hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #11318 from erik-krogh/deleteMoreDeps

Browse Source 
delete old deprecations
This commit is contained in:
Erik Krogh Kristensen
2022-11-19 11:15:12 +01:00
committed by GitHub
parent a964325724 468a879c1f
commit a69524f7b4
82 changed files with 209 additions and 910 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
cpp/ql/lib/change-notes/2022-11-17-deleted-deps.md Normal file
View File

@@ -0,0 +1,4 @@
---
category: minorAnalysis
---
* Deleted the deprecated `getName` and `getShortName` predicates from the `Folder` class.

12
cpp/ql/lib/semmle/code/cpp/File.qll
View File

@@ -189,18 +189,6 @@ class Folder extends Container, @folder {
* Gets the URL of this folder.
*/
deprecated override string getURL() { result = "file://" + this.getAbsolutePath() + ":0:0:0:0" }
/**
* DEPRECATED: use `getAbsolutePath` instead.
* Gets the name of this folder.
*/
deprecated string getName() { folders(underlyingElement(this), result) }
/**
* DEPRECATED: use `getBaseName` instead.
* Gets the last part of the folder name.
*/
deprecated string getShortName() { result = this.getBaseName() }
}
/**

4
csharp/ql/lib/change-notes/2022-11-17-deleted-deps.md Normal file
View File

@@ -0,0 +1,4 @@
---
category: minorAnalysis
---
* Deleted the deprecated `getNameWithoutBrackets` predicate from the `ValueOrRefType` class in `Type.qll`.

7
csharp/ql/lib/semmle/code/csharp/Type.qll
View File

@@ -56,13 +56,6 @@ private predicate isObjectClass(Class c) { c instanceof ObjectType }
* Either a value type (`ValueType`) or a reference type (`RefType`).
*/
class ValueOrRefType extends DotNet::ValueOrRefType, Type, Attributable, @value_or_ref_type {
/**
* DEPRECATED: use `getUndecoratedName()` instead.
*
* Gets the name of this type without `<...>` brackets, in case it is a generic type.
*/
deprecated string getNameWithoutBrackets() { types(this, _, result) }
/**
* Holds if this type has the qualified name `qualifier`.`name`.
*

5
java/ql/lib/change-notes/2022-11-17-deleted-deps.md Normal file
View File

@@ -0,0 +1,5 @@
---
category: minorAnalysis
---
* Deleted the deprecated `LocalClassDeclStmtNode` and `LocalClassDeclStmt` classes from `PrintAst.qll` and `Statement.qll` respectively.
* Deleted the deprecated `getLocalClass` predicate from `LocalTypeDeclStmt`, and the deprecated `getLocalClassDeclStmt` predicate from `LocalClassOrInterface`.

6
java/ql/lib/semmle/code/java/PrintAst.qll
View File

@@ -393,12 +393,6 @@ final class LocalTypeDeclStmtNode extends ExprStmtNode {
}
}
/**
* DEPRECATED: Renamed `LocalTypeDeclStmtNode` to reflect the fact that
* as of Java 16 interfaces can also be declared locally, not just classes.
*/
deprecated class LocalClassDeclStmtNode = LocalTypeDeclStmtNode;
/**
* A node representing a `ForStmt`.
*/

12
java/ql/lib/semmle/code/java/Statement.qll
View File

@@ -781,12 +781,6 @@ class LocalTypeDeclStmt extends Stmt, @localtypedeclstmt {
/** Gets the local type declared by this statement. */
LocalClassOrInterface getLocalType() { isLocalClassOrInterface(result, this) }
/**
* DEPRECATED: Renamed `getLocalType` to reflect the fact that
* as of Java 16 interfaces can also be declared locally, not just classes.
*/
deprecated LocalClassOrInterface getLocalClass() { result = this.getLocalType() }
private string getDeclKeyword() {
result = "class" and this.getLocalType() instanceof Class
or
@@ -802,12 +796,6 @@ class LocalTypeDeclStmt extends Stmt, @localtypedeclstmt {
override string getAPrimaryQlClass() { result = "LocalTypeDeclStmt" }
}
/**
* DEPRECATED: Renamed `LocalTypeDeclStmt` to reflect the fact that
* as of Java 16 interfaces can also be declared locally, not just classes.
*/
deprecated class LocalClassDeclStmt = LocalTypeDeclStmt;
/** An explicit `this(...)` constructor invocation. */
class ThisConstructorInvocationStmt extends Stmt, ConstructorCall, @constructorinvocationstmt {
/** Gets an argument of this constructor invocation. */

6
java/ql/lib/semmle/code/java/Type.qll
View File

@@ -828,12 +828,6 @@ class LocalClassOrInterface extends NestedType, ClassOrInterface {
/** Gets the statement that declares this local class. */
LocalTypeDeclStmt getLocalTypeDeclStmt() { isLocalClassOrInterface(this, result) }
/**
* DEPRECATED: renamed `getLocalTypeDeclStmt` to reflect the fact that
* as of Java 16 interfaces can also be declared locally.
*/
deprecated LocalTypeDeclStmt getLocalClassDeclStmt() { result = this.getLocalTypeDeclStmt() }
override string getAPrimaryQlClass() { result = "LocalClassOrInterface" }
}

6
javascript/ql/lib/change-notes/2022-11-17-deleted-deps.md Normal file
View File

@@ -0,0 +1,6 @@
---
category: minorAnalysis
---
* Deleted the deprecated `Instance` class from the `Vue` module.
* Deleted the deprecated `VHtmlSourceWrite` class from `DomBasedXssQuery.qll`.
* Deleted all the deprecated `[QueryName].qll` files from the `javascript/ql/lib/semmle/javascript/security/dataflow` folder, use the corresponding `[QueryName]Query.qll` files instead.

43
javascript/ql/lib/semmle/javascript/frameworks/Vue.qll
View File

@@ -115,11 +115,6 @@ module Vue {
kind = DataFlow::MemberKind::setter() and result = "set"
}
/**
* DEPRECATED. This class has been renamed to `Vue::Component`.
*/
deprecated class Instance = Component;
/**
* A Vue component, such as a `new Vue({ ... })` call or a `.vue` file.
*
@@ -383,23 +378,6 @@ module Vue {
}
}
/**
* DEPRECATED. Use `Vue::Component` instead.
*
* A Vue component from `new Vue({...})`.
*/
deprecated class VueInstance extends Component {
VueInstance() {
// restrict charpred to match original behavior
this = MkComponentInstantiation(vueLibrary().getAnInstantiation())
}
}
/**
* DEPRECATED. Use `Vue::ComponentExtension` or `Vue::Component` instead.
*/
deprecated class ExtendedVue = ComponentExtension;
/**
* A component created via an explicit call to `Vue.extend({...})` or `CustomComponent.extend({...})`.
*/
@@ -429,19 +407,6 @@ module Vue {
}
}
/**
* DEPRECATED. Use `Vue::Component` instead.
*
* An instance of an extended Vue, for example `instance` of `var Ext = Vue.extend({...}); var instance = new Ext({...})`.
*/
deprecated class ExtendedInstance extends Component {
ExtendedInstance() {
// restrict charpred to match original behavior
this =
MkComponentInstantiation(vueLibrary().getMember("extend").getReturn().getAnInstantiation())
}
}
/**
* A Vue component from `Vue.component("my-component", { ... })`.
*/
@@ -568,9 +533,6 @@ module Vue {
}
}
/** DEPRECATED. Do not use. */
deprecated class InstanceHeapStep = PropStep;
/**
* A Vue `v-html` attribute.
*/
@@ -609,11 +571,6 @@ module Vue {
}
}
/**
* DEPRECATED. Do not use.
*/
deprecated class VHtmlSourceWrite = VHtmlAttributeStep;
/*
* Provides classes for working with Vue templates.
*/

7
javascript/ql/lib/semmle/javascript/security/dataflow/BrokenCryptoAlgorithm.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `BrokenCryptoAlgorithmQuery` instead. */
import javascript
private import BrokenCryptoAlgorithmQuery as BrokenCryptoAlgorithmQuery // ignore-query-import
/** DEPRECATED. Import `BrokenCryptoAlgorithmQuery` instead. */
deprecated module BrokenCryptoAlgorithm = BrokenCryptoAlgorithmQuery;

7
javascript/ql/lib/semmle/javascript/security/dataflow/BuildArtifactLeak.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `BuildArtifactLeakQuery` instead. */
import javascript
private import BuildArtifactLeakQuery as BuildArtifactLeakQuery // ignore-query-import
/** DEPRECATED. Import `BuildArtifactLeakQuery` instead. */
deprecated module BuildArtifactLeak = BuildArtifactLeakQuery;

7
javascript/ql/lib/semmle/javascript/security/dataflow/CleartextLogging.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `CleartextLoggingQuery` instead. */
import javascript
private import CleartextLoggingQuery as CleartextLoggingQuery // ignore-query-import
/** DEPRECATED. Import `CleartextLoggingQuery` instead. */
deprecated module CleartextLogging = CleartextLoggingQuery;

7
javascript/ql/lib/semmle/javascript/security/dataflow/CleartextStorage.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `CleartextStorageQuery` instead. */
import javascript
private import CleartextStorageQuery as CleartextStorageQuery // ignore-query-import
/** DEPRECATED. Import `CleartextStorageQuery` instead. */
deprecated module CleartextStorage = CleartextStorageQuery;

8
javascript/ql/lib/semmle/javascript/security/dataflow/ClientSideUrlRedirect.qll
View File

@@ -1,8 +0,0 @@
/** DEPRECATED. Import `ClientSideUrlRedirectQuery` instead. */
import javascript
import UrlConcatenation
private import ClientSideUrlRedirectQuery as ClientSideUrlRedirectQuery // ignore-query-import
/** DEPRECATED. Import `ClientSideUrlRedirectQuery` instead. */
deprecated module ClientSideUrlRedirect = ClientSideUrlRedirectQuery;

7
javascript/ql/lib/semmle/javascript/security/dataflow/CodeInjection.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `CodeInjectionQuery` instead. */
import javascript
private import CodeInjectionQuery as CodeInjectionQuery // ignore-query-import
/** DEPRECATED. Import `CodeInjectionQuery` instead. */
deprecated module CodeInjection = CodeInjectionQuery;

7
javascript/ql/lib/semmle/javascript/security/dataflow/CommandInjection.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `CommandInjectionQuery` instead. */
import javascript
private import CommandInjectionQuery as CommandInjectionQuery // ignore-query-import
/** DEPRECATED. Import `CommandInjectionQuery` instead. */
deprecated module CommandInjection = CommandInjectionQuery;

7
javascript/ql/lib/semmle/javascript/security/dataflow/ConditionalBypass.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `ConditionalBypassQuery` instead. */
import javascript
private import ConditionalBypassQuery as ConditionalBypassQuery // ignore-query-import
/** DEPRECATED. Import `ConditionalBypassQuery` instead. */
deprecated module ConditionalBypass = ConditionalBypassQuery;

7
javascript/ql/lib/semmle/javascript/security/dataflow/CorsMisconfigurationForCredentials.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `CorsMisconfigurationForCredentialsQuery` instead. */
import javascript
private import CorsMisconfigurationForCredentialsQuery as CorsMisconfigurationForCredentialsQuery // ignore-query-import
/** DEPRECATED. Import `CorsMisconfigurationForCredentialsQuery` instead. */
deprecated module CorsMisconfigurationForCredentials = CorsMisconfigurationForCredentialsQuery;

8
javascript/ql/lib/semmle/javascript/security/dataflow/DeepObjectResourceExhaustion.qll
View File

@@ -1,8 +0,0 @@
/** DEPRECATED. Import `DeepObjectResourceExhaustionQuery` instead. */
import javascript
import semmle.javascript.security.TaintedObject
private import DeepObjectResourceExhaustionQuery as DeepObjectResourceExhaustionQuery // ignore-query-import
/** DEPRECATED. Import `DeepObjectResourceExhaustionQuery` instead. */
deprecated module DeepObjectResourceExhaustion = DeepObjectResourceExhaustionQuery;

7
javascript/ql/lib/semmle/javascript/security/dataflow/DifferentKindsComparisonBypass.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `DifferentKindsComparisonBypassQuery` instead. */
import javascript
private import DifferentKindsComparisonBypassQuery as DifferentKindsComparisonBypassQuery // ignore-query-import
/** DEPRECATED. Import `DifferentKindsComparisonBypassQuery` instead. */
deprecated module DifferentKindsComparisonBypass = DifferentKindsComparisonBypassQuery;

7
javascript/ql/lib/semmle/javascript/security/dataflow/DomBasedXss.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `DomBasedXssQuery` instead. */
import javascript
private import DomBasedXssQuery as DomBasedXssQuery // ignore-query-import
/** DEPRECATED. Import `DomBasedXssQuery` instead. */
deprecated module DomBasedXss = DomBasedXssQuery;

5
javascript/ql/lib/semmle/javascript/security/dataflow/DomBasedXssQuery.qll
View File

@@ -8,11 +8,6 @@ private import semmle.javascript.security.TaintedUrlSuffix
import DomBasedXssCustomizations::DomBasedXss
private import Xss::Shared as Shared
/**
* DEPRECATED. Use `Vue::VHtmlSourceWrite` instead.
*/
deprecated class VHtmlSourceWrite = Vue::VHtmlSourceWrite;
/** DEPRECATED. Use `Configuration`. */
deprecated class HtmlInjectionConfiguration = Configuration;

7
javascript/ql/lib/semmle/javascript/security/dataflow/ExceptionXss.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `ExceptionXssQuery` instead. */
import javascript
private import ExceptionXssQuery as ExceptionXssQuery // ignore-query-import
/** DEPRECATED. Import `ExceptionXssQuery` instead. */
deprecated module ExceptionXss = ExceptionXssQuery;

7
javascript/ql/lib/semmle/javascript/security/dataflow/FileAccessToHttp.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `FileAccessToHttpQuery` instead. */
import javascript
private import FileAccessToHttpQuery as FileAccessToHttpQuery // ignore-query-import
/** DEPRECATED. Import `FileAccessToHttpQuery` instead. */
deprecated module FileAccessToHttp = FileAccessToHttpQuery;

7
javascript/ql/lib/semmle/javascript/security/dataflow/HardcodedCredentials.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `HardcodedCredentialsQuery` instead. */
import javascript
private import HardcodedCredentialsQuery as HardcodedCredentialsQuery // ignore-query-import
/** DEPRECATED. Import `HardcodedCredentialsQuery` instead. */
deprecated module HardcodedCredentials = HardcodedCredentialsQuery;

7
javascript/ql/lib/semmle/javascript/security/dataflow/HardcodedDataInterpretedAsCode.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `HardcodedDataInterpretedAsCodeQuery` instead. */
import javascript
private import HardcodedDataInterpretedAsCodeQuery as HardcodedDataInterpretedAsCodeQuery // ignore-query-import
/** DEPRECATED. Import `HardcodedDataInterpretedAsCodeQuery` instead. */
deprecated module HardcodedDataInterpretedAsCode = HardcodedDataInterpretedAsCodeQuery;

7
javascript/ql/lib/semmle/javascript/security/dataflow/HostHeaderPoisoningInEmailGeneration.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `HostHeaderPoisoningInEmailGenerationQuery` instead. */
import javascript
private import HostHeaderPoisoningInEmailGenerationQuery as HostHeaderPoisoningInEmailGenerationQuery // ignore-query-import
/** DEPRECATED. Import `HostHeaderPoisoningInEmailGenerationQuery` instead. */
deprecated module HostHeaderPoisoningInEmailGeneration = HostHeaderPoisoningInEmailGenerationQuery;

7
javascript/ql/lib/semmle/javascript/security/dataflow/HttpToFileAccess.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `HttpToFileAccessQuery` instead. */
import javascript
private import HttpToFileAccessQuery as HttpToFileAccessQuery // ignore-query-import
/** DEPRECATED. Import `HttpToFileAccessQuery` instead. */
deprecated module HttpToFileAccess = HttpToFileAccessQuery;

7
javascript/ql/lib/semmle/javascript/security/dataflow/ImproperCodeSanitization.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `ImproperCodeSanitizationQuery` instead. */
import javascript
private import ImproperCodeSanitizationQuery as ImproperCodeSanitizationQuery // ignore-query-import
/** DEPRECATED. Import `ImproperCodeSanitizationQuery` instead. */
deprecated module ImproperCodeSanitization = ImproperCodeSanitizationQuery;

7
javascript/ql/lib/semmle/javascript/security/dataflow/IncompleteHtmlAttributeSanitization.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `IncompleteHtmlAttributeSanitizationQuery` instead. */
import javascript
private import IncompleteHtmlAttributeSanitizationQuery as IncompleteHtmlAttributeSanitizationQuery // ignore-query-import
/** DEPRECATED. Import `IncompleteHtmlAttributeSanitizationQuery` instead. */
deprecated module IncompleteHtmlAttributeSanitization = IncompleteHtmlAttributeSanitizationQuery;

7
javascript/ql/lib/semmle/javascript/security/dataflow/IndirectCommandInjection.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `IndirectCommandInjectionQuery` instead. */
import javascript
private import IndirectCommandInjectionQuery as IndirectCommandInjectionQuery // ignore-query-import
/** DEPRECATED. Import `IndirectCommandInjectionQuery` instead. */
deprecated module IndirectCommandInjection = IndirectCommandInjectionQuery;

7
javascript/ql/lib/semmle/javascript/security/dataflow/InsecureDownload.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `InsecureDownloadQuery` instead. */
import javascript
private import InsecureDownloadQuery as InsecureDownloadQuery // ignore-query-import
/** DEPRECATED. Import `InsecureDownloadQuery` instead. */
deprecated module InsecureDownload = InsecureDownloadQuery;

7
javascript/ql/lib/semmle/javascript/security/dataflow/InsecureRandomness.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `InsecureRandomnessQuery` instead. */
import javascript
private import InsecureRandomnessQuery as InsecureRandomnessQuery // ignore-query-import
/** DEPRECATED. Import `InsecureRandomnessQuery` instead. */
deprecated module InsecureRandomness = InsecureRandomnessQuery;

7
javascript/ql/lib/semmle/javascript/security/dataflow/InsufficientPasswordHash.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `InsufficientPasswordHashQuery` instead. */
import javascript
private import InsufficientPasswordHashQuery as InsufficientPasswordHashQuery // ignore-query-import
/** DEPRECATED. Import `InsufficientPasswordHashQuery` instead. */
deprecated module InsufficientPasswordHash = InsufficientPasswordHashQuery;

7
javascript/ql/lib/semmle/javascript/security/dataflow/LogInjection.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `LogInjectionQuery` instead. */
import javascript
private import LogInjectionQuery as LogInjectionQuery // ignore-query-import
/** DEPRECATED. Import `LogInjectionQuery` instead. */
deprecated module LogInjection = LogInjectionQuery;

8
javascript/ql/lib/semmle/javascript/security/dataflow/LoopBoundInjection.qll
View File

@@ -1,8 +0,0 @@
/** DEPRECATED. Import `LoopBoundInjectionQuery` instead. */
import javascript
import semmle.javascript.security.TaintedObject
private import LoopBoundInjectionQuery as LoopBoundInjectionQuery // ignore-query-import
/** DEPRECATED. Import `LoopBoundInjectionQuery` instead. */
deprecated module LoopBoundInjection = LoopBoundInjectionQuery;

8
javascript/ql/lib/semmle/javascript/security/dataflow/NosqlInjection.qll
View File

@@ -1,8 +0,0 @@
/** DEPRECATED. Import `NosqlInjectionQuery` instead. */
import javascript
import semmle.javascript.security.TaintedObject
private import NosqlInjectionQuery as NosqlInjectionQuery // ignore-query-import
/** DEPRECATED. Import `NosqlInjectionQuery` instead. */
deprecated module NosqlInjection = NosqlInjectionQuery;

7
javascript/ql/lib/semmle/javascript/security/dataflow/PostMessageStar.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `PostMessageStarQuery` instead. */
import javascript
private import PostMessageStarQuery as PostMessageStarQuery // ignore-query-import
/** DEPRECATED. Import `PostMessageStarQuery` instead. */
deprecated module PostMessageStar = PostMessageStarQuery;

6
javascript/ql/lib/semmle/javascript/security/dataflow/PrototypePollutingAssignment.qll
View File

@@ -1,6 +0,0 @@
/** DEPRECATED. Import `PrototypePollutingAssignmentQuery` instead. */
private import PrototypePollutingAssignmentQuery as PrototypePollutingAssignmentQuery // ignore-query-import
/** DEPRECATED. Import `PrototypePollutingAssignmentQuery` instead. */
deprecated module PrototypePollutingAssignment = PrototypePollutingAssignmentQuery;

10
javascript/ql/lib/semmle/javascript/security/dataflow/PrototypePollution.qll
View File

@@ -1,10 +0,0 @@
/** DEPRECATED. Import `PrototypePollutionQuery` instead. */
import javascript
import semmle.javascript.security.TaintedObject
import semmle.javascript.dependencies.Dependencies
import semmle.javascript.dependencies.SemVer
private import PrototypePollutionQuery as PrototypePollutionQuery // ignore-query-import
/** DEPRECATED. Import `PrototypePollutionQuery` instead. */
deprecated module PrototypePollution = PrototypePollutionQuery;

7
javascript/ql/lib/semmle/javascript/security/dataflow/ReflectedXss.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `ReflectedXssQuery` instead. */
import javascript
private import ReflectedXssQuery as ReflectedXssQuery // ignore-query-import
/** DEPRECATED. Import `ReflectedXssQuery` instead. */
deprecated module ReflectedXss = ReflectedXssQuery;

7
javascript/ql/lib/semmle/javascript/security/dataflow/RegExpInjection.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `RegExpInjectionQuery` instead. */
import javascript
private import RegExpInjectionQuery as RegExpInjectionQuery // ignore-query-import
/** DEPRECATED. Import `RegExpInjectionQuery` instead. */
deprecated module RegExpInjection = RegExpInjectionQuery;

7
javascript/ql/lib/semmle/javascript/security/dataflow/RemotePropertyInjection.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `RemotePropertyInjectionQuery` instead. */
import javascript
private import RemotePropertyInjectionQuery as RemotePropertyInjectionQuery // ignore-query-import
/** DEPRECATED. Import `RemotePropertyInjectionQuery` instead. */
deprecated module RemotePropertyInjection = RemotePropertyInjectionQuery;

8
javascript/ql/lib/semmle/javascript/security/dataflow/RequestForgery.qll
View File

@@ -1,8 +0,0 @@
/** DEPRECATED. Import `RequestForgeryQuery` instead. */
import javascript
import UrlConcatenation
private import RequestForgeryQuery as RequestForgeryQuery // ignore-query-import
/** DEPRECATED. Import `RequestForgeryQuery` instead. */
deprecated module RequestForgery = RequestForgeryQuery;

9
javascript/ql/lib/semmle/javascript/security/dataflow/ServerSideUrlRedirect.qll
View File

@@ -1,9 +0,0 @@
/** DEPRECATED. Import `ServerSideUrlRedirectQuery` instead. */
import javascript
import RemoteFlowSources
import UrlConcatenation
private import ServerSideUrlRedirectQuery as ServerSideUrlRedirectQuery // ignore-query-import
/** DEPRECATED. Import `ServerSideUrlRedirectQuery` instead. */
deprecated module ServerSideUrlRedirect = ServerSideUrlRedirectQuery;

7
javascript/ql/lib/semmle/javascript/security/dataflow/ShellCommandInjectionFromEnvironment.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `ShellCommandInjectionFromEnvironmentQuery` instead. */
import javascript
private import ShellCommandInjectionFromEnvironmentQuery as ShellCommandInjectionFromEnvironmentQuery // ignore-query-import
/** DEPRECATED. Import `ShellCommandInjectionFromEnvironmentQuery` instead. */
deprecated module ShellCommandInjectionFromEnvironment = ShellCommandInjectionFromEnvironmentQuery;

7
javascript/ql/lib/semmle/javascript/security/dataflow/SqlInjection.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `SqlInjectionQuery` instead. */
import javascript
private import SqlInjectionQuery as SqlInjectionQuery // ignore-query-import
/** DEPRECATED. Import `SqlInjectionQuery` instead. */
deprecated module SqlInjection = SqlInjectionQuery;

7
javascript/ql/lib/semmle/javascript/security/dataflow/StackTraceExposure.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `StackTraceExposureQuery` instead. */
import javascript
private import StackTraceExposureQuery as StackTraceExposureQuery // ignore-query-import
/** DEPRECATED. Import `StackTraceExposureQuery` instead. */
deprecated module StackTraceExposure = StackTraceExposureQuery;

7
javascript/ql/lib/semmle/javascript/security/dataflow/StoredXss.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `StoredXssQuery` instead. */
import javascript
private import StoredXssQuery as StoredXssQuery // ignore-query-import
/** DEPRECATED. Import `StoredXssQuery` instead. */
deprecated module StoredXss = StoredXssQuery;

8
javascript/ql/lib/semmle/javascript/security/dataflow/TaintedFormatString.qll
View File

@@ -1,8 +0,0 @@
/** DEPRECATED. Import `TaintedFormatStringQuery` instead. */
import javascript
import semmle.javascript.security.dataflow.DOM
private import TaintedFormatStringQuery as TaintedFormatStringQuery // ignore-query-import
/** DEPRECATED. Import `TaintedFormatStringQuery` instead. */
deprecated module TaintedFormatString = TaintedFormatStringQuery;

7
javascript/ql/lib/semmle/javascript/security/dataflow/TaintedPath.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `TaintedPathQuery` instead. */
import javascript
private import TaintedPathQuery as TaintedPathQuery // ignore-query-import
/** DEPRECATED. Import `TaintedPathQuery` instead. */
deprecated module TaintedPath = TaintedPathQuery;

7
javascript/ql/lib/semmle/javascript/security/dataflow/TemplateObjectInjection.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `TemplateObjectInjectionQuery` instead. */
import javascript
private import TemplateObjectInjectionQuery as TemplateObjectInjectionQuery // ignore-query-import
/** DEPRECATED. Import `TemplateObjectInjectionQuery` instead. */
deprecated module TemplateObjectInjection = TemplateObjectInjectionQuery;

8
javascript/ql/lib/semmle/javascript/security/dataflow/TypeConfusionThroughParameterTampering.qll
View File

@@ -1,8 +0,0 @@
/** DEPRECATED. Import `TypeConfusionThroughParameterTamperingQuery` instead. */
import javascript
private import TypeConfusionThroughParameterTamperingQuery as TypeConfusionThroughParameterTamperingQuery // ignore-query-import
/** DEPRECATED. Import `TypeConfusionThroughParameterTamperingQuery` instead. */
deprecated module TypeConfusionThroughParameterTampering =
TypeConfusionThroughParameterTamperingQuery;

7
javascript/ql/lib/semmle/javascript/security/dataflow/UnsafeDeserialization.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `UnsafeDeserializationQuery` instead. */
import javascript
private import UnsafeDeserializationQuery as UnsafeDeserializationQuery // ignore-query-import
/** DEPRECATED. Import `UnsafeDeserializationQuery` instead. */
deprecated module UnsafeDeserialization = UnsafeDeserializationQuery;

8
javascript/ql/lib/semmle/javascript/security/dataflow/UnsafeDynamicMethodAccess.qll
View File

@@ -1,8 +0,0 @@
/** DEPRECATED. Import `UnsafeDynamicMethodAccessQuery` instead. */
import javascript
import PropertyInjectionShared
private import UnsafeDynamicMethodAccessQuery as UnsafeDynamicMethodAccessQuery // ignore-query-import
/** DEPRECATED. Import `UnsafeDynamicMethodAccessQuery` instead. */
deprecated module UnsafeDynamicMethodAccess = UnsafeDynamicMethodAccessQuery;

7
javascript/ql/lib/semmle/javascript/security/dataflow/UnsafeHtmlConstruction.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `UnsafeHtmlConstructionQuery` instead. */
import javascript
private import UnsafeHtmlConstructionQuery as UnsafeHtmlConstructionQuery // ignore-query-import
/** DEPRECATED. Import `UnsafeHtmlConstructionQuery` instead. */
deprecated module UnsafeHtmlConstruction = UnsafeHtmlConstructionQuery;

8
javascript/ql/lib/semmle/javascript/security/dataflow/UnsafeJQueryPlugin.qll
View File

@@ -1,8 +0,0 @@
/** DEPRECATED. Import `UnsafeJQueryPluginQuery` instead. */
import javascript
import semmle.javascript.security.dataflow.Xss
private import UnsafeJQueryPluginQuery as UnsafeJQueryPluginQuery // ignore-query-import
/** DEPRECATED. Import `UnsafeJQueryPluginQuery` instead. */
deprecated module UnsafeJQueryPlugin = UnsafeJQueryPluginQuery;

7
javascript/ql/lib/semmle/javascript/security/dataflow/UnsafeShellCommandConstruction.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `UnsafeShellCommandConstructionQuery` instead. */
import javascript
private import UnsafeShellCommandConstructionQuery as UnsafeShellCommandConstructionQuery // ignore-query-import
/** DEPRECATED. Import `UnsafeShellCommandConstructionQuery` instead. */
deprecated module UnsafeShellCommandConstruction = UnsafeShellCommandConstructionQuery;

9
javascript/ql/lib/semmle/javascript/security/dataflow/UnvalidatedDynamicMethodCall.qll
View File

@@ -1,9 +0,0 @@
/** DEPRECATED. Import `UnvalidatedDynamicMethodCallQuery` instead. */
import javascript
import semmle.javascript.frameworks.Express
import PropertyInjectionShared
private import UnvalidatedDynamicMethodCallQuery as UnvalidatedDynamicMethodCallQuery // ignore-query-import
/** DEPRECATED. Import `UnvalidatedDynamicMethodCallQuery` instead. */
deprecated module UnvalidatedDynamicMethodCall = UnvalidatedDynamicMethodCallQuery;

7
javascript/ql/lib/semmle/javascript/security/dataflow/XmlBomb.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `XmlBombQuery` instead. */
import javascript
private import XmlBombQuery as XmlBombQuery // ignore-query-import
/** DEPRECATED. Import `XmlBombQuery` instead. */
deprecated module XmlBomb = XmlBombQuery;

8
javascript/ql/lib/semmle/javascript/security/dataflow/XpathInjection.qll
View File

@@ -1,8 +0,0 @@
/** DEPRECATED. Import `XpathInjectionQuery` instead. */
import javascript
import semmle.javascript.security.dataflow.DOM
private import XpathInjectionQuery as XpathInjectionQuery // ignore-query-import
/** DEPRECATED. Import `XpathInjectionQuery` instead. */
deprecated module XpathInjection = XpathInjectionQuery;

7
javascript/ql/lib/semmle/javascript/security/dataflow/XssThroughDom.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `XssThroughDomQuery` instead. */
import javascript
private import XssThroughDomQuery as XssThroughDomQuery // ignore-query-import
/** DEPRECATED. Import `XssThroughDomQuery` instead. */
deprecated module XssThroughDom = XssThroughDomQuery;

7
javascript/ql/lib/semmle/javascript/security/dataflow/Xxe.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `XxeQuery` instead. */
import javascript
private import XxeQuery as XxeQuery // ignore-query-import
/** DEPRECATED. Import `XxeQuery` instead. */
deprecated module Xxe = XxeQuery;

7
javascript/ql/lib/semmle/javascript/security/dataflow/ZipSlip.qll
View File

@@ -1,7 +0,0 @@
/** DEPRECATED. Import `ZipSlipQuery` instead. */
import javascript
private import ZipSlipQuery as ZipSlipQuery // ignore-query-import
/** DEPRECATED. Import `ZipSlipQuery` instead. */
deprecated module ZipSlip = ZipSlipQuery;

6
javascript/ql/test/experimental/PoI/CommandInjectionPoIConfiguration.ql
View File

@@ -4,9 +4,9 @@
import javascript
import experimental.poi.PoI
import semmle.javascript.security.dataflow.CommandInjection
import semmle.javascript.security.dataflow.IndirectCommandInjection
import semmle.javascript.security.dataflow.ShellCommandInjectionFromEnvironment
import semmle.javascript.security.dataflow.CommandInjectionQuery as CommandInjection
import semmle.javascript.security.dataflow.IndirectCommandInjectionQuery as IndirectCommandInjection
import semmle.javascript.security.dataflow.ShellCommandInjectionFromEnvironmentQuery as ShellCommandInjectionFromEnvironment
class MyDataFlowConfigurationPoIs extends DataFlowConfigurationPoI, ActivePoI { }

2
javascript/ql/test/experimental/PoI/TaintedPathPoIConfiguration.ql
View File

@@ -4,7 +4,7 @@
import javascript
import experimental.poi.PoI
import semmle.javascript.security.dataflow.TaintedPath
import semmle.javascript.security.dataflow.TaintedPathQuery as TaintedPath
class MyDataflowRelatedPoIs extends DataFlowConfigurationPoI, ActivePoI { }

8
javascript/ql/test/experimental/PoI/XssPoIConfiguration.ql
View File

@@ -4,10 +4,10 @@
import javascript
import experimental.poi.PoI
import semmle.javascript.security.dataflow.ReflectedXss
import semmle.javascript.security.dataflow.StoredXss
import semmle.javascript.security.dataflow.DomBasedXss
import semmle.javascript.security.dataflow.ExceptionXss
import semmle.javascript.security.dataflow.ReflectedXssQuery as ReflectedXss
import semmle.javascript.security.dataflow.StoredXssQuery as StoredXss
import semmle.javascript.security.dataflow.DomBasedXssQuery as DomBasedXss
import semmle.javascript.security.dataflow.ExceptionXssQuery as ExceptionXss
class MyDataFlowConfigurationPoIs extends DataFlowConfigurationPoI, ActivePoI { }

4
javascript/ql/test/library-tests/frameworks/Nest/Consistency.ql
View File

@@ -1,3 +1,3 @@
import testUtilities.ConsistencyChecking
import semmle.javascript.security.dataflow.ReflectedXss
import semmle.javascript.security.dataflow.ServerSideUrlRedirect
import semmle.javascript.security.dataflow.ReflectedXssQuery as ReflectedXss
import semmle.javascript.security.dataflow.ServerSideUrlRedirectQuery as ServerSideUrlRedirect

10
javascript/ql/test/query-tests/Security/CWE-078/Consistency.ql
View File

@@ -1,10 +1,10 @@
import javascript
import testUtilities.ConsistencyChecking
import semmle.javascript.security.dataflow.CommandInjection
import semmle.javascript.security.dataflow.IndirectCommandInjection
import semmle.javascript.security.dataflow.ShellCommandInjectionFromEnvironment
import semmle.javascript.security.dataflow.UnsafeShellCommandConstruction
import semmle.javascript.security.dataflow.SecondOrderCommandInjectionQuery
import semmle.javascript.security.dataflow.CommandInjectionQuery as CommandInjection
import semmle.javascript.security.dataflow.IndirectCommandInjectionQuery as IndirectCommandInjection
import semmle.javascript.security.dataflow.ShellCommandInjectionFromEnvironmentQuery as ShellCommandInjectionFromEnvironment
import semmle.javascript.security.dataflow.UnsafeShellCommandConstructionQuery as UnsafeShellCommandConstruction
import semmle.javascript.security.dataflow.SecondOrderCommandInjectionQuery as SecondOrderCommandInjectionQuery
class CommandInjectionConsistency extends ConsistencyConfiguration {
CommandInjectionConsistency() { this = "ComandInjection" }

2
javascript/ql/test/query-tests/Security/CWE-079/ExceptionXss/ConsistencyExceptionXss.ql
View File

@@ -1,3 +1,3 @@
import javascript
import testUtilities.ConsistencyChecking
import semmle.javascript.security.dataflow.ExceptionXss as ExceptionXss
import semmle.javascript.security.dataflow.ExceptionXssQuery as ExceptionXss

2
javascript/ql/test/query-tests/Security/CWE-079/ReflectedXss/ConsistencyReflectedXss.ql
View File

@@ -1,3 +1,3 @@
import javascript
import testUtilities.ConsistencyChecking
import semmle.javascript.security.dataflow.ReflectedXss as ReflectedXss
import semmle.javascript.security.dataflow.ReflectedXssQuery as ReflectedXss

2
javascript/ql/test/query-tests/Security/CWE-079/StoredXss/ConsistencyStoredXss.ql
View File

@@ -1,3 +1,3 @@
import javascript
import testUtilities.ConsistencyChecking
import semmle.javascript.security.dataflow.StoredXss as StoredXss
import semmle.javascript.security.dataflow.StoredXssQuery as StoredXss

2
javascript/ql/test/query-tests/Security/CWE-079/UnsafeHtmlConstruction/ConsistencyUnsafeHtmlConstruction.ql
View File

@@ -1,3 +1,3 @@
import javascript
import testUtilities.ConsistencyChecking
import semmle.javascript.security.dataflow.UnsafeHtmlConstruction as UnsafeHtmlConstruction
import semmle.javascript.security.dataflow.UnsafeHtmlConstructionQuery as UnsafeHtmlConstruction

2
javascript/ql/test/query-tests/Security/CWE-079/UnsafeJQueryPlugin/ConsistencyUnsafeJQueryPlugin.ql
View File

@@ -1,3 +1,3 @@
import javascript
import testUtilities.ConsistencyChecking
import semmle.javascript.security.dataflow.UnsafeJQueryPlugin as UnsafeJqueryPlugin
import semmle.javascript.security.dataflow.UnsafeJQueryPluginQuery as UnsafeJqueryPlugin

2
javascript/ql/test/query-tests/Security/CWE-079/XssThroughDom/ConsistencyXssThroughDom.ql
View File

@@ -1,3 +1,3 @@
import javascript
import testUtilities.ConsistencyChecking
import semmle.javascript.security.dataflow.XssThroughDom as ThroughDomXss
import semmle.javascript.security.dataflow.XssThroughDomQuery as ThroughDomXss

4
javascript/ql/test/query-tests/Security/CWE-089/untyped/Consistency.ql
View File

@@ -1,4 +1,4 @@
import javascript
import testUtilities.ConsistencyChecking
import semmle.javascript.security.dataflow.SqlInjection
import semmle.javascript.security.dataflow.NosqlInjection
import semmle.javascript.security.dataflow.SqlInjectionQuery as SqlInjection
import semmle.javascript.security.dataflow.NosqlInjectionQuery as NosqlInjection

7
python/ql/lib/change-notes/2022-11-17-deleted-deps.md Normal file
View File

@@ -0,0 +1,7 @@
---
category: minorAnalysis
---
* Deleted the deprecated `importNode` predicate from the `DataFlowUtil.qll` file.
* Deleted the deprecated features from `PEP249.qll` that were not inside the `PEP249` module.
* Deleted the deprecated `werkzeug` from the `Werkzeug` module in `Werkzeug.qll`.
* Deleted the deprecated `methodResult` predicate from `PEP249::Cursor`.

64
python/ql/lib/semmle/python/dataflow/new/internal/DataFlowUtil.qll
View File

@@ -26,67 +26,3 @@ predicate localFlowStep(Node nodeFrom, Node nodeTo) {
*/
pragma[inline]
predicate localFlow(Node source, Node sink) { localFlowStep*(source, sink) }
/**
* DEPRECATED. Use the API graphs library (`semmle.python.ApiGraphs`) instead.
*
* For a drop-in replacement, use `API::moduleImport(name).getAUse()`.
*
* Gets a `Node` that refers to the module referenced by `name`.
* Note that for the statement `import pkg.mod`, the new variable introduced is `pkg` that is a
* reference to the module `pkg`.
*
* This predicate handles (with optional `... as <new-name>`):
* 1. `import <name>`
* 2. `from <package> import <module>` when `<name> = <package> + "." + <module>`
* 3. `from <module> import <member>` when `<name> = <module> + "." + <member>`
*
* Finally, in `from <module> import <member>` we consider the `ImportExpr` corresponding to
* `<module>` to be a reference to that module.
*
* Note:
* While it is technically possible that `import mypkg.foo` and `from mypkg import foo` can give different values,
* it's highly unlikely that this will be a problem in production level code.
* Example: If `mypkg/__init__.py` contains `foo = 42`, then `from mypkg import foo` will not import the module
* `mypkg/foo.py` but the variable `foo` containing `42` -- however, `import mypkg.foo` will always cause `mypkg.foo`
* to refer to the module.
*/
deprecated Node importNode(string name) {
exists(Variable var, Import imp, Alias alias |
alias = imp.getAName() and
alias.getAsname() = var.getAStore() and
(
name = alias.getValue().(ImportMember).getImportedModuleName()
or
name = alias.getValue().(ImportExpr).getImportedModuleName()
) and
result.asExpr() = alias.getValue()
)
or
// Although it may seem superfluous to consider the `foo` part of `from foo import bar as baz` to
// be a reference to a module (since that reference only makes sense locally within the `import`
// statement), it's important for our use of type trackers to consider this local reference to
// also refer to the `foo` module. That way, if one wants to track references to the `bar`
// attribute using a type tracker, one can simply write
//
// ```ql
// DataFlow::Node bar_attr_tracker(TypeTracker t) {
// t.startInAttr("bar") and
// result = foo_module_tracker()
// or
// exists(TypeTracker t2 | result = bar_attr_tracker(t2).track(t2, t))
// }
// ```
//
// Where `foo_module_tracker` is a type tracker that tracks references to the `foo` module.
// Because named imports are modeled as `AttrRead`s, the statement `from foo import bar as baz`
// is interpreted as if it was an assignment `baz = foo.bar`, which means `baz` gets tracked as a
// reference to `foo.bar`, as desired.
exists(ImportExpr imp_expr |
imp_expr.getName() = name and
result.asCfgNode().getNode() = imp_expr and
// in `import foo.bar` we DON'T want to give a result for `importNode("foo.bar")`,
// only for `importNode("foo")`. We exclude those cases with the following clause.
not exists(Import imp | imp.getAName().getValue() = imp_expr)
)
}

179
python/ql/lib/semmle/python/frameworks/PEP249.qll
View File

@@ -8,29 +8,170 @@ private import semmle.python.dataflow.new.DataFlow
private import semmle.python.dataflow.new.RemoteFlowSources
private import semmle.python.Concepts
private import semmle.python.ApiGraphs
import semmle.python.frameworks.internal.PEP249Impl
/**
* DEPRECATED: Use `PEP249::PEP249ModuleApiNode` instead.
* Provides classes modeling database interfaces following PEP 249.
* See https://www.python.org/dev/peps/pep-0249/.
*/
deprecated class PEP249ModuleApiNode = PEP249::PEP249ModuleApiNode;
module PEP249 {
/**
* An API graph node representing a module that implements PEP 249.
*/
abstract class PEP249ModuleApiNode extends API::Node {
/** Gets a string representation of this element. */
override string toString() { result = this.(API::Node).toString() }
}
/**
* DEPRECATED: Use `PEP249::Connection` instead.
*/
deprecated module Connection = PEP249::Connection;
/** Gets a reference to the `connect` function of a module that implements PEP 249. */
DataFlow::Node connect() {
result = any(PEP249ModuleApiNode a).getMember("connect").getAValueReachableFromSource()
}
/**
* DEPRECATED: Use `PEP249::Cursor` instead.
*/
deprecated module cursor = PEP249::Cursor;
/**
* Provides models for database connections (following PEP 249).
*
* See https://www.python.org/dev/peps/pep-0249/#connection-objects.
*/
module Connection {
/**
* A source of database connections (following PEP 249), extend this class to model new instances.
*
* This can include instantiations of the class, return values from function
* calls, or a special parameter that will be set when functions are called by external
* libraries.
*
* Use the predicate `Connection::instance()` to get references to database connections (following PEP 249).
*
* Extend this class if the module implementing PEP 249 offers more direct ways to obtain
* a connection than going through `connect`.
*/
abstract class InstanceSource extends DataFlow::Node { }
/**
* DEPRECATED: Use `PEP249::execute` instead.
*/
deprecated predicate execute = PEP249::execute/0;
/** A call to the `connect` function of a module that implements PEP 249. */
private class ConnectCall extends InstanceSource, DataFlow::CallCfgNode {
ConnectCall() { this.getFunction() = connect() }
}
/**
* DEPRECATED: Use `PEP249::connect` instead.
*/
deprecated predicate connect = PEP249::connect/0;
/** Gets a reference to a database connection (following PEP 249). */
private DataFlow::TypeTrackingNode instance(DataFlow::TypeTracker t) {
t.start() and
result instanceof InstanceSource
or
exists(DataFlow::TypeTracker t2 | result = instance(t2).track(t2, t))
}
/** Gets a reference to a database connection (following PEP 249). */
DataFlow::Node instance() { instance(DataFlow::TypeTracker::end()).flowsTo(result) }
}
/**
* Provides models for database cursors (following PEP 249).
*
* These are returned by the `cursor` method on a database connection.
* See https://www.python.org/dev/peps/pep-0249/#cursor.
*/
module Cursor {
/**
* A source of database cursors (following PEP 249), extend this class to model new instances.
*
* This can include instantiations of the class, return values from function
* calls, or a special parameter that will be set when functions are called by external
* libraries.
*
* Use the predicate `Cursor::instance()` to get references to database cursors (following PEP 249).
*
* Extend this class if the module implementing PEP 249 offers more direct ways to obtain
* a connection than going through `connect`.
*/
abstract class InstanceSource extends DataFlow::LocalSourceNode { }
/** Gets a reference to a database cursor. */
private DataFlow::TypeTrackingNode instance(DataFlow::TypeTracker t) {
t.start() and
result instanceof InstanceSource
or
exists(DataFlow::TypeTracker t2 | result = instance(t2).track(t2, t))
}
/** Gets a reference to a database cursor. */
DataFlow::Node instance() { instance(DataFlow::TypeTracker::end()).flowsTo(result) }
/** Gets a reference to the `cursor` method on a database connection. */
private DataFlow::TypeTrackingNode methodRef(DataFlow::TypeTracker t) {
t.startInAttr("cursor") and
result = Connection::instance()
or
exists(DataFlow::TypeTracker t2 | result = methodRef(t2).track(t2, t))
}
/** Gets a reference to the `cursor` method on a database connection. */
DataFlow::Node methodRef() { methodRef(DataFlow::TypeTracker::end()).flowsTo(result) }
/** A call to the `cursor` method on a database connection */
private class CursorCall extends InstanceSource, DataFlow::CallCfgNode {
CursorCall() { this.getFunction() = methodRef() }
}
}
/**
* Gets a reference to the `execute` method on a cursor (or on a connection).
*
* Note: while `execute` method on a connection is not part of PEP249, if it is used, we
* recognize it as an alias for constructing a cursor and calling `execute` on it.
*
* See https://peps.python.org/pep-0249/#execute.
*/
private DataFlow::TypeTrackingNode execute(DataFlow::TypeTracker t) {
t.startInAttr("execute") and
result in [Cursor::instance(), Connection::instance()]
or
exists(DataFlow::TypeTracker t2 | result = execute(t2).track(t2, t))
}
/**
* Gets a reference to the `execute` method on a cursor (or on a connection).
*
* Note: while `execute` method on a connection is not part of PEP249, if it is used, we
* recognize it as an alias for constructing a cursor and calling `execute` on it.
*
* See https://peps.python.org/pep-0249/#execute.
*/
DataFlow::Node execute() { execute(DataFlow::TypeTracker::end()).flowsTo(result) }
/**
* A call to the `execute` method on a cursor or a connection.
*
* See https://peps.python.org/pep-0249/#execute
*
* Note: While `execute` method on a connection is not part of PEP249, if it is used, we
* recognize it as an alias for constructing a cursor and calling `execute` on it.
*/
private class ExecuteCall extends SqlExecution::Range, DataFlow::CallCfgNode {
ExecuteCall() { this.getFunction() = execute() }
override DataFlow::Node getSql() { result in [this.getArg(0), this.getArgByName("sql")] }
}
private DataFlow::TypeTrackingNode executemany(DataFlow::TypeTracker t) {
t.startInAttr("executemany") and
result in [Cursor::instance(), Connection::instance()]
or
exists(DataFlow::TypeTracker t2 | result = executemany(t2).track(t2, t))
}
private DataFlow::Node executemany() { executemany(DataFlow::TypeTracker::end()).flowsTo(result) }
/**
* A call to the `executemany` method on a cursor or a connection.
*
* See https://peps.python.org/pep-0249/#executemany
*
* Note: While `executemany` method on a connection is not part of PEP249, if it is used, we
* recognize it as an alias for constructing a cursor and calling `executemany` on it.
*/
private class ExecutemanyCall extends SqlExecution::Range, DataFlow::CallCfgNode {
ExecutemanyCall() { this.getFunction() = executemany() }
override DataFlow::Node getSql() { result in [this.getArg(0), this.getArgByName("sql")] }
}
}

115
python/ql/lib/semmle/python/frameworks/Werkzeug.qll
View File

@@ -231,119 +231,4 @@ module Werkzeug {
override string getAsyncMethodName() { none() }
}
}
import WerkzeugOld
}
/**
* Old version that contains the deprecated modules.
*/
private module WerkzeugOld {
/**
* DEPRECATED: Use the modeling available directly in the `Werkzeug` module instead.
*
* Provides models for the `werkzeug` module.
*/
deprecated module werkzeug {
/**
* DEPRECATED: Use the modeling available directly in the `Werkzeug` module instead.
*
* Provides models for the `werkzeug.datastructures` module.
*/
deprecated module datastructures {
/**
* DEPRECATED: Use `Werkzeug::MultiDict` instead.
*
* Provides models for the `werkzeug.datastructures.MultiDict` class
*
* See https://werkzeug.palletsprojects.com/en/1.0.x/datastructures/#werkzeug.datastructures.MultiDict.
*/
deprecated module MultiDict {
/**
* DEPRECATED. Use `Werkzeug::MultiDict::InstanceSource` instead.
*
* A source of instances of `werkzeug.datastructures.MultiDict`, extend this class to model new instances.
*
* This can include instantiations of the class, return values from function
* calls, or a special parameter that will be set when functions are called by an external
* library.
*
* Use the predicate `MultiDict::instance()` to get references to instances of `werkzeug.datastructures.MultiDict`.
*/
abstract deprecated class InstanceSourceApiNode extends API::Node { }
/**
* DEPRECATED
*
* Gets a reference to the `getlist` method on an instance of `werkzeug.datastructures.MultiDict`.
*
* See https://werkzeug.palletsprojects.com/en/1.0.x/datastructures/#werkzeug.datastructures.Headers.getlist
*/
deprecated DataFlow::Node getlist() {
result = any(InstanceSourceApiNode a).getMember("getlist").getAValueReachableFromSource()
}
private class MultiDictAdditionalTaintStep extends TaintTracking::AdditionalTaintStep {
override predicate step(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) {
// obj -> obj.getlist
exists(DataFlow::AttrRead read |
read.getObject() = nodeFrom and
nodeTo = read and
nodeTo = getlist()
)
or
// getlist -> getlist()
nodeFrom = getlist() and
nodeTo.(DataFlow::CallCfgNode).getFunction() = nodeFrom
}
}
}
/**
* DEPRECATED: Use `Werkzeug::FileStorage` instead.
*
* Provides models for the `werkzeug.datastructures.FileStorage` class
*
* See https://werkzeug.palletsprojects.com/en/1.0.x/datastructures/#werkzeug.datastructures.FileStorage.
*/
deprecated module FileStorage {
/**
* DEPRECATED. Use `Werkzeug::FileStorage::InstanceSource` instead.
*
* A source of instances of `werkzeug.datastructures.FileStorage`, extend this class to model new instances.
*
* This can include instantiations of the class, return values from function
* calls, or a special parameter that will be set when functions are called by an external
* library.
*
* Use the predicate `FileStorage::instance()` to get references to instances of `werkzeug.datastructures.FileStorage`.
*/
abstract deprecated class InstanceSourceApiNode extends API::Node { }
/** Gets a reference to an instance of `werkzeug.datastructures.FileStorage`. */
deprecated DataFlow::Node instance() {
result = any(InstanceSourceApiNode a).getAValueReachableFromSource()
}
private class FileStorageAdditionalTaintStep extends TaintTracking::AdditionalTaintStep {
override predicate step(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) {
nodeFrom = instance() and
exists(DataFlow::AttrRead read | nodeTo = read |
read.getAttributeName() in [
// str
"filename", "name", "content_type", "mimetype",
// file-like
"stream",
// TODO: werkzeug.datastructures.Headers
"headers",
// dict[str, str]
"mimetype_params"
] and
read.getObject() = nodeFrom
)
}
}
}
}
}
}

204
python/ql/lib/semmle/python/frameworks/internal/PEP249Impl.qll
View File

@@ -1,204 +0,0 @@
/**
* INTERNAL: Do not use.
*
* Provides internal implementation of PEP249. This currently resides in a different
* file than `python/ql/src/semmle/python/frameworks/PEP249.qll`, since we used to
* export everything without being encapsulated in a module, and shadowing rules means
* that we can't just add the module directly to that file :(
*
* So once we can remove those deprecated things (Start of July 2022), we can also move
* the core implementation into its' proper place.
*
* Provides classes modeling PEP 249.
* See https://www.python.org/dev/peps/pep-0249/.
*/
private import python
private import semmle.python.dataflow.new.DataFlow
private import semmle.python.dataflow.new.RemoteFlowSources
private import semmle.python.Concepts
private import semmle.python.ApiGraphs
/**
* Provides classes modeling database interfaces following PEP 249.
* See https://www.python.org/dev/peps/pep-0249/.
*/
module PEP249 {
/**
* An API graph node representing a module that implements PEP 249.
*/
abstract class PEP249ModuleApiNode extends API::Node {
/** Gets a string representation of this element. */
override string toString() { result = this.(API::Node).toString() }
}
/** Gets a reference to the `connect` function of a module that implements PEP 249. */
DataFlow::Node connect() {
result = any(PEP249ModuleApiNode a).getMember("connect").getAValueReachableFromSource()
}
/**
* Provides models for database connections (following PEP 249).
*
* See https://www.python.org/dev/peps/pep-0249/#connection-objects.
*/
module Connection {
/**
* A source of database connections (following PEP 249), extend this class to model new instances.
*
* This can include instantiations of the class, return values from function
* calls, or a special parameter that will be set when functions are called by external
* libraries.
*
* Use the predicate `Connection::instance()` to get references to database connections (following PEP 249).
*
* Extend this class if the module implementing PEP 249 offers more direct ways to obtain
* a connection than going through `connect`.
*/
abstract class InstanceSource extends DataFlow::Node { }
/** A call to the `connect` function of a module that implements PEP 249. */
private class ConnectCall extends InstanceSource, DataFlow::CallCfgNode {
ConnectCall() { this.getFunction() = connect() }
}
/** Gets a reference to a database connection (following PEP 249). */
private DataFlow::TypeTrackingNode instance(DataFlow::TypeTracker t) {
t.start() and
result instanceof InstanceSource
or
exists(DataFlow::TypeTracker t2 | result = instance(t2).track(t2, t))
}
/** Gets a reference to a database connection (following PEP 249). */
DataFlow::Node instance() { instance(DataFlow::TypeTracker::end()).flowsTo(result) }
}
/**
* Provides models for database cursors (following PEP 249).
*
* These are returned by the `cursor` method on a database connection.
* See https://www.python.org/dev/peps/pep-0249/#cursor.
*/
module Cursor {
/**
* A source of database cursors (following PEP 249), extend this class to model new instances.
*
* This can include instantiations of the class, return values from function
* calls, or a special parameter that will be set when functions are called by external
* libraries.
*
* Use the predicate `Cursor::instance()` to get references to database cursors (following PEP 249).
*
* Extend this class if the module implementing PEP 249 offers more direct ways to obtain
* a connection than going through `connect`.
*/
abstract class InstanceSource extends DataFlow::LocalSourceNode { }
/** Gets a reference to a database cursor. */
private DataFlow::TypeTrackingNode instance(DataFlow::TypeTracker t) {
t.start() and
result instanceof InstanceSource
or
exists(DataFlow::TypeTracker t2 | result = instance(t2).track(t2, t))
}
/** Gets a reference to a database cursor. */
DataFlow::Node instance() { instance(DataFlow::TypeTracker::end()).flowsTo(result) }
/** Gets a reference to the `cursor` method on a database connection. */
private DataFlow::TypeTrackingNode methodRef(DataFlow::TypeTracker t) {
t.startInAttr("cursor") and
result = Connection::instance()
or
exists(DataFlow::TypeTracker t2 | result = methodRef(t2).track(t2, t))
}
/** Gets a reference to the `cursor` method on a database connection. */
DataFlow::Node methodRef() { methodRef(DataFlow::TypeTracker::end()).flowsTo(result) }
/** A call to the `cursor` method on a database connection */
private class CursorCall extends InstanceSource, DataFlow::CallCfgNode {
CursorCall() { this.getFunction() = methodRef() }
}
/** Gets a reference to a result of calling the `cursor` method on a database connection. */
private DataFlow::TypeTrackingNode methodResult(DataFlow::TypeTracker t) {
t.start() and
result.asCfgNode().(CallNode).getFunction() = methodRef().asCfgNode()
or
exists(DataFlow::TypeTracker t2 | result = methodResult(t2).track(t2, t))
}
/**
* DEPRECATED: Use `Cursor::instance()` to get references to database cursors instead.
*
* Gets a reference to a result of calling the `cursor` method on a database connection.
*/
deprecated DataFlow::Node methodResult() {
methodResult(DataFlow::TypeTracker::end()).flowsTo(result)
}
}
/**
* Gets a reference to the `execute` method on a cursor (or on a connection).
*
* Note: while `execute` method on a connection is not part of PEP249, if it is used, we
* recognize it as an alias for constructing a cursor and calling `execute` on it.
*
* See https://peps.python.org/pep-0249/#execute.
*/
private DataFlow::TypeTrackingNode execute(DataFlow::TypeTracker t) {
t.startInAttr("execute") and
result in [Cursor::instance(), Connection::instance()]
or
exists(DataFlow::TypeTracker t2 | result = execute(t2).track(t2, t))
}
/**
* Gets a reference to the `execute` method on a cursor (or on a connection).
*
* Note: while `execute` method on a connection is not part of PEP249, if it is used, we
* recognize it as an alias for constructing a cursor and calling `execute` on it.
*
* See https://peps.python.org/pep-0249/#execute.
*/
DataFlow::Node execute() { execute(DataFlow::TypeTracker::end()).flowsTo(result) }
/**
* A call to the `execute` method on a cursor or a connection.
*
* See https://peps.python.org/pep-0249/#execute
*
* Note: While `execute` method on a connection is not part of PEP249, if it is used, we
* recognize it as an alias for constructing a cursor and calling `execute` on it.
*/
private class ExecuteCall extends SqlExecution::Range, DataFlow::CallCfgNode {
ExecuteCall() { this.getFunction() = execute() }
override DataFlow::Node getSql() { result in [this.getArg(0), this.getArgByName("sql")] }
}
private DataFlow::TypeTrackingNode executemany(DataFlow::TypeTracker t) {
t.startInAttr("executemany") and
result in [Cursor::instance(), Connection::instance()]
or
exists(DataFlow::TypeTracker t2 | result = executemany(t2).track(t2, t))
}
private DataFlow::Node executemany() { executemany(DataFlow::TypeTracker::end()).flowsTo(result) }
/**
* A call to the `executemany` method on a cursor or a connection.
*
* See https://peps.python.org/pep-0249/#executemany
*
* Note: While `executemany` method on a connection is not part of PEP249, if it is used, we
* recognize it as an alias for constructing a cursor and calling `executemany` on it.
*/
private class ExecutemanyCall extends SqlExecution::Range, DataFlow::CallCfgNode {
ExecutemanyCall() { this.getFunction() = executemany() }
override DataFlow::Node getSql() { result in [this.getArg(0), this.getArgByName("sql")] }
}
}