Jave: Make support for query specific models.

2026-04-30 19:26:02 +02:00 · 2022-11-21 15:37:13 +01:00
parent 805430983c
commit b61f515af2
3 changed files with 96 additions and 0 deletions
--- a/java/ql/lib/ext/experimental/dummy.model.yml
+++ b/java/ql/lib/ext/experimental/dummy.model.yml
@@ -0,0 +1,15 @@
+# Define the extensible prediactes related to experimental queries
+# to at least be empty.
+extensions:
+  - addsTo:
+      pack: codeql/java-all
+      extensible: extExperimentalSourceModel
+    data: []
+  - addsTo:
+      pack: codeql/java-all
+      extensible: extExperimentalSinkModel
+    data: []
+  - addsTo:
+      pack: codeql/java-all
+      extensible: extExperimentalSummaryModel
+    data: []
--- a/java/ql/lib/qlpack.yml
+++ b/java/ql/lib/qlpack.yml
@@ -10,3 +10,4 @@ dependencies:
 dataExtensions:
  - ext/*.model.yml
  - ext/generated/*.model.yml
+  - ext/experimental/*.model.yml
--- a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll
+++ b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll
@@ -194,6 +194,77 @@ private predicate negativeSummaryModelInternal(string row) {
  any(NegativeSummaryModelCsvInternal s).row(row)
 }

+/**
+ * Holds if an experimental source model exists for the given parameters.
+ * This is only for experimental queries.
+ */
+extensible predicate extExperimentalSourceModel(
+  string package, string type, boolean subtypes, string name, string signature, string ext,
+  string output, string kind, string provenance, string filter
+);
+
+/**
+ * Holds if an experimental sink model exists for the given parameters.
+ * This is only for experimental queries.
+ */
+extensible predicate extExperimentalSinkModel(
+  string package, string type, boolean subtypes, string name, string signature, string ext,
+  string input, string kind, string provenance, string filter
+);
+
+/**
+ * Holds if an experimental summary model exists for the given parameters.
+ * This is only for experimental queries.
+ */
+extensible predicate extExperimentalSummaryModel(
+  string package, string type, boolean subtypes, string name, string signature, string ext,
+  string input, string output, string kind, string provenance, string filter
+);
+
+/**
+ * A class for activating additional model rows.
+ *
+ * Extend this class to include experimental model rows with `this` name
+ * in data flow analysis.
+ */
+abstract class ActiveExperimentalModels extends string {
+  bindingset[this]
+  ActiveExperimentalModels() { any() }
+
+  /**
+   * Holds if an experimental source model exists for the given parameters.
+   */
+  predicate sourceModel(
+    string package, string type, boolean subtypes, string name, string signature, string ext,
+    string output, string kind, string provenance
+  ) {
+    extExperimentalSourceModel(package, type, subtypes, name, signature, ext, output, kind,
+      provenance, this)
+  }
+
+  /**
+   * Holds if an experimental sink model exists for the given parameters.
+   */
+  predicate sinkModel(
+    string package, string type, boolean subtypes, string name, string signature, string ext,
+    string output, string kind, string provenance
+  ) {
+    extExperimentalSinkModel(package, type, subtypes, name, signature, ext, output, kind,
+      provenance, this)
+  }
+
+  /**
+   * Holds if an experimental summary model exists for the given parameters.
+   */
+  predicate summaryModel(
+    string package, string type, boolean subtypes, string name, string signature, string ext,
+    string input, string output, string kind, string provenance
+  ) {
+    extExperimentalSummaryModel(package, type, subtypes, name, signature, ext, input, output, kind,
+      provenance, this)
+  }
+}
+
 /**
 * Holds if a source model exists for the given parameters.
 */
@@ -222,6 +293,9 @@ predicate sourceModel(
  )
  or
  extSourceModel(package, type, subtypes, name, signature, ext, output, kind, provenance)
+  or
+  any(ActiveExperimentalModels q)
+      .sourceModel(package, type, subtypes, name, signature, ext, output, kind, provenance)
 }

 /** Holds if a sink model exists for the given parameters. */
@@ -250,6 +324,9 @@ predicate sinkModel(
  )
  or
  extSinkModel(package, type, subtypes, name, signature, ext, input, kind, provenance)
+  or
+  any(ActiveExperimentalModels q)
+      .sinkModel(package, type, subtypes, name, signature, ext, input, kind, provenance)
 }

 /** Holds if a summary model exists for the given parameters. */
@@ -279,6 +356,9 @@ predicate summaryModel(
  )
  or
  extSummaryModel(package, type, subtypes, name, signature, ext, input, output, kind, provenance)
+  or
+  any(ActiveExperimentalModels q)
+      .summaryModel(package, type, subtypes, name, signature, ext, input, output, kind, provenance)
 }

 /** Holds if a summary model exists indicating there is no flow for the given parameters. */