Merge pull request #615 from erik-krogh/explicit-this

apply the implicit-this patch to the remaining go code

ql/lib/semmle/go/Decls.qll

@@ -137,7 +137,7 @@ class FuncDef extends @funcdef, StmtParent, ExprParent {
    */
   DataFlow::CallNode getACall() { result.getACallee() = this }
 
-  predicate isVariadic() { getType().isVariadic() }
+  predicate isVariadic() { this.getType().isVariadic() }
 
   override string getAPrimaryQlClass() { result = "FuncDef" }
 }

ql/lib/semmle/go/security/IncorrectIntegerConversionLib.qll

@@ -124,7 +124,7 @@ class ConversionWithoutBoundsCheckConfig extends TaintTracking::Configuration {
     )
   }
 
-  override predicate isSink(DataFlow::Node sink) { isSink(sink, sinkBitSize) }
+  override predicate isSink(DataFlow::Node sink) { this.isSink(sink, sinkBitSize) }
 
   override predicate isSanitizerGuard(DataFlow::BarrierGuard guard) {
     // To catch flows that only happen on 32-bit architectures we
@@ -136,7 +136,7 @@ class ConversionWithoutBoundsCheckConfig extends TaintTracking::Configuration {
 
   override predicate isSanitizerOut(DataFlow::Node node) {
     exists(int bitSize | isIncorrectIntegerConversion(sourceBitSize, bitSize) |
-      isSink(node, bitSize)
+      this.isSink(node, bitSize)
     )
   }
 }

ql/src/Security/CWE-322/InsecureHostKeyCallback.ql

@@ -22,7 +22,7 @@ class InsecureIgnoreHostKey extends Function {
 class HostKeyCallbackFunc extends DataFlow::Node {
   HostKeyCallbackFunc() {
     exists(NamedType nt | nt.hasQualifiedName(CryptoSsh::packagePath(), "HostKeyCallback") |
-      getType().getUnderlyingType() = nt.getUnderlyingType()
+      this.getType().getUnderlyingType() = nt.getUnderlyingType()
     ) and
     // Restrict possible sources to either function definitions or
     // the result of some external function call (e.g. InsecureIgnoreHostKey())
@@ -71,7 +71,7 @@ class HostKeyCallbackAssignmentConfig extends DataFlow::Configuration {
     )
   }
 
-  override predicate isSink(DataFlow::Node sink) { isSink(sink, _) }
+  override predicate isSink(DataFlow::Node sink) { this.isSink(sink, _) }
 }
 
 /**

ql/src/Security/CWE-352/ConstantOauth2State.ql

@@ -46,7 +46,7 @@ class ConstantStateFlowConf extends DataFlow::Configuration {
     )
   }
 
-  override predicate isSink(DataFlow::Node sink) { isSink(sink, _) }
+  override predicate isSink(DataFlow::Node sink) { this.isSink(sink, _) }
 }
 
 /**
@@ -113,7 +113,7 @@ class PrivateUrlFlowsToAuthCodeUrlCall extends DataFlow::Configuration {
     exists(AuthCodeURL m | call = m.getACall() | sink = call.getReceiver())
   }
 
-  override predicate isSink(DataFlow::Node sink) { isSink(sink, _) }
+  override predicate isSink(DataFlow::Node sink) { this.isSink(sink, _) }
 }
 
 /**
@@ -142,7 +142,7 @@ class FlowToPrint extends DataFlow::Configuration {
     source = any(AuthCodeURL m).getACall().getResult()
   }
 
-  override predicate isSink(DataFlow::Node sink) { isSink(sink, _) }
+  override predicate isSink(DataFlow::Node sink) { this.isSink(sink, _) }
 }
 
 /** Holds if the provided `CallNode`'s result flows to an argument of a printer call. */

ql/src/experimental/CWE-327/CryptoLibraries.qll

@@ -196,7 +196,7 @@ abstract class CryptographicOperation extends DataFlow::Node {
  * Models cryptographic operations of the `crypto/md5` package.
  */
 class Md5 extends CryptographicOperation, DataFlow::CallNode {
-  Md5() { getTarget().hasQualifiedName("crypto/md5", ["New", "Sum"]) }
+  Md5() { this.getTarget().hasQualifiedName("crypto/md5", ["New", "Sum"]) }
 
   override Expr getInput() { result = this.getArgument(0).asExpr() }
 
@@ -209,7 +209,7 @@ class Md5 extends CryptographicOperation, DataFlow::CallNode {
  * Models cryptographic operations of the `crypto/sha1` package.
  */
 class Sha1 extends CryptographicOperation, DataFlow::CallNode {
-  Sha1() { getTarget().hasQualifiedName("crypto/sha1", ["New", "Sum"]) }
+  Sha1() { this.getTarget().hasQualifiedName("crypto/sha1", ["New", "Sum"]) }
 
   override Expr getInput() { result = this.getArgument(0).asExpr() }
 
@@ -222,7 +222,7 @@ class Sha1 extends CryptographicOperation, DataFlow::CallNode {
  * Models cryptographic operations of the `crypto/des` package.
  */
 class Des extends CryptographicOperation, DataFlow::CallNode {
-  Des() { getTarget().hasQualifiedName("crypto/des", ["NewCipher", "NewTripleDESCipher"]) }
+  Des() { this.getTarget().hasQualifiedName("crypto/des", ["NewCipher", "NewTripleDESCipher"]) }
 
   override Expr getInput() { result = this.getArgument(0).asExpr() }
 
@@ -235,7 +235,7 @@ class Des extends CryptographicOperation, DataFlow::CallNode {
  * Models cryptographic operations of the `crypto/rc4` package.
  */
 class Rc4 extends CryptographicOperation, DataFlow::CallNode {
-  Rc4() { getTarget().hasQualifiedName("crypto/rc4", ["NewCipher"]) }
+  Rc4() { this.getTarget().hasQualifiedName("crypto/rc4", ["NewCipher"]) }
 
   override Expr getInput() { result = this.getArgument(0).asExpr() }
 

ql/src/experimental/CWE-942/CorsMisconfiguration.ql

@@ -69,7 +69,7 @@ class FlowsUntrustedToAllowOriginHeader extends TaintTracking::Configuration {
     )
   }
 
-  override predicate isSink(DataFlow::Node sink) { isSink(sink, _) }
+  override predicate isSink(DataFlow::Node sink) { this.isSink(sink, _) }
 }
 
 /**
@@ -128,7 +128,7 @@ class FlowsFromUntrusted extends TaintTracking::Configuration {
 
   override predicate isSource(DataFlow::Node source) { source instanceof UntrustedFlowSource }
 
-  override predicate isSink(DataFlow::Node sink) { isSink(sink, _) }
+  override predicate isSink(DataFlow::Node sink) { this.isSink(sink, _) }
 
   predicate isSink(DataFlow::Node sink, ControlFlow::ConditionGuardNode cgn) {
     exists(IfStmt ifs |