13 = @stmt_asm // "asm" statement or the body of an asm function +| 15 = @stmt_try_block +| 16 = @stmt_microsoft_try // Microsoft +| 17 = @stmt_decl +| 18 = @stmt_set_vla_size // C99 +| 19 = @stmt_vla_decl // C99 +| 25 = @stmt_assigned_goto // GNU +| 26 = @stmt_empty +| 27 = @stmt_continue +| 28 = @stmt_break +| 29 = @stmt_range_based_for // C++11 +// ... 30 @stmt_at_autoreleasepool_block deprecated +// ... 31 @stmt_objc_for_in deprecated +// ... 32 @stmt_at_synchronized deprecated +| 33 = @stmt_handler +// ... 34 @stmt_finally_end deprecated +| 35 = @stmt_constexpr_if +| 37 = @stmt_co_return +| 38 = @stmt_consteval_if +| 39 = @stmt_not_consteval_if +| 40 = @stmt_leave +; + +type_vla( + int type_id: @type ref, + int decl: @stmt_vla_decl ref +); + +variable_vla( + int var: @variable ref, + int decl: @stmt_vla_decl ref +); + +type_is_vla(unique int type_id: @derivedtype ref) + +if_initialization( + unique int if_stmt: @stmt_if ref, + int init_id: @stmt ref +); + +if_then( + unique int if_stmt: @stmt_if ref, + int then_id: @stmt ref +); + +if_else( + unique int if_stmt: @stmt_if ref, + int else_id: @stmt ref +); + +constexpr_if_initialization( + unique int constexpr_if_stmt: @stmt_constexpr_if ref, + int init_id: @stmt ref +); + +constexpr_if_then( + unique int constexpr_if_stmt: @stmt_constexpr_if ref, + int then_id: @stmt ref +); + +constexpr_if_else( + unique int constexpr_if_stmt: @stmt_constexpr_if ref, + int else_id: @stmt ref +); + +@stmt_consteval_or_not_consteval_if = @stmt_consteval_if | @stmt_not_consteval_if; + +consteval_if_then( + unique int constexpr_if_stmt: @stmt_consteval_or_not_consteval_if ref, + int then_id: @stmt ref +); + +consteval_if_else( + unique int constexpr_if_stmt: @stmt_consteval_or_not_consteval_if ref, + int else_id: @stmt ref +); + +while_body( + unique int while_stmt: @stmt_while ref, + int body_id: @stmt ref +); + +do_body( + unique int do_stmt: @stmt_end_test_while ref, + int body_id: @stmt ref +); + +switch_initialization( + unique int switch_stmt: @stmt_switch ref, + int init_id: @stmt ref +); + +#keyset[switch_stmt, index] +switch_case( + int switch_stmt: @stmt_switch ref, + int index: int ref, + int case_id: @stmt_switch_case ref +); + +switch_body( + unique int switch_stmt: @stmt_switch ref, + int body_id: @stmt ref +); + +@stmt_for_or_range_based_for = @stmt_for + | @stmt_range_based_for; + +for_initialization( + unique int for_stmt: @stmt_for_or_range_based_for ref, + int init_id: @stmt ref +); + +for_condition( + unique int for_stmt: @stmt_for ref, + int condition_id: @expr ref +); + +for_update( + unique int for_stmt: @stmt_for ref, + int update_id: @expr ref +); + +for_body( + unique int for_stmt: @stmt_for ref, + int body_id: @stmt ref +); + +@stmtparent = @stmt | @expr_stmt ; +stmtparents( + unique int id: @stmt ref, + int index: int ref, + int parent: @stmtparent ref +); + +ishandler(unique int block: @stmt_block ref); + +@cfgnode = @stmt | @expr | @function | @initialiser ; + +stmt_decl_bind( + int stmt: @stmt_decl ref, + int num: int ref, + int decl: @declaration ref +); + +stmt_decl_entry_bind( + int stmt: @stmt_decl ref, + int num: int ref, + int decl_entry: @element ref +); + +@parameterized_element = @function | @stmt_block | @requires_expr; + +blockscope( + unique int block: @stmt_block ref, + int enclosing: @parameterized_element ref +); + +@jump = @stmt_goto | @stmt_break | @stmt_continue | @stmt_leave; + +@jumporlabel = @jump | @stmt_label | @literal; + +jumpinfo( + unique int id: @jumporlabel ref, + string str: string ref, + int target: @stmt ref +); + +preprocdirects( + unique int id: @preprocdirect, + int kind: int ref, + int location: @location_default ref +); +case @preprocdirect.kind of + 0 = @ppd_if +| 1 = @ppd_ifdef +| 2 = @ppd_ifndef +| 3 = @ppd_elif +| 4 = @ppd_else +| 5 = @ppd_endif +| 6 = @ppd_plain_include +| 7 = @ppd_define +| 8 = @ppd_undef +| 9 = @ppd_line +| 10 = @ppd_error +| 11 = @ppd_pragma +| 12 = @ppd_objc_import +| 13 = @ppd_include_next +| 14 = @ppd_ms_import +| 15 = @ppd_elifdef +| 16 = @ppd_elifndef +| 18 = @ppd_warning +; + +@ppd_include = @ppd_plain_include | @ppd_objc_import | @ppd_include_next | @ppd_ms_import; + +@ppd_branch = @ppd_if | @ppd_ifdef | @ppd_ifndef | @ppd_elif | @ppd_elifdef | @ppd_elifndef; + +preprocpair( + int begin : @ppd_branch ref, + int elseelifend : @preprocdirect ref +); + +preproctrue(int branch : @ppd_branch ref); +preprocfalse(int branch : @ppd_branch ref); + +preproctext( + unique int id: @preprocdirect ref, + string head: string ref, + string body: string ref +); + +includes( + unique int id: @ppd_include ref, + int included: @file ref +); + +link_targets( + int id: @link_target, + int binary: @file ref +); + +link_parent( + int element : @element ref, + int link_target : @link_target ref +); + +/* XML Files */ + +xmlEncoding(unique int id: @file ref, string encoding: string ref); + +xmlDTDs( + unique int id: @xmldtd, + string root: string ref, + string publicId: string ref, + string systemId: string ref, + int fileid: @file ref +); + +xmlElements( + unique int id: @xmlelement, + string name: string ref, + int parentid: @xmlparent ref, + int idx: int ref, + int fileid: @file ref +); + +xmlAttrs( + unique int id: @xmlattribute, + int elementid: @xmlelement ref, + string name: string ref, + string value: string ref, + int idx: int ref, + int fileid: @file ref +); + +xmlNs( + int id: @xmlnamespace, + string prefixName: string ref, + string URI: string ref, + int fileid: @file ref +); + +xmlHasNs( + int elementId: @xmlnamespaceable ref, + int nsId: @xmlnamespace ref, + int fileid: @file ref +); + +xmlComments( + unique int id: @xmlcomment, + string text: string ref, + int parentid: @xmlparent ref, + int fileid: @file ref +); + +xmlChars( + unique int id: @xmlcharacters, + string text: string ref, + int parentid: @xmlparent ref, + int idx: int ref, + int isCDATA: int ref, + int fileid: @file ref +); + +@xmlparent = @file | @xmlelement; +@xmlnamespaceable = @xmlelement | @xmlattribute; + +xmllocations( + int xmlElement: @xmllocatable ref, + int location: @location_default ref +); + +@xmllocatable = @xmlcharacters + | @xmlelement + | @xmlcomment + | @xmlattribute + | @xmldtd + | @file + | @xmlnamespace; diff --git a/cpp/ql/lib/upgrades/7bc12b02a4363149f0727a4bce07952dbb9d98aa/semmlecode.cpp.dbscheme b/cpp/ql/lib/upgrades/7bc12b02a4363149f0727a4bce07952dbb9d98aa/semmlecode.cpp.dbscheme new file mode 100644 index 00000000000..e70d0b65318 --- /dev/null +++ b/cpp/ql/lib/upgrades/7bc12b02a4363149f0727a4bce07952dbb9d98aa/semmlecode.cpp.dbscheme @@ -0,0 +1,2475 @@ + +/** + * An invocation of the compiler. Note that more than one file may be + * compiled per invocation. For example, this command compiles three + * source files: + * + * gcc -c f1.c f2.c f3.c + * + * The `id` simply identifies the invocation, while `cwd` is the working + * directory from which the compiler was invoked. + */ +compilations( + /** + * An invocation of the compiler. Note that more than one file may + * be compiled per invocation. For example, this command compiles + * three source files: + * + * gcc -c f1.c f2.c f3.c + */ + unique int id : @compilation, + string cwd : string ref +); + +/** + * The arguments that were passed to the extractor for a compiler + * invocation. If `id` is for the compiler invocation + * + * gcc -c f1.c f2.c f3.c + * + * then typically there will be rows for + * + * num | arg + * --- | --- + * 0 | *path to extractor* + * 1 | `--mimic` + * 2 | `/usr/bin/gcc` + * 3 | `-c` + * 4 | f1.c + * 5 | f2.c + * 6 | f3.c + */ +#keyset[id, num] +compilation_args( + int id : @compilation ref, + int num : int ref, + string arg : string ref +); + +/** + * Optionally, record the build mode for each compilation. + */ +compilation_build_mode( + unique int id : @compilation ref, + int mode : int ref +); + +/* +case @compilation_build_mode.mode of + 0 = @build_mode_none +| 1 = @build_mode_manual +| 2 = @build_mode_auto +; +*/ + +/** + * The source files that are compiled by a compiler invocation. + * If `id` is for the compiler invocation + * + * gcc -c f1.c f2.c f3.c + * + * then there will be rows for + * + * num | arg + * --- | --- + * 0 | f1.c + * 1 | f2.c + * 2 | f3.c + * + * Note that even if those files `#include` headers, those headers + * do not appear as rows. + */ +#keyset[id, num] +compilation_compiling_files( + int id : @compilation ref, + int num : int ref, + int file : @file ref +); + +/** + * The time taken by the extractor for a compiler invocation. + * + * For each file `num`, there will be rows for + * + * kind | seconds + * ---- | --- + * 1 | CPU seconds used by the extractor frontend + * 2 | Elapsed seconds during the extractor frontend + * 3 | CPU seconds used by the extractor backend + * 4 | Elapsed seconds during the extractor backend + */ +#keyset[id, num, kind] +compilation_time( + int id : @compilation ref, + int num : int ref, + /* kind: + 1 = frontend_cpu_seconds + 2 = frontend_elapsed_seconds + 3 = extractor_cpu_seconds + 4 = extractor_elapsed_seconds + */ + int kind : int ref, + float seconds : float ref +); + +/** + * An error or warning generated by the extractor. + * The diagnostic message `diagnostic` was generated during compiler + * invocation `compilation`, and is the `file_number_diagnostic_number`th + * message generated while extracting the `file_number`th file of that + * invocation. + */ +#keyset[compilation, file_number, file_number_diagnostic_number] +diagnostic_for( + int diagnostic : @diagnostic ref, + int compilation : @compilation ref, + int file_number : int ref, + int file_number_diagnostic_number : int ref +); + +/** + * If extraction was successful, then `cpu_seconds` and + * `elapsed_seconds` are the CPU time and elapsed time (respectively) + * that extraction took for compiler invocation `id`. + */ +compilation_finished( + unique int id : @compilation ref, + float cpu_seconds : float ref, + float elapsed_seconds : float ref +); + + +/** + * External data, loaded from CSV files during snapshot creation. See + * [Tutorial: Incorporating external data](https://help.semmle.com/wiki/display/SD/Tutorial%3A+Incorporating+external+data) + * for more information. + */ +externalData( + int id : @externalDataElement, + string path : string ref, + int column: int ref, + string value : string ref +); + +/** + * The source location of the snapshot. + */ +sourceLocationPrefix(string prefix : string ref); + +/** + * Information about packages that provide code used during compilation. + * The `id` is just a unique identifier. + * The `namespace` is typically the name of the package manager that + * provided the package (e.g. "dpkg" or "yum"). + * The `package_name` is the name of the package, and `version` is its + * version (as a string). + */ +external_packages( + unique int id: @external_package, + string namespace : string ref, + string package_name : string ref, + string version : string ref +); + +/** + * Holds if File `fileid` was provided by package `package`. + */ +header_to_external_package( + int fileid : @file ref, + int package : @external_package ref +); + +/* + * Version history + */ + +svnentries( + unique int id : @svnentry, + string revision : string ref, + string author : string ref, + date revisionDate : date ref, + int changeSize : int ref +) + +svnaffectedfiles( + int id : @svnentry ref, + int file : @file ref, + string action : string ref +) + +svnentrymsg( + unique int id : @svnentry ref, + string message : string ref +) + +svnchurn( + int commit : @svnentry ref, + int file : @file ref, + int addedLines : int ref, + int deletedLines : int ref +) + +/* + * C++ dbscheme + */ + +extractor_version( + string codeql_version: string ref, + string frontend_version: string ref +) + +@location = @location_default ; + +/** + * The location of an element. + * The location spans column `startcolumn` of line `startline` to + * column `endcolumn` of line `endline` in file `file`. + * For more information, see + * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). + */ +locations_default( + /** The location of an element that is not an expression or a statement. */ + unique int id: @location_default, + int container: @container ref, + int startLine: int ref, + int startColumn: int ref, + int endLine: int ref, + int endColumn: int ref +); + +/** An element for which line-count information is available. */ +@sourceline = @file | @function | @variable | @enumconstant | @xmllocatable; + +numlines( + int element_id: @sourceline ref, + int num_lines: int ref, + int num_code: int ref, + int num_comment: int ref +); + +diagnostics( + unique int id: @diagnostic, + int severity: int ref, + string error_tag: string ref, + string error_message: string ref, + string full_error_message: string ref, + int location: @location ref +); + +files( + unique int id: @file, + string name: string ref +); + +folders( + unique int id: @folder, + string name: string ref +); + +@container = @folder | @file + +containerparent( + int parent: @container ref, + unique int child: @container ref +); + +fileannotations( + int id: @file ref, + int kind: int ref, + string name: string ref, + string value: string ref +); + +inmacroexpansion( + int id: @element ref, + int inv: @macroinvocation ref +); + +affectedbymacroexpansion( + int id: @element ref, + int inv: @macroinvocation ref +); + +case @macroinvocation.kind of + 1 = @macro_expansion +| 2 = @other_macro_reference +; + +macroinvocations( + unique int id: @macroinvocation, + int macro_id: @ppd_define ref, + int location: @location ref, + int kind: int ref +); + +macroparent( + unique int id: @macroinvocation ref, + int parent_id: @macroinvocation ref +); + +// a macroinvocation may be part of another location +// the way to find a constant expression that uses a macro +// is thus to find a constant expression that has a location +// to which a macro invocation is bound +macrolocationbind( + int id: @macroinvocation ref, + int location: @location ref +); + +#keyset[invocation, argument_index] +macro_argument_unexpanded( + int invocation: @macroinvocation ref, + int argument_index: int ref, + string text: string ref +); + +#keyset[invocation, argument_index] +macro_argument_expanded( + int invocation: @macroinvocation ref, + int argument_index: int ref, + string text: string ref +); + +/* +case @function.kind of + 1 = @normal_function +| 2 = @constructor +| 3 = @destructor +| 4 = @conversion_function +| 5 = @operator +| 6 = @builtin_function // GCC built-in functions, e.g. __builtin___memcpy_chk +| 7 = @user_defined_literal +| 8 = @deduction_guide +; +*/ + +functions( + unique int id: @function, + string name: string ref, + int kind: int ref +); + +function_entry_point( + int id: @function ref, + unique int entry_point: @stmt ref +); + +function_return_type( + int id: @function ref, + int return_type: @type ref +); + +/** + * If `function` is a coroutine, then this gives the `std::experimental::resumable_traits` + * instance associated with it, and the variables representing the `handle` and `promise` + * for it. + */ +coroutine( + unique int function: @function ref, + int traits: @type ref +); + +/* +case @coroutine_placeholder_variable.kind of + 1 = @handle +| 2 = @promise +| 3 = @init_await_resume +; +*/ + +coroutine_placeholder_variable( + unique int placeholder_variable: @variable ref, + int kind: int ref, + int function: @function ref +) + +/** The `new` function used for allocating the coroutine state, if any. */ +coroutine_new( + unique int function: @function ref, + int new: @function ref +); + +/** The `delete` function used for deallocating the coroutine state, if any. */ +coroutine_delete( + unique int function: @function ref, + int delete: @function ref +); + +purefunctions(unique int id: @function ref); + +function_deleted(unique int id: @function ref); + +function_defaulted(unique int id: @function ref); + +function_prototyped(unique int id: @function ref) + +deduction_guide_for_class( + int id: @function ref, + int class_template: @usertype ref +) + +member_function_this_type( + unique int id: @function ref, + int this_type: @type ref +); + +#keyset[id, type_id] +fun_decls( + int id: @fun_decl, + int function: @function ref, + int type_id: @type ref, + string name: string ref, + int location: @location ref +); +fun_def(unique int id: @fun_decl ref); +fun_specialized(unique int id: @fun_decl ref); +fun_implicit(unique int id: @fun_decl ref); +fun_decl_specifiers( + int id: @fun_decl ref, + string name: string ref +) +#keyset[fun_decl, index] +fun_decl_throws( + int fun_decl: @fun_decl ref, + int index: int ref, + int type_id: @type ref +); +/* an empty throw specification is different from none */ +fun_decl_empty_throws(unique int fun_decl: @fun_decl ref); +fun_decl_noexcept( + int fun_decl: @fun_decl ref, + int constant: @expr ref +); +fun_decl_empty_noexcept(int fun_decl: @fun_decl ref); +fun_decl_typedef_type( + unique int fun_decl: @fun_decl ref, + int typedeftype_id: @usertype ref +); + +/* +case @fun_requires.kind of + 1 = @template_attached +| 2 = @function_attached +; +*/ + +fun_requires( + int id: @fun_decl ref, + int kind: int ref, + int constraint: @expr ref +); + +param_decl_bind( + unique int id: @var_decl ref, + int index: int ref, + int fun_decl: @fun_decl ref +); + +#keyset[id, type_id] +var_decls( + int id: @var_decl, + int variable: @variable ref, + int type_id: @type ref, + string name: string ref, + int location: @location ref +); +var_def(unique int id: @var_decl ref); +var_specialized(int id: @var_decl ref); +var_decl_specifiers( + int id: @var_decl ref, + string name: string ref +) +is_structured_binding(unique int id: @variable ref); +var_requires( + int id: @var_decl ref, + int constraint: @expr ref +); + +type_decls( + unique int id: @type_decl, + int type_id: @type ref, + int location: @location ref +); +type_def(unique int id: @type_decl ref); +type_decl_top( + unique int type_decl: @type_decl ref +); +type_requires( + int id: @type_decl ref, + int constraint: @expr ref +); + +namespace_decls( + unique int id: @namespace_decl, + int namespace_id: @namespace ref, + int location: @location ref, + int bodylocation: @location ref +); + +case @using.kind of + 1 = @using_declaration +| 2 = @using_directive +| 3 = @using_enum_declaration +; + +usings( + unique int id: @using, + int element_id: @element ref, + int location: @location ref, + int kind: int ref +); + +/** The element which contains the `using` declaration. */ +using_container( + int parent: @element ref, + int child: @using ref +); + +static_asserts( + unique int id: @static_assert, + int condition : @expr ref, + string message : string ref, + int location: @location ref, + int enclosing : @element ref +); + +// each function has an ordered list of parameters +#keyset[id, type_id] +#keyset[function, index, type_id] +params( + int id: @parameter, + int function: @parameterized_element ref, + int index: int ref, + int type_id: @type ref +); + +overrides( + int new: @function ref, + int old: @function ref +); + +#keyset[id, type_id] +membervariables( + int id: @membervariable, + int type_id: @type ref, + string name: string ref +); + +#keyset[id, type_id] +globalvariables( + int id: @globalvariable, + int type_id: @type ref, + string name: string ref +); + +#keyset[id, type_id] +localvariables( + int id: @localvariable, + int type_id: @type ref, + string name: string ref +); + +autoderivation( + unique int var: @variable ref, + int derivation_type: @type ref +); + +orphaned_variables( + int var: @localvariable ref, + int function: @function ref +) + +enumconstants( + unique int id: @enumconstant, + int parent: @usertype ref, + int index: int ref, + int type_id: @type ref, + string name: string ref, + int location: @location ref +); + +@variable = @localscopevariable | @globalvariable | @membervariable; + +@localscopevariable = @localvariable | @parameter; + +/** + * Built-in types are the fundamental types, e.g., integral, floating, and void. + */ +case @builtintype.kind of + 1 = @errortype +| 2 = @unknowntype +| 3 = @void +| 4 = @boolean +| 5 = @char +| 6 = @unsigned_char +| 7 = @signed_char +| 8 = @short +| 9 = @unsigned_short +| 10 = @signed_short +| 11 = @int +| 12 = @unsigned_int +| 13 = @signed_int +| 14 = @long +| 15 = @unsigned_long +| 16 = @signed_long +| 17 = @long_long +| 18 = @unsigned_long_long +| 19 = @signed_long_long +// ... 20 Microsoft-specific __int8 +// ... 21 Microsoft-specific __int16 +// ... 22 Microsoft-specific __int32 +// ... 23 Microsoft-specific __int64 +| 24 = @float +| 25 = @double +| 26 = @long_double +| 27 = @complex_float // C99-specific _Complex float +| 28 = @complex_double // C99-specific _Complex double +| 29 = @complex_long_double // C99-specific _Complex long double +| 30 = @imaginary_float // C99-specific _Imaginary float +| 31 = @imaginary_double // C99-specific _Imaginary double +| 32 = @imaginary_long_double // C99-specific _Imaginary long double +| 33 = @wchar_t // Microsoft-specific +| 34 = @decltype_nullptr // C++11 +| 35 = @int128 // __int128 +| 36 = @unsigned_int128 // unsigned __int128 +| 37 = @signed_int128 // signed __int128 +| 38 = @float128 // __float128 +| 39 = @complex_float128 // _Complex __float128 +| 40 = @decimal32 // _Decimal32 +| 41 = @decimal64 // _Decimal64 +| 42 = @decimal128 // _Decimal128 +| 43 = @char16_t +| 44 = @char32_t +| 45 = @std_float32 // _Float32 +| 46 = @float32x // _Float32x +| 47 = @std_float64 // _Float64 +| 48 = @float64x // _Float64x +| 49 = @std_float128 // _Float128 +// ... 50 _Float128x +| 51 = @char8_t +| 52 = @float16 // _Float16 +| 53 = @complex_float16 // _Complex _Float16 +| 54 = @fp16 // __fp16 +| 55 = @std_bfloat16 // __bf16 +| 56 = @std_float16 // std::float16_t +| 57 = @complex_std_float32 // _Complex _Float32 +| 58 = @complex_float32x // _Complex _Float32x +| 59 = @complex_std_float64 // _Complex _Float64 +| 60 = @complex_float64x // _Complex _Float64x +| 61 = @complex_std_float128 // _Complex _Float128 +| 62 = @mfp8 // __mfp8 +| 63 = @scalable_vector_count // __SVCount_t +| 64 = @complex_fp16 // _Complex __fp16 +| 65 = @complex_std_bfloat16 // _Complex __bf16 +| 66 = @complex_std_float16 // _Complex std::float16_t +; + +builtintypes( + unique int id: @builtintype, + string name: string ref, + int kind: int ref, + int size: int ref, + int sign: int ref, + int alignment: int ref +); + +/** + * Derived types are types that are directly derived from existing types and + * point to, refer to, transform type data to return a new type. + */ +case @derivedtype.kind of + 1 = @pointer +| 2 = @reference +| 3 = @type_with_specifiers +| 4 = @array +| 5 = @gnu_vector +| 6 = @routineptr +| 7 = @routinereference +| 8 = @rvalue_reference // C++11 +// ... 9 type_conforming_to_protocols deprecated +| 10 = @block +| 11 = @scalable_vector // Arm SVE +; + +derivedtypes( + unique int id: @derivedtype, + string name: string ref, + int kind: int ref, + int type_id: @type ref +); + +pointerishsize(unique int id: @derivedtype ref, + int size: int ref, + int alignment: int ref); + +arraysizes( + unique int id: @derivedtype ref, + int num_elements: int ref, + int bytesize: int ref, + int alignment: int ref +); + +tupleelements( + unique int id: @derivedtype ref, + int num_elements: int ref +); + +typedefbase( + unique int id: @usertype ref, + int type_id: @type ref +); + +/** + * An instance of the C++11 `decltype` operator or C23 `typeof`/`typeof_unqual` + * operator taking an expression as its argument. For example: + * ``` + * int a; + * decltype(1+a) b; + * typeof(1+a) c; + * ``` + * Here `expr` is `1+a`. + * + * Sometimes an additional pair of parentheses around the expression + * changes the semantics of the decltype, e.g. + * ``` + * struct A { double x; }; + * const A* a = new A(); + * decltype( a->x ); // type is double + * decltype((a->x)); // type is const double& + * ``` + * (Please consult the C++11 standard for more details). + * `parentheses_would_change_meaning` is `true` iff that is the case. + */ + +/* +case @decltype.kind of +| 0 = @decltype +| 1 = @typeof // The frontend does not differentiate between typeof and typeof_unqual +; +*/ + +#keyset[id, expr] +decltypes( + int id: @decltype, + int expr: @expr ref, + int kind: int ref, + int base_type: @type ref, + boolean parentheses_would_change_meaning: boolean ref +); + +/* +case @type_operator.kind of +| 0 = @typeof // The frontend does not differentiate between typeof and typeof_unqual +| 1 = @underlying_type +| 2 = @bases +| 3 = @direct_bases +| 4 = @add_lvalue_reference +| 5 = @add_pointer +| 6 = @add_rvalue_reference +| 7 = @decay +| 8 = @make_signed +| 9 = @make_unsigned +| 10 = @remove_all_extents +| 11 = @remove_const +| 12 = @remove_cv +| 13 = @remove_cvref +| 14 = @remove_extent +| 15 = @remove_pointer +| 16 = @remove_reference_t +| 17 = @remove_restrict +| 18 = @remove_volatile +| 19 = @remove_reference +; +*/ + +type_operators( + unique int id: @type_operator, + int arg_type: @type ref, + int kind: int ref, + int base_type: @type ref +) + +/* +case @usertype.kind of +| 0 = @unknown_usertype +| 1 = @struct +| 2 = @class +| 3 = @union +| 4 = @enum +// ... 5 = @typedef deprecated // classic C: typedef typedef type name +// ... 6 = @template deprecated +| 7 = @template_parameter +| 8 = @template_template_parameter +| 9 = @proxy_class // a proxy class associated with a template parameter +// ... 10 objc_class deprecated +// ... 11 objc_protocol deprecated +// ... 12 objc_category deprecated +| 13 = @scoped_enum +// ... 14 = @using_alias deprecated // a using name = type style typedef +| 15 = @template_struct +| 16 = @template_class +| 17 = @template_union +| 18 = @alias +; +*/ + +usertypes( + unique int id: @usertype, + string name: string ref, + int kind: int ref +); + +usertypesize( + unique int id: @usertype ref, + int size: int ref, + int alignment: int ref +); + +usertype_final(unique int id: @usertype ref); + +usertype_uuid( + unique int id: @usertype ref, + string uuid: string ref +); + +/* +case @usertype.alias_kind of +| 0 = @typedef +| 1 = @alias +*/ + +usertype_alias_kind( + int id: @usertype ref, + int alias_kind: int ref +) + +nontype_template_parameters( + int id: @expr ref +); + +type_template_type_constraint( + int id: @usertype ref, + int constraint: @expr ref +); + +mangled_name( + unique int id: @declaration ref, + int mangled_name : @mangledname, + boolean is_complete: boolean ref +); + +is_pod_class(unique int id: @usertype ref); +is_standard_layout_class(unique int id: @usertype ref); + +is_complete(unique int id: @usertype ref); + +is_class_template(unique int id: @usertype ref); +class_instantiation( + int to: @usertype ref, + int from: @usertype ref +); +class_template_argument( + int type_id: @usertype ref, + int index: int ref, + int arg_type: @type ref +); +class_template_argument_value( + int type_id: @usertype ref, + int index: int ref, + int arg_value: @expr ref +); + +@user_or_decltype = @usertype | @decltype; + +is_proxy_class_for( + unique int id: @usertype ref, + int templ_param_id: @user_or_decltype ref +); + +type_mentions( + unique int id: @type_mention, + int type_id: @type ref, + int location: @location ref, + // a_symbol_reference_kind from the frontend. + int kind: int ref +); + +is_function_template(unique int id: @function ref); +function_instantiation( + unique int to: @function ref, + int from: @function ref +); +function_template_argument( + int function_id: @function ref, + int index: int ref, + int arg_type: @type ref +); +function_template_argument_value( + int function_id: @function ref, + int index: int ref, + int arg_value: @expr ref +); + +is_variable_template(unique int id: @variable ref); +variable_instantiation( + unique int to: @variable ref, + int from: @variable ref +); +variable_template_argument( + int variable_id: @variable ref, + int index: int ref, + int arg_type: @type ref +); +variable_template_argument_value( + int variable_id: @variable ref, + int index: int ref, + int arg_value: @expr ref +); + +template_template_instantiation( + int to: @usertype ref, + int from: @usertype ref +); +template_template_argument( + int type_id: @usertype ref, + int index: int ref, + int arg_type: @type ref +); +template_template_argument_value( + int type_id: @usertype ref, + int index: int ref, + int arg_value: @expr ref +); + +@concept = @concept_template | @concept_id; + +concept_templates( + unique int concept_id: @concept_template, + string name: string ref, + int location: @location ref +); +concept_instantiation( + unique int to: @concept_id ref, + int from: @concept_template ref +); +is_type_constraint(int concept_id: @concept_id ref); +concept_template_argument( + int concept_id: @concept ref, + int index: int ref, + int arg_type: @type ref +); +concept_template_argument_value( + int concept_id: @concept ref, + int index: int ref, + int arg_value: @expr ref +); + +routinetypes( + unique int id: @routinetype, + int return_type: @type ref +); + +routinetypeargs( + int routine: @routinetype ref, + int index: int ref, + int type_id: @type ref +); + +ptrtomembers( + unique int id: @ptrtomember, + int type_id: @type ref, + int class_id: @type ref +); + +/* + specifiers for types, functions, and variables + + "public", + "protected", + "private", + + "const", + "volatile", + "static", + + "pure", + "virtual", + "sealed", // Microsoft + "__interface", // Microsoft + "inline", + "explicit", + + "near", // near far extension + "far", // near far extension + "__ptr32", // Microsoft + "__ptr64", // Microsoft + "__sptr", // Microsoft + "__uptr", // Microsoft + "dllimport", // Microsoft + "dllexport", // Microsoft + "thread", // Microsoft + "naked", // Microsoft + "microsoft_inline", // Microsoft + "forceinline", // Microsoft + "selectany", // Microsoft + "nothrow", // Microsoft + "novtable", // Microsoft + "noreturn", // Microsoft + "noinline", // Microsoft + "noalias", // Microsoft + "restrict", // Microsoft +*/ + +specifiers( + unique int id: @specifier, + unique string str: string ref +); + +typespecifiers( + int type_id: @type ref, + int spec_id: @specifier ref +); + +funspecifiers( + int func_id: @function ref, + int spec_id: @specifier ref +); + +varspecifiers( + int var_id: @accessible ref, + int spec_id: @specifier ref +); + +explicit_specifier_exprs( + unique int func_id: @function ref, + int constant: @expr ref +) + +attributes( + unique int id: @attribute, + int kind: int ref, + string name: string ref, + string name_space: string ref, + int location: @location ref +); + +case @attribute.kind of + 0 = @gnuattribute +| 1 = @stdattribute +| 2 = @declspec +| 3 = @msattribute +| 4 = @alignas +// ... 5 @objc_propertyattribute deprecated +; + +attribute_args( + unique int id: @attribute_arg, + int kind: int ref, + int attribute: @attribute ref, + int index: int ref, + int location: @location ref +); + +case @attribute_arg.kind of + 0 = @attribute_arg_empty +| 1 = @attribute_arg_token +| 2 = @attribute_arg_constant +| 3 = @attribute_arg_type +| 4 = @attribute_arg_constant_expr +| 5 = @attribute_arg_expr +; + +attribute_arg_value( + unique int arg: @attribute_arg ref, + string value: string ref +); +attribute_arg_type( + unique int arg: @attribute_arg ref, + int type_id: @type ref +); +attribute_arg_constant( + unique int arg: @attribute_arg ref, + int constant: @expr ref +) +attribute_arg_expr( + unique int arg: @attribute_arg ref, + int expr: @expr ref +) +attribute_arg_name( + unique int arg: @attribute_arg ref, + string name: string ref +); + +typeattributes( + int type_id: @type ref, + int spec_id: @attribute ref +); + +funcattributes( + int func_id: @function ref, + int spec_id: @attribute ref +); + +varattributes( + int var_id: @accessible ref, + int spec_id: @attribute ref +); + +namespaceattributes( + int namespace_id: @namespace ref, + int spec_id: @attribute ref +); + +stmtattributes( + int stmt_id: @stmt ref, + int spec_id: @attribute ref +); + +@type = @builtintype + | @derivedtype + | @usertype + | @routinetype + | @ptrtomember + | @decltype + | @type_operator; + +unspecifiedtype( + unique int type_id: @type ref, + int unspecified_type_id: @type ref +); + +member( + int parent: @type ref, + int index: int ref, + int child: @member ref +); + +@enclosingfunction_child = @usertype | @variable | @namespace + +enclosingfunction( + unique int child: @enclosingfunction_child ref, + int parent: @function ref +); + +derivations( + unique int derivation: @derivation, + int sub: @type ref, + int index: int ref, + int super: @type ref, + int location: @location ref +); + +derspecifiers( + int der_id: @derivation ref, + int spec_id: @specifier ref +); + +/** + * Contains the byte offset of the base class subobject within the derived + * class. Only holds for non-virtual base classes, but see table + * `virtual_base_offsets` for offsets of virtual base class subobjects. + */ +direct_base_offsets( + unique int der_id: @derivation ref, + int offset: int ref +); + +/** + * Contains the byte offset of the virtual base class subobject for class + * `super` within a most-derived object of class `sub`. `super` can be either a + * direct or indirect base class. + */ +#keyset[sub, super] +virtual_base_offsets( + int sub: @usertype ref, + int super: @usertype ref, + int offset: int ref +); + +frienddecls( + unique int id: @frienddecl, + int type_id: @type ref, + int decl_id: @declaration ref, + int location: @location ref +); + +@declaredtype = @usertype ; + +@declaration = @function + | @declaredtype + | @variable + | @enumconstant + | @frienddecl + | @concept_template; + +@member = @membervariable + | @function + | @declaredtype + | @enumconstant; + +@locatable = @diagnostic + | @declaration + | @ppd_include + | @ppd_define + | @macroinvocation + /*| @funcall*/ + | @xmllocatable + | @attribute + | @attribute_arg; + +@namedscope = @namespace | @usertype; + +@element = @locatable + | @file + | @folder + | @specifier + | @type + | @expr + | @namespace + | @initialiser + | @stmt + | @derivation + | @comment + | @preprocdirect + | @fun_decl + | @var_decl + | @type_decl + | @namespace_decl + | @using + | @namequalifier + | @specialnamequalifyingelement + | @static_assert + | @type_mention + | @lambdacapture; + +@exprparent = @element; + +comments( + unique int id: @comment, + string contents: string ref, + int location: @location ref +); + +commentbinding( + int id: @comment ref, + int element: @element ref +); + +exprconv( + int converted: @expr ref, + unique int conversion: @expr ref +); + +compgenerated(unique int id: @element ref); + +/** + * `destructor_call` destructs the `i`'th entity that should be + * destructed following `element`. Note that entities should be + * destructed in reverse construction order, so for a given `element` + * these should be called from highest to lowest `i`. + */ +#keyset[element, destructor_call] +#keyset[element, i] +synthetic_destructor_call( + int element: @element ref, + int i: int ref, + int destructor_call: @routineexpr ref +); + +namespaces( + unique int id: @namespace, + string name: string ref +); + +namespace_inline( + unique int id: @namespace ref +); + +namespacembrs( + int parentid: @namespace ref, + unique int memberid: @namespacembr ref +); + +@namespacembr = @declaration | @namespace; + +exprparents( + int expr_id: @expr ref, + int child_index: int ref, + int parent_id: @exprparent ref +); + +expr_isload(unique int expr_id: @expr ref); + +@cast = @c_style_cast + | @const_cast + | @dynamic_cast + | @reinterpret_cast + | @static_cast + ; + +/* +case @conversion.kind of + 0 = @simple_conversion // a numeric conversion, qualification conversion, or a reinterpret_cast +| 1 = @bool_conversion // conversion to 'bool' +| 2 = @base_class_conversion // a derived-to-base conversion +| 3 = @derived_class_conversion // a base-to-derived conversion +| 4 = @pm_base_class_conversion // a derived-to-base conversion of a pointer to member +| 5 = @pm_derived_class_conversion // a base-to-derived conversion of a pointer to member +| 6 = @glvalue_adjust // an adjustment of the type of a glvalue +| 7 = @prvalue_adjust // an adjustment of the type of a prvalue +; +*/ +/** + * Describes the semantics represented by a cast expression. This is largely + * independent of the source syntax of the cast, so it is separate from the + * regular expression kind. + */ +conversionkinds( + unique int expr_id: @cast ref, + int kind: int ref +); + +@conversion = @cast + | @array_to_pointer + | @parexpr + | @reference_to + | @ref_indirect + | @temp_init + | @c11_generic + ; + +/* +case @funbindexpr.kind of + 0 = @normal_call // a normal call +| 1 = @virtual_call // a virtual call +| 2 = @adl_call // a call whose target is only found by ADL +; +*/ +iscall( + unique int caller: @funbindexpr ref, + int kind: int ref +); + +numtemplatearguments( + unique int expr_id: @expr ref, + int num: int ref +); + +specialnamequalifyingelements( + unique int id: @specialnamequalifyingelement, + unique string name: string ref +); + +@namequalifiableelement = @expr | @namequalifier; +@namequalifyingelement = @namespace + | @specialnamequalifyingelement + | @usertype; + +namequalifiers( + unique int id: @namequalifier, + unique int qualifiableelement: @namequalifiableelement ref, + int qualifyingelement: @namequalifyingelement ref, + int location: @location ref +); + +varbind( + int expr: @varbindexpr ref, + int var: @accessible ref +); + +funbind( + int expr: @funbindexpr ref, + int fun: @function ref +); + +@any_new_expr = @new_expr + | @new_array_expr; + +@new_or_delete_expr = @any_new_expr + | @delete_expr + | @delete_array_expr; + +@prefix_crement_expr = @preincrexpr | @predecrexpr; + +@postfix_crement_expr = @postincrexpr | @postdecrexpr; + +@increment_expr = @preincrexpr | @postincrexpr; + +@decrement_expr = @predecrexpr | @postdecrexpr; + +@crement_expr = @increment_expr | @decrement_expr; + +@un_arith_op_expr = @arithnegexpr + | @unaryplusexpr + | @conjugation + | @realpartexpr + | @imagpartexpr + | @crement_expr + ; + +@un_bitwise_op_expr = @complementexpr; + +@un_log_op_expr = @notexpr; + +@un_op_expr = @address_of + | @indirect + | @un_arith_op_expr + | @un_bitwise_op_expr + | @builtinaddressof + | @vec_fill + | @un_log_op_expr + | @co_await + | @co_yield + ; + +@bin_log_op_expr = @andlogicalexpr | @orlogicalexpr; + +@cmp_op_expr = @eq_op_expr | @rel_op_expr; + +@eq_op_expr = @eqexpr | @neexpr; + +@rel_op_expr = @gtexpr + | @ltexpr + | @geexpr + | @leexpr + | @spaceshipexpr + ; + +@bin_bitwise_op_expr = @lshiftexpr + | @rshiftexpr + | @andexpr + | @orexpr + | @xorexpr + ; + +@p_arith_op_expr = @paddexpr + | @psubexpr + | @pdiffexpr + ; + +@bin_arith_op_expr = @addexpr + | @subexpr + | @mulexpr + | @divexpr + | @remexpr + | @jmulexpr + | @jdivexpr + | @fjaddexpr + | @jfaddexpr + | @fjsubexpr + | @jfsubexpr + | @minexpr + | @maxexpr + | @p_arith_op_expr + ; + +@bin_op_expr = @bin_arith_op_expr + | @bin_bitwise_op_expr + | @cmp_op_expr + | @bin_log_op_expr + ; + +@op_expr = @un_op_expr + | @bin_op_expr + | @assign_expr + | @conditionalexpr + ; + +@assign_arith_expr = @assignaddexpr + | @assignsubexpr + | @assignmulexpr + | @assigndivexpr + | @assignremexpr + ; + +@assign_bitwise_expr = @assignandexpr + | @assignorexpr + | @assignxorexpr + | @assignlshiftexpr + | @assignrshiftexpr + ; + +@assign_pointer_expr = @assignpaddexpr + | @assignpsubexpr + ; + +@assign_op_expr = @assign_arith_expr + | @assign_bitwise_expr + | @assign_pointer_expr + ; + +@assign_expr = @assignexpr | @assign_op_expr | @blockassignexpr + +/* + Binary encoding of the allocator form. + + case @allocator.form of + 0 = plain + | 1 = alignment + ; +*/ + +/** + * The allocator function associated with a `new` or `new[]` expression. + * The `form` column specified whether the allocation call contains an alignment + * argument. + */ +expr_allocator( + unique int expr: @any_new_expr ref, + int func: @function ref, + int form: int ref +); + +/* + Binary encoding of the deallocator form. + + case @deallocator.form of + 0 = plain + | 1 = size + | 2 = alignment + | 4 = destroying_delete + ; +*/ + +/** + * The deallocator function associated with a `delete`, `delete[]`, `new`, or + * `new[]` expression. For a `new` or `new[]` expression, the deallocator is the + * one used to free memory if the initialization throws an exception. + * The `form` column specifies whether the deallocation call contains a size + * argument, and alignment argument, or both. + */ +expr_deallocator( + unique int expr: @new_or_delete_expr ref, + int func: @function ref, + int form: int ref +); + +/** + * Holds if the `@conditionalexpr` is of the two operand form + * `guard ? : false`. + */ +expr_cond_two_operand( + unique int cond: @conditionalexpr ref +); + +/** + * The guard of `@conditionalexpr` `guard ? true : false` + */ +expr_cond_guard( + unique int cond: @conditionalexpr ref, + int guard: @expr ref +); + +/** + * The expression used when the guard of `@conditionalexpr` + * `guard ? true : false` holds. For the two operand form + * `guard ?: false` consider using `expr_cond_guard` instead. + */ +expr_cond_true( + unique int cond: @conditionalexpr ref, + int true: @expr ref +); + +/** + * The expression used when the guard of `@conditionalexpr` + * `guard ? true : false` does not hold. + */ +expr_cond_false( + unique int cond: @conditionalexpr ref, + int false: @expr ref +); + +/** A string representation of the value. */ +values( + unique int id: @value, + string str: string ref +); + +/** The actual text in the source code for the value, if any. */ +valuetext( + unique int id: @value ref, + string text: string ref +); + +valuebind( + int val: @value ref, + unique int expr: @expr ref +); + +fieldoffsets( + unique int id: @variable ref, + int byteoffset: int ref, + int bitoffset: int ref +); + +bitfield( + unique int id: @variable ref, + int bits: int ref, + int declared_bits: int ref +); + +/* TODO +memberprefix( + int member: @expr ref, + int prefix: @expr ref +); +*/ + +/* + kind(1) = mbrcallexpr + kind(2) = mbrptrcallexpr + kind(3) = mbrptrmbrcallexpr + kind(4) = ptrmbrptrmbrcallexpr + kind(5) = mbrreadexpr // x.y + kind(6) = mbrptrreadexpr // p->y + kind(7) = mbrptrmbrreadexpr // x.*pm + kind(8) = mbrptrmbrptrreadexpr // x->*pm + kind(9) = staticmbrreadexpr // static x.y + kind(10) = staticmbrptrreadexpr // static p->y +*/ +/* TODO +memberaccess( + int member: @expr ref, + int kind: int ref +); +*/ + +initialisers( + unique int init: @initialiser, + int var: @accessible ref, + unique int expr: @expr ref, + int location: @location ref +); + +braced_initialisers( + int init: @initialiser ref +); + +/** + * An ancestor for the expression, for cases in which we cannot + * otherwise find the expression's parent. + */ +expr_ancestor( + int exp: @expr ref, + int ancestor: @element ref +); + +exprs( + unique int id: @expr, + int kind: int ref, + int location: @location ref +); + +expr_reuse( + int reuse: @expr ref, + int original: @expr ref, + int value_category: int ref +) + +/* + case @value.category of + 1 = prval + | 2 = xval + | 3 = lval + ; +*/ +expr_types( + int id: @expr ref, + int typeid: @type ref, + int value_category: int ref +); + +case @expr.kind of + 1 = @errorexpr +| 2 = @address_of // & AddressOfExpr +| 3 = @reference_to // ReferenceToExpr (implicit?) +| 4 = @indirect // * PointerDereferenceExpr +| 5 = @ref_indirect // ReferenceDereferenceExpr (implicit?) +// ... +| 8 = @array_to_pointer // (???) +| 9 = @vacuous_destructor_call // VacuousDestructorCall +// ... +| 11 = @assume // Microsoft +| 12 = @parexpr +| 13 = @arithnegexpr +| 14 = @unaryplusexpr +| 15 = @complementexpr +| 16 = @notexpr +| 17 = @conjugation // GNU ~ operator +| 18 = @realpartexpr // GNU __real +| 19 = @imagpartexpr // GNU __imag +| 20 = @postincrexpr +| 21 = @postdecrexpr +| 22 = @preincrexpr +| 23 = @predecrexpr +| 24 = @conditionalexpr +| 25 = @addexpr +| 26 = @subexpr +| 27 = @mulexpr +| 28 = @divexpr +| 29 = @remexpr +| 30 = @jmulexpr // C99 mul imaginary +| 31 = @jdivexpr // C99 div imaginary +| 32 = @fjaddexpr // C99 add real + imaginary +| 33 = @jfaddexpr // C99 add imaginary + real +| 34 = @fjsubexpr // C99 sub real - imaginary +| 35 = @jfsubexpr // C99 sub imaginary - real +| 36 = @paddexpr // pointer add (pointer + int or int + pointer) +| 37 = @psubexpr // pointer sub (pointer - integer) +| 38 = @pdiffexpr // difference between two pointers +| 39 = @lshiftexpr +| 40 = @rshiftexpr +| 41 = @andexpr +| 42 = @orexpr +| 43 = @xorexpr +| 44 = @eqexpr +| 45 = @neexpr +| 46 = @gtexpr +| 47 = @ltexpr +| 48 = @geexpr +| 49 = @leexpr +| 50 = @minexpr // GNU minimum +| 51 = @maxexpr // GNU maximum +| 52 = @assignexpr +| 53 = @assignaddexpr +| 54 = @assignsubexpr +| 55 = @assignmulexpr +| 56 = @assigndivexpr +| 57 = @assignremexpr +| 58 = @assignlshiftexpr +| 59 = @assignrshiftexpr +| 60 = @assignandexpr +| 61 = @assignorexpr +| 62 = @assignxorexpr +| 63 = @assignpaddexpr // assign pointer add +| 64 = @assignpsubexpr // assign pointer sub +| 65 = @andlogicalexpr +| 66 = @orlogicalexpr +| 67 = @commaexpr +| 68 = @subscriptexpr // access to member of an array, e.g., a[5] +// ... 69 @objc_subscriptexpr deprecated +// ... 70 @cmdaccess deprecated +// ... +| 73 = @virtfunptrexpr +| 74 = @callexpr +// ... 75 @msgexpr_normal deprecated +// ... 76 @msgexpr_super deprecated +// ... 77 @atselectorexpr deprecated +// ... 78 @atprotocolexpr deprecated +| 79 = @vastartexpr +| 80 = @vaargexpr +| 81 = @vaendexpr +| 82 = @vacopyexpr +// ... 83 @atencodeexpr deprecated +| 84 = @varaccess +| 85 = @thisaccess +// ... 86 @objc_box_expr deprecated +| 87 = @new_expr +| 88 = @delete_expr +| 89 = @throw_expr +| 90 = @condition_decl // a variable declared in a condition, e.g., if(int x = y > 2) +| 91 = @braced_init_list +| 92 = @type_id +| 93 = @runtime_sizeof +| 94 = @runtime_alignof +| 95 = @sizeof_pack +| 96 = @expr_stmt // GNU extension +| 97 = @routineexpr +| 98 = @type_operand // used to access a type in certain contexts (haven't found any examples yet....) +| 99 = @offsetofexpr // offsetof ::= type and field +| 100 = @hasassignexpr // __has_assign ::= type +| 101 = @hascopyexpr // __has_copy ::= type +| 102 = @hasnothrowassign // __has_nothrow_assign ::= type +| 103 = @hasnothrowconstr // __has_nothrow_constructor ::= type +| 104 = @hasnothrowcopy // __has_nothrow_copy ::= type +| 105 = @hastrivialassign // __has_trivial_assign ::= type +| 106 = @hastrivialconstr // __has_trivial_constructor ::= type +| 107 = @hastrivialcopy // __has_trivial_copy ::= type +| 108 = @hasuserdestr // __has_user_destructor ::= type +| 109 = @hasvirtualdestr // __has_virtual_destructor ::= type +| 110 = @isabstractexpr // __is_abstract ::= type +| 111 = @isbaseofexpr // __is_base_of ::= type type +| 112 = @isclassexpr // __is_class ::= type +| 113 = @isconvtoexpr // __is_convertible_to ::= type type +| 114 = @isemptyexpr // __is_empty ::= type +| 115 = @isenumexpr // __is_enum ::= type +| 116 = @ispodexpr // __is_pod ::= type +| 117 = @ispolyexpr // __is_polymorphic ::= type +| 118 = @isunionexpr // __is_union ::= type +| 119 = @typescompexpr // GNU __builtin_types_compatible ::= type type +| 120 = @intaddrexpr // frontend internal builtin, used to implement offsetof +// ... +| 122 = @hastrivialdestructor // __has_trivial_destructor ::= type +| 123 = @literal +| 124 = @uuidof +| 127 = @aggregateliteral +| 128 = @delete_array_expr +| 129 = @new_array_expr +// ... 130 @objc_array_literal deprecated +// ... 131 @objc_dictionary_literal deprecated +| 132 = @foldexpr +// ... +| 200 = @ctordirectinit +| 201 = @ctorvirtualinit +| 202 = @ctorfieldinit +| 203 = @ctordelegatinginit +| 204 = @dtordirectdestruct +| 205 = @dtorvirtualdestruct +| 206 = @dtorfielddestruct +// ... +| 210 = @static_cast +| 211 = @reinterpret_cast +| 212 = @const_cast +| 213 = @dynamic_cast +| 214 = @c_style_cast +| 215 = @lambdaexpr +| 216 = @param_ref +| 217 = @noopexpr +// ... +| 294 = @istriviallyconstructibleexpr +| 295 = @isdestructibleexpr +| 296 = @isnothrowdestructibleexpr +| 297 = @istriviallydestructibleexpr +| 298 = @istriviallyassignableexpr +| 299 = @isnothrowassignableexpr +| 300 = @istrivialexpr +| 301 = @isstandardlayoutexpr +| 302 = @istriviallycopyableexpr +| 303 = @isliteraltypeexpr +| 304 = @hastrivialmoveconstructorexpr +| 305 = @hastrivialmoveassignexpr +| 306 = @hasnothrowmoveassignexpr +| 307 = @isconstructibleexpr +| 308 = @isnothrowconstructibleexpr +| 309 = @hasfinalizerexpr +| 310 = @isdelegateexpr +| 311 = @isinterfaceclassexpr +| 312 = @isrefarrayexpr +| 313 = @isrefclassexpr +| 314 = @issealedexpr +| 315 = @issimplevalueclassexpr +| 316 = @isvalueclassexpr +| 317 = @isfinalexpr +| 319 = @noexceptexpr +| 320 = @builtinshufflevector +| 321 = @builtinchooseexpr +| 322 = @builtinaddressof +| 323 = @vec_fill +| 324 = @builtinconvertvector +| 325 = @builtincomplex +| 326 = @spaceshipexpr +| 327 = @co_await +| 328 = @co_yield +| 329 = @temp_init +| 330 = @isassignable +| 331 = @isaggregate +| 332 = @hasuniqueobjectrepresentations +| 333 = @builtinbitcast +| 334 = @builtinshuffle +| 335 = @blockassignexpr +| 336 = @issame +| 337 = @isfunction +| 338 = @islayoutcompatible +| 339 = @ispointerinterconvertiblebaseof +| 340 = @isarray +| 341 = @arrayrank +| 342 = @arrayextent +| 343 = @isarithmetic +| 344 = @iscompletetype +| 345 = @iscompound +| 346 = @isconst +| 347 = @isfloatingpoint +| 348 = @isfundamental +| 349 = @isintegral +| 350 = @islvaluereference +| 351 = @ismemberfunctionpointer +| 352 = @ismemberobjectpointer +| 353 = @ismemberpointer +| 354 = @isobject +| 355 = @ispointer +| 356 = @isreference +| 357 = @isrvaluereference +| 358 = @isscalar +| 359 = @issigned +| 360 = @isunsigned +| 361 = @isvoid +| 362 = @isvolatile +| 363 = @reuseexpr +| 364 = @istriviallycopyassignable +| 365 = @isassignablenopreconditioncheck +| 366 = @referencebindstotemporary +| 367 = @issameas +| 368 = @builtinhasattribute +| 369 = @ispointerinterconvertiblewithclass +| 370 = @builtinispointerinterconvertiblewithclass +| 371 = @iscorrespondingmember +| 372 = @builtiniscorrespondingmember +| 373 = @isboundedarray +| 374 = @isunboundedarray +| 375 = @isreferenceable +| 378 = @isnothrowconvertible +| 379 = @referenceconstructsfromtemporary +| 380 = @referenceconvertsfromtemporary +| 381 = @isconvertible +| 382 = @isvalidwinrttype +| 383 = @iswinclass +| 384 = @iswininterface +| 385 = @istriviallyequalitycomparable +| 386 = @isscopedenum +| 387 = @istriviallyrelocatable +| 388 = @datasizeof +| 389 = @c11_generic +| 390 = @requires_expr +| 391 = @nested_requirement +| 392 = @compound_requirement +| 393 = @concept_id +; + +@var_args_expr = @vastartexpr + | @vaendexpr + | @vaargexpr + | @vacopyexpr + ; + +@builtin_op = @var_args_expr + | @noopexpr + | @offsetofexpr + | @intaddrexpr + | @hasassignexpr + | @hascopyexpr + | @hasnothrowassign + | @hasnothrowconstr + | @hasnothrowcopy + | @hastrivialassign + | @hastrivialconstr + | @hastrivialcopy + | @hastrivialdestructor + | @hasuserdestr + | @hasvirtualdestr + | @isabstractexpr + | @isbaseofexpr + | @isclassexpr + | @isconvtoexpr + | @isemptyexpr + | @isenumexpr + | @ispodexpr + | @ispolyexpr + | @isunionexpr + | @typescompexpr + | @builtinshufflevector + | @builtinconvertvector + | @builtinaddressof + | @istriviallyconstructibleexpr + | @isdestructibleexpr + | @isnothrowdestructibleexpr + | @istriviallydestructibleexpr + | @istriviallyassignableexpr + | @isnothrowassignableexpr + | @istrivialexpr + | @isstandardlayoutexpr + | @istriviallycopyableexpr + | @isliteraltypeexpr + | @hastrivialmoveconstructorexpr + | @hastrivialmoveassignexpr + | @hasnothrowmoveassignexpr + | @isconstructibleexpr + | @isnothrowconstructibleexpr + | @hasfinalizerexpr + | @isdelegateexpr + | @isinterfaceclassexpr + | @isrefarrayexpr + | @isrefclassexpr + | @issealedexpr + | @issimplevalueclassexpr + | @isvalueclassexpr + | @isfinalexpr + | @builtinchooseexpr + | @builtincomplex + | @isassignable + | @isaggregate + | @hasuniqueobjectrepresentations + | @builtinbitcast + | @builtinshuffle + | @issame + | @isfunction + | @islayoutcompatible + | @ispointerinterconvertiblebaseof + | @isarray + | @arrayrank + | @arrayextent + | @isarithmetic + | @iscompletetype + | @iscompound + | @isconst + | @isfloatingpoint + | @isfundamental + | @isintegral + | @islvaluereference + | @ismemberfunctionpointer + | @ismemberobjectpointer + | @ismemberpointer + | @isobject + | @ispointer + | @isreference + | @isrvaluereference + | @isscalar + | @issigned + | @isunsigned + | @isvoid + | @isvolatile + | @istriviallycopyassignable + | @isassignablenopreconditioncheck + | @referencebindstotemporary + | @issameas + | @builtinhasattribute + | @ispointerinterconvertiblewithclass + | @builtinispointerinterconvertiblewithclass + | @iscorrespondingmember + | @builtiniscorrespondingmember + | @isboundedarray + | @isunboundedarray + | @isreferenceable + | @isnothrowconvertible + | @referenceconstructsfromtemporary + | @referenceconvertsfromtemporary + | @isconvertible + | @isvalidwinrttype + | @iswinclass + | @iswininterface + | @istriviallyequalitycomparable + | @isscopedenum + | @istriviallyrelocatable + ; + +compound_requirement_is_noexcept( + int expr: @compound_requirement ref +); + +new_allocated_type( + unique int expr: @new_expr ref, + int type_id: @type ref +); + +new_array_allocated_type( + unique int expr: @new_array_expr ref, + int type_id: @type ref +); + +/** + * The field being initialized by an initializer expression within an aggregate + * initializer for a class/struct/union. Position is used to sort repeated initializers. + */ +#keyset[aggregate, position] +aggregate_field_init( + int aggregate: @aggregateliteral ref, + int initializer: @expr ref, + int field: @membervariable ref, + int position: int ref, + boolean is_designated: boolean ref +); + +/** + * The index of the element being initialized by an initializer expression + * within an aggregate initializer for an array. Position is used to sort repeated initializers. + */ +#keyset[aggregate, position] +aggregate_array_init( + int aggregate: @aggregateliteral ref, + int initializer: @expr ref, + int element_index: int ref, + int position: int ref, + boolean is_designated: boolean ref +); + +@ctorinit = @ctordirectinit + | @ctorvirtualinit + | @ctorfieldinit + | @ctordelegatinginit; +@dtordestruct = @dtordirectdestruct + | @dtorvirtualdestruct + | @dtorfielddestruct; + + +condition_decl_bind( + unique int expr: @condition_decl ref, + unique int decl: @declaration ref +); + +typeid_bind( + unique int expr: @type_id ref, + int type_id: @type ref +); + +uuidof_bind( + unique int expr: @uuidof ref, + int type_id: @type ref +); + +@sizeof_or_alignof = @runtime_sizeof | @runtime_alignof | @datasizeof | @sizeof_pack; + +sizeof_bind( + unique int expr: @sizeof_or_alignof ref, + int type_id: @type ref +); + +code_block( + unique int block: @literal ref, + unique int routine: @function ref +); + +lambdas( + unique int expr: @lambdaexpr ref, + string default_capture: string ref, + boolean has_explicit_return_type: boolean ref, + boolean has_explicit_parameter_list: boolean ref +); + +lambda_capture( + unique int id: @lambdacapture, + int lambda: @lambdaexpr ref, + int index: int ref, + int field: @membervariable ref, + boolean captured_by_reference: boolean ref, + boolean is_implicit: boolean ref, + int location: @location ref +); + +@funbindexpr = @routineexpr + | @new_expr + | @delete_expr + | @delete_array_expr + | @ctordirectinit + | @ctorvirtualinit + | @ctordelegatinginit + | @dtordirectdestruct + | @dtorvirtualdestruct; + +@varbindexpr = @varaccess | @ctorfieldinit | @dtorfielddestruct; +@addressable = @function | @variable ; +@accessible = @addressable | @enumconstant ; + +@access = @varaccess | @routineexpr ; + +fold( + int expr: @foldexpr ref, + string operator: string ref, + boolean is_left_fold: boolean ref +); + +stmts( + unique int id: @stmt, + int kind: int ref, + int location: @location ref +); + +case @stmt.kind of + 1 = @stmt_expr +| 2 = @stmt_if +| 3 = @stmt_while +| 4 = @stmt_goto +| 5 = @stmt_label +| 6 = @stmt_return +| 7 = @stmt_block +| 8 = @stmt_end_test_while // do { ... } while ( ... ) +| 9 = @stmt_for +| 10 = @stmt_switch_case +| 11 = @stmt_switch +| 13 = @stmt_asm // "asm" statement or the body of an asm function +| 15 = @stmt_try_block +| 16 = @stmt_microsoft_try // Microsoft +| 17 = @stmt_decl +| 18 = @stmt_set_vla_size // C99 +| 19 = @stmt_vla_decl // C99 +| 25 = @stmt_assigned_goto // GNU +| 26 = @stmt_empty +| 27 = @stmt_continue +| 28 = @stmt_break +| 29 = @stmt_range_based_for // C++11 +// ... 30 @stmt_at_autoreleasepool_block deprecated +// ... 31 @stmt_objc_for_in deprecated +// ... 32 @stmt_at_synchronized deprecated +| 33 = @stmt_handler +// ... 34 @stmt_finally_end deprecated +| 35 = @stmt_constexpr_if +| 37 = @stmt_co_return +| 38 = @stmt_consteval_if +| 39 = @stmt_not_consteval_if +| 40 = @stmt_leave +; + +type_vla( + int type_id: @type ref, + int decl: @stmt_vla_decl ref +); + +variable_vla( + int var: @variable ref, + int decl: @stmt_vla_decl ref +); + +type_is_vla(unique int type_id: @derivedtype ref) + +if_initialization( + unique int if_stmt: @stmt_if ref, + int init_id: @stmt ref +); + +if_then( + unique int if_stmt: @stmt_if ref, + int then_id: @stmt ref +); + +if_else( + unique int if_stmt: @stmt_if ref, + int else_id: @stmt ref +); + +constexpr_if_initialization( + unique int constexpr_if_stmt: @stmt_constexpr_if ref, + int init_id: @stmt ref +); + +constexpr_if_then( + unique int constexpr_if_stmt: @stmt_constexpr_if ref, + int then_id: @stmt ref +); + +constexpr_if_else( + unique int constexpr_if_stmt: @stmt_constexpr_if ref, + int else_id: @stmt ref +); + +@stmt_consteval_or_not_consteval_if = @stmt_consteval_if | @stmt_not_consteval_if; + +consteval_if_then( + unique int constexpr_if_stmt: @stmt_consteval_or_not_consteval_if ref, + int then_id: @stmt ref +); + +consteval_if_else( + unique int constexpr_if_stmt: @stmt_consteval_or_not_consteval_if ref, + int else_id: @stmt ref +); + +while_body( + unique int while_stmt: @stmt_while ref, + int body_id: @stmt ref +); + +do_body( + unique int do_stmt: @stmt_end_test_while ref, + int body_id: @stmt ref +); + +switch_initialization( + unique int switch_stmt: @stmt_switch ref, + int init_id: @stmt ref +); + +#keyset[switch_stmt, index] +switch_case( + int switch_stmt: @stmt_switch ref, + int index: int ref, + int case_id: @stmt_switch_case ref +); + +switch_body( + unique int switch_stmt: @stmt_switch ref, + int body_id: @stmt ref +); + +@stmt_for_or_range_based_for = @stmt_for + | @stmt_range_based_for; + +for_initialization( + unique int for_stmt: @stmt_for_or_range_based_for ref, + int init_id: @stmt ref +); + +for_condition( + unique int for_stmt: @stmt_for ref, + int condition_id: @expr ref +); + +for_update( + unique int for_stmt: @stmt_for ref, + int update_id: @expr ref +); + +for_body( + unique int for_stmt: @stmt_for ref, + int body_id: @stmt ref +); + +@stmtparent = @stmt | @expr_stmt ; +stmtparents( + unique int id: @stmt ref, + int index: int ref, + int parent: @stmtparent ref +); + +ishandler(unique int block: @stmt_block ref); + +@cfgnode = @stmt | @expr | @function | @initialiser ; + +stmt_decl_bind( + int stmt: @stmt_decl ref, + int num: int ref, + int decl: @declaration ref +); + +stmt_decl_entry_bind( + int stmt: @stmt_decl ref, + int num: int ref, + int decl_entry: @element ref +); + +@parameterized_element = @function | @stmt_block | @requires_expr; + +blockscope( + unique int block: @stmt_block ref, + int enclosing: @parameterized_element ref +); + +@jump = @stmt_goto | @stmt_break | @stmt_continue | @stmt_leave; + +@jumporlabel = @jump | @stmt_label | @literal; + +jumpinfo( + unique int id: @jumporlabel ref, + string str: string ref, + int target: @stmt ref +); + +preprocdirects( + unique int id: @preprocdirect, + int kind: int ref, + int location: @location ref +); +case @preprocdirect.kind of + 0 = @ppd_if +| 1 = @ppd_ifdef +| 2 = @ppd_ifndef +| 3 = @ppd_elif +| 4 = @ppd_else +| 5 = @ppd_endif +| 6 = @ppd_plain_include +| 7 = @ppd_define +| 8 = @ppd_undef +| 9 = @ppd_line +| 10 = @ppd_error +| 11 = @ppd_pragma +| 12 = @ppd_objc_import +| 13 = @ppd_include_next +| 14 = @ppd_ms_import +| 15 = @ppd_elifdef +| 16 = @ppd_elifndef +| 18 = @ppd_warning +; + +@ppd_include = @ppd_plain_include | @ppd_objc_import | @ppd_include_next | @ppd_ms_import; + +@ppd_branch = @ppd_if | @ppd_ifdef | @ppd_ifndef | @ppd_elif | @ppd_elifdef | @ppd_elifndef; + +preprocpair( + int begin : @ppd_branch ref, + int elseelifend : @preprocdirect ref +); + +preproctrue(int branch : @ppd_branch ref); +preprocfalse(int branch : @ppd_branch ref); + +preproctext( + unique int id: @preprocdirect ref, + string head: string ref, + string body: string ref +); + +includes( + unique int id: @ppd_include ref, + int included: @file ref +); + +link_targets( + int id: @link_target, + int binary: @file ref +); + +link_parent( + int element : @element ref, + int link_target : @link_target ref +); + +/* XML Files */ + +xmlEncoding(unique int id: @file ref, string encoding: string ref); + +xmlDTDs( + unique int id: @xmldtd, + string root: string ref, + string publicId: string ref, + string systemId: string ref, + int fileid: @file ref +); + +xmlElements( + unique int id: @xmlelement, + string name: string ref, + int parentid: @xmlparent ref, + int idx: int ref, + int fileid: @file ref +); + +xmlAttrs( + unique int id: @xmlattribute, + int elementid: @xmlelement ref, + string name: string ref, + string value: string ref, + int idx: int ref, + int fileid: @file ref +); + +xmlNs( + int id: @xmlnamespace, + string prefixName: string ref, + string URI: string ref, + int fileid: @file ref +); + +xmlHasNs( + int elementId: @xmlnamespaceable ref, + int nsId: @xmlnamespace ref, + int fileid: @file ref +); + +xmlComments( + unique int id: @xmlcomment, + string text: string ref, + int parentid: @xmlparent ref, + int fileid: @file ref +); + +xmlChars( + unique int id: @xmlcharacters, + string text: string ref, + int parentid: @xmlparent ref, + int idx: int ref, + int isCDATA: int ref, + int fileid: @file ref +); + +@xmlparent = @file | @xmlelement; +@xmlnamespaceable = @xmlelement | @xmlattribute; + +xmllocations( + int xmlElement: @xmllocatable ref, + int location: @location_default ref +); + +@xmllocatable = @xmlcharacters + | @xmlelement + | @xmlcomment + | @xmlattribute + | @xmldtd + | @file + | @xmlnamespace; diff --git a/cpp/ql/lib/upgrades/7bc12b02a4363149f0727a4bce07952dbb9d98aa/upgrade.properties b/cpp/ql/lib/upgrades/7bc12b02a4363149f0727a4bce07952dbb9d98aa/upgrade.properties new file mode 100644 index 00000000000..347caa4decd --- /dev/null +++ b/cpp/ql/lib/upgrades/7bc12b02a4363149f0727a4bce07952dbb9d98aa/upgrade.properties @@ -0,0 +1,5 @@ +description: Merge location tables +compatibility: full +locations_default.rel: run locations_default.qlo +locations_expr.rel: delete +locations_stmt.rel: delete From bf131dc84b41dbff0da7de87580fc72f949e97df Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Thu, 26 Jun 2025 18:13:37 +0200 Subject: [PATCH 106/111] C++: Update stats file --- cpp/ql/lib/semmlecode.cpp.dbscheme.stats | 21706 +++++++++------------ 1 file changed, 8887 insertions(+), 12819 deletions(-) diff --git a/cpp/ql/lib/semmlecode.cpp.dbscheme.stats b/cpp/ql/lib/semmlecode.cpp.dbscheme.stats index 165dde802e5..2681f044157 100644 --- a/cpp/ql/lib/semmlecode.cpp.dbscheme.stats +++ b/cpp/ql/lib/semmlecode.cpp.dbscheme.stats @@ -2,7 +2,7 @@ @compilation - 236162 + 12644 @externalDataElement @@ -16,53 +16,45 @@ @svnentry 575525 - - @location_default - 187588827 - - - @location_stmt - 9188352 - - - @location_expr - 18007924 - @diagnostic - 2936 + 1484 @file - 230754 + 65216 @folder - 22981 + 12390 + + + @location_default + 47502960 @macro_expansion - 179869820 + 40257313 @other_macro_reference - 1944932 + 300694 @function - 7629848 + 4053070 @fun_decl - 7853714 + 4206777 @var_decl - 22872100 + 9391611 @type_decl - 5742010 + 1634963 @namespace_decl @@ -70,15 +62,15 @@ @using_declaration - 500989 + 267964 @using_directive - 22100 + 6473 @using_enum_declaration - 16 + 1 @static_assert @@ -86,11 +78,11 @@ @parameter - 15008695 + 7026196 @membervariable - 6289561 + 1496814 @globalvariable @@ -98,291 +90,291 @@ @localvariable - 1444946 + 726278 @enumconstant - 1205579 + 345733 @errortype - 969 + 124 @unknowntype - 969 + 124 @void - 969 + 124 @boolean - 969 + 124 @char - 969 + 124 @unsigned_char - 969 + 124 @signed_char - 969 + 124 @short - 969 + 124 @unsigned_short - 969 + 124 @signed_short - 969 + 124 @int - 969 + 124 @unsigned_int - 969 + 124 @signed_int - 969 + 124 @long - 969 + 124 @unsigned_long - 969 + 124 @signed_long - 969 + 124 @long_long - 969 + 124 @unsigned_long_long - 969 + 124 @signed_long_long - 969 + 124 @float - 969 + 124 @double - 969 + 124 @long_double - 969 + 124 @complex_float - 969 + 124 @complex_double - 969 + 124 @complex_long_double - 969 + 124 @imaginary_float - 969 + 124 @imaginary_double - 969 + 124 @imaginary_long_double - 969 + 124 @wchar_t - 969 + 124 @decltype_nullptr - 969 + 124 @int128 - 969 + 124 @unsigned_int128 - 969 + 124 @signed_int128 - 969 + 124 @float128 - 969 + 124 @complex_float128 - 969 + 124 @decimal32 - 969 + 124 @decimal64 - 969 + 124 @decimal128 - 969 + 124 @char16_t - 969 + 124 @char32_t - 969 + 124 @std_float32 - 969 + 124 @float32x - 969 + 124 @std_float64 - 969 + 124 @float64x - 969 + 124 @std_float128 - 969 + 124 @char8_t - 969 + 124 @float16 - 969 + 124 @complex_float16 - 969 + 124 @fp16 - 969 + 124 @std_bfloat16 - 969 + 124 @std_float16 - 969 + 124 @complex_std_float32 - 969 + 124 @complex_float32x - 969 + 124 @complex_std_float64 - 969 + 124 @complex_float64x - 969 + 124 @complex_std_float128 - 969 + 124 @mfp8 - 969 + 124 @scalable_vector_count - 969 + 124 @complex_fp16 - 969 + 124 @complex_std_bfloat16 - 969 + 124 @complex_std_float16 - 969 + 124 @pointer - 1517635 + 452880 @type_with_specifiers - 1660095 + 693866 @array - 561118 + 90401 @routineptr - 684113 + 684108 @reference - 2667006 + 968191 @gnu_vector - 11174 + 676 @routinereference - 1804 + 374 @rvalue_reference - 1313151 + 291306 @block - 1016 + 10 @scalable_vector @@ -390,23 +382,23 @@ @type_operator - 21466 + 7961 @decltype - 317468 + 102349 @usertype - 6052127 + 4151872 @mangledname - 12739995 + 6370038 @type_mention - 19988012 + 5902896 @concept_template @@ -414,19 +406,19 @@ @routinetype - 792462 + 604318 @ptrtomember - 24227 + 9728 @specifier - 60085 + 7741 @gnuattribute - 3255016 + 559629 @stdattribute @@ -434,7 +426,7 @@ @declspec - 3611894 + 330047 @msattribute @@ -446,15 +438,15 @@ @attribute_arg_token - 1092168 + 16693 @attribute_arg_constant_expr - 422211 + 71909 @attribute_arg_expr - 82735 + 1404 @attribute_arg_empty @@ -466,55 +458,55 @@ @attribute_arg_type - 1290 + 460 @derivation - 695371 + 476900 @frienddecl - 11664613 + 700455 @comment - 68615333 + 11241963 @namespace - 55509 + 8651 @specialnamequalifyingelement - 969 + 124 @namequalifier - 3041980 + 3042067 @value - 14027056 + 13474604 @initialiser - 5596945 + 2251034 @address_of - 730977 + 595217 @indirect - 453518 + 404153 @array_to_pointer - 3302753 + 1953751 @parexpr - 5451268 + 4915208 @arithnegexpr @@ -526,15 +518,15 @@ @complementexpr - 142292 + 38199 @notexpr - 847791 + 355764 @postincrexpr - 599725 + 84581 @postdecrexpr @@ -542,7 +534,7 @@ @preincrexpr - 115589 + 96714 @predecrexpr @@ -554,7 +546,7 @@ @addexpr - 786845 + 571553 @subexpr @@ -562,19 +554,19 @@ @mulexpr - 810567 + 435793 @divexpr - 188452 + 52393 @remexpr - 80415 + 16012 @paddexpr - 361060 + 118669 @psubexpr @@ -582,15 +574,15 @@ @pdiffexpr - 57367 + 43951 @lshiftexpr - 589376 + 551696 @rshiftexpr - 247934 + 200554 @andexpr @@ -598,11 +590,11 @@ @orexpr - 574546 + 194055 @xorexpr - 117340 + 73961 @eqexpr @@ -614,15 +606,15 @@ @gtexpr - 199369 + 111149 @ltexpr - 201611 + 139429 @geexpr - 105701 + 81368 @leexpr @@ -630,19 +622,19 @@ @assignexpr - 1873384 + 1281144 @assignaddexpr - 194702 + 85634 @assignsubexpr - 93350 + 15307 @assignmulexpr - 11189 + 11186 @assigndivexpr @@ -650,23 +642,23 @@ @assignremexpr - 4667 + 874 @assignlshiftexpr - 20590 + 3703 @assignrshiftexpr - 38673 + 6882 @assignandexpr - 48479 + 6528 @assignorexpr - 111126 + 19606 @assignxorexpr @@ -674,15 +666,15 @@ @assignpaddexpr - 122317 + 18628 @assignpsubexpr - 10123 + 1575 @andlogicalexpr - 358253 + 346589 @orlogicalexpr @@ -690,27 +682,27 @@ @commaexpr - 281043 + 168440 @subscriptexpr - 765638 + 435142 @callexpr - 239780 + 239778 @vastartexpr - 11600 + 4979 @vaargexpr - 4740 + 1303 @vaendexpr - 11600 + 2941 @vacopyexpr @@ -718,11 +710,11 @@ @varaccess - 9157418 + 8254631 @runtime_sizeof - 776529 + 402047 @runtime_alignof @@ -730,11 +722,11 @@ @expr_stmt - 202820 + 148364 @routineexpr - 5732446 + 5732629 @type_operand @@ -750,35 +742,35 @@ @literal - 7985912 + 7967932 @aggregateliteral - 1397521 + 1397523 @c_style_cast - 6026986 + 6026998 @temp_init - 1115901 + 992092 @errorexpr - 94210 + 45686 @reference_to - 2774640 + 1903048 @ref_indirect - 2856354 + 2107314 @vacuous_destructor_call - 15900 + 7835 @assume @@ -834,23 +826,23 @@ @thisaccess - 1602283 + 1558309 @new_expr - 94223 + 46197 @delete_expr - 33039 + 11481 @throw_expr - 92879 + 24156 @condition_decl - 408922 + 408935 @braced_init_list @@ -858,11 +850,11 @@ @type_id - 229949 + 47901 @sizeof_pack - 1781 + 1737 @hasassignexpr @@ -878,7 +870,7 @@ @hasnothrowconstr - 87 + 3 @hasnothrowcopy @@ -886,15 +878,15 @@ @hastrivialassign - 3 + 2 @hastrivialconstr - 23 + 7 @hastrivialcopy - 87 + 2 @hasuserdestr @@ -922,7 +914,7 @@ @isemptyexpr - 8995 + 8865 @isenumexpr @@ -930,11 +922,11 @@ @ispodexpr - 5904 + 834 @ispolyexpr - 35 + 3 @isunionexpr @@ -946,7 +938,7 @@ @hastrivialdestructor - 4701 + 2793 @uuidof @@ -954,19 +946,19 @@ @delete_array_expr - 41539 + 1246 @new_array_expr - 44190 + 6653 @foldexpr - 2481 + 1248 @ctordirectinit - 131710 + 112837 @ctorvirtualinit @@ -974,15 +966,15 @@ @ctorfieldinit - 206698 + 206399 @ctordelegatinginit - 8703 + 3621 @dtordirectdestruct - 52507 + 39452 @dtorvirtualdestruct @@ -990,15 +982,15 @@ @dtorfielddestruct - 41790 + 39826 @static_cast - 355280 + 348369 @reinterpret_cast - 79930 + 40089 @const_cast @@ -1010,11 +1002,11 @@ @lambdaexpr - 23413 + 19057 @param_ref - 164014 + 163951 @noopexpr @@ -1046,7 +1038,7 @@ @istrivialexpr - 7757 + 3367 @isstandardlayoutexpr @@ -1054,7 +1046,7 @@ @istriviallycopyableexpr - 3876 + 1373 @isliteraltypeexpr @@ -1074,7 +1066,7 @@ @isconstructibleexpr - 4613 + 3621 @isnothrowconstructibleexpr @@ -1118,19 +1110,19 @@ @noexceptexpr - 28356 + 28345 @builtinshufflevector - 727 + 1 @builtinchooseexpr - 21326 + 20701 @builtinaddressof - 15822 + 15483 @vec_fill @@ -1138,7 +1130,7 @@ @builtinconvertvector - 307 + 1 @builtincomplex @@ -1158,7 +1150,7 @@ @isassignable - 664 + 408 @isaggregate @@ -1174,15 +1166,15 @@ @builtinshuffle - 10127 + 612 @blockassignexpr - 177 + 1 @issame - 5390 + 4540 @isfunction @@ -1234,7 +1226,7 @@ @isintegral - 8 + 2 @islvaluereference @@ -1258,7 +1250,7 @@ @ispointer - 1182 + 2 @isreference @@ -1282,7 +1274,7 @@ @isvoid - 30 + 2 @isvolatile @@ -1290,7 +1282,7 @@ @reuseexpr - 847042 + 847070 @istriviallycopyassignable @@ -1302,7 +1294,7 @@ @referencebindstotemporary - 14582 + 2 @issameas @@ -1398,11 +1390,11 @@ @compound_requirement - 10951 + 10952 @concept_id - 90434 + 90437 @lambdacapture @@ -1410,7 +1402,7 @@ @stmt_expr - 3215944 + 2031614 @stmt_if @@ -1418,51 +1410,51 @@ @stmt_while - 46675 + 39647 @stmt_goto - 291728 + 157918 @stmt_label - 283522 + 78029 @stmt_return - 1710123 + 1241901 @stmt_block - 2399400 + 1729360 @stmt_end_test_while - 551349 + 233641 @stmt_for - 121083 + 84389 @stmt_switch_case - 836154 + 836182 @stmt_switch - 411869 + 411883 @stmt_asm - 562106 + 64199 @stmt_decl - 1426776 + 772440 @stmt_empty - 817301 + 429420 @stmt_continue @@ -1470,11 +1462,11 @@ @stmt_break - 590166 + 137937 @stmt_try_block - 26698 + 26748 @stmt_microsoft_try @@ -1482,11 +1474,11 @@ @stmt_set_vla_size - 1222 + 35 @stmt_vla_decl - 267 + 30 @stmt_assigned_goto @@ -1494,15 +1486,15 @@ @stmt_range_based_for - 17217 + 6385 @stmt_handler - 43746 + 43790 @stmt_constexpr_if - 818798 + 106134 @stmt_co_return @@ -1522,51 +1514,51 @@ @ppd_if - 3008135 + 591478 @ppd_ifdef - 1135803 + 214363 @ppd_ifndef - 754594 + 158651 @ppd_elif - 392006 + 21918 @ppd_else - 1396495 + 235118 @ppd_endif - 4825227 + 889777 @ppd_plain_include - 491786 + 318582 @ppd_define - 21491110 + 2752616 @ppd_undef - 581469 + 100515 @ppd_pragma - 2256101 + 406555 @ppd_include_next - 28235 + 170 @ppd_line - 743302 + 18828 @ppd_error @@ -1594,7 +1586,7 @@ @link_target - 11917 + 816 @xmldtd @@ -1624,15 +1616,15 @@ compilations - 236162 + 12644 id - 236162 + 12644 cwd - 1391 + 10 @@ -1646,7 +1638,7 @@ 1 2 - 236162 + 12644 @@ -1660,34 +1652,9 @@ 12 - 120 - 157 - 103 - - - 160 - 161 - 721 - - - 164 - 165 - 257 - - - 168 - 169 - 51 - - - 184 - 185 - 154 - - - 188 - 341 - 103 + 1197 + 1198 + 10 @@ -1697,19 +1664,19 @@ compilation_args - 20454453 + 1012270 id - 236162 + 12644 num - 4997 + 1468 arg - 328227 + 29270 @@ -1721,29 +1688,79 @@ 12 - 84 - 85 - 134876 + 36 + 42 + 1003 - 86 - 87 - 45645 + 42 + 43 + 1098 - 92 - 93 - 28593 + 43 + 44 + 718 + + + 44 + 45 + 507 + + + 45 + 51 + 950 + + + 51 + 70 + 485 + + + 71 + 72 + 707 + + + 72 + 90 + 897 94 - 95 - 9531 + 96 + 390 - 95 - 98 - 17516 + 98 + 99 + 1341 + + + 100 + 102 + 95 + + + 103 + 104 + 1996 + + + 104 + 119 + 1066 + + + 120 + 138 + 929 + + + 139 + 140 + 454 @@ -1757,29 +1774,74 @@ 12 - 74 - 75 - 134876 + 34 + 38 + 591 - 75 - 76 - 45645 + 38 + 39 + 1499 + + + 39 + 40 + 982 + + + 40 + 42 + 1087 + + + 42 + 53 + 602 + + + 53 + 54 + 707 + + + 54 + 63 + 897 + + + 64 + 67 + 401 + + + 67 + 68 + 1404 + + + 68 + 70 + 971 + + + 70 + 71 + 1404 + + + 73 + 79 + 950 79 - 80 - 28593 + 89 + 1130 - 80 - 81 - 9531 - - - 81 - 83 - 17516 + 89 + 90 + 10 @@ -1793,19 +1855,59 @@ 12 - 85 - 526 - 257 + 43 + 90 + 63 - 1080 - 1967 - 412 + 90 + 108 + 116 - 4584 - 4585 - 4327 + 108 + 183 + 105 + + + 198 + 422 + 116 + + + 422 + 595 + 126 + + + 595 + 605 + 126 + + + 605 + 749 + 116 + + + 750 + 778 + 116 + + + 781 + 883 + 116 + + + 930 + 1190 + 84 + + + 1197 + 1198 + 380 @@ -1820,48 +1922,73 @@ 1 - 2 - 978 - - - 2 - 3 - 206 - - - 3 - 4 - 463 - - - 4 5 - 360 + 126 5 - 6 - 1597 + 7 + 116 - 6 - 60 - 360 + 9 + 12 + 73 - 85 - 125 - 412 + 12 + 15 + 116 - 135 - 430 - 412 + 15 + 18 + 95 - 558 - 2624 - 206 + 18 + 22 + 116 + + + 22 + 27 + 126 + + + 27 + 29 + 84 + + + 29 + 34 + 116 + + + 34 + 44 + 126 + + + 45 + 63 + 116 + + + 67 + 94 + 116 + + + 94 + 164 + 116 + + + 171 + 199 + 21 @@ -1877,17 +2004,22 @@ 1 2 - 281705 + 13404 2 - 27 - 22410 + 3 + 12686 - 27 - 4585 - 24110 + 3 + 103 + 2197 + + + 104 + 1198 + 982 @@ -1903,17 +2035,17 @@ 1 2 - 291751 + 19383 2 - 4 - 29932 + 3 + 8725 - 4 - 13 - 6542 + 3 + 62 + 1161 @@ -1923,15 +2055,15 @@ compilation_build_mode - 2 + 12644 id - 2 + 12644 mode - 2 + 10 @@ -1945,7 +2077,7 @@ 1 2 - 2 + 12644 @@ -1959,9 +2091,9 @@ 12 - 1 - 2 - 2 + 1197 + 1198 + 10 @@ -1971,19 +2103,19 @@ compilation_compiling_files - 236162 + 15739 id - 236162 + 2723 num - 51 + 4520 file - 7882 + 13670 @@ -1997,7 +2129,42 @@ 1 2 - 236162 + 1361 + + + 2 + 3 + 163 + + + 3 + 4 + 163 + + + 4 + 5 + 326 + + + 5 + 8 + 163 + + + 8 + 9 + 163 + + + 9 + 13 + 217 + + + 21 + 84 + 163 @@ -2013,7 +2180,42 @@ 1 2 - 236162 + 1361 + + + 2 + 3 + 163 + + + 3 + 4 + 163 + + + 4 + 5 + 326 + + + 5 + 8 + 163 + + + 8 + 9 + 163 + + + 9 + 13 + 217 + + + 21 + 84 + 163 @@ -2027,9 +2229,29 @@ 12 - 4584 - 4585 - 51 + 1 + 2 + 2396 + + + 2 + 3 + 980 + + + 3 + 4 + 490 + + + 4 + 13 + 381 + + + 13 + 51 + 272 @@ -2043,9 +2265,29 @@ 12 - 153 - 154 - 51 + 1 + 2 + 2396 + + + 2 + 3 + 980 + + + 3 + 4 + 490 + + + 4 + 13 + 381 + + + 13 + 49 + 272 @@ -2059,24 +2301,19 @@ 12 - 3 + 1 + 2 + 12308 + + + 2 4 - 103 + 1143 4 - 5 - 5564 - - - 16 - 17 - 257 - - - 107 - 108 - 1957 + 6 + 217 @@ -2092,7 +2329,17 @@ 1 2 - 7882 + 12526 + + + 2 + 4 + 1089 + + + 4 + 5 + 54 @@ -2102,23 +2349,23 @@ compilation_time - 944650 + 62959 id - 236162 + 2723 num - 51 + 4520 kind - 206 + 217 seconds - 10200 + 19824 @@ -2132,260 +2379,122 @@ 1 2 - 236162 + 1361 - - - - - - id - kind - - - 12 - - - 4 - 5 - 236162 - - - - - - - id - seconds - - - 12 - 2 3 - 2060 + 163 3 4 - 125448 + 163 4 5 - 108653 + 326 - - - - - - num - id - - - 12 - - - 4584 - 4585 - 51 - - - - - - - num - kind - - - 12 - - - 4 - 5 - 51 - - - - - - - num - seconds - - - 12 - - - 198 - 199 - 51 - - - - - - - kind - id - - - 12 - - - 4584 - 4585 - 206 - - - - - - - kind - num - - - 12 - - - 1 - 2 - 206 - - - - - - - kind - seconds - - - 12 - 5 - 6 - 51 - - - 7 8 - 51 + 163 - 162 - 163 - 51 - - - 184 - 185 - 51 - - - - - - - seconds - id - - - 12 - - - 1 - 2 - 978 - - - 2 - 6 - 824 - - - 6 + 8 9 - 772 + 163 9 - 16 - 875 + 13 + 217 - 16 - 20 - 772 - - - 20 - 25 - 772 - - - 25 - 31 - 824 - - - 31 - 38 - 824 - - - 38 - 45 - 772 - - - 45 - 54 - 824 - - - 54 - 71 - 772 - - - 71 - 326 - 772 - - - 338 - 2995 - 412 + 21 + 84 + 163 - seconds - num - - - 12 - - - 1 - 2 - 10200 - - - - - - - seconds + id kind + + + 12 + + + 4 + 5 + 2723 + + + + + + + id + seconds + + + 12 + + + 3 + 4 + 1143 + + + 4 + 5 + 217 + + + 6 + 8 + 217 + + + 8 + 11 + 217 + + + 11 + 12 + 217 + + + 13 + 18 + 163 + + + 18 + 20 + 217 + + + 20 + 44 + 217 + + + 51 + 133 + 108 + + + + + + + num + id 12 @@ -2393,12 +2502,245 @@ 1 2 - 1957 + 2396 2 3 - 8243 + 980 + + + 3 + 4 + 490 + + + 4 + 13 + 381 + + + 13 + 51 + 272 + + + + + + + num + kind + + + 12 + + + 4 + 5 + 4520 + + + + + + + num + seconds + + + 12 + + + 3 + 4 + 1524 + + + 4 + 5 + 871 + + + 5 + 6 + 272 + + + 6 + 7 + 490 + + + 7 + 8 + 272 + + + 8 + 9 + 217 + + + 9 + 15 + 381 + + + 15 + 47 + 381 + + + 51 + 97 + 108 + + + + + + + kind + id + + + 12 + + + 50 + 51 + 217 + + + + + + + kind + num + + + 12 + + + 83 + 84 + 217 + + + + + + + kind + seconds + + + 12 + + + 4 + 5 + 54 + + + 5 + 6 + 54 + + + 191 + 192 + 54 + + + 213 + 214 + 54 + + + + + + + seconds + id + + + 12 + + + 1 + 2 + 14214 + + + 2 + 3 + 3594 + + + 3 + 5 + 1742 + + + 5 + 39 + 272 + + + + + + + seconds + num + + + 12 + + + 1 + 2 + 13125 + + + 2 + 3 + 3866 + + + 3 + 4 + 1579 + + + 4 + 56 + 1252 + + + + + + + seconds + kind + + + 12 + + + 1 + 2 + 17155 + + + 2 + 3 + 2668 @@ -2408,23 +2750,23 @@ diagnostic_for - 5770 + 4152 diagnostic - 2936 + 1484 compilation - 2885 + 1355 file_number - 51 + 21 file_number_diagnostic_number - 103 + 107 @@ -2438,12 +2780,12 @@ 1 2 - 2885 + 1441 - 56 - 57 - 51 + 63 + 64 + 43 @@ -2459,7 +2801,7 @@ 1 2 - 2936 + 1484 @@ -2475,7 +2817,7 @@ 1 2 - 2936 + 1484 @@ -2489,9 +2831,14 @@ 12 - 2 - 3 - 2885 + 3 + 4 + 1312 + + + 5 + 6 + 43 @@ -2507,7 +2854,7 @@ 1 2 - 2885 + 1355 @@ -2521,9 +2868,14 @@ 12 - 2 - 3 - 2885 + 3 + 4 + 1312 + + + 5 + 6 + 43 @@ -2537,9 +2889,9 @@ 12 - 57 - 58 - 51 + 69 + 70 + 21 @@ -2553,9 +2905,9 @@ 12 - 56 - 57 - 51 + 63 + 64 + 21 @@ -2569,9 +2921,9 @@ 12 - 2 - 3 - 51 + 5 + 6 + 21 @@ -2587,12 +2939,17 @@ 1 2 - 51 + 43 - 56 - 57 - 51 + 2 + 3 + 43 + + + 63 + 64 + 21 @@ -2606,9 +2963,14 @@ 12 - 56 - 57 - 103 + 2 + 3 + 43 + + + 63 + 64 + 64 @@ -2624,7 +2986,7 @@ 1 2 - 103 + 107 @@ -2634,19 +2996,19 @@ compilation_finished - 236162 + 12644 id - 236162 + 12644 cpu_seconds - 16331 + 9496 elapsed_seconds - 463 + 211 @@ -2660,7 +3022,7 @@ 1 2 - 236162 + 12644 @@ -2676,7 +3038,7 @@ 1 2 - 236162 + 12644 @@ -2692,67 +3054,17 @@ 1 2 - 1648 + 7996 2 3 - 1545 + 1098 3 - 4 - 1494 - - - 4 - 5 - 927 - - - 5 - 6 - 1339 - - - 6 - 7 - 1133 - - - 7 - 9 - 1236 - - - 9 - 11 - 1494 - - - 11 - 13 - 1391 - - - 13 - 16 - 1339 - - - 16 - 22 - 1287 - - - 22 - 54 - 1236 - - - 76 - 599 - 257 + 35 + 401 @@ -2768,32 +3080,12 @@ 1 2 - 2472 + 8799 2 3 - 3554 - - - 3 - 4 - 3451 - - - 4 - 5 - 3606 - - - 5 - 6 - 2421 - - - 6 - 8 - 824 + 697 @@ -2809,47 +3101,72 @@ 1 2 - 51 + 42 - 8 - 9 - 51 + 2 + 3 + 10 - 67 - 68 - 51 + 3 + 4 + 21 - 206 - 207 - 51 + 6 + 7 + 21 - 314 - 315 - 51 + 10 + 11 + 10 - 480 - 481 - 51 + 12 + 13 + 21 - 638 - 639 - 51 + 14 + 15 + 10 - 1370 - 1371 - 51 + 16 + 17 + 10 - 1500 - 1501 - 51 + 29 + 30 + 10 + + + 53 + 54 + 10 + + + 171 + 172 + 10 + + + 241 + 242 + 10 + + + 296 + 297 + 10 + + + 319 + 320 + 10 @@ -2865,47 +3182,72 @@ 1 2 - 51 + 42 - 8 - 9 - 51 + 2 + 3 + 10 - 51 - 52 - 51 + 3 + 4 + 21 - 66 - 67 - 51 + 6 + 7 + 21 - 105 - 106 - 51 + 10 + 11 + 10 - 144 - 145 - 51 + 12 + 13 + 21 - 191 - 192 - 51 + 14 + 15 + 10 - 213 - 214 - 51 + 16 + 17 + 10 - 221 - 222 - 51 + 29 + 30 + 10 + + + 52 + 53 + 10 + + + 160 + 161 + 10 + + + 162 + 163 + 10 + + + 225 + 226 + 10 + + + 249 + 250 + 10 @@ -3131,11 +3473,11 @@ sourceLocationPrefix - 969 + 124 prefix - 969 + 124 @@ -4629,15 +4971,15 @@ extractor_version - 969 + 124 codeql_version - 969 + 124 frontend_version - 969 + 124 @@ -4651,7 +4993,7 @@ 1 2 - 969 + 124 @@ -4667,7 +5009,7 @@ 1 2 - 969 + 124 @@ -4677,31 +5019,31 @@ locations_default - 187588827 + 47502960 id - 187588827 + 47502960 container - 133737 + 40955 startLine - 59692684 + 7507420 startColumn - 192854 + 21975 endLine - 59688807 + 7508544 endColumn - 290734 + 53441 @@ -4715,7 +5057,7 @@ 1 2 - 187588827 + 47502960 @@ -4731,7 +5073,7 @@ 1 2 - 187588827 + 47502960 @@ -4747,7 +5089,7 @@ 1 2 - 187588827 + 47502960 @@ -4763,7 +5105,7 @@ 1 2 - 187588827 + 47502960 @@ -4779,7 +5121,7 @@ 1 2 - 187588827 + 47502960 @@ -4794,68 +5136,73 @@ 1 - 22 - 10660 + 15 + 3121 - 23 - 62 - 10660 + 15 + 42 + 3121 - 62 - 87 - 10660 + 42 + 73 + 3121 - 88 - 115 - 11629 + 75 + 114 + 3121 - 117 - 152 - 10660 + 114 + 142 + 3246 - 152 - 200 - 10660 + 142 + 213 + 3121 - 202 - 283 - 10660 + 213 + 304 + 3121 - 299 - 365 - 10660 + 310 + 423 + 3121 - 372 - 474 - 10660 + 429 + 598 + 3121 - 507 - 795 - 10660 + 598 + 834 + 3121 - 864 - 1798 - 10660 + 838 + 1314 + 3121 - 1880 - 4620 - 10660 + 1328 + 2780 + 3121 - 12195 - 59051 - 4845 + 2844 + 23269 + 3121 + + + 30790 + 57883 + 249 @@ -4870,68 +5217,68 @@ 1 - 22 - 11629 + 13 + 3371 - 29 - 46 - 10660 + 13 + 31 + 3371 + + + 31 + 47 + 3121 47 - 61 - 11629 + 64 + 3121 - 62 - 81 - 10660 + 64 + 84 + 3121 - 81 - 101 - 11629 + 85 + 115 + 3121 - 102 - 128 - 10660 + 116 + 160 + 3246 - 128 - 164 - 10660 + 160 + 206 + 3121 - 168 - 237 - 10660 + 206 + 291 + 3121 - 246 - 381 - 10660 + 298 + 388 + 3121 - 385 - 550 - 10660 + 395 + 527 + 3121 - 568 - 1104 - 10660 + 561 + 1339 + 3121 - 1195 - 7434 - 10660 - - - 12075 - 58993 - 2907 + 1375 + 57764 + 2871 @@ -4946,3759 +5293,75 @@ 1 - 4 - 5814 + 5 + 3745 - 4 - 6 - 9691 - - - 6 + 5 9 - 10660 + 3121 9 15 - 10660 + 3246 15 - 17 - 8722 - - - 17 20 - 8722 + 3246 20 - 24 - 11629 + 28 + 3246 - 26 - 29 - 10660 - - - 29 - 34 - 10660 + 28 + 36 + 3246 36 42 - 11629 - - - 42 - 56 - 11629 - - - 56 - 75 - 10660 - - - 75 - 127 - 10660 - - - 136 - 195 - 1938 - - - - - - - container - endLine - - - 12 - - - 1 - 22 - 11629 - - - 29 - 46 - 10660 - - - 47 - 61 - 11629 - - - 62 - 78 - 10660 - - - 80 - 101 - 11629 - - - 102 - 128 - 10660 - - - 128 - 164 - 10660 - - - 168 - 237 - 10660 - - - 246 - 381 - 10660 - - - 385 - 550 - 10660 - - - 568 - 1104 - 10660 - - - 1195 - 7436 - 10660 - - - 12075 - 58993 - 2907 - - - - - - - container - endColumn - - - 12 - - - 1 - 12 - 10660 - - - 13 - 29 - 10660 - - - 29 - 35 - 10660 - - - 35 - 40 - 11629 - - - 41 - 45 - 11629 - - - 45 - 48 - 10660 - - - 49 - 60 - 10660 - - - 60 - 68 - 10660 - - - 68 - 77 - 10660 - - - 77 - 87 - 10660 - - - 91 - 103 - 10660 - - - 103 - 155 - 10660 - - - 171 - 292 - 3876 - - - - - - - startLine - id - - - 12 - - - 1 - 2 - 38141488 - - - 2 - 3 - 6285684 - - - 3 - 4 - 4993853 - - - 4 - 6 - 4742852 - - - 6 - 26 - 4508326 - - - 26 - 176 - 1020478 - - - - - - - startLine - container - - - 12 - - - 1 - 2 - 38608602 - - - 2 - 3 - 10020656 - - - 3 - 4 - 5546249 - - - 4 - 16 - 4591670 - - - 16 - 139 - 925505 - - - - - - - startLine - startColumn - - - 12 - - - 1 - 2 - 44882657 - - - 2 - 3 - 4052842 - - - 3 - 4 - 3421947 - - - 4 - 7 - 4558720 - - - 7 - 43 - 2776516 - - - - - - - startLine - endLine - - - 12 - - - 1 - 2 - 58650884 - - - 2 - 14 - 1041799 - - - - - - - startLine - endColumn - - - 12 - - - 1 - 2 - 38587281 - - - 2 - 3 - 6118996 - - - 3 - 4 - 5025834 - - - 4 - 6 - 4782586 - - - 6 - 27 - 4485067 - - - 27 - 67 - 692917 - - - - - - - startColumn - id - - - 12 - - - 1 - 2 - 19382 - - - 2 - 3 - 15505 - - - 3 - 5 - 16474 - - - 5 - 11 - 15505 - - - 11 - 15 - 14536 - - - 15 - 28 - 14536 - - - 28 - 58 - 14536 - - - 60 - 136 - 14536 - - - 138 - 281 - 14536 - - - 329 - 448 - 14536 - - - 463 - 807 - 14536 - - - 815 - 1929 - 14536 - - - 2561 - 109994 - 9691 - - - - - - - startColumn - container - - - 12 - - - 1 - 2 - 33919 - - - 2 - 3 - 23258 - - - 3 - 4 - 13567 - - - 4 - 6 - 14536 - - - 6 - 11 - 16474 - - - 11 - 17 - 14536 - - - 19 - 26 - 15505 - - - 27 - 46 - 16474 - - - 46 - 55 - 14536 - - - 55 - 65 - 14536 - - - 66 - 137 - 14536 - - - 138 - 139 - 969 - - - - - - - startColumn - startLine - - - 12 - - - 1 - 2 - 20351 - - - 2 - 3 - 15505 - - - 3 - 5 - 16474 - - - 5 - 11 - 15505 - - - 11 - 15 - 14536 - - - 15 - 28 - 14536 - - - 28 - 58 - 14536 - - - 60 - 135 - 14536 - - - 137 - 316 - 14536 - - - 323 - 425 - 14536 - - - 432 - 713 - 14536 - - - 729 - 2052 - 14536 - - - 2140 - 60974 - 8722 - - - - - - - startColumn - endLine - - - 12 - - - 1 - 2 - 20351 - - - 2 - 3 - 15505 - - - 3 - 5 - 16474 - - - 5 - 11 - 15505 - - - 11 - 15 - 14536 - - - 15 - 28 - 14536 - - - 28 - 58 - 14536 - - - 60 - 135 - 14536 - - - 137 - 316 - 14536 - - - 323 - 425 - 14536 - - - 432 - 713 - 14536 - - - 729 - 2052 - 14536 - - - 2141 - 60975 - 8722 - - - - - - - startColumn - endColumn - - - 12 - - - 1 - 2 - 24227 - - - 2 - 3 - 17444 - - - 3 - 4 - 9691 - - - 4 - 6 - 12598 - - - 6 - 8 - 13567 - - - 8 - 12 - 15505 - - - 12 - 18 - 17444 - - - 18 - 25 - 14536 - - - 25 - 38 - 15505 - - - 38 - 42 - 14536 + 3121 42 53 - 15505 + 3371 53 - 70 - 14536 - - - 72 - 300 - 7752 - - - - - - - endLine - id - - - 12 - - - 1 - 2 - 38096909 - - - 2 - 3 - 6353522 - - - 3 - 4 - 4967687 - - - 4 - 6 - 4754481 - - - 6 - 26 - 4502511 - - - 26 - 178 - 1013695 - - - - - - - endLine - container - - - 12 - - - 1 - 2 - 38559177 - - - 2 - 3 - 10061359 - - - 3 - 4 - 5555940 - - - 4 - 16 - 4585855 - - - 16 - 139 - 926474 - - - - - - - endLine - startLine - - - 12 - - - 1 - 2 - 58619873 - - - 2 - 6 - 1068934 - - - - - - - endLine - startColumn - - - 12 - - - 1 - 2 - 44876842 - - - 2 - 3 - 4054780 - - - 3 - 4 - 3421947 - - - 4 - 7 - 4554844 - - - 7 - 43 - 2780393 - - - - - - - endLine - endColumn - - - 12 - - - 1 - 2 - 38542702 - - - 2 - 3 - 6188773 - - - 3 - 4 - 4997729 - - - 4 - 6 - 4793246 - - - 6 - 28 - 4525770 - - - 28 - 67 - 640585 - - - - - - - endColumn - id - - - 12 - - - 1 - 2 - 52332 - - - 2 - 5 - 22289 - - - 5 - 12 - 25197 - - - 12 - 18 - 24227 - - - 18 - 29 - 22289 - - - 29 - 64 - 22289 - - - 66 - 142 - 22289 - - - 146 - 405 - 22289 - - - 433 - 904 - 22289 - - - 921 - 1929 - 22289 - - - 1937 - 3068 - 22289 - - - 3091 - 32212 - 10660 - - - - - - - endColumn - container - - - 12 - - - 1 - 2 - 64930 - - - 2 - 3 - 17444 - - - 3 - 4 - 18413 - - - 4 - 5 - 15505 - - - 5 - 6 - 24227 - - - 6 - 10 - 25197 - - - 10 - 24 - 22289 - - - 24 - 45 - 23258 - - - 49 - 65 - 23258 - - - 68 - 88 - 23258 - - - 88 - 108 - 22289 - - - 111 - 139 - 10660 - - - - - - - endColumn - startLine - - - 12 - - - 1 - 2 - 53301 - - - 2 - 5 - 22289 - - - 5 - 11 - 21320 - - - 11 - 16 - 22289 - - - 16 - 24 - 23258 - - - 24 - 52 - 22289 - - - 55 - 131 - 22289 - - - 132 - 279 - 22289 - - - 301 - 707 - 22289 - - - 720 - 1623 - 22289 - - - 1623 - 1989 - 22289 - - - 2040 - 30655 - 14536 - - - - - - - endColumn - startColumn - - - 12 - - - 1 - 2 - 86251 - - - 2 - 3 - 17444 - - - 3 - 4 - 15505 - - - 4 - 6 - 22289 - - - 6 - 11 - 21320 - - - 11 - 18 - 22289 - - - 18 - 28 - 22289 - - - 28 - 35 - 22289 - - - 35 - 41 - 19382 - - - 41 - 45 - 22289 - - - 45 - 52 - 19382 - - - - - - - endColumn - endLine - - - 12 - - - 1 - 2 - 53301 - - - 2 - 5 - 23258 - - - 5 - 11 - 20351 - - - 11 - 16 - 22289 - - - 16 - 24 - 23258 - - - 24 - 52 - 22289 - - - 55 - 131 - 22289 - - - 132 - 279 - 22289 - - - 301 - 706 - 22289 - - - 718 - 1623 - 23258 - - - 1629 - 2041 - 22289 - - - 2181 - 30652 - 13567 - - - - - - - - - locations_stmt - 9188352 - - - id - 9188352 - - - container - 225335 - - - startLine - 3533 - - - startColumn - 250 - - - endLine - 3438 - - - endColumn - 463 - - - - - id - container - - - 12 - - - 1 - 2 - 9188352 - - - - - - - id - startLine - - - 12 - - - 1 - 2 - 9188352 - - - - - - - id - startColumn - - - 12 - - - 1 - 2 - 9188352 - - - - - - - id - endLine - - - 12 - - - 1 - 2 - 9188352 - - - - - - - id - endColumn - - - 12 - - - 1 - 2 - 9188352 - - - - - - - container - id - - - 12 - - - 1 - 6 - 9990 - - - 6 - 9 - 18036 - - - 9 - 12 - 15392 - - - 12 - 17 - 19300 - - - 17 - 22 - 19707 - - - 22 - 26 - 18519 - - - 26 - 32 - 18850 - - - 32 - 39 - 17724 - - - 39 - 46 - 18137 - - - 46 - 57 - 17285 - - - 57 - 70 - 17074 - - - 70 - 91 - 17214 - - - 91 - 241 - 16916 - - - 241 - 421 - 1185 - - - - - - - container - startLine - - - 12 - - - 1 - 6 - 10006 - - - 6 - 9 - 18470 - - - 9 - 12 - 15844 - - - 12 - 17 - 18953 - - - 17 - 21 - 15743 - - - 21 - 25 - 19715 - - - 25 - 30 - 18055 - - - 30 - 37 - 19081 - - - 37 - 44 - 17781 - - - 44 - 54 - 17443 - - - 54 - 66 - 17500 - - - 66 - 86 - 17247 - - - 86 - 199 - 16907 - - - 199 - 406 - 2582 - - - - - - - container - startColumn - - - 12 - - - 1 - 2 - 5210 - - - 2 - 3 - 55357 - - - 3 - 4 - 47143 - - - 4 - 5 - 40292 - - - 5 - 6 - 25778 - - - 6 - 7 - 29309 - - - 7 - 8 - 16953 - - - 8 - 28 - 5289 - - - - - - - container - endLine - - - 12 - - - 1 - 4 - 7103 - - - 4 - 6 - 16413 - - - 6 - 9 - 19553 - - - 9 - 13 - 17623 - - - 13 - 17 - 18014 - - - 17 - 20 - 14674 - - - 20 - 24 - 16865 - - - 24 - 29 - 18049 - - - 29 - 35 - 18170 - - - 35 - 42 - 19204 - - - 42 - 51 - 17983 - - - 51 - 64 - 18099 - - - 64 - 113 - 16995 - - - 113 - 336 - 6585 - - - - - - - container - endColumn - - - 12 - - - 1 - 3 - 8796 - - - 3 - 4 - 21553 - - - 4 - 6 - 15873 - - - 6 - 7 - 12300 - - - 7 - 8 - 13583 - - - 8 - 9 - 13255 - - - 9 - 10 - 11270 - - - 10 - 11 - 14178 - - - 11 - 12 - 15506 - - - 12 - 13 - 15344 - - - 13 - 14 - 12794 - - - 14 - 16 - 18290 - - - 16 - 18 - 14990 - - - 18 - 26 - 18235 - - - 26 - 33 - 17959 - - - 33 - 68 - 1400 - - - - - - - startLine - id - - - 12 - - - 1 - 2 - 1330 - - - 2 - 3 - 500 - - - 3 - 4 - 248 - - - 4 - 23 - 265 - - - 23 - 220 - 265 - - - 229 - 1001 - 265 - - - 1014 - 4600 - 265 - - - 4642 - 30796 - 265 - - - 31255 - 49199 - 125 - - - - - - - startLine - container - - - 12 - - - 1 - 2 - 1699 - - - 2 - 3 - 353 - - - 3 - 16 - 267 - - - 16 - 135 - 265 - - - 141 - 891 - 265 - - - 896 - 3568 - 265 - - - 3704 - 25127 - 265 - - - 26034 - 46240 - 149 - - - - - - - startLine - startColumn - - - 12 - - - 1 - 2 - 1374 - - - 2 - 3 - 553 - - - 3 - 4 - 267 - - - 4 - 7 - 281 - - - 7 - 10 - 243 - - - 10 - 14 - 298 - - - 14 - 25 - 287 - - - 25 - 36 - 226 - - - - - - - startLine - endLine - - - 12 - - - 1 - 2 - 1980 - - - 2 - 3 - 292 - - - 3 - 8 - 270 - - - 8 - 23 - 292 - - - 23 - 47 - 281 - - - 47 - 70 - 272 - - - 70 - 112 - 144 - - - - - - - startLine - endColumn - - - 12 - - - 1 - 2 - 1387 - - - 2 - 3 - 526 - - - 3 - 4 - 228 - - - 4 - 11 - 285 - - - 11 - 38 - 274 - - - 38 - 63 - 270 - - - 63 - 94 - 272 - - - 94 - 149 - 265 - - - 149 - 179 - 21 - - - - - - - startColumn - id - - - 12 - - - 1 - 2 - 41 - - - 2 - 3 - 21 - - - 3 - 4 - 26 - - - 4 - 5 - 8 - - - 5 - 6 - 17 - - - 6 - 8 - 17 - - - 8 - 12 - 19 - - - 12 - 90 - 19 - - - 140 - 606 - 19 - - - 681 - 1645 - 19 - - - 3968 - 11561 - 19 - - - 11584 - 1372189 - 17 - - - - - - - startColumn - container - - - 12 - - - 1 - 2 - 48 - - - 2 - 3 - 28 - - - 3 - 4 - 30 - - - 4 - 5 - 17 - - - 5 - 6 - 10 - - - 6 - 8 - 19 - - - 8 - 39 - 19 - - - 45 - 220 - 19 - - - 233 - 1699 - 19 - - - 1861 - 5687 - 19 - - - 9654 - 100221 - 15 - - - - - - - startColumn - startLine - - - 12 - - - 1 - 2 - 41 - - - 2 - 3 - 21 - - - 3 - 4 - 26 - - - 4 - 5 - 8 - - - 5 - 6 - 17 - - - 6 - 8 - 17 - - - 8 - 11 - 19 - - - 12 - 52 - 19 - - - 53 - 125 - 19 - - - 131 - 177 - 19 - - - 179 - 386 - 19 - - - 423 - 904 - 17 - - - - - - - startColumn - endLine - - - 12 - - - 1 - 2 - 41 - - - 2 - 3 - 21 - - - 3 - 4 - 26 - - - 4 - 5 - 10 - - - 5 - 7 - 21 - - - 7 - 9 - 17 - - - 9 - 14 - 19 - - - 14 - 71 - 19 - - - 88 - 140 - 19 - - - 140 - 191 - 19 - - - 232 - 543 - 19 - - - 559 - 899 - 10 - - - - - - - startColumn - endColumn - - - 12 - - - 1 - 2 - 54 - - - 2 - 3 - 43 - - - 3 - 4 - 37 - - - 4 - 5 - 28 - - - 5 - 6 - 15 - - - 6 - 8 - 21 - - - 8 - 12 - 19 - - - 13 - 74 - 19 - - - 93 - 198 - 8 - - - - - - - endLine - id - - - 12 - - - 1 - 2 - 1150 - - - 2 - 3 - 606 - - - 3 - 4 - 202 - - - 4 - 15 - 270 - - - 15 - 144 - 259 - - - 149 - 881 - 261 - - - 959 - 3635 - 259 - - - 3657 - 22005 - 259 - - - 22053 - 43062 - 171 - - - - - - - endLine - container - - - 12 - - - 1 - 2 - 1664 - - - 2 - 3 - 353 - - - 3 - 20 - 259 - - - 20 - 196 - 259 - - - 207 - 842 - 259 - - - 846 - 3913 - 259 - - - 3933 - 24449 - 259 - - - 24521 - 35597 - 125 - - - - - - - endLine - startLine - - - 12 - - - 1 - 2 - 1824 - - - 2 - 3 - 298 - - - 3 - 8 - 283 - - - 8 - 24 - 267 - - - 24 - 41 - 267 - - - 41 - 57 - 276 - - - 57 - 84 - 219 - - - - - - - endLine - startColumn - - - 12 - - - 1 - 2 - 1227 - - - 2 - 3 - 627 - - - 3 - 4 - 259 - - - 4 - 7 - 272 - - - 7 - 10 - 245 - - - 10 - 14 - 285 - - - 14 - 24 - 261 - - - 24 - 36 - 259 - - - - - - - endLine - endColumn - - - 12 - - - 1 - 2 - 1321 - - - 2 - 3 - 570 - - - 3 - 5 - 278 - - - 5 - 17 - 270 - - - 17 - 45 - 261 - - - 45 - 74 - 267 - - - 74 - 108 - 261 - - - 108 - 180 - 206 - - - - - - - endColumn - id - - - 12 - - - 1 - 11 - 37 - - - 11 - 42 - 35 - - - 43 - 63 - 35 - - - 63 - 95 - 35 - - - 98 - 184 - 35 - - - 184 - 223 - 35 - - - 223 - 526 - 35 - - - 573 - 1737 - 35 - - - 2000 - 4203 - 35 - - - 4363 - 9065 - 35 - - - 9539 - 29497 - 35 - - - 35135 - 64752 - 35 - - - 66007 - 337354 - 35 - - - 475678 - 685070 - 4 - - - - - - - endColumn - container - - - 12 - - - 1 - 6 - 35 - - - 6 - 23 - 35 - - - 24 - 51 - 37 - - - 51 - 72 - 37 - - - 72 - 154 - 35 - - - 158 - 200 - 35 - - - 207 - 389 - 35 - - - 397 - 1388 - 35 - - - 1419 - 2381 - 35 - - - 2453 - 5497 - 35 - - - 5825 - 14041 - 35 - - - 14633 - 22330 - 35 - - - 23082 - 73454 - 35 - - - 100181 - 100182 - 2 - - - - - - - endColumn - startLine - - - 12 - - - 1 - 3 - 35 - - - 3 - 10 - 37 - - - 10 - 14 - 35 - - - 14 - 38 - 35 - - - 38 - 57 - 35 - - - 57 - 67 - 35 - - - 69 - 125 - 35 - - - 129 - 191 - 35 - - - 191 - 255 - 35 - - - 261 - 318 - 37 - - - 320 - 407 - 35 - - - 410 - 451 - 37 - - - 459 - 583 - 35 - - - - - - - endColumn - startColumn - - - 12 - - - 1 - 2 - 142 - - - 2 - 3 - 32 - - - 3 - 4 - 41 - - - 4 - 5 - 32 - - - 5 - 6 - 32 - - - 6 - 8 - 30 - - - 8 - 11 - 37 - - - 11 - 13 - 39 - - - 13 - 16 - 41 - - - 16 - 29 - 30 - - - - - - - endColumn - endLine - - - 12 - - - 1 - 3 - 35 - - - 3 - 10 - 37 - - - 10 - 14 - 35 - - - 14 - 38 - 35 - - - 38 - 57 - 37 - - - 57 - 70 - 35 - - - 70 - 130 - 35 - - - 134 - 192 - 35 - - - 197 - 262 - 37 - - - 262 - 321 - 35 - - - 322 - 406 - 35 - - - 408 - 451 - 35 - - - 459 - 566 - 35 - - - - - - - - - locations_expr - 18007924 - - - id - 18007924 - - - container - 6359 - - - startLine - 262734 - - - startColumn - 3376 - - - endLine - 262706 - - - endColumn - 3826 - - - - - id - container - - - 12 - - - 1 - 2 - 18007924 - - - - - - - id - startLine - - - 12 - - - 1 - 2 - 18007924 - - - - - - - id - startColumn - - - 12 - - - 1 - 2 - 18007924 - - - - - - - id - endLine - - - 12 - - - 1 - 2 - 18007924 - - - - - - - id - endColumn - - - 12 - - - 1 - 2 - 18007924 - - - - - - - container - id - - - 12 - - - 1 - 2 - 562 - - - 2 - 6 - 478 - - - 6 - 11 - 478 - - - 12 - 26 - 506 - - - 27 - 87 - 478 - - - 95 - 514 - 478 - - - 525 - 1401 - 478 - - - 1526 - 2343 - 478 - - - 2404 - 3615 - 478 - - - 3668 - 5162 - 478 - - - 5341 - 7345 - 478 - - - 7399 - 9307 - 478 - - - 9382 - 16759 - 478 - - - 18811 - 18812 - 28 - - - - - - - container - startLine - - - 12 - - - 1 - 2 - 675 - - - 2 - 4 - 478 - - - 4 - 10 - 534 - - - 10 - 20 - 506 - - - 20 - 66 - 478 - - - 67 - 162 - 478 - - - 166 - 362 - 478 - - - 376 - 591 - 478 - - - 593 - 929 - 478 - - - 960 - 1269 - 478 - - - 1291 - 1782 - 478 - - - 1851 - 2492 - 478 - - - 2594 - 4241 - 337 - - - - - - - container - startColumn - - - 12 - - - 1 - 2 - 675 - - - 2 - 4 - 506 - - - 4 - 7 - 534 - - - 7 - 16 - 478 - - - 16 - 34 - 506 - - - 36 - 59 - 478 - - - 59 - 66 - 506 - - - 66 - 68 - 365 - - - 68 - 69 - 281 - - - 69 - 70 - 422 - - - 70 - 71 - 253 - - - 71 - 72 - 422 - - - 72 - 74 - 365 - - - 74 - 92 - 506 - - - 94 - 109 - 56 - - - - - - - container - endLine - - - 12 - - - 1 - 2 - 675 - - - 2 - 4 - 478 - - - 4 - 10 - 534 - - - 10 - 20 - 506 - - - 20 - 68 - 478 - - - 68 - 163 - 478 - - - 166 - 362 - 478 - - - 376 - 592 - 478 - - - 593 - 931 - 478 - - - 960 - 1273 - 478 - - - 1292 - 1786 - 478 - - - 1855 - 2501 - 478 - - - 2593 - 4416 - 337 - - - - - - - container - endColumn - - - 12 - - - 1 - 2 - 619 - - - 2 - 4 - 478 - - - 4 - 7 - 506 - - - 7 - 15 - 478 - - - 15 - 36 - 478 - - - 36 62 - 478 + 3246 62 - 71 - 534 + 81 + 3121 - 71 - 73 - 281 + 81 + 95 + 3121 - 73 - 75 - 450 + 95 + 111 + 3121 - 75 - 76 - 168 - - - 76 - 77 - 562 - - - 77 - 79 - 478 - - - 79 - 84 - 478 - - - 84 - 116 - 365 + 112 + 156 + 1997 - startLine - id - - - 12 - - - 1 - 5 - 22061 - - - 5 - 9 - 22567 - - - 9 - 15 - 21948 - - - 15 - 23 - 20682 - - - 23 - 32 - 20738 - - - 32 - 44 - 20541 - - - 44 - 60 - 20203 - - - 60 - 80 - 20344 - - - 80 - 103 - 20006 - - - 103 - 130 - 20147 - - - 130 - 159 - 19950 - - - 159 - 194 - 20006 - - - 194 - 297 - 13534 - - - - - - - startLine - container - - - 12 - - - 1 - 2 - 32191 - - - 2 - 3 - 21385 - - - 3 - 4 - 15532 - - - 4 - 6 - 22398 - - - 6 - 8 - 18656 - - - 8 - 11 - 22483 - - - 11 - 16 - 23749 - - - 16 - 21 - 22567 - - - 21 - 28 - 22736 - - - 28 - 35 - 21695 - - - 35 - 43 - 21835 - - - 43 - 61 - 17502 - - - - - - - startLine - startColumn - - - 12 - - - 1 - 4 - 21864 - - - 4 - 7 - 24002 - - - 7 - 11 - 22848 - - - 11 - 16 - 23833 - - - 16 - 21 - 23974 - - - 21 - 26 - 20625 - - - 26 - 31 - 22145 - - - 31 - 36 - 24171 - - - 36 - 40 - 21526 - - - 40 - 44 - 22680 - - - 44 - 49 - 22820 - - - 49 - 63 - 12240 - - - - - - - startLine + container endLine @@ -8706,750 +5369,75 @@ 1 - 2 - 139344 - - - 2 - 3 - 61286 - - - 3 - 4 - 37790 - - - 4 - 6 - 20035 - - - 6 - 23 - 4277 - - - - - - - startLine - endColumn - - - 12 - - - 1 - 4 - 23214 - - - 4 - 7 - 22792 - - - 7 - 11 - 22483 - - - 11 - 16 - 22201 - - - 16 - 21 - 22511 - - - 21 - 27 - 22933 - - - 27 - 33 - 22539 - - - 33 - 38 - 19809 - - - 38 - 43 - 21357 - - - 43 - 47 - 20006 - - - 47 - 52 - 23102 - - - 52 - 66 - 19725 - - - 68 - 69 - 56 - - - - - - - startColumn - id - - - 12 - - - 1 - 2 - 422 - - - 2 - 4 - 253 - - - 4 - 8 - 281 - - - 8 - 26 - 281 - - - 43 - 253 - 253 - - - 278 - 844 - 253 - - - 949 - 1891 - 253 - - - 2093 - 4169 - 253 - - - 4251 - 7004 - 253 - - - 7173 - 11370 - 253 - - - 12331 - 15107 - 253 - - - 15374 - 30162 - 253 - - - 30211 - 49563 - 112 - - - - - - - startColumn - container - - - 12 - - - 1 - 2 - 450 - - - 2 - 3 - 168 - - - 3 - 4 - 196 - - - 4 - 6 - 253 - - - 7 - 32 - 253 - - - 43 - 99 - 253 - - - 101 - 121 - 253 - - - 121 - 130 - 253 - - - 130 - 138 - 253 - - - 138 - 142 - 281 - - - 142 - 144 - 225 - - - 144 - 150 - 281 - - - 151 - 158 - 253 - - - - - - - startColumn - startLine - - - 12 - - - 1 - 2 - 422 - - - 2 - 4 - 253 - - - 4 - 7 - 253 - - - 7 - 19 - 253 - - - 20 - 152 - 253 - - - 199 - 588 - 253 - - - 633 - 1287 - 253 - - - 1365 - 2343 - 253 - - - 2576 - 3504 - 253 - - - 3522 - 4709 - 253 - - - 4736 - 5298 - 253 - - - 5332 - 5999 - 253 - - - 6157 - 6996 - 168 - - - - - - - startColumn - endLine - - - 12 - - - 1 - 2 - 422 - - - 2 - 4 - 253 - - - 4 - 7 - 253 - - - 7 - 19 - 253 - - - 20 - 152 - 253 - - - 199 - 588 - 253 - - - 648 - 1289 - 253 - - - 1365 - 2347 - 253 - - - 2579 - 3510 - 253 - - - 3529 - 4710 - 253 - - - 4739 - 5323 - 253 - - - 5346 - 6023 - 253 - - - 6201 - 7039 - 168 - - - - - - - startColumn - endColumn - - - 12 - - - 1 - 2 - 450 - - - 2 - 3 - 168 - - - 3 - 5 - 253 - - - 5 - 9 - 253 - - - 9 13 - 253 + 3371 13 - 20 - 253 - - - 20 - 30 - 253 - - - 30 - 42 - 253 - - - 44 - 60 - 281 - - - 60 - 69 - 253 - - - 69 - 74 - 253 - - - 74 - 84 - 309 - - - 84 - 96 - 140 - - - - - - - endLine - id - - - 12 - - - 1 - 5 - 22089 - - - 5 - 9 - 22567 - - - 9 - 15 - 21638 - - - 15 - 23 - 20654 - - - 23 - 32 - 21413 - - - 32 - 44 - 20175 - - - 44 - 60 - 19838 - - - 60 - 80 - 20935 - - - 80 - 103 - 19866 - - - 103 - 130 - 20063 - - - 130 - 159 - 20006 - - - 159 - 193 - 19725 - - - 193 - 296 - 13731 - - - - - - - endLine - container - - - 12 - - - 1 - 2 - 32191 - - - 2 - 3 - 21301 - - - 3 - 4 - 15532 - - - 4 - 6 - 21976 - - - 6 - 8 - 18459 - - - 8 - 11 - 22567 - - - 11 - 15 - 19838 - - - 15 - 20 - 22877 - - - 20 - 26 - 20513 - - - 26 - 33 - 21976 - - - 33 - 40 - 19950 - - - 40 - 49 - 20091 - - - 49 - 61 - 5430 - - - - - - - endLine - startLine - - - 12 - - - 1 - 2 - 130621 - - - 2 - 3 - 68406 - - - 3 - 4 - 40267 - - - 4 - 6 - 21441 - - - 6 - 11 - 1969 - - - - - - - endLine - startColumn - - - 12 - - - 1 - 4 - 21667 - - - 4 - 7 - 23890 - - - 7 - 11 - 22567 - - - 11 - 16 - 23749 - - - 16 - 21 - 23693 - - - 21 - 26 - 20738 - - - 26 31 - 22342 + 3371 31 - 36 - 24143 + 46 + 3121 - 36 - 40 - 20935 - - - 40 - 44 - 22651 - - - 44 - 49 - 23214 - - - 49 + 46 63 - 13112 + 3121 + + + 63 + 84 + 3121 + + + 84 + 114 + 3121 + + + 118 + 160 + 3246 + + + 160 + 206 + 3121 + + + 207 + 291 + 3121 + + + 300 + 390 + 3121 + + + 395 + 562 + 3121 + + + 564 + 1350 + 3121 + + + 1420 + 57764 + 2871 - endLine + container endColumn @@ -9457,70 +5445,75 @@ 1 - 4 - 23524 + 12 + 3371 - 4 - 7 - 22989 - - - 7 - 11 - 22483 - - - 11 - 16 - 23102 - - - 16 - 21 - 21920 - - - 21 + 13 26 - 19866 + 3496 26 - 32 - 22117 + 34 + 3246 - 32 - 38 - 23946 + 34 + 42 + 3246 - 38 - 43 - 22173 + 42 + 50 + 3246 - 43 - 47 - 19838 + 50 + 61 + 3121 - 47 - 52 - 22820 + 61 + 67 + 3246 - 52 - 69 - 17924 + 67 + 76 + 3496 + + + 76 + 88 + 3246 + + + 89 + 102 + 3121 + + + 102 + 116 + 3496 + + + 116 + 133 + 3121 + + + 136 + 363 + 1498 - endColumn + startLine id @@ -9529,74 +5522,39 @@ 1 2 - 309 + 4961952 2 + 3 + 779523 + + + 3 4 - 309 + 542407 4 - 10 - 281 + 12 + 570876 - 10 - 16 - 337 + 12 + 97 + 564008 - 16 - 51 - 309 - - - 56 - 618 - 309 - - - 841 - 2290 - 309 - - - 2328 - 4142 - 309 - - - 4177 - 7140 - 309 - - - 8235 - 11725 - 309 - - - 12344 - 15458 - 309 - - - 15684 - 18219 - 309 - - - 18696 - 19124 - 112 + 97 + 645 + 88653 - endColumn + startLine container @@ -9605,67 +5563,802 @@ 1 2 - 450 + 5024009 2 + 3 + 1222414 + + + 3 + 6 + 640549 + + + 6 + 57 + 563509 + + + 57 + 329 + 56937 + + + + + + + startLine + startColumn + + + 12 + + + 1 + 2 + 5646454 + + + 2 + 3 + 483596 + + + 3 + 7 + 582613 + + + 7 + 25 + 566256 + + + 25 + 94 + 228500 + + + + + + + startLine + endLine + + + 12 + + + 1 + 2 + 7041179 + + + 2 + 85 + 466240 + + + + + + + startLine + endColumn + + + 12 + + + 1 + 2 + 5031001 + + + 2 + 3 + 740066 + + + 3 4 - 281 + 540284 4 + 12 + 587482 + + + 12 + 72 + 565257 + + + 72 + 250 + 43327 + + + + + + + startColumn + id + + + 12 + + + 1 + 2 + 1623 + + + 2 6 - 281 + 1997 6 12 - 309 + 1872 12 - 41 - 309 + 37 + 1748 - 50 + 40 114 - 309 - - - 115 - 128 - 309 + 1748 128 - 137 - 281 + 241 + 1748 - 137 - 142 - 337 + 253 + 599 + 1748 - 142 - 146 - 281 + 712 + 1234 + 1748 - 146 - 148 - 281 + 1268 + 1902 + 1748 - 148 + 1952 + 2390 + 1748 + + + 2424 + 3237 + 1748 + + + 3272 + 7577 + 1748 + + + 8002 + 121166 + 749 + + + + + + + startColumn + container + + + 12 + + + 1 + 2 + 1997 + + + 2 + 4 + 1748 + + + 4 + 7 + 1748 + + + 7 + 18 + 1872 + + + 19 + 43 + 1748 + + + 44 + 60 + 1748 + + + 66 + 93 + 1748 + + + 96 + 117 + 1748 + + + 117 + 150 + 1748 + + + 150 + 169 + 1748 + + + 169 + 181 + 1748 + + + 182 + 217 + 1872 + + + 243 + 329 + 499 + + + + + + + startColumn + startLine + + + 12 + + + 1 + 2 + 1872 + + + 2 + 5 + 1872 + + + 5 + 11 + 1748 + + + 11 + 36 + 1748 + + + 36 + 101 + 1748 + + + 108 + 217 + 1748 + + + 226 + 543 + 1748 + + + 633 + 1057 + 1748 + + + 1072 + 1409 + 1748 + + + 1416 + 1614 + 1748 + + + 1615 + 1810 + 1748 + + + 1826 + 3777 + 1748 + + + 3834 + 59554 + 749 + + + + + + + startColumn + endLine + + + 12 + + + 1 + 2 + 1872 + + + 2 + 5 + 1872 + + + 5 + 11 + 1748 + + + 11 + 36 + 1748 + + + 36 + 102 + 1748 + + + 109 + 218 + 1748 + + + 225 + 545 + 1748 + + + 631 + 1055 + 1748 + + + 1074 + 1407 + 1748 + + + 1425 + 1611 + 1748 + + + 1614 + 1807 + 1748 + + + 1827 + 3760 + 1748 + + + 3827 + 59562 + 749 + + + + + + + startColumn + endColumn + + + 12 + + + 1 + 2 + 2122 + + + 2 + 5 + 1498 + + + 5 + 8 + 1623 + + + 8 + 13 + 1748 + + + 13 + 23 + 1997 + + + 23 + 33 + 1872 + + + 34 + 44 + 1748 + + + 45 + 57 + 1748 + + + 58 + 74 + 1997 + + + 77 + 86 + 1872 + + + 86 + 98 + 1748 + + + 98 + 160 + 1748 + + + 258 + 299 + 249 + + + + + + + endLine + id + + + 12 + + + 1 + 2 + 4959829 + + + 2 + 3 + 782020 + + + 3 + 4 + 543156 + + + 4 + 12 + 568129 + + + 12 + 95 + 564383 + + + 95 + 628 + 91025 + + + + + + + endLine + container + + + 12 + + + 1 + 2 + 5021137 + + + 2 + 3 + 1224911 + + + 3 + 6 + 633932 + + + 6 + 52 + 564632 + + + 52 + 329 + 63930 + + + + + + + endLine + startLine + + + 12 + + + 1 + 2 + 7057911 + + + 2 + 18 + 450632 + + + + + + + endLine + startColumn + + + 12 + + + 1 + 2 + 5645580 + + + 2 + 3 + 480974 + + + 3 + 7 + 587607 + + + 7 + 25 + 569752 + + + 25 + 89 + 224629 + + + + + + + endLine + endColumn + + + 12 + + + 1 + 2 + 5029628 + + + 2 + 3 + 744436 + + + 3 + 4 + 540034 + + + 4 + 12 + 588107 + + + 12 + 72 + 563509 + + + 72 + 250 + 42828 + + + + + + + endColumn + id + + + 12 + + + 1 + 2 + 15732 + + + 2 + 3 + 5618 + + + 3 + 7 + 4245 + + + 7 + 17 + 4120 + + + 17 + 33 + 4120 + + + 33 + 107 + 4120 + + + 116 + 696 + 4120 + + + 726 + 2478 + 4120 + + + 2622 + 4791 + 4120 + + + 4798 + 33780 + 3121 + + + + + + + endColumn + container + + + 12 + + + 1 + 2 + 18604 + + + 2 + 3 + 5618 + + + 3 + 5 + 3621 + + + 5 + 7 + 3745 + + + 7 + 16 + 4370 + + + 16 + 80 + 4120 + + + 81 152 - 309 + 4245 - 152 - 163 - 84 + 158 + 212 + 4245 + + + 212 + 265 + 4120 + + + 265 + 329 + 749 @@ -9681,67 +6374,52 @@ 1 2 - 422 + 15982 2 - 4 - 225 + 3 + 5993 - 4 + 3 8 - 337 + 4245 8 - 15 - 309 + 18 + 4370 18 - 54 - 309 + 42 + 4120 - 74 - 489 - 309 + 43 + 218 + 4120 - 511 - 1338 - 309 + 235 + 759 + 4120 - 1390 - 2420 - 309 + 768 + 2177 + 4120 - 2767 - 3740 - 309 + 2209 + 2884 + 4120 - 3802 - 4530 - 309 - - - 4643 - 5303 - 309 - - - 5379 - 5736 - 309 - - - 5747 - 5806 - 56 + 2885 + 30763 + 2247 @@ -9757,62 +6435,52 @@ 1 2 - 365 + 17231 2 + 3 + 6243 + + + 3 4 - 281 + 3246 4 - 9 - 337 + 7 + 4245 - 9 + 7 14 - 337 + 4245 14 - 22 - 337 - - - 23 28 - 309 + 4120 28 - 36 - 309 + 45 + 4245 - 36 - 41 - 309 + 45 + 69 + 4120 - 41 - 47 - 309 + 69 + 81 + 4245 - 47 - 56 - 309 - - - 56 - 64 - 309 - - - 64 - 72 - 309 + 81 + 117 + 1498 @@ -9828,67 +6496,52 @@ 1 2 - 422 + 15982 2 - 4 - 225 + 3 + 5993 - 4 + 3 8 - 337 + 4245 8 - 15 - 309 + 18 + 4370 - 17 - 54 - 309 + 18 + 41 + 4120 - 74 - 471 - 309 + 43 + 217 + 4120 - 500 - 1307 - 309 + 233 + 756 + 4120 - 1356 - 2389 - 309 + 768 + 2177 + 4120 - 2629 - 3660 - 309 + 2208 + 2858 + 4120 - 3731 - 4490 - 309 - - - 4640 - 5281 - 309 - - - 5368 - 5729 - 309 - - - 5734 - 5796 - 56 + 2868 + 30757 + 2247 @@ -9898,23 +6551,23 @@ numlines - 1153975 + 808616 element_id - 1153975 + 807492 num_lines - 41381 + 39456 num_code - 35794 + 34087 num_comment - 16762 + 18230 @@ -9928,7 +6581,12 @@ 1 2 - 1153975 + 806368 + + + 2 + 3 + 1123 @@ -9944,7 +6602,12 @@ 1 2 - 1153975 + 806368 + + + 2 + 3 + 1123 @@ -9960,7 +6623,12 @@ 1 2 - 1153975 + 807242 + + + 2 + 3 + 249 @@ -9976,37 +6644,27 @@ 1 2 - 21825 + 26720 2 3 - 5238 + 3745 3 - 4 - 3317 - - - 4 5 - 2968 + 3371 5 - 9 - 3492 + 35 + 2996 - 9 - 60 - 3317 - - - 139 - 1502 - 1222 + 39 + 1983 + 2622 @@ -10022,155 +6680,145 @@ 1 2 - 23746 + 27220 2 3 - 6635 + 4120 3 4 - 3492 - - - 4 - 5 - 3841 - - - 5 - 8 - 3492 - - - 8 - 9 - 174 - - - - - - - num_lines - num_comment - - - 12 - - - 1 - 2 - 23397 - - - 2 - 3 - 7508 - - - 3 - 4 - 4539 - - - 4 - 5 - 3142 - - - 5 - 10 - 2793 - - - - - - - num_code - element_id - - - 12 - - - 1 - 2 - 18857 - - - 2 - 3 - 4190 - - - 3 - 4 - 3841 + 2497 4 7 - 2793 + 3496 7 - 18 - 2793 - - - 18 - 928 - 2793 - - - 1043 - 1509 - 523 - - - - - - - num_code - num_lines - - - 12 - - - 1 - 2 - 19905 - - - 2 - 3 - 5238 - - - 3 - 4 - 4015 - - - 4 - 6 - 2793 - - - 6 - 10 - 3142 - - - 10 12 - 698 + 2122 + + + + + + + num_lines + num_comment + + + 12 + + + 1 + 2 + 26845 + + + 2 + 3 + 4120 + + + 3 + 4 + 2372 + + + 4 + 6 + 3246 + + + 6 + 10 + 2871 + + + + + + + num_code + element_id + + + 12 + + + 1 + 2 + 21851 + + + 2 + 3 + 3621 + + + 3 + 4 + 2372 + + + 4 + 13 + 2871 + + + 14 + 198 + 2622 + + + 204 + 2092 + 749 + + + + + + + num_code + num_lines + + + 12 + + + 1 + 2 + 22225 + + + 2 + 3 + 3621 + + + 3 + 4 + 2122 + + + 4 + 6 + 1872 + + + 6 + 9 + 2746 + + + 9 + 13 + 1498 @@ -10186,32 +6834,27 @@ 1 2 - 20079 + 21975 2 3 - 4888 + 4245 3 - 4 - 4365 - - - 4 5 - 1746 + 2871 5 - 7 - 2793 + 8 + 3121 - 7 - 11 - 1920 + 8 + 12 + 1872 @@ -10227,37 +6870,32 @@ 1 2 - 7857 + 11112 2 3 - 2269 + 2122 3 4 - 1396 + 1123 4 7 - 1396 + 1498 - 7 - 9 - 1047 + 8 + 21 + 1373 - 9 - 19 - 1396 - - - 22 - 5980 - 1396 + 21 + 3651 + 998 @@ -10273,42 +6911,32 @@ 1 2 - 7857 + 11112 2 3 - 2269 + 2122 3 4 - 1396 + 1123 4 - 6 - 1396 - - - 6 - 8 - 349 + 7 + 1623 8 - 9 - 1222 + 21 + 1373 - 9 - 17 - 1396 - - - 17 - 54 - 873 + 26 + 48 + 874 @@ -10324,37 +6952,32 @@ 1 2 - 7857 + 11112 2 3 - 2269 + 2122 3 4 - 1396 + 1373 4 - 6 - 1396 + 7 + 1373 - 6 - 9 - 1396 + 7 + 21 + 1373 - 9 - 16 - 1396 - - - 18 - 51 - 1047 + 23 + 42 + 874 @@ -10364,31 +6987,31 @@ diagnostics - 2936 + 1484 id - 2936 + 1484 severity - 51 + 21 error_tag - 103 + 43 error_message - 103 + 150 full_error_message - 103 + 150 location - 103 + 64 @@ -10402,7 +7025,7 @@ 1 2 - 2936 + 1484 @@ -10418,7 +7041,7 @@ 1 2 - 2936 + 1484 @@ -10434,7 +7057,7 @@ 1 2 - 2936 + 1484 @@ -10450,7 +7073,7 @@ 1 2 - 2936 + 1484 @@ -10466,7 +7089,7 @@ 1 2 - 2936 + 1484 @@ -10480,9 +7103,9 @@ 12 - 57 - 58 - 51 + 69 + 70 + 21 @@ -10498,7 +7121,7 @@ 2 3 - 51 + 21 @@ -10512,9 +7135,9 @@ 12 - 2 - 3 - 51 + 7 + 8 + 21 @@ -10528,9 +7151,9 @@ 12 - 2 - 3 - 51 + 7 + 8 + 21 @@ -10544,9 +7167,9 @@ 12 - 2 - 3 - 51 + 3 + 4 + 21 @@ -10560,14 +7183,14 @@ 12 - 1 - 2 - 51 + 6 + 7 + 21 - 56 - 57 - 51 + 63 + 64 + 21 @@ -10583,7 +7206,7 @@ 1 2 - 103 + 43 @@ -10599,7 +7222,12 @@ 1 2 - 103 + 21 + + + 6 + 7 + 21 @@ -10615,7 +7243,12 @@ 1 2 - 103 + 21 + + + 6 + 7 + 21 @@ -10631,7 +7264,12 @@ 1 2 - 103 + 21 + + + 2 + 3 + 21 @@ -10647,12 +7285,12 @@ 1 2 - 51 + 129 - 56 - 57 - 51 + 63 + 64 + 21 @@ -10668,7 +7306,7 @@ 1 2 - 103 + 150 @@ -10684,7 +7322,7 @@ 1 2 - 103 + 150 @@ -10700,7 +7338,7 @@ 1 2 - 103 + 150 @@ -10716,7 +7354,7 @@ 1 2 - 103 + 150 @@ -10732,12 +7370,12 @@ 1 2 - 51 + 129 - 56 - 57 - 51 + 63 + 64 + 21 @@ -10753,7 +7391,7 @@ 1 2 - 103 + 150 @@ -10769,7 +7407,7 @@ 1 2 - 103 + 150 @@ -10785,7 +7423,7 @@ 1 2 - 103 + 150 @@ -10801,7 +7439,7 @@ 1 2 - 103 + 150 @@ -10815,14 +7453,14 @@ 12 - 1 - 2 - 51 + 3 + 4 + 43 - 56 - 57 - 51 + 63 + 64 + 21 @@ -10838,7 +7476,7 @@ 1 2 - 103 + 64 @@ -10854,7 +7492,7 @@ 1 2 - 103 + 64 @@ -10870,7 +7508,12 @@ 1 2 - 103 + 21 + + + 3 + 4 + 43 @@ -10886,7 +7529,12 @@ 1 2 - 103 + 21 + + + 3 + 4 + 43 @@ -10896,15 +7544,15 @@ files - 230754 + 65216 id - 230754 + 65216 name - 230754 + 65216 @@ -10918,7 +7566,7 @@ 1 2 - 230754 + 65216 @@ -10934,7 +7582,7 @@ 1 2 - 230754 + 65216 @@ -10944,15 +7592,15 @@ folders - 22981 + 12390 id - 22981 + 12390 name - 22981 + 12390 @@ -10966,7 +7614,7 @@ 1 2 - 22981 + 12390 @@ -10982,7 +7630,7 @@ 1 2 - 22981 + 12390 @@ -10992,15 +7640,15 @@ containerparent - 231298 + 77585 parent - 548 + 12390 child - 231298 + 77585 @@ -11014,72 +7662,42 @@ 1 2 - 32 + 6031 2 + 3 + 1521 + + + 3 4 - 48 + 665 4 - 14 - 41 + 6 + 1003 + + + 6 + 10 + 971 + + + 10 + 16 + 1003 16 - 17 - 4 + 44 + 929 - 18 - 19 - 54 - - - 19 - 55 - 41 - - - 63 - 159 - 41 - - - 164 - 345 - 41 - - - 352 - 697 - 41 - - - 774 - 931 - 21 - - - 946 - 949 - 41 - - - 950 - 983 - 39 - - - 984 - 985 - 74 - - - 992 - 1009 - 21 + 44 + 151 + 264 @@ -11095,7 +7713,7 @@ 1 2 - 231298 + 77585 @@ -11105,23 +7723,23 @@ fileannotations - 29052092 + 4200790 id - 219955 + 5767 kind - 4 + 21 name - 10170 + 58720 value - 1159 + 39516 @@ -11132,10 +7750,15 @@ 12 + + 1 + 2 + 200 + 2 3 - 219955 + 5566 @@ -11149,64 +7772,64 @@ 12 - 39 - 40 - 45059 + 1 + 86 + 433 - 40 - 41 - 3627 + 88 + 206 + 433 - 41 - 42 - 35646 + 212 + 291 + 443 - 42 - 44 - 8027 + 291 + 359 + 433 - 56 - 57 - 22807 + 362 + 401 + 433 - 57 - 58 - 14290 + 402 + 479 + 433 - 58 - 59 - 18547 + 480 + 549 + 253 - 59 - 89 - 18022 + 550 + 551 + 1330 - 89 - 173 - 17311 + 553 + 628 + 433 - 174 - 178 - 18488 + 631 + 753 + 454 - 179 - 276 - 18055 + 753 + 1231 + 443 - 276 - 277 - 70 + 1234 + 2155 + 242 @@ -11220,64 +7843,69 @@ 12 - 48 - 49 - 45059 - - - 49 - 51 - 3155 - - - 51 - 52 - 35828 - - - 52 - 54 - 8317 - - - 69 - 70 - 22807 - - - 70 - 72 - 14261 - - - 72 - 73 - 18514 - - - 73 - 102 - 18051 + 1 + 98 + 433 102 - 409 - 17344 + 244 + 433 - 411 - 416 - 18132 + 244 + 351 + 433 - 417 - 528 - 18411 + 352 + 434 + 443 - 528 - 529 - 70 + 434 + 490 + 443 + + + 490 + 628 + 433 + + + 632 + 702 + 63 + + + 706 + 707 + 1330 + + + 710 + 939 + 433 + + + 939 + 1038 + 433 + + + 1066 + 1853 + 433 + + + 1853 + 3292 + 433 + + + 3423 + 3742 + 21 @@ -11291,9 +7919,14 @@ 12 - 100172 - 100173 - 4 + 527 + 528 + 10 + + + 546 + 547 + 10 @@ -11309,12 +7942,12 @@ 2 3 - 2 + 10 - 4630 - 4631 - 2 + 5557 + 5558 + 10 @@ -11330,12 +7963,12 @@ 1 2 - 2 + 10 - 528 - 529 - 2 + 3741 + 3742 + 10 @@ -11351,64 +7984,144 @@ 1 2 - 72 + 11027 + + + 2 + 3 + 4362 + + + 3 + 5 + 5059 + + + 5 + 7 + 4098 + + + 7 + 9 + 4594 + + + 9 + 16 + 4330 + + + 16 + 19 + 4890 + + + 19 + 27 + 4256 + + + 27 + 47 + 4837 + + + 47 + 128 + 4922 + + + 128 + 459 + 4626 + + + 459 + 546 + 1711 + + + + + + + name + kind + + + 12 + + + 1 + 2 + 58720 + + + + + + + name + value + + + 12 + + + 1 + 2 + 11587 + + + 2 + 3 + 7689 3 4 - 5911 + 4098 4 - 5 - 3442 + 6 + 4066 - 18 - 100173 - 744 - - - - - - - name - kind - - - 12 - - - 1 - 2 - 10170 - - - - - - - name - value - - - 12 - - - 1 - 2 - 9202 + 6 + 8 + 3422 - 2 - 24 - 797 + 8 + 11 + 4742 - 24 - 397 - 171 + 11 + 17 + 5397 + + + 17 + 23 + 4700 + + + 23 + 41 + 4679 + + + 41 + 95 + 4468 + + + 95 + 1726 + 3866 @@ -11422,54 +8135,74 @@ 12 - 32 - 33 - 2 + 1 + 2 + 3359 - 960 - 961 - 109 + 2 + 4 + 1637 - 1014 - 2296 - 87 + 4 + 5 + 3190 - 2419 - 16676 - 63 + 5 + 8 + 2461 - 18355 - 18356 - 513 + 8 + 14 + 2968 - 18395 - 20335 - 94 + 14 + 17 + 1933 - 20388 - 25553 - 68 + 17 + 24 + 3042 - 26531 - 58110 - 103 + 24 + 51 + 3538 - 60781 - 79652 - 10 + 51 + 58 + 3031 - 100172 - 100173 - 105 + 58 + 80 + 2978 + + + 81 + 151 + 3084 + + + 151 + 334 + 2978 + + + 334 + 473 + 2999 + + + 473 + 547 + 2313 @@ -11485,12 +8218,12 @@ 1 2 - 1157 + 39505 2 3 - 2 + 10 @@ -11506,77 +8239,72 @@ 1 2 - 2 + 3401 2 - 3 - 109 + 4 + 1911 - 3 + 4 + 5 + 3052 + + + 5 8 - 65 + 2482 8 - 9 - 59 - - - 9 - 10 - 68 - - - 10 - 11 - 109 - - - 11 - 12 - 85 - - - 12 14 - 105 + 3485 14 - 16 - 76 - - - 16 18 - 90 + 3454 18 - 21 - 103 + 28 + 3200 - 21 - 24 - 92 + 28 + 34 + 3147 - 24 - 27 - 76 + 34 + 41 + 3200 - 27 - 33 - 92 + 41 + 66 + 2989 - 33 - 4319 - 21 + 66 + 92 + 3073 + + + 92 + 113 + 2989 + + + 113 + 145 + 3031 + + + 145 + 172 + 95 @@ -11586,15 +8314,15 @@ inmacroexpansion - 149995978 + 149995954 id - 24670878 + 24670874 inv - 3705265 + 3705264 @@ -11613,7 +8341,7 @@ 3 5 - 1474978 + 1474977 5 @@ -11623,12 +8351,12 @@ 6 7 - 6582546 + 6582545 7 8 - 8719002 + 8719001 8 @@ -11714,15 +8442,15 @@ affectedbymacroexpansion - 73932090 + 48735840 id - 5343163 + 7044740 inv - 9717793 + 3803121 @@ -11736,47 +8464,37 @@ 1 2 - 2178250 + 3846709 2 3 - 606526 + 766305 3 4 - 335791 + 361841 4 - 7 - 434209 + 5 + 772736 - 7 - 18 - 471017 + 5 + 12 + 535160 - 18 - 25 - 458480 + 12 + 50 + 556267 - 25 - 35 - 449158 - - - 35 - 488 - 401009 - - - 489 - 4499 - 8720 + 50 + 9900 + 205719 @@ -11791,48 +8509,68 @@ 1 - 2 - 474340 - - - 2 4 - 713165 + 313248 4 - 6 - 786996 - - - 6 7 - 601737 + 316607 7 - 8 - 1284648 - - - 8 9 - 3310258 + 301088 9 - 11 - 733734 - - - 11 12 - 1408336 + 342938 12 - 185 - 404576 + 13 + 456004 + + + 13 + 14 + 226099 + + + 14 + 15 + 408038 + + + 15 + 16 + 166429 + + + 16 + 17 + 377677 + + + 17 + 18 + 200636 + + + 18 + 20 + 344255 + + + 20 + 25 + 285393 + + + 25 + 207 + 64702 @@ -11842,23 +8580,23 @@ macroinvocations - 180467764 + 40338463 id - 180467764 + 40338463 macro_id - 704547 + 182070 location - 29969904 + 5912754 kind - 1938 + 108 @@ -11872,7 +8610,7 @@ 1 2 - 180467764 + 40338463 @@ -11888,7 +8626,7 @@ 1 2 - 180467764 + 40338463 @@ -11904,7 +8642,7 @@ 1 2 - 180467764 + 40338463 @@ -11920,57 +8658,47 @@ 1 2 - 176379 + 60781 2 3 - 100788 + 27558 3 4 - 39733 + 17972 4 - 6 - 52332 + 5 + 10021 - 6 - 8 - 44579 + 5 + 7 + 13779 - 8 + 7 13 - 56208 + 14705 13 - 25 - 55239 + 33 + 13779 - 25 - 56 - 53301 + 33 + 180 + 13670 - 56 - 134 - 54270 - - - 136 - 844 - 53301 - - - 846 - 19520 - 18413 + 181 + 72144 + 9803 @@ -11986,47 +8714,42 @@ 1 2 - 231618 + 77283 2 3 - 116293 + 30553 3 4 - 52332 + 14323 4 - 6 - 61054 + 5 + 10293 - 6 - 9 - 54270 + 5 + 8 + 14105 - 9 - 16 - 58146 + 8 + 18 + 14160 - 16 - 43 - 54270 + 18 + 88 + 13670 - 44 - 262 - 53301 - - - 263 - 6926 - 23258 + 89 + 12189 + 7679 @@ -12042,12 +8765,12 @@ 1 2 - 678381 + 177495 2 3 - 26166 + 4574 @@ -12063,12 +8786,17 @@ 1 2 - 29347732 + 5255926 2 - 19520 - 622172 + 4 + 422362 + + + 4 + 72144 + 234464 @@ -12084,12 +8812,12 @@ 1 2 - 29966997 + 5890587 2 - 3 - 2907 + 37 + 22166 @@ -12105,7 +8833,7 @@ 1 2 - 29969904 + 5912754 @@ -12119,14 +8847,14 @@ 12 - 617 - 618 - 969 + 1490 + 1491 + 54 - 185602 - 185603 - 969 + 739164 + 739165 + 54 @@ -12140,14 +8868,14 @@ 12 - 70 - 71 - 969 + 282 + 283 + 54 - 684 - 685 - 969 + 3145 + 3146 + 54 @@ -12161,14 +8889,14 @@ 12 - 577 - 578 - 969 + 1069 + 1070 + 54 - 30348 - 30349 - 969 + 107495 + 107496 + 54 @@ -12178,15 +8906,15 @@ macroparent - 153017561 + 33655979 id - 153017561 + 33655979 parent_id - 67977654 + 15926377 @@ -12200,7 +8928,7 @@ 1 2 - 153017561 + 33655979 @@ -12216,27 +8944,27 @@ 1 2 - 28392183 + 7806497 2 3 - 5737165 + 1595448 3 4 - 23312079 + 4702906 4 5 - 10038100 + 1295464 5 - 14 - 498125 + 205 + 526061 @@ -12246,15 +8974,15 @@ macrolocationbind - 6882831 + 6882576 id - 4222159 + 4221836 location - 2747013 + 2747083 @@ -12268,22 +8996,22 @@ 1 2 - 2459695 + 2459327 2 3 - 1326280 + 1326313 3 4 - 8261 + 8262 4 5 - 413549 + 413560 5 @@ -12304,12 +9032,12 @@ 1 2 - 1393989 + 1394024 2 3 - 907158 + 907181 3 @@ -12319,12 +9047,12 @@ 4 5 - 410838 + 410849 5 522 - 26291 + 26292 @@ -12334,19 +9062,19 @@ macro_argument_unexpanded - 205272282 + 82502296 invocation - 104596662 + 26286169 argument_index - 15505 + 697 text - 4863022 + 343289 @@ -12360,27 +9088,22 @@ 1 2 - 64885206 + 9682354 2 3 - 1060212 + 9771190 3 4 - 19056692 + 5002549 4 - 5 - 19214657 - - - 6 - 17 - 379893 + 67 + 1830075 @@ -12396,27 +9119,22 @@ 1 2 - 64952075 + 9865000 2 3 - 1029200 + 9788735 3 4 - 19161356 + 4845877 4 - 5 - 19075105 - - - 6 - 16 - 378924 + 67 + 1786555 @@ -12430,79 +9148,19 @@ 12 - 2 - 3 - 969 + 46457 + 46458 + 612 - 5 - 6 - 969 + 46659 + 173253 + 52 - 7 - 8 - 969 - - - 17 - 18 - 969 - - - 294 - 295 - 969 - - - 315 - 316 - 969 - - - 320 - 321 - 969 - - - 329 - 330 - 969 - - - 360 - 361 - 969 - - - 372 - 373 - 969 - - - 392 - 393 - 1938 - - - 20219 - 20220 - 969 - - - 39883 - 39884 - 969 - - - 40977 - 40978 - 969 - - - 107930 - 107931 - 969 + 646840 + 2488495 + 31 @@ -12516,79 +9174,19 @@ 12 - 1 - 2 - 969 + 2 + 3 + 612 - 4 - 5 - 969 + 13 + 1115 + 52 - 5 - 6 - 969 - - - 9 - 10 - 969 - - - 166 - 167 - 969 - - - 190 - 191 - 969 - - - 200 - 201 - 1938 - - - 203 - 204 - 969 - - - 204 - 205 - 969 - - - 206 - 207 - 969 - - - 210 - 211 - 969 - - - 283 - 284 - 969 - - - 1168 - 1169 - 969 - - - 1403 - 1404 - 969 - - - 1903 - 1904 - 969 + 7702 + 22873 + 31 @@ -12604,37 +9202,57 @@ 1 2 - 2082629 + 39706 2 3 - 1045675 + 62332 3 4 - 323684 + 21031 4 5 - 393460 + 34583 5 - 8 - 351789 + 6 + 39252 - 8 - 17 - 371171 + 6 + 9 + 30875 - 17 - 19520 - 294611 + 9 + 15 + 28985 + + + 15 + 26 + 25890 + + + 26 + 57 + 27147 + + + 57 + 517 + 25995 + + + 518 + 486610 + 7489 @@ -12650,17 +9268,17 @@ 1 2 - 4290275 + 243193 2 - 4 - 380862 + 3 + 89881 - 4 - 13 - 191884 + 3 + 9 + 10214 @@ -12670,19 +9288,19 @@ macro_argument_expanded - 205272282 + 82502296 invocation - 104596662 + 26286169 argument_index - 15505 + 697 text - 1150340 + 207944 @@ -12696,27 +9314,22 @@ 1 2 - 64885206 + 9682354 2 3 - 1060212 + 9771190 3 4 - 19056692 + 5002549 4 - 5 - 19214657 - - - 6 - 17 - 379893 + 67 + 1830075 @@ -12732,12 +9345,22 @@ 1 2 - 102448132 + 12641200 2 - 14 - 2148529 + 3 + 8428949 + + + 3 + 4 + 4225571 + + + 4 + 9 + 990447 @@ -12751,79 +9374,19 @@ 12 - 2 - 3 - 969 + 46457 + 46458 + 612 - 5 - 6 - 969 + 46659 + 173253 + 52 - 7 - 8 - 969 - - - 17 - 18 - 969 - - - 294 - 295 - 969 - - - 315 - 316 - 969 - - - 320 - 321 - 969 - - - 329 - 330 - 969 - - - 360 - 361 - 969 - - - 372 - 373 - 969 - - - 392 - 393 - 1938 - - - 20219 - 20220 - 969 - - - 39883 - 39884 - 969 - - - 40977 - 40978 - 969 - - - 107930 - 107931 - 969 + 646840 + 2488495 + 31 @@ -12839,77 +9402,17 @@ 1 2 - 969 + 602 - 4 - 5 - 969 + 2 + 96 + 52 - 5 - 6 - 969 - - - 7 - 8 - 969 - - - 13 - 14 - 969 - - - 14 - 15 - 969 - - - 17 - 18 - 969 - - - 18 - 19 - 969 - - - 20 - 21 - 969 - - - 22 - 23 - 969 - - - 28 - 29 - 1938 - - - 50 - 51 - 969 - - - 57 - 58 - 969 - - - 179 - 180 - 969 - - - 997 - 998 - 969 + 950 + 16176 + 42 @@ -12925,37 +9428,57 @@ 1 2 - 539797 + 21833 2 3 - 242278 + 26861 3 4 - 31980 + 43498 4 5 - 116293 + 15908 5 - 9 - 93035 + 6 + 3263 - 9 - 43 - 88189 + 6 + 7 + 18400 - 44 - 83453 - 38764 + 7 + 10 + 18971 + + + 10 + 19 + 18326 + + + 19 + 51 + 15781 + + + 51 + 252 + 15601 + + + 252 + 1169400 + 9496 @@ -12971,17 +9494,17 @@ 1 2 - 996250 + 105092 2 3 - 120170 + 88920 3 - 13 - 33919 + 66 + 13932 @@ -12991,19 +9514,19 @@ functions - 7629848 + 4053070 id - 7629848 + 4053070 name - 4518986 + 1694897 kind - 5814 + 998 @@ -13017,7 +9540,7 @@ 1 2 - 7629848 + 4053070 @@ -13033,7 +9556,7 @@ 1 2 - 7629848 + 4053070 @@ -13049,12 +9572,17 @@ 1 2 - 4307719 + 1448541 2 - 2658 - 211267 + 4 + 139097 + + + 4 + 3162 + 107257 @@ -13070,7 +9598,12 @@ 1 2 - 4518986 + 1692025 + + + 2 + 3 + 2871 @@ -13084,34 +9617,44 @@ 12 - 2 - 3 - 969 + 8 + 9 + 124 - 7 - 8 - 969 + 13 + 14 + 124 - 36 - 37 - 969 + 47 + 48 + 124 - 88 - 89 - 969 + 83 + 84 + 124 - 2770 - 2771 - 969 + 691 + 692 + 124 - 4970 - 4971 - 969 + 4453 + 4454 + 124 + + + 5230 + 5231 + 124 + + + 21935 + 21936 + 124 @@ -13127,32 +9670,42 @@ 2 3 - 969 + 124 - 4 - 5 - 969 + 13 + 14 + 124 - 16 - 17 - 969 + 18 + 19 + 124 - 24 - 25 - 969 + 41 + 42 + 124 - 35 - 36 - 969 + 43 + 44 + 124 - 4582 - 4583 - 969 + 302 + 303 + 124 + + + 504 + 505 + 124 + + + 12674 + 12675 + 124 @@ -13162,15 +9715,15 @@ function_entry_point - 1141563 + 1141555 id - 1137815 + 1137808 entry_point - 1141563 + 1141555 @@ -13184,7 +9737,7 @@ 1 2 - 1134613 + 1134605 2 @@ -13205,7 +9758,7 @@ 1 2 - 1141563 + 1141555 @@ -13215,15 +9768,15 @@ function_return_type - 7629848 + 4070551 id - 7629848 + 4053070 return_type - 1538955 + 619822 @@ -13237,7 +9790,12 @@ 1 2 - 7629848 + 4035589 + + + 2 + 3 + 17480 @@ -13253,22 +9811,27 @@ 1 2 - 94973 + 310161 2 3 - 1308306 + 213891 3 - 29 - 116293 + 5 + 48072 - 32 - 1445 - 19382 + 5 + 365 + 46574 + + + 432 + 9944 + 1123 @@ -13559,33 +10122,33 @@ function_deleted - 88088 + 88091 id - 88088 + 88091 function_defaulted - 51682 + 51684 id - 51682 + 51684 function_prototyped - 7627910 + 4051572 id - 7627910 + 4051572 @@ -13665,15 +10228,15 @@ member_function_this_type - 687951 + 674762 id - 687951 + 674762 this_type - 173971 + 176182 @@ -13687,7 +10250,7 @@ 1 2 - 687951 + 674762 @@ -13703,42 +10266,37 @@ 1 2 - 49909 + 47198 2 3 - 49542 + 36959 3 4 - 24587 + 32714 4 5 - 9670 + 20103 5 6 - 6786 + 12860 6 - 8 - 15829 + 10 + 14484 - 8 - 21 - 13253 - - - 21 - 868 - 4394 + 10 + 65 + 11862 @@ -13748,27 +10306,27 @@ fun_decls - 7853714 + 4212770 id - 7853714 + 4206777 function - 7627910 + 4028472 type_id - 1538955 + 611831 name - 4517048 + 1693399 location - 6410700 + 2815797 @@ -13782,7 +10340,7 @@ 1 2 - 7853714 + 4206777 @@ -13798,7 +10356,12 @@ 1 2 - 7853714 + 4200784 + + + 2 + 3 + 5993 @@ -13814,7 +10377,7 @@ 1 2 - 7853714 + 4206777 @@ -13830,7 +10393,7 @@ 1 2 - 7853714 + 4206777 @@ -13846,65 +10409,70 @@ 1 2 - 7405013 + 3864776 + + + 2 + 5 + 163696 + + + + + + + function + type_id + + + 12 + + + 1 + 2 + 4009992 + + + 2 + 3 + 18479 + + + + + + + function + name + + + 12 + + + 1 + 2 + 4028472 + + + + + + + function + location + + + 12 + + + 1 + 2 + 3885253 2 4 - 222896 - - - - - - - function - type_id - - - 12 - - - 1 - 2 - 7627910 - - - - - - - function - name - - - 12 - - - 1 - 2 - 7627910 - - - - - - - function - location - - - 12 - - - 1 - 2 - 7405013 - - - 2 - 4 - 222896 + 143218 @@ -13920,22 +10488,27 @@ 1 2 - 93035 + 295427 2 3 - 1309275 + 220758 3 - 30 - 116293 + 5 + 48447 - 32 - 1445 - 20351 + 5 + 364 + 45949 + + + 364 + 10292 + 1248 @@ -13951,22 +10524,27 @@ 1 2 - 94973 + 305541 2 3 - 1308306 + 212018 3 - 29 - 116293 + 5 + 48072 - 32 - 1445 - 19382 + 5 + 1163 + 45949 + + + 1483 + 9893 + 249 @@ -13982,17 +10560,22 @@ 1 2 - 1376144 + 491962 2 - 9 - 116293 + 3 + 52942 - 9 - 1445 - 46517 + 3 + 7 + 50195 + + + 7 + 2238 + 16731 @@ -14008,174 +10591,199 @@ 1 2 - 1385835 - - - 2 - 15 - 116293 - - - 16 - 1445 - 36826 - - - - - - - name - id - - - 12 - - - 1 - 2 - 4178827 - - - 2 - 2658 - 338221 - - - - - - - name - function - - - 12 - - - 1 - 2 - 4305781 - - - 2 - 2658 - 211267 - - - - - - - name - type_id - - - 12 - - - 1 - 2 - 4457932 - - - 2 - 1335 - 59116 - - - - - - - name - location - - - 12 - - - 1 - 2 - 4180765 - - - 2 - 1342 - 336283 - - - - - - - location - id - - - 12 - - - 1 - 2 - 5098517 + 455377 2 3 - 1270510 + 69548 3 - 9 - 41671 - - - - - - - location - function - - - 12 - - - 1 - 2 - 5098517 - - - 2 - 3 - 1270510 - - - 3 - 9 - 41671 - - - - - - - location - type_id - - - 12 - - - 1 - 2 - 6382596 - - - 2 6 - 28104 + 56063 + + + 6 + 4756 + 30841 + + + + + + + name + id + + + 12 + + + 1 + 2 + 1332543 + + + 2 + 3 + 194662 + + + 3 + 11 + 129608 + + + 11 + 3169 + 36585 + + + + + + + name + function + + + 12 + + + 1 + 2 + 1448042 + + + 2 + 4 + 139597 + + + 4 + 3162 + 105759 + + + + + + + name + type_id + + + 12 + + + 1 + 2 + 1603497 + + + 2 + 1596 + 89901 + + + + + + + name + location + + + 12 + + + 1 + 2 + 1368504 + + + 2 + 3 + 208522 + + + 3 + 1592 + 116372 + + + + + + + location + id + + + 12 + + + 1 + 2 + 2422477 + + + 2 + 3 + 251724 + + + 3 + 211 + 141595 + + + + + + + location + function + + + 12 + + + 1 + 2 + 2441207 + + + 2 + 3 + 233494 + + + 3 + 211 + 141095 + + + + + + + location + type_id + + + 12 + + + 1 + 2 + 2701297 + + + 2 + 211 + 114499 @@ -14191,12 +10799,12 @@ 1 2 - 6386472 + 2776590 2 8 - 24227 + 39207 @@ -14217,11 +10825,11 @@ fun_specialized - 11966 + 7936 id - 11966 + 7936 @@ -14239,15 +10847,15 @@ fun_decl_specifiers - 12889239 + 4283568 id - 4543214 + 1749837 name - 9691 + 1373 @@ -14261,22 +10869,22 @@ 1 2 - 336283 + 363228 2 3 - 246155 + 262463 3 4 - 3782458 + 1101171 4 5 - 178317 + 22974 @@ -14290,54 +10898,59 @@ 12 - 3 - 4 - 969 - - - 11 - 12 - 969 + 15 + 16 + 124 19 20 - 969 + 124 - 79 - 80 - 969 + 224 + 225 + 124 - 168 - 169 - 969 + 261 + 262 + 124 - 201 - 202 - 969 + 561 + 562 + 124 - 1344 - 1345 - 969 + 826 + 827 + 124 - 2847 - 2848 - 969 + 1032 + 1033 + 124 - 4300 - 4301 - 969 + 1093 + 1094 + 124 - 4328 - 4329 - 969 + 8148 + 8149 + 124 + + + 11028 + 11029 + 124 + + + 11099 + 11100 + 124 @@ -14468,26 +11081,26 @@ fun_decl_empty_throws - 2670882 + 420457 fun_decl - 2670882 + 420457 fun_decl_noexcept - 141830 + 141829 fun_decl - 141830 + 141829 constant - 141353 + 141352 @@ -14501,7 +11114,7 @@ 1 2 - 141830 + 141829 @@ -14517,7 +11130,7 @@ 1 2 - 140911 + 140910 2 @@ -14543,15 +11156,15 @@ fun_decl_typedef_type - 30057 + 2763 fun_decl - 30057 + 2763 typedeftype_id - 2879 + 124 @@ -14565,7 +11178,7 @@ 1 2 - 30057 + 2763 @@ -14581,57 +11194,57 @@ 1 2 - 856 + 40 2 3 - 505 + 12 3 4 - 92 - - - 4 - 5 - 175 + 12 5 - 6 - 185 + 13 + 8 - 6 - 7 - 92 + 16 + 17 + 12 - 7 - 9 - 258 + 17 + 18 + 4 - 9 - 14 - 206 + 21 + 22 + 8 - 14 - 20 - 237 + 25 + 43 + 8 - 20 - 84 - 216 + 46 + 55 + 8 + + + 89 + 128 + 8 158 - 256 - 51 + 159 + 4 @@ -14641,11 +11254,11 @@ fun_requires - 29111 + 29112 id - 10112 + 10113 kind @@ -14653,7 +11266,7 @@ constraint - 28875 + 28876 @@ -14771,7 +11384,7 @@ 1 2 - 28638 + 28639 2 @@ -14792,7 +11405,7 @@ 1 2 - 28875 + 28876 @@ -14802,19 +11415,19 @@ param_decl_bind - 15313967 + 7317003 id - 15313967 + 7317003 index - 16474 + 7991 fun_decl - 7378847 + 3534886 @@ -14828,7 +11441,7 @@ 1 2 - 15313967 + 7317003 @@ -14844,7 +11457,7 @@ 1 2 - 15313967 + 7317003 @@ -14860,82 +11473,32 @@ 2 3 - 969 + 3995 6 7 - 1938 + 1997 - 8 - 9 - 969 - - - 11 - 12 - 969 - - - 19 + 16 20 - 969 + 624 - 37 - 38 - 969 + 25 + 147 + 624 - 53 - 54 - 969 + 343 + 16215 + 624 - 79 - 80 - 969 - - - 118 - 119 - 969 - - - 198 - 199 - 969 - - - 352 - 353 - 969 - - - 667 - 668 - 969 - - - 1189 - 1190 - 969 - - - 2056 - 2057 - 969 - - - 3387 - 3388 - 969 - - - 7614 - 7615 - 969 + 28310 + 28311 + 124 @@ -14951,82 +11514,32 @@ 2 3 - 969 + 3995 6 7 - 1938 + 1997 - 8 - 9 - 969 - - - 11 - 12 - 969 - - - 19 + 16 20 - 969 + 624 - 37 - 38 - 969 + 25 + 147 + 624 - 53 - 54 - 969 + 343 + 16215 + 624 - 79 - 80 - 969 - - - 118 - 119 - 969 - - - 198 - 199 - 969 - - - 352 - 353 - 969 - - - 667 - 668 - 969 - - - 1189 - 1190 - 969 - - - 2056 - 2057 - 969 - - - 3387 - 3388 - 969 - - - 7614 - 7615 - 969 + 28310 + 28311 + 124 @@ -15042,32 +11555,27 @@ 1 2 - 4096452 + 1510349 2 3 - 1289893 + 977182 3 4 - 840223 + 602591 4 5 - 505878 + 290932 5 - 9 - 569840 - - - 9 - 18 - 76560 + 65 + 153831 @@ -15083,32 +11591,27 @@ 1 2 - 4096452 + 1510349 2 3 - 1289893 + 977182 3 4 - 840223 + 602591 4 5 - 505878 + 290932 5 - 9 - 569840 - - - 9 - 18 - 76560 + 65 + 153831 @@ -15118,27 +11621,27 @@ var_decls - 22872100 + 9398478 id - 22872100 + 9391611 variable - 22563921 + 9042867 type_id - 4098390 + 1457781 name - 6304097 + 853317 location - 19941494 + 6280261 @@ -15152,7 +11655,7 @@ 1 2 - 22872100 + 9391611 @@ -15168,7 +11671,12 @@ 1 2 - 22872100 + 9384743 + + + 2 + 3 + 6867 @@ -15184,7 +11692,7 @@ 1 2 - 22872100 + 9391611 @@ -15200,7 +11708,7 @@ 1 2 - 22872100 + 9391611 @@ -15216,412 +11724,452 @@ 1 2 - 22257681 - - - 2 - 4 - 306240 - - - - - - - variable - type_id - - - 12 - - - 1 - 2 - 22542601 - - - 2 - 3 - 21320 - - - - - - - variable - name - - - 12 - - - 1 - 2 - 22498991 - - - 2 - 3 - 64930 - - - - - - - variable - location - - - 12 - - - 1 - 2 - 22258650 - - - 2 - 4 - 305271 - - - - - - - type_id - id - - - 12 - - - 1 - 2 - 3346356 - - - 2 - 4 - 352758 - - - 4 - 30 - 313993 - - - 30 - 3217 - 85282 - - - - - - - type_id - variable - - - 12 - - - 1 - 2 - 3351202 - - - 2 - 4 - 348881 - - - 4 - 30 - 313993 - - - 30 - 3216 - 84313 - - - - - - - type_id - name - - - 12 - - - 1 - 2 - 3635153 - - - 2 - 6 - 314962 - - - 6 - 1438 - 148274 - - - - - - - type_id - location - - - 12 - - - 1 - 2 - 3373491 - - - 2 - 4 - 335314 - - - 4 - 33 - 309147 - - - 33 - 3217 - 80436 - - - - - - - name - id - - - 12 - - - 1 - 2 - 3481063 - - - 2 - 3 - 1496314 - - - 3 - 4 - 342097 - - - 4 - 7 - 552395 - - - 7 - 2958 - 432225 - - - - - - - name - variable - - - 12 - - - 1 - 2 - 3501415 - - - 2 - 3 - 1486623 - - - 3 - 4 - 341128 - - - 4 - 7 - 549488 - - - 7 - 2958 - 425441 - - - - - - - name - type_id - - - 12 - - - 1 - 2 - 5168294 - - - 2 - 3 - 826655 - - - 3 - 2713 - 309147 - - - - - - - name - location - - - 12 - - - 1 - 2 - 3498507 - - - 2 - 3 - 1513758 - - - 3 - 4 - 337252 - - - 4 - 7 - 536890 - - - 7 - 309 - 417688 - - - - - - - location - id - - - 12 - - - 1 - 2 - 19860088 - - - 2 - 2651 - 81405 - - - - - - - location - variable - - - 12 - - - 1 - 2 - 19860088 - - - 2 - 2651 - 81405 - - - - - - - location - type_id - - - 12 - - - 1 - 2 - 19909513 - - - 2 - 2637 - 31980 - - - - - - - location - name - - - 12 - - - 1 - 2 - 19929865 + 8711604 2 5 - 11629 + 331262 + + + + + + + variable + type_id + + + 12 + + + 1 + 2 + 8989300 + + + 2 + 3 + 53566 + + + + + + + variable + name + + + 12 + + + 1 + 2 + 8937357 + + + 2 + 4 + 105509 + + + + + + + variable + location + + + 12 + + + 1 + 2 + 8791017 + + + 2 + 4 + 251849 + + + + + + + type_id + id + + + 12 + + + 1 + 2 + 850695 + + + 2 + 3 + 284314 + + + 3 + 5 + 127485 + + + 5 + 11 + 113251 + + + 11 + 2944 + 82035 + + + + + + + type_id + variable + + + 12 + + + 1 + 2 + 871547 + + + 2 + 3 + 269330 + + + 3 + 5 + 122865 + + + 5 + 11 + 113126 + + + 11 + 2860 + 80911 + + + + + + + type_id + name + + + 12 + + + 1 + 2 + 1120525 + + + 2 + 3 + 192789 + + + 3 + 7 + 115373 + + + 7 + 1038 + 29093 + + + + + + + type_id + location + + + 12 + + + 1 + 2 + 986297 + + + 2 + 3 + 219260 + + + 3 + 6 + 133728 + + + 6 + 95 + 109380 + + + 97 + 2622 + 9115 + + + + + + + name + id + + + 12 + + + 1 + 2 + 466365 + + + 2 + 3 + 165943 + + + 3 + 4 + 59684 + + + 4 + 7 + 65927 + + + 7 + 25 + 64179 + + + 25 + 27139 + 31215 + + + + + + + name + variable + + + 12 + + + 1 + 2 + 479351 + + + 2 + 3 + 165194 + + + 3 + 4 + 54690 + + + 4 + 8 + 71671 + + + 8 + 45 + 64304 + + + 45 + 26704 + 18105 + + + + + + + name + type_id + + + 12 + + + 1 + 2 + 655283 + + + 2 + 3 + 110878 + + + 3 + 11 + 65553 + + + 11 + 3463 + 21601 + + + + + + + name + location + + + 12 + + + 1 + 2 + 494209 + + + 2 + 3 + 183424 + + + 3 + 4 + 51693 + + + 4 + 8 + 65053 + + + 8 + 22619 + 58935 + + + + + + + location + id + + + 12 + + + 1 + 2 + 5780058 + + + 2 + 21 + 472733 + + + 21 + 2943 + 27469 + + + + + + + location + variable + + + 12 + + + 1 + 2 + 5860969 + + + 2 + 2935 + 419291 + + + + + + + location + type_id + + + 12 + + + 1 + 2 + 5981463 + + + 2 + 2555 + 298798 + + + + + + + location + name + + + 12 + + + 1 + 2 + 6267899 + + + 2 + 5 + 12361 @@ -15631,11 +12179,11 @@ var_def - 9039911 + 3770379 id - 9039911 + 3770379 @@ -15653,15 +12201,15 @@ var_decl_specifiers - 572469 + 490339 id - 572469 + 490339 name - 23 + 499 @@ -15675,7 +12223,7 @@ 1 2 - 572469 + 490339 @@ -15689,24 +12237,24 @@ 12 - 220 - 221 - 5 + 16 + 17 + 124 - 279 - 280 - 5 + 77 + 78 + 124 - 1747 - 1748 - 5 + 653 + 654 + 124 - 94425 - 94426 - 5 + 3181 + 3182 + 124 @@ -15716,11 +12264,11 @@ is_structured_binding - 15452 + 946 id - 15452 + 946 @@ -15785,19 +12333,19 @@ type_decls - 5742010 + 1634963 id - 5742010 + 1634963 type_id - 5711968 + 1615983 location - 5568539 + 1548807 @@ -15811,7 +12359,7 @@ 1 2 - 5742010 + 1634963 @@ -15827,7 +12375,7 @@ 1 2 - 5742010 + 1634963 @@ -15843,12 +12391,12 @@ 1 2 - 5685802 + 1599626 2 - 7 - 26166 + 10 + 16357 @@ -15864,12 +12412,12 @@ 1 2 - 5685802 + 1599751 2 - 7 - 26166 + 10 + 16232 @@ -15885,12 +12433,12 @@ 1 2 - 5560786 + 1526706 2 64 - 7752 + 22100 @@ -15906,12 +12454,12 @@ 1 2 - 5560786 + 1526831 2 64 - 7752 + 21975 @@ -15921,22 +12469,22 @@ type_def - 2304557 + 1096551 id - 2304557 + 1096551 type_decl_top - 3550840 + 673602 type_decl - 3550840 + 673602 @@ -15947,11 +12495,11 @@ id - 2043 + 2044 constraint - 7659 + 7660 @@ -16382,23 +12930,23 @@ usings - 504409 + 272115 id - 504409 + 272115 element_id - 307661 + 59068 location - 11328 + 26851 kind - 7 + 21 @@ -16412,7 +12960,7 @@ 1 2 - 504409 + 272115 @@ -16428,7 +12976,7 @@ 1 2 - 504409 + 272115 @@ -16444,7 +12992,7 @@ 1 2 - 504409 + 272115 @@ -16460,22 +13008,17 @@ 1 2 - 220283 + 51336 2 - 3 - 45055 + 5 + 5387 - 3 - 4 - 20366 - - - 4 - 768 - 21955 + 5 + 134 + 2345 @@ -16491,22 +13034,17 @@ 1 2 - 220283 + 51336 2 - 3 - 45055 + 5 + 5387 - 3 - 4 - 20366 - - - 4 - 768 - 21955 + 5 + 134 + 2345 @@ -16522,7 +13060,7 @@ 1 2 - 307661 + 59068 @@ -16538,27 +13076,22 @@ 1 2 - 8405 + 21178 2 4 - 880 + 2292 4 - 12 - 895 + 132 + 1954 - 12 - 400 - 869 - - - 410 - 3162 - 277 + 145 + 367 + 1426 @@ -16574,27 +13107,22 @@ 1 2 - 8405 + 21178 2 4 - 880 + 2292 4 - 12 - 895 + 132 + 1954 - 12 - 400 - 869 - - - 410 - 3162 - 277 + 145 + 367 + 1426 @@ -16610,7 +13138,7 @@ 1 2 - 11328 + 26851 @@ -16624,14 +13152,14 @@ 12 - 936 - 937 - 3 + 393 + 394 + 10 - 137090 - 137091 - 3 + 25368 + 25369 + 10 @@ -16645,14 +13173,14 @@ 12 - 62 - 63 - 3 + 214 + 215 + 10 - 84126 - 84127 - 3 + 5378 + 5379 + 10 @@ -16666,14 +13194,14 @@ 12 - 936 - 937 - 3 + 356 + 357 + 10 - 2164 - 2165 - 3 + 2186 + 2187 + 10 @@ -16683,15 +13211,15 @@ using_container - 580180 + 580209 parent - 21896 + 21897 child - 272102 + 272115 @@ -16756,27 +13284,27 @@ 1 2 - 96615 + 96620 2 3 - 120286 + 120292 3 4 - 20100 + 20101 4 5 - 26712 + 26714 5 65 - 8386 + 8387 @@ -17394,23 +13922,23 @@ params - 15008695 + 7067151 id - 15008695 + 7026196 function - 7181147 + 3408025 index - 16474 + 7991 type_id - 3532426 + 1221415 @@ -17424,7 +13952,7 @@ 1 2 - 15008695 + 7026196 @@ -17440,7 +13968,7 @@ 1 2 - 15008695 + 7026196 @@ -17456,7 +13984,12 @@ 1 2 - 15008695 + 6985241 + + + 2 + 3 + 40955 @@ -17472,32 +14005,27 @@ 1 2 - 3972405 + 1474513 2 3 - 1245313 + 927111 3 4 - 815995 + 579241 4 5 - 501032 + 281067 5 - 9 - 569840 - - - 9 - 18 - 76560 + 65 + 146090 @@ -17513,32 +14041,27 @@ 1 2 - 3972405 + 1474513 2 3 - 1245313 + 927111 3 4 - 815995 + 579241 4 5 - 501032 + 281067 5 - 9 - 569840 - - - 9 - 18 - 76560 + 65 + 146090 @@ -17554,27 +14077,22 @@ 1 2 - 4210807 + 1783301 2 3 - 1300553 + 1031622 3 4 - 915814 + 437896 4 - 6 - 629925 - - - 6 - 13 - 124046 + 11 + 155205 @@ -17590,264 +14108,114 @@ 2 3 - 969 + 3995 6 7 - 1938 + 1997 - 8 - 9 - 969 - - - 11 - 12 - 969 - - - 19 - 20 - 969 - - - 37 - 38 - 969 - - - 53 - 54 - 969 - - - 79 - 80 - 969 - - - 118 - 119 - 969 - - - 198 - 199 - 969 - - - 352 - 353 - 969 - - - 667 - 668 - 969 - - - 1184 - 1185 - 969 - - - 2026 - 2027 - 969 - - - 3311 - 3312 - 969 - - - 7410 - 7411 - 969 - - - - - - - index - function - - - 12 - - - 2 - 3 - 969 - - - 6 - 7 - 1938 - - - 8 - 9 - 969 - - - 11 - 12 - 969 - - - 19 - 20 - 969 - - - 37 - 38 - 969 - - - 53 - 54 - 969 - - - 79 - 80 - 969 - - - 118 - 119 - 969 - - - 198 - 199 - 969 - - - 352 - 353 - 969 - - - 667 - 668 - 969 - - - 1184 - 1185 - 969 - - - 2026 - 2027 - 969 - - - 3311 - 3312 - 969 - - - 7410 - 7411 - 969 - - - - - - - index - type_id - - - 12 - - - 1 - 2 - 969 - - - 2 - 3 - 1938 - - - 4 - 5 - 969 - - - 5 - 6 - 969 - - - 8 - 9 - 969 - - - 15 - 16 - 969 - - - 19 - 20 - 969 + 14 + 18 + 624 23 - 24 - 969 + 138 + 624 - 42 - 43 - 969 + 320 + 15486 + 624 - 49 - 50 - 969 + 27294 + 27295 + 124 + + + + + + + index + function + + + 12 + + + 2 + 3 + 3995 - 71 - 72 - 969 + 6 + 7 + 1997 - 115 - 116 - 969 + 14 + 18 + 624 - 165 - 166 - 969 + 23 + 138 + 624 - 270 - 271 - 969 + 320 + 15486 + 624 - 449 - 450 - 969 + 27294 + 27295 + 124 + + + + + + + index + type_id + + + 12 + + + 1 + 2 + 3995 - 3202 - 3203 - 969 + 2 + 3 + 1997 + + + 4 + 7 + 624 + + + 9 + 55 + 624 + + + 116 + 2703 + 624 + + + 7497 + 7498 + 124 @@ -17863,22 +14231,27 @@ 1 2 - 2967432 + 738193 2 - 4 - 270383 + 3 + 240612 - 4 - 80 - 265537 + 3 + 5 + 93273 - 83 - 1228 - 29073 + 5 + 13 + 93897 + + + 13 + 2574 + 55439 @@ -17894,17 +14267,27 @@ 1 2 - 2991660 + 820353 2 - 5 - 303333 + 3 + 179803 - 5 - 869 - 237433 + 3 + 6 + 106258 + + + 6 + 27 + 92274 + + + 27 + 2562 + 22725 @@ -17920,17 +14303,17 @@ 1 2 - 3212618 + 996036 2 - 6 - 279105 + 3 + 166942 - 6 - 15 - 40702 + 3 + 65 + 58436 @@ -18018,19 +14401,19 @@ membervariables - 6289561 + 1499265 id - 6289561 + 1496814 type_id - 816964 + 456075 name - 3334727 + 641686 @@ -18044,7 +14427,12 @@ 1 2 - 6289561 + 1494473 + + + 2 + 4 + 2341 @@ -18060,7 +14448,7 @@ 1 2 - 6289561 + 1496814 @@ -18076,27 +14464,22 @@ 1 2 - 595037 + 338326 2 3 - 66868 + 72218 3 - 6 - 62992 + 10 + 35401 - 6 - 23 - 62992 - - - 28 - 1989 - 29073 + 10 + 4444 + 10130 @@ -18112,22 +14495,22 @@ 1 2 - 654153 + 355917 2 - 4 - 64930 + 3 + 64321 - 4 - 13 - 62023 + 3 + 49 + 34311 - 13 - 1164 - 35857 + 56 + 2185 + 1524 @@ -18143,22 +14526,22 @@ 1 2 - 2136900 + 421164 2 3 - 808242 + 122542 3 5 - 251000 + 57785 5 - 165 - 138583 + 656 + 40193 @@ -18174,17 +14557,17 @@ 1 2 - 2906378 + 524318 2 3 - 348881 + 72817 3 - 165 - 79467 + 660 + 44550 @@ -18380,19 +14763,19 @@ localvariables - 1444946 + 726278 id - 1444946 + 726278 type_id - 22638 + 53441 name - 744 + 101531 @@ -18406,7 +14789,7 @@ 1 2 - 1444946 + 726278 @@ -18422,7 +14805,7 @@ 1 2 - 1444946 + 726278 @@ -18438,22 +14821,37 @@ 1 2 - 11068 + 28885 2 3 - 6883 + 7838 3 4 - 3847 + 4029 4 - 100799 - 838 + 6 + 4053 + + + 6 + 12 + 4145 + + + 12 + 165 + 4009 + + + 165 + 19323 + 480 @@ -18469,12 +14867,22 @@ 1 2 - 21894 + 38385 2 - 49 - 744 + 3 + 6700 + + + 3 + 5 + 4465 + + + 5 + 3502 + 3889 @@ -18490,72 +14898,32 @@ 1 2 - 39 + 62453 2 + 3 + 16032 + + + 3 4 - 63 + 6524 4 - 15 - 50 + 8 + 8146 - 17 - 18 - 43 + 8 + 132 + 7617 - 18 - 21 - 68 - - - 22 - 25 - 57 - - - 26 - 46 - 61 - - - 48 - 56 - 59 - - - 62 - 103 - 57 - - - 110 - 256 - 57 - - - 273 - 1333 - 61 - - - 1350 - 2860 - 59 - - - 2889 - 23413 - 57 - - - 26766 - 207143 - 8 + 132 + 7547 + 756 @@ -18571,32 +14939,22 @@ 1 2 - 439 + 84485 2 3 - 111 + 8414 3 - 6 - 57 + 15 + 7677 - 6 - 22 - 43 - - - 22 - 25 - 57 - - - 25 - 2365 - 35 + 15 + 1509 + 953 @@ -18606,15 +14964,15 @@ autoderivation - 427202 + 229374 var - 427202 + 229374 derivation_type - 51 + 624 @@ -18628,7 +14986,7 @@ 1 2 - 427202 + 229374 @@ -18641,45 +14999,30 @@ 12 - - 11 - 12 - 6 - - - 26 - 27 - 6 - 38 39 - 6 + 124 - 140 - 141 - 6 + 79 + 80 + 124 - 641 - 642 - 6 + 454 + 455 + 124 - 744 - 745 - 6 + 530 + 531 + 124 - 28896 - 28897 - 6 - - - 35445 - 35446 - 6 + 736 + 737 + 124 @@ -18689,15 +15032,15 @@ orphaned_variables - 88222 + 44323 var - 88222 + 44323 function - 57936 + 41052 @@ -18711,7 +15054,7 @@ 1 2 - 88222 + 44323 @@ -18727,17 +15070,12 @@ 1 2 - 33347 + 40201 2 - 3 - 20728 - - - 3 - 21 - 3860 + 47 + 851 @@ -18747,31 +15085,31 @@ enumconstants - 1205579 + 345733 id - 1205579 + 345733 parent - 159904 + 41337 index - 118232 + 13942 type_id - 159904 + 54 name - 1197827 + 345351 location - 1201703 + 318338 @@ -18785,7 +15123,7 @@ 1 2 - 1205579 + 345733 @@ -18801,7 +15139,7 @@ 1 2 - 1205579 + 345733 @@ -18817,7 +15155,7 @@ 1 2 - 1205579 + 345733 @@ -18833,7 +15171,7 @@ 1 2 - 1205579 + 345733 @@ -18849,7 +15187,7 @@ 1 2 - 1205579 + 345733 @@ -18865,47 +15203,57 @@ 1 2 - 18413 + 1524 2 3 - 21320 + 5773 3 4 - 28104 + 8714 4 5 - 22289 + 5500 5 6 - 22289 + 4574 6 + 7 + 2559 + + + 7 8 - 11629 + 1960 8 - 11 - 14536 + 10 + 2941 - 11 - 21 - 12598 + 10 + 15 + 3322 - 21 - 123 - 8722 + 15 + 32 + 3104 + + + 32 + 257 + 1361 @@ -18921,47 +15269,57 @@ 1 2 - 18413 + 1524 2 3 - 21320 + 5773 3 4 - 28104 + 8714 4 5 - 22289 + 5500 5 6 - 22289 + 4574 6 + 7 + 2559 + + + 7 8 - 11629 + 1960 8 - 11 - 14536 + 10 + 2941 - 11 - 21 - 12598 + 10 + 15 + 3322 - 21 - 123 - 8722 + 15 + 32 + 3104 + + + 32 + 257 + 1361 @@ -18977,7 +15335,7 @@ 1 2 - 159904 + 41337 @@ -18993,47 +15351,57 @@ 1 2 - 18413 + 1524 2 3 - 21320 + 5773 3 4 - 28104 + 8714 4 5 - 22289 + 5500 5 6 - 22289 + 4574 6 + 7 + 2559 + + + 7 8 - 11629 + 1960 8 - 11 - 14536 + 10 + 2941 - 11 - 21 - 12598 + 10 + 15 + 3322 - 21 - 123 - 8722 + 15 + 32 + 3104 + + + 32 + 257 + 1361 @@ -19049,47 +15417,57 @@ 1 2 - 18413 + 2124 2 3 - 21320 + 5990 3 4 - 28104 + 8768 4 5 - 22289 + 5446 5 6 - 22289 + 4574 6 + 7 + 2505 + + + 7 8 - 11629 + 1851 8 11 - 14536 + 3757 11 - 21 - 12598 + 17 + 3104 - 21 + 17 123 - 8722 + 3104 + + + 164 + 257 + 108 @@ -19105,37 +15483,47 @@ 1 2 - 21320 + 2777 2 3 - 39733 + 2232 3 + 4 + 2287 + + + 4 5 - 8722 + 1198 5 - 6 - 23258 + 9 + 1143 - 6 - 16 - 10660 + 9 + 12 + 1089 - 16 - 50 - 9691 + 12 + 20 + 1143 - 72 - 166 - 4845 + 20 + 59 + 1089 + + + 64 + 760 + 980 @@ -19151,37 +15539,47 @@ 1 2 - 21320 + 2777 2 3 - 39733 + 2232 3 + 4 + 2287 + + + 4 5 - 8722 + 1198 5 - 6 - 23258 + 9 + 1143 - 6 - 16 - 10660 + 9 + 12 + 1089 - 16 - 50 - 9691 + 12 + 20 + 1143 - 72 - 166 - 4845 + 20 + 59 + 1089 + + + 64 + 760 + 980 @@ -19197,37 +15595,7 @@ 1 2 - 21320 - - - 2 - 3 - 39733 - - - 3 - 5 - 8722 - - - 5 - 6 - 23258 - - - 6 - 16 - 10660 - - - 16 - 50 - 9691 - - - 72 - 166 - 4845 + 13942 @@ -19243,37 +15611,47 @@ 1 2 - 21320 + 2777 2 3 - 39733 + 2232 3 + 4 + 2287 + + + 4 5 - 8722 + 1198 5 - 6 - 23258 + 9 + 1143 - 6 - 16 - 10660 + 9 + 12 + 1089 - 16 - 50 - 9691 + 12 + 20 + 1143 - 72 - 159 - 4845 + 20 + 59 + 1089 + + + 64 + 757 + 980 @@ -19289,37 +15667,47 @@ 1 2 - 21320 + 2777 2 3 - 39733 + 2232 3 + 4 + 2287 + + + 4 5 - 8722 + 1198 5 - 6 - 23258 + 9 + 1143 - 6 - 16 - 10660 + 9 + 12 + 1089 - 16 - 50 - 9691 + 12 + 20 + 1143 - 72 - 162 - 4845 + 20 + 59 + 1089 + + + 64 + 760 + 980 @@ -19333,49 +15721,9 @@ 12 - 1 - 2 - 18413 - - - 2 - 3 - 21320 - - - 3 - 4 - 28104 - - - 4 - 5 - 22289 - - - 5 - 6 - 22289 - - - 6 - 8 - 11629 - - - 8 - 11 - 14536 - - - 11 - 21 - 12598 - - - 21 - 123 - 8722 + 6348 + 6349 + 54 @@ -19389,9 +15737,9 @@ 12 - 1 - 2 - 159904 + 759 + 760 + 54 @@ -19405,49 +15753,9 @@ 12 - 1 - 2 - 18413 - - - 2 - 3 - 21320 - - - 3 - 4 - 28104 - - - 4 - 5 - 22289 - - - 5 - 6 - 22289 - - - 6 - 8 - 11629 - - - 8 - 11 - 14536 - - - 11 - 21 - 12598 - - - 21 - 123 - 8722 + 256 + 257 + 54 @@ -19461,49 +15769,9 @@ 12 - 1 - 2 - 18413 - - - 2 - 3 - 21320 - - - 3 - 4 - 28104 - - - 4 - 5 - 22289 - - - 5 - 6 - 22289 - - - 6 - 8 - 11629 - - - 8 - 11 - 14536 - - - 11 - 21 - 12598 - - - 21 - 123 - 8722 + 6341 + 6342 + 54 @@ -19517,49 +15785,9 @@ 12 - 1 - 2 - 18413 - - - 2 - 3 - 21320 - - - 3 - 4 - 28104 - - - 4 - 5 - 22289 - - - 5 - 6 - 22289 - - - 6 - 8 - 11629 - - - 8 - 11 - 14536 - - - 11 - 21 - 12598 - - - 21 - 123 - 8722 + 5845 + 5846 + 54 @@ -19575,12 +15803,12 @@ 1 2 - 1194919 + 344970 - 3 - 6 - 2907 + 2 + 3 + 381 @@ -19596,12 +15824,12 @@ 1 2 - 1194919 + 344970 - 3 - 6 - 2907 + 2 + 3 + 381 @@ -19617,12 +15845,7 @@ 1 2 - 1196857 - - - 2 - 3 - 969 + 345351 @@ -19638,12 +15861,7 @@ 1 2 - 1194919 - - - 3 - 6 - 2907 + 345351 @@ -19659,12 +15877,12 @@ 1 2 - 1195888 + 344970 - 3 - 4 - 1938 + 2 + 3 + 381 @@ -19680,12 +15898,12 @@ 1 2 - 1200734 + 317303 - 5 - 6 - 969 + 2 + 205 + 1034 @@ -19701,12 +15919,7 @@ 1 2 - 1200734 - - - 5 - 6 - 969 + 318338 @@ -19722,7 +15935,12 @@ 1 2 - 1201703 + 317303 + + + 2 + 205 + 1034 @@ -19738,12 +15956,7 @@ 1 2 - 1200734 - - - 5 - 6 - 969 + 318338 @@ -19759,7 +15972,12 @@ 1 2 - 1201703 + 317303 + + + 2 + 205 + 1034 @@ -19769,31 +15987,31 @@ builtintypes - 59116 + 7616 id - 59116 + 7616 name - 59116 + 7616 kind - 59116 + 7616 size - 6783 + 874 sign - 2907 + 374 alignment - 4845 + 624 @@ -19807,7 +16025,7 @@ 1 2 - 59116 + 7616 @@ -19823,7 +16041,7 @@ 1 2 - 59116 + 7616 @@ -19839,7 +16057,7 @@ 1 2 - 59116 + 7616 @@ -19855,7 +16073,7 @@ 1 2 - 59116 + 7616 @@ -19871,7 +16089,7 @@ 1 2 - 59116 + 7616 @@ -19887,7 +16105,7 @@ 1 2 - 59116 + 7616 @@ -19903,7 +16121,7 @@ 1 2 - 59116 + 7616 @@ -19919,7 +16137,7 @@ 1 2 - 59116 + 7616 @@ -19935,7 +16153,7 @@ 1 2 - 59116 + 7616 @@ -19951,7 +16169,7 @@ 1 2 - 59116 + 7616 @@ -19967,7 +16185,7 @@ 1 2 - 59116 + 7616 @@ -19983,7 +16201,7 @@ 1 2 - 59116 + 7616 @@ -19999,7 +16217,7 @@ 1 2 - 59116 + 7616 @@ -20015,7 +16233,7 @@ 1 2 - 59116 + 7616 @@ -20031,7 +16249,7 @@ 1 2 - 59116 + 7616 @@ -20047,32 +16265,32 @@ 2 3 - 1938 + 249 8 9 - 969 + 124 9 10 - 969 + 124 11 12 - 969 + 124 14 15 - 969 + 124 15 16 - 969 + 124 @@ -20088,32 +16306,32 @@ 2 3 - 1938 + 249 8 9 - 969 + 124 9 10 - 969 + 124 11 12 - 969 + 124 14 15 - 969 + 124 15 16 - 969 + 124 @@ -20129,32 +16347,32 @@ 2 3 - 1938 + 249 8 9 - 969 + 124 9 10 - 969 + 124 11 12 - 969 + 124 14 15 - 969 + 124 15 16 - 969 + 124 @@ -20170,12 +16388,12 @@ 1 2 - 1938 + 249 3 4 - 4845 + 624 @@ -20191,12 +16409,12 @@ 1 2 - 3876 + 499 2 3 - 2907 + 374 @@ -20212,17 +16430,17 @@ 6 7 - 969 + 124 12 13 - 969 + 124 43 44 - 969 + 124 @@ -20238,17 +16456,17 @@ 6 7 - 969 + 124 12 13 - 969 + 124 43 44 - 969 + 124 @@ -20264,17 +16482,17 @@ 6 7 - 969 + 124 12 13 - 969 + 124 43 44 - 969 + 124 @@ -20290,12 +16508,12 @@ 5 6 - 1938 + 249 7 8 - 969 + 124 @@ -20311,7 +16529,7 @@ 5 6 - 2907 + 374 @@ -20327,22 +16545,22 @@ 8 9 - 969 + 124 10 11 - 969 + 124 13 14 - 1938 + 249 17 18 - 969 + 124 @@ -20358,22 +16576,22 @@ 8 9 - 969 + 124 10 11 - 969 + 124 13 14 - 1938 + 249 17 18 - 969 + 124 @@ -20389,22 +16607,22 @@ 8 9 - 969 + 124 10 11 - 969 + 124 13 14 - 1938 + 249 17 18 - 969 + 124 @@ -20420,7 +16638,7 @@ 2 3 - 4845 + 624 @@ -20436,7 +16654,7 @@ 3 4 - 4845 + 624 @@ -20446,23 +16664,23 @@ derivedtypes - 8224885 + 3033684 id - 8224885 + 3033684 name - 6556068 + 1461902 kind - 5814 + 749 type_id - 3912320 + 1948495 @@ -20476,7 +16694,7 @@ 1 2 - 8224885 + 3033684 @@ -20492,7 +16710,7 @@ 1 2 - 8224885 + 3033684 @@ -20508,7 +16726,7 @@ 1 2 - 8224885 + 3033684 @@ -20524,12 +16742,17 @@ 1 2 - 6495982 + 1345279 2 - 523 - 60085 + 28 + 110004 + + + 29 + 4302 + 6617 @@ -20545,7 +16768,7 @@ 1 2 - 6556068 + 1461902 @@ -20561,12 +16784,17 @@ 1 2 - 6496951 + 1345404 2 - 523 - 59116 + 28 + 109879 + + + 29 + 4302 + 6617 @@ -20580,34 +16808,34 @@ 12 - 522 - 523 - 969 + 724 + 725 + 124 - 579 - 580 - 969 + 2333 + 2334 + 124 - 1355 - 1356 - 969 + 3627 + 3628 + 124 - 1566 - 1567 - 969 + 4301 + 4302 + 124 - 1713 - 1714 - 969 + 5557 + 5558 + 124 - 2752 - 2753 - 969 + 7754 + 7755 + 124 @@ -20623,32 +16851,32 @@ 1 2 - 969 + 124 - 546 - 547 - 969 + 671 + 672 + 124 - 1094 - 1095 - 969 + 1613 + 1614 + 124 - 1346 - 1347 - 969 + 2429 + 2430 + 124 - 1520 - 1521 - 969 + 2654 + 2655 + 124 - 2258 - 2259 - 969 + 4340 + 4341 + 124 @@ -20662,34 +16890,34 @@ 12 - 164 - 165 - 969 + 207 + 208 + 124 - 522 - 523 - 969 + 2333 + 2334 + 124 - 1355 - 1356 - 969 + 3623 + 3624 + 124 - 1562 - 1563 - 969 + 4301 + 4302 + 124 - 1650 - 1651 - 969 + 5492 + 5493 + 124 - 2752 - 2753 - 969 + 7754 + 7755 + 124 @@ -20705,27 +16933,22 @@ 1 2 - 2377240 + 1318683 2 3 - 172502 + 376213 3 4 - 380862 + 123365 4 - 5 - 917752 - - - 5 - 124 - 63961 + 137 + 130232 @@ -20741,27 +16964,22 @@ 1 2 - 2388870 + 1320182 2 3 - 172502 + 376213 3 4 - 369233 + 121866 4 - 5 - 917752 - - - 5 - 124 - 63961 + 137 + 130232 @@ -20777,27 +16995,22 @@ 1 2 - 2393715 + 1320556 2 3 - 185101 + 376838 3 4 - 380862 + 123614 4 - 5 - 911937 - - - 5 6 - 40702 + 127485 @@ -20807,19 +17020,19 @@ pointerishsize - 6003672 + 2249416 id - 6003672 + 2249416 size - 1938 + 249 alignment - 1938 + 249 @@ -20833,7 +17046,7 @@ 1 2 - 6003672 + 2249416 @@ -20849,7 +17062,7 @@ 1 2 - 6003672 + 2249416 @@ -20865,12 +17078,12 @@ 3 4 - 969 + 124 - 6192 - 6193 - 969 + 18012 + 18013 + 124 @@ -20886,7 +17099,7 @@ 1 2 - 1938 + 249 @@ -20902,12 +17115,12 @@ 3 4 - 969 + 124 - 6192 - 6193 - 969 + 18012 + 18013 + 124 @@ -20923,7 +17136,7 @@ 1 2 - 1938 + 249 @@ -20933,23 +17146,23 @@ arraysizes - 521384 + 80661 id - 521384 + 80661 num_elements - 124046 + 17855 bytesize - 136645 + 20227 alignment - 4845 + 624 @@ -20963,7 +17176,7 @@ 1 2 - 521384 + 80661 @@ -20979,7 +17192,7 @@ 1 2 - 521384 + 80661 @@ -20995,7 +17208,7 @@ 1 2 - 521384 + 80661 @@ -21011,153 +17224,45 @@ 1 2 - 3876 + 249 2 3 - 84313 + 10863 3 4 - 3876 + 249 4 5 - 11629 + 3496 5 9 - 9691 - - - 10 - 34 - 9691 - - - 65 - 66 - 969 - - - - - - - num_elements - bytesize - - - 12 - - - 1 - 2 - 95942 - - - 2 - 3 - 13567 - - - 3 - 6 - 10660 - - - 6 - 13 - 3876 - - - - - - - num_elements - alignment - - - 12 - - - 1 - 2 - 95942 - - - 2 - 3 - 12598 - - - 3 - 4 - 7752 - - - 4 - 6 - 7752 - - - - - - - bytesize - id - - - 12 - - - 1 - 2 - 5814 - - - 2 - 3 - 93035 - - - 3 - 4 - 2907 - - - 4 - 5 - 11629 - - - 5 - 9 - 11629 + 1498 9 - 21 - 10660 + 42 + 1373 - 32 - 33 - 969 + 56 + 57 + 124 - bytesize - num_elements + num_elements + bytesize 12 @@ -21165,22 +17270,130 @@ 1 2 - 109510 + 11737 2 3 - 11629 + 3995 3 5 - 10660 + 998 + + + 5 + 11 + 1123 + + + + + + + num_elements + alignment + + + 12 + + + 1 + 2 + 11737 + + + 2 + 3 + 3995 + + + 3 + 4 + 749 + + + 4 + 6 + 1373 + + + + + + + bytesize + id + + + 12 + + + 1 + 2 + 624 + + + 2 + 3 + 12736 + + + 3 + 4 + 499 + + + 4 + 5 + 2746 5 7 - 4845 + 1498 + + + 7 + 17 + 1623 + + + 24 + 45 + 499 + + + + + + + bytesize + num_elements + + + 12 + + + 1 + 2 + 14609 + + + 2 + 3 + 3621 + + + 3 + 6 + 1872 + + + 6 + 7 + 124 @@ -21196,17 +17409,22 @@ 1 2 - 111448 + 14858 2 3 - 12598 + 3371 3 + 5 + 1623 + + + 5 6 - 12598 + 374 @@ -21220,29 +17438,29 @@ 12 - 8 - 9 - 969 + 10 + 11 + 124 - 54 - 55 - 969 + 86 + 87 + 124 - 78 - 79 - 969 + 91 + 92 + 124 - 87 - 88 - 969 + 121 + 122 + 124 - 311 - 312 - 969 + 338 + 339 + 124 @@ -21258,27 +17476,22 @@ 4 5 - 969 + 124 - 13 - 14 - 969 + 16 + 17 + 249 - 20 - 21 - 969 + 48 + 49 + 124 - 21 - 22 - 969 - - - 126 - 127 - 969 + 139 + 140 + 124 @@ -21294,22 +17507,27 @@ 4 5 - 969 + 124 19 20 - 969 + 124 - 21 - 22 - 1938 + 20 + 21 + 124 - 126 - 127 - 969 + 48 + 49 + 124 + + + 140 + 141 + 124 @@ -21367,15 +17585,15 @@ typedefbase - 3557623 + 1762387 id - 3557623 + 1762387 type_id - 2754226 + 838075 @@ -21389,7 +17607,7 @@ 1 2 - 3557623 + 1762387 @@ -21405,17 +17623,22 @@ 1 2 - 2414067 + 662611 2 3 - 197699 + 80934 3 - 27 - 142460 + 6 + 64160 + + + 6 + 4526 + 30368 @@ -21425,7 +17648,7 @@ decltypes - 814476 + 814475 id @@ -21433,7 +17656,7 @@ expr - 814476 + 814475 kind @@ -21563,7 +17786,7 @@ 1 2 - 814476 + 814475 @@ -21579,7 +17802,7 @@ 1 2 - 814476 + 814475 @@ -21595,7 +17818,7 @@ 1 2 - 814476 + 814475 @@ -21611,7 +17834,7 @@ 1 2 - 814476 + 814475 @@ -21873,23 +18096,23 @@ type_operators - 21466 + 7961 id - 21466 + 7961 arg_type - 21030 + 7186 kind - 241 + 86 base_type - 17627 + 5250 @@ -21903,7 +18126,7 @@ 1 2 - 21466 + 7961 @@ -21919,7 +18142,7 @@ 1 2 - 21466 + 7961 @@ -21935,7 +18158,7 @@ 1 2 - 21466 + 7961 @@ -21951,12 +18174,12 @@ 1 2 - 20611 + 6412 2 - 4 - 419 + 3 + 774 @@ -21972,12 +18195,12 @@ 1 2 - 20611 + 6412 2 - 4 - 419 + 3 + 774 @@ -21993,12 +18216,12 @@ 1 2 - 20917 + 7165 2 3 - 112 + 21 @@ -22012,69 +18235,24 @@ 12 - 3 - 4 - 16 - - - 4 - 5 - 16 - - - 5 - 6 - 16 + 1 + 2 + 21 7 8 - 16 + 21 - 9 - 10 - 16 + 96 + 97 + 21 - 10 - 11 - 16 - - - 12 - 13 - 32 - - - 16 - 17 - 16 - - - 30 - 31 - 32 - - - 63 - 64 - 16 - - - 108 - 109 - 16 - - - 167 - 168 - 16 - - - 855 - 856 - 16 + 266 + 267 + 21 @@ -22088,69 +18266,24 @@ 12 - 3 - 4 - 16 - - - 4 - 5 - 16 - - - 5 - 6 - 16 + 1 + 2 + 21 7 8 - 16 + 21 - 9 - 10 - 16 + 96 + 97 + 21 - 10 - 11 - 16 - - - 12 - 13 - 32 - - - 16 - 17 - 16 - - - 30 - 31 - 32 - - - 63 - 64 - 16 - - - 108 - 109 - 16 - - - 167 - 168 - 16 - - - 855 - 856 - 16 + 266 + 267 + 21 @@ -22164,69 +18297,24 @@ 12 - 3 - 4 - 16 + 1 + 2 + 21 4 5 - 32 + 21 - 5 - 6 - 16 + 72 + 73 + 21 - 7 - 8 - 16 - - - 9 - 10 - 16 - - - 10 - 11 - 16 - - - 12 - 13 - 16 - - - 16 - 17 - 16 - - - 30 - 31 - 32 - - - 63 - 64 - 16 - - - 108 - 109 - 16 - - - 159 - 160 - 16 - - - 715 - 716 - 16 + 222 + 223 + 21 @@ -22242,17 +18330,22 @@ 1 2 - 14660 + 3636 2 3 - 2370 + 903 3 - 13 - 596 + 4 + 344 + + + 4 + 6 + 365 @@ -22268,17 +18361,22 @@ 1 2 - 14805 + 3787 2 3 - 2322 + 989 3 - 13 - 499 + 4 + 451 + + + 4 + 5 + 21 @@ -22294,12 +18392,17 @@ 1 2 - 16434 + 4088 2 - 6 - 1193 + 3 + 1140 + + + 3 + 4 + 21 @@ -22309,19 +18412,19 @@ usertypes - 6052127 + 4151872 id - 6052127 + 4151872 name - 4651755 + 918586 kind - 11629 + 126 @@ -22335,7 +18438,7 @@ 1 2 - 6052127 + 4151872 @@ -22351,7 +18454,7 @@ 1 2 - 6052127 + 4151872 @@ -22367,12 +18470,22 @@ 1 2 - 4397847 + 654298 2 - 279 - 253908 + 3 + 158678 + + + 3 + 8 + 70571 + + + 8 + 32669 + 35037 @@ -22388,12 +18501,12 @@ 1 2 - 4468592 + 866838 2 - 4 - 183162 + 10 + 51748 @@ -22407,64 +18520,64 @@ 12 - 1 - 2 - 969 + 28 + 29 + 10 - 2 - 3 - 969 + 64 + 65 + 10 - 3 - 4 - 969 + 579 + 580 + 10 - 7 - 8 - 969 + 1052 + 1053 + 10 - 19 - 20 - 969 + 1595 + 1596 + 10 - 62 - 63 - 969 + 1874 + 1875 + 10 - 148 - 149 - 969 + 4586 + 4587 + 10 - 164 - 165 - 969 + 20079 + 20080 + 10 - 257 - 258 - 969 + 21491 + 21492 + 10 - 606 - 607 - 969 + 82092 + 82093 + 10 - 1305 - 1306 - 969 + 92771 + 92772 + 10 - 3671 - 3672 - 969 + 166844 + 166845 + 10 @@ -22478,59 +18591,64 @@ 12 - 1 - 2 - 969 + 19 + 20 + 10 - 2 - 3 - 1938 + 47 + 48 + 10 - 3 - 4 - 969 - - - 9 - 10 - 969 - - - 23 - 24 - 969 - - - 46 - 47 - 969 - - - 53 - 54 - 969 + 50 + 51 + 10 153 154 - 969 + 10 - 209 - 210 - 969 + 417 + 418 + 10 - 1173 - 1174 - 969 + 771 + 772 + 10 - 3319 - 3320 - 969 + 1565 + 1566 + 10 + + + 3066 + 3067 + 10 + + + 5589 + 5590 + 10 + + + 10903 + 10904 + 10 + + + 12189 + 12190 + 10 + + + 57608 + 57609 + 10 @@ -22540,19 +18658,19 @@ usertypesize - 1867486 + 1363894 id - 1867486 + 1363894 size - 102726 + 1478 alignment - 4845 + 84 @@ -22566,7 +18684,7 @@ 1 2 - 1867486 + 1363894 @@ -22582,7 +18700,7 @@ 1 2 - 1867486 + 1363894 @@ -22598,37 +18716,52 @@ 1 2 - 47486 + 464 2 3 - 14536 + 190 3 4 - 8722 + 95 4 - 7 - 8722 + 6 + 95 - 7 + 6 + 9 + 116 + + + 9 19 - 8722 + 116 19 - 54 - 7752 + 30 + 116 - 64 - 459 - 6783 + 30 + 115 + 116 + + + 118 + 1735 + 116 + + + 1839 + 99774 + 52 @@ -22644,22 +18777,17 @@ 1 2 - 72683 + 1204 2 3 - 21320 + 179 3 - 5 - 7752 - - - 5 6 - 969 + 95 @@ -22673,29 +18801,44 @@ 12 - 11 - 12 - 969 + 1 + 2 + 10 - 72 - 73 - 969 + 3 + 4 + 10 - 480 - 481 - 969 + 7 + 8 + 10 - 492 - 493 - 969 + 54 + 55 + 10 - 872 - 873 - 969 + 56 + 57 + 10 + + + 2080 + 2081 + 10 + + + 11949 + 11950 + 10 + + + 114969 + 114970 + 10 @@ -22709,29 +18852,39 @@ 12 - 7 - 8 - 969 + 1 + 2 + 21 - 15 - 16 - 969 + 3 + 4 + 10 - 18 - 19 - 969 + 11 + 12 + 10 - 41 - 42 - 969 + 12 + 13 + 10 - 69 - 70 - 969 + 17 + 18 + 10 + + + 27 + 28 + 10 + + + 111 + 112 + 10 @@ -22741,11 +18894,11 @@ usertype_final - 14321 + 11487 id - 14321 + 11487 @@ -22805,15 +18958,15 @@ usertype_alias_kind - 3557623 + 1762387 id - 3557623 + 1762387 alias_kind - 1938 + 21 @@ -22827,7 +18980,7 @@ 1 2 - 3557623 + 1762387 @@ -22841,14 +18994,14 @@ 12 - 394 - 395 - 969 + 36900 + 36901 + 10 - 3277 - 3278 - 969 + 129944 + 129945 + 10 @@ -22858,18 +19011,18 @@ nontype_template_parameters - 1345749 + 766283 id - 1345749 + 766283 type_template_type_constraint - 27153 + 27154 id @@ -22877,7 +19030,7 @@ constraint - 26013 + 26014 @@ -22942,19 +19095,19 @@ mangled_name - 13577311 + 7859535 id - 13577311 + 7859535 mangled_name - 12739995 + 6370038 is_complete - 969 + 249 @@ -22968,7 +19121,7 @@ 1 2 - 13577311 + 7859535 @@ -22984,7 +19137,7 @@ 1 2 - 13577311 + 7859535 @@ -23000,12 +19153,12 @@ 1 2 - 12475426 + 6041647 2 - 279 - 264568 + 1120 + 328391 @@ -23021,7 +19174,7 @@ 1 2 - 12739995 + 6370038 @@ -23035,9 +19188,14 @@ 12 - 14010 - 14011 - 969 + 6 + 7 + 124 + + + 62939 + 62940 + 124 @@ -23051,9 +19209,14 @@ 12 - 13146 - 13147 - 969 + 6 + 7 + 124 + + + 51010 + 51011 + 124 @@ -23063,59 +19226,59 @@ is_pod_class - 1298615 + 593757 id - 1298615 + 593757 is_standard_layout_class - 1697051 + 1124482 id - 1697051 + 1124482 is_complete - 1816582 + 1346370 id - 1816582 + 1346370 is_class_template - 264958 + 232187 id - 264958 + 232187 class_instantiation - 2192614 + 1126140 to - 2192280 + 1123098 from - 10212 + 71807 @@ -23129,12 +19292,12 @@ 1 2 - 2192042 + 1120964 2 - 4 - 238 + 8 + 2133 @@ -23150,57 +19313,47 @@ 1 2 - 2260 + 20492 2 3 - 1667 + 12886 3 4 - 714 + 7108 4 5 - 597 + 4658 5 7 - 853 + 6073 7 - 12 - 783 + 10 + 5725 - 12 - 24 - 809 + 10 + 17 + 5904 - 24 - 55 - 775 + 17 + 51 + 5397 - 55 - 136 - 770 - - - 138 - 2697 - 779 - - - 2697 - 40686 - 199 + 51 + 4223 + 3559 @@ -23210,19 +19363,19 @@ class_template_argument - 4874957 + 2898837 type_id - 2400642 + 1367190 index - 446 + 1183 arg_type - 663608 + 822145 @@ -23236,27 +19389,27 @@ 1 2 - 976327 + 579395 2 3 - 686449 + 410312 3 4 - 546554 + 251063 4 - 6 - 183702 + 7 + 103106 - 6 - 104 - 7609 + 7 + 113 + 23312 @@ -23272,22 +19425,22 @@ 1 2 - 1061385 + 607937 2 3 - 622478 + 424319 3 4 - 578009 + 251897 4 - 89 - 138769 + 113 + 83036 @@ -23301,49 +19454,39 @@ 12 - 30 - 31 - 51 + 2 + 3 + 10 - 38 - 39 - 77 + 4 + 5 + 749 - 46 - 47 - 77 + 5 + 30 + 95 - 54 - 55 - 64 + 33 + 90 + 95 - 60 - 107 - 38 + 95 + 453 + 95 - 112 - 183 - 38 + 643 + 7128 + 95 - 230 - 390 - 34 - - - 418 - 1490 - 34 - - - 1757 - 554312 - 25 + 11968 + 129429 + 42 @@ -23357,54 +19500,39 @@ 12 - 30 - 31 - 51 + 2 + 3 + 10 - 38 - 39 - 77 + 4 + 5 + 749 - 39 - 45 - 12 + 5 + 16 + 105 - 46 - 47 + 16 + 35 95 - 47 - 54 - 21 + 37 + 155 + 95 - 54 - 55 - 64 + 196 + 3263 + 95 - 55 - 104 - 34 - - - 106 - 356 - 34 - - - 367 - 1288 - 34 - - - 7294 - 108536 - 17 + 10413 + 44533 + 31 @@ -23420,27 +19548,27 @@ 1 2 - 475363 + 513746 2 3 - 45850 + 167657 3 - 7 - 59952 + 5 + 75092 - 7 - 20 - 50259 + 5 + 47 + 61741 - 20 - 78713 - 32182 + 47 + 12618 + 3908 @@ -23456,17 +19584,17 @@ 1 2 - 523709 + 723856 2 3 - 92689 + 79920 3 - 36 - 47210 + 22 + 18369 @@ -23476,19 +19604,19 @@ class_template_argument_value - 1488982 + 510083 type_id - 929638 + 205811 index - 51 + 306 arg_value - 1394094 + 509947 @@ -23502,22 +19630,17 @@ 1 2 - 660327 + 155798 2 3 - 105219 + 43370 3 - 4 - 154027 - - - 4 - 14 - 10064 + 8 + 6643 @@ -23533,22 +19656,22 @@ 1 2 - 655572 + 147928 2 3 - 105690 + 40474 3 - 4 - 154049 + 45 + 15535 - 4 - 313 - 14325 + 45 + 154 + 1873 @@ -23562,69 +19685,49 @@ 12 - 15 - 16 - 3 + 2 + 3 + 34 - 16 - 17 - 7 + 20 + 21 + 34 - 100 - 101 - 3 + 49 + 50 + 34 - 162 - 163 - 3 + 84 + 85 + 34 - 242 - 243 - 3 + 105 + 106 + 34 - 358 - 359 - 3 + 278 + 279 + 34 - 504 - 505 - 3 + 981 + 982 + 34 - 1520 - 1521 - 3 + 2471 + 2472 + 34 - 3113 - 3114 - 3 - - - 47424 - 47425 - 3 - - - 63499 - 63500 - 3 - - - 121527 - 121528 - 3 - - - 138888 - 138889 - 3 + 3753 + 3754 + 34 @@ -23638,69 +19741,49 @@ 12 - 20 - 21 - 3 + 3 + 4 + 34 - 26 - 27 - 7 + 74 + 75 + 34 - 185 - 186 - 3 + 105 + 106 + 34 - 302 - 303 - 3 + 273 + 274 + 34 - 555 - 556 - 3 + 336 + 337 + 34 - 787 - 788 - 3 + 892 + 893 + 34 - 1062 - 1063 - 3 + 2433 + 2434 + 34 - 2391 - 2392 - 3 + 4801 + 4802 + 34 - 4694 - 4695 - 3 - - - 47910 - 47911 - 3 - - - 66111 - 66112 - 3 - - - 123253 - 123254 - 3 - - - 134221 - 134222 - 3 + 6051 + 6052 + 34 @@ -23716,12 +19799,12 @@ 1 2 - 1306054 + 509811 2 - 5 - 88039 + 3 + 136 @@ -23737,12 +19820,7 @@ 1 2 - 1393907 - - - 2 - 5 - 186 + 509947 @@ -23752,15 +19830,15 @@ is_proxy_class_for - 48455 + 48442 id - 48455 + 48442 templ_param_id - 45782 + 45769 @@ -23774,7 +19852,7 @@ 1 2 - 48455 + 48442 @@ -23790,7 +19868,7 @@ 1 2 - 45063 + 45051 2 @@ -23805,23 +19883,23 @@ type_mentions - 19988012 + 5902896 id - 19988012 + 5902896 type_id - 1262757 + 276673 location - 19988012 + 5846581 kind - 1938 + 54 @@ -23835,7 +19913,7 @@ 1 2 - 19988012 + 5902896 @@ -23851,7 +19929,7 @@ 1 2 - 19988012 + 5902896 @@ -23867,7 +19945,7 @@ 1 2 - 19988012 + 5902896 @@ -23883,184 +19961,199 @@ 1 2 - 667720 + 136593 2 3 - 220958 + 31153 - - 3 - 5 - 116293 - - - 5 - 11 - 101757 - - - 11 - 44 - 94973 - - - 45 - 3662 - 61054 - - - - - - - type_id - location - - - 12 - - - 1 - 2 - 667720 - - - 2 - 3 - 220958 - - - 3 - 5 - 116293 - - - 5 - 11 - 101757 - - - 11 - 44 - 94973 - - - 45 - 3662 - 61054 - - - - - - - type_id - kind - - - 12 - - - 1 - 2 - 1259850 - - - 2 - 3 - 2907 - - - - - - - location - id - - - 12 - - - 1 - 2 - 19988012 - - - - - - - location - type_id - - - 12 - - - 1 - 2 - 19988012 - - - - - - - location - kind - - - 12 - - - 1 - 2 - 19988012 - - - - - - - kind - id - - - 12 - - - 10 - 11 - 969 - - - 20615 - 20616 - 969 - - - - - - - kind - type_id - - - 12 - 3 4 - 969 + 11273 - 1303 - 1304 - 969 + 4 + 5 + 14922 + + + 5 + 7 + 19988 + + + 7 + 12 + 21785 + + + 12 + 28 + 21077 + + + 28 + 8940 + 19879 + + + + + + + type_id + location + + + 12 + + + 1 + 2 + 136593 + + + 2 + 3 + 31153 + + + 3 + 4 + 11273 + + + 4 + 5 + 14922 + + + 5 + 7 + 19988 + + + 7 + 12 + 21785 + + + 12 + 28 + 21077 + + + 28 + 8940 + 19879 + + + + + + + type_id + kind + + + 12 + + + 1 + 2 + 276673 + + + + + + + location + id + + + 12 + + + 1 + 2 + 5800886 + + + 2 + 4 + 45694 + + + + + + + location + type_id + + + 12 + + + 1 + 2 + 5800886 + + + 2 + 4 + 45694 + + + + + + + location + kind + + + 12 + + + 1 + 2 + 5846581 + + + + + + + kind + id + + + 12 + + + 108383 + 108384 + 54 + + + + + + + kind + type_id + + + 12 + + + 5080 + 5081 + 54 @@ -24074,14 +20167,9 @@ 12 - 10 - 11 - 969 - - - 20615 - 20616 - 969 + 107349 + 107350 + 54 @@ -24091,26 +20179,26 @@ is_function_template - 2373374 + 1332543 id - 2373374 + 1332543 function_instantiation - 1087747 + 973628 to - 1087747 + 973628 from - 181540 + 182644 @@ -24124,7 +20212,7 @@ 1 2 - 1087747 + 973628 @@ -24140,22 +20228,27 @@ 1 2 - 143026 + 110588 2 3 - 20398 + 42790 3 - 15 - 13707 + 9 + 14377 - 15 - 13978 - 4408 + 9 + 104 + 13729 + + + 119 + 1532 + 1158 @@ -24165,19 +20258,19 @@ function_template_argument - 4582754 + 2484800 function_id - 1968725 + 1453288 index - 441 + 476 arg_type - 378486 + 298003 @@ -24191,27 +20284,22 @@ 1 2 - 595467 + 783011 2 3 - 683565 + 413156 3 4 - 409482 + 171810 4 - 5 - 171411 - - - 5 - 103 - 108799 + 15 + 85309 @@ -24227,27 +20315,22 @@ 1 2 - 607506 + 802158 2 3 - 680737 + 411248 3 4 - 419222 + 169630 4 - 5 - 173494 - - - 5 - 60 - 87764 + 9 + 70250 @@ -24261,53 +20344,53 @@ 12 - 5 - 6 - 51 + 1 + 2 + 170 - 9 - 10 - 77 - - - 13 - 14 - 12 - - - 18 - 19 - 64 - - - 22 - 23 - 64 - - - 25 - 406 + 7 + 8 34 - 529 - 650 - 30 - - - 661 - 788 + 45 + 46 34 - 799 - 1542 + 77 + 78 34 - 2040 - 454582 + 138 + 139 + 34 + + + 280 + 281 + 34 + + + 2504 + 2505 + 34 + + + 7547 + 7548 + 34 + + + 19674 + 19675 + 34 + + + 42657 + 42658 34 @@ -24322,74 +20405,54 @@ 12 - 2 - 3 - 25 - - - 3 - 4 - 25 + 1 + 2 + 170 4 5 - 17 - - - 5 - 6 - 47 - - - 6 - 9 - 30 - - - 9 - 10 - 25 - - - 10 - 11 - 30 - - - 11 - 12 - 38 - - - 12 - 14 - 38 - - - 24 - 39 34 - 40 - 52 + 17 + 18 + 34 + + + 27 + 28 34 52 - 77 + 53 34 - 83 - 791 + 112 + 113 34 - 1290 - 49710 - 21 + 315 + 316 + 34 + + + 972 + 973 + 34 + + + 2754 + 2755 + 34 + + + 6081 + 6082 + 34 @@ -24405,27 +20468,37 @@ 1 2 - 271124 + 174774 2 3 - 26881 + 26335 3 - 5 - 30290 + 4 + 19998 - 5 + 4 + 6 + 22655 + + + 6 11 - 32044 + 23235 11 - 102410 - 18146 + 76 + 23371 + + + 79 + 2452 + 7631 @@ -24441,17 +20514,17 @@ 1 2 - 329933 + 256813 2 3 - 30324 + 32127 3 - 35 - 18228 + 15 + 9062 @@ -24461,19 +20534,19 @@ function_template_argument_value - 1219038 + 452779 function_id - 878373 + 196783 index - 51 + 476 arg_value - 1107321 + 450087 @@ -24487,17 +20560,17 @@ 1 2 - 614094 + 151403 2 3 - 263862 + 42893 3 - 14 - 416 + 8 + 2487 @@ -24513,17 +20586,22 @@ 1 2 - 610202 + 144487 2 3 - 263833 + 36692 3 - 209 - 4337 + 54 + 14854 + + + 54 + 113 + 749 @@ -24536,55 +20614,55 @@ 12 + + 1 + 2 + 170 + + + 2 + 3 + 34 + 3 4 - 18 + 34 4 5 - 3 + 34 - 13 - 14 - 3 + 15 + 16 + 34 - 18 - 19 - 3 + 27 + 28 + 34 - 44 - 45 - 3 + 1345 + 1346 + 34 - 116 - 117 - 3 + 1388 + 1389 + 34 - 6765 - 6766 - 3 + 1850 + 1851 + 34 - 10035 - 10036 - 3 - - - 90635 - 90636 - 3 - - - 205204 - 205205 - 3 + 2547 + 2548 + 34 @@ -24598,54 +20676,54 @@ 12 - 5 - 6 - 18 + 1 + 2 + 170 - 6 - 7 - 3 + 2 + 3 + 34 - 19 - 20 - 3 + 3 + 4 + 34 - 22 - 23 - 3 + 4 + 5 + 34 - 64 - 65 - 3 + 51 + 52 + 34 - 234 - 235 - 3 + 63 + 64 + 34 - 7866 - 7867 - 3 + 1906 + 1907 + 34 - 12284 - 12285 - 3 + 3295 + 3296 + 34 - 87096 - 87097 - 3 + 3702 + 3703 + 34 - 195391 - 195392 - 3 + 4180 + 4181 + 34 @@ -24661,17 +20739,12 @@ 1 2 - 1007971 + 447396 2 3 - 87655 - - - 3 - 5 - 11694 + 2691 @@ -24687,12 +20760,7 @@ 1 2 - 1107318 - - - 2 - 3 - 3 + 450087 @@ -24702,11 +20770,11 @@ is_variable_template - 110479 + 58685 id - 110479 + 58685 @@ -24796,19 +20864,19 @@ variable_template_argument - 779492 + 769159 variable_id - 401670 + 401311 index - 58 + 1997 arg_type - 109675 + 256344 @@ -24822,17 +20890,22 @@ 1 2 - 28298 + 156703 2 3 - 370022 + 189917 3 - 10 - 3349 + 4 + 36460 + + + 4 + 17 + 18230 @@ -24848,17 +20921,22 @@ 1 2 - 29995 + 171562 2 3 - 369899 + 180178 3 - 9 - 1775 + 4 + 33713 + + + 4 + 17 + 15857 @@ -24872,44 +20950,44 @@ 12 - 7 - 8 - 6 + 28 + 29 + 874 - 8 - 9 - 12 + 34 + 35 + 374 - 9 - 10 - 6 + 37 + 38 + 124 - 32 - 33 - 6 + 66 + 67 + 124 - 106 - 107 - 6 + 146 + 147 + 124 - 517 - 518 - 6 + 438 + 439 + 124 - 57632 - 57633 - 6 + 1959 + 1960 + 124 - 62000 - 62001 - 6 + 3214 + 3215 + 124 @@ -24925,42 +21003,42 @@ 1 2 - 6 + 874 2 3 - 12 + 374 - 3 - 4 - 6 + 5 + 6 + 124 - 8 - 9 - 6 + 28 + 29 + 124 - 51 - 52 - 6 + 54 + 55 + 124 - 193 - 194 - 6 + 161 + 162 + 124 - 1557 - 1558 - 6 + 745 + 746 + 124 - 15672 - 15673 - 6 + 1325 + 1326 + 124 @@ -24976,37 +21054,22 @@ 1 2 - 58157 + 175558 2 3 - 21016 + 44701 3 - 5 - 9491 - - - 5 6 - 3051 + 21601 6 - 7 - 9218 - - - 7 - 50 - 8227 - - - 50 - 1375 - 511 + 206 + 14484 @@ -25022,12 +21085,17 @@ 1 2 - 106325 + 228000 2 - 10 - 3349 + 3 + 24722 + + + 3 + 7 + 3621 @@ -25198,15 +21266,15 @@ template_template_instantiation - 12896 + 6368 to - 8387 + 4994 from - 75 + 1123 @@ -25220,12 +21288,12 @@ 1 2 - 3878 + 3621 2 3 - 4508 + 1373 @@ -25241,22 +21309,22 @@ 1 2 - 52 + 749 2 3 - 7 + 124 - 830 - 831 - 7 + 16 + 17 + 124 - 880 - 881 - 7 + 27 + 28 + 124 @@ -25266,11 +21334,11 @@ template_template_argument - 9678 + 9675 type_id - 6117 + 6116 index @@ -25278,7 +21346,7 @@ arg_type - 9086 + 9084 @@ -25292,7 +21360,7 @@ 1 2 - 5018 + 5017 2 @@ -25323,7 +21391,7 @@ 1 2 - 5039 + 5038 2 @@ -25476,7 +21544,7 @@ 1 2 - 9055 + 9052 3 @@ -25497,7 +21565,7 @@ 1 2 - 9065 + 9063 2 @@ -25764,11 +21832,11 @@ concept_instantiation - 90434 + 90437 to - 90434 + 90437 from @@ -25786,7 +21854,7 @@ 1 2 - 90434 + 90437 @@ -25882,22 +21950,22 @@ is_type_constraint - 36900 + 36902 concept_id - 36900 + 36902 concept_template_argument - 113047 + 113051 concept_id - 76383 + 76386 index @@ -25905,7 +21973,7 @@ arg_type - 21430 + 21431 @@ -25919,12 +21987,12 @@ 1 2 - 46475 + 46477 2 3 - 24679 + 24680 3 @@ -25945,7 +22013,7 @@ 1 2 - 50090 + 50092 2 @@ -26104,7 +22172,7 @@ 1 2 - 18030 + 18031 2 @@ -26124,19 +22192,19 @@ concept_template_argument_value - 112 + 106 concept_id - 112 + 83 index - 32 + 15 arg_value - 112 + 106 @@ -26150,7 +22218,7 @@ 1 2 - 112 + 83 @@ -26166,7 +22234,12 @@ 1 2 - 112 + 60 + + + 2 + 3 + 22 @@ -26180,14 +22253,14 @@ 12 - 2 - 3 - 16 + 3 + 4 + 7 - 5 - 6 - 16 + 8 + 9 + 7 @@ -26201,14 +22274,14 @@ 12 - 2 - 3 - 16 + 4 + 5 + 7 - 5 - 6 - 16 + 10 + 11 + 7 @@ -26224,7 +22297,7 @@ 1 2 - 112 + 106 @@ -26240,7 +22313,7 @@ 1 2 - 112 + 106 @@ -26250,15 +22323,15 @@ routinetypes - 792462 + 604318 id - 792462 + 604318 return_type - 176968 + 283864 @@ -26272,7 +22345,7 @@ 1 2 - 792462 + 604318 @@ -26288,17 +22361,17 @@ 1 2 - 148650 + 234225 2 3 - 18859 + 35091 3 - 40273 - 9458 + 4676 + 14547 @@ -26674,19 +22747,19 @@ ptrtomembers - 24227 + 9728 id - 24227 + 9728 type_id - 24227 + 7975 class_id - 2907 + 4869 @@ -26700,7 +22773,7 @@ 1 2 - 24227 + 9728 @@ -26716,7 +22789,7 @@ 1 2 - 24227 + 9728 @@ -26732,7 +22805,12 @@ 1 2 - 24227 + 7753 + + + 2 + 84 + 221 @@ -26748,7 +22826,12 @@ 1 2 - 24227 + 7753 + + + 2 + 84 + 221 @@ -26764,12 +22847,22 @@ 1 2 - 969 + 3897 - 12 - 13 - 1938 + 2 + 3 + 528 + + + 8 + 9 + 401 + + + 10 + 65 + 42 @@ -26785,12 +22878,22 @@ 1 2 - 969 + 3897 - 12 - 13 - 1938 + 2 + 3 + 528 + + + 8 + 9 + 401 + + + 10 + 65 + 42 @@ -26800,15 +22903,15 @@ specifiers - 60085 + 7741 id - 60085 + 7741 str - 60085 + 7741 @@ -26822,7 +22925,7 @@ 1 2 - 60085 + 7741 @@ -26838,7 +22941,7 @@ 1 2 - 60085 + 7741 @@ -26848,15 +22951,15 @@ typespecifiers - 2259977 + 854940 type_id - 2226058 + 847448 spec_id - 10660 + 1623 @@ -26870,12 +22973,12 @@ 1 2 - 2192139 + 839957 2 3 - 33919 + 7491 @@ -26891,47 +22994,67 @@ 1 2 - 1938 + 124 2 3 - 1938 + 124 - 23 - 24 - 969 + 16 + 17 + 124 - 26 - 27 - 969 + 17 + 18 + 124 - 30 - 31 - 969 + 24 + 25 + 124 - 71 - 72 - 969 + 44 + 45 + 124 - 260 - 261 - 969 + 49 + 50 + 124 - 265 - 266 - 969 + 51 + 52 + 124 - 1651 - 1652 - 969 + 112 + 113 + 124 + + + 199 + 200 + 124 + + + 325 + 326 + 124 + + + 545 + 546 + 124 + + + 5462 + 5463 + 124 @@ -26941,15 +23064,15 @@ funspecifiers - 16276298 + 9723248 func_id - 7605620 + 4012489 spec_id - 15505 + 2372 @@ -26963,27 +23086,27 @@ 1 2 - 4160413 + 1528454 2 3 - 533013 + 506696 3 4 - 675473 + 1037865 4 5 - 2183417 + 693492 5 - 7 - 53301 + 8 + 245981 @@ -26997,84 +23120,99 @@ 12 - 1 - 2 - 969 + 17 + 18 + 124 - 7 - 8 - 969 + 18 + 19 + 124 - 15 - 16 - 969 + 53 + 54 + 124 - 23 - 24 - 969 + 114 + 115 + 124 - 72 - 73 - 969 + 216 + 217 + 124 - 77 - 78 - 969 + 272 + 273 + 124 - 79 - 80 - 969 + 355 + 356 + 124 - 100 - 101 - 969 + 653 + 654 + 124 - 104 - 105 - 969 + 767 + 768 + 124 - 105 - 106 - 969 + 823 + 824 + 124 - 121 - 122 - 969 + 1095 + 1096 + 124 - 189 - 190 - 969 + 1261 + 1262 + 124 - 2717 - 2718 - 969 + 1663 + 1664 + 124 - 3165 - 3166 - 969 + 3301 + 3302 + 124 - 3668 - 3669 - 969 + 3355 + 3356 + 124 - 6352 - 6353 - 969 + 6170 + 6171 + 124 + + + 15121 + 15122 + 124 + + + 19840 + 19841 + 124 + + + 22777 + 22778 + 124 @@ -27084,15 +23222,15 @@ varspecifiers - 10333681 + 3078135 var_id - 8874192 + 2316967 spec_id - 8722 + 1123 @@ -27106,17 +23244,17 @@ 1 2 - 7525183 + 1659561 2 3 - 1293769 + 554144 - 4 + 3 5 - 55239 + 103262 @@ -27130,49 +23268,49 @@ 12 - 11 - 12 - 969 + 97 + 98 + 124 - 73 - 74 - 969 + 240 + 241 + 124 - 120 - 121 - 969 + 1091 + 1092 + 124 - 127 - 128 - 969 + 1332 + 1333 + 124 - 136 - 137 - 969 + 2238 + 2239 + 124 - 406 - 407 - 969 + 2773 + 2774 + 124 - 959 - 960 - 969 + 3449 + 3450 + 124 - 1244 - 1245 - 969 + 4939 + 4940 + 124 - 7587 - 7588 - 969 + 8493 + 8494 + 124 @@ -27182,15 +23320,15 @@ explicit_specifier_exprs - 123740 + 41329 func_id - 123740 + 41329 constant - 123740 + 41329 @@ -27204,7 +23342,7 @@ 1 2 - 123740 + 41329 @@ -27220,7 +23358,7 @@ 1 2 - 123740 + 41329 @@ -27230,27 +23368,27 @@ attributes - 3690392 + 654409 id - 3690392 + 654409 kind - 1938 + 374 name - 9691 + 2122 name_space - 1938 + 249 location - 3690392 + 648291 @@ -27264,7 +23402,7 @@ 1 2 - 3690392 + 654409 @@ -27280,7 +23418,7 @@ 1 2 - 3690392 + 654409 @@ -27296,7 +23434,7 @@ 1 2 - 3690392 + 654409 @@ -27312,7 +23450,7 @@ 1 2 - 3690392 + 654409 @@ -27326,14 +23464,19 @@ 12 - 81 - 82 - 969 + 7 + 8 + 124 - 3727 - 3728 - 969 + 2406 + 2407 + 124 + + + 2828 + 2829 + 124 @@ -27342,6 +23485,53 @@ kind name + + + 12 + + + 1 + 2 + 124 + + + 6 + 7 + 124 + + + 12 + 13 + 124 + + + + + + + kind + name_space + + + 12 + + + 1 + 2 + 249 + + + 2 + 3 + 124 + + + + + + + kind + location 12 @@ -27349,54 +23539,17 @@ 4 5 - 969 + 124 - 8 - 9 - 969 - - - - - - - kind - name_space - - - 12 - - - 1 - 2 - 969 + 2360 + 2361 + 124 - 2 - 3 - 969 - - - - - - - kind - location - - - 12 - - - 81 - 82 - 969 - - - 3727 - 3728 - 969 + 2828 + 2829 + 124 @@ -27410,44 +23563,74 @@ 12 - 2 - 3 - 1938 + 1 + 2 + 249 3 4 - 969 + 124 + + + 6 + 7 + 124 + + + 7 + 8 + 249 + + + 10 + 11 + 249 14 15 - 1938 + 124 - 20 - 21 - 969 + 18 + 19 + 124 - 54 - 55 - 969 + 24 + 25 + 124 - 67 - 68 - 969 + 59 + 60 + 124 + + + 62 + 63 + 124 72 73 - 969 + 124 - 3560 - 3561 - 969 + 341 + 342 + 124 + + + 1977 + 1978 + 124 + + + 2629 + 2630 + 124 @@ -27463,12 +23646,12 @@ 1 2 - 7752 + 1872 2 3 - 1938 + 249 @@ -27484,7 +23667,7 @@ 1 2 - 9691 + 2122 @@ -27498,44 +23681,79 @@ 12 - 2 - 3 - 1938 + 1 + 2 + 249 3 4 - 969 + 124 + + + 4 + 5 + 124 + + + 6 + 7 + 124 + + + 7 + 8 + 124 + + + 10 + 11 + 249 14 15 - 1938 + 124 - 20 - 21 - 969 + 18 + 19 + 124 - 54 - 55 - 969 + 24 + 25 + 124 - 67 - 68 - 969 + 59 + 60 + 124 + + + 62 + 63 + 124 72 73 - 969 + 124 - 3560 - 3561 - 969 + 336 + 337 + 124 + + + 1977 + 1978 + 124 + + + 2629 + 2630 + 124 @@ -27549,14 +23767,14 @@ 12 - 2 - 3 - 969 + 11 + 12 + 124 - 3806 - 3807 - 969 + 5230 + 5231 + 124 @@ -27572,12 +23790,12 @@ 1 2 - 969 + 124 - 2 - 3 - 969 + 3 + 4 + 124 @@ -27591,14 +23809,14 @@ 12 - 1 - 2 - 969 + 2 + 3 + 124 - 9 - 10 - 969 + 15 + 16 + 124 @@ -27612,14 +23830,14 @@ 12 - 2 - 3 - 969 + 11 + 12 + 124 - 3806 - 3807 - 969 + 5181 + 5182 + 124 @@ -27635,7 +23853,12 @@ 1 2 - 3690392 + 642422 + + + 2 + 5 + 5868 @@ -27651,7 +23874,7 @@ 1 2 - 3690392 + 648291 @@ -27667,7 +23890,12 @@ 1 2 - 3690392 + 643172 + + + 2 + 3 + 5119 @@ -27683,7 +23911,7 @@ 1 2 - 3690392 + 648291 @@ -27693,27 +23921,27 @@ attribute_args - 1436500 + 82562 id - 1436500 + 82562 kind - 64 + 17 attribute - 658874 + 71259 index - 112 + 40 location - 605394 + 57184 @@ -27727,7 +23955,7 @@ 1 2 - 1436500 + 82562 @@ -27743,7 +23971,7 @@ 1 2 - 1436500 + 82562 @@ -27759,7 +23987,7 @@ 1 2 - 1436500 + 82562 @@ -27775,7 +24003,7 @@ 1 2 - 1436500 + 82562 @@ -27789,24 +24017,19 @@ 12 - 2 - 3 - 16 + 100 + 101 + 5 - 40 - 41 - 16 + 2252 + 2253 + 5 - 21308 - 21309 - 16 - - - 67719 - 67720 - 16 + 11914 + 11915 + 5 @@ -27820,24 +24043,19 @@ 12 - 2 - 3 - 16 + 100 + 101 + 5 - 40 - 41 - 16 + 1892 + 1893 + 5 - 19864 - 19865 - 16 - - - 21058 - 21059 - 16 + 10583 + 10584 + 5 @@ -27853,17 +24071,17 @@ 1 2 - 32 + 5 - 3 - 4 - 16 + 4 + 5 + 5 7 8 - 16 + 5 @@ -27877,24 +24095,19 @@ 12 - 2 - 3 - 16 + 15 + 16 + 5 - 18 - 19 - 16 + 2183 + 2184 + 5 - 13313 - 13314 - 16 - - - 24224 - 24225 - 16 + 9330 + 9331 + 5 @@ -27910,27 +24123,17 @@ 1 2 - 350298 + 65790 2 - 3 - 69108 - - - 3 - 4 - 161602 - - - 4 7 - 41335 + 5347 7 - 19 - 36529 + 25 + 121 @@ -27946,12 +24149,12 @@ 1 2 - 657084 + 69743 2 3 - 1790 + 1516 @@ -27967,53 +24170,33 @@ 1 2 - 350911 + 68215 2 - 3 - 69043 + 8 + 3044 + + + + + + + attribute + location + + + 12 + + + 1 + 2 + 68747 - 3 - 4 - 161634 - - - 5 + 2 6 - 40964 - - - 7 - 8 - 36320 - - - - - - - attribute - location - - - 12 - - - 1 - 2 - 485854 - - - 2 - 3 - 135216 - - - 3 - 8 - 37803 + 2511 @@ -28027,29 +24210,39 @@ 12 - 2252 - 2253 - 32 + 2 + 3 + 5 - 4792 - 4793 - 32 + 9 + 10 + 5 - 14842 - 14843 - 16 + 82 + 83 + 5 - 19123 - 19124 - 16 + 83 + 84 + 5 - 41016 - 41017 - 16 + 271 + 272 + 5 + + + 526 + 527 + 5 + + + 13293 + 13294 + 5 @@ -28065,135 +24258,135 @@ 1 2 - 64 + 17 2 3 - 32 - - - 4 - 5 - 16 - - - - - - - index - attribute - - - 12 - - - 2252 - 2253 - 32 - - - 4792 - 4793 - 32 - - - 14814 - 14815 - 16 - - - 19095 - 19096 - 16 - - - 40853 - 40854 - 16 - - - - - - - index - location - - - 12 - - - 1222 - 1223 - 32 - - - 3434 - 3435 - 16 - - - 4342 - 4343 - 16 - - - 10135 - 10136 - 16 - - - 14524 - 14525 - 16 - - - 23710 - 23711 - 16 - - - - - - - location - id - - - 12 - - - 1 - 2 - 305801 - - - 2 - 3 - 151909 + 17 3 4 - 23046 + 5 + + + + + + + index + attribute + + + 12 + + + 2 + 3 + 5 - 4 - 5 - 45432 + 9 + 10 + 5 - 5 - 7 - 48190 + 82 + 83 + 5 - 7 - 41 - 31014 + 83 + 84 + 5 + + + 271 + 272 + 5 + + + 526 + 527 + 5 + + + 12313 + 12314 + 5 + + + + + + + index + location + + + 12 + + + 2 + 3 + 5 + + + 9 + 10 + 5 + + + 82 + 83 + 5 + + + 83 + 84 + 5 + + + 271 + 272 + 5 + + + 441 + 442 + 5 + + + 9074 + 9075 + 5 + + + + + + + location + id + + + 12 + + + 1 + 2 + 41506 + + + 2 + 3 + 11858 + + + 3 + 25 + 3819 @@ -28209,12 +24402,12 @@ 1 2 - 605072 + 47653 2 3 - 322 + 9531 @@ -28230,17 +24423,17 @@ 1 2 - 394521 + 42861 2 3 - 166617 + 12298 3 - 9 - 44255 + 11 + 2025 @@ -28256,22 +24449,12 @@ 1 2 - 443228 + 56935 2 - 3 - 81042 - - - 3 - 5 - 40819 - - - 5 8 - 40303 + 248 @@ -28281,15 +24464,15 @@ attribute_arg_value - 1092168 + 16693 arg - 1092168 + 16693 value - 7515 + 511 @@ -28303,7 +24486,7 @@ 1 2 - 1092168 + 16693 @@ -28319,47 +24502,52 @@ 1 2 - 1354 - - - 2 - 3 - 564 - - - 3 - 4 - 177 - - - 4 - 5 - 3064 + 204 5 - 9 - 596 + 6 + 34 - 9 - 29 - 580 + 6 + 7 + 34 - 29 - 191 - 564 + 15 + 16 + 34 - 194 - 4608 - 564 + 25 + 26 + 34 - 4792 - 14377 - 48 + 51 + 52 + 34 + + + 52 + 53 + 34 + + + 71 + 72 + 34 + + + 76 + 77 + 34 + + + 183 + 184 + 34 @@ -28369,15 +24557,15 @@ attribute_arg_type - 1290 + 460 arg - 1290 + 460 type_id - 1078 + 84 @@ -28391,7 +24579,7 @@ 1 2 - 1290 + 460 @@ -28407,17 +24595,22 @@ 1 2 - 991 + 72 2 - 4 - 83 + 3 + 4 - 41 - 42 - 2 + 35 + 36 + 4 + + + 60 + 61 + 4 @@ -28427,15 +24620,15 @@ attribute_arg_constant - 422211 + 71909 arg - 422211 + 71909 constant - 422211 + 71909 @@ -28449,7 +24642,7 @@ 1 2 - 422211 + 71909 @@ -28465,7 +24658,7 @@ 1 2 - 422211 + 71909 @@ -28475,15 +24668,15 @@ attribute_arg_expr - 82735 + 1404 arg - 82735 + 1404 expr - 82735 + 1404 @@ -28497,7 +24690,7 @@ 1 2 - 82735 + 1404 @@ -28513,7 +24706,7 @@ 1 2 - 82735 + 1404 @@ -28576,15 +24769,15 @@ typeattributes - 543449 + 96394 type_id - 507351 + 94646 spec_id - 40865 + 32464 @@ -28598,12 +24791,12 @@ 1 2 - 505060 + 92898 2 - 1762 - 2291 + 3 + 1748 @@ -28619,12 +24812,17 @@ 1 2 - 39683 + 27969 2 - 17944 - 1182 + 9 + 2497 + + + 11 + 58 + 1997 @@ -28634,15 +24832,15 @@ funcattributes - 3669072 + 844327 func_id - 3521766 + 799750 spec_id - 3661319 + 617325 @@ -28656,12 +24854,12 @@ 1 2 - 3392874 + 759669 2 - 5 - 128892 + 7 + 40081 @@ -28677,12 +24875,12 @@ 1 2 - 3659381 + 572249 - 5 - 6 - 1938 + 2 + 213 + 45075 @@ -28692,7 +24890,7 @@ varattributes - 537095 + 537096 var_id @@ -28813,15 +25011,15 @@ stmtattributes - 3679 + 2216 stmt_id - 3679 + 2216 spec_id - 3679 + 559 @@ -28835,7 +25033,7 @@ 1 2 - 3679 + 2216 @@ -28851,7 +25049,27 @@ 1 2 - 3679 + 215 + + + 2 + 3 + 150 + + + 3 + 4 + 43 + + + 9 + 10 + 107 + + + 13 + 16 + 43 @@ -28861,15 +25079,15 @@ unspecifiedtype - 14839100 + 7179403 type_id - 14839100 + 7179403 unspecified_type_id - 7567824 + 3965915 @@ -28883,7 +25101,7 @@ 1 2 - 14839100 + 7179403 @@ -28899,22 +25117,22 @@ 1 2 - 3027517 + 2482786 2 3 - 3084695 + 1117778 3 - 4 - 1025324 + 7 + 302918 - 4 - 51 - 430287 + 7 + 537 + 62431 @@ -28924,19 +25142,19 @@ member - 9971231 + 4193417 parent - 1466272 + 543780 index - 81405 + 29717 child - 9971231 + 4188797 @@ -28949,53 +25167,58 @@ 1 + 2 + 129108 + + + 2 3 - 112417 + 83408 3 4 - 161842 + 32464 4 5 - 314962 + 44950 5 6 - 264568 + 42453 6 7 - 126954 + 33962 7 - 8 - 107571 + 9 + 42328 - 8 - 10 - 134707 + 9 + 13 + 41204 - 10 - 14 - 124046 + 13 + 18 + 41329 - 14 - 50 - 112417 + 18 + 42 + 40830 - 51 - 85 - 6783 + 42 + 239 + 11737 @@ -29010,53 +25233,58 @@ 1 + 2 + 128859 + + + 2 3 - 112417 + 83533 3 4 - 161842 + 32214 4 5 - 314962 + 45075 5 6 - 264568 + 42578 6 7 - 126954 + 32839 7 - 8 - 107571 + 9 + 42703 - 8 - 10 - 134707 + 9 + 13 + 41579 - 10 - 14 - 124046 + 13 + 18 + 41454 - 14 - 50 - 112417 + 18 + 42 + 40955 - 51 - 85 - 6783 + 42 + 265 + 11986 @@ -29072,57 +25300,57 @@ 1 2 - 16474 + 6492 2 3 - 6783 + 2622 3 - 5 - 6783 + 8 + 1872 - 5 - 8 - 3876 + 9 + 10 + 2871 10 - 11 - 10660 - - - 11 19 - 6783 + 2247 - 20 - 32 - 5814 + 19 + 26 + 2247 - 33 - 72 - 6783 + 26 + 36 + 2497 - 77 - 169 - 6783 + 36 + 50 + 2247 - 208 - 899 - 6783 + 54 + 141 + 2247 - 1226 - 1510 - 3876 + 150 + 468 + 2247 + + + 480 + 4310 + 2122 @@ -29138,57 +25366,57 @@ 1 2 - 16474 + 5493 2 3 - 6783 + 3621 3 - 5 - 6783 + 9 + 1872 - 5 - 8 - 3876 + 9 + 10 + 2871 10 - 11 - 10660 - - - 11 - 19 - 6783 + 20 + 2372 20 - 32 - 5814 + 28 + 2372 - 33 - 72 - 6783 + 28 + 37 + 2372 - 77 - 169 - 6783 + 37 + 56 + 2372 - 208 - 899 - 6783 + 58 + 156 + 2247 - 1226 - 1510 - 3876 + 163 + 527 + 2247 + + + 547 + 4330 + 1872 @@ -29204,7 +25432,7 @@ 1 2 - 9971231 + 4188797 @@ -29220,7 +25448,12 @@ 1 2 - 9971231 + 4184177 + + + 2 + 3 + 4619 @@ -29230,15 +25463,15 @@ enclosingfunction - 598242 + 114813 child - 598242 + 114813 parent - 206924 + 71340 @@ -29252,7 +25485,7 @@ 1 2 - 598242 + 114813 @@ -29268,22 +25501,22 @@ 1 2 - 16481 + 49332 2 3 - 2824 + 4633 3 4 - 185131 + 15365 4 - 150 - 2487 + 37 + 2010 @@ -29293,27 +25526,27 @@ derivations - 695371 + 476900 derivation - 695371 + 476900 sub - 666553 + 455164 index - 147 + 238 super - 211263 + 235554 location - 12464 + 35397 @@ -29327,7 +25560,7 @@ 1 2 - 695371 + 476900 @@ -29343,7 +25576,7 @@ 1 2 - 695371 + 476900 @@ -29359,7 +25592,7 @@ 1 2 - 695371 + 476900 @@ -29375,7 +25608,7 @@ 1 2 - 695371 + 476900 @@ -29391,12 +25624,12 @@ 1 2 - 644817 + 438640 2 - 35 - 21736 + 9 + 16523 @@ -29412,54 +25645,54 @@ 1 2 - 646016 - - - 2 - 35 - 20536 - - - - - - - sub - super - - - 12 - - - 1 - 2 - 644812 - - - 2 - 35 - 21740 - - - - - - - sub - location - - - 12 - - - 1 - 2 - 647493 + 438640 2 8 - 19060 + 16523 + + + + + + + sub + super + + + 12 + + + 1 + 2 + 438640 + + + 2 + 9 + 16523 + + + + + + + sub + location + + + 12 + + + 1 + 2 + 438640 + + + 2 + 8 + 16523 @@ -29472,45 +25705,30 @@ 12 - - 10 - 11 - 17 - - - 14 - 15 - 25 - - - 18 - 19 - 25 - - - 22 - 23 - 21 - 25 26 - 21 + 102 - 32 - 85 - 12 + 26 + 27 + 34 - 116 - 705 - 12 + 52 + 53 + 34 - 4743 - 154186 - 8 + 485 + 486 + 34 + + + 13360 + 13361 + 34 @@ -29523,45 +25741,25 @@ 12 - - 10 - 11 - 17 - - - 14 - 15 - 25 - - - 18 - 19 - 25 - - - 22 - 23 - 21 - 25 26 - 21 + 136 - 32 - 85 - 12 + 52 + 53 + 34 - 116 - 705 - 12 + 485 + 486 + 34 - 4742 - 153909 - 8 + 13360 + 13361 + 34 @@ -29575,29 +25773,34 @@ 12 - 4 - 5 - 60 + 23 + 24 + 34 - 6 - 7 - 51 + 24 + 25 + 34 - 9 - 41 - 12 + 25 + 26 + 68 - 54 - 514 - 12 + 32 + 33 + 34 - 4029 - 43924 - 8 + 289 + 290 + 34 + + + 6510 + 6511 + 34 @@ -29613,22 +25816,22 @@ 1 2 - 116 + 136 - 2 - 3 - 12 + 7 + 8 + 34 - 4 - 123 - 12 + 65 + 66 + 34 - 2731 - 2732 - 4 + 963 + 964 + 34 @@ -29644,12 +25847,12 @@ 1 2 - 205222 + 225742 2 - 22247 - 6041 + 1655 + 9811 @@ -29665,12 +25868,12 @@ 1 2 - 205222 + 225742 2 - 22247 - 6041 + 1655 + 9811 @@ -29686,12 +25889,12 @@ 1 2 - 211202 + 235111 2 4 - 60 + 442 @@ -29707,12 +25910,12 @@ 1 2 - 209622 + 230205 2 - 150 - 1641 + 81 + 5348 @@ -29728,27 +25931,27 @@ 1 2 - 8375 + 26505 2 - 3 - 1541 + 5 + 3134 - 3 - 6 - 1009 + 5 + 22 + 2759 - 6 - 67 - 935 + 22 + 383 + 2691 - 71 - 17944 - 601 + 388 + 928 + 306 @@ -29764,27 +25967,27 @@ 1 2 - 8947 + 26505 2 - 3 - 1052 + 5 + 3134 - 3 - 6 - 948 + 5 + 22 + 2759 - 6 - 74 - 935 + 22 + 383 + 2691 - 75 - 17944 - 580 + 388 + 928 + 306 @@ -29800,12 +26003,7 @@ 1 2 - 12451 - - - 3 - 35 - 12 + 35397 @@ -29821,22 +26019,22 @@ 1 2 - 9055 + 28720 2 - 3 - 1658 + 4 + 2623 - 3 - 7 - 952 + 4 + 26 + 2827 - 7 - 6412 - 796 + 26 + 928 + 1226 @@ -29846,15 +26044,15 @@ derspecifiers - 695037 + 478671 der_id - 694972 + 476457 spec_id - 17 + 136 @@ -29868,12 +26066,12 @@ 1 2 - 694907 + 474242 2 3 - 64 + 2214 @@ -29887,24 +26085,24 @@ 12 - 15 - 16 - 4 + 65 + 66 + 34 - 76 - 77 - 4 + 92 + 93 + 34 - 12310 - 12311 - 4 + 1104 + 1105 + 34 - 148084 - 148085 - 4 + 12789 + 12790 + 34 @@ -29914,15 +26112,15 @@ direct_base_offsets - 686536 + 449985 der_id - 686536 + 449985 offset - 285 + 511 @@ -29936,7 +26134,7 @@ 1 2 - 686536 + 449985 @@ -29951,48 +26149,43 @@ 1 + 2 + 102 + + + 2 + 3 + 136 + + + 3 4 - 25 + 102 - 5 - 6 - 112 + 4 + 5 + 34 - 6 + 7 + 8 + 34 + + + 9 10 - 21 + 34 - 10 - 12 - 12 + 110 + 111 + 34 - 13 - 15 - 25 - - - 17 - 21 - 21 - - - 21 - 35 - 21 - - - 45 - 79 - 21 - - - 106 - 155547 - 21 + 13058 + 13059 + 34 @@ -30138,23 +26331,23 @@ frienddecls - 11664613 + 700455 id - 11664613 + 700455 type_id - 29008 + 42415 decl_id - 62923 + 77745 location - 3018 + 6098 @@ -30168,7 +26361,7 @@ 1 2 - 11664613 + 700455 @@ -30184,7 +26377,7 @@ 1 2 - 11664613 + 700455 @@ -30200,7 +26393,7 @@ 1 2 - 11664613 + 700455 @@ -30216,67 +26409,47 @@ 1 2 - 3685 + 6166 2 - 8 - 2178 + 3 + 13968 - 8 - 22 - 2351 + 3 + 7 + 3577 - 22 - 41 - 2239 + 7 + 12 + 3440 - 41 - 69 - 2178 + 12 + 20 + 3645 - 69 - 99 - 2178 + 20 + 32 + 3304 - 99 - 162 - 2178 + 33 + 50 + 3781 - 163 - 232 - 2260 + 50 + 80 + 3781 - 232 - 324 - 2252 - - - 327 - 1235 - 2602 - - - 1359 - 1360 - 524 - - - 1458 - 1459 - 2906 - - - 1801 - 1802 - 1472 + 101 + 120 + 749 @@ -30292,67 +26465,47 @@ 1 2 - 3685 + 6166 2 - 8 - 2178 + 3 + 13968 - 8 - 22 - 2351 + 3 + 7 + 3577 - 22 - 41 - 2239 + 7 + 12 + 3440 - 41 - 69 - 2178 + 12 + 20 + 3645 - 69 - 99 - 2178 + 20 + 32 + 3304 - 99 - 162 - 2178 + 33 + 50 + 3781 - 163 - 232 - 2260 + 50 + 80 + 3781 - 232 - 324 - 2252 - - - 327 - 1235 - 2602 - - - 1359 - 1360 - 524 - - - 1458 - 1459 - 2906 - - - 1801 - 1802 - 1472 + 101 + 120 + 749 @@ -30368,165 +26521,115 @@ 1 2 - 28289 - - - 2 - 25 - 718 - - - - - - - decl_id - id - - - 12 - - - 1 - 2 - 17353 - - - 2 - 3 - 5881 - - - 3 - 8 - 4235 - - - 8 - 15 - 4685 - - - 15 - 27 - 4798 - - - 27 - 53 - 4906 - - - 53 - 97 - 4724 - - - 97 - 201 - 5556 - - - 201 - 951 - 5413 - - - 989 - 1546 - 4772 - - - 1643 - 3098 - 593 - - - - - - - decl_id - type_id - - - 12 - - - 1 - 2 - 17353 - - - 2 - 3 - 5881 - - - 3 - 8 - 4235 - - - 8 - 15 - 4685 - - - 15 - 27 - 4798 - - - 27 - 53 - 4906 - - - 53 - 97 - 4724 - - - 97 - 201 - 5556 - - - 201 - 951 - 5413 - - - 989 - 1546 - 4772 - - - 1643 - 3098 - 593 - - - - - - - decl_id - location - - - 12 - - - 1 - 2 - 62715 + 41052 2 13 - 207 + 1362 + + + + + + + decl_id + id + + + 12 + + + 1 + 2 + 47866 + + + 2 + 3 + 6064 + + + 3 + 8 + 5996 + + + 8 + 15 + 6064 + + + 15 + 40 + 6064 + + + 40 + 164 + 5689 + + + + + + + decl_id + type_id + + + 12 + + + 1 + 2 + 47866 + + + 2 + 3 + 6064 + + + 3 + 8 + 5996 + + + 8 + 15 + 6064 + + + 15 + 40 + 6064 + + + 40 + 164 + 5689 + + + + + + + decl_id + location + + + 12 + + + 1 + 2 + 77063 + + + 2 + 5 + 681 @@ -30542,12 +26645,12 @@ 1 2 - 2962 + 5723 2 - 2692665 - 56 + 20371 + 374 @@ -30563,12 +26666,12 @@ 1 2 - 2979 + 5962 2 - 6384 - 38 + 1148 + 136 @@ -30584,12 +26687,12 @@ 1 2 - 2975 + 5757 2 - 13899 - 43 + 2129 + 340 @@ -30599,19 +26702,19 @@ comments - 68615333 + 11241963 id - 68615333 + 11241963 contents - 24650428 + 4306668 location - 68615333 + 11241963 @@ -30625,7 +26728,7 @@ 1 2 - 68615333 + 11241963 @@ -30641,7 +26744,7 @@ 1 2 - 68615333 + 11241963 @@ -30657,12 +26760,17 @@ 1 2 - 23345029 + 3932327 2 - 32735 - 1305398 + 7 + 330014 + + + 7 + 34447 + 44326 @@ -30678,12 +26786,17 @@ 1 2 - 23345029 + 3932327 2 - 32735 - 1305398 + 7 + 330014 + + + 7 + 34447 + 44326 @@ -30699,7 +26812,7 @@ 1 2 - 68615333 + 11241963 @@ -30715,7 +26828,7 @@ 1 2 - 68615333 + 11241963 @@ -30725,15 +26838,15 @@ commentbinding - 17753231 + 3916719 id - 17596234 + 3352211 element - 17312283 + 3751025 @@ -30747,12 +26860,12 @@ 1 2 - 17481878 + 3290528 2 - 12 - 114355 + 1706 + 61682 @@ -30768,12 +26881,12 @@ 1 2 - 16871336 + 3585331 2 3 - 440947 + 165693 @@ -30783,15 +26896,15 @@ exprconv - 9633089 + 9633088 converted - 9632984 + 9632982 conversion - 9633089 + 9633088 @@ -30805,7 +26918,7 @@ 1 2 - 9632878 + 9632877 2 @@ -30826,7 +26939,7 @@ 1 2 - 9633089 + 9633088 @@ -30836,22 +26949,22 @@ compgenerated - 10972612 + 9892119 id - 10972612 + 9892119 synthetic_destructor_call - 1671706 + 1671762 element - 1244969 + 1245010 i @@ -30859,7 +26972,7 @@ destructor_call - 1671706 + 1671762 @@ -30873,12 +26986,12 @@ 1 2 - 828688 + 828715 2 3 - 409481 + 409495 3 @@ -30899,12 +27012,12 @@ 1 2 - 828688 + 828715 2 3 - 409481 + 409495 3 @@ -31057,7 +27170,7 @@ 1 2 - 1671706 + 1671762 @@ -31073,7 +27186,7 @@ 1 2 - 1671706 + 1671762 @@ -31083,15 +27196,15 @@ namespaces - 55509 + 8651 id - 55509 + 8651 name - 55507 + 4573 @@ -31105,7 +27218,7 @@ 1 2 - 55509 + 8651 @@ -31121,12 +27234,17 @@ 1 2 - 55504 + 3739 2 3 - 2 + 528 + + + 3 + 149 + 306 @@ -31147,15 +27265,15 @@ namespacembrs - 2462439 + 2039521 parentid - 1394 + 3995 memberid - 2462439 + 2039521 @@ -31169,67 +27287,67 @@ 1 2 - 216 + 499 2 3 - 90 + 249 3 4 - 64 + 499 4 5 - 95 + 624 5 - 6 - 77 + 10 + 249 - 6 - 8 - 121 - - - 8 + 10 12 - 116 + 249 12 - 19 - 108 + 18 + 249 19 - 30 - 108 + 21 + 249 - 30 - 56 - 112 + 23 + 24 + 249 - 56 - 125 - 108 + 25 + 29 + 249 - 128 - 834 - 108 + 70 + 83 + 249 - 847 - 487928 - 64 + 165 + 170 + 249 + + + 15606 + 15607 + 124 @@ -31245,7 +27363,7 @@ 1 2 - 2462439 + 2039521 @@ -31255,19 +27373,19 @@ exprparents - 20747887 + 19454215 expr_id - 20747887 + 19454215 child_index - 1019 + 20035 parent_id - 12416400 + 12939986 @@ -31281,7 +27399,7 @@ 1 2 - 20747887 + 19454215 @@ -31297,7 +27415,7 @@ 1 2 - 20747887 + 19454215 @@ -31313,32 +27431,42 @@ 1 2 - 636 + 3855 + + + 2 + 3 + 1519 3 - 18 - 16 + 4 + 365 - 21 - 22 - 168 + 4 + 5 + 8976 - 23 - 78 - 90 + 5 + 8 + 1660 - 79 - 435 - 78 + 8 + 11 + 1632 - 2109 - 2179878 - 28 + 11 + 53 + 1519 + + + 56 + 354800 + 506 @@ -31354,32 +27482,42 @@ 1 2 - 636 + 3855 + + + 2 + 3 + 1519 3 - 18 - 16 + 4 + 365 - 21 - 22 - 168 + 4 + 5 + 8976 - 23 - 78 - 90 + 5 + 8 + 1660 - 79 - 435 - 78 + 8 + 11 + 1632 - 2109 - 2179878 - 28 + 11 + 53 + 1519 + + + 56 + 354800 + 506 @@ -31395,17 +27533,17 @@ 1 2 - 4275389 + 7394756 2 3 - 8013574 + 5082679 3 - 181 - 127436 + 712 + 462550 @@ -31421,17 +27559,17 @@ 1 2 - 4275389 + 7394756 2 3 - 8013574 + 5082679 3 - 181 - 127436 + 712 + 462550 @@ -31441,22 +27579,22 @@ expr_isload - 10252631 + 6909474 expr_id - 10252631 + 6909474 conversionkinds - 6050433 + 6050445 expr_id - 6050433 + 6050445 kind @@ -31474,7 +27612,7 @@ 1 2 - 6050433 + 6050445 @@ -31518,8 +27656,8 @@ 1 - 5831534 - 5831535 + 5831535 + 5831536 1 @@ -31530,11 +27668,11 @@ iscall - 5802826 + 5803012 caller - 5802826 + 5803012 kind @@ -31552,7 +27690,7 @@ 1 2 - 5802826 + 5803012 @@ -31576,8 +27714,8 @@ 21 - 268054 - 268055 + 268053 + 268054 21 @@ -31588,15 +27726,15 @@ numtemplatearguments - 1668466 + 627938 expr_id - 1668466 + 627938 num - 45 + 374 @@ -31610,7 +27748,7 @@ 1 2 - 1668466 + 627938 @@ -31624,39 +27762,19 @@ 12 - 5 - 6 - 6 + 7 + 8 + 124 - 145 - 146 - 6 + 1263 + 1264 + 124 - 475 - 476 - 6 - - - 1189 - 1190 - 6 - - - 29101 - 29102 - 6 - - - 75364 - 75365 - 6 - - - 151258 - 151259 - 6 + 3759 + 3760 + 124 @@ -31666,15 +27784,15 @@ specialnamequalifyingelements - 969 + 124 id - 969 + 124 name - 969 + 124 @@ -31688,7 +27806,7 @@ 1 2 - 969 + 124 @@ -31704,7 +27822,7 @@ 1 2 - 969 + 124 @@ -31714,23 +27832,23 @@ namequalifiers - 3041980 + 3042067 id - 3041980 + 3042067 qualifiableelement - 3041980 + 3042067 qualifyingelement - 47486 + 47488 location - 552457 + 552477 @@ -31744,7 +27862,7 @@ 1 2 - 3041980 + 3042067 @@ -31760,7 +27878,7 @@ 1 2 - 3041980 + 3042067 @@ -31776,7 +27894,7 @@ 1 2 - 3041980 + 3042067 @@ -31792,7 +27910,7 @@ 1 2 - 3041980 + 3042067 @@ -31808,7 +27926,7 @@ 1 2 - 3041980 + 3042067 @@ -31824,7 +27942,7 @@ 1 2 - 3041980 + 3042067 @@ -31840,7 +27958,7 @@ 1 2 - 31543 + 31544 2 @@ -31854,7 +27972,7 @@ 5 - 6811 + 6810 3571 @@ -31876,7 +27994,7 @@ 1 2 - 31543 + 31544 2 @@ -31890,7 +28008,7 @@ 5 - 6811 + 6810 3571 @@ -31912,7 +28030,7 @@ 1 2 - 34404 + 34406 2 @@ -31943,22 +28061,22 @@ 1 2 - 79137 + 79162 2 6 - 38105 + 38085 6 7 - 399001 + 399016 7 192 - 36212 + 36213 @@ -31974,22 +28092,22 @@ 1 2 - 79137 + 79162 2 6 - 38105 + 38085 6 7 - 399001 + 399016 7 192 - 36212 + 36213 @@ -32005,7 +28123,7 @@ 1 2 - 111541 + 111545 2 @@ -32015,7 +28133,7 @@ 4 5 - 415311 + 415326 5 @@ -32030,15 +28148,15 @@ varbind - 9157418 + 8254631 expr - 9157418 + 8254631 var - 4030270 + 1050376 @@ -32052,7 +28170,7 @@ 1 2 - 9157418 + 8254631 @@ -32068,27 +28186,52 @@ 1 2 - 3040075 + 171535 2 3 - 292640 + 188700 3 + 4 + 145647 + + + 4 5 - 319355 + 116636 5 - 15 - 309228 + 6 + 83151 - 15 - 260 - 68969 + 6 + 7 + 65817 + + + 7 + 9 + 80815 + + + 9 + 13 + 81575 + + + 13 + 27 + 79127 + + + 27 + 5137 + 37368 @@ -32098,15 +28241,15 @@ funbind - 5812545 + 5812630 expr - 5810071 + 5810263 fun - 275949 + 275937 @@ -32120,12 +28263,12 @@ 1 2 - 5807596 + 5807896 2 3 - 2474 + 2366 @@ -32141,27 +28284,27 @@ 1 2 - 181449 + 181433 2 3 - 38837 + 38838 3 4 - 17191 + 17213 4 8 - 22742 + 22722 8 37798 - 15728 + 15729 @@ -32171,19 +28314,19 @@ expr_allocator - 93972 + 45243 expr - 93972 + 45243 func - 27 + 102 form - 4 + 34 @@ -32197,7 +28340,7 @@ 1 2 - 93972 + 45243 @@ -32213,7 +28356,7 @@ 1 2 - 93972 + 45243 @@ -32229,42 +28372,17 @@ 1 2 - 9 + 34 - 2 - 3 - 2 + 591 + 592 + 34 - 4 - 5 - 2 - - - 18 - 19 - 2 - - - 20 - 21 - 2 - - - 27 - 28 - 2 - - - 17597 - 17598 - 2 - - - 20513 - 20514 - 2 + 736 + 737 + 34 @@ -32280,7 +28398,7 @@ 1 2 - 27 + 102 @@ -32294,14 +28412,9 @@ 12 - 20 - 21 - 2 - - - 38165 - 38166 - 2 + 1328 + 1329 + 34 @@ -32315,14 +28428,9 @@ 12 - 1 - 2 - 2 - - - 10 - 11 - 2 + 3 + 4 + 34 @@ -32332,19 +28440,19 @@ expr_deallocator - 95453 + 53829 expr - 95453 + 53829 func - 22 + 102 form - 7 + 68 @@ -32358,7 +28466,7 @@ 1 2 - 95453 + 53829 @@ -32374,7 +28482,7 @@ 1 2 - 95453 + 53829 @@ -32388,39 +28496,19 @@ 12 - 2 - 3 - 4 + 1 + 2 + 34 - 4 - 5 - 2 + 723 + 724 + 34 - 7 - 8 - 2 - - - 16 - 17 - 2 - - - 24 - 25 - 4 - - - 18284 - 18285 - 2 - - - 20424 - 20425 - 2 + 856 + 857 + 34 @@ -32436,7 +28524,7 @@ 1 2 - 22 + 102 @@ -32450,19 +28538,14 @@ 12 - 24 - 25 - 2 + 723 + 724 + 34 - 18308 - 18309 - 2 - - - 20455 - 20456 - 2 + 857 + 858 + 34 @@ -32478,17 +28561,12 @@ 1 2 - 2 + 34 2 3 - 2 - - - 6 - 7 - 2 + 34 @@ -32498,11 +28576,11 @@ expr_cond_two_operand - 2693 + 653 cond - 2693 + 653 @@ -32653,15 +28731,15 @@ values - 14027056 + 13474604 id - 14027056 + 13474604 str - 71353 + 114566 @@ -32675,7 +28753,7 @@ 1 2 - 14027056 + 13474604 @@ -32691,57 +28769,27 @@ 1 2 - 10046 + 78302 2 3 - 21277 + 15301 3 - 4 - 2369 + 6 + 8895 - 4 - 5 - 5461 + 6 + 52 + 8628 - 5 - 8 - 2369 - - - 8 - 10 - 5821 - - - 10 - 17 - 5512 - - - 17 - 39 - 5357 - - - 40 - 101 - 5409 - - - 102 - 528 - 5357 - - - 528 - 58022 - 2369 + 52 + 674264 + 3437 @@ -32751,15 +28799,15 @@ valuetext - 8820484 + 6647584 id - 8820484 + 6647584 text - 1822799 + 1095412 @@ -32773,7 +28821,7 @@ 1 2 - 8820484 + 6647584 @@ -32789,22 +28837,22 @@ 1 2 - 539748 + 833985 2 3 - 1068990 + 146940 3 7 - 148397 + 86537 7 - 2999 - 65662 + 593553 + 27950 @@ -32814,15 +28862,15 @@ valuebind - 14473467 + 13583186 val - 14027056 + 13474604 expr - 14473467 + 13583186 @@ -32836,12 +28884,12 @@ 1 2 - 13580696 + 13384049 2 - 4 - 446359 + 6 + 90554 @@ -32857,7 +28905,7 @@ 1 2 - 14473467 + 13583186 @@ -32867,19 +28915,19 @@ fieldoffsets - 6231414 + 1496814 id - 6231414 + 1496814 byteoffset - 189946 + 31370 bitoffset - 7752 + 435 @@ -32893,7 +28941,7 @@ 1 2 - 6231414 + 1496814 @@ -32909,7 +28957,7 @@ 1 2 - 6231414 + 1496814 @@ -32925,47 +28973,37 @@ 1 2 - 70745 + 17700 2 3 - 23258 + 2450 3 5 - 13567 + 2668 5 - 7 - 12598 + 12 + 2614 - 7 - 9 - 14536 + 12 + 35 + 2450 - 9 - 15 - 14536 + 35 + 211 + 2396 - 15 - 32 - 14536 - - - 33 - 95 - 14536 - - - 122 - 1637 - 11629 + 250 + 5947 + 1089 @@ -32981,12 +29019,12 @@ 1 2 - 177348 + 30390 - 3 + 2 9 - 12598 + 980 @@ -33000,44 +29038,44 @@ 12 - 18 - 19 - 969 + 35 + 36 + 54 - 19 - 20 - 969 + 36 + 37 + 54 - 26 - 27 - 969 + 44 + 45 + 54 - 29 - 30 - 969 + 46 + 47 + 54 - 33 - 34 - 969 + 50 + 51 + 54 - 43 - 44 - 969 + 64 + 65 + 54 - 53 - 54 - 969 + 81 + 82 + 54 - 6209 - 6210 - 969 + 27127 + 27128 + 54 @@ -33051,29 +29089,24 @@ 12 - 7 - 8 - 969 + 12 + 13 + 163 - 8 - 9 - 969 + 13 + 14 + 108 - 9 - 10 - 3876 + 14 + 15 + 108 - 10 - 11 - 969 - - - 196 - 197 - 969 + 576 + 577 + 54 @@ -33083,19 +29116,19 @@ bitfield - 313993 + 30341 id - 313993 + 30341 bits - 30042 + 3496 declared_bits - 30042 + 3496 @@ -33109,7 +29142,7 @@ 1 2 - 313993 + 30341 @@ -33125,7 +29158,7 @@ 1 2 - 313993 + 30341 @@ -33141,47 +29174,42 @@ 1 2 - 7752 + 998 2 3 - 4845 + 749 3 4 - 4845 + 249 4 5 - 2907 + 499 5 - 6 - 2907 + 7 + 249 - 7 - 10 - 1938 + 8 + 9 + 249 - 10 - 13 - 1938 + 9 + 11 + 249 13 - 15 - 1938 - - - 199 - 200 - 969 + 143 + 249 @@ -33197,7 +29225,7 @@ 1 2 - 30042 + 3496 @@ -33213,47 +29241,42 @@ 1 2 - 7752 + 998 2 3 - 4845 + 749 3 4 - 4845 + 249 4 5 - 2907 + 499 5 - 6 - 2907 + 7 + 249 - 7 - 10 - 1938 + 8 + 9 + 249 - 10 - 13 - 1938 + 9 + 11 + 249 13 - 15 - 1938 - - - 199 - 200 - 969 + 143 + 249 @@ -33269,7 +29292,7 @@ 1 2 - 30042 + 3496 @@ -33279,23 +29302,23 @@ initialisers - 5596945 + 2251034 init - 5596945 + 2251034 var - 925953 + 980971 expr - 5596945 + 2251034 location - 578154 + 516371 @@ -33309,7 +29332,7 @@ 1 2 - 5596945 + 2251034 @@ -33325,7 +29348,7 @@ 1 2 - 5596945 + 2251034 @@ -33341,7 +29364,7 @@ 1 2 - 5596945 + 2251034 @@ -33357,27 +29380,17 @@ 1 2 - 677373 + 870556 2 - 3 - 87171 + 15 + 37441 - 3 - 7 - 72737 - - - 7 - 67 - 70850 - - - 67 - 187 - 17821 + 16 + 25 + 72973 @@ -33393,27 +29406,17 @@ 1 2 - 677373 + 870556 2 - 3 - 87171 + 15 + 37441 - 3 - 7 - 72737 - - - 7 - 67 - 70850 - - - 67 - 187 - 17821 + 16 + 25 + 72973 @@ -33429,7 +29432,12 @@ 1 2 - 925953 + 980963 + + + 2 + 3 + 8 @@ -33445,7 +29453,7 @@ 1 2 - 5596945 + 2251034 @@ -33461,7 +29469,7 @@ 1 2 - 5596945 + 2251034 @@ -33477,7 +29485,7 @@ 1 2 - 5596945 + 2251034 @@ -33493,22 +29501,22 @@ 1 2 - 422455 + 414356 2 3 - 74962 + 33606 3 - 6 - 44593 + 13 + 42250 - 6 - 113308 - 36142 + 13 + 111911 + 26157 @@ -33524,12 +29532,17 @@ 1 2 - 545705 + 443657 2 - 10124 - 32449 + 3 + 34516 + + + 3 + 12237 + 38196 @@ -33545,22 +29558,22 @@ 1 2 - 422455 + 414356 2 3 - 74962 + 33606 3 - 6 - 44593 + 13 + 42250 - 6 - 113308 - 36142 + 13 + 111911 + 26157 @@ -33570,26 +29583,26 @@ braced_initialisers - 200252 + 68441 init - 200252 + 68441 expr_ancestor - 1677688 + 1677744 exp - 1677688 + 1677744 ancestor - 839661 + 839689 @@ -33603,7 +29616,7 @@ 1 2 - 1677688 + 1677744 @@ -33624,12 +29637,12 @@ 2 3 - 812507 + 812534 3 19 - 10069 + 10070 @@ -33639,11 +29652,11 @@ exprs - 25210577 + 25210573 id - 25210577 + 25210573 kind @@ -33651,7 +29664,7 @@ location - 10582671 + 10582669 @@ -33665,7 +29678,7 @@ 1 2 - 25210577 + 25210573 @@ -33681,7 +29694,7 @@ 1 2 - 25210577 + 25210573 @@ -33859,7 +29872,7 @@ 1 2 - 8900701 + 8900700 2 @@ -33890,7 +29903,7 @@ 1 2 - 9040103 + 9040102 2 @@ -33910,15 +29923,15 @@ expr_reuse - 847042 + 847070 reuse - 847042 + 847070 original - 847042 + 847070 value_category @@ -33936,7 +29949,7 @@ 1 2 - 847042 + 847070 @@ -33952,7 +29965,7 @@ 1 2 - 847042 + 847070 @@ -33968,7 +29981,7 @@ 1 2 - 847042 + 847070 @@ -33984,7 +29997,7 @@ 1 2 - 847042 + 847070 @@ -34036,19 +30049,19 @@ expr_types - 25238252 + 25210573 id - 25101637 + 25210573 typeid - 1150532 + 214202 value_category - 10 + 43 @@ -34062,12 +30075,7 @@ 1 2 - 24970947 - - - 2 - 6 - 130690 + 25210573 @@ -34083,7 +30091,7 @@ 1 2 - 25101637 + 25210573 @@ -34099,42 +30107,52 @@ 1 2 - 397286 + 52512 2 3 - 223539 + 35191 3 4 - 97511 + 14507 4 5 - 90049 + 14529 5 - 7 - 94946 + 8 + 17562 - 7 - 11 - 98239 + 8 + 14 + 17386 - 11 - 27 - 87166 + 14 + 24 + 16441 - 27 - 1473219 - 61793 + 24 + 49 + 16067 + + + 49 + 134 + 16177 + + + 134 + 441505 + 13825 @@ -34150,17 +30168,12 @@ 1 2 - 1025250 + 185913 2 3 - 115140 - - - 3 - 4 - 10141 + 28289 @@ -34174,19 +30187,14 @@ 12 - 32407 - 32408 - 3 + 153745 + 153746 + 21 - 1319763 - 1319764 - 3 - - - 5516607 - 5516608 - 3 + 993192 + 993193 + 21 @@ -34200,19 +30208,14 @@ 12 - 8837 - 8838 - 3 + 2282 + 2283 + 21 - 79160 - 79161 - 3 - - - 263890 - 263891 - 3 + 8750 + 8751 + 21 @@ -34233,15 +30236,15 @@ new_allocated_type - 94223 + 46197 expr - 94223 + 46197 type_id - 42727 + 27391 @@ -34255,7 +30258,7 @@ 1 2 - 94223 + 46197 @@ -34271,17 +30274,17 @@ 1 2 - 38846 + 11515 2 - 4 - 3497 + 3 + 14479 - 4 - 1699 - 383 + 3 + 19 + 1396 @@ -34291,15 +30294,15 @@ new_array_allocated_type - 44190 + 6653 expr - 44190 + 6653 type_id - 52 + 2843 @@ -34313,7 +30316,7 @@ 1 2 - 44190 + 6653 @@ -34327,59 +30330,24 @@ 12 - 10 - 101 - 4 + 1 + 2 + 40 - 144 - 145 - 6 + 2 + 3 + 2510 - 184 - 185 - 6 + 3 + 5 + 219 - 240 - 241 - 4 - - - 325 - 326 - 4 - - - 528 - 529 - 4 - - - 875 - 912 - 4 - - - 1011 - 1012 - 2 - - - 1206 - 1207 - 6 - - - 1234 - 1583 - 4 - - - 3807 - 3808 - 4 + 6 + 15 + 73 @@ -34389,15 +30357,15 @@ aggregate_field_init - 5717380 + 5717390 aggregate - 1243068 + 1243070 initializer - 5717202 + 5717212 field @@ -34428,7 +30396,7 @@ 2 3 - 669033 + 669034 3 @@ -34479,7 +30447,7 @@ 2 3 - 668965 + 668966 3 @@ -34530,7 +30498,7 @@ 2 3 - 669033 + 669034 3 @@ -34576,7 +30544,7 @@ 1 2 - 1242986 + 1242988 2 @@ -34597,7 +30565,7 @@ 1 2 - 5717202 + 5717212 @@ -34613,7 +30581,7 @@ 1 2 - 5717024 + 5717034 2 @@ -34634,7 +30602,7 @@ 1 2 - 5717202 + 5717212 @@ -34650,7 +30618,7 @@ 1 2 - 5717202 + 5717212 @@ -35132,7 +31100,7 @@ aggregate_array_init - 1349246 + 1349248 aggregate @@ -35140,7 +31108,7 @@ initializer - 1349246 + 1349248 element_index @@ -35335,7 +31303,7 @@ 1 2 - 1349246 + 1349248 @@ -35351,7 +31319,7 @@ 1 2 - 1349246 + 1349248 @@ -35367,7 +31335,7 @@ 1 2 - 1349246 + 1349248 @@ -35383,7 +31351,7 @@ 1 2 - 1349246 + 1349248 @@ -35725,15 +31693,15 @@ condition_decl_bind - 408922 + 408935 expr - 408922 + 408935 decl - 408922 + 408935 @@ -35747,7 +31715,7 @@ 1 2 - 408922 + 408935 @@ -35763,7 +31731,7 @@ 1 2 - 408922 + 408935 @@ -35773,15 +31741,15 @@ typeid_bind - 229949 + 47901 expr - 229949 + 47901 type_id - 10754 + 15944 @@ -35795,7 +31763,7 @@ 1 2 - 229949 + 47901 @@ -35811,37 +31779,17 @@ 1 2 - 855 + 2964 2 3 - 4120 + 12571 3 - 4 - 25 - - - 4 - 5 - 2248 - - - 5 - 48 - 511 - - - 65 - 66 - 2520 - - - 68 - 663 - 472 + 328 + 408 @@ -35904,15 +31852,15 @@ sizeof_bind - 393239 + 242027 expr - 393239 + 242027 type_id - 252091 + 11210 @@ -35926,7 +31874,7 @@ 1 2 - 393239 + 242027 @@ -35942,17 +31890,42 @@ 1 2 - 174174 + 3877 2 3 - 67079 + 2783 3 - 1862 - 10837 + 4 + 1024 + + + 4 + 5 + 1140 + + + 5 + 6 + 295 + + + 6 + 7 + 1064 + + + 7 + 40 + 856 + + + 40 + 6061 + 167 @@ -36010,23 +31983,23 @@ lambdas - 23413 + 19057 expr - 23413 + 19057 default_capture - 19 + 24 has_explicit_return_type - 12 + 16 has_explicit_parameter_list - 12 + 16 @@ -36040,7 +32013,7 @@ 1 2 - 23413 + 19057 @@ -36056,7 +32029,7 @@ 1 2 - 23413 + 19057 @@ -36072,7 +32045,7 @@ 1 2 - 23413 + 19057 @@ -36086,19 +32059,19 @@ 12 - 14 - 15 - 6 + 306 + 307 + 8 - 436 - 437 - 6 + 719 + 720 + 8 - 3164 - 3165 - 6 + 1321 + 1322 + 8 @@ -36114,7 +32087,7 @@ 2 3 - 19 + 24 @@ -36127,15 +32100,10 @@ 12 - - 1 - 2 - 6 - 2 3 - 12 + 24 @@ -36149,14 +32117,14 @@ 12 - 70 - 71 - 6 + 813 + 814 + 8 - 3544 - 3545 - 6 + 1533 + 1534 + 8 @@ -36172,7 +32140,7 @@ 3 4 - 12 + 16 @@ -36188,12 +32156,12 @@ 1 2 - 6 + 8 2 3 - 6 + 8 @@ -36207,14 +32175,14 @@ 12 - 766 - 767 - 6 + 34 + 35 + 8 - 2848 - 2849 - 6 + 2312 + 2313 + 8 @@ -36227,15 +32195,10 @@ 12 - - 2 - 3 - 6 - 3 4 - 6 + 16 @@ -36251,12 +32214,12 @@ 1 2 - 6 + 8 2 3 - 6 + 8 @@ -37484,19 +33447,19 @@ fold - 2481 + 1248 expr - 2481 + 1248 operator - 25 + 86 is_left_fold - 6 + 21 @@ -37510,7 +33473,7 @@ 1 2 - 2481 + 1248 @@ -37526,7 +33489,7 @@ 1 2 - 2481 + 1248 @@ -37539,25 +33502,20 @@ 12 + + 1 + 2 + 43 + 2 3 - 6 + 21 - 4 - 5 - 6 - - - 88 - 89 - 6 - - - 289 - 290 - 6 + 54 + 55 + 21 @@ -37573,7 +33531,7 @@ 1 2 - 25 + 86 @@ -37587,9 +33545,9 @@ 12 - 383 - 384 - 6 + 58 + 59 + 21 @@ -37605,7 +33563,7 @@ 4 5 - 6 + 21 @@ -37615,19 +33573,19 @@ stmts - 9250639 + 6368967 id - 9250639 + 6368967 kind - 37 + 162 location - 9188352 + 2684538 @@ -37641,7 +33599,7 @@ 1 2 - 9250639 + 6368967 @@ -37657,7 +33615,7 @@ 1 2 - 9250639 + 6368967 @@ -37671,89 +33629,104 @@ 12 - 54 - 55 - 2 + 1 + 2 + 8 - 329 - 330 - 2 + 26 + 27 + 8 - 446 - 447 - 2 + 430 + 431 + 8 - 5336 - 5337 - 2 + 595 + 596 + 8 - 5518 - 5519 - 2 + 1066 + 1067 + 8 - 8693 - 8694 - 2 + 1635 + 1636 + 8 - 10165 - 10166 - 2 + 1818 + 1819 + 8 - 16790 - 16791 - 2 + 2311 + 2312 + 8 - 17470 - 17471 - 2 + 2807 + 2808 + 8 - 35858 - 35859 - 2 + 3233 + 3234 + 8 - 37397 - 37398 - 2 + 3809 + 3810 + 8 - 108238 - 108239 - 2 + 5052 + 5053 + 8 - 364498 - 364499 - 2 + 16980 + 16981 + 8 - 395010 - 395011 - 2 + 18543 + 18544 + 8 - 649782 - 649783 - 2 + 22520 + 22521 + 8 - 1092734 - 1092735 - 2 + 74878 + 74879 + 8 - 1464604 - 1464605 - 2 + 95087 + 95088 + 8 + + + 119871 + 119872 + 8 + + + 200105 + 200106 + 8 + + + 213249 + 213250 + 8 @@ -37767,89 +33740,104 @@ 12 - 27 - 28 - 2 + 1 + 2 + 8 - 214 - 215 - 2 + 26 + 27 + 8 - 331 - 332 - 2 + 111 + 112 + 8 - 5336 - 5337 - 2 + 436 + 437 + 8 - 5409 - 5410 - 2 + 945 + 946 + 8 - 8693 - 8694 - 2 + 1155 + 1156 + 8 - 9889 - 9890 - 2 + 1353 + 1354 + 8 - 16783 - 16784 - 2 + 1388 + 1389 + 8 - 17470 - 17471 - 2 + 1394 + 1395 + 8 - 35808 - 35809 - 2 + 2197 + 2198 + 8 - 37397 - 37398 - 2 + 2362 + 2363 + 8 - 108238 - 108239 - 2 + 2509 + 2510 + 8 - 358157 - 358158 - 2 + 7327 + 7328 + 8 - 394187 - 394188 - 2 + 8943 + 8944 + 8 - 647908 - 647909 - 2 + 11676 + 11677 + 8 - 1086119 - 1086120 - 2 + 37583 + 37584 + 8 - 1461298 - 1461299 - 2 + 44536 + 44537 + 8 + + + 49039 + 49040 + 8 + + + 86405 + 86406 + 8 + + + 101101 + 101102 + 8 @@ -37865,12 +33853,22 @@ 1 2 - 9166275 + 2225039 2 - 217 - 22076 + 3 + 182234 + + + 3 + 10 + 202178 + + + 10 + 1789 + 75085 @@ -37886,12 +33884,12 @@ 1 2 - 9169716 + 2601580 2 - 6 - 18635 + 10 + 82957 @@ -37949,15 +33947,15 @@ variable_vla - 267 + 30 var - 267 + 30 decl - 267 + 30 @@ -37971,7 +33969,7 @@ 1 2 - 267 + 30 @@ -37987,7 +33985,7 @@ 1 2 - 267 + 30 @@ -37997,26 +33995,26 @@ type_is_vla - 523 + 43 type_id - 523 + 43 if_initialization - 1762 + 374 if_stmt - 1762 + 374 init_id - 1762 + 374 @@ -38030,7 +34028,7 @@ 1 2 - 1762 + 374 @@ -38046,7 +34044,7 @@ 1 2 - 1762 + 374 @@ -38104,15 +34102,15 @@ if_else - 437108 + 437123 if_stmt - 437108 + 437123 else_id - 437108 + 437123 @@ -38126,7 +34124,7 @@ 1 2 - 437108 + 437123 @@ -38142,7 +34140,7 @@ 1 2 - 437108 + 437123 @@ -38200,15 +34198,15 @@ constexpr_if_then - 818798 + 106134 constexpr_if_stmt - 818798 + 106134 then_id - 818798 + 106134 @@ -38222,7 +34220,7 @@ 1 2 - 818798 + 106134 @@ -38238,7 +34236,7 @@ 1 2 - 818798 + 106134 @@ -38248,15 +34246,15 @@ constexpr_if_else - 216571 + 76166 constexpr_if_stmt - 216571 + 76166 else_id - 216571 + 76166 @@ -38270,7 +34268,7 @@ 1 2 - 216571 + 76166 @@ -38286,7 +34284,7 @@ 1 2 - 216571 + 76166 @@ -38392,15 +34390,15 @@ while_body - 46675 + 39647 while_stmt - 46675 + 39647 body_id - 46675 + 39647 @@ -38414,7 +34412,7 @@ 1 2 - 46675 + 39647 @@ -38430,7 +34428,7 @@ 1 2 - 46675 + 39647 @@ -38440,15 +34438,15 @@ do_body - 551349 + 233641 do_stmt - 551349 + 233641 body_id - 551349 + 233641 @@ -38462,7 +34460,7 @@ 1 2 - 551349 + 233641 @@ -38478,7 +34476,7 @@ 1 2 - 551349 + 233641 @@ -38536,11 +34534,11 @@ switch_case - 836154 + 836182 switch_stmt - 411869 + 411883 index @@ -38548,7 +34546,7 @@ case_id - 836154 + 836182 @@ -38567,7 +34565,7 @@ 2 3 - 408986 + 409000 3 @@ -38593,7 +34591,7 @@ 2 3 - 408986 + 409000 3 @@ -38756,7 +34754,7 @@ 1 2 - 836154 + 836182 @@ -38772,7 +34770,7 @@ 1 2 - 836154 + 836182 @@ -38782,15 +34780,15 @@ switch_body - 411869 + 411883 switch_stmt - 411869 + 411883 body_id - 411869 + 411883 @@ -38804,7 +34802,7 @@ 1 2 - 411869 + 411883 @@ -38820,7 +34818,7 @@ 1 2 - 411869 + 411883 @@ -38830,15 +34828,15 @@ for_initialization - 113752 + 73246 for_stmt - 113752 + 73246 init_id - 113752 + 73246 @@ -38852,7 +34850,7 @@ 1 2 - 113752 + 73246 @@ -38868,7 +34866,7 @@ 1 2 - 113752 + 73246 @@ -38878,15 +34876,15 @@ for_condition - 121024 + 76341 for_stmt - 121024 + 76341 condition_id - 121024 + 76341 @@ -38900,7 +34898,7 @@ 1 2 - 121024 + 76341 @@ -38916,7 +34914,7 @@ 1 2 - 121024 + 76341 @@ -38926,15 +34924,15 @@ for_update - 120586 + 73386 for_stmt - 120586 + 73386 update_id - 120586 + 73386 @@ -38948,7 +34946,7 @@ 1 2 - 120586 + 73386 @@ -38964,7 +34962,7 @@ 1 2 - 120586 + 73386 @@ -38974,15 +34972,15 @@ for_body - 121083 + 84389 for_stmt - 121083 + 84389 body_id - 121083 + 84389 @@ -38996,7 +34994,7 @@ 1 2 - 121083 + 84389 @@ -39012,7 +35010,7 @@ 1 2 - 121083 + 84389 @@ -39022,19 +35020,19 @@ stmtparents - 8452090 + 5628379 id - 8452090 + 5628379 index - 83 + 15775 parent - 3414860 + 2381490 @@ -39048,7 +35046,7 @@ 1 2 - 8452090 + 5628379 @@ -39064,7 +35062,7 @@ 1 2 - 8452090 + 5628379 @@ -39078,64 +35076,54 @@ 12 - 17 - 18 - 15 + 1 + 2 + 5182 - 34 - 35 - 8 + 2 + 3 + 1291 - 187 - 188 - 4 + 3 + 4 + 284 - 340 - 341 - 8 + 4 + 5 + 2006 - 390 - 409 - 4 + 7 + 8 + 1316 - 4849 - 5162 - 6 + 8 + 12 + 1023 - 12786 - 13635 - 6 + 12 + 29 + 1389 - 18763 - 30401 - 6 + 29 + 39 + 1186 - 39042 - 62308 - 6 + 42 + 78 + 1194 - 96495 - 258328 - 6 - - - 398532 - 819173 - 6 - - - 1128546 - 1128547 - 2 + 78 + 209668 + 901 @@ -39149,64 +35137,54 @@ 12 - 17 - 18 - 15 + 1 + 2 + 5182 - 34 - 35 - 8 + 2 + 3 + 1291 - 187 - 188 - 4 + 3 + 4 + 284 - 340 - 341 - 8 + 4 + 5 + 2006 - 390 - 409 - 4 + 7 + 8 + 1316 - 4849 - 5162 - 6 + 8 + 12 + 1023 - 12786 - 13635 - 6 + 12 + 29 + 1389 - 18763 - 30401 - 6 + 29 + 39 + 1186 - 39042 - 62308 - 6 + 42 + 78 + 1194 - 96495 - 258328 - 6 - - - 398532 - 819173 - 6 - - - 1128546 - 1128547 - 2 + 78 + 209668 + 901 @@ -39222,32 +35200,32 @@ 1 2 - 1716470 + 1359015 2 3 - 786112 + 517378 3 4 - 265976 + 151519 4 6 - 262417 + 155727 6 - 9 - 273890 + 16 + 178871 - 9 - 39 - 109993 + 16 + 1943 + 18976 @@ -39263,32 +35241,32 @@ 1 2 - 1716470 + 1359015 2 3 - 786112 + 517378 3 4 - 265976 + 151519 4 6 - 262417 + 155727 6 - 9 - 273890 + 16 + 178871 - 9 - 39 - 109993 + 16 + 1943 + 18976 @@ -39298,30 +35276,30 @@ ishandler - 43746 + 43790 block - 43746 + 43790 stmt_decl_bind - 1446255 + 725885 stmt - 1426175 + 715316 num - 6 + 73 decl - 1446246 + 725885 @@ -39335,12 +35313,12 @@ 1 2 - 1410088 + 707850 2 - 4 - 16086 + 10 + 7465 @@ -39356,12 +35334,12 @@ 1 2 - 1410088 + 707850 2 - 4 - 16086 + 10 + 7465 @@ -39375,19 +35353,49 @@ 12 - 1819 - 1820 - 2 + 14 + 15 + 8 - 7326 - 7327 - 2 + 15 + 16 + 8 - 649508 - 649509 - 2 + 18 + 19 + 8 + + + 21 + 22 + 8 + + + 25 + 26 + 8 + + + 60 + 61 + 8 + + + 229 + 230 + 8 + + + 919 + 920 + 8 + + + 88055 + 88056 + 8 @@ -39401,19 +35409,49 @@ 12 - 1819 - 1820 - 2 + 14 + 15 + 8 - 7326 - 7327 - 2 + 15 + 16 + 8 - 649504 - 649505 - 2 + 18 + 19 + 8 + + + 21 + 22 + 8 + + + 25 + 26 + 8 + + + 60 + 61 + 8 + + + 229 + 230 + 8 + + + 919 + 920 + 8 + + + 88055 + 88056 + 8 @@ -39429,12 +35467,7 @@ 1 2 - 1446237 - - - 2 - 3 - 8 + 725885 @@ -39450,7 +35483,7 @@ 1 2 - 1446246 + 725885 @@ -39460,19 +35493,19 @@ stmt_decl_entry_bind - 1446255 + 725885 stmt - 1426175 + 715316 num - 6 + 73 decl_entry - 1446251 + 725885 @@ -39486,12 +35519,12 @@ 1 2 - 1410088 + 707850 2 - 4 - 16086 + 10 + 7465 @@ -39507,12 +35540,12 @@ 1 2 - 1410088 + 707850 2 - 4 - 16086 + 10 + 7465 @@ -39526,19 +35559,49 @@ 12 - 1819 - 1820 - 2 + 14 + 15 + 8 - 7326 - 7327 - 2 + 15 + 16 + 8 - 649508 - 649509 - 2 + 18 + 19 + 8 + + + 21 + 22 + 8 + + + 25 + 26 + 8 + + + 60 + 61 + 8 + + + 229 + 230 + 8 + + + 919 + 920 + 8 + + + 88055 + 88056 + 8 @@ -39552,19 +35615,49 @@ 12 - 1819 - 1820 - 2 + 14 + 15 + 8 - 7326 - 7327 - 2 + 15 + 16 + 8 - 649506 - 649507 - 2 + 18 + 19 + 8 + + + 21 + 22 + 8 + + + 25 + 26 + 8 + + + 60 + 61 + 8 + + + 229 + 230 + 8 + + + 919 + 920 + 8 + + + 88055 + 88056 + 8 @@ -39580,12 +35673,7 @@ 1 2 - 1446246 - - - 2 - 3 - 4 + 725885 @@ -39601,7 +35689,7 @@ 1 2 - 1446251 + 725885 @@ -39611,15 +35699,15 @@ blockscope - 2399400 + 1644952 block - 2399400 + 1644952 enclosing - 1756668 + 1428064 @@ -39633,7 +35721,7 @@ 1 2 - 2399400 + 1644952 @@ -39649,22 +35737,17 @@ 1 2 - 1408995 + 1295584 2 - 3 - 210329 + 4 + 117122 - 3 - 9 - 136478 - - - 9 - 18 - 865 + 4 + 28 + 15358 @@ -39674,19 +35757,19 @@ jumpinfo - 896574 + 348320 id - 896574 + 348320 str - 999 + 28948 target - 283522 + 72706 @@ -39700,7 +35783,7 @@ 1 2 - 896574 + 348320 @@ -39716,7 +35799,7 @@ 1 2 - 896574 + 348320 @@ -39729,55 +35812,40 @@ 12 - - 1 - 2 - 13 - 2 3 - 270 + 13596 3 4 - 81 + 6058 4 5 - 168 + 2014 5 6 - 40 + 1888 6 - 7 - 108 - - - 7 - 9 - 87 + 10 + 2197 10 - 13 - 81 + 25 + 2189 - 14 - 38 - 81 - - - 38 - 129945 - 67 + 25 + 13711 + 1002 @@ -39793,22 +35861,17 @@ 1 2 - 459 + 23190 2 3 - 371 + 3626 3 - 8 - 87 - - - 9 - 41246 - 81 + 3321 + 2131 @@ -39829,22 +35892,27 @@ 2 3 - 93041 + 36210 3 4 - 69899 + 17633 4 5 - 116224 + 7379 5 - 50 - 4323 + 8 + 6418 + + + 8 + 2124 + 5030 @@ -39860,7 +35928,7 @@ 1 2 - 283522 + 72706 @@ -39870,19 +35938,19 @@ preprocdirects - 35868911 + 5413333 id - 35868911 + 5413333 kind - 9691 + 1373 location - 35847591 + 5410087 @@ -39896,7 +35964,7 @@ 1 2 - 35868911 + 5413333 @@ -39912,7 +35980,7 @@ 1 2 - 35868911 + 5413333 @@ -39926,54 +35994,59 @@ 12 - 108 - 109 - 969 + 1 + 2 + 124 - 401 - 402 - 969 + 139 + 140 + 124 - 600 - 601 - 969 + 805 + 806 + 124 - 703 - 704 - 969 + 880 + 881 + 124 - 1172 - 1173 - 969 + 973 + 974 + 124 - 1441 - 1442 - 969 + 1509 + 1510 + 124 - 2328 - 2329 - 969 + 1883 + 1884 + 124 - 3104 - 3105 - 969 + 3256 + 3257 + 124 - 4979 - 4980 - 969 + 4737 + 4738 + 124 - 22176 - 22177 - 969 + 7126 + 7127 + 124 + + + 22045 + 22046 + 124 @@ -39987,54 +36060,59 @@ 12 - 108 - 109 - 969 + 1 + 2 + 124 - 401 - 402 - 969 + 139 + 140 + 124 - 600 - 601 - 969 + 805 + 806 + 124 - 703 - 704 - 969 + 880 + 881 + 124 - 1172 - 1173 - 969 + 973 + 974 + 124 - 1441 - 1442 - 969 + 1509 + 1510 + 124 - 2328 - 2329 - 969 + 1883 + 1884 + 124 - 3104 - 3105 - 969 + 3256 + 3257 + 124 - 4979 - 4980 - 969 + 4737 + 4738 + 124 - 22154 - 22155 - 969 + 7126 + 7127 + 124 + + + 22019 + 22020 + 124 @@ -40050,12 +36128,12 @@ 1 2 - 35846622 + 5409962 - 23 - 24 - 969 + 27 + 28 + 124 @@ -40071,7 +36149,7 @@ 1 2 - 35847591 + 5410087 @@ -40081,15 +36159,15 @@ preprocpair - 6326387 + 1142251 begin - 4825227 + 889777 elseelifend - 6326387 + 1142251 @@ -40103,17 +36181,17 @@ 1 2 - 3400627 + 650164 2 3 - 1373237 + 230622 3 9 - 51363 + 8990 @@ -40129,7 +36207,7 @@ 1 2 - 6326387 + 1142251 @@ -40139,41 +36217,41 @@ preproctrue - 3104077 + 439769 branch - 3104077 + 439769 preprocfalse - 1486623 + 285562 branch - 1486623 + 285562 preproctext - 30249978 + 4356364 id - 30249978 + 4356364 head - 22698628 + 2957767 body - 13053989 + 1684908 @@ -40187,7 +36265,7 @@ 1 2 - 30249978 + 4356364 @@ -40203,7 +36281,7 @@ 1 2 - 30249978 + 4356364 @@ -40219,12 +36297,12 @@ 1 2 - 21510493 + 2758984 2 - 806 - 1188135 + 798 + 198782 @@ -40240,12 +36318,12 @@ 1 2 - 22123943 + 2876481 2 5 - 574685 + 81286 @@ -40261,17 +36339,17 @@ 1 2 - 11998622 + 1536570 2 - 22 - 981714 + 10 + 127360 - 22 - 9704 - 73652 + 10 + 13606 + 20977 @@ -40287,17 +36365,17 @@ 1 2 - 12021880 + 1540816 2 - 30 - 979776 + 12 + 126986 - 30 - 2661 - 52332 + 12 + 3246 + 17106 @@ -40307,15 +36385,15 @@ includes - 491808 + 318656 id - 491808 + 318656 included - 10166 + 58699 @@ -40329,7 +36407,7 @@ 1 2 - 491808 + 318656 @@ -40344,23 +36422,38 @@ 1 + 2 + 29048 + + + 2 3 - 577 + 9443 3 4 - 5963 + 4954 4 - 5 - 3473 + 6 + 5355 - 5 - 104467 - 151 + 6 + 11 + 4520 + + + 11 + 47 + 4404 + + + 47 + 793 + 971 @@ -40370,15 +36463,15 @@ link_targets - 11917 + 816 id - 11917 + 816 binary - 11917 + 816 @@ -40392,7 +36485,7 @@ 1 2 - 11917 + 816 @@ -40408,7 +36501,7 @@ 1 2 - 11917 + 816 @@ -40418,15 +36511,15 @@ link_parent - 80819473 + 30398081 element - 2994819 + 3866101 link_target - 808 + 340 @@ -40440,27 +36533,17 @@ 1 2 - 2268833 + 530456 2 - 11 - 225604 + 9 + 26948 - 11 - 123 - 103414 - - - 123 - 208 - 224687 - - - 208 - 271 - 172279 + 9 + 10 + 3308695 @@ -40474,69 +36557,54 @@ 12 - 7874 - 56288 - 62 + 3 + 4 + 34 - 56342 - 57366 - 62 + 97375 + 97376 + 34 - 57487 - 59251 - 62 + 97494 + 97495 + 34 - 59254 - 59689 - 62 + 97547 + 97548 + 34 - 60594 - 63583 - 62 + 97574 + 97575 + 34 - 63598 - 68732 - 62 + 97596 + 97597 + 34 - 69160 - 90331 - 62 + 97628 + 97629 + 34 - 121994 - 133055 - 62 + 99635 + 99636 + 34 - 133109 - 141061 - 62 + 103015 + 103016 + 34 - 141068 - 144417 - 62 - - - 144454 - 147437 - 62 - - - 147926 - 156061 - 62 - - - 156083 - 249351 - 53 + 104379 + 104380 + 34 From 99a24f9650aa9b5014b03696047c0c9fdb1d1ae8 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Fri, 27 Jun 2025 08:56:13 +0200 Subject: [PATCH 107/111] C++: Fix macro handling after extractor changes --- cpp/ql/lib/semmle/code/cpp/Macro.qll | 5 +++-- .../inmacroexpansion/inmacroexpansion.expected | 16 ++++++++-------- 2 files changed, 11 insertions(+), 10 deletions(-) diff --git a/cpp/ql/lib/semmle/code/cpp/Macro.qll b/cpp/ql/lib/semmle/code/cpp/Macro.qll index 515ea9380a7..cbffc90d17c 100644 --- a/cpp/ql/lib/semmle/code/cpp/Macro.qll +++ b/cpp/ql/lib/semmle/code/cpp/Macro.qll @@ -154,8 +154,9 @@ class MacroInvocation extends MacroAccess { * well. */ Locatable getAnAffectedElement() { - inmacroexpansion(unresolveElement(result), underlyingElement(this)) or - macrolocationbind(underlyingElement(this), result.getLocation()) + inmacroexpansion(unresolveElement(result), underlyingElement(this)) + or + macrolocationbind(underlyingElement(this), result.getLocation()) and this != result } /** diff --git a/cpp/ql/test/library-tests/macros/inmacroexpansion/inmacroexpansion.expected b/cpp/ql/test/library-tests/macros/inmacroexpansion/inmacroexpansion.expected index f8eff955d47..4e477a101a9 100644 --- a/cpp/ql/test/library-tests/macros/inmacroexpansion/inmacroexpansion.expected +++ b/cpp/ql/test/library-tests/macros/inmacroexpansion/inmacroexpansion.expected @@ -14,14 +14,14 @@ | test.cpp:4:1:4:1 | operator= | false | | test.cpp:4:1:4:1 | operator= | false | | test.cpp:4:1:4:10 | CLASS_DECL | false | -| test.cpp:4:1:4:10 | S | false | +| test.cpp:4:1:4:10 | S | true | | test.cpp:4:1:4:10 | declaration | true | | test.cpp:4:1:4:10 | definition of S | true | | test.cpp:4:1:4:10 | definition of f | true | | test.cpp:4:1:4:10 | definition of i | true | | test.cpp:4:1:4:10 | definition of j | true | -| test.cpp:4:1:4:10 | f | false | -| test.cpp:4:1:4:10 | i | false | +| test.cpp:4:1:4:10 | f | true | +| test.cpp:4:1:4:10 | i | true | | test.cpp:4:1:4:10 | j | true | | test.cpp:4:1:4:10 | return ... | true | | test.cpp:4:1:4:10 | { ... } | true | @@ -30,7 +30,7 @@ | test.cpp:8:1:8:13 | declaration | true | | test.cpp:8:1:8:13 | definition of f1 | true | | test.cpp:8:1:8:13 | definition of k | true | -| test.cpp:8:1:8:13 | f1 | false | +| test.cpp:8:1:8:13 | f1 | true | | test.cpp:8:1:8:13 | k | true | | test.cpp:8:1:8:13 | return ... | true | | test.cpp:8:1:8:13 | { ... } | true | @@ -68,18 +68,18 @@ | test.cpp:38:1:38:13 | 1 | true | | test.cpp:38:1:38:13 | ... == ... | true | | test.cpp:38:1:38:13 | STATIC_ASSERT | false | -| test.cpp:38:1:38:13 | static_assert(..., "") | false | +| test.cpp:38:1:38:13 | static_assert(..., "") | true | | test.cpp:40:1:40:42 | #define ATTRIBUTE [[nodiscard("reason1")]] | false | | test.cpp:42:1:42:9 | ATTRIBUTE | false | -| test.cpp:42:1:42:9 | nodiscard | false | -| test.cpp:42:1:42:9 | reason1 | false | +| test.cpp:42:1:42:9 | nodiscard | true | +| test.cpp:42:1:42:9 | reason1 | true | | test.cpp:42:1:42:9 | reason1 | true | | test.cpp:43:5:43:6 | declaration of f2 | false | | test.cpp:43:5:43:6 | f2 | false | | test.cpp:45:1:45:31 | #define ATTRIBUTE_ARG "reason2" | false | | test.cpp:47:3:47:11 | nodiscard | false | | test.cpp:47:13:47:25 | ATTRIBUTE_ARG | false | -| test.cpp:47:13:47:25 | reason2 | false | +| test.cpp:47:13:47:25 | reason2 | true | | test.cpp:47:13:47:25 | reason2 | true | | test.cpp:48:5:48:6 | declaration of f3 | false | | test.cpp:48:5:48:6 | f3 | false | From 89c91cc1a2aa680f7b11e19ff0263496863189e1 Mon Sep 17 00:00:00 2001 From: Jeroen Ketema Date: Fri, 27 Jun 2025 15:06:03 +0200 Subject: [PATCH 108/111] C++: Add change note --- cpp/ql/lib/change-notes/2025-06-27-locations.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 cpp/ql/lib/change-notes/2025-06-27-locations.md diff --git a/cpp/ql/lib/change-notes/2025-06-27-locations.md b/cpp/ql/lib/change-notes/2025-06-27-locations.md new file mode 100644 index 00000000000..55acf55ee87 --- /dev/null +++ b/cpp/ql/lib/change-notes/2025-06-27-locations.md @@ -0,0 +1,4 @@ +--- +category: deprecated +--- +* The `UnknownDefaultLocation`, `UnknownExprLocation`, and `UnknownStmtLocation` classes have been deprecated. Use `UnknownLocation` instead. From 81ec3b65663efb2586a3ae0469e3cde1847e5ee5 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 30 Jun 2025 00:26:21 +0000 Subject: [PATCH 109/111] Add changed framework coverage reports --- csharp/documentation/library-coverage/coverage.csv | 1 + csharp/documentation/library-coverage/coverage.rst | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/csharp/documentation/library-coverage/coverage.csv b/csharp/documentation/library-coverage/coverage.csv index 70a2dfec6cc..ea5961f0c4e 100644 --- a/csharp/documentation/library-coverage/coverage.csv +++ b/csharp/documentation/library-coverage/coverage.csv @@ -15,6 +15,7 @@ Microsoft.AspNetCore.Http,,,1,,,,,,,,,,,,,,,,,,,1, Microsoft.AspNetCore.Mvc,,,2,,,,,,,,,,,,,,,,,,,,2 Microsoft.AspNetCore.WebUtilities,,,2,,,,,,,,,,,,,,,,,,,2, Microsoft.CSharp,,,2,,,,,,,,,,,,,,,,,,,2, +Microsoft.Data.SqlClient,7,,4,,,,,,,,,,7,,,,,,,,,4, Microsoft.Diagnostics.Tools.Pgo,,,21,,,,,,,,,,,,,,,,,,,,21 Microsoft.DotNet.Build.Tasks,,,11,,,,,,,,,,,,,,,,,,,9,2 Microsoft.DotNet.PlatformAbstractions,,,1,,,,,,,,,,,,,,,,,,,1, diff --git a/csharp/documentation/library-coverage/coverage.rst b/csharp/documentation/library-coverage/coverage.rst index 6762de6ed12..6ab5a55b3e6 100644 --- a/csharp/documentation/library-coverage/coverage.rst +++ b/csharp/documentation/library-coverage/coverage.rst @@ -9,6 +9,6 @@ C# framework & library support Framework / library,Package,Flow sources,Taint & value steps,Sinks (total),`CWE-079` :sub:`Cross-site scripting` `ServiceStack `_,"``ServiceStack.*``, ``ServiceStack``",,7,194, System,"``System.*``, ``System``",47,12139,54,5 - Others,"``Amazon.Lambda.APIGatewayEvents``, ``Amazon.Lambda.Core``, ``Dapper``, ``ILCompiler``, ``ILLink.RoslynAnalyzer``, ``ILLink.Shared``, ``ILLink.Tasks``, ``Internal.IL``, ``Internal.Pgo``, ``Internal.TypeSystem``, ``Microsoft.ApplicationBlocks.Data``, ``Microsoft.AspNetCore.Components``, ``Microsoft.AspNetCore.Http``, ``Microsoft.AspNetCore.Mvc``, ``Microsoft.AspNetCore.WebUtilities``, ``Microsoft.CSharp``, ``Microsoft.Diagnostics.Tools.Pgo``, ``Microsoft.DotNet.Build.Tasks``, ``Microsoft.DotNet.PlatformAbstractions``, ``Microsoft.EntityFrameworkCore``, ``Microsoft.Extensions.Caching.Distributed``, ``Microsoft.Extensions.Caching.Memory``, ``Microsoft.Extensions.Configuration``, ``Microsoft.Extensions.DependencyInjection``, ``Microsoft.Extensions.DependencyModel``, ``Microsoft.Extensions.Diagnostics.Metrics``, ``Microsoft.Extensions.FileProviders``, ``Microsoft.Extensions.FileSystemGlobbing``, ``Microsoft.Extensions.Hosting``, ``Microsoft.Extensions.Http``, ``Microsoft.Extensions.Logging``, ``Microsoft.Extensions.Options``, ``Microsoft.Extensions.Primitives``, ``Microsoft.Interop``, ``Microsoft.JSInterop``, ``Microsoft.NET.Build.Tasks``, ``Microsoft.VisualBasic``, ``Microsoft.Win32``, ``Mono.Linker``, ``MySql.Data.MySqlClient``, ``Newtonsoft.Json``, ``SourceGenerators``, ``Windows.Security.Cryptography.Core``",60,2253,152,4 - Totals,,107,14399,400,9 + Others,"``Amazon.Lambda.APIGatewayEvents``, ``Amazon.Lambda.Core``, ``Dapper``, ``ILCompiler``, ``ILLink.RoslynAnalyzer``, ``ILLink.Shared``, ``ILLink.Tasks``, ``Internal.IL``, ``Internal.Pgo``, ``Internal.TypeSystem``, ``Microsoft.ApplicationBlocks.Data``, ``Microsoft.AspNetCore.Components``, ``Microsoft.AspNetCore.Http``, ``Microsoft.AspNetCore.Mvc``, ``Microsoft.AspNetCore.WebUtilities``, ``Microsoft.CSharp``, ``Microsoft.Data.SqlClient``, ``Microsoft.Diagnostics.Tools.Pgo``, ``Microsoft.DotNet.Build.Tasks``, ``Microsoft.DotNet.PlatformAbstractions``, ``Microsoft.EntityFrameworkCore``, ``Microsoft.Extensions.Caching.Distributed``, ``Microsoft.Extensions.Caching.Memory``, ``Microsoft.Extensions.Configuration``, ``Microsoft.Extensions.DependencyInjection``, ``Microsoft.Extensions.DependencyModel``, ``Microsoft.Extensions.Diagnostics.Metrics``, ``Microsoft.Extensions.FileProviders``, ``Microsoft.Extensions.FileSystemGlobbing``, ``Microsoft.Extensions.Hosting``, ``Microsoft.Extensions.Http``, ``Microsoft.Extensions.Logging``, ``Microsoft.Extensions.Options``, ``Microsoft.Extensions.Primitives``, ``Microsoft.Interop``, ``Microsoft.JSInterop``, ``Microsoft.NET.Build.Tasks``, ``Microsoft.VisualBasic``, ``Microsoft.Win32``, ``Mono.Linker``, ``MySql.Data.MySqlClient``, ``Newtonsoft.Json``, ``SourceGenerators``, ``Windows.Security.Cryptography.Core``",60,2257,159,4 + Totals,,107,14403,407,9 From c7194a4012469f45aa1cec6b7be42bfb5b922232 Mon Sep 17 00:00:00 2001 From: Kasper Svendsen Date: Mon, 30 Jun 2025 08:40:46 +0200 Subject: [PATCH 110/111] Overlay: Add missing QLDoc --- java/ql/lib/semmle/code/java/Overlay.qll | 3 +++ 1 file changed, 3 insertions(+) diff --git a/java/ql/lib/semmle/code/java/Overlay.qll b/java/ql/lib/semmle/code/java/Overlay.qll index 69178b1740a..f1cfc5c434f 100644 --- a/java/ql/lib/semmle/code/java/Overlay.qll +++ b/java/ql/lib/semmle/code/java/Overlay.qll @@ -1,3 +1,6 @@ +/** + * Defines entity discard predicates for Java overlay analysis. + */ overlay[local?] module; From 57661df306f9ad2e10c097760f5b5bbd07e3220d Mon Sep 17 00:00:00 2001 From: Tom Hvitved Date: Mon, 30 Jun 2025 09:59:43 +0200 Subject: [PATCH 111/111] Rust: Fix variable capture inconsistencies --- .../rust/dataflow/internal/DataFlowImpl.qll | 6 ++- .../codeql/rust/dataflow/internal/SsaImpl.qll | 51 ++++++++----------- .../test/library-tests/variables/Ssa.expected | 1 + .../CONSISTENCY/SsaConsistency.expected | 6 --- .../VariableCaptureConsistency.expected | 5 -- 5 files changed, 28 insertions(+), 41 deletions(-) delete mode 100644 rust/ql/test/query-tests/security/CWE-825/CONSISTENCY/SsaConsistency.expected delete mode 100644 rust/ql/test/query-tests/security/CWE-825/CONSISTENCY/VariableCaptureConsistency.expected diff --git a/rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll b/rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll index 7f86995c941..c50833593b7 100644 --- a/rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll +++ b/rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll @@ -910,7 +910,11 @@ module VariableCapture { CapturedVariable v; VariableRead() { - exists(VariableReadAccess read | this.getExpr() = read and v = read.getVariable()) + exists(VariableAccess read | this.getExpr() = read and v = read.getVariable() | + read instanceof VariableReadAccess + or + read = any(RefExpr re).getExpr() + ) } CapturedVariable getVariable() { result = v } diff --git a/rust/ql/lib/codeql/rust/dataflow/internal/SsaImpl.qll b/rust/ql/lib/codeql/rust/dataflow/internal/SsaImpl.qll index 42b1d09f8f9..5144df16662 100644 --- a/rust/ql/lib/codeql/rust/dataflow/internal/SsaImpl.qll +++ b/rust/ql/lib/codeql/rust/dataflow/internal/SsaImpl.qll @@ -38,6 +38,22 @@ predicate variableWrite(AstNode write, Variable v) { ) } +private predicate variableReadCertain(BasicBlock bb, int i, VariableAccess va, Variable v) { + bb.getNode(i).getAstNode() = va and + va = v.getAnAccess() and + ( + va instanceof VariableReadAccess + or + // For immutable variables, we model a read when they are borrowed + // (although the actual read happens later, if at all). + va = any(RefExpr re).getExpr() + or + // Although compound assignments, like `x += y`, may in fact not read `x`, + // it makes sense to treat them as such + va = any(CompoundAssignmentExpr cae).getLhs() + ) +} + module SsaInput implements SsaImplCommon::InputSig { class BasicBlock = BasicBlocks::BasicBlock; @@ -66,20 +82,7 @@ module SsaInput implements SsaImplCommon::InputSig { } predicate variableRead(BasicBlock bb, int i, SourceVariable v, boolean certain) { - exists(VariableAccess va | - bb.getNode(i).getAstNode() = va and - va = v.getAnAccess() - | - va instanceof VariableReadAccess - or - // For immutable variables, we model a read when they are borrowed - // (although the actual read happens later, if at all). - va = any(RefExpr re).getExpr() - or - // Although compound assignments, like `x += y`, may in fact not read `x`, - // it makes sense to treat them as such - va = any(CompoundAssignmentExpr cae).getLhs() - ) and + variableReadCertain(bb, i, _, v) and certain = true or capturedCallRead(_, bb, i, v) and certain = false @@ -100,16 +103,6 @@ class PhiDefinition = Impl::PhiNode; module Consistency = Impl::Consistency; -/** Holds if `v` is read at index `i` in basic block `bb`. */ -private predicate variableReadActual(BasicBlock bb, int i, Variable v) { - exists(VariableAccess read | - read instanceof VariableReadAccess or read = any(RefExpr re).getExpr() - | - read.getVariable() = v and - read = bb.getNode(i).getAstNode() - ) -} - /** * Holds if captured variable `v` is written directly inside `scope`, * or inside a (transitively) nested scope of `scope`. @@ -125,10 +118,10 @@ private predicate hasCapturedWrite(Variable v, Cfg::CfgScope scope) { * immediate outer CFG scope of `scope`. */ pragma[noinline] -private predicate variableReadActualInOuterScope( +private predicate variableReadCertainInOuterScope( BasicBlock bb, int i, Variable v, Cfg::CfgScope scope ) { - variableReadActual(bb, i, v) and bb.getScope() = scope.getEnclosingCfgScope() + variableReadCertain(bb, i, _, v) and bb.getScope() = scope.getEnclosingCfgScope() } pragma[noinline] @@ -136,7 +129,7 @@ private predicate hasVariableReadWithCapturedWrite( BasicBlock bb, int i, Variable v, Cfg::CfgScope scope ) { hasCapturedWrite(v, scope) and - variableReadActualInOuterScope(bb, i, v, scope) + variableReadCertainInOuterScope(bb, i, v, scope) } private VariableAccess getACapturedVariableAccess(BasicBlock bb, Variable v) { @@ -154,7 +147,7 @@ private predicate writesCapturedVariable(BasicBlock bb, Variable v) { /** Holds if `bb` contains a captured read to variable `v`. */ pragma[nomagic] private predicate readsCapturedVariable(BasicBlock bb, Variable v) { - getACapturedVariableAccess(bb, v) instanceof VariableReadAccess + variableReadCertain(_, _, getACapturedVariableAccess(bb, v), _) } /** @@ -254,7 +247,7 @@ private module Cached { CfgNode getARead(Definition def) { exists(Variable v, BasicBlock bb, int i | Impl::ssaDefReachesRead(v, def, bb, i) and - variableReadActual(bb, i, v) and + variableReadCertain(bb, i, v.getAnAccess(), v) and result = bb.getNode(i) ) } diff --git a/rust/ql/test/library-tests/variables/Ssa.expected b/rust/ql/test/library-tests/variables/Ssa.expected index f45005b51a0..f74c73a107f 100644 --- a/rust/ql/test/library-tests/variables/Ssa.expected +++ b/rust/ql/test/library-tests/variables/Ssa.expected @@ -255,6 +255,7 @@ read | main.rs:355:14:355:14 | x | main.rs:355:14:355:14 | x | main.rs:356:13:356:13 | x | | main.rs:362:9:362:9 | v | main.rs:362:9:362:9 | v | main.rs:365:12:365:12 | v | | main.rs:364:9:364:12 | text | main.rs:364:9:364:12 | text | main.rs:366:19:366:22 | text | +| main.rs:371:13:371:13 | a | main.rs:371:13:371:13 | a | main.rs:372:5:372:5 | a | | main.rs:372:5:372:5 | a | main.rs:371:13:371:13 | a | main.rs:373:15:373:15 | a | | main.rs:372:5:372:5 | a | main.rs:371:13:371:13 | a | main.rs:374:11:374:11 | a | | main.rs:374:6:374:11 | &mut a | main.rs:371:13:371:13 | a | main.rs:375:15:375:15 | a | diff --git a/rust/ql/test/query-tests/security/CWE-825/CONSISTENCY/SsaConsistency.expected b/rust/ql/test/query-tests/security/CWE-825/CONSISTENCY/SsaConsistency.expected deleted file mode 100644 index c2944252116..00000000000 --- a/rust/ql/test/query-tests/security/CWE-825/CONSISTENCY/SsaConsistency.expected +++ /dev/null @@ -1,6 +0,0 @@ -readWithoutDef -| lifetime.rs:511:6:511:14 | my_local2 | lifetime.rs:514:9:527:2 | enter \|...\| ... | 2 | -| lifetime.rs:564:6:564:14 | my_local2 | lifetime.rs:567:9:580:2 | enter { ... } | 2 | -readWithoutPriorRef -| lifetime.rs:511:6:511:14 | my_local2 | lifetime.rs:514:9:527:2 | enter \|...\| ... | 2 | -| lifetime.rs:564:6:564:14 | my_local2 | lifetime.rs:567:9:580:2 | enter { ... } | 2 | diff --git a/rust/ql/test/query-tests/security/CWE-825/CONSISTENCY/VariableCaptureConsistency.expected b/rust/ql/test/query-tests/security/CWE-825/CONSISTENCY/VariableCaptureConsistency.expected deleted file mode 100644 index 64126531311..00000000000 --- a/rust/ql/test/query-tests/security/CWE-825/CONSISTENCY/VariableCaptureConsistency.expected +++ /dev/null @@ -1,5 +0,0 @@ -variableIsCaptured -| lifetime.rs:511:6:511:14 | my_local2 | CapturedVariable is not captured | -| lifetime.rs:564:6:564:14 | my_local2 | CapturedVariable is not captured | -consistencyOverview -| CapturedVariable is not captured | 2 |