From caeeebf572f84f428476ec36745c832f21c8e5c0 Mon Sep 17 00:00:00 2001 From: Erik Krogh Kristensen Date: Fri, 15 Oct 2021 15:27:37 +0200 Subject: [PATCH 1/3] add explicit this qualifier on all of java --- java/ql/lib/external/ExternalArtifact.qll | 19 +-- java/ql/lib/semmle/code/FileSystem.qll | 34 ++++-- java/ql/lib/semmle/code/Location.qll | 6 +- java/ql/lib/semmle/code/java/Annotation.qll | 10 +- .../lib/semmle/code/java/ControlFlowGraph.qll | 10 +- java/ql/lib/semmle/code/java/Conversions.qll | 2 +- java/ql/lib/semmle/code/java/Element.qll | 4 +- java/ql/lib/semmle/code/java/Expr.qll | 90 +++++++------- java/ql/lib/semmle/code/java/Generics.qll | 30 ++--- java/ql/lib/semmle/code/java/JDK.qll | 63 +++++----- .../lib/semmle/code/java/JDKAnnotations.qll | 4 +- java/ql/lib/semmle/code/java/JMX.qll | 20 +-- java/ql/lib/semmle/code/java/Javadoc.qll | 12 +- java/ql/lib/semmle/code/java/Maps.qll | 6 +- java/ql/lib/semmle/code/java/Member.qll | 54 ++++----- java/ql/lib/semmle/code/java/Modifier.qll | 20 +-- .../lib/semmle/code/java/PrettyPrintAst.qll | 58 ++++----- java/ql/lib/semmle/code/java/PrintAst.qll | 14 +-- java/ql/lib/semmle/code/java/Reflection.qll | 56 ++++----- java/ql/lib/semmle/code/java/Statement.qll | 62 +++++----- java/ql/lib/semmle/code/java/StringFormat.qll | 36 +++--- java/ql/lib/semmle/code/java/Type.qll | 33 ++--- java/ql/lib/semmle/code/java/UnitTests.qll | 40 +++--- java/ql/lib/semmle/code/java/Variable.qll | 10 +- .../semmle/code/java/arithmetic/Overflow.qll | 4 +- .../code/java/controlflow/BasicBlocks.qll | 10 +- .../java/controlflow/UnreachableBlocks.qll | 34 +++--- .../semmle/code/java/dataflow/FlowSources.qll | 4 +- java/ql/lib/semmle/code/java/dataflow/SSA.qll | 53 ++++---- .../code/java/dataflow/internal/BaseSSA.qll | 25 ++-- .../java/dataflow/internal/DataFlowImpl.qll | 16 +-- .../java/dataflow/internal/DataFlowImpl2.qll | 16 +-- .../java/dataflow/internal/DataFlowImpl3.qll | 16 +-- .../java/dataflow/internal/DataFlowImpl4.qll | 16 +-- .../java/dataflow/internal/DataFlowImpl5.qll | 16 +-- .../java/dataflow/internal/DataFlowImpl6.qll | 16 +-- .../DataFlowImplForSerializability.qll | 16 +-- .../java/dataflow/internal/DataFlowNodes.qll | 10 +- .../dataflow/internal/TaintTrackingUtil.qll | 32 ++--- .../semmle/code/java/deadcode/DeadCode.qll | 30 +++-- .../semmle/code/java/deadcode/DeadField.qll | 32 ++--- .../semmle/code/java/deadcode/EntryPoints.qll | 34 +++--- .../code/java/deadcode/TestEntryPoints.qll | 20 +-- .../code/java/deadcode/WebEntryPoints.qll | 4 +- .../lib/semmle/code/java/frameworks/Camel.qll | 2 +- .../lib/semmle/code/java/frameworks/Guice.qll | 2 +- .../lib/semmle/code/java/frameworks/JAXB.qll | 40 +++--- .../code/java/frameworks/JUnitAnnotations.qll | 2 +- .../semmle/code/java/frameworks/Jackson.qll | 12 +- .../lib/semmle/code/java/frameworks/Jndi.qll | 20 +-- .../lib/semmle/code/java/frameworks/Kryo.qll | 26 ++-- .../semmle/code/java/frameworks/Mockito.qll | 100 +++++++-------- .../code/java/frameworks/Networking.qll | 20 +-- .../semmle/code/java/frameworks/Protobuf.qll | 2 +- .../semmle/code/java/frameworks/SnakeYaml.qll | 8 +- .../code/java/frameworks/SpringLdap.qll | 48 ++++---- .../semmle/code/java/frameworks/Thrift.qll | 2 +- .../semmle/code/java/frameworks/UnboundId.qll | 40 +++--- .../code/java/frameworks/android/Android.qll | 14 ++- .../code/java/frameworks/android/Intent.qll | 22 ++-- .../code/java/frameworks/android/WebView.qll | 6 +- .../frameworks/google/GoogleHttpClientApi.qll | 4 +- .../semmle/code/java/frameworks/gwt/GWT.qll | 4 +- .../code/java/frameworks/gwt/GwtUiBinder.qll | 33 ++--- .../java/frameworks/gwt/GwtUiBinderXml.qll | 4 +- .../code/java/frameworks/gwt/GwtXml.qll | 28 ++--- .../code/java/frameworks/j2objc/J2ObjC.qll | 8 +- .../jackson/JacksonSerializability.qll | 46 +++---- .../java/frameworks/javaee/Persistence.qll | 12 +- .../java/frameworks/javaee/PersistenceXML.qll | 4 +- .../code/java/frameworks/javaee/ejb/EJB.qll | 30 ++--- .../java/frameworks/javaee/ejb/EJBJarXML.qll | 8 +- .../javaee/jsf/JSFFacesContextXML.qll | 18 +-- .../frameworks/javaee/jsf/JSFRenderer.qll | 12 +- .../code/java/frameworks/javase/Http.qll | 4 +- .../semmle/code/java/frameworks/play/Play.qll | 2 +- .../java/frameworks/spring/SpringAutowire.qll | 104 ++++++++-------- .../java/frameworks/spring/SpringBean.qll | 10 +- .../java/frameworks/spring/SpringBeanFile.qll | 7 +- .../frameworks/spring/SpringComponentScan.qll | 39 +++--- .../frameworks/spring/SpringController.qll | 114 ++++++++++-------- .../frameworks/spring/SpringExpression.qll | 8 +- .../java/frameworks/spring/SpringFlex.qll | 20 +-- .../java/frameworks/spring/SpringProfile.qll | 8 +- .../code/java/frameworks/spring/SpringWeb.qll | 6 +- .../java/frameworks/struts/StrutsActions.qll | 8 +- .../frameworks/struts/StrutsAnnotations.qll | 2 +- .../frameworks/struts/StrutsConventions.qll | 8 +- .../code/java/frameworks/struts/StrutsXML.qll | 38 +++--- .../code/java/metrics/MetricRefType.qll | 20 +-- .../code/java/security/CommandArguments.qll | 30 ++--- .../semmle/code/java/security/Encryption.qll | 36 +++--- .../code/java/security/ExternalAPIs.qll | 43 +++---- .../code/java/security/JexlInjectionQuery.qll | 35 +++--- .../code/java/security/MvelInjection.qll | 24 ++-- .../code/java/security/RequestForgery.qll | 2 +- .../code/java/security/SpelInjectionQuery.qll | 4 +- .../security/UnsafeDeserializationQuery.qll | 8 +- java/ql/lib/semmle/code/java/security/XSS.qll | 2 +- .../lib/semmle/code/xml/AndroidManifest.qll | 23 ++-- java/ql/lib/semmle/code/xml/MavenPom.qll | 110 +++++++++-------- java/ql/lib/semmle/code/xml/WebXML.qll | 46 +++---- .../CWE-016/InsecureSpringActuatorConfig.ql | 4 +- java/ql/src/external/Clover.qll | 2 +- 104 files changed, 1269 insertions(+), 1172 deletions(-) diff --git a/java/ql/lib/external/ExternalArtifact.qll b/java/ql/lib/external/ExternalArtifact.qll index 5359b99c7c8..2e782a6a4da 100644 --- a/java/ql/lib/external/ExternalArtifact.qll +++ b/java/ql/lib/external/ExternalArtifact.qll @@ -3,24 +3,25 @@ import java class ExternalData extends @externalDataElement { string getDataPath() { externalData(this, result, _, _) } - string getQueryPath() { result = getDataPath().regexpReplaceAll("\\.[^.]*$", ".ql") } + string getQueryPath() { result = this.getDataPath().regexpReplaceAll("\\.[^.]*$", ".ql") } int getNumFields() { result = 1 + max(int i | externalData(this, _, i, _) | i) } string getField(int index) { externalData(this, _, index, result) } - int getFieldAsInt(int index) { result = getField(index).toInt() } + int getFieldAsInt(int index) { result = this.getField(index).toInt() } - float getFieldAsFloat(int index) { result = getField(index).toFloat() } + float getFieldAsFloat(int index) { result = this.getField(index).toFloat() } - date getFieldAsDate(int index) { result = getField(index).toDate() } + date getFieldAsDate(int index) { result = this.getField(index).toDate() } - string toString() { result = getQueryPath() + ": " + buildTupleString(0) } + string toString() { result = this.getQueryPath() + ": " + this.buildTupleString(0) } private string buildTupleString(int start) { - start = getNumFields() - 1 and result = getField(start) + start = this.getNumFields() - 1 and result = this.getField(start) or - start < getNumFields() - 1 and result = getField(start) + "," + buildTupleString(start + 1) + start < this.getNumFields() - 1 and + result = this.getField(start) + "," + this.buildTupleString(start + 1) } } @@ -33,7 +34,7 @@ class DefectExternalData extends ExternalData { this.getNumFields() = 2 } - string getURL() { result = getField(0) } + string getURL() { result = this.getField(0) } - string getMessage() { result = getField(1) } + string getMessage() { result = this.getField(1) } } diff --git a/java/ql/lib/semmle/code/FileSystem.qll b/java/ql/lib/semmle/code/FileSystem.qll index 6c252d569e9..cace20f63e1 100755 --- a/java/ql/lib/semmle/code/FileSystem.qll +++ b/java/ql/lib/semmle/code/FileSystem.qll @@ -47,7 +47,7 @@ class Container extends @container, Top { */ string getRelativePath() { exists(string absPath, string pref | - absPath = getAbsolutePath() and sourceLocationPrefix(pref) + absPath = this.getAbsolutePath() and sourceLocationPrefix(pref) | absPath = pref and result = "" or @@ -74,7 +74,7 @@ class Container extends @container, Top { * */ string getBaseName() { - result = getAbsolutePath().regexpCapture(".*/(([^/]*?)(?:\\.([^.]*))?)", 1) + result = this.getAbsolutePath().regexpCapture(".*/(([^/]*?)(?:\\.([^.]*))?)", 1) } /** @@ -100,7 +100,9 @@ class Container extends @container, Top { * "/tmp/x.tar.gz""gz" * */ - string getExtension() { result = getAbsolutePath().regexpCapture(".*/([^/]*?)(\\.([^.]*))?", 3) } + string getExtension() { + result = this.getAbsolutePath().regexpCapture(".*/([^/]*?)(\\.([^.]*))?", 3) + } /** * Gets the stem of this container, that is, the prefix of its base name up to @@ -119,7 +121,9 @@ class Container extends @container, Top { * "/tmp/x.tar.gz""x.tar" * */ - string getStem() { result = getAbsolutePath().regexpCapture(".*/([^/]*?)(?:\\.([^.]*))?", 1) } + string getStem() { + result = this.getAbsolutePath().regexpCapture(".*/([^/]*?)(?:\\.([^.]*))?", 1) + } /** Gets the parent container of this file or folder, if any. */ Container getParentContainer() { containerparent(result, this) } @@ -128,20 +132,20 @@ class Container extends @container, Top { Container getAChildContainer() { this = result.getParentContainer() } /** Gets a file in this container. */ - File getAFile() { result = getAChildContainer() } + File getAFile() { result = this.getAChildContainer() } /** Gets the file in this container that has the given `baseName`, if any. */ File getFile(string baseName) { - result = getAFile() and + result = this.getAFile() and result.getBaseName() = baseName } /** Gets a sub-folder in this container. */ - Folder getAFolder() { result = getAChildContainer() } + Folder getAFolder() { result = this.getAChildContainer() } /** Gets the sub-folder in this container that has the given `baseName`, if any. */ Folder getFolder(string baseName) { - result = getAFolder() and + result = this.getAFolder() and result.getBaseName() = baseName } @@ -152,7 +156,7 @@ class Container extends @container, Top { * to provide a different result. To get the absolute path of any `Container`, call * `Container.getAbsolutePath()` directly. */ - override string toString() { result = getAbsolutePath() } + override string toString() { result = this.getAbsolutePath() } } /** A folder. */ @@ -160,7 +164,7 @@ class Folder extends Container, @folder { override string getAbsolutePath() { folders(this, result) } /** Gets the URL of this folder. */ - override string getURL() { result = "folder://" + getAbsolutePath() } + override string getURL() { result = "folder://" + this.getAbsolutePath() } override string getAPrimaryQlClass() { result = "Folder" } } @@ -183,7 +187,7 @@ class File extends Container, @file { * A Java archive file with a ".jar" extension. */ class JarFile extends File { - JarFile() { getExtension() = "jar" } + JarFile() { this.getExtension() = "jar" } /** * Gets the main attribute with the specified `key` @@ -195,13 +199,17 @@ class JarFile extends File { * Gets the "Specification-Version" main attribute * from this JAR file's manifest. */ - string getSpecificationVersion() { result = getManifestMainAttribute("Specification-Version") } + string getSpecificationVersion() { + result = this.getManifestMainAttribute("Specification-Version") + } /** * Gets the "Implementation-Version" main attribute * from this JAR file's manifest. */ - string getImplementationVersion() { result = getManifestMainAttribute("Implementation-Version") } + string getImplementationVersion() { + result = this.getManifestMainAttribute("Implementation-Version") + } /** * Gets the per-entry attribute for the specified `entry` and `key` diff --git a/java/ql/lib/semmle/code/Location.qll b/java/ql/lib/semmle/code/Location.qll index 2af4f8712e0..d90a189acb7 100755 --- a/java/ql/lib/semmle/code/Location.qll +++ b/java/ql/lib/semmle/code/Location.qll @@ -63,10 +63,10 @@ class Top extends @top { predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn ) { - hasLocationInfoAux(filepath, startline, startcolumn, endline, endcolumn) + this.hasLocationInfoAux(filepath, startline, startcolumn, endline, endcolumn) or exists(string outFilepath, int outStartline, int outEndline | - hasLocationInfoAux(outFilepath, outStartline, _, outEndline, _) and + this.hasLocationInfoAux(outFilepath, outStartline, _, outEndline, _) and hasSmapLocationInfo(filepath, startline, startcolumn, endline, endcolumn, outFilepath, outStartline, outEndline) ) @@ -103,7 +103,7 @@ class Top extends @top { /** * Gets a comma-separated list of the names of the primary CodeQL classes to which this element belongs. */ - final string getPrimaryQlClasses() { result = concat(getAPrimaryQlClass(), ",") } + final string getPrimaryQlClasses() { result = concat(this.getAPrimaryQlClass(), ",") } /** * Gets the name of a primary CodeQL class to which this element belongs. diff --git a/java/ql/lib/semmle/code/java/Annotation.qll b/java/ql/lib/semmle/code/java/Annotation.qll index 2ee7c6403b4..342a2bd6e0d 100755 --- a/java/ql/lib/semmle/code/java/Annotation.qll +++ b/java/ql/lib/semmle/code/java/Annotation.qll @@ -51,7 +51,7 @@ class Annotation extends @annotation, Expr { Expr getValue(string name) { filteredAnnotValue(this, this.getAnnotationElement(name), result) } /** Gets the element being annotated. */ - Element getTarget() { result = getAnnotatedElement() } + Element getTarget() { result = this.getAnnotatedElement() } override string toString() { result = this.getType().getName() } @@ -67,8 +67,8 @@ class Annotation extends @annotation, Expr { * expression defined for the value. */ Expr getAValue(string name) { - getType().getAnnotationElement(name).getType() instanceof Array and - exists(Expr value | value = getValue(name) | + this.getType().getAnnotationElement(name).getType() instanceof Array and + exists(Expr value | value = this.getValue(name) | if value instanceof ArrayInit then result = value.(ArrayInit).getAnInit() else result = value ) } @@ -104,7 +104,7 @@ class Annotatable extends Element { /** Holds if this element has the specified annotation. */ predicate hasAnnotation(string package, string name) { - exists(AnnotationType at | at = getAnAnnotation().getType() | + exists(AnnotationType at | at = this.getAnAnnotation().getType() | at.nestedName() = name and at.getPackage().getName() = package ) } @@ -118,7 +118,7 @@ class Annotatable extends Element { * annotation attached to it for the specified `category`. */ predicate suppressesWarningsAbout(string category) { - category = getAnAnnotation().(SuppressWarningsAnnotation).getASuppressedWarning() + category = this.getAnAnnotation().(SuppressWarningsAnnotation).getASuppressedWarning() or this.(Member).getDeclaringType().suppressesWarningsAbout(category) or diff --git a/java/ql/lib/semmle/code/java/ControlFlowGraph.qll b/java/ql/lib/semmle/code/java/ControlFlowGraph.qll index ff60abb4e73..8e5325902dd 100644 --- a/java/ql/lib/semmle/code/java/ControlFlowGraph.qll +++ b/java/ql/lib/semmle/code/java/ControlFlowGraph.qll @@ -528,13 +528,13 @@ private module ControlFlowGraphImpl { /** Gets the first child node, if any. */ ControlFlowNode firstChild() { - result = getChildNode(-1) + result = this.getChildNode(-1) or - result = getChildNode(0) and not exists(getChildNode(-1)) + result = this.getChildNode(0) and not exists(this.getChildNode(-1)) } /** Holds if this CFG node has any child nodes. */ - predicate isLeafNode() { not exists(getChildNode(_)) } + predicate isLeafNode() { not exists(this.getChildNode(_)) } /** Holds if this node can finish with a `normalCompletion`. */ predicate mayCompleteNormally() { @@ -1222,10 +1222,10 @@ class ConditionNode extends ControlFlowNode { ControlFlowNode getABranchSuccessor(boolean branch) { result = branchSuccessor(this, branch) } /** Gets a true-successor of the `ConditionNode`. */ - ControlFlowNode getATrueSuccessor() { result = getABranchSuccessor(true) } + ControlFlowNode getATrueSuccessor() { result = this.getABranchSuccessor(true) } /** Gets a false-successor of the `ConditionNode`. */ - ControlFlowNode getAFalseSuccessor() { result = getABranchSuccessor(false) } + ControlFlowNode getAFalseSuccessor() { result = this.getABranchSuccessor(false) } /** Gets the condition of this `ConditionNode`. This is equal to the node itself. */ Expr getCondition() { result = this } diff --git a/java/ql/lib/semmle/code/java/Conversions.qll b/java/ql/lib/semmle/code/java/Conversions.qll index 9d55f1297fc..b7cd80c4906 100644 --- a/java/ql/lib/semmle/code/java/Conversions.qll +++ b/java/ql/lib/semmle/code/java/Conversions.qll @@ -27,7 +27,7 @@ abstract class ConversionSite extends Expr { /** * Whether this conversion site actually induces a conversion. */ - predicate isTrivial() { getConversionTarget() = getConversionSource() } + predicate isTrivial() { this.getConversionTarget() = this.getConversionSource() } /** * Whether this conversion is implicit. diff --git a/java/ql/lib/semmle/code/java/Element.qll b/java/ql/lib/semmle/code/java/Element.qll index 12a08f8eb9d..14e48fc0d40 100755 --- a/java/ql/lib/semmle/code/java/Element.qll +++ b/java/ql/lib/semmle/code/java/Element.qll @@ -34,10 +34,10 @@ class Element extends @element, Top { * Elements pertaining to source files may include generated elements * not visible in source code, such as implicit default constructors. */ - predicate fromSource() { getCompilationUnit().getExtension() = "java" } + predicate fromSource() { this.getCompilationUnit().getExtension() = "java" } /** Gets the compilation unit that this element belongs to. */ - CompilationUnit getCompilationUnit() { result = getFile() } + CompilationUnit getCompilationUnit() { result = this.getFile() } /** Cast this element to a `Documentable`. */ Documentable getDoc() { result = this } diff --git a/java/ql/lib/semmle/code/java/Expr.qll b/java/ql/lib/semmle/code/java/Expr.qll index b83f5332756..b95f7e8232f 100755 --- a/java/ql/lib/semmle/code/java/Expr.qll +++ b/java/ql/lib/semmle/code/java/Expr.qll @@ -86,13 +86,15 @@ class Expr extends ExprParent, @expr { * explicit constructor invocation statement. */ - getEnclosingCallable().isStatic() + this.getEnclosingCallable().isStatic() or - getParent+() instanceof ThisConstructorInvocationStmt + this.getParent+() instanceof ThisConstructorInvocationStmt or - getParent+() instanceof SuperConstructorInvocationStmt + this.getParent+() instanceof SuperConstructorInvocationStmt or - exists(LambdaExpr lam | lam.asMethod() = getEnclosingCallable() and lam.isInStaticContext()) + exists(LambdaExpr lam | + lam.asMethod() = this.getEnclosingCallable() and lam.isInStaticContext() + ) } /** Holds if this expression is parenthesized. */ @@ -116,7 +118,7 @@ private predicate primitiveOrString(Type t) { */ class CompileTimeConstantExpr extends Expr { CompileTimeConstantExpr() { - primitiveOrString(getType()) and + primitiveOrString(this.getType()) and ( // Literals of primitive type and literals of type `String`. this instanceof Literal @@ -425,9 +427,9 @@ class ArrayCreationExpr extends Expr, @arraycreationexpr { * Gets the size of the first dimension, if it can be statically determined. */ int getFirstDimensionSize() { - if exists(getInit()) - then result = getInit().getSize() - else result = getDimension(0).(CompileTimeConstantExpr).getIntValue() + if exists(this.getInit()) + then result = this.getInit().getSize() + else result = this.getDimension(0).(CompileTimeConstantExpr).getIntValue() } /** Gets a printable representation of this expression. */ @@ -463,7 +465,7 @@ class ArrayInit extends Expr, @arrayinit { * Gets the number of expressions in this initializer, that is, the size the * created array will have. */ - int getSize() { result = count(getAnInit()) } + int getSize() { result = count(this.getAnInit()) } /** Gets a printable representation of this expression. */ override string toString() { result = "{...}" } @@ -632,9 +634,9 @@ class Literal extends Expr, @literal { class BooleanLiteral extends Literal, @booleanliteral { /** Gets the boolean representation of this literal. */ boolean getBooleanValue() { - result = true and getValue() = "true" + result = true and this.getValue() = "true" or - result = false and getValue() = "false" + result = false and this.getValue() = "false" } override string getAPrimaryQlClass() { result = "BooleanLiteral" } @@ -657,7 +659,7 @@ class BooleanLiteral extends Literal, @booleanliteral { */ class IntegerLiteral extends Literal, @integerliteral { /** Gets the int representation of this literal. */ - int getIntValue() { result = getValue().toInt() } + int getIntValue() { result = this.getValue().toInt() } override string getAPrimaryQlClass() { result = "IntegerLiteral" } } @@ -693,7 +695,7 @@ class FloatingPointLiteral extends Literal, @floatingpointliteral { * Gets the value of this literal as CodeQL 64-bit `float`. The value will * be parsed as Java 32-bit `float` and then converted to a CodeQL `float`. */ - float getFloatValue() { result = getValue().toFloat() } + float getFloatValue() { result = this.getValue().toFloat() } override string getAPrimaryQlClass() { result = "FloatingPointLiteral" } } @@ -709,7 +711,7 @@ class DoubleLiteral extends Literal, @doubleliteral { * Gets the value of this literal as CodeQL 64-bit `float`. The result will * have the same effective value as the Java `double` literal. */ - float getDoubleValue() { result = getValue().toFloat() } + float getDoubleValue() { result = this.getValue().toFloat() } override string getAPrimaryQlClass() { result = "DoubleLiteral" } } @@ -732,10 +734,10 @@ class StringLiteral extends Literal, @stringliteral { /** * Gets the literal string without the quotes. */ - string getRepresentedString() { result = getValue() } + string getRepresentedString() { result = this.getValue() } /** Holds if this string literal is a text block (`""" ... """`). */ - predicate isTextBlock() { getLiteral().matches("\"\"\"%") } + predicate isTextBlock() { this.getLiteral().matches("\"\"\"%") } override string getAPrimaryQlClass() { result = "StringLiteral" } } @@ -1184,7 +1186,7 @@ class LambdaExpr extends FunctionalExpr, @lambdaexpr { * Gets the implicit method corresponding to this lambda expression. * The parameters of the lambda expression are the parameters of this method. */ - override Method asMethod() { result = getAnonymousClass().getAMethod() } + override Method asMethod() { result = this.getAnonymousClass().getAMethod() } /** Holds if the body of this lambda is an expression. */ predicate hasExprBody() { lambdaKind(this, 0) } @@ -1194,11 +1196,11 @@ class LambdaExpr extends FunctionalExpr, @lambdaexpr { /** Gets the body of this lambda expression, if it is an expression. */ Expr getExprBody() { - hasExprBody() and result = asMethod().getBody().getAChild().(ReturnStmt).getResult() + this.hasExprBody() and result = this.asMethod().getBody().getAChild().(ReturnStmt).getResult() } /** Gets the body of this lambda expression, if it is a statement. */ - BlockStmt getStmtBody() { hasStmtBody() and result = asMethod().getBody() } + BlockStmt getStmtBody() { this.hasStmtBody() and result = this.asMethod().getBody() } /** Gets a printable representation of this expression. */ override string toString() { result = "...->..." } @@ -1223,7 +1225,7 @@ class MemberRefExpr extends FunctionalExpr, @memberref { * (if the reference is to a constructor) or an array creation expression (if the reference * is to an array constructor). */ - override Method asMethod() { result = getAnonymousClass().getAMethod() } + override Method asMethod() { result = this.getAnonymousClass().getAMethod() } /** * Gets the method or constructor referenced by this member reference expression. @@ -1274,16 +1276,16 @@ class ConditionalExpr extends Expr, @conditionalexpr { * it is `getFalseExpr()`. */ Expr getBranchExpr(boolean branch) { - branch = true and result = getTrueExpr() + branch = true and result = this.getTrueExpr() or - branch = false and result = getFalseExpr() + branch = false and result = this.getFalseExpr() } /** * Gets the expressions that is evaluated by one of the branches (`true` * or `false` branch) of this conditional expression. */ - Expr getABranchExpr() { result = getBranchExpr(_) } + Expr getABranchExpr() { result = this.getBranchExpr(_) } /** Gets a printable representation of this expression. */ override string toString() { result = "...?...:..." } @@ -1308,7 +1310,7 @@ class SwitchExpr extends Expr, StmtParent, @switchexpr { * Gets a case of this `switch` expression, * which may be either a normal `case` or a `default`. */ - SwitchCase getACase() { result = getAConstCase() or result = getDefaultCase() } + SwitchCase getACase() { result = this.getAConstCase() or result = this.getDefaultCase() } /** Gets a (non-default) `case` of this `switch` expression. */ ConstCase getAConstCase() { result.getParent() = this } @@ -1321,7 +1323,7 @@ class SwitchExpr extends Expr, StmtParent, @switchexpr { /** Gets a result expression of this `switch` expression. */ Expr getAResult() { - result = getACase().getRuleExpression() + result = this.getACase().getRuleExpression() or exists(YieldStmt yield | yield.(JumpStmt).getTarget() = this and result = yield.getValue()) } @@ -1336,8 +1338,8 @@ class SwitchExpr extends Expr, StmtParent, @switchexpr { class InstanceOfExpr extends Expr, @instanceofexpr { /** Gets the expression on the left-hand side of the `instanceof` operator. */ Expr getExpr() { - if isPattern() - then result = getLocalVariableDeclExpr().getInit() + if this.isPattern() + then result = this.getLocalVariableDeclExpr().getInit() else result.isNthChildOf(this, 0) } @@ -1346,7 +1348,7 @@ class InstanceOfExpr extends Expr, @instanceofexpr { * * Holds if this `instanceof` expression uses pattern matching. */ - predicate isPattern() { exists(getLocalVariableDeclExpr()) } + predicate isPattern() { exists(this.getLocalVariableDeclExpr()) } /** * PREVIEW FEATURE in Java 14. Subject to removal in a future release. @@ -1359,7 +1361,7 @@ class InstanceOfExpr extends Expr, @instanceofexpr { Expr getTypeName() { result.isNthChildOf(this, 1) } /** Gets the type this `instanceof` expression checks for. */ - RefType getCheckedType() { result = getTypeName().getType() } + RefType getCheckedType() { result = this.getTypeName().getType() } /** Gets a printable representation of this expression. */ override string toString() { result = "...instanceof..." } @@ -1457,7 +1459,7 @@ class TypeLiteral extends Expr, @typeliteral { * Gets the type this type literal refers to. For example for `String.class` the * result is the type representing `String`. */ - Type getReferencedType() { result = getTypeName().getType() } + Type getReferencedType() { result = this.getTypeName().getType() } /** Gets a printable representation of this expression. */ override string toString() { result = this.getTypeName().toString() + ".class" } @@ -1482,15 +1484,15 @@ abstract class InstanceAccess extends Expr { * This never holds for accesses in lambda expressions as they cannot access * their own instance directly. */ - predicate isOwnInstanceAccess() { not isEnclosingInstanceAccess(_) } + predicate isOwnInstanceAccess() { not this.isEnclosingInstanceAccess(_) } /** Holds if this instance access is to an enclosing instance of type `t`. */ predicate isEnclosingInstanceAccess(RefType t) { - t = getQualifier().getType().(RefType).getSourceDeclaration() and - t != getEnclosingCallable().getDeclaringType() + t = this.getQualifier().getType().(RefType).getSourceDeclaration() and + t != this.getEnclosingCallable().getDeclaringType() or - not exists(getQualifier()) and - exists(LambdaExpr lam | lam.asMethod() = getEnclosingCallable() | + not exists(this.getQualifier()) and + exists(LambdaExpr lam | lam.asMethod() = this.getEnclosingCallable() | t = lam.getAnonymousClass().getEnclosingType() ) } @@ -1538,7 +1540,7 @@ class VarAccess extends Expr, @varaccess { Expr getQualifier() { result.getParent() = this } /** Holds if this variable access has a qualifier. */ - predicate hasQualifier() { exists(getQualifier()) } + predicate hasQualifier() { exists(this.getQualifier()) } /** Gets the variable accessed by this variable access. */ Variable getVariable() { variableBinding(this, result) } @@ -1580,11 +1582,11 @@ class VarAccess extends Expr, @varaccess { */ predicate isLocal() { // The access has no qualifier, or... - not hasQualifier() + not this.hasQualifier() or // the qualifier is either `this` or `A.this`, where `A` is the enclosing type, or // the qualifier is either `super` or `A.super`, where `A` is the enclosing type. - getQualifier().(InstanceAccess).isOwnInstanceAccess() + this.getQualifier().(InstanceAccess).isOwnInstanceAccess() } override string getAPrimaryQlClass() { result = "VarAccess" } @@ -1626,7 +1628,7 @@ class MethodAccess extends Expr, Call, @methodaccess { override Expr getQualifier() { result.isNthChildOf(this, -1) } /** Holds if this method access has a qualifier. */ - predicate hasQualifier() { exists(getQualifier()) } + predicate hasQualifier() { exists(this.getQualifier()) } /** Gets an argument supplied to the method that is invoked using this method access. */ override Expr getAnArgument() { result.getIndex() >= 0 and result.getParent() = this } @@ -1663,9 +1665,9 @@ class MethodAccess extends Expr, Call, @methodaccess { * the enclosing type if there is no qualifier. */ RefType getReceiverType() { - result = getQualifier().getType() + result = this.getQualifier().getType() or - not hasQualifier() and result = getEnclosingCallable().getDeclaringType() + not this.hasQualifier() and result = this.getEnclosingCallable().getDeclaringType() } /** @@ -1841,7 +1843,7 @@ class Call extends ExprParent, @caller { Callable getCallee() { callableBinding(this, result) } /** Gets the callable invoking this call. */ - Callable getCaller() { result = getEnclosingCallable() } + Callable getCaller() { result = this.getEnclosingCallable() } } /** A polymorphic call to an instance method. */ @@ -2042,14 +2044,14 @@ class Argument extends Expr { } /** Holds if this argument is part of an implicit varargs array. */ - predicate isVararg() { isNthVararg(_) } + predicate isVararg() { this.isNthVararg(_) } /** * Holds if this argument is part of an implicit varargs array at the * given array index. */ predicate isNthVararg(int arrayindex) { - not isExplicitVarargsArray() and + not this.isExplicitVarargsArray() and exists(Callable tgt | call.getCallee() = tgt and tgt.isVarargs() and diff --git a/java/ql/lib/semmle/code/java/Generics.qll b/java/ql/lib/semmle/code/java/Generics.qll index a15c47b1f8f..d023c7c15a3 100755 --- a/java/ql/lib/semmle/code/java/Generics.qll +++ b/java/ql/lib/semmle/code/java/Generics.qll @@ -69,12 +69,12 @@ class GenericType extends RefType { /** * Gets a type parameter of this generic type. */ - TypeVariable getATypeParameter() { result = getTypeParameter(_) } + TypeVariable getATypeParameter() { result = this.getTypeParameter(_) } /** * Gets the number of type parameters of this generic type. */ - int getNumberOfTypeParameters() { result = strictcount(getATypeParameter()) } + int getNumberOfTypeParameters() { result = strictcount(this.getATypeParameter()) } override string getAPrimaryQlClass() { result = "GenericType" } } @@ -107,7 +107,7 @@ abstract class BoundedType extends RefType, @boundedtype { TypeBound getATypeBound() { result.getBoundedType() = this } /** Gets the first type bound for this type, if any. */ - TypeBound getFirstTypeBound() { result = getATypeBound() and result.getPosition() = 0 } + TypeBound getFirstTypeBound() { result = this.getATypeBound() and result.getPosition() = 0 } /** * Gets an upper type bound of this type, or `Object` @@ -123,9 +123,9 @@ abstract class BoundedType extends RefType, @boundedtype { /** Gets a transitive upper bound for this type that is not itself a bounded type. */ RefType getAnUltimateUpperBoundType() { - result = getUpperBoundType() and not result instanceof BoundedType + result = this.getUpperBoundType() and not result instanceof BoundedType or - result = getUpperBoundType().(BoundedType).getAnUltimateUpperBoundType() + result = this.getUpperBoundType().(BoundedType).getAnUltimateUpperBoundType() } override string getAPrimaryQlClass() { result = "BoundedType" } @@ -168,8 +168,8 @@ class TypeVariable extends BoundedType, @typevariable { /** Gets the lexically enclosing package of this type parameter, if any. */ override Package getPackage() { - result = getGenericType().getPackage() or - result = getGenericCallable().getDeclaringType().getPackage() + result = this.getGenericType().getPackage() or + result = this.getGenericCallable().getDeclaringType().getPackage() } /** Finds a type that was supplied for this parameter. */ @@ -190,9 +190,9 @@ class TypeVariable extends BoundedType, @typevariable { /** Finds a non-typevariable type that was transitively supplied for this parameter. */ RefType getAnUltimatelySuppliedType() { - result = getASuppliedType() and not result instanceof TypeVariable + result = this.getASuppliedType() and not result instanceof TypeVariable or - result = getASuppliedType().(TypeVariable).getAnUltimatelySuppliedType() + result = this.getASuppliedType().(TypeVariable).getAnUltimatelySuppliedType() } override string getAPrimaryQlClass() { result = "TypeVariable" } @@ -261,7 +261,7 @@ class Wildcard extends BoundedType, @wildcard { * Holds if this is the unconstrained wildcard `?`. */ predicate isUnconstrained() { - not hasLowerBound() and + not this.hasLowerBound() and wildcards(this, "?", _) } @@ -451,12 +451,12 @@ class GenericCallable extends Callable { /** * Gets a type parameter of this generic callable. */ - TypeVariable getATypeParameter() { result = getTypeParameter(_) } + TypeVariable getATypeParameter() { result = this.getTypeParameter(_) } /** * Gets the number of type parameters of this generic callable. */ - int getNumberOfTypeParameters() { result = strictcount(getATypeParameter()) } + int getNumberOfTypeParameters() { result = strictcount(this.getATypeParameter()) } } /** @@ -484,10 +484,10 @@ class GenericCall extends Call { /** Gets a type argument of the call for the given `TypeVariable`. */ RefType getATypeArgument(TypeVariable v) { - result = getAnExplicitTypeArgument(v) + result = this.getAnExplicitTypeArgument(v) or - not exists(getAnExplicitTypeArgument(v)) and - result = getAnInferredTypeArgument(v) + not exists(this.getAnExplicitTypeArgument(v)) and + result = this.getAnInferredTypeArgument(v) } } diff --git a/java/ql/lib/semmle/code/java/JDK.qll b/java/ql/lib/semmle/code/java/JDK.qll index 2e14ab7b898..e497740a489 100644 --- a/java/ql/lib/semmle/code/java/JDK.qll +++ b/java/ql/lib/semmle/code/java/JDK.qll @@ -19,12 +19,12 @@ class TypeCloneable extends Interface { /** The class `java.lang.ProcessBuilder`. */ class TypeProcessBuilder extends Class { - TypeProcessBuilder() { hasQualifiedName("java.lang", "ProcessBuilder") } + TypeProcessBuilder() { this.hasQualifiedName("java.lang", "ProcessBuilder") } } /** The class `java.lang.Runtime`. */ class TypeRuntime extends Class { - TypeRuntime() { hasQualifiedName("java.lang", "Runtime") } + TypeRuntime() { this.hasQualifiedName("java.lang", "Runtime") } } /** The class `java.lang.String`. */ @@ -143,22 +143,22 @@ class ImmutableType extends Type { // --- Java IO --- /** The interface `java.io.Serializable`. */ class TypeSerializable extends Interface { - TypeSerializable() { hasQualifiedName("java.io", "Serializable") } + TypeSerializable() { this.hasQualifiedName("java.io", "Serializable") } } /** The interface `java.io.ObjectOutput`. */ class TypeObjectOutput extends Interface { - TypeObjectOutput() { hasQualifiedName("java.io", "ObjectOutput") } + TypeObjectOutput() { this.hasQualifiedName("java.io", "ObjectOutput") } } /** The type `java.io.ObjectOutputStream`. */ class TypeObjectOutputStream extends RefType { - TypeObjectOutputStream() { hasQualifiedName("java.io", "ObjectOutputStream") } + TypeObjectOutputStream() { this.hasQualifiedName("java.io", "ObjectOutputStream") } } /** The type `java.io.ObjectInputStream`. */ class TypeObjectInputStream extends RefType { - TypeObjectInputStream() { hasQualifiedName("java.io", "ObjectInputStream") } + TypeObjectInputStream() { this.hasQualifiedName("java.io", "ObjectInputStream") } } /** The class `java.nio.file.Paths`. */ @@ -196,8 +196,8 @@ class ProcessBuilderConstructor extends Constructor, ExecCallable { */ class MethodProcessBuilderCommand extends Method, ExecCallable { MethodProcessBuilderCommand() { - hasName("command") and - getDeclaringType() instanceof TypeProcessBuilder + this.hasName("command") and + this.getDeclaringType() instanceof TypeProcessBuilder } override int getAnExecutedArgument() { result = 0 } @@ -208,8 +208,8 @@ class MethodProcessBuilderCommand extends Method, ExecCallable { */ class MethodRuntimeExec extends Method, ExecCallable { MethodRuntimeExec() { - hasName("exec") and - getDeclaringType() instanceof TypeRuntime + this.hasName("exec") and + this.getDeclaringType() instanceof TypeRuntime } override int getAnExecutedArgument() { result = 0 } @@ -220,8 +220,8 @@ class MethodRuntimeExec extends Method, ExecCallable { */ class MethodSystemGetenv extends Method { MethodSystemGetenv() { - hasName("getenv") and - getDeclaringType() instanceof TypeSystem + this.hasName("getenv") and + this.getDeclaringType() instanceof TypeSystem } } @@ -230,8 +230,8 @@ class MethodSystemGetenv extends Method { */ class MethodSystemGetProperty extends Method { MethodSystemGetProperty() { - hasName("getProperty") and - getDeclaringType() instanceof TypeSystem + this.hasName("getProperty") and + this.getDeclaringType() instanceof TypeSystem } } @@ -239,7 +239,7 @@ class MethodSystemGetProperty extends Method { * An access to a method named `getProperty` on class `java.lang.System`. */ class MethodAccessSystemGetProperty extends MethodAccess { - MethodAccessSystemGetProperty() { getMethod() instanceof MethodSystemGetProperty } + MethodAccessSystemGetProperty() { this.getMethod() instanceof MethodSystemGetProperty } /** * Holds if this call has a compile-time constant first argument with the value `propertyName`. @@ -255,8 +255,11 @@ class MethodAccessSystemGetProperty extends MethodAccess { */ class MethodExit extends Method { MethodExit() { - hasName("exit") and - (getDeclaringType() instanceof TypeRuntime or getDeclaringType() instanceof TypeSystem) + this.hasName("exit") and + ( + this.getDeclaringType() instanceof TypeRuntime or + this.getDeclaringType() instanceof TypeSystem + ) } } @@ -266,10 +269,10 @@ class MethodExit extends Method { */ class WriteObjectMethod extends Method { WriteObjectMethod() { - hasName("writeObject") and + this.hasName("writeObject") and ( - getDeclaringType() instanceof TypeObjectOutputStream or - getDeclaringType() instanceof TypeObjectOutput + this.getDeclaringType() instanceof TypeObjectOutputStream or + this.getDeclaringType() instanceof TypeObjectOutput ) } } @@ -293,16 +296,16 @@ class ReadObjectMethod extends Method { /** The method `Class.getName()`. */ class ClassNameMethod extends Method { ClassNameMethod() { - hasName("getName") and - getDeclaringType() instanceof TypeClass + this.hasName("getName") and + this.getDeclaringType() instanceof TypeClass } } /** The method `Class.getSimpleName()`. */ class ClassSimpleNameMethod extends Method { ClassSimpleNameMethod() { - hasName("getSimpleName") and - getDeclaringType() instanceof TypeClass + this.hasName("getSimpleName") and + this.getDeclaringType() instanceof TypeClass } } @@ -334,24 +337,24 @@ class MethodMathMax extends Method { /** The field `System.in`. */ class SystemIn extends Field { SystemIn() { - hasName("in") and - getDeclaringType() instanceof TypeSystem + this.hasName("in") and + this.getDeclaringType() instanceof TypeSystem } } /** The field `System.out`. */ class SystemOut extends Field { SystemOut() { - hasName("out") and - getDeclaringType() instanceof TypeSystem + this.hasName("out") and + this.getDeclaringType() instanceof TypeSystem } } /** The field `System.err`. */ class SystemErr extends Field { SystemErr() { - hasName("err") and - getDeclaringType() instanceof TypeSystem + this.hasName("err") and + this.getDeclaringType() instanceof TypeSystem } } diff --git a/java/ql/lib/semmle/code/java/JDKAnnotations.qll b/java/ql/lib/semmle/code/java/JDKAnnotations.qll index 49776a570f2..0b56599caa2 100644 --- a/java/ql/lib/semmle/code/java/JDKAnnotations.qll +++ b/java/ql/lib/semmle/code/java/JDKAnnotations.qll @@ -25,7 +25,9 @@ class SuppressWarningsAnnotation extends Annotation { } /** Gets the name of a warning suppressed by this annotation. */ - string getASuppressedWarning() { result = getASuppressedWarningLiteral().getRepresentedString() } + string getASuppressedWarning() { + result = this.getASuppressedWarningLiteral().getRepresentedString() + } } /** A `@Target` annotation. */ diff --git a/java/ql/lib/semmle/code/java/JMX.qll b/java/ql/lib/semmle/code/java/JMX.qll index 77194d24767..16c8736059f 100644 --- a/java/ql/lib/semmle/code/java/JMX.qll +++ b/java/ql/lib/semmle/code/java/JMX.qll @@ -26,27 +26,27 @@ class MXBean extends ManagedBean { */ class RegisteredManagedBeanImpl extends Class { RegisteredManagedBeanImpl() { - getAnAncestor() instanceof ManagedBean and + this.getAnAncestor() instanceof ManagedBean and exists(JMXRegistrationCall registerCall | registerCall.getObjectArgument().getType() = this) } /** * Gets a managed bean that this registered bean class implements. */ - ManagedBean getAnImplementedManagedBean() { result = getAnAncestor() } + ManagedBean getAnImplementedManagedBean() { result = this.getAnAncestor() } } /** * A call that registers an object with the `MBeanServer`, directly or indirectly. */ class JMXRegistrationCall extends MethodAccess { - JMXRegistrationCall() { getCallee() instanceof JMXRegistrationMethod } + JMXRegistrationCall() { this.getCallee() instanceof JMXRegistrationMethod } /** * Gets the argument that represents the object in the registration call. */ Expr getObjectArgument() { - result = getArgument(getCallee().(JMXRegistrationMethod).getObjectPosition()) + result = this.getArgument(this.getCallee().(JMXRegistrationMethod).getObjectPosition()) } } @@ -59,15 +59,15 @@ class JMXRegistrationCall extends MethodAccess { class JMXRegistrationMethod extends Method { JMXRegistrationMethod() { // A direct registration with the `MBeanServer`. - getDeclaringType().hasQualifiedName("javax.management", "MBeanServer") and - getName() = "registerMBean" + this.getDeclaringType().hasQualifiedName("javax.management", "MBeanServer") and + this.getName() = "registerMBean" or // The `MBeanServer` is often wrapped by an application specific management class, so identify // methods that wrap a call to another `JMXRegistrationMethod`. exists(JMXRegistrationCall c | // This must be a call to another JMX registration method, where the object argument is an access // of one of the parameters of this method. - c.getObjectArgument().(VarAccess).getVariable() = getAParameter() + c.getObjectArgument().(VarAccess).getVariable() = this.getAParameter() ) } @@ -76,13 +76,13 @@ class JMXRegistrationMethod extends Method { */ int getObjectPosition() { // Passed as the first argument to `registerMBean`. - getDeclaringType().hasQualifiedName("javax.management", "MBeanServer") and - getName() = "registerMBean" and + this.getDeclaringType().hasQualifiedName("javax.management", "MBeanServer") and + this.getName() = "registerMBean" and result = 0 or // Identify the position in this method where the object parameter should be passed. exists(JMXRegistrationCall c | - c.getObjectArgument().(VarAccess).getVariable() = getParameter(result) + c.getObjectArgument().(VarAccess).getVariable() = this.getParameter(result) ) } } diff --git a/java/ql/lib/semmle/code/java/Javadoc.qll b/java/ql/lib/semmle/code/java/Javadoc.qll index 61d978fbd35..8f7b1dbf580 100755 --- a/java/ql/lib/semmle/code/java/Javadoc.qll +++ b/java/ql/lib/semmle/code/java/Javadoc.qll @@ -14,7 +14,7 @@ class JavadocParent extends @javadocParent, Top { JavadocElement getChild(int index) { result = this.getAChild() and result.getIndex() = index } /** Gets the number of documentation elements attached to this parent. */ - int getNumChild() { result = count(getAChild()) } + int getNumChild() { result = count(this.getAChild()) } /** Gets a documentation element with the specified Javadoc tag name. */ JavadocTag getATag(string name) { result = this.getAChild() and result.getTagName() = name } @@ -33,7 +33,9 @@ class Javadoc extends JavadocParent, @javadoc { /** Gets the value of the `@author` tag, if any. */ string getAuthor() { result = this.getATag("@author").getChild(0).toString() } - override string toString() { result = toStringPrefix() + getChild(0) + toStringPostfix() } + override string toString() { + result = this.toStringPrefix() + this.getChild(0) + this.toStringPostfix() + } private string toStringPrefix() { if isEolComment(this) @@ -47,7 +49,7 @@ class Javadoc extends JavadocParent, @javadoc { if isEolComment(this) then result = "" else ( - if strictcount(getAChild()) = 1 then result = " */" else result = " ... */" + if strictcount(this.getAChild()) = 1 then result = " */" else result = " ... */" ) } @@ -119,10 +121,10 @@ class ThrowsTag extends JavadocTag { /** A Javadoc `@see` tag. */ class SeeTag extends JavadocTag { - SeeTag() { getTagName() = "@see" } + SeeTag() { this.getTagName() = "@see" } /** Gets the name of the entity referred to. */ - string getReference() { result = getChild(0).toString() } + string getReference() { result = this.getChild(0).toString() } } /** A Javadoc `@author` tag. */ diff --git a/java/ql/lib/semmle/code/java/Maps.qll b/java/ql/lib/semmle/code/java/Maps.qll index c86cb0ef47a..784db84fb98 100644 --- a/java/ql/lib/semmle/code/java/Maps.qll +++ b/java/ql/lib/semmle/code/java/Maps.qll @@ -76,11 +76,11 @@ class FreshMap extends ClassInstanceExpr { * A call to `Map.put(key, value)`. */ class MapPutCall extends MethodAccess { - MapPutCall() { getCallee().(MapMethod).hasName("put") } + MapPutCall() { this.getCallee().(MapMethod).hasName("put") } /** Gets the key argument of this call. */ - Expr getKey() { result = getArgument(0) } + Expr getKey() { result = this.getArgument(0) } /** Gets the value argument of this call. */ - Expr getValue() { result = getArgument(1) } + Expr getValue() { result = this.getArgument(1) } } diff --git a/java/ql/lib/semmle/code/java/Member.qll b/java/ql/lib/semmle/code/java/Member.qll index da136c577f8..fee8d3f24ee 100755 --- a/java/ql/lib/semmle/code/java/Member.qll +++ b/java/ql/lib/semmle/code/java/Member.qll @@ -21,7 +21,7 @@ class Member extends Element, Annotatable, Modifiable, @member { RefType getDeclaringType() { declaresMember(result, this) } /** Gets the qualified name of this member. */ - string getQualifiedName() { result = getDeclaringType().getName() + "." + getName() } + string getQualifiedName() { result = this.getDeclaringType().getName() + "." + this.getName() } /** * Holds if this member has the specified name and is declared in the @@ -33,9 +33,9 @@ class Member extends Element, Annotatable, Modifiable, @member { /** Holds if this member is package protected, that is, neither public nor private nor protected. */ predicate isPackageProtected() { - not isPrivate() and - not isProtected() and - not isPublic() + not this.isPrivate() and + not this.isProtected() and + not this.isPublic() } /** @@ -78,7 +78,7 @@ class Callable extends StmtParent, Member, @callable { */ string getMethodDescriptor() { exists(string return | return = this.getReturnType().getTypeDescriptor() | - result = "(" + descriptorUpTo(this.getNumberOfParameters()) + ")" + return + result = "(" + this.descriptorUpTo(this.getNumberOfParameters()) + ")" + return ) } @@ -86,19 +86,19 @@ class Callable extends StmtParent, Member, @callable { n = 0 and result = "" or exists(Parameter p | p = this.getParameter(n - 1) | - result = descriptorUpTo(n - 1) + p.getType().getTypeDescriptor() + result = this.descriptorUpTo(n - 1) + p.getType().getTypeDescriptor() ) } /** Holds if this callable calls `target`. */ - predicate calls(Callable target) { exists(getACallSite(target)) } + predicate calls(Callable target) { exists(this.getACallSite(target)) } /** * Holds if this callable calls `target` * using a `super(...)` constructor call. */ predicate callsSuperConstructor(Constructor target) { - getACallSite(target) instanceof SuperConstructorInvocationStmt + this.getACallSite(target) instanceof SuperConstructorInvocationStmt } /** @@ -106,14 +106,14 @@ class Callable extends StmtParent, Member, @callable { * using a `this(...)` constructor call. */ predicate callsThis(Constructor target) { - getACallSite(target) instanceof ThisConstructorInvocationStmt + this.getACallSite(target) instanceof ThisConstructorInvocationStmt } /** * Holds if this callable calls `target` * using a `super` method call. */ - predicate callsSuper(Method target) { getACallSite(target) instanceof SuperMethodAccess } + predicate callsSuper(Method target) { this.getACallSite(target) instanceof SuperMethodAccess } /** * Holds if this callable calls `c` using @@ -165,13 +165,13 @@ class Callable extends StmtParent, Member, @callable { Field getAnAccessedField() { this.accesses(result) } /** Gets the type of a formal parameter of this callable. */ - Type getAParamType() { result = getParameterType(_) } + Type getAParamType() { result = this.getParameterType(_) } /** Holds if this callable does not have any formal parameters. */ - predicate hasNoParameters() { not exists(getAParameter()) } + predicate hasNoParameters() { not exists(this.getAParameter()) } /** Gets the number of formal parameters of this callable. */ - int getNumberOfParameters() { result = count(getAParameter()) } + int getNumberOfParameters() { result = count(this.getAParameter()) } /** Gets a formal parameter of this callable. */ Parameter getAParameter() { result.getCallable() = this } @@ -205,7 +205,7 @@ class Callable extends StmtParent, Member, @callable { */ pragma[nomagic] string paramsString() { - exists(int n | n = getNumberOfParameters() | + exists(int n | n = this.getNumberOfParameters() | n = 0 and result = "()" or n > 0 and result = "(" + this.paramUpTo(n - 1) + ")" @@ -217,9 +217,9 @@ class Callable extends StmtParent, Member, @callable { * from left to right, up to (and including) the `n`-th parameter. */ private string paramUpTo(int n) { - n = 0 and result = getParameterType(0).toString() + n = 0 and result = this.getParameterType(0).toString() or - n > 0 and result = paramUpTo(n - 1) + ", " + getParameterType(n) + n > 0 and result = this.paramUpTo(n - 1) + ", " + this.getParameterType(n) } /** @@ -234,7 +234,7 @@ class Callable extends StmtParent, Member, @callable { Exception getAnException() { exceptions(result, _, this) } /** Gets an exception type that occurs in the `throws` clause of this callable. */ - RefType getAThrownExceptionType() { result = getAnException().getType() } + RefType getAThrownExceptionType() { result = this.getAnException().getType() } /** Gets a call site that references this callable. */ Call getAReference() { result.getCallee() = this } @@ -392,7 +392,7 @@ class Method extends Callable, @method { or // JLS 9.4: Every method declaration in the body of an interface without an // access modifier is implicitly public. - getDeclaringType() instanceof Interface and + this.getDeclaringType() instanceof Interface and not this.isPrivate() or exists(FunctionalExpr func | func.asMethod() = this) @@ -413,7 +413,7 @@ class Method extends Callable, @method { Callable.super.isStrictfp() or // JLS 8.1.1.3, JLS 9.1.1.2 - getDeclaringType().isStrictfp() + this.getDeclaringType().isStrictfp() } /** @@ -421,8 +421,8 @@ class Method extends Callable, @method { * nor an initializer method, and hence could be inherited. */ predicate isInheritable() { - not isPrivate() and - not (isStatic() and getDeclaringType() instanceof Interface) and + not this.isPrivate() and + not (this.isStatic() and this.getDeclaringType() instanceof Interface) and not this instanceof InitializerMethod } @@ -430,13 +430,13 @@ class Method extends Callable, @method { * Holds if this method is neither private nor static, and hence * uses dynamic dispatch. */ - predicate isVirtual() { not isPrivate() and not isStatic() } + predicate isVirtual() { not this.isPrivate() and not this.isStatic() } /** Holds if this method can be overridden. */ predicate isOverridable() { - isVirtual() and - not isFinal() and - not getDeclaringType().isFinal() + this.isVirtual() and + not this.isFinal() and + not this.getDeclaringType().isFinal() } override string getAPrimaryQlClass() { result = "Method" } @@ -549,7 +549,7 @@ abstract class InitializerMethod extends Method { } * field initializations and static initializer blocks. */ class StaticInitializer extends InitializerMethod { - StaticInitializer() { hasName("") } + StaticInitializer() { this.hasName("") } } /** @@ -629,7 +629,7 @@ class Field extends Member, ExprParent, @field, Variable { or // JLS 9.3: Every field declaration in the body of an interface is // implicitly public, static, and final - getDeclaringType() instanceof Interface + this.getDeclaringType() instanceof Interface } override predicate isStatic() { diff --git a/java/ql/lib/semmle/code/java/Modifier.qll b/java/ql/lib/semmle/code/java/Modifier.qll index 39cbe5a3c29..11317ef8537 100755 --- a/java/ql/lib/semmle/code/java/Modifier.qll +++ b/java/ql/lib/semmle/code/java/Modifier.qll @@ -25,7 +25,7 @@ abstract class Modifiable extends Element { * abstract, so `isAbstract()` will hold for them even if `hasModifier("abstract")` * does not. */ - predicate hasModifier(string m) { modifiers(getAModifier(), m) } + predicate hasModifier(string m) { modifiers(this.getAModifier(), m) } /** Holds if this element has no modifier. */ predicate hasNoModifier() { not hasModifier(this, _) } @@ -34,31 +34,31 @@ abstract class Modifiable extends Element { Modifier getAModifier() { this = result.getElement() } /** Holds if this element has an `abstract` modifier or is implicitly abstract. */ - predicate isAbstract() { hasModifier("abstract") } + predicate isAbstract() { this.hasModifier("abstract") } /** Holds if this element has a `static` modifier or is implicitly static. */ - predicate isStatic() { hasModifier("static") } + predicate isStatic() { this.hasModifier("static") } /** Holds if this element has a `final` modifier or is implicitly final. */ - predicate isFinal() { hasModifier("final") } + predicate isFinal() { this.hasModifier("final") } /** Holds if this element has a `public` modifier or is implicitly public. */ - predicate isPublic() { hasModifier("public") } + predicate isPublic() { this.hasModifier("public") } /** Holds if this element has a `protected` modifier. */ - predicate isProtected() { hasModifier("protected") } + predicate isProtected() { this.hasModifier("protected") } /** Holds if this element has a `private` modifier or is implicitly private. */ - predicate isPrivate() { hasModifier("private") } + predicate isPrivate() { this.hasModifier("private") } /** Holds if this element has a `volatile` modifier. */ - predicate isVolatile() { hasModifier("volatile") } + predicate isVolatile() { this.hasModifier("volatile") } /** Holds if this element has a `synchronized` modifier. */ - predicate isSynchronized() { hasModifier("synchronized") } + predicate isSynchronized() { this.hasModifier("synchronized") } /** Holds if this element has a `native` modifier. */ - predicate isNative() { hasModifier("native") } + predicate isNative() { this.hasModifier("native") } /** Holds if this element has a `default` modifier. */ predicate isDefault() { this.hasModifier("default") } diff --git a/java/ql/lib/semmle/code/java/PrettyPrintAst.qll b/java/ql/lib/semmle/code/java/PrettyPrintAst.qll index 45e683a2466..6cb5769184a 100644 --- a/java/ql/lib/semmle/code/java/PrettyPrintAst.qll +++ b/java/ql/lib/semmle/code/java/PrettyPrintAst.qll @@ -169,27 +169,27 @@ private class PpArrayCreationExpr extends PpAst, ArrayCreationExpr { override string getPart(int i) { i = 0 and result = "new " or - i = 1 and result = baseType() + i = 1 and result = this.baseType() or - i = 2 + 3 * dimensionIndex() and result = "[" + i = 2 + 3 * this.dimensionIndex() and result = "[" or - i = 4 + 3 * dimensionIndex() and result = "]" + i = 4 + 3 * this.dimensionIndex() and result = "]" or - i = 4 + 3 * exprDims() + [1 .. nonExprDims()] and result = "[]" + i = 4 + 3 * this.exprDims() + [1 .. this.nonExprDims()] and result = "[]" } private string baseType() { result = this.getType().(Array).getElementType().toString() } private int dimensionIndex() { exists(this.getDimension(result)) } - private int exprDims() { result = max(int j | j = 0 or j = 1 + dimensionIndex()) } + private int exprDims() { result = max(int j | j = 0 or j = 1 + this.dimensionIndex()) } - private int nonExprDims() { result = this.getType().(Array).getDimension() - exprDims() } + private int nonExprDims() { result = this.getType().(Array).getDimension() - this.exprDims() } override PpAst getChild(int i) { exists(int j | result = this.getDimension(j) and i = 3 + 3 * j) or - i = 5 + 3 * exprDims() + nonExprDims() and result = this.getInit() + i = 5 + 3 * this.exprDims() + this.nonExprDims() and result = this.getInit() } } @@ -539,27 +539,27 @@ private class PpForStmt extends PpAst, ForStmt { or exists(int j | j > 0 and exists(this.getInit(j)) and i = 2 + 2 * j and result = ", ") or - i = 1 + lastInitIndex() and result = "; " + i = 1 + this.lastInitIndex() and result = "; " or - i = 3 + lastInitIndex() and result = "; " + i = 3 + this.lastInitIndex() and result = "; " or exists(int j | - j > 0 and exists(this.getUpdate(j)) and i = 3 + lastInitIndex() + 2 * j and result = ", " + j > 0 and exists(this.getUpdate(j)) and i = 3 + this.lastInitIndex() + 2 * j and result = ", " ) or - i = 1 + lastUpdateIndex() and result = ")" + i = 1 + this.lastUpdateIndex() and result = ")" or - i = 2 + lastUpdateIndex() and result = " " and this.getStmt() instanceof BlockStmt + i = 2 + this.lastUpdateIndex() and result = " " and this.getStmt() instanceof BlockStmt } private int lastInitIndex() { result = 3 + 2 * max(int j | exists(this.getInit(j))) } private int lastUpdateIndex() { - result = 4 + lastInitIndex() + 2 * max(int j | exists(this.getUpdate(j))) + result = 4 + this.lastInitIndex() + 2 * max(int j | exists(this.getUpdate(j))) } override predicate newline(int i) { - i = 2 + lastUpdateIndex() and not this.getStmt() instanceof BlockStmt + i = 2 + this.lastUpdateIndex() and not this.getStmt() instanceof BlockStmt } override PpAst getChild(int i) { @@ -567,15 +567,15 @@ private class PpForStmt extends PpAst, ForStmt { or exists(int j | result = this.getInit(j) and i = 3 + 2 * j) or - i = 2 + lastInitIndex() and result = this.getCondition() + i = 2 + this.lastInitIndex() and result = this.getCondition() or - exists(int j | result = this.getUpdate(j) and i = 4 + lastInitIndex() + 2 * j) + exists(int j | result = this.getUpdate(j) and i = 4 + this.lastInitIndex() + 2 * j) or - i = 3 + lastUpdateIndex() and result = this.getStmt() + i = 3 + this.lastUpdateIndex() and result = this.getStmt() } override predicate indents(int i) { - i = 3 + lastUpdateIndex() and not this.getStmt() instanceof BlockStmt + i = 3 + this.lastUpdateIndex() and not this.getStmt() instanceof BlockStmt } } @@ -654,9 +654,9 @@ private class PpTryStmt extends PpAst, TryStmt { or exists(int j | exists(this.getResourceExpr(j)) and i = 3 + 2 * j and result = ";") or - i = 2 + lastResourceIndex() and result = ") " and exists(this.getAResource()) + i = 2 + this.lastResourceIndex() and result = ") " and exists(this.getAResource()) or - i = 1 + lastCatchIndex() and result = " finally " and exists(this.getFinally()) + i = 1 + this.lastCatchIndex() and result = " finally " and exists(this.getFinally()) } private int lastResourceIndex() { @@ -664,17 +664,17 @@ private class PpTryStmt extends PpAst, TryStmt { } private int lastCatchIndex() { - result = 4 + lastResourceIndex() + max(int j | exists(this.getCatchClause(j)) or j = 0) + result = 4 + this.lastResourceIndex() + max(int j | exists(this.getCatchClause(j)) or j = 0) } override PpAst getChild(int i) { exists(int j | i = 2 + 2 * j and result = this.getResource(j)) or - i = 3 + lastResourceIndex() and result = this.getBlock() + i = 3 + this.lastResourceIndex() and result = this.getBlock() or - exists(int j | i = 4 + lastResourceIndex() + j and result = this.getCatchClause(j)) + exists(int j | i = 4 + this.lastResourceIndex() + j and result = this.getCatchClause(j)) or - i = 2 + lastCatchIndex() and result = this.getFinally() + i = 2 + this.lastCatchIndex() and result = this.getFinally() } } @@ -728,11 +728,11 @@ private class PpSwitchCase extends PpAst, SwitchCase { or exists(int j | i = 2 * j and j != 0 and result = ", " and exists(this.(ConstCase).getValue(j))) or - i = 1 + lastConstCaseValueIndex() and result = ":" and not this.isRule() + i = 1 + this.lastConstCaseValueIndex() and result = ":" and not this.isRule() or - i = 1 + lastConstCaseValueIndex() and result = " -> " and this.isRule() + i = 1 + this.lastConstCaseValueIndex() and result = " -> " and this.isRule() or - i = 3 + lastConstCaseValueIndex() and result = ";" and exists(this.getRuleExpression()) + i = 3 + this.lastConstCaseValueIndex() and result = ";" and exists(this.getRuleExpression()) } private int lastConstCaseValueIndex() { @@ -742,9 +742,9 @@ private class PpSwitchCase extends PpAst, SwitchCase { override PpAst getChild(int i) { exists(int j | i = 1 + 2 * j and result = this.(ConstCase).getValue(j)) or - i = 2 + lastConstCaseValueIndex() and result = this.getRuleExpression() + i = 2 + this.lastConstCaseValueIndex() and result = this.getRuleExpression() or - i = 2 + lastConstCaseValueIndex() and result = this.getRuleStatement() + i = 2 + this.lastConstCaseValueIndex() and result = this.getRuleStatement() } } diff --git a/java/ql/lib/semmle/code/java/PrintAst.qll b/java/ql/lib/semmle/code/java/PrintAst.qll index d22065177bc..0d785e9ee28 100644 --- a/java/ql/lib/semmle/code/java/PrintAst.qll +++ b/java/ql/lib/semmle/code/java/PrintAst.qll @@ -151,7 +151,7 @@ class PrintAstNode extends TPrintAstNode { /** * Gets a child of this node. */ - final PrintAstNode getAChild() { result = getChild(_) } + final PrintAstNode getAChild() { result = this.getChild(_) } /** * Gets the parent of this node, if any. @@ -169,7 +169,7 @@ class PrintAstNode extends TPrintAstNode { */ string getProperty(string key) { key = "semmle.label" and - result = toString() + result = this.toString() } /** @@ -178,7 +178,7 @@ class PrintAstNode extends TPrintAstNode { * this. */ string getChildEdgeLabel(int childIndex) { - exists(getChild(childIndex)) and + exists(this.getChild(childIndex)) and result = childIndex.toString() } } @@ -259,7 +259,7 @@ final class AnnotationPartNode extends ExprStmtNode { override ElementNode getChild(int childIndex) { result.getElement() = rank[childIndex](Element ch, string file, int line, int column | - ch = getAnAnnotationChild() and locationSortKeys(ch, file, line, column) + ch = this.getAnAnnotationChild() and locationSortKeys(ch, file, line, column) | ch order by file, line, column ) @@ -352,7 +352,7 @@ private class SingleLocalVarDeclParent extends ExprOrStmt { LocalVariableDeclExpr getVariable() { result.getParent() = this } /** Gets the type access of the variable */ - Expr getTypeAccess() { result = getVariable().getTypeAccess() } + Expr getTypeAccess() { result = this.getVariable().getTypeAccess() } } /** @@ -460,7 +460,7 @@ final class ClassInterfaceNode extends ElementNode { childIndex >= 0 and result.(ElementNode).getElement() = rank[childIndex](Element e, string file, int line, int column | - e = getADeclaration() and locationSortKeys(e, file, line, column) + e = this.getADeclaration() and locationSortKeys(e, file, line, column) | e order by file, line, column ) @@ -507,7 +507,7 @@ final class CompilationUnitNode extends ElementNode { childIndex >= 0 and result.(ElementNode).getElement() = rank[childIndex](Element e, string file, int line, int column | - e = getADeclaration() and locationSortKeys(e, file, line, column) + e = this.getADeclaration() and locationSortKeys(e, file, line, column) | e order by file, line, column ) diff --git a/java/ql/lib/semmle/code/java/Reflection.qll b/java/ql/lib/semmle/code/java/Reflection.qll index ac6046824f6..71864c5cfe9 100644 --- a/java/ql/lib/semmle/code/java/Reflection.qll +++ b/java/ql/lib/semmle/code/java/Reflection.qll @@ -55,7 +55,7 @@ abstract private class ReflectiveClassIdentifier extends Expr { private class ReflectiveClassIdentifierLiteral extends ReflectiveClassIdentifier, TypeLiteral { override RefType getReflectivelyIdentifiedClass() { - result = getReferencedType().(RefType).getSourceDeclaration() + result = this.getReferencedType().(RefType).getSourceDeclaration() } } @@ -65,21 +65,21 @@ private class ReflectiveClassIdentifierLiteral extends ReflectiveClassIdentifier class ReflectiveClassIdentifierMethodAccess extends ReflectiveClassIdentifier, MethodAccess { ReflectiveClassIdentifierMethodAccess() { // A call to `Class.forName(...)`, from which we can infer `T` in the returned type `Class`. - getCallee().getDeclaringType() instanceof TypeClass and getCallee().hasName("forName") + this.getCallee().getDeclaringType() instanceof TypeClass and this.getCallee().hasName("forName") or // A call to `ClassLoader.loadClass(...)`, from which we can infer `T` in the returned type `Class`. - getCallee().getDeclaringType().hasQualifiedName("java.lang", "ClassLoader") and - getCallee().hasName("loadClass") + this.getCallee().getDeclaringType().hasQualifiedName("java.lang", "ClassLoader") and + this.getCallee().hasName("loadClass") } /** * If the argument to this call is a `StringLiteral`, then return that string. */ - string getTypeName() { result = getArgument(0).(StringLiteral).getRepresentedString() } + string getTypeName() { result = this.getArgument(0).(StringLiteral).getRepresentedString() } override RefType getReflectivelyIdentifiedClass() { // We only handle cases where the class is specified as a string literal to this call. - result.getQualifiedName() = getTypeName() + result.getQualifiedName() = this.getTypeName() } } @@ -214,10 +214,10 @@ private predicate expectsEnclosingInstance(RefType r) { class NewInstance extends MethodAccess { NewInstance() { ( - getCallee().getDeclaringType() instanceof TypeClass or - getCallee().getDeclaringType() instanceof TypeConstructor + this.getCallee().getDeclaringType() instanceof TypeClass or + this.getCallee().getDeclaringType() instanceof TypeConstructor ) and - getCallee().hasName("newInstance") + this.getCallee().hasName("newInstance") } /** @@ -225,26 +225,26 @@ class NewInstance extends MethodAccess { * called. */ Constructor getInferredConstructor() { - result = getInferredConstructedType().getAConstructor() and - if getCallee().getDeclaringType() instanceof TypeClass + result = this.getInferredConstructedType().getAConstructor() and + if this.getCallee().getDeclaringType() instanceof TypeClass then result.getNumberOfParameters() = 0 else - if getNumArgument() = 1 and getArgument(0).getType() instanceof Array + if this.getNumArgument() = 1 and this.getArgument(0).getType() instanceof Array then // This is a var-args array argument. If array argument is initialized inline, then identify // the number of arguments specified in the array. - if exists(getArgument(0).(ArrayCreationExpr).getInit()) + if exists(this.getArgument(0).(ArrayCreationExpr).getInit()) then // Count the number of elements in the initializer, and find the matching constructors. - matchConstructorArguments(result, - count(getArgument(0).(ArrayCreationExpr).getInit().getAnInit())) + this.matchConstructorArguments(result, + count(this.getArgument(0).(ArrayCreationExpr).getInit().getAnInit())) else // Could be any of the constructors on this class. any() else // No var-args in play, just use the number of arguments to the `newInstance(..)` to determine // which constructors may be called. - matchConstructorArguments(result, getNumArgument()) + this.matchConstructorArguments(result, this.getNumArgument()) } /** @@ -273,13 +273,13 @@ class NewInstance extends MethodAccess { not result instanceof TypeVariable and ( // If this is called on a `Class` instance, return the inferred type `T`. - result = inferClassParameterType(getQualifier()) + result = inferClassParameterType(this.getQualifier()) or // If this is called on a `Constructor` instance, return the inferred type `T`. - result = inferConstructorParameterType(getQualifier()) + result = inferConstructorParameterType(this.getQualifier()) or // If the result of this is cast to a particular type, then use that type. - result = getCastInferredConstructedTypes() + result = this.getCastInferredConstructedTypes() ) } @@ -313,7 +313,7 @@ class ClassMethodAccess extends MethodAccess { // `TypeVariable`s do not have methods themselves. not result instanceof TypeVariable and // If this is called on a `Class` instance, return the inferred type `T`. - result = inferClassParameterType(getQualifier()) + result = inferClassParameterType(this.getQualifier()) } } @@ -354,13 +354,13 @@ class ReflectiveMethodAccess extends ClassMethodAccess { if this.getCallee().hasName("getDeclaredMethod") then // The method must be declared on the type itself. - result.getDeclaringType() = getInferredClassType() + result.getDeclaringType() = this.getInferredClassType() else // The method may be declared on an inferred type or a super-type. - getInferredClassType().inherits(result) + this.getInferredClassType().inherits(result) ) and // Only consider instances where the method name is provided as a `StringLiteral`. - result.hasName(getArgument(0).(StringLiteral).getRepresentedString()) + result.hasName(this.getArgument(0).(StringLiteral).getRepresentedString()) } } @@ -373,7 +373,9 @@ class ReflectiveAnnotationAccess extends ClassMethodAccess { /** * Gets a possible annotation type for this reflective annotation access. */ - AnnotationType getAPossibleAnnotationType() { result = inferClassParameterType(getArgument(0)) } + AnnotationType getAPossibleAnnotationType() { + result = inferClassParameterType(this.getArgument(0)) + } } /** @@ -391,13 +393,13 @@ class ReflectiveFieldAccess extends ClassMethodAccess { if this.getCallee().hasName("getDeclaredField") then // Declared fields must be on the type itself. - result.getDeclaringType() = getInferredClassType() + result.getDeclaringType() = this.getInferredClassType() else ( // This field must be public, and be inherited by one of the inferred class types. result.isPublic() and - getInferredClassType().inherits(result) + this.getInferredClassType().inherits(result) ) ) and - result.hasName(getArgument(0).(StringLiteral).getRepresentedString()) + result.hasName(this.getArgument(0).(StringLiteral).getRepresentedString()) } } diff --git a/java/ql/lib/semmle/code/java/Statement.qll b/java/ql/lib/semmle/code/java/Statement.qll index a5f9eb81080..c3b4deef6a3 100755 --- a/java/ql/lib/semmle/code/java/Statement.qll +++ b/java/ql/lib/semmle/code/java/Statement.qll @@ -71,7 +71,7 @@ class BlockStmt extends Stmt, @block { int getNumStmt() { result = count(this.getAStmt()) } /** Gets the last statement in this block. */ - Stmt getLastStmt() { result = getStmt(getNumStmt() - 1) } + Stmt getLastStmt() { result = this.getStmt(this.getNumStmt() - 1) } override string pp() { result = "{ ... }" } @@ -93,7 +93,7 @@ class SingletonBlock extends BlockStmt { SingletonBlock() { this.getNumStmt() = 1 } /** Gets the single statement in this block. */ - Stmt getStmt() { result = getStmt(0) } + Stmt getStmt() { result = this.getStmt(0) } } /** @@ -125,7 +125,7 @@ class IfStmt extends ConditionalStmt, @ifstmt { * Gets the statement that is executed whenever the condition * of this branch statement evaluates to `true`. */ - deprecated override Stmt getTrueSuccessor() { result = getThen() } + deprecated override Stmt getTrueSuccessor() { result = this.getThen() } /** Gets the `else` branch of this `if` statement. */ Stmt getElse() { result.isNthChildOf(this, 2) } @@ -155,7 +155,7 @@ class ForStmt extends ConditionalStmt, @forstmt { /** Gets the initializer expression of the loop at the specified (zero-based) position. */ Expr getInit(int index) { - result = getAnInit() and + result = this.getAnInit() and index = -1 - result.getIndex() } @@ -167,7 +167,7 @@ class ForStmt extends ConditionalStmt, @forstmt { /** Gets the update expression of this loop at the specified (zero-based) position. */ Expr getUpdate(int index) { - result = getAnUpdate() and + result = this.getAnUpdate() and index = result.getIndex() - 3 } @@ -178,7 +178,7 @@ class ForStmt extends ConditionalStmt, @forstmt { * Gets the statement that is executed whenever the condition * of this branch statement evaluates to true. */ - deprecated override Stmt getTrueSuccessor() { result = getStmt() } + deprecated override Stmt getTrueSuccessor() { result = this.getStmt() } /** * Gets a variable that is used as an iteration variable: it is defined, @@ -193,12 +193,12 @@ class ForStmt extends ConditionalStmt, @forstmt { */ Variable getAnIterationVariable() { // Check that the variable is assigned to, incremented or decremented in the update expression, and... - exists(Expr update | update = getAnUpdate().getAChildExpr*() | + exists(Expr update | update = this.getAnUpdate().getAChildExpr*() | update.(UnaryAssignExpr).getExpr() = result.getAnAccess() or update = result.getAnAssignedValue() ) and // ...that it is checked or used in the condition. - getCondition().getAChildExpr*() = result.getAnAccess() + this.getCondition().getAChildExpr*() = result.getAnAccess() } override string pp() { result = "for (...;...;...) " + this.getStmt().pp() } @@ -242,7 +242,7 @@ class WhileStmt extends ConditionalStmt, @whilestmt { * Gets the statement that is executed whenever the condition * of this branch statement evaluates to true. */ - deprecated override Stmt getTrueSuccessor() { result = getStmt() } + deprecated override Stmt getTrueSuccessor() { result = this.getStmt() } override string pp() { result = "while (...) " + this.getStmt().pp() } @@ -265,7 +265,7 @@ class DoStmt extends ConditionalStmt, @dostmt { * Gets the statement that is executed whenever the condition * of this branch statement evaluates to `true`. */ - deprecated override Stmt getTrueSuccessor() { result = getStmt() } + deprecated override Stmt getTrueSuccessor() { result = this.getStmt() } override string pp() { result = "do " + this.getStmt().pp() + " while (...)" } @@ -343,17 +343,17 @@ class TryStmt extends Stmt, @trystmt { } /** Gets a resource in this `try` statement, if any. */ - ExprParent getAResource() { result = getAResourceDecl() or result = getAResourceExpr() } + ExprParent getAResource() { result = this.getAResourceDecl() or result = this.getAResourceExpr() } /** Gets the resource at the specified position in this `try` statement. */ ExprParent getResource(int index) { - result = getResourceDecl(index) or result = getResourceExpr(index) + result = this.getResourceDecl(index) or result = this.getResourceExpr(index) } /** Gets a resource variable, if any, either from a resource variable declaration or resource expression. */ Variable getAResourceVariable() { - result = getAResourceDecl().getAVariable().getVariable() or - result = getAResourceExpr().getVariable() + result = this.getAResourceDecl().getAVariable().getVariable() or + result = this.getAResourceExpr().getVariable() } override string pp() { result = "try " + this.getBlock().pp() + " catch (...)" } @@ -381,7 +381,7 @@ class CatchClause extends Stmt, @catchclause { /** Gets a type caught by this `catch` clause. */ RefType getACaughtType() { - exists(Expr ta | ta = getVariable().getTypeAccess() | + exists(Expr ta | ta = this.getVariable().getTypeAccess() | result = ta.(TypeAccess).getType() or result = ta.(UnionTypeAccess).getAnAlternative().getType() ) @@ -411,7 +411,7 @@ class SwitchStmt extends Stmt, @switchstmt { * Gets a case of this `switch` statement, * which may be either a normal `case` or a `default`. */ - SwitchCase getACase() { result = getAConstCase() or result = getDefaultCase() } + SwitchCase getACase() { result = this.getAConstCase() or result = this.getDefaultCase() } /** Gets a (non-default) `case` of this `switch` statement. */ ConstCase getAConstCase() { result.getParent() = this } @@ -550,7 +550,7 @@ class ThrowStmt extends Stmt, @throwstmt { override string getHalsteadID() { result = "ThrowStmt" } /** Gets the type of the expression thrown by this `throw` statement. */ - RefType getThrownExceptionType() { result = getExpr().getType() } + RefType getThrownExceptionType() { result = this.getExpr().getType() } /** * Gets the `catch` clause that catches the exception @@ -559,14 +559,14 @@ class ThrowStmt extends Stmt, @throwstmt { * provided such a `catch` exists. */ CatchClause getLexicalCatchIfAny() { - exists(TryStmt try | try = findEnclosing() and result = catchClauseForThis(try)) + exists(TryStmt try | try = this.findEnclosing() and result = this.catchClauseForThis(try)) } private Stmt findEnclosing() { - result = getEnclosingStmt() + result = this.getEnclosingStmt() or exists(Stmt mid | - mid = findEnclosing() and + mid = this.findEnclosing() and not exists(this.catchClauseForThis(mid.(TryStmt))) and result = mid.getEnclosingStmt() ) @@ -575,7 +575,7 @@ class ThrowStmt extends Stmt, @throwstmt { private CatchClause catchClauseForThis(TryStmt try) { result = try.getACatchClause() and result.getEnclosingCallable() = this.getEnclosingCallable() and - getExpr().getType().(RefType).hasSupertype*(result.getVariable().getType().(RefType)) and + this.getExpr().getType().(RefType).hasSupertype*(result.getVariable().getType().(RefType)) and not this.getEnclosingStmt+() = result } @@ -599,7 +599,7 @@ class JumpStmt extends Stmt { namestrings(result.getLabel(), _, this) } - private Stmt getLabelTarget() { result = getTargetLabel().getStmt() } + private Stmt getLabelTarget() { result = this.getTargetLabel().getStmt() } private Stmt getAPotentialTarget() { this.getEnclosingStmt+() = result and @@ -613,20 +613,20 @@ class JumpStmt extends Stmt { private SwitchExpr getSwitchExprTarget() { result = this.(YieldStmt).getParent+() } private StmtParent getEnclosingTarget() { - result = getSwitchExprTarget() + result = this.getSwitchExprTarget() or - not exists(getSwitchExprTarget()) and - result = getAPotentialTarget() and - not exists(Stmt other | other = getAPotentialTarget() | other.getEnclosingStmt+() = result) + not exists(this.getSwitchExprTarget()) and + result = this.getAPotentialTarget() and + not exists(Stmt other | other = this.getAPotentialTarget() | other.getEnclosingStmt+() = result) } /** * Gets the statement or `switch` expression that this `break`, `yield` or `continue` jumps to. */ StmtParent getTarget() { - result = getLabelTarget() + result = this.getLabelTarget() or - not exists(getLabelTarget()) and result = getEnclosingTarget() + not exists(this.getLabelTarget()) and result = this.getEnclosingTarget() } } @@ -714,9 +714,9 @@ class ExprStmt extends Stmt, @exprstmt { /** Holds if this statement represents a field declaration with an initializer. */ predicate isFieldDecl() { - getEnclosingCallable() instanceof InitializerMethod and + this.getEnclosingCallable() instanceof InitializerMethod and exists(FieldDeclaration fd, Location fdl, Location sl | - fdl = fd.getLocation() and sl = getLocation() + fdl = fd.getLocation() and sl = this.getLocation() | fdl.getFile() = sl.getFile() and fdl.getStartLine() = sl.getStartLine() and @@ -775,7 +775,7 @@ class LocalVariableDeclStmt extends Stmt, @localvariabledeclstmt { } /** Gets an index of a variable declared in this local variable declaration statement. */ - int getAVariableIndex() { exists(getVariable(result)) } + int getAVariableIndex() { exists(this.getVariable(result)) } override string pp() { result = "var ...;" } diff --git a/java/ql/lib/semmle/code/java/StringFormat.qll b/java/ql/lib/semmle/code/java/StringFormat.qll index cc37ee8212a..c6f9a7814db 100644 --- a/java/ql/lib/semmle/code/java/StringFormat.qll +++ b/java/ql/lib/semmle/code/java/StringFormat.qll @@ -152,15 +152,15 @@ class FormattingCall extends Call { private Expr getLastArg() { exists(Expr last | last = this.getArgument(this.getNumArgument() - 1) | if this.hasExplicitVarargsArray() - then result = last.(ArrayCreationExpr).getInit().getInit(getVarargsCount() - 1) + then result = last.(ArrayCreationExpr).getInit().getInit(this.getVarargsCount() - 1) else result = last ) } /** Holds if this uses the "logger ({})" format syntax and the last argument is a `Throwable`. */ predicate hasTrailingThrowableArgument() { - getSyntax() = TFmtLogger() and - getLastArg().getType().(RefType).getASourceSupertype*() instanceof TypeThrowable + this.getSyntax() = TFmtLogger() and + this.getLastArg().getType().(RefType).getASourceSupertype*() instanceof TypeThrowable } /** Gets the argument to this call in the position of the format string */ @@ -171,7 +171,7 @@ class FormattingCall extends Call { exists(int i | result = this.getArgument(i) and i > this.getFormatStringIndex() and - not hasExplicitVarargsArray() + not this.hasExplicitVarargsArray() ) } @@ -433,15 +433,15 @@ private class PrintfFormatString extends FormatString { override int getMaxFmtSpecIndex() { result = max(int ix | - ix = fmtSpecRefersToSpecificIndex(_) or - ix = count(int i | fmtSpecRefersToSequentialIndex(i)) + ix = this.fmtSpecRefersToSpecificIndex(_) or + ix = count(int i | this.fmtSpecRefersToSequentialIndex(i)) ) } override int getASkippedFmtSpecIndex() { - result in [1 .. getMaxFmtSpecIndex()] and - result > count(int i | fmtSpecRefersToSequentialIndex(i)) and - not result = fmtSpecRefersToSpecificIndex(_) + result in [1 .. this.getMaxFmtSpecIndex()] and + result > count(int i | this.fmtSpecRefersToSequentialIndex(i)) and + not result = this.fmtSpecRefersToSpecificIndex(_) } private int getFmtSpecRank(int specOffset) { @@ -449,14 +449,14 @@ private class PrintfFormatString extends FormatString { } override int getAnArgUsageOffset(int argNo) { - argNo = fmtSpecRefersToSpecificIndex(result) + argNo = this.fmtSpecRefersToSpecificIndex(result) or - result = rank[argNo](int i | fmtSpecRefersToSequentialIndex(i)) + result = rank[argNo](int i | this.fmtSpecRefersToSequentialIndex(i)) or - fmtSpecRefersToPrevious(result) and + this.fmtSpecRefersToPrevious(result) and exists(int previousOffset | - getFmtSpecRank(previousOffset) = getFmtSpecRank(result) - 1 and - previousOffset = getAnArgUsageOffset(argNo) + this.getFmtSpecRank(previousOffset) = this.getFmtSpecRank(result) - 1 and + previousOffset = this.getAnArgUsageOffset(argNo) ) } } @@ -479,10 +479,12 @@ private class LoggerFormatString extends FormatString { private predicate fmtPlaceholder(int i) { this.charAt(i) = "{" and this.charAt(i + 1) = "}" and - not true = isUnescapedBackslash(i - 1) + not true = this.isUnescapedBackslash(i - 1) } - override int getMaxFmtSpecIndex() { result = count(int i | fmtPlaceholder(i)) } + override int getMaxFmtSpecIndex() { result = count(int i | this.fmtPlaceholder(i)) } - override int getAnArgUsageOffset(int argNo) { result = rank[argNo](int i | fmtPlaceholder(i)) } + override int getAnArgUsageOffset(int argNo) { + result = rank[argNo](int i | this.fmtPlaceholder(i)) + } } diff --git a/java/ql/lib/semmle/code/java/Type.qll b/java/ql/lib/semmle/code/java/Type.qll index 492d1b546cb..1d0658595b2 100755 --- a/java/ql/lib/semmle/code/java/Type.qll +++ b/java/ql/lib/semmle/code/java/Type.qll @@ -379,7 +379,7 @@ class RefType extends Type, Annotatable, Modifiable, @reftype { } /** Holds if this type declares any members. */ - predicate hasMember() { exists(getAMember()) } + predicate hasMember() { exists(this.getAMember()) } /** Gets a member declared in this type. */ Member getAMember() { this = result.getDeclaringType() } @@ -545,8 +545,10 @@ class RefType extends Type, Annotatable, Modifiable, @reftype { * `java.lang.Thread$State`. */ string getQualifiedName() { - exists(string pkgName | pkgName = getPackage().getName() | - if pkgName = "" then result = nestedName() else result = pkgName + "." + nestedName() + exists(string pkgName | pkgName = this.getPackage().getName() | + if pkgName = "" + then result = this.nestedName() + else result = pkgName + "." + this.nestedName() ) } @@ -656,7 +658,7 @@ class IntersectionType extends RefType, @class { /** Gets a textual representation of this type that includes all the intersected types. */ string getLongName() { - result = superType().toString() + concat(" & " + superInterface().toString()) + result = this.superType().toString() + concat(" & " + this.superInterface().toString()) } /** Gets the first bound of this intersection type. */ @@ -690,7 +692,8 @@ class AnonymousClass extends NestedClass { override string getTypeDescriptor() { exists(RefType parent | parent = this.getEnclosingType() | exists(int num | - num = 1 + count(AnonymousClass other | other.rankInParent(parent) < rankInParent(parent)) + num = + 1 + count(AnonymousClass other | other.rankInParent(parent) < this.rankInParent(parent)) | exists(string parentWithSemi | parentWithSemi = parent.getTypeDescriptor() | result = parentWithSemi.prefix(parentWithSemi.length() - 1) + "$" + num + ";" @@ -760,8 +763,8 @@ class NestedType extends RefType { /** Gets the nesting depth of this nested type. Top-level types have nesting depth 0. */ int getNestingDepth() { - if getEnclosingType() instanceof NestedType - then result = getEnclosingType().(NestedType).getNestingDepth() + 1 + if this.getEnclosingType() instanceof NestedType + then result = this.getEnclosingType().(NestedType).getNestingDepth() + 1 else result = 1 } @@ -776,7 +779,7 @@ class NestedType extends RefType { super.isStrictfp() or // JLS 8.1.1.3, JLS 9.1.1.2 - getEnclosingType().isStrictfp() + this.getEnclosingType().isStrictfp() } override predicate isStatic() { @@ -860,9 +863,9 @@ class ClassOrInterface extends RefType, @classorinterface { /** Holds if this class or interface is package protected, that is, neither public nor private nor protected. */ predicate isPackageProtected() { - not isPrivate() and - not isProtected() and - not isPublic() + not this.isPrivate() and + not this.isProtected() and + not this.isPublic() } } @@ -948,12 +951,12 @@ class PrimitiveType extends Type, @primitive { * require an explicit cast. */ Literal getADefaultValue() { - getName() = "boolean" and result.getLiteral() = "false" + this.getName() = "boolean" and result.getLiteral() = "false" or - getName() = "char" and + this.getName() = "char" and (result.getLiteral() = "'\\0'" or result.getLiteral() = "'\\u0000'") or - getName().regexpMatch("(float|double|int|short|byte|long)") and + this.getName().regexpMatch("(float|double|int|short|byte|long)") and result.getLiteral().regexpMatch("0(\\.0)?+[lLfFdD]?+") } @@ -1047,7 +1050,7 @@ class EnumType extends Class { override predicate isFinal() { // JLS 8.9: An enum declaration is implicitly `final` unless it contains // at least one enum constant that has a class body. - not getAnEnumConstant().getAnAssignedValue().getType() instanceof AnonymousClass + not this.getAnEnumConstant().getAnAssignedValue().getType() instanceof AnonymousClass } } diff --git a/java/ql/lib/semmle/code/java/UnitTests.qll b/java/ql/lib/semmle/code/java/UnitTests.qll index 1adc88d35f7..e8a0c02accc 100644 --- a/java/ql/lib/semmle/code/java/UnitTests.qll +++ b/java/ql/lib/semmle/code/java/UnitTests.qll @@ -115,7 +115,7 @@ class JUnitJupiterTestMethod extends Method { * A JUnit `@Ignore` annotation. */ class JUnitIgnoreAnnotation extends Annotation { - JUnitIgnoreAnnotation() { getType().hasQualifiedName("org.junit", "Ignore") } + JUnitIgnoreAnnotation() { this.getType().hasQualifiedName("org.junit", "Ignore") } } /** @@ -124,7 +124,7 @@ class JUnitIgnoreAnnotation extends Annotation { */ class JUnitIgnoredMethod extends Method { JUnitIgnoredMethod() { - getAnAnnotation() instanceof JUnitIgnoreAnnotation + this.getAnAnnotation() instanceof JUnitIgnoreAnnotation or exists(Class c | c = this.getDeclaringType() | c.getAnAnnotation() instanceof JUnitIgnoreAnnotation @@ -136,14 +136,14 @@ class JUnitIgnoredMethod extends Method { * An annotation in TestNG. */ class TestNGAnnotation extends Annotation { - TestNGAnnotation() { getType().getPackage().hasName("org.testng.annotations") } + TestNGAnnotation() { this.getType().getPackage().hasName("org.testng.annotations") } } /** * An annotation of type `org.test.ng.annotations.Test`. */ class TestNGTestAnnotation extends TestNGAnnotation { - TestNGTestAnnotation() { getType().hasName("Test") } + TestNGTestAnnotation() { this.getType().hasName("Test") } } /** @@ -158,13 +158,13 @@ class TestNGTestMethod extends Method { */ TestNGDataProviderMethod getADataProvider() { exists(TestNGTestAnnotation testAnnotation | - testAnnotation = getAnAnnotation() and + testAnnotation = this.getAnAnnotation() and // The data provider must have the same name as the referenced data provider result.getDataProviderName() = testAnnotation.getValue("dataProvider").(StringLiteral).getRepresentedString() | // Either the data provider should be on the current class, or a supertype - getDeclaringType().getAnAncestor() = result.getDeclaringType() + this.getDeclaringType().getAnAncestor() = result.getDeclaringType() or // Or the data provider class should be declared result.getDeclaringType() = @@ -190,14 +190,14 @@ class TestMethod extends Method { * A TestNG annotation used to mark a method that runs "before". */ class TestNGBeforeAnnotation extends TestNGAnnotation { - TestNGBeforeAnnotation() { getType().getName().matches("Before%") } + TestNGBeforeAnnotation() { this.getType().getName().matches("Before%") } } /** * A TestNG annotation used to mark a method that runs "after". */ class TestNGAfterAnnotation extends TestNGAnnotation { - TestNGAfterAnnotation() { getType().getName().matches("After%") } + TestNGAfterAnnotation() { this.getType().getName().matches("After%") } } /** @@ -205,7 +205,7 @@ class TestNGAfterAnnotation extends TestNGAnnotation { * them as data provider methods for TestNG. */ class TestNGDataProviderAnnotation extends TestNGAnnotation { - TestNGDataProviderAnnotation() { getType().hasName("DataProvider") } + TestNGDataProviderAnnotation() { this.getType().hasName("DataProvider") } } /** @@ -213,7 +213,7 @@ class TestNGDataProviderAnnotation extends TestNGAnnotation { * them as factory methods for TestNG. */ class TestNGFactoryAnnotation extends TestNGAnnotation { - TestNGFactoryAnnotation() { getType().hasName("Factory") } + TestNGFactoryAnnotation() { this.getType().hasName("Factory") } } /** @@ -221,13 +221,13 @@ class TestNGFactoryAnnotation extends TestNGAnnotation { * which listeners apply to them. */ class TestNGListenersAnnotation extends TestNGAnnotation { - TestNGListenersAnnotation() { getType().hasName("Listeners") } + TestNGListenersAnnotation() { this.getType().hasName("Listeners") } /** * Gets a listener defined in this annotation. */ TestNGListenerImpl getAListener() { - result = getAValue("value").(TypeLiteral).getReferencedType() + result = this.getAValue("value").(TypeLiteral).getReferencedType() } } @@ -235,7 +235,7 @@ class TestNGListenersAnnotation extends TestNGAnnotation { * A concrete implementation class of one or more of the TestNG listener interfaces. */ class TestNGListenerImpl extends Class { - TestNGListenerImpl() { getAnAncestor().hasQualifiedName("org.testng", "ITestNGListener") } + TestNGListenerImpl() { this.getAnAncestor().hasQualifiedName("org.testng", "ITestNGListener") } } /** @@ -246,14 +246,14 @@ class TestNGListenerImpl extends Class { * an instance of a particular value when running a test method. */ class TestNGDataProviderMethod extends Method { - TestNGDataProviderMethod() { getAnAnnotation() instanceof TestNGDataProviderAnnotation } + TestNGDataProviderMethod() { this.getAnAnnotation() instanceof TestNGDataProviderAnnotation } /** * Gets the name associated with this data provider. */ string getDataProviderName() { result = - getAnAnnotation() + this.getAnAnnotation() .(TestNGDataProviderAnnotation) .getValue("name") .(StringLiteral) @@ -268,7 +268,7 @@ class TestNGDataProviderMethod extends Method { * This factory callable is used to generate instances of parameterized test classes. */ class TestNGFactoryCallable extends Callable { - TestNGFactoryCallable() { getAnAnnotation() instanceof TestNGFactoryAnnotation } + TestNGFactoryCallable() { this.getAnAnnotation() instanceof TestNGFactoryAnnotation } } /** @@ -276,7 +276,7 @@ class TestNGFactoryCallable extends Callable { */ class ParameterizedJUnitTest extends Class { ParameterizedJUnitTest() { - getAnAnnotation() + this.getAnAnnotation() .(RunWithAnnotation) .getRunner() .(Class) @@ -289,7 +289,7 @@ class ParameterizedJUnitTest extends Class { */ class JUnitCategoryAnnotation extends Annotation { JUnitCategoryAnnotation() { - getType().hasQualifiedName("org.junit.experimental.categories", "Category") + this.getType().hasQualifiedName("org.junit.experimental.categories", "Category") } /** @@ -297,7 +297,7 @@ class JUnitCategoryAnnotation extends Annotation { */ Type getACategory() { exists(TypeLiteral literal, Expr value | - value = getValue("value") and + value = this.getValue("value") and ( literal = value or literal = value.(ArrayCreationExpr).getInit().getAnInit() @@ -313,7 +313,7 @@ class JUnitCategoryAnnotation extends Annotation { */ class JUnitTheoryTest extends Class { JUnitTheoryTest() { - getAnAnnotation() + this.getAnAnnotation() .(RunWithAnnotation) .getRunner() .(Class) diff --git a/java/ql/lib/semmle/code/java/Variable.qll b/java/ql/lib/semmle/code/java/Variable.qll index 439ee5d3f6b..530ddd4eae7 100755 --- a/java/ql/lib/semmle/code/java/Variable.qll +++ b/java/ql/lib/semmle/code/java/Variable.qll @@ -47,12 +47,12 @@ class LocalVariableDecl extends @localvar, LocalScopeVariable { override Callable getCallable() { result = this.getParent().getEnclosingCallable() } /** Gets the callable in which this declaration occurs. */ - Callable getEnclosingCallable() { result = getCallable() } + Callable getEnclosingCallable() { result = this.getCallable() } override string toString() { result = this.getType().getName() + " " + this.getName() } /** Gets the initializer expression of this local variable declaration. */ - override Expr getInitializer() { result = getDeclExpr().getInit() } + override Expr getInitializer() { result = this.getDeclExpr().getInit() } override string getAPrimaryQlClass() { result = "LocalVariableDecl" } } @@ -63,7 +63,7 @@ class Parameter extends Element, @param, LocalScopeVariable { override Type getType() { params(this, result, _, _, _) } /** Holds if the parameter is never assigned a value in the body of the callable. */ - predicate isEffectivelyFinal() { not exists(getAnAssignedValue()) } + predicate isEffectivelyFinal() { not exists(this.getAnAssignedValue()) } /** Gets the (zero-based) index of this formal parameter. */ int getPosition() { params(this, _, result, _, _) } @@ -87,8 +87,8 @@ class Parameter extends Element, @param, LocalScopeVariable { * Varargs parameters will have no results for this method. */ Expr getAnArgument() { - not isVarargs() and - result = getACallArgument(getPosition()) + not this.isVarargs() and + result = this.getACallArgument(this.getPosition()) } pragma[noinline] diff --git a/java/ql/lib/semmle/code/java/arithmetic/Overflow.qll b/java/ql/lib/semmle/code/java/arithmetic/Overflow.qll index 7227c6da398..4e9eb75ec13 100644 --- a/java/ql/lib/semmle/code/java/arithmetic/Overflow.qll +++ b/java/ql/lib/semmle/code/java/arithmetic/Overflow.qll @@ -2,9 +2,9 @@ import java /** A subclass of `PrimitiveType` with width-based ordering methods. */ class OrdPrimitiveType extends PrimitiveType { - predicate widerThan(OrdPrimitiveType that) { getWidthRank() > that.getWidthRank() } + predicate widerThan(OrdPrimitiveType that) { this.getWidthRank() > that.getWidthRank() } - predicate widerThanOrEqualTo(OrdPrimitiveType that) { getWidthRank() >= that.getWidthRank() } + predicate widerThanOrEqualTo(OrdPrimitiveType that) { this.getWidthRank() >= that.getWidthRank() } OrdPrimitiveType maxType(OrdPrimitiveType that) { this.widerThan(that) and result = this diff --git a/java/ql/lib/semmle/code/java/controlflow/BasicBlocks.qll b/java/ql/lib/semmle/code/java/controlflow/BasicBlocks.qll index c0b227ba9ba..5f1ed3438b5 100644 --- a/java/ql/lib/semmle/code/java/controlflow/BasicBlocks.qll +++ b/java/ql/lib/semmle/code/java/controlflow/BasicBlocks.qll @@ -25,13 +25,13 @@ class BasicBlock extends ControlFlowNode { /** Gets an immediate successor of this basic block. */ cached - BasicBlock getABBSuccessor() { result = getLastNode().getASuccessor() } + BasicBlock getABBSuccessor() { result = this.getLastNode().getASuccessor() } /** Gets an immediate predecessor of this basic block. */ BasicBlock getABBPredecessor() { result.getABBSuccessor() = this } /** Gets a control-flow node contained in this basic block. */ - ControlFlowNode getANode() { result = getNode(_) } + ControlFlowNode getANode() { result = this.getNode(_) } /** Gets the control-flow node at a specific (zero-indexed) position in this basic block. */ cached @@ -39,7 +39,7 @@ class BasicBlock extends ControlFlowNode { result = this and pos = 0 or exists(ControlFlowNode mid, int mid_pos | pos = mid_pos + 1 | - getNode(mid_pos) = mid and + this.getNode(mid_pos) = mid and mid.getASuccessor() = result and not result instanceof BasicBlock ) @@ -49,11 +49,11 @@ class BasicBlock extends ControlFlowNode { ControlFlowNode getFirstNode() { result = this } /** Gets the last control-flow node in this basic block. */ - ControlFlowNode getLastNode() { result = getNode(length() - 1) } + ControlFlowNode getLastNode() { result = this.getNode(this.length() - 1) } /** Gets the number of control-flow nodes contained in this basic block. */ cached - int length() { result = strictcount(getANode()) } + int length() { result = strictcount(this.getANode()) } /** Holds if this basic block strictly dominates `node`. */ predicate bbStrictlyDominates(BasicBlock node) { bbStrictlyDominates(this, node) } diff --git a/java/ql/lib/semmle/code/java/controlflow/UnreachableBlocks.qll b/java/ql/lib/semmle/code/java/controlflow/UnreachableBlocks.qll index 5ce27fda434..8e9d90769f3 100644 --- a/java/ql/lib/semmle/code/java/controlflow/UnreachableBlocks.qll +++ b/java/ql/lib/semmle/code/java/controlflow/UnreachableBlocks.qll @@ -12,13 +12,13 @@ import semmle.code.java.controlflow.Guards */ class ConstantField extends Field { ConstantField() { - getType() instanceof ImmutableType and + this.getType() instanceof ImmutableType and // Assigned once - count(getAnAssignedValue()) = 1 and + count(this.getAnAssignedValue()) = 1 and // And that assignment is either in the appropriate initializer, or, for instance fields on // classes with one constructor, in the constructor. - forall(FieldWrite fa | fa = getAnAccess() | - if isStatic() + forall(FieldWrite fa | fa = this.getAnAccess() | + if this.isStatic() then fa.getEnclosingCallable() instanceof StaticInitializer else ( // Defined in the instance initializer. @@ -26,7 +26,7 @@ class ConstantField extends Field { or // It can be defined in the constructor if there is only one constructor. fa.getEnclosingCallable() instanceof Constructor and - count(getDeclaringType().getAConstructor()) = 1 + count(this.getDeclaringType().getAConstructor()) = 1 ) ) } @@ -36,7 +36,7 @@ class ConstantField extends Field { * * Note: although this value is constant, we may not be able to statically determine the value. */ - ConstantExpr getConstantValue() { result = getAnAssignedValue() } + ConstantExpr getConstantValue() { result = this.getAnAssignedValue() } } /** @@ -162,18 +162,18 @@ class ConstSwitchStmt extends SwitchStmt { /** Gets the `ConstCase` that matches, if any. */ ConstCase getMatchingConstCase() { - result = getAConstCase() and + result = this.getAConstCase() and // Only handle the int case for now - result.getValue().(ConstantExpr).getIntValue() = getExpr().(ConstantExpr).getIntValue() + result.getValue().(ConstantExpr).getIntValue() = this.getExpr().(ConstantExpr).getIntValue() } /** Gets the matching case, if it can be deduced. */ SwitchCase getMatchingCase() { // Must be a value we can deduce - exists(getExpr().(ConstantExpr).getIntValue()) and - if exists(getMatchingConstCase()) - then result = getMatchingConstCase() - else result = getDefaultCase() + exists(this.getExpr().(ConstantExpr).getIntValue()) and + if exists(this.getMatchingConstCase()) + then result = this.getMatchingConstCase() + else result = this.getDefaultCase() } /** @@ -184,8 +184,8 @@ class ConstSwitchStmt extends SwitchStmt { SwitchCase getAFailingCase() { exists(SwitchCase matchingCase | // We must have found the matching case, otherwise we can't deduce which cases are not matched - matchingCase = getMatchingCase() and - result = getACase() and + matchingCase = this.getMatchingCase() and + result = this.getACase() and result != matchingCase ) } @@ -208,7 +208,7 @@ class UnreachableBasicBlock extends BasicBlock { or // This block is not reachable in the CFG, and is not a callable, a body of a callable, an // expression in an annotation, an expression in an assert statement, or a catch clause. - forall(BasicBlock bb | bb = getABBPredecessor() | bb instanceof UnreachableBasicBlock) and + forall(BasicBlock bb | bb = this.getABBPredecessor() | bb instanceof UnreachableBasicBlock) and not exists(Callable c | c.getBody() = this) and not this instanceof Callable and not exists(Annotation a | a.getAChildExpr*() = this) and @@ -231,12 +231,12 @@ class UnreachableBasicBlock extends BasicBlock { * An unreachable expression is an expression contained in an `UnreachableBasicBlock`. */ class UnreachableExpr extends Expr { - UnreachableExpr() { getBasicBlock() instanceof UnreachableBasicBlock } + UnreachableExpr() { this.getBasicBlock() instanceof UnreachableBasicBlock } } /** * An unreachable statement is a statement contained in an `UnreachableBasicBlock`. */ class UnreachableStmt extends Stmt { - UnreachableStmt() { getBasicBlock() instanceof UnreachableBasicBlock } + UnreachableStmt() { this.getBasicBlock() instanceof UnreachableBasicBlock } } diff --git a/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll b/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll index a8f15a103c8..d8d02f995a6 100644 --- a/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll +++ b/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll @@ -45,8 +45,8 @@ private class RmiMethodParameterSource extends RemoteFlowSource { exists(RemoteCallableMethod method | method.getAParameter() = this.asParameter() and ( - getType() instanceof PrimitiveType or - getType() instanceof TypeString + this.getType() instanceof PrimitiveType or + this.getType() instanceof TypeString ) ) } diff --git a/java/ql/lib/semmle/code/java/dataflow/SSA.qll b/java/ql/lib/semmle/code/java/dataflow/SSA.qll index 9a2a1df0915..dbcaafd3071 100644 --- a/java/ql/lib/semmle/code/java/dataflow/SSA.qll +++ b/java/ql/lib/semmle/code/java/dataflow/SSA.qll @@ -97,7 +97,7 @@ class SsaSourceVariable extends TSsaSourceVariable { else result = c.getName() + "(..)." + v.getName() ) or - result = this.(SsaSourceField).ppQualifier() + "." + getVariable().toString() + result = this.(SsaSourceField).ppQualifier() + "." + this.getVariable().toString() } /** @@ -117,7 +117,7 @@ class SsaSourceVariable extends TSsaSourceVariable { Location getLocation() { exists(LocalScopeVariable v | this = TLocalVar(_, v) and result = v.getLocation()) or - this instanceof SsaSourceField and result = getFirstAccess().getLocation() + this instanceof SsaSourceField and result = this.getFirstAccess().getLocation() } /** Gets the type of this variable. */ @@ -140,7 +140,7 @@ class SsaSourceField extends SsaSourceVariable { } /** Gets the field corresponding to this named field. */ - Field getField() { result = getVariable() } + Field getField() { result = this.getVariable() } /** Gets a string representation of the qualifier. */ string ppQualifier() { @@ -155,8 +155,8 @@ class SsaSourceField extends SsaSourceVariable { /** Holds if the field itself or any of the fields part of the qualifier are volatile. */ predicate isVolatile() { - getField().isVolatile() or - getQualifier().(SsaSourceField).isVolatile() + this.getField().isVolatile() or + this.getQualifier().(SsaSourceField).isVolatile() } } @@ -932,10 +932,10 @@ class SsaVariable extends TSsaVariable { string toString() { none() } /** Gets the source location for this element. */ - Location getLocation() { result = getCFGNode().getLocation() } + Location getLocation() { result = this.getCFGNode().getLocation() } /** Gets the `BasicBlock` in which this SSA variable is defined. */ - BasicBlock getBasicBlock() { result = getCFGNode().getBasicBlock() } + BasicBlock getBasicBlock() { result = this.getCFGNode().getBasicBlock() } /** Gets an access of this SSA variable. */ RValue getAUse() { @@ -989,14 +989,16 @@ class SsaUpdate extends SsaVariable { /** An SSA variable that is defined by a `VariableUpdate`. */ class SsaExplicitUpdate extends SsaUpdate, TSsaCertainUpdate { SsaExplicitUpdate() { - exists(VariableUpdate upd | upd = this.getCFGNode() and getDestVar(upd) = getSourceVariable()) + exists(VariableUpdate upd | + upd = this.getCFGNode() and getDestVar(upd) = this.getSourceVariable() + ) } - override string toString() { result = "SSA def(" + getSourceVariable() + ")" } + override string toString() { result = "SSA def(" + this.getSourceVariable() + ")" } /** Gets the `VariableUpdate` defining the SSA variable. */ VariableUpdate getDefiningExpr() { - result = this.getCFGNode() and getDestVar(result) = getSourceVariable() + result = this.getCFGNode() and getDestVar(result) = this.getSourceVariable() } } @@ -1010,22 +1012,22 @@ class SsaImplicitUpdate extends SsaUpdate { SsaImplicitUpdate() { not this instanceof SsaExplicitUpdate } override string toString() { - result = "SSA impl upd[" + getKind() + "](" + getSourceVariable() + ")" + result = "SSA impl upd[" + this.getKind() + "](" + this.getSourceVariable() + ")" } private string getKind() { this = TSsaUntracked(_, _) and result = "untracked" or - certainVariableUpdate(getSourceVariable().getQualifier(), getCFGNode(), _, _) and + certainVariableUpdate(this.getSourceVariable().getQualifier(), this.getCFGNode(), _, _) and result = "explicit qualifier" or - if uncertainVariableUpdate(getSourceVariable().getQualifier(), getCFGNode(), _, _) + if uncertainVariableUpdate(this.getSourceVariable().getQualifier(), this.getCFGNode(), _, _) then - if exists(getANonLocalUpdate()) + if exists(this.getANonLocalUpdate()) then result = "nonlocal + nonlocal qualifier" else result = "nonlocal qualifier" else ( - exists(getANonLocalUpdate()) and result = "nonlocal" + exists(this.getANonLocalUpdate()) and result = "nonlocal" ) } @@ -1034,9 +1036,9 @@ class SsaImplicitUpdate extends SsaUpdate { */ FieldWrite getANonLocalUpdate() { exists(SsaSourceField f, Callable setter | - f = getSourceVariable() and + f = this.getSourceVariable() and relevantFieldUpdate(setter, f.getField(), result) and - updatesNamedField(getCFGNode(), f, setter) + updatesNamedField(this.getCFGNode(), f, setter) ) } @@ -1049,8 +1051,8 @@ class SsaImplicitUpdate extends SsaUpdate { */ predicate assignsUnknownValue() { this = TSsaUntracked(_, _) or - certainVariableUpdate(getSourceVariable().getQualifier(), getCFGNode(), _, _) or - uncertainVariableUpdate(getSourceVariable().getQualifier(), getCFGNode(), _, _) + certainVariableUpdate(this.getSourceVariable().getQualifier(), this.getCFGNode(), _, _) or + uncertainVariableUpdate(this.getSourceVariable().getQualifier(), this.getCFGNode(), _, _) } } @@ -1072,30 +1074,31 @@ class SsaUncertainImplicitUpdate extends SsaImplicitUpdate, TSsaUncertainUpdate * includes initial values of parameters, fields, and closure variables. */ class SsaImplicitInit extends SsaVariable, TSsaEntryDef { - override string toString() { result = "SSA init(" + getSourceVariable() + ")" } + override string toString() { result = "SSA init(" + this.getSourceVariable() + ")" } /** Holds if this is a closure variable that captures the value of `capturedvar`. */ predicate captures(SsaVariable capturedvar) { - ssaDefReachesCapture(_, capturedvar, getSourceVariable()) + ssaDefReachesCapture(_, capturedvar, this.getSourceVariable()) } /** * Holds if the SSA variable is a parameter defined by its initial value in the callable. */ predicate isParameterDefinition(Parameter p) { - getSourceVariable() = TLocalVar(p.getCallable(), p) and p.getCallable().getBody() = getCFGNode() + this.getSourceVariable() = TLocalVar(p.getCallable(), p) and + p.getCallable().getBody() = this.getCFGNode() } } /** An SSA phi node. */ class SsaPhiNode extends SsaVariable, TSsaPhiNode { - override string toString() { result = "SSA phi(" + getSourceVariable() + ")" } + override string toString() { result = "SSA phi(" + this.getSourceVariable() + ")" } /** Gets an input to the phi node defining the SSA variable. */ SsaVariable getAPhiInput() { exists(BasicBlock phiPred, TrackedVar v | - v = getSourceVariable() and - getCFGNode().(BasicBlock).getABBPredecessor() = phiPred and + v = this.getSourceVariable() and + this.getCFGNode().(BasicBlock).getABBPredecessor() = phiPred and ssaDefReachesEndOfBlock(v, result, phiPred) ) } diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/BaseSSA.qll b/java/ql/lib/semmle/code/java/dataflow/internal/BaseSSA.qll index 8193a33bcb3..e0e6e64321f 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/BaseSSA.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/BaseSSA.qll @@ -484,10 +484,10 @@ class BaseSsaVariable extends TBaseSsaVariable { string toString() { none() } - Location getLocation() { result = getCFGNode().getLocation() } + Location getLocation() { result = this.getCFGNode().getLocation() } /** Gets the `BasicBlock` in which this SSA variable is defined. */ - BasicBlock getBasicBlock() { result = getCFGNode().getBasicBlock() } + BasicBlock getBasicBlock() { result = this.getCFGNode().getBasicBlock() } /** Gets an access of this SSA variable. */ RValue getAUse() { ssaDefReachesUse(_, this, result) } @@ -532,14 +532,16 @@ class BaseSsaVariable extends TBaseSsaVariable { /** An SSA variable that is defined by a `VariableUpdate`. */ class BaseSsaUpdate extends BaseSsaVariable, TSsaUpdate { BaseSsaUpdate() { - exists(VariableUpdate upd | upd = this.getCFGNode() and getDestVar(upd) = getSourceVariable()) + exists(VariableUpdate upd | + upd = this.getCFGNode() and getDestVar(upd) = this.getSourceVariable() + ) } - override string toString() { result = "SSA def(" + getSourceVariable() + ")" } + override string toString() { result = "SSA def(" + this.getSourceVariable() + ")" } /** Gets the `VariableUpdate` defining the SSA variable. */ VariableUpdate getDefiningExpr() { - result = this.getCFGNode() and getDestVar(result) = getSourceVariable() + result = this.getCFGNode() and getDestVar(result) = this.getSourceVariable() } } @@ -548,30 +550,31 @@ class BaseSsaUpdate extends BaseSsaVariable, TSsaUpdate { * includes initial values of parameters, fields, and closure variables. */ class BaseSsaImplicitInit extends BaseSsaVariable, TSsaEntryDef { - override string toString() { result = "SSA init(" + getSourceVariable() + ")" } + override string toString() { result = "SSA init(" + this.getSourceVariable() + ")" } /** Holds if this is a closure variable that captures the value of `capturedvar`. */ predicate captures(BaseSsaVariable capturedvar) { - ssaDefReachesCapture(_, capturedvar, getSourceVariable()) + ssaDefReachesCapture(_, capturedvar, this.getSourceVariable()) } /** * Holds if the SSA variable is a parameter defined by its initial value in the callable. */ predicate isParameterDefinition(Parameter p) { - getSourceVariable() = TLocalVar(p.getCallable(), p) and p.getCallable().getBody() = getCFGNode() + this.getSourceVariable() = TLocalVar(p.getCallable(), p) and + p.getCallable().getBody() = this.getCFGNode() } } /** An SSA phi node. */ class BaseSsaPhiNode extends BaseSsaVariable, TSsaPhiNode { - override string toString() { result = "SSA phi(" + getSourceVariable() + ")" } + override string toString() { result = "SSA phi(" + this.getSourceVariable() + ")" } /** Gets an input to the phi node defining the SSA variable. */ BaseSsaVariable getAPhiInput() { exists(BasicBlock phiPred, BaseSsaSourceVariable v | - v = getSourceVariable() and - getCFGNode().(BasicBlock).getABBPredecessor() = phiPred and + v = this.getSourceVariable() and + this.getCFGNode().(BasicBlock).getABBPredecessor() = phiPred and ssaDefReachesEndOfBlock(v, result, phiPred) ) } diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll index 4ca06c93362..c3b2fc44f14 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll @@ -110,12 +110,12 @@ abstract class Configuration extends string { /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowTo(Node sink) { hasFlow(_, sink) } + predicate hasFlowTo(Node sink) { this.hasFlow(_, sink) } /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowToExpr(DataFlowExpr sink) { hasFlowTo(exprNode(sink)) } + predicate hasFlowToExpr(DataFlowExpr sink) { this.hasFlowTo(exprNode(sink)) } /** * Gets the exploration limit for `hasPartialFlow` and `hasPartialFlowRev` @@ -3170,7 +3170,7 @@ private class AccessPathCons extends AccessPath, TAccessPathCons { } override string toString() { - result = "[" + this.toStringImpl(true) + length().toString() + ")]" + result = "[" + this.toStringImpl(true) + this.length().toString() + ")]" or result = "[" + this.toStringImpl(false) } @@ -3309,9 +3309,11 @@ abstract private class PathNodeImpl extends PathNode { result = " <" + this.(PathNodeMid).getCallContext().toString() + ">" } - override string toString() { result = this.getNodeEx().toString() + ppAp() } + override string toString() { result = this.getNodeEx().toString() + this.ppAp() } - override string toStringWithContext() { result = this.getNodeEx().toString() + ppAp() + ppCtx() } + override string toStringWithContext() { + result = this.getNodeEx().toString() + this.ppAp() + this.ppCtx() + } override predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn @@ -3379,11 +3381,11 @@ private class PathNodeMid extends PathNodeImpl, TPathNodeMid { override PathNodeImpl getASuccessorImpl() { // an intermediate step to another intermediate node - result = getSuccMid() + result = this.getSuccMid() or // a final step to a sink via zero steps means we merge the last two steps to prevent trivial-looking edges exists(PathNodeMid mid, PathNodeSink sink | - mid = getSuccMid() and + mid = this.getSuccMid() and mid.getNodeEx() = sink.getNodeEx() and mid.getAp() instanceof AccessPathNil and sink.getConfiguration() = unbindConf(mid.getConfiguration()) and diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl2.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl2.qll index 4ca06c93362..c3b2fc44f14 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl2.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl2.qll @@ -110,12 +110,12 @@ abstract class Configuration extends string { /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowTo(Node sink) { hasFlow(_, sink) } + predicate hasFlowTo(Node sink) { this.hasFlow(_, sink) } /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowToExpr(DataFlowExpr sink) { hasFlowTo(exprNode(sink)) } + predicate hasFlowToExpr(DataFlowExpr sink) { this.hasFlowTo(exprNode(sink)) } /** * Gets the exploration limit for `hasPartialFlow` and `hasPartialFlowRev` @@ -3170,7 +3170,7 @@ private class AccessPathCons extends AccessPath, TAccessPathCons { } override string toString() { - result = "[" + this.toStringImpl(true) + length().toString() + ")]" + result = "[" + this.toStringImpl(true) + this.length().toString() + ")]" or result = "[" + this.toStringImpl(false) } @@ -3309,9 +3309,11 @@ abstract private class PathNodeImpl extends PathNode { result = " <" + this.(PathNodeMid).getCallContext().toString() + ">" } - override string toString() { result = this.getNodeEx().toString() + ppAp() } + override string toString() { result = this.getNodeEx().toString() + this.ppAp() } - override string toStringWithContext() { result = this.getNodeEx().toString() + ppAp() + ppCtx() } + override string toStringWithContext() { + result = this.getNodeEx().toString() + this.ppAp() + this.ppCtx() + } override predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn @@ -3379,11 +3381,11 @@ private class PathNodeMid extends PathNodeImpl, TPathNodeMid { override PathNodeImpl getASuccessorImpl() { // an intermediate step to another intermediate node - result = getSuccMid() + result = this.getSuccMid() or // a final step to a sink via zero steps means we merge the last two steps to prevent trivial-looking edges exists(PathNodeMid mid, PathNodeSink sink | - mid = getSuccMid() and + mid = this.getSuccMid() and mid.getNodeEx() = sink.getNodeEx() and mid.getAp() instanceof AccessPathNil and sink.getConfiguration() = unbindConf(mid.getConfiguration()) and diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl3.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl3.qll index 4ca06c93362..c3b2fc44f14 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl3.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl3.qll @@ -110,12 +110,12 @@ abstract class Configuration extends string { /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowTo(Node sink) { hasFlow(_, sink) } + predicate hasFlowTo(Node sink) { this.hasFlow(_, sink) } /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowToExpr(DataFlowExpr sink) { hasFlowTo(exprNode(sink)) } + predicate hasFlowToExpr(DataFlowExpr sink) { this.hasFlowTo(exprNode(sink)) } /** * Gets the exploration limit for `hasPartialFlow` and `hasPartialFlowRev` @@ -3170,7 +3170,7 @@ private class AccessPathCons extends AccessPath, TAccessPathCons { } override string toString() { - result = "[" + this.toStringImpl(true) + length().toString() + ")]" + result = "[" + this.toStringImpl(true) + this.length().toString() + ")]" or result = "[" + this.toStringImpl(false) } @@ -3309,9 +3309,11 @@ abstract private class PathNodeImpl extends PathNode { result = " <" + this.(PathNodeMid).getCallContext().toString() + ">" } - override string toString() { result = this.getNodeEx().toString() + ppAp() } + override string toString() { result = this.getNodeEx().toString() + this.ppAp() } - override string toStringWithContext() { result = this.getNodeEx().toString() + ppAp() + ppCtx() } + override string toStringWithContext() { + result = this.getNodeEx().toString() + this.ppAp() + this.ppCtx() + } override predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn @@ -3379,11 +3381,11 @@ private class PathNodeMid extends PathNodeImpl, TPathNodeMid { override PathNodeImpl getASuccessorImpl() { // an intermediate step to another intermediate node - result = getSuccMid() + result = this.getSuccMid() or // a final step to a sink via zero steps means we merge the last two steps to prevent trivial-looking edges exists(PathNodeMid mid, PathNodeSink sink | - mid = getSuccMid() and + mid = this.getSuccMid() and mid.getNodeEx() = sink.getNodeEx() and mid.getAp() instanceof AccessPathNil and sink.getConfiguration() = unbindConf(mid.getConfiguration()) and diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl4.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl4.qll index 4ca06c93362..c3b2fc44f14 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl4.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl4.qll @@ -110,12 +110,12 @@ abstract class Configuration extends string { /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowTo(Node sink) { hasFlow(_, sink) } + predicate hasFlowTo(Node sink) { this.hasFlow(_, sink) } /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowToExpr(DataFlowExpr sink) { hasFlowTo(exprNode(sink)) } + predicate hasFlowToExpr(DataFlowExpr sink) { this.hasFlowTo(exprNode(sink)) } /** * Gets the exploration limit for `hasPartialFlow` and `hasPartialFlowRev` @@ -3170,7 +3170,7 @@ private class AccessPathCons extends AccessPath, TAccessPathCons { } override string toString() { - result = "[" + this.toStringImpl(true) + length().toString() + ")]" + result = "[" + this.toStringImpl(true) + this.length().toString() + ")]" or result = "[" + this.toStringImpl(false) } @@ -3309,9 +3309,11 @@ abstract private class PathNodeImpl extends PathNode { result = " <" + this.(PathNodeMid).getCallContext().toString() + ">" } - override string toString() { result = this.getNodeEx().toString() + ppAp() } + override string toString() { result = this.getNodeEx().toString() + this.ppAp() } - override string toStringWithContext() { result = this.getNodeEx().toString() + ppAp() + ppCtx() } + override string toStringWithContext() { + result = this.getNodeEx().toString() + this.ppAp() + this.ppCtx() + } override predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn @@ -3379,11 +3381,11 @@ private class PathNodeMid extends PathNodeImpl, TPathNodeMid { override PathNodeImpl getASuccessorImpl() { // an intermediate step to another intermediate node - result = getSuccMid() + result = this.getSuccMid() or // a final step to a sink via zero steps means we merge the last two steps to prevent trivial-looking edges exists(PathNodeMid mid, PathNodeSink sink | - mid = getSuccMid() and + mid = this.getSuccMid() and mid.getNodeEx() = sink.getNodeEx() and mid.getAp() instanceof AccessPathNil and sink.getConfiguration() = unbindConf(mid.getConfiguration()) and diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl5.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl5.qll index 4ca06c93362..c3b2fc44f14 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl5.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl5.qll @@ -110,12 +110,12 @@ abstract class Configuration extends string { /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowTo(Node sink) { hasFlow(_, sink) } + predicate hasFlowTo(Node sink) { this.hasFlow(_, sink) } /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowToExpr(DataFlowExpr sink) { hasFlowTo(exprNode(sink)) } + predicate hasFlowToExpr(DataFlowExpr sink) { this.hasFlowTo(exprNode(sink)) } /** * Gets the exploration limit for `hasPartialFlow` and `hasPartialFlowRev` @@ -3170,7 +3170,7 @@ private class AccessPathCons extends AccessPath, TAccessPathCons { } override string toString() { - result = "[" + this.toStringImpl(true) + length().toString() + ")]" + result = "[" + this.toStringImpl(true) + this.length().toString() + ")]" or result = "[" + this.toStringImpl(false) } @@ -3309,9 +3309,11 @@ abstract private class PathNodeImpl extends PathNode { result = " <" + this.(PathNodeMid).getCallContext().toString() + ">" } - override string toString() { result = this.getNodeEx().toString() + ppAp() } + override string toString() { result = this.getNodeEx().toString() + this.ppAp() } - override string toStringWithContext() { result = this.getNodeEx().toString() + ppAp() + ppCtx() } + override string toStringWithContext() { + result = this.getNodeEx().toString() + this.ppAp() + this.ppCtx() + } override predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn @@ -3379,11 +3381,11 @@ private class PathNodeMid extends PathNodeImpl, TPathNodeMid { override PathNodeImpl getASuccessorImpl() { // an intermediate step to another intermediate node - result = getSuccMid() + result = this.getSuccMid() or // a final step to a sink via zero steps means we merge the last two steps to prevent trivial-looking edges exists(PathNodeMid mid, PathNodeSink sink | - mid = getSuccMid() and + mid = this.getSuccMid() and mid.getNodeEx() = sink.getNodeEx() and mid.getAp() instanceof AccessPathNil and sink.getConfiguration() = unbindConf(mid.getConfiguration()) and diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl6.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl6.qll index 4ca06c93362..c3b2fc44f14 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl6.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl6.qll @@ -110,12 +110,12 @@ abstract class Configuration extends string { /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowTo(Node sink) { hasFlow(_, sink) } + predicate hasFlowTo(Node sink) { this.hasFlow(_, sink) } /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowToExpr(DataFlowExpr sink) { hasFlowTo(exprNode(sink)) } + predicate hasFlowToExpr(DataFlowExpr sink) { this.hasFlowTo(exprNode(sink)) } /** * Gets the exploration limit for `hasPartialFlow` and `hasPartialFlowRev` @@ -3170,7 +3170,7 @@ private class AccessPathCons extends AccessPath, TAccessPathCons { } override string toString() { - result = "[" + this.toStringImpl(true) + length().toString() + ")]" + result = "[" + this.toStringImpl(true) + this.length().toString() + ")]" or result = "[" + this.toStringImpl(false) } @@ -3309,9 +3309,11 @@ abstract private class PathNodeImpl extends PathNode { result = " <" + this.(PathNodeMid).getCallContext().toString() + ">" } - override string toString() { result = this.getNodeEx().toString() + ppAp() } + override string toString() { result = this.getNodeEx().toString() + this.ppAp() } - override string toStringWithContext() { result = this.getNodeEx().toString() + ppAp() + ppCtx() } + override string toStringWithContext() { + result = this.getNodeEx().toString() + this.ppAp() + this.ppCtx() + } override predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn @@ -3379,11 +3381,11 @@ private class PathNodeMid extends PathNodeImpl, TPathNodeMid { override PathNodeImpl getASuccessorImpl() { // an intermediate step to another intermediate node - result = getSuccMid() + result = this.getSuccMid() or // a final step to a sink via zero steps means we merge the last two steps to prevent trivial-looking edges exists(PathNodeMid mid, PathNodeSink sink | - mid = getSuccMid() and + mid = this.getSuccMid() and mid.getNodeEx() = sink.getNodeEx() and mid.getAp() instanceof AccessPathNil and sink.getConfiguration() = unbindConf(mid.getConfiguration()) and diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplForSerializability.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplForSerializability.qll index 4ca06c93362..c3b2fc44f14 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplForSerializability.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplForSerializability.qll @@ -110,12 +110,12 @@ abstract class Configuration extends string { /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowTo(Node sink) { hasFlow(_, sink) } + predicate hasFlowTo(Node sink) { this.hasFlow(_, sink) } /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowToExpr(DataFlowExpr sink) { hasFlowTo(exprNode(sink)) } + predicate hasFlowToExpr(DataFlowExpr sink) { this.hasFlowTo(exprNode(sink)) } /** * Gets the exploration limit for `hasPartialFlow` and `hasPartialFlowRev` @@ -3170,7 +3170,7 @@ private class AccessPathCons extends AccessPath, TAccessPathCons { } override string toString() { - result = "[" + this.toStringImpl(true) + length().toString() + ")]" + result = "[" + this.toStringImpl(true) + this.length().toString() + ")]" or result = "[" + this.toStringImpl(false) } @@ -3309,9 +3309,11 @@ abstract private class PathNodeImpl extends PathNode { result = " <" + this.(PathNodeMid).getCallContext().toString() + ">" } - override string toString() { result = this.getNodeEx().toString() + ppAp() } + override string toString() { result = this.getNodeEx().toString() + this.ppAp() } - override string toStringWithContext() { result = this.getNodeEx().toString() + ppAp() + ppCtx() } + override string toStringWithContext() { + result = this.getNodeEx().toString() + this.ppAp() + this.ppCtx() + } override predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn @@ -3379,11 +3381,11 @@ private class PathNodeMid extends PathNodeImpl, TPathNodeMid { override PathNodeImpl getASuccessorImpl() { // an intermediate step to another intermediate node - result = getSuccMid() + result = this.getSuccMid() or // a final step to a sink via zero steps means we merge the last two steps to prevent trivial-looking edges exists(PathNodeMid mid, PathNodeSink sink | - mid = getSuccMid() and + mid = this.getSuccMid() and mid.getNodeEx() = sink.getNodeEx() and mid.getAp() instanceof AccessPathNil and sink.getConfiguration() = unbindConf(mid.getConfiguration()) and diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowNodes.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowNodes.qll index 622ef595792..5ea421db0c7 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowNodes.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowNodes.qll @@ -117,9 +117,9 @@ module Public { * Gets an upper bound on the type of this node. */ Type getTypeBound() { - result = getImprovedTypeBound() + result = this.getImprovedTypeBound() or - result = getType() and not exists(getImprovedTypeBound()) + result = this.getType() and not exists(this.getImprovedTypeBound()) } /** @@ -132,7 +132,7 @@ module Public { predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn ) { - getLocation().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) + this.getLocation().hasLocationInfo(filepath, startline, startcolumn, endline, endcolumn) } } @@ -288,9 +288,9 @@ private class NewExpr extends PostUpdateNode, TExprNode { * A `PostUpdateNode` that is not a `ClassInstanceExpr`. */ abstract private class ImplicitPostUpdateNode extends PostUpdateNode { - override Location getLocation() { result = getPreUpdateNode().getLocation() } + override Location getLocation() { result = this.getPreUpdateNode().getLocation() } - override string toString() { result = getPreUpdateNode().toString() + " [post update]" } + override string toString() { result = this.getPreUpdateNode().toString() + " [post update]" } } private class ExplicitExprPostUpdate extends ImplicitPostUpdateNode, TExplicitExprPostUpdate { diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll b/java/ql/lib/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll index e92ad541a51..e4bfaaae1cc 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll @@ -285,11 +285,11 @@ private predicate taintPreservingQualifierToMethod(Method m) { private class StringReplaceMethod extends TaintPreservingCallable { StringReplaceMethod() { - getDeclaringType() instanceof TypeString and + this.getDeclaringType() instanceof TypeString and ( - hasName("replace") or - hasName("replaceAll") or - hasName("replaceFirst") + this.hasName("replace") or + this.hasName("replaceAll") or + this.hasName("replaceFirst") ) } @@ -443,7 +443,7 @@ class ObjectOutputStreamVar extends LocalVariableDecl { } MethodAccess getAWriteObjectMethodAccess() { - result.getQualifier() = getAnAccess() and + result.getQualifier() = this.getAnAccess() and result.getMethod().hasName("writeObject") } } @@ -488,7 +488,7 @@ private class FormatterVar extends LocalVariableDecl { } MethodAccess getAFormatMethodAccess() { - result.getQualifier() = getAnAccess() and + result.getQualifier() = this.getAnAccess() and result.getMethod().hasName("format") } } @@ -513,13 +513,13 @@ private class FormatterCallable extends TaintPreservingCallable { } override predicate returnsTaintFrom(int arg) { - if this instanceof Constructor then arg = 0 else arg = [-1 .. getNumberOfParameters()] + if this instanceof Constructor then arg = 0 else arg = [-1 .. this.getNumberOfParameters()] } override predicate transfersTaint(int src, int sink) { this.hasName("format") and sink = -1 and - src = [0 .. getNumberOfParameters()] + src = [0 .. this.getNumberOfParameters()] } } @@ -532,13 +532,13 @@ module StringBuilderVarModule { * build up a query using string concatenation. */ class StringBuilderVar extends LocalVariableDecl { - StringBuilderVar() { getType() instanceof StringBuildingType } + StringBuilderVar() { this.getType() instanceof StringBuildingType } /** * Gets a call that adds something to this string builder, from the argument at the given index. */ MethodAccess getAnInput(int arg) { - result.getQualifier() = getAChainedReference() and + result.getQualifier() = this.getAChainedReference() and ( result.getMethod().getName() = "append" and arg = 0 or @@ -552,20 +552,20 @@ module StringBuilderVarModule { * Gets a call that appends something to this string builder. */ MethodAccess getAnAppend() { - result.getQualifier() = getAChainedReference() and + result.getQualifier() = this.getAChainedReference() and result.getMethod().getName() = "append" } MethodAccess getNextAppend(MethodAccess append) { - result = getAnAppend() and - append = getAnAppend() and + result = this.getAnAppend() and + append = this.getAnAppend() and ( result.getQualifier() = append or not exists(MethodAccess chainAccess | chainAccess.getQualifier() = append) and exists(RValue sbva1, RValue sbva2 | adjacentUseUse(sbva1, sbva2) and - append.getQualifier() = getAChainedReference(sbva1) and + append.getQualifier() = this.getAChainedReference(sbva1) and result.getQualifier() = sbva2 ) ) @@ -575,7 +575,7 @@ module StringBuilderVarModule { * Gets a call that converts this string builder to a string. */ MethodAccess getToStringCall() { - result.getQualifier() = getAChainedReference() and + result.getQualifier() = this.getAChainedReference() and result.getMethod().getName() = "toString" } @@ -590,7 +590,7 @@ module StringBuilderVarModule { /** * Gets an expression that refers to this `StringBuilder`, possibly after some chained calls. */ - Expr getAChainedReference() { result = getAChainedReference(_) } + Expr getAChainedReference() { result = this.getAChainedReference(_) } } } diff --git a/java/ql/lib/semmle/code/java/deadcode/DeadCode.qll b/java/ql/lib/semmle/code/java/deadcode/DeadCode.qll index 48ee3d5563b..53e0ccc1f35 100644 --- a/java/ql/lib/semmle/code/java/deadcode/DeadCode.qll +++ b/java/ql/lib/semmle/code/java/deadcode/DeadCode.qll @@ -82,19 +82,19 @@ class SuppressedConstructor extends Constructor { SuppressedConstructor() { // Must be private or protected to suppress it. ( - isPrivate() + this.isPrivate() or // A protected, suppressed constructor only makes sense in a non-abstract class. - isProtected() and not getDeclaringType().isAbstract() + this.isProtected() and not this.getDeclaringType().isAbstract() ) and // Must be no-arg in order to replace the compiler generated default constructor. - getNumberOfParameters() = 0 and + this.getNumberOfParameters() = 0 and // Not the compiler-generated constructor itself. - not isDefaultConstructor() and + not this.isDefaultConstructor() and // Verify that there is only one statement, which is the `super()` call. This exists // even for empty constructors. - getBody().(BlockStmt).getNumStmt() = 1 and - getBody().(BlockStmt).getAStmt().(SuperConstructorInvocationStmt).getNumArgument() = 0 and + this.getBody().(BlockStmt).getNumStmt() = 1 and + this.getBody().(BlockStmt).getAStmt().(SuperConstructorInvocationStmt).getNumArgument() = 0 and // A constructor that is called is not acting to suppress the default constructor. We permit // calls from suppressed and default constructors - in both cases, they can only come from // sub-class constructors. @@ -105,7 +105,9 @@ class SuppressedConstructor extends Constructor { ) and // If other constructors are declared, then no compiler-generated constructor is added, so // this constructor is not acting to suppress the default compiler-generated constructor. - not exists(Constructor other | other = getDeclaringType().getAConstructor() and other != this) + not exists(Constructor other | + other = this.getDeclaringType().getAConstructor() and other != this + ) } } @@ -114,7 +116,7 @@ class SuppressedConstructor extends Constructor { */ class NamespaceClass extends RefType { NamespaceClass() { - fromSource() and + this.fromSource() and // All members, apart from the default constructor and, if present, a "suppressed" constructor // must be static. There must be at least one member apart from the permitted constructors. forex(Member m | @@ -125,7 +127,9 @@ class NamespaceClass extends RefType { m.isStatic() ) and // Must only extend other namespace classes, or `Object`. - forall(RefType r | r = getASupertype() | r instanceof TypeObject or r instanceof NamespaceClass) + forall(RefType r | r = this.getASupertype() | + r instanceof TypeObject or r instanceof NamespaceClass + ) } } @@ -197,7 +201,7 @@ class DeadClass extends SourceClassOrInterface { /** * Identify all the "dead" roots of this dead class. */ - DeadRoot getADeadRoot() { result = getADeadRoot(getACallable()) } + DeadRoot getADeadRoot() { result = getADeadRoot(this.getACallable()) } /** * Holds if this dead class is only used within the class itself. @@ -206,8 +210,8 @@ class DeadClass extends SourceClassOrInterface { // Accessed externally if any callable in the class has a possible liveness cause outside the // class. Only one step is required. not exists(Callable c | - c = possibleLivenessCause(getACallable()) and - not c = getACallable() + c = possibleLivenessCause(this.getACallable()) and + not c = this.getACallable() ) } } @@ -229,7 +233,7 @@ abstract class WhitelistedLiveClass extends RefType { } */ class DeadMethod extends Callable { DeadMethod() { - fromSource() and + this.fromSource() and not isLive(this) and not this.(Constructor).isDefaultConstructor() and // Ignore `SuppressedConstructor`s in `NamespaceClass`es. There is no reason to use a suppressed diff --git a/java/ql/lib/semmle/code/java/deadcode/DeadField.qll b/java/ql/lib/semmle/code/java/deadcode/DeadField.qll index dc6d1dc6dfd..c36b33f6296 100644 --- a/java/ql/lib/semmle/code/java/deadcode/DeadField.qll +++ b/java/ql/lib/semmle/code/java/deadcode/DeadField.qll @@ -10,7 +10,7 @@ import semmle.code.java.frameworks.jackson.JacksonSerializability * This defines the set of fields for which we will determine liveness. */ library class SourceField extends Field { - SourceField() { fromSource() } + SourceField() { this.fromSource() } } /** @@ -26,7 +26,7 @@ class DeadField extends SourceField { */ predicate isInDeadScope() { // `EnumConstant`s, and fields in dead classes, are reported in other queries. - getDeclaringType() instanceof DeadClass or + this.getDeclaringType() instanceof DeadClass or this instanceof EnumConstant } } @@ -37,7 +37,7 @@ class DeadField extends SourceField { */ class LiveField extends SourceField { LiveField() { - exists(FieldRead access | access = getAnAccess() | + exists(FieldRead access | access = this.getAnAccess() | isLive(access.getEnclosingCallable()) or exists(Annotation a | @@ -89,11 +89,11 @@ abstract class WhitelistedLiveField extends Field { } */ class SerialVersionUIDField extends ReflectivelyReadField { SerialVersionUIDField() { - hasName("serialVersionUID") and - isStatic() and - isFinal() and - getType().hasName("long") and - getDeclaringType().getASupertype*() instanceof TypeSerializable + this.hasName("serialVersionUID") and + this.isStatic() and + this.isFinal() and + this.getType().hasName("long") and + this.getDeclaringType().getASupertype*() instanceof TypeSerializable } } @@ -104,7 +104,7 @@ class SerialVersionUIDField extends ReflectivelyReadField { class LiveJaxbBoundField extends ReflectivelyReadField, JaxbBoundField { LiveJaxbBoundField() { // If the class is considered live, it must have at least one live constructor. - exists(Constructor c | c = getDeclaringType().getAConstructor() | isLive(c)) + exists(Constructor c | c = this.getDeclaringType().getAConstructor() | isLive(c)) } } @@ -114,11 +114,11 @@ class LiveJaxbBoundField extends ReflectivelyReadField, JaxbBoundField { */ class JUnitAnnotatedField extends ReflectivelyReadField { JUnitAnnotatedField() { - hasAnnotation("org.junit.experimental.theories", "DataPoint") or - hasAnnotation("org.junit.experimental.theories", "DataPoints") or - hasAnnotation("org.junit.runners", "Parameterized$Parameter") or - hasAnnotation("org.junit", "Rule") or - hasAnnotation("org.junit", "ClassRule") + this.hasAnnotation("org.junit.experimental.theories", "DataPoint") or + this.hasAnnotation("org.junit.experimental.theories", "DataPoints") or + this.hasAnnotation("org.junit.runners", "Parameterized$Parameter") or + this.hasAnnotation("org.junit", "Rule") or + this.hasAnnotation("org.junit", "ClassRule") } } @@ -164,8 +164,8 @@ class JPAReadField extends ReflectivelyReadField { ) | not this.hasAnnotation("javax.persistence", "Transient") and - not isStatic() and - not isFinal() + not this.isStatic() and + not this.isFinal() ) } } diff --git a/java/ql/lib/semmle/code/java/deadcode/EntryPoints.qll b/java/ql/lib/semmle/code/java/deadcode/EntryPoints.qll index aef97efd309..0a0dd2d0808 100644 --- a/java/ql/lib/semmle/code/java/deadcode/EntryPoints.qll +++ b/java/ql/lib/semmle/code/java/deadcode/EntryPoints.qll @@ -102,7 +102,7 @@ library class JacksonReflectivelyConstructedClass extends ReflectivelyConstructe override Callable getALiveCallable() { // Constructors may be called by Jackson, if they are a no-arg, they have a suitable annotation, // or inherit a suitable annotation through a mixin. - result = getAConstructor() and + result = this.getAConstructor() and ( result.getNumberOfParameters() = 0 or result.getAnAnnotation() instanceof JacksonAnnotation or @@ -153,7 +153,7 @@ class DeserializedClass extends ReflectivelyConstructedClass { */ class NewInstanceCall extends EntryPoint, NewInstance { override Constructor getALiveCallable() { - result = getInferredConstructor() and + result = this.getInferredConstructor() and // The `newInstance(...)` call must be used in a live context. isLive(this.getEnclosingCallable()) } @@ -164,7 +164,7 @@ class NewInstanceCall extends EntryPoint, NewInstance { */ class ReflectiveMethodAccessEntryPoint extends EntryPoint, ReflectiveMethodAccess { override Method getALiveCallable() { - result = inferAccessedMethod() and + result = this.inferAccessedMethod() and // The `getMethod(...)` call must be used in a live context. isLive(this.getEnclosingCallable()) } @@ -210,8 +210,8 @@ class JaxbXmlEnum extends AnnotationEntryPoint { class JaxbXmlType extends AnnotationEntryPoint, JaxbType { override Callable getALiveCallable() { // Must have a live no-arg constructor for JAXB to perform marshal/unmarshal. - exists(Constructor c | c = getAConstructor() and c.getNumberOfParameters() = 0 | isLive(c)) and - result = getACallable() and + exists(Constructor c | c = this.getAConstructor() and c.getNumberOfParameters() = 0 | isLive(c)) and + result = this.getACallable() and ( // A bound getter or setter. result instanceof JaxbBoundGetterSetter @@ -262,7 +262,7 @@ class ManagedBeanImplEntryPoint extends EntryPoint, RegisteredManagedBeanImpl { // Find the method that will be called for each method on each managed bean that this class // implements. this.inherits(result) and - result.(Method).overrides(getAnImplementedManagedBean().getAMethod()) + result.(Method).overrides(this.getAnImplementedManagedBean().getAMethod()) } } @@ -377,7 +377,7 @@ class JavaxResourceAnnotatedMethod extends CallableEntryPointOnConstructedClass */ class JavaxManagedBeanReflectivelyConstructed extends ReflectivelyConstructedClass { JavaxManagedBeanReflectivelyConstructed() { - getAnAnnotation() instanceof JavaxManagedBeanAnnotation + this.getAnAnnotation() instanceof JavaxManagedBeanAnnotation } } @@ -413,13 +413,13 @@ class PersistencePropertyMethod extends CallableEntryPoint { */ class PersistenceCallbackMethod extends CallableEntryPoint { PersistenceCallbackMethod() { - getAnAnnotation() instanceof PrePersistAnnotation or - getAnAnnotation() instanceof PreRemoveAnnotation or - getAnAnnotation() instanceof PreUpdateAnnotation or - getAnAnnotation() instanceof PostPersistAnnotation or - getAnAnnotation() instanceof PostRemoveAnnotation or - getAnAnnotation() instanceof PostUpdateAnnotation or - getAnAnnotation() instanceof PostLoadAnnotation + this.getAnAnnotation() instanceof PrePersistAnnotation or + this.getAnAnnotation() instanceof PreRemoveAnnotation or + this.getAnAnnotation() instanceof PreUpdateAnnotation or + this.getAnAnnotation() instanceof PostPersistAnnotation or + this.getAnAnnotation() instanceof PostRemoveAnnotation or + this.getAnAnnotation() instanceof PostUpdateAnnotation or + this.getAnAnnotation() instanceof PostLoadAnnotation } } @@ -429,20 +429,20 @@ class PersistenceCallbackMethod extends CallableEntryPoint { */ class ArbitraryXMLEntryPoint extends ReflectivelyConstructedClass { ArbitraryXMLEntryPoint() { - fromSource() and + this.fromSource() and exists(XMLAttribute attribute | attribute.getName() = "className" or attribute.getName().matches("%ClassName") or attribute.getName() = "class" or attribute.getName().matches("%Class") | - attribute.getValue() = getQualifiedName() + attribute.getValue() = this.getQualifiedName() ) } override Callable getALiveCallable() { // Any constructor on these classes, as we don't know which may be called. - result = getAConstructor() + result = this.getAConstructor() } } diff --git a/java/ql/lib/semmle/code/java/deadcode/TestEntryPoints.qll b/java/ql/lib/semmle/code/java/deadcode/TestEntryPoints.qll index d9bc8a07997..2d8b28e4de9 100644 --- a/java/ql/lib/semmle/code/java/deadcode/TestEntryPoints.qll +++ b/java/ql/lib/semmle/code/java/deadcode/TestEntryPoints.qll @@ -18,7 +18,7 @@ class TestMethodEntry extends CallableEntryPoint { or exists(AnnotationType a | a = this.getAnAnnotation().getType() | a.hasQualifiedName("org.junit.runners", "Parameterized$Parameters") and - getDeclaringType() instanceof ParameterizedJUnitTest + this.getDeclaringType() instanceof ParameterizedJUnitTest ) } } @@ -28,12 +28,12 @@ class TestMethodEntry extends CallableEntryPoint { */ class BeforeOrAfterEntry extends CallableEntryPoint { BeforeOrAfterEntry() { - getAnAnnotation() instanceof TestNGBeforeAnnotation or - getAnAnnotation() instanceof TestNGAfterAnnotation or - getAnAnnotation() instanceof BeforeAnnotation or - getAnAnnotation() instanceof BeforeClassAnnotation or - getAnAnnotation() instanceof AfterAnnotation or - getAnAnnotation() instanceof AfterClassAnnotation + this.getAnAnnotation() instanceof TestNGBeforeAnnotation or + this.getAnAnnotation() instanceof TestNGAfterAnnotation or + this.getAnAnnotation() instanceof BeforeAnnotation or + this.getAnAnnotation() instanceof BeforeClassAnnotation or + this.getAnAnnotation() instanceof AfterAnnotation or + this.getAnAnnotation() instanceof AfterClassAnnotation } } @@ -44,7 +44,7 @@ class JUnitTheories extends CallableEntryPoint { JUnitTheories() { exists(AnnotationType a | a = this.getAnAnnotation().getType() and - getDeclaringType() instanceof JUnitTheoryTest + this.getDeclaringType() instanceof JUnitTheoryTest | a.hasQualifiedName("org.junit.experimental.theories", "Theory") or a.hasQualifiedName("org.junit.experimental.theories", "DataPoint") or @@ -63,7 +63,7 @@ class JUnitDataPointField extends ReflectivelyReadField { a.hasQualifiedName("org.junit.experimental.theories", "DataPoint") or a.hasQualifiedName("org.junit.experimental.theories", "DataPoints") ) and - getDeclaringType() instanceof JUnitTheoryTest + this.getDeclaringType() instanceof JUnitTheoryTest ) } } @@ -152,7 +152,7 @@ class CucumberConstructedClass extends ReflectivelyConstructedClass { // Consider any constructor to be live - Cucumber calls a runtime-specified dependency // injection framework (possibly an in-built one) to construct these instances, so any // constructor could be called. - result = getAConstructor() + result = this.getAConstructor() } } diff --git a/java/ql/lib/semmle/code/java/deadcode/WebEntryPoints.qll b/java/ql/lib/semmle/code/java/deadcode/WebEntryPoints.qll index b31a04e11be..b9034600ca3 100644 --- a/java/ql/lib/semmle/code/java/deadcode/WebEntryPoints.qll +++ b/java/ql/lib/semmle/code/java/deadcode/WebEntryPoints.qll @@ -29,7 +29,7 @@ class ServletConstructedClass extends ReflectivelyConstructedClass { */ class ServletListenerClass extends ReflectivelyConstructedClass { ServletListenerClass() { - getAnAncestor() instanceof ServletWebXMLListenerType and + this.getAnAncestor() instanceof ServletWebXMLListenerType and // If we have seen any `web.xml` files, this listener will be considered to be live only if it is // referred to as a listener-class in at least one. If no `web.xml` files are found, we assume // that XML extraction was not enabled, and therefore consider all listener classes as live. @@ -47,7 +47,7 @@ class ServletListenerClass extends ReflectivelyConstructedClass { */ class ServletFilterClass extends ReflectivelyConstructedClass { ServletFilterClass() { - getASupertype*().hasQualifiedName("javax.servlet", "Filter") and + this.getASupertype*().hasQualifiedName("javax.servlet", "Filter") and // If we have seen any `web.xml` files, this filter will be considered to be live only if it is // referred to as a filter-class in at least one. If no `web.xml` files are found, we assume // that XML extraction was not enabled, and therefore consider all filter classes as live. diff --git a/java/ql/lib/semmle/code/java/frameworks/Camel.qll b/java/ql/lib/semmle/code/java/frameworks/Camel.qll index cd845d0b33e..09bfa73d460 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Camel.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Camel.qll @@ -48,7 +48,7 @@ class CamelToBeanURI extends CamelToURI { /** * Gets the bean referenced by this URI. */ - SpringBean getRefBean() { result.getBeanIdentifier() = getBeanIdentifier() } + SpringBean getRefBean() { result.getBeanIdentifier() = this.getBeanIdentifier() } } /** diff --git a/java/ql/lib/semmle/code/java/frameworks/Guice.qll b/java/ql/lib/semmle/code/java/frameworks/Guice.qll index f7154df4bd2..8dfb6398398 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Guice.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Guice.qll @@ -31,7 +31,7 @@ class GuiceProvider extends Interface { * A method that overrides the `get` method on the interface `com.google.inject.Provider`. */ Method getAnOverridingGetMethod() { - exists(Method m | m.getSourceDeclaration() = getGetMethod() | result.overrides*(m)) + exists(Method m | m.getSourceDeclaration() = this.getGetMethod() | result.overrides*(m)) } } diff --git a/java/ql/lib/semmle/code/java/frameworks/JAXB.qll b/java/ql/lib/semmle/code/java/frameworks/JAXB.qll index 2b4e3702623..bf5e33cb004 100644 --- a/java/ql/lib/semmle/code/java/frameworks/JAXB.qll +++ b/java/ql/lib/semmle/code/java/frameworks/JAXB.qll @@ -17,11 +17,11 @@ library class JAXBMarshalMethod extends Method { } class JaxbAnnotationType extends AnnotationType { - JaxbAnnotationType() { getPackage().getName() = "javax.xml.bind.annotation" } + JaxbAnnotationType() { this.getPackage().getName() = "javax.xml.bind.annotation" } } class JaxbAnnotated extends Annotatable { - JaxbAnnotated() { getAnAnnotation().getType() instanceof JaxbAnnotationType } + JaxbAnnotated() { this.getAnAnnotation().getType() instanceof JaxbAnnotationType } predicate hasJaxbAnnotation(string name) { hasJaxbAnnotation(this, name) } } @@ -62,8 +62,8 @@ class JaxbType extends Class { * Gets the `XmlAccessType` associated with this class. */ XmlAccessType getXmlAccessType() { - if exists(getDeclaredAccessType()) - then result = getDeclaredAccessType() + if exists(this.getDeclaredAccessType()) + then result = this.getDeclaredAccessType() else // Default access type, if not specified. result.isPublicMember() @@ -81,22 +81,22 @@ class XmlAccessType extends EnumConstant { /** * All public getter/setter pairs and public fields will be bound. */ - predicate isPublicMember() { getName() = "PUBLIC_MEMBER" } + predicate isPublicMember() { this.getName() = "PUBLIC_MEMBER" } /** * All non-static, non-transient fields will be bound. */ - predicate isField() { getName() = "FIELD" } + predicate isField() { this.getName() = "FIELD" } /** * All getter/setter pairs will be bound. */ - predicate isProperty() { getName() = "PROPERTY" } + predicate isProperty() { this.getName() = "PROPERTY" } /** * Nothing will be bound automatically. */ - predicate isNone() { getName() = "NONE" } + predicate isNone() { this.getName() = "NONE" } } /** @@ -105,10 +105,10 @@ class XmlAccessType extends EnumConstant { */ class JaxbMemberAnnotation extends JaxbAnnotationType { JaxbMemberAnnotation() { - hasName("XmlElement") or - hasName("XmlAttribute") or - hasName("XmlElementRefs") or - hasName("XmlElements") + this.hasName("XmlElement") or + this.hasName("XmlAttribute") or + this.hasName("XmlElementRefs") or + this.hasName("XmlElements") } } @@ -121,14 +121,14 @@ private predicate isTransient(Member m) { hasJaxbAnnotation(m, "XmlTransient") } class JaxbBoundField extends Field { JaxbBoundField() { // Fields cannot be static, because JAXB creates instances. - not isStatic() and + not this.isStatic() and // Fields cannot be final, because JAXB instantiates the object, then sets the properties. - not isFinal() and + not this.isFinal() and // No transient fields are ever bound. not isTransient(this) and ( // Explicitly annotated to be bound. - exists(getAnAnnotation().getType().(JaxbMemberAnnotation)) + exists(this.getAnAnnotation().getType().(JaxbMemberAnnotation)) or // Within a JAXB type which has an `XmlAcessType` that binds this field. exists(JaxbType type | this.getDeclaringType() = type | @@ -136,7 +136,7 @@ class JaxbBoundField extends Field { type.getXmlAccessType().isField() or // Only public fields are automatically bound in this access type. - type.getXmlAccessType().isPublicMember() and isPublic() + type.getXmlAccessType().isPublicMember() and this.isPublic() ) ) } @@ -157,7 +157,7 @@ library class GetterOrSetterMethod extends Method { * Holds if this method has a "pair"ed method, e.g. whether there is an equivalent getter if this * is a setter, and vice versa. */ - predicate isProperty() { exists(getPair()) } + predicate isProperty() { exists(this.getPair()) } /** * Gets the "pair" method, if one exists; that is, the getter if this is a setter, and vice versa. @@ -183,16 +183,16 @@ class JaxbBoundGetterSetter extends GetterOrSetterMethod { this.getField() instanceof JaxbBoundField or // An annotation on this method or the pair that indicate that it is a valid setter/getter. - getThisOrPair().getAnAnnotation().getType() instanceof JaxbMemberAnnotation + this.getThisOrPair().getAnAnnotation().getType() instanceof JaxbMemberAnnotation or // Within a JAXB type which has an `XmlAcessType` that binds this method. exists(JaxbType c | this.getDeclaringType() = c | // If this is a "property" - both a setter and getter present for the XML element or attribute // - the `XmlAccessType` of the declaring type may cause this property to be bound. - isProperty() and + this.isProperty() and ( // In the `PUBLIC_MEMBER` case all public properties are considered bound. - c.getXmlAccessType().isPublicMember() and isPublic() + c.getXmlAccessType().isPublicMember() and this.isPublic() or // In "property" all properties are considered bound. c.getXmlAccessType().isProperty() diff --git a/java/ql/lib/semmle/code/java/frameworks/JUnitAnnotations.qll b/java/ql/lib/semmle/code/java/frameworks/JUnitAnnotations.qll index 18afe9403e2..8716f7d625c 100644 --- a/java/ql/lib/semmle/code/java/frameworks/JUnitAnnotations.qll +++ b/java/ql/lib/semmle/code/java/frameworks/JUnitAnnotations.qll @@ -64,5 +64,5 @@ class RunWithAnnotation extends Annotation { /** * Gets the runner that will be used. */ - Type getRunner() { result = getValue("value").(TypeLiteral).getReferencedType() } + Type getRunner() { result = this.getValue("value").(TypeLiteral).getReferencedType() } } diff --git a/java/ql/lib/semmle/code/java/frameworks/Jackson.qll b/java/ql/lib/semmle/code/java/frameworks/Jackson.qll index 5612311c730..f93f1afccc8 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Jackson.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Jackson.qll @@ -7,31 +7,31 @@ private import semmle.code.java.dataflow.DataFlow private class ObjectMapper extends RefType { ObjectMapper() { - getASupertype*().hasQualifiedName("com.fasterxml.jackson.databind", "ObjectMapper") + this.getASupertype*().hasQualifiedName("com.fasterxml.jackson.databind", "ObjectMapper") } } /** A builder for building Jackson's `JsonMapper`. */ class MapperBuilder extends RefType { MapperBuilder() { - hasQualifiedName("com.fasterxml.jackson.databind.cfg", "MapperBuilder") + this.hasQualifiedName("com.fasterxml.jackson.databind.cfg", "MapperBuilder") } } private class JsonFactory extends RefType { - JsonFactory() { hasQualifiedName("com.fasterxml.jackson.core", "JsonFactory") } + JsonFactory() { this.hasQualifiedName("com.fasterxml.jackson.core", "JsonFactory") } } private class JsonParser extends RefType { - JsonParser() { hasQualifiedName("com.fasterxml.jackson.core", "JsonParser") } + JsonParser() { this.hasQualifiedName("com.fasterxml.jackson.core", "JsonParser") } } /** A type descriptor in Jackson libraries. For example, `java.lang.Class`. */ class JacksonTypeDescriptorType extends RefType { JacksonTypeDescriptorType() { this instanceof TypeClass or - hasQualifiedName("com.fasterxml.jackson.databind", "JavaType") or - hasQualifiedName("com.fasterxml.jackson.core.type", "TypeReference") + this.hasQualifiedName("com.fasterxml.jackson.databind", "JavaType") or + this.hasQualifiedName("com.fasterxml.jackson.core.type", "TypeReference") } } diff --git a/java/ql/lib/semmle/code/java/frameworks/Jndi.qll b/java/ql/lib/semmle/code/java/frameworks/Jndi.qll index fce87dcddab..9294c0c97c7 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Jndi.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Jndi.qll @@ -41,39 +41,39 @@ class TypeLdapName extends Class { /** A method with the name `addAll` declared in `javax.naming.ldap.LdapName`. */ class MethodLdapNameAddAll extends Method { MethodLdapNameAddAll() { - getDeclaringType() instanceof TypeLdapName and - hasName("addAll") + this.getDeclaringType() instanceof TypeLdapName and + this.hasName("addAll") } } /** A method with the name `clone` declared in `javax.naming.ldap.LdapName`. */ class MethodLdapNameClone extends Method { MethodLdapNameClone() { - getDeclaringType() instanceof TypeLdapName and - hasName("clone") + this.getDeclaringType() instanceof TypeLdapName and + this.hasName("clone") } } /** A method with the name `getAll` declared in `javax.naming.ldap.LdapName`. */ class MethodLdapNameGetAll extends Method { MethodLdapNameGetAll() { - getDeclaringType() instanceof TypeLdapName and - hasName("getAll") + this.getDeclaringType() instanceof TypeLdapName and + this.hasName("getAll") } } /** A method with the name `getRdns` declared in `javax.naming.ldap.LdapName`. */ class MethodLdapNameGetRdns extends Method { MethodLdapNameGetRdns() { - getDeclaringType() instanceof TypeLdapName and - hasName("getRdns") + this.getDeclaringType() instanceof TypeLdapName and + this.hasName("getRdns") } } /** A method with the name `toString` declared in `javax.naming.ldap.LdapName`. */ class MethodLdapNameToString extends Method { MethodLdapNameToString() { - getDeclaringType() instanceof TypeLdapName and - hasName("toString") + this.getDeclaringType() instanceof TypeLdapName and + this.hasName("toString") } } diff --git a/java/ql/lib/semmle/code/java/frameworks/Kryo.qll b/java/ql/lib/semmle/code/java/frameworks/Kryo.qll index 317148d56b5..057b10de632 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Kryo.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Kryo.qll @@ -11,8 +11,8 @@ private import semmle.code.java.dataflow.FlowSteps */ class Kryo extends RefType { Kryo() { - hasQualifiedName("com.esotericsoftware.kryo", "Kryo") or - hasQualifiedName("com.esotericsoftware.kryo5", "Kryo") + this.hasQualifiedName("com.esotericsoftware.kryo", "Kryo") or + this.hasQualifiedName("com.esotericsoftware.kryo5", "Kryo") } } @@ -21,8 +21,8 @@ class Kryo extends RefType { */ class KryoInput extends RefType { KryoInput() { - hasQualifiedName("com.esotericsoftware.kryo.io", "Input") or - hasQualifiedName("com.esotericsoftware.kryo5.io", "Input") + this.hasQualifiedName("com.esotericsoftware.kryo.io", "Input") or + this.hasQualifiedName("com.esotericsoftware.kryo5.io", "Input") } } @@ -31,8 +31,8 @@ class KryoInput extends RefType { */ class KryoPool extends RefType { KryoPool() { - hasQualifiedName("com.esotericsoftware.kryo.pool", "KryoPool") or - hasQualifiedName("com.esotericsoftware.kryo5.pool", "KryoPool") + this.hasQualifiedName("com.esotericsoftware.kryo.pool", "KryoPool") or + this.hasQualifiedName("com.esotericsoftware.kryo5.pool", "KryoPool") } } @@ -41,8 +41,8 @@ class KryoPool extends RefType { */ class KryoPoolBuilder extends RefType { KryoPoolBuilder() { - hasQualifiedName("com.esotericsoftware.kryo.pool", "KryoPool$Builder") or - hasQualifiedName("com.esotericsoftware.kryo5.pool", "KryoPool$Builder") + this.hasQualifiedName("com.esotericsoftware.kryo.pool", "KryoPool$Builder") or + this.hasQualifiedName("com.esotericsoftware.kryo5.pool", "KryoPool$Builder") } } @@ -51,10 +51,10 @@ class KryoPoolBuilder extends RefType { */ class KryoPoolBuilderMethod extends Method { KryoPoolBuilderMethod() { - getDeclaringType() instanceof KryoPoolBuilder and + this.getDeclaringType() instanceof KryoPoolBuilder and ( - getReturnType() instanceof KryoPoolBuilder or - getReturnType() instanceof KryoPool + this.getReturnType() instanceof KryoPoolBuilder or + this.getReturnType() instanceof KryoPool ) } } @@ -92,7 +92,7 @@ class KryoEnableWhiteListing extends MethodAccess { */ class KryoPoolRunMethod extends Method { KryoPoolRunMethod() { - getDeclaringType() instanceof KryoPool and - hasName("run") + this.getDeclaringType() instanceof KryoPool and + this.hasName("run") } } diff --git a/java/ql/lib/semmle/code/java/frameworks/Mockito.qll b/java/ql/lib/semmle/code/java/frameworks/Mockito.qll index 1745d3a9f5b..e42da4db357 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Mockito.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Mockito.qll @@ -11,8 +11,8 @@ import java */ class MockitoVerifyMethod extends Method { MockitoVerifyMethod() { - getDeclaringType().getPackage().getName().matches("org.mockito%") and - hasName("verify") + this.getDeclaringType().getPackage().getName().matches("org.mockito%") and + this.hasName("verify") } } @@ -21,7 +21,7 @@ class MockitoVerifyMethod extends Method { */ class MockitoVerifiedMethodAccess extends MethodAccess { MockitoVerifiedMethodAccess() { - getQualifier().(MethodAccess).getMethod() instanceof MockitoVerifyMethod + this.getQualifier().(MethodAccess).getMethod() instanceof MockitoVerifyMethod } } @@ -41,8 +41,8 @@ class MockitoMockableType extends ClassOrInterface { */ class MockitoInitMocks extends Method { MockitoInitMocks() { - getDeclaringType().hasQualifiedName("org.mockito", "MockitoAnnotations") and - hasName("initMocks") + this.getDeclaringType().hasQualifiedName("org.mockito", "MockitoAnnotations") and + this.hasName("initMocks") } } @@ -61,10 +61,10 @@ class MockitoInitedTest extends Class { or // Call to `MockitoAnnotations.initMocks()`, either by the constructor or by a `@Before` method. exists(MockitoInitMocks initMocks | - getAConstructor().calls*(initMocks) + this.getAConstructor().calls*(initMocks) or exists(Method m | - m = getAnAncestor().getAMethod() and + m = this.getAnAncestor().getAMethod() and ( m.hasAnnotation("org.junit", "Before") or m.hasAnnotation("org.testng.annotations", "BeforeMethod") @@ -85,8 +85,8 @@ class MockitoInitedTest extends Class { */ class MockitoAnnotation extends Annotation { MockitoAnnotation() { - getType().getPackage().getName().matches("org.mockito") or - getType().getPackage().getName().matches("org.mockito.%") + this.getType().getPackage().getName().matches("org.mockito") or + this.getType().getPackage().getName().matches("org.mockito.%") } } @@ -95,11 +95,11 @@ class MockitoAnnotation extends Annotation { */ class MockitoExclusiveAnnotation extends MockitoAnnotation { MockitoExclusiveAnnotation() { - getType().hasQualifiedName("org.mockito", "Mock") or - getType().hasQualifiedName("org.mockito", "MockitoAnnotations$Mock") or - getType().hasQualifiedName("org.mockito", "InjectMocks") or - getType().hasQualifiedName("org.mockito", "Spy") or - getType().hasQualifiedName("org.mockito", "Captor") + this.getType().hasQualifiedName("org.mockito", "Mock") or + this.getType().hasQualifiedName("org.mockito", "MockitoAnnotations$Mock") or + this.getType().hasQualifiedName("org.mockito", "InjectMocks") or + this.getType().hasQualifiedName("org.mockito", "Spy") or + this.getType().hasQualifiedName("org.mockito", "Captor") } } @@ -107,16 +107,16 @@ class MockitoExclusiveAnnotation extends MockitoAnnotation { * A field which has a Mockito annotation. */ class MockitoAnnotatedField extends Field { - MockitoAnnotatedField() { getAnAnnotation() instanceof MockitoAnnotation } + MockitoAnnotatedField() { this.getAnAnnotation() instanceof MockitoAnnotation } /** * Holds if this field will be processed by Mockito. */ predicate isValid() { // Mockito annotations are never parsed if the test isn't properly initialized. - getDeclaringType() instanceof MockitoInitedTest and + this.getDeclaringType() instanceof MockitoInitedTest and // There should only be one "exclusive" mockito annotation per field. - count(getAnAnnotation().(MockitoExclusiveAnnotation)) = 1 + count(this.getAnAnnotation().(MockitoExclusiveAnnotation)) = 1 } } @@ -125,16 +125,16 @@ class MockitoAnnotatedField extends Field { */ class MockitoMockedField extends MockitoAnnotatedField { MockitoMockedField() { - hasAnnotation("org.mockito", "Mock") + this.hasAnnotation("org.mockito", "Mock") or // Deprecated style. - hasAnnotation("org.mockito", "MockitoAnnotations$Mock") + this.hasAnnotation("org.mockito", "MockitoAnnotations$Mock") } override predicate isValid() { super.isValid() and // The type must also be mockable, otherwise it will not be initialized. - getType() instanceof MockitoMockableType + this.getType() instanceof MockitoMockableType } /** @@ -142,12 +142,13 @@ class MockitoMockedField extends MockitoAnnotatedField { */ predicate isReferencedByInjection() { exists(MockitoInjectedField injectedField | - injectedField.getDeclaringType() = getDeclaringType() + injectedField.getDeclaringType() = this.getDeclaringType() | // A `@Mock` is injected if it is used in one of the invoked callables (constructor or // setter), or injected directly onto a field. - getType().(RefType).getAnAncestor() = injectedField.getAnInvokedCallable().getAParamType() or - getType().(RefType).getAnAncestor() = injectedField.getASetField().getType() + this.getType().(RefType).getAnAncestor() = + injectedField.getAnInvokedCallable().getAParamType() or + this.getType().(RefType).getAnAncestor() = injectedField.getASetField().getType() ) } } @@ -156,25 +157,25 @@ class MockitoMockedField extends MockitoAnnotatedField { * A field annotated with `@InjectMocks`. */ class MockitoInjectedField extends MockitoAnnotatedField { - MockitoInjectedField() { hasAnnotation("org.mockito", "InjectMocks") } + MockitoInjectedField() { this.hasAnnotation("org.mockito", "InjectMocks") } override predicate isValid() { super.isValid() and ( // If we need to initialize the field, it is only valid if the type is a `Class` that is not // local, is static if it is a nested class, and is not abstract. - exists(getInitializer()) + exists(this.getInitializer()) or - exists(Class c | c = getType() | + exists(Class c | c = this.getType() | not c.isLocal() and - (getType() instanceof NestedClass implies c.(NestedClass).isStatic()) and + (this.getType() instanceof NestedClass implies c.(NestedClass).isStatic()) and not c.isAbstract() ) ) and ( // If neither of these is true, then mockito will fail to initialize this field. - usingConstructorInjection() or - usingPropertyInjection() + this.usingConstructorInjection() or + this.usingPropertyInjection() ) } @@ -184,7 +185,8 @@ class MockitoInjectedField extends MockitoAnnotatedField { * Note: this does not include the no-arg constructor. */ predicate usingConstructorInjection() { - not exists(getInitializer()) and exists(getMockInjectedClass().getAMostMockableConstructor()) + not exists(this.getInitializer()) and + exists(this.getMockInjectedClass().getAMostMockableConstructor()) } /** @@ -194,10 +196,10 @@ class MockitoInjectedField extends MockitoAnnotatedField { * constructor, in addition to any property. */ predicate usingPropertyInjection() { - not usingConstructorInjection() and + not this.usingConstructorInjection() and ( - exists(getInitializer()) or - exists(getMockInjectedClass().getNoArgsConstructor()) + exists(this.getInitializer()) or + exists(this.getMockInjectedClass().getNoArgsConstructor()) ) } @@ -212,18 +214,18 @@ class MockitoInjectedField extends MockitoAnnotatedField { Callable getAnInvokedCallable() { exists(MockitoMockInjectedClass mockInjectedClass | // This is the type we are constructing/injecting. - mockInjectedClass = getType() + mockInjectedClass = this.getType() | - if usingConstructorInjection() + if this.usingConstructorInjection() then // If there is no initializer for this field, and there is a most mockable constructor, // then we are doing a parameterized injection of mocks into a most mockable constructor. result = mockInjectedClass.getAMostMockableConstructor() else - if usingPropertyInjection() + if this.usingPropertyInjection() then // We will call the no-arg constructor if the field wasn't initialized. - not exists(getInitializer()) and + not exists(this.getInitializer()) and result = mockInjectedClass.getNoArgsConstructor() or // Perform property injection into setter fields, but only where there exists a mock @@ -249,9 +251,9 @@ class MockitoInjectedField extends MockitoAnnotatedField { * Field injection only occurs if property injection and not constructor injection is used. */ Field getASetField() { - if usingPropertyInjection() + if this.usingPropertyInjection() then - result = getMockInjectedClass().getASetField() and + result = this.getMockInjectedClass().getASetField() and exists(MockitoMockedField mockedField | mockedField.getDeclaringType() = this.getDeclaringType() and mockedField.isValid() @@ -268,15 +270,15 @@ class MockitoInjectedField extends MockitoAnnotatedField { * A field annotated with the Mockito `@Spy` annotation. */ class MockitoSpiedField extends MockitoAnnotatedField { - MockitoSpiedField() { hasAnnotation("org.mockito", "Spy") } + MockitoSpiedField() { this.hasAnnotation("org.mockito", "Spy") } override predicate isValid() { super.isValid() and ( - exists(getInitializer()) + exists(this.getInitializer()) or exists(Constructor c | - c = getType().(RefType).getAConstructor() and c.getNumberOfParameters() = 0 + c = this.getType().(RefType).getAConstructor() and c.getNumberOfParameters() = 0 ) ) } @@ -284,7 +286,7 @@ class MockitoSpiedField extends MockitoAnnotatedField { /** * Holds if construction ever occurs. */ - predicate isConstructed() { not exists(getInitializer()) } + predicate isConstructed() { not exists(this.getInitializer()) } } private int mockableParameterCount(Constructor constructor) { @@ -312,8 +314,8 @@ library class MockitoMockInjectedClass extends Class { * Mockito will call only one of them, but which one is dependent on the JVM... */ Constructor getAMostMockableConstructor() { - result = getAConstructor() and - mockableParameterCount(result) = max(mockableParameterCount(getAConstructor())) and + result = this.getAConstructor() and + mockableParameterCount(result) = max(mockableParameterCount(this.getAConstructor())) and result.getNumberOfParameters() > 0 } @@ -331,7 +333,7 @@ library class MockitoMockInjectedClass extends Class { * it sets. */ Method getASetterMethod() { - result = getAMethod() and + result = this.getAMethod() and exists(MockitoSettableField settableField | result = settableField.getSetterMethod()) } @@ -342,7 +344,7 @@ library class MockitoMockInjectedClass extends Class { * setter method. */ MockitoSettableField getASetField() { - result = getAField() and + result = this.getAField() and not exists(result.getSetterMethod()) } } @@ -353,8 +355,8 @@ library class MockitoMockInjectedClass extends Class { */ class MockitoSettableField extends Field { MockitoSettableField() { - not isFinal() and - not isStatic() and + not this.isFinal() and + not this.isStatic() and exists(MockitoMockInjectedClass injectedClass | injectedClass = this.getDeclaringType()) } diff --git a/java/ql/lib/semmle/code/java/frameworks/Networking.qll b/java/ql/lib/semmle/code/java/frameworks/Networking.qll index 10a1999b8b8..6e5ad743d44 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Networking.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Networking.qll @@ -6,39 +6,39 @@ import semmle.code.java.Type /** The type `java.net.URLConnection`. */ class TypeUrlConnection extends RefType { - TypeUrlConnection() { hasQualifiedName("java.net", "URLConnection") } + TypeUrlConnection() { this.hasQualifiedName("java.net", "URLConnection") } } /** The type `java.net.Socket`. */ class TypeSocket extends RefType { - TypeSocket() { hasQualifiedName("java.net", "Socket") } + TypeSocket() { this.hasQualifiedName("java.net", "Socket") } } /** The type `java.net.URL`. */ class TypeUrl extends RefType { - TypeUrl() { hasQualifiedName("java.net", "URL") } + TypeUrl() { this.hasQualifiedName("java.net", "URL") } } /** The type `java.net.URI`. */ class TypeUri extends RefType { - TypeUri() { hasQualifiedName("java.net", "URI") } + TypeUri() { this.hasQualifiedName("java.net", "URI") } } /** The method `java.net.URLConnection::getInputStream`. */ class URLConnectionGetInputStreamMethod extends Method { URLConnectionGetInputStreamMethod() { - getDeclaringType() instanceof TypeUrlConnection and - hasName("getInputStream") and - hasNoParameters() + this.getDeclaringType() instanceof TypeUrlConnection and + this.hasName("getInputStream") and + this.hasNoParameters() } } /** The method `java.net.Socket::getInputStream`. */ class SocketGetInputStreamMethod extends Method { SocketGetInputStreamMethod() { - getDeclaringType() instanceof TypeSocket and - hasName("getInputStream") and - hasNoParameters() + this.getDeclaringType() instanceof TypeSocket and + this.hasName("getInputStream") and + this.hasNoParameters() } } diff --git a/java/ql/lib/semmle/code/java/frameworks/Protobuf.qll b/java/ql/lib/semmle/code/java/frameworks/Protobuf.qll index 7382294f6f9..414517924b4 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Protobuf.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Protobuf.qll @@ -30,7 +30,7 @@ class ProtobufMessageLite extends Interface { * Gets a static method named `parseFrom` (or similar) declared on a subtype of the `MessageLite` interface. */ Method getAParseFromMethod() { - result = getASubtype+().getAMethod() and + result = this.getASubtype+().getAMethod() and result.getName().matches("parse%From") and result.isStatic() } diff --git a/java/ql/lib/semmle/code/java/frameworks/SnakeYaml.qll b/java/ql/lib/semmle/code/java/frameworks/SnakeYaml.qll index db5687f916a..31532dcb02d 100644 --- a/java/ql/lib/semmle/code/java/frameworks/SnakeYaml.qll +++ b/java/ql/lib/semmle/code/java/frameworks/SnakeYaml.qll @@ -37,14 +37,14 @@ private class SafeYamlConstructionFlowConfig extends DataFlow2::Configuration { src.asExpr() instanceof SafeSnakeYamlConstruction } - override predicate isSink(DataFlow::Node sink) { sink = yamlClassInstanceExprArgument(_) } + override predicate isSink(DataFlow::Node sink) { sink = this.yamlClassInstanceExprArgument(_) } private DataFlow::ExprNode yamlClassInstanceExprArgument(ClassInstanceExpr cie) { cie.getConstructedType() instanceof Yaml and result.getExpr() = cie.getArgument(0) } - ClassInstanceExpr getSafeYaml() { hasFlowTo(yamlClassInstanceExprArgument(result)) } + ClassInstanceExpr getSafeYaml() { this.hasFlowTo(this.yamlClassInstanceExprArgument(result)) } } /** @@ -70,13 +70,13 @@ private class SafeYamlFlowConfig extends DataFlow3::Configuration { override predicate isSource(DataFlow::Node src) { src.asExpr() instanceof SafeYaml } - override predicate isSink(DataFlow::Node sink) { sink = yamlParseQualifier(_) } + override predicate isSink(DataFlow::Node sink) { sink = this.yamlParseQualifier(_) } private DataFlow::ExprNode yamlParseQualifier(SnakeYamlParse syp) { result.getExpr() = syp.getQualifier() } - SnakeYamlParse getASafeSnakeYamlParse() { hasFlowTo(yamlParseQualifier(result)) } + SnakeYamlParse getASafeSnakeYamlParse() { this.hasFlowTo(this.yamlParseQualifier(result)) } } /** diff --git a/java/ql/lib/semmle/code/java/frameworks/SpringLdap.qll b/java/ql/lib/semmle/code/java/frameworks/SpringLdap.qll index 68124273f40..2db8435c22c 100644 --- a/java/ql/lib/semmle/code/java/frameworks/SpringLdap.qll +++ b/java/ql/lib/semmle/code/java/frameworks/SpringLdap.qll @@ -77,8 +77,8 @@ class TypeLdapOperations extends Interface { */ class MethodSpringLdapTemplateAuthenticate extends Method { MethodSpringLdapTemplateAuthenticate() { - getDeclaringType() instanceof TypeSpringLdapTemplate and - hasName("authenticate") + this.getDeclaringType() instanceof TypeSpringLdapTemplate and + this.hasName("authenticate") } } @@ -88,8 +88,8 @@ class MethodSpringLdapTemplateAuthenticate extends Method { */ class MethodSpringLdapTemplateFind extends Method { MethodSpringLdapTemplateFind() { - getDeclaringType() instanceof TypeSpringLdapTemplate and - hasName("find") + this.getDeclaringType() instanceof TypeSpringLdapTemplate and + this.hasName("find") } } @@ -99,8 +99,8 @@ class MethodSpringLdapTemplateFind extends Method { */ class MethodSpringLdapTemplateFindOne extends Method { MethodSpringLdapTemplateFindOne() { - getDeclaringType() instanceof TypeSpringLdapTemplate and - hasName("findOne") + this.getDeclaringType() instanceof TypeSpringLdapTemplate and + this.hasName("findOne") } } @@ -110,8 +110,8 @@ class MethodSpringLdapTemplateFindOne extends Method { */ class MethodSpringLdapTemplateSearch extends Method { MethodSpringLdapTemplateSearch() { - getDeclaringType() instanceof TypeSpringLdapTemplate and - hasName("search") + this.getDeclaringType() instanceof TypeSpringLdapTemplate and + this.hasName("search") } } @@ -121,8 +121,8 @@ class MethodSpringLdapTemplateSearch extends Method { */ class MethodSpringLdapTemplateSearchForContext extends Method { MethodSpringLdapTemplateSearchForContext() { - getDeclaringType() instanceof TypeSpringLdapTemplate and - hasName("searchForContext") + this.getDeclaringType() instanceof TypeSpringLdapTemplate and + this.hasName("searchForContext") } } @@ -132,8 +132,8 @@ class MethodSpringLdapTemplateSearchForContext extends Method { */ class MethodSpringLdapTemplateSearchForObject extends Method { MethodSpringLdapTemplateSearchForObject() { - getDeclaringType() instanceof TypeSpringLdapTemplate and - hasName("searchForObject") + this.getDeclaringType() instanceof TypeSpringLdapTemplate and + this.hasName("searchForObject") } } @@ -143,8 +143,8 @@ class MethodSpringLdapTemplateSearchForObject extends Method { */ class MethodSpringLdapQueryBuilderFilter extends Method { MethodSpringLdapQueryBuilderFilter() { - getDeclaringType() instanceof TypeSpringLdapQueryBuilder and - hasName("filter") + this.getDeclaringType() instanceof TypeSpringLdapQueryBuilder and + this.hasName("filter") } } @@ -154,8 +154,8 @@ class MethodSpringLdapQueryBuilderFilter extends Method { */ class MethodSpringLdapQueryBuilderBase extends Method { MethodSpringLdapQueryBuilderBase() { - getDeclaringType() instanceof TypeSpringLdapQueryBuilder and - hasName("base") + this.getDeclaringType() instanceof TypeSpringLdapQueryBuilder and + this.hasName("base") } } @@ -165,8 +165,8 @@ class MethodSpringLdapQueryBuilderBase extends Method { */ class MethodSpringLdapNameBuilderNewInstance extends Method { MethodSpringLdapNameBuilderNewInstance() { - getDeclaringType() instanceof TypeSpringLdapNameBuilder and - hasName("newInstance") + this.getDeclaringType() instanceof TypeSpringLdapNameBuilder and + this.hasName("newInstance") } } @@ -176,8 +176,8 @@ class MethodSpringLdapNameBuilderNewInstance extends Method { */ class MethodSpringLdapNameBuilderAdd extends Method { MethodSpringLdapNameBuilderAdd() { - getDeclaringType() instanceof TypeSpringLdapNameBuilder and - hasName("add") + this.getDeclaringType() instanceof TypeSpringLdapNameBuilder and + this.hasName("add") } } @@ -187,8 +187,8 @@ class MethodSpringLdapNameBuilderAdd extends Method { */ class MethodSpringLdapNameBuilderBuild extends Method { MethodSpringLdapNameBuilderBuild() { - getDeclaringType() instanceof TypeSpringLdapNameBuilder and - hasName("build") + this.getDeclaringType() instanceof TypeSpringLdapNameBuilder and + this.hasName("build") } } @@ -198,7 +198,7 @@ class MethodSpringLdapNameBuilderBuild extends Method { */ class MethodSpringLdapUtilsNewLdapName extends Method { MethodSpringLdapUtilsNewLdapName() { - getDeclaringType() instanceof TypeSpringLdapUtils and - hasName("newLdapName") + this.getDeclaringType() instanceof TypeSpringLdapUtils and + this.hasName("newLdapName") } } diff --git a/java/ql/lib/semmle/code/java/frameworks/Thrift.qll b/java/ql/lib/semmle/code/java/frameworks/Thrift.qll index 60ca7ee7b4d..9b2e2fcd5a2 100644 --- a/java/ql/lib/semmle/code/java/frameworks/Thrift.qll +++ b/java/ql/lib/semmle/code/java/frameworks/Thrift.qll @@ -27,7 +27,7 @@ class ThriftIface extends Interface { Method getAnImplementingMethod() { result.getDeclaringType().(Class).getASupertype+() = this and - result.overrides(getAMethod()) and + result.overrides(this.getAMethod()) and not result.getFile() = this.getFile() } } diff --git a/java/ql/lib/semmle/code/java/frameworks/UnboundId.qll b/java/ql/lib/semmle/code/java/frameworks/UnboundId.qll index 8eee0f14ce5..88156da0264 100644 --- a/java/ql/lib/semmle/code/java/frameworks/UnboundId.qll +++ b/java/ql/lib/semmle/code/java/frameworks/UnboundId.qll @@ -35,79 +35,79 @@ class TypeUnboundIdLDAPConnection extends Class { /** A method with the name `setBaseDN` declared in `com.unboundid.ldap.sdk.SearchRequest`. */ class MethodUnboundIdSearchRequestSetBaseDN extends Method { MethodUnboundIdSearchRequestSetBaseDN() { - getDeclaringType() instanceof TypeUnboundIdSearchRequest and - hasName("setBaseDN") + this.getDeclaringType() instanceof TypeUnboundIdSearchRequest and + this.hasName("setBaseDN") } } /** A method with the name `setFilter` declared in `com.unboundid.ldap.sdk.SearchRequest`. */ class MethodUnboundIdSearchRequestSetFilter extends Method { MethodUnboundIdSearchRequestSetFilter() { - getDeclaringType() instanceof TypeUnboundIdSearchRequest and - hasName("setFilter") + this.getDeclaringType() instanceof TypeUnboundIdSearchRequest and + this.hasName("setFilter") } } /** A method with the name `create` declared in `com.unboundid.ldap.sdk.Filter`. */ class MethodUnboundIdFilterCreate extends Method { MethodUnboundIdFilterCreate() { - getDeclaringType() instanceof TypeUnboundIdLdapFilter and - hasName("create") + this.getDeclaringType() instanceof TypeUnboundIdLdapFilter and + this.hasName("create") } } /** A method with the name `createANDFilter` declared in `com.unboundid.ldap.sdk.Filter`. */ class MethodUnboundIdFilterCreateANDFilter extends Method { MethodUnboundIdFilterCreateANDFilter() { - getDeclaringType() instanceof TypeUnboundIdLdapFilter and - hasName("createANDFilter") + this.getDeclaringType() instanceof TypeUnboundIdLdapFilter and + this.hasName("createANDFilter") } } /** A method with the name `createORFilter` declared in `com.unboundid.ldap.sdk.Filter`. */ class MethodUnboundIdFilterCreateORFilter extends Method { MethodUnboundIdFilterCreateORFilter() { - getDeclaringType() instanceof TypeUnboundIdLdapFilter and - hasName("createORFilter") + this.getDeclaringType() instanceof TypeUnboundIdLdapFilter and + this.hasName("createORFilter") } } /** A method with the name `createNOTFilter` declared in `com.unboundid.ldap.sdk.Filter`. */ class MethodUnboundIdFilterCreateNOTFilter extends Method { MethodUnboundIdFilterCreateNOTFilter() { - getDeclaringType() instanceof TypeUnboundIdLdapFilter and - hasName("createNOTFilter") + this.getDeclaringType() instanceof TypeUnboundIdLdapFilter and + this.hasName("createNOTFilter") } } /** A method with the name `simplifyFilter` declared in `com.unboundid.ldap.sdk.Filter`. */ class MethodUnboundIdFilterSimplifyFilter extends Method { MethodUnboundIdFilterSimplifyFilter() { - getDeclaringType() instanceof TypeUnboundIdLdapFilter and - hasName("simplifyFilter") + this.getDeclaringType() instanceof TypeUnboundIdLdapFilter and + this.hasName("simplifyFilter") } } /** A method with the name `search` declared in `com.unboundid.ldap.sdk.LDAPConnection`. */ class MethodUnboundIdLDAPConnectionSearch extends Method { MethodUnboundIdLDAPConnectionSearch() { - getDeclaringType() instanceof TypeUnboundIdLDAPConnection and - hasName("search") + this.getDeclaringType() instanceof TypeUnboundIdLDAPConnection and + this.hasName("search") } } /** A method with the name `asyncSearch` declared in `com.unboundid.ldap.sdk.LDAPConnection`. */ class MethodUnboundIdLDAPConnectionAsyncSearch extends Method { MethodUnboundIdLDAPConnectionAsyncSearch() { - getDeclaringType() instanceof TypeUnboundIdLDAPConnection and - hasName("asyncSearch") + this.getDeclaringType() instanceof TypeUnboundIdLDAPConnection and + this.hasName("asyncSearch") } } /** A method with the name `searchForEntry` declared in `com.unboundid.ldap.sdk.LDAPConnection`. */ class MethodUnboundIdLDAPConnectionSearchForEntry extends Method { MethodUnboundIdLDAPConnectionSearchForEntry() { - getDeclaringType() instanceof TypeUnboundIdLDAPConnection and - hasName("searchForEntry") + this.getDeclaringType() instanceof TypeUnboundIdLDAPConnection and + this.hasName("searchForEntry") } } diff --git a/java/ql/lib/semmle/code/java/frameworks/android/Android.qll b/java/ql/lib/semmle/code/java/frameworks/android/Android.qll index a599f7befc9..c019dc11bd8 100644 --- a/java/ql/lib/semmle/code/java/frameworks/android/Android.qll +++ b/java/ql/lib/semmle/code/java/frameworks/android/Android.qll @@ -37,10 +37,12 @@ class AndroidComponent extends Class { } /** Holds if this Android component is configured as `exported` in an `AndroidManifest.xml` file. */ - predicate isExported() { getAndroidComponentXmlElement().isExported() } + predicate isExported() { this.getAndroidComponentXmlElement().isExported() } /** Holds if this Android component has an intent filter configured in an `AndroidManifest.xml` file. */ - predicate hasIntentFilter() { exists(getAndroidComponentXmlElement().getAnIntentFilterElement()) } + predicate hasIntentFilter() { + exists(this.getAndroidComponentXmlElement().getAnIntentFilterElement()) + } } /** @@ -53,10 +55,10 @@ class ExportableAndroidComponent extends AndroidComponent { * `AndroidManifest.xml` file. */ override predicate isExported() { - getAndroidComponentXmlElement().isExported() + this.getAndroidComponentXmlElement().isExported() or - hasIntentFilter() and - not getAndroidComponentXmlElement().isNotExported() + this.hasIntentFilter() and + not this.getAndroidComponentXmlElement().isNotExported() } } @@ -88,7 +90,7 @@ class AndroidContentProvider extends ExportableAndroidComponent { * in an `AndroidManifest.xml` file. */ predicate requiresPermissions() { - getAndroidComponentXmlElement().(AndroidProviderXmlElement).requiresPermissions() + this.getAndroidComponentXmlElement().(AndroidProviderXmlElement).requiresPermissions() } } diff --git a/java/ql/lib/semmle/code/java/frameworks/android/Intent.qll b/java/ql/lib/semmle/code/java/frameworks/android/Intent.qll index 3798d91d99a..296d6b39b2b 100644 --- a/java/ql/lib/semmle/code/java/frameworks/android/Intent.qll +++ b/java/ql/lib/semmle/code/java/frameworks/android/Intent.qll @@ -7,35 +7,37 @@ import semmle.code.java.dataflow.ExternalFlow * The class `android.content.Intent`. */ class TypeIntent extends Class { - TypeIntent() { hasQualifiedName("android.content", "Intent") } + TypeIntent() { this.hasQualifiedName("android.content", "Intent") } } /** * The class `android.app.Activity`. */ class TypeActivity extends Class { - TypeActivity() { hasQualifiedName("android.app", "Activity") } + TypeActivity() { this.hasQualifiedName("android.app", "Activity") } } /** * The class `android.content.Context`. */ class TypeContext extends RefType { - TypeContext() { hasQualifiedName("android.content", "Context") } + TypeContext() { this.hasQualifiedName("android.content", "Context") } } /** * The class `android.content.BroadcastReceiver`. */ class TypeBroadcastReceiver extends Class { - TypeBroadcastReceiver() { hasQualifiedName("android.content", "BroadcastReceiver") } + TypeBroadcastReceiver() { this.hasQualifiedName("android.content", "BroadcastReceiver") } } /** * The method `Activity.getIntent` */ class AndroidGetIntentMethod extends Method { - AndroidGetIntentMethod() { hasName("getIntent") and getDeclaringType() instanceof TypeActivity } + AndroidGetIntentMethod() { + this.hasName("getIntent") and this.getDeclaringType() instanceof TypeActivity + } } /** @@ -43,7 +45,7 @@ class AndroidGetIntentMethod extends Method { */ class AndroidReceiveIntentMethod extends Method { AndroidReceiveIntentMethod() { - hasName("onReceive") and getDeclaringType() instanceof TypeBroadcastReceiver + this.hasName("onReceive") and this.getDeclaringType() instanceof TypeBroadcastReceiver } } @@ -52,8 +54,8 @@ class AndroidReceiveIntentMethod extends Method { */ class ContextStartActivityMethod extends Method { ContextStartActivityMethod() { - (hasName("startActivity") or hasName("startActivities")) and - getDeclaringType() instanceof TypeContext + (this.hasName("startActivity") or this.hasName("startActivities")) and + this.getDeclaringType() instanceof TypeContext } } @@ -70,8 +72,8 @@ private class IntentFieldsInheritTaint extends DataFlow::SyntheticFieldContent, */ class IntentGetParcelableExtraMethod extends Method { IntentGetParcelableExtraMethod() { - hasName("getParcelableExtra") and - getDeclaringType() instanceof TypeIntent + this.hasName("getParcelableExtra") and + this.getDeclaringType() instanceof TypeIntent } } diff --git a/java/ql/lib/semmle/code/java/frameworks/android/WebView.qll b/java/ql/lib/semmle/code/java/frameworks/android/WebView.qll index 683faa73bef..6717eed4f63 100644 --- a/java/ql/lib/semmle/code/java/frameworks/android/WebView.qll +++ b/java/ql/lib/semmle/code/java/frameworks/android/WebView.qll @@ -1,15 +1,15 @@ import java class TypeWebView extends Class { - TypeWebView() { hasQualifiedName("android.webkit", "WebView") } + TypeWebView() { this.hasQualifiedName("android.webkit", "WebView") } } class TypeWebViewClient extends Class { - TypeWebViewClient() { hasQualifiedName("android.webkit", "WebViewClient") } + TypeWebViewClient() { this.hasQualifiedName("android.webkit", "WebViewClient") } } class TypeWebSettings extends Class { - TypeWebSettings() { hasQualifiedName("android.webkit", "WebSettings") } + TypeWebSettings() { this.hasQualifiedName("android.webkit", "WebSettings") } } class WebViewGetSettingsMethod extends Method { diff --git a/java/ql/lib/semmle/code/java/frameworks/google/GoogleHttpClientApi.qll b/java/ql/lib/semmle/code/java/frameworks/google/GoogleHttpClientApi.qll index 6f3da74f017..d98967566e8 100644 --- a/java/ql/lib/semmle/code/java/frameworks/google/GoogleHttpClientApi.qll +++ b/java/ql/lib/semmle/code/java/frameworks/google/GoogleHttpClientApi.qll @@ -25,14 +25,14 @@ private class TypeLiteralToParseAsFlowConfiguration extends DataFlowForSerializa ) } - TypeLiteral getSourceWithFlowToParseAs() { hasFlow(DataFlow::exprNode(result), _) } + TypeLiteral getSourceWithFlowToParseAs() { this.hasFlow(DataFlow::exprNode(result), _) } } /** A field that is deserialized by `HttpResponse.parseAs`. */ class HttpResponseParseAsDeserializableField extends DeserializableField { HttpResponseParseAsDeserializableField() { exists(RefType decltype, TypeLiteralToParseAsFlowConfiguration conf | - decltype = getDeclaringType() and + decltype = this.getDeclaringType() and conf.getSourceWithFlowToParseAs().getReferencedType() = decltype and decltype.fromSource() ) diff --git a/java/ql/lib/semmle/code/java/frameworks/gwt/GWT.qll b/java/ql/lib/semmle/code/java/frameworks/gwt/GWT.qll index 93d79813e39..0da20780482 100644 --- a/java/ql/lib/semmle/code/java/frameworks/gwt/GWT.qll +++ b/java/ql/lib/semmle/code/java/frameworks/gwt/GWT.qll @@ -38,7 +38,7 @@ class GwtEntryPointClass extends Class { isGwtXmlIncluded() implies // The entry point is live if it is specified in a `*.gwt.xml` file. - exists(getAGwtXmlFile()) + exists(this.getAGwtXmlFile()) } } @@ -48,7 +48,7 @@ class GwtEntryPointClass extends Class { */ class GwtCompilationUnit extends CompilationUnit { GwtCompilationUnit() { - exists(GwtXmlFile f | getRelativePath().matches(f.getARelativeSourcePath() + "%")) + exists(GwtXmlFile f | this.getRelativePath().matches(f.getARelativeSourcePath() + "%")) } } diff --git a/java/ql/lib/semmle/code/java/frameworks/gwt/GwtUiBinder.qll b/java/ql/lib/semmle/code/java/frameworks/gwt/GwtUiBinder.qll index dc8aa0b1ba6..8532cc81bb3 100644 --- a/java/ql/lib/semmle/code/java/frameworks/gwt/GwtUiBinder.qll +++ b/java/ql/lib/semmle/code/java/frameworks/gwt/GwtUiBinder.qll @@ -12,57 +12,62 @@ import GwtUiBinderXml * An annotation in the package `com.google.gwt.uibinder.client`. */ class GwtUiBinderClientAnnotation extends Annotation { - GwtUiBinderClientAnnotation() { getType().getPackage().hasName("com.google.gwt.uibinder.client") } + GwtUiBinderClientAnnotation() { + this.getType().getPackage().hasName("com.google.gwt.uibinder.client") + } } /** * A `@com.google.gwt.uibinder.client.UiHandler` annotation. */ class GwtUiHandlerAnnotation extends GwtUiBinderClientAnnotation { - GwtUiHandlerAnnotation() { getType().hasName("UiHandler") } + GwtUiHandlerAnnotation() { this.getType().hasName("UiHandler") } } /** * A `@com.google.gwt.uibinder.client.UiField` annotation. */ class GwtUiFieldAnnotation extends GwtUiBinderClientAnnotation { - GwtUiFieldAnnotation() { getType().hasName("UiField") } + GwtUiFieldAnnotation() { this.getType().hasName("UiField") } } /** * A `@com.google.gwt.uibinder.client.UiTemplate` annotation. */ class GwtUiTemplateAnnotation extends GwtUiBinderClientAnnotation { - GwtUiTemplateAnnotation() { getType().hasName("UiTemplate") } + GwtUiTemplateAnnotation() { this.getType().hasName("UiTemplate") } } /** * A `@com.google.gwt.uibinder.client.UiFactory` annotation. */ class GwtUiFactoryAnnotation extends GwtUiBinderClientAnnotation { - GwtUiFactoryAnnotation() { getType().hasName("UiFactory") } + GwtUiFactoryAnnotation() { this.getType().hasName("UiFactory") } } /** * A `@com.google.gwt.uibinder.client.UiConstructor` annotation. */ class GwtUiConstructorAnnotation extends GwtUiBinderClientAnnotation { - GwtUiConstructorAnnotation() { getType().hasName("UiConstructor") } + GwtUiConstructorAnnotation() { this.getType().hasName("UiConstructor") } } /** * A field that is reflectively written to, and read from, by the GWT UiBinder framework. */ class GwtUiField extends Field { - GwtUiField() { getAnAnnotation() instanceof GwtUiFieldAnnotation } + GwtUiField() { this.getAnAnnotation() instanceof GwtUiFieldAnnotation } /** * If true, the field must be filled before `UiBinder.createAndBindUi` is called. * If false, `UiBinder.createAndBindUi` will fill the field. */ predicate isProvided() { - getAnAnnotation().(GwtUiFieldAnnotation).getValue("provided").(BooleanLiteral).getBooleanValue() = - true + this.getAnAnnotation() + .(GwtUiFieldAnnotation) + .getValue("provided") + .(BooleanLiteral) + .getBooleanValue() = true } } @@ -70,14 +75,14 @@ class GwtUiField extends Field { * A method called as a handler for events thrown by GWT widgets. */ class GwtUiHandler extends Method { - GwtUiHandler() { getAnAnnotation() instanceof GwtUiHandlerAnnotation } + GwtUiHandler() { this.getAnAnnotation() instanceof GwtUiHandlerAnnotation } /** * Gets the name of the field for which this handler is registered. */ string getFieldName() { result = - getAnAnnotation() + this.getAnAnnotation() .(GwtUiHandlerAnnotation) .getValue("value") .(CompileTimeConstantExpr) @@ -89,7 +94,7 @@ class GwtUiHandler extends Method { */ GwtUiField getField() { result = this.getDeclaringType().getAField() and - result.getName() = getFieldName() + result.getName() = this.getFieldName() } } @@ -98,12 +103,12 @@ class GwtUiHandler extends Method { * construct an instance of a class specified in a UiBinder XML file. */ class GwtUiFactory extends Method { - GwtUiFactory() { getAnAnnotation() instanceof GwtUiFactoryAnnotation } + GwtUiFactory() { this.getAnAnnotation() instanceof GwtUiFactoryAnnotation } } /** * A constructor that may be called by the UiBinder framework as a result of a `GWT.create()` call. */ class GwtUiConstructor extends Constructor { - GwtUiConstructor() { getAnAnnotation() instanceof GwtUiConstructorAnnotation } + GwtUiConstructor() { this.getAnAnnotation() instanceof GwtUiConstructorAnnotation } } diff --git a/java/ql/lib/semmle/code/java/frameworks/gwt/GwtUiBinderXml.qll b/java/ql/lib/semmle/code/java/frameworks/gwt/GwtUiBinderXml.qll index 26d598b77ef..f5227e0a722 100644 --- a/java/ql/lib/semmle/code/java/frameworks/gwt/GwtUiBinderXml.qll +++ b/java/ql/lib/semmle/code/java/frameworks/gwt/GwtUiBinderXml.qll @@ -36,8 +36,8 @@ class GwtComponentTemplateElement extends XMLElement { */ Class getClass() { exists(string namespace | - namespace = getNamespace().getURI() and - result.getQualifiedName() = namespace.substring(11, namespace.length()) + "." + getName() + namespace = this.getNamespace().getURI() and + result.getQualifiedName() = namespace.substring(11, namespace.length()) + "." + this.getName() ) } } diff --git a/java/ql/lib/semmle/code/java/frameworks/gwt/GwtXml.qll b/java/ql/lib/semmle/code/java/frameworks/gwt/GwtXml.qll index 482d5d70e93..3ac223be2d5 100644 --- a/java/ql/lib/semmle/code/java/frameworks/gwt/GwtXml.qll +++ b/java/ql/lib/semmle/code/java/frameworks/gwt/GwtXml.qll @@ -16,24 +16,24 @@ class GwtXmlFile extends XMLFile { /** Gets the name of an inherited GWT module, for example `com.google.gwt.user.User`. */ string getAnInheritedModuleName() { - result = getModuleElement().getAnInheritsElement().getAnInheritedName() + result = this.getModuleElement().getAnInheritsElement().getAnInheritedName() } /** Gets a GWT module XML file (from source) inherited from this module. */ GwtXmlFile getAnInheritedXmlFile() { exists(GwtXmlFile f, string name | - name = getAnInheritedModuleName() and + name = this.getAnInheritedModuleName() and f.getAbsolutePath().matches("%/" + name.replaceAll(".", "/") + ".gwt.xml") and result = f ) } /** Gets the relative path of the folder containing this GWT module XML file. */ - string getRelativeRootFolderPath() { result = getParentContainer().getRelativePath() } + string getRelativeRootFolderPath() { result = this.getParentContainer().getRelativePath() } /** Gets a GWT-translatable source sub-folder explicitly defined in a `` element. */ string getAnExplicitSourceSubPath() { - result = getModuleElement().getASourceElement().getASourcePath() + result = this.getModuleElement().getASourceElement().getASourcePath() } /** @@ -41,9 +41,9 @@ class GwtXmlFile extends XMLFile { * Either the default `client` folder or as specified by `` tags. */ string getASourceSubPath() { - result = "client" and not exists(getAnExplicitSourceSubPath()) + result = "client" and not exists(this.getAnExplicitSourceSubPath()) or - result = getAnExplicitSourceSubPath() + result = this.getAnExplicitSourceSubPath() } /** @@ -52,7 +52,7 @@ class GwtXmlFile extends XMLFile { * (Includes the full relative root folder path of the GWT module.) */ string getARelativeSourcePath() { - result = getRelativeRootFolderPath() + "/" + getASourceSubPath() + result = this.getRelativeRootFolderPath() + "/" + this.getASourceSubPath() } } @@ -81,7 +81,7 @@ class GwtInheritsElement extends XMLElement { } /** Gets the name of an inherited GWT module, for example `com.google.gwt.user.User`. */ - string getAnInheritedName() { result = getAttribute("name").getValue() } + string getAnInheritedName() { result = this.getAttribute("name").getValue() } } /** An `` element within a GWT module XML file. */ @@ -92,7 +92,7 @@ class GwtEntryPointElement extends XMLElement { } /** Gets the name of a class that serves as a GWT entry-point. */ - string getClassName() { result = getAttribute("class").getValue().trim() } + string getClassName() { result = this.getAttribute("class").getValue().trim() } } /** A `` element within a GWT module XML file. */ @@ -104,11 +104,11 @@ class GwtSourceElement extends XMLElement { /** Gets a path specified to be GWT translatable source code. */ string getASourcePath() { - result = getAttribute("path").getValue() and + result = this.getAttribute("path").getValue() and // Conservative approximation, ignoring Ant-style `FileSet` semantics. - not exists(getAChild()) and - not exists(getAttribute("includes")) and - not exists(getAttribute("excludes")) + not exists(this.getAChild()) and + not exists(this.getAttribute("includes")) and + not exists(this.getAttribute("excludes")) } } @@ -120,5 +120,5 @@ class GwtServletElement extends XMLElement { } /** Gets the name of a class that is used as a servlet. */ - string getClassName() { result = getAttribute("class").getValue().trim() } + string getClassName() { result = this.getAttribute("class").getValue().trim() } } diff --git a/java/ql/lib/semmle/code/java/frameworks/j2objc/J2ObjC.qll b/java/ql/lib/semmle/code/java/frameworks/j2objc/J2ObjC.qll index c3a28fecd42..113c8b76024 100644 --- a/java/ql/lib/semmle/code/java/frameworks/j2objc/J2ObjC.qll +++ b/java/ql/lib/semmle/code/java/frameworks/j2objc/J2ObjC.qll @@ -10,9 +10,9 @@ import java class OCNIComment extends Javadoc { OCNIComment() { // The comment must start with `-[` ... - getChild(0).getText().matches("-[%") and + this.getChild(0).getText().matches("-[%") and // ... and it must end with `]-`. - getChild(getNumChild() - 1).getText().matches("%]-") + this.getChild(this.getNumChild() - 1).getText().matches("%]-") } } @@ -42,9 +42,9 @@ class OCNIMethodComment extends OCNIComment { */ class OCNIImport extends OCNIComment { OCNIImport() { - getAChild().getText().regexpMatch(".*#(import|include).*") and + this.getAChild().getText().regexpMatch(".*#(import|include).*") and not exists(RefType rt | rt.getFile() = this.getFile() | - rt.getLocation().getStartLine() < getLocation().getStartLine() + rt.getLocation().getStartLine() < this.getLocation().getStartLine() ) } } diff --git a/java/ql/lib/semmle/code/java/frameworks/jackson/JacksonSerializability.qll b/java/ql/lib/semmle/code/java/frameworks/jackson/JacksonSerializability.qll index 6dda49dbadd..f5d2bfb78f9 100644 --- a/java/ql/lib/semmle/code/java/frameworks/jackson/JacksonSerializability.qll +++ b/java/ql/lib/semmle/code/java/frameworks/jackson/JacksonSerializability.qll @@ -32,21 +32,21 @@ abstract class JacksonSerializableType extends Type { } private class JacksonWriteValueMethod extends Method, TaintPreservingCallable { JacksonWriteValueMethod() { ( - getDeclaringType().hasQualifiedName("com.fasterxml.jackson.databind", "ObjectWriter") or - getDeclaringType().hasQualifiedName("com.fasterxml.jackson.databind", "ObjectMapper") + this.getDeclaringType().hasQualifiedName("com.fasterxml.jackson.databind", "ObjectWriter") or + this.getDeclaringType().hasQualifiedName("com.fasterxml.jackson.databind", "ObjectMapper") ) and - getName().matches("writeValue%") and - getParameter(getNumberOfParameters() - 1).getType() instanceof TypeObject + this.getName().matches("writeValue%") and + this.getParameter(this.getNumberOfParameters() - 1).getType() instanceof TypeObject } override predicate returnsTaintFrom(int arg) { - getNumberOfParameters() = 1 and + this.getNumberOfParameters() = 1 and arg = 0 } override predicate transfersTaint(int src, int sink) { - getNumberOfParameters() > 1 and - src = getNumberOfParameters() - 1 and + this.getNumberOfParameters() > 1 and + src = this.getNumberOfParameters() - 1 and sink = 0 } } @@ -58,10 +58,10 @@ private class JacksonWriteValueMethod extends Method, TaintPreservingCallable { private class JacksonReadValueMethod extends Method, TaintPreservingCallable { JacksonReadValueMethod() { ( - getDeclaringType().hasQualifiedName("com.fasterxml.jackson.databind", "ObjectReader") or - getDeclaringType().hasQualifiedName("com.fasterxml.jackson.databind", "ObjectMapper") + this.getDeclaringType().hasQualifiedName("com.fasterxml.jackson.databind", "ObjectReader") or + this.getDeclaringType().hasQualifiedName("com.fasterxml.jackson.databind", "ObjectMapper") ) and - hasName(["readValue", "readValues"]) + this.hasName(["readValue", "readValues"]) } override predicate returnsTaintFrom(int arg) { arg = 0 } @@ -109,7 +109,7 @@ private class TypeLiteralToJacksonDatabindFlowConfiguration extends DataFlowForS ) } - TypeLiteral getSourceWithFlowToJacksonDatabind() { hasFlow(DataFlow::exprNode(result), _) } + TypeLiteral getSourceWithFlowToJacksonDatabind() { this.hasFlow(DataFlow::exprNode(result), _) } } /** A type whose values are explicitly deserialized in a call to a Jackson method. */ @@ -139,7 +139,7 @@ private class FieldReferencedJacksonDeserializableType extends JacksonDeserializ class JacksonSerializableField extends SerializableField { JacksonSerializableField() { exists(JacksonSerializableType superType | - superType = getDeclaringType().getASupertype*() and + superType = this.getDeclaringType().getASupertype*() and not superType instanceof TypeObject and superType.fromSource() ) and @@ -151,7 +151,7 @@ class JacksonSerializableField extends SerializableField { class JacksonDeserializableField extends DeserializableField { JacksonDeserializableField() { exists(JacksonDeserializableType superType | - superType = getDeclaringType().getASupertype*() and + superType = this.getDeclaringType().getASupertype*() and not superType instanceof TypeObject and superType.fromSource() ) and @@ -161,7 +161,7 @@ class JacksonDeserializableField extends DeserializableField { /** A call to a field that may be deserialized using the Jackson JSON framework. */ private class JacksonDeserializableFieldAccess extends FieldAccess { - JacksonDeserializableFieldAccess() { getField() instanceof JacksonDeserializableField } + JacksonDeserializableFieldAccess() { this.getField() instanceof JacksonDeserializableField } } /** @@ -194,19 +194,19 @@ class JacksonAddMixinCall extends MethodAccess { /** * Gets a possible type for the target of the mixing, if any can be deduced. */ - RefType getATarget() { result = inferClassParameterType(getArgument(0)) } + RefType getATarget() { result = inferClassParameterType(this.getArgument(0)) } /** * Gets a possible type that will be mixed in, if any can be deduced. */ - RefType getAMixedInType() { result = inferClassParameterType(getArgument(1)) } + RefType getAMixedInType() { result = inferClassParameterType(this.getArgument(1)) } } /** * A Jackson annotation. */ class JacksonAnnotation extends Annotation { - JacksonAnnotation() { getType().getPackage().hasName("com.fasterxml.jackson.annotation") } + JacksonAnnotation() { this.getType().getPackage().hasName("com.fasterxml.jackson.annotation") } } /** @@ -228,7 +228,7 @@ class JacksonMixinType extends ClassOrInterface { * Gets a callable from this type that is mixed in by Jackson. */ Callable getAMixedInCallable() { - result = getACallable() and + result = this.getACallable() and ( result.(Constructor).isDefaultConstructor() or result.getAnAnnotation() instanceof JacksonAnnotation or @@ -240,7 +240,7 @@ class JacksonMixinType extends ClassOrInterface { * Gets a field that is mixed in by Jackson. */ Field getAMixedInField() { - result = getAField() and + result = this.getAField() and result.getAnAnnotation() instanceof JacksonAnnotation } } @@ -264,17 +264,17 @@ class JacksonMixedInCallable extends Callable { * Gets a callable on a possible target that this is mixed into. */ Callable getATargetCallable() { - exists(RefType targetType | targetType = getATargetType() | - result = getATargetType().getACallable() and + exists(RefType targetType | targetType = this.getATargetType() | + result = this.getATargetType().getACallable() and if this instanceof Constructor then // The mixed in type will have a different name to the target type, so just compare the // parameters. result.getSignature().suffix(targetType.getName().length()) = - getSignature().suffix(getDeclaringType().getName().length()) + this.getSignature().suffix(this.getDeclaringType().getName().length()) else // Signatures should match - result.getSignature() = getSignature() + result.getSignature() = this.getSignature() ) } } diff --git a/java/ql/lib/semmle/code/java/frameworks/javaee/Persistence.qll b/java/ql/lib/semmle/code/java/frameworks/javaee/Persistence.qll index e980cb2187a..82569754394 100644 --- a/java/ql/lib/semmle/code/java/frameworks/javaee/Persistence.qll +++ b/java/ql/lib/semmle/code/java/frameworks/javaee/Persistence.qll @@ -10,8 +10,8 @@ import java */ class PersistentEntity extends RefType { PersistentEntity() { - getAnAnnotation() instanceof EntityAnnotation or - getAnAnnotation() instanceof EmbeddableAnnotation + this.getAnAnnotation() instanceof EntityAnnotation or + this.getAnAnnotation() instanceof EmbeddableAnnotation } /** @@ -22,12 +22,12 @@ class PersistentEntity extends RefType { * instead. */ string getAccessType() { - if exists(getAccessTypeFromAnnotation()) - then result = getAccessTypeFromAnnotation() + if exists(this.getAccessTypeFromAnnotation()) + then result = this.getAccessTypeFromAnnotation() else // If the access type is not explicit, then the location of the `Id` annotation determines // which access type is used. - if getAMethod().hasAnnotation("javax.persistence", "Id") + if this.getAMethod().hasAnnotation("javax.persistence", "Id") then result = "property" else result = "field" } @@ -36,7 +36,7 @@ class PersistentEntity extends RefType { * Gets the access type for this entity as defined by a `@javax.persistence.Access` annotation, if any. */ string getAccessTypeFromAnnotation() { - exists(AccessAnnotation accessType | accessType = getAnAnnotation() | + exists(AccessAnnotation accessType | accessType = this.getAnAnnotation() | result = accessType.getValue("value").(FieldRead).getField().(EnumConstant).getName().toLowerCase() ) diff --git a/java/ql/lib/semmle/code/java/frameworks/javaee/PersistenceXML.qll b/java/ql/lib/semmle/code/java/frameworks/javaee/PersistenceXML.qll index 8051b470bd3..82fc32baca2 100644 --- a/java/ql/lib/semmle/code/java/frameworks/javaee/PersistenceXML.qll +++ b/java/ql/lib/semmle/code/java/frameworks/javaee/PersistenceXML.qll @@ -100,7 +100,7 @@ class PersistencePropertyElement extends XMLElement { * disables the EclipseLink shared cache. */ predicate disablesEclipseLinkSharedCache() { - getAttribute("name").getValue() = "eclipselink.cache.shared.default" and - getAttribute("value").getValue() = "false" + this.getAttribute("name").getValue() = "eclipselink.cache.shared.default" and + this.getAttribute("value").getValue() = "false" } } diff --git a/java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJB.qll b/java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJB.qll index 9f180dcd587..8509afc5622 100644 --- a/java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJB.qll +++ b/java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJB.qll @@ -8,7 +8,7 @@ import EJBJarXML */ abstract class EJB extends Class { /** Gets a `Callable` that is directly or indirectly called from within the EJB. */ - Callable getAUsedCallable() { getACallable().polyCalls*(result) } + Callable getAUsedCallable() { this.getACallable().polyCalls*(result) } } /** @@ -33,16 +33,16 @@ class SessionEJB extends EJB { // Either the EJB does not declare any business interfaces explicitly // and implements a single interface candidate, // which is then considered to be the business interface... - count(getAnExplicitBusinessInterface()) = 0 and - count(getAnImplementedBusinessInterfaceCandidate()) = 1 and - result = getAnImplementedBusinessInterfaceCandidate() + count(this.getAnExplicitBusinessInterface()) = 0 and + count(this.getAnImplementedBusinessInterfaceCandidate()) = 1 and + result = this.getAnImplementedBusinessInterfaceCandidate() or // ...or each business interface needs to be declared explicitly. ( - count(getAnImplementedBusinessInterfaceCandidate()) != 1 or - count(getAnExplicitBusinessInterface()) != 0 + count(this.getAnImplementedBusinessInterfaceCandidate()) != 1 or + count(this.getAnExplicitBusinessInterface()) != 0 ) and - result = getAnExplicitBusinessInterface() + result = this.getAnExplicitBusinessInterface() } /** @@ -198,7 +198,7 @@ abstract class EjbInterfaceAnnotation extends Annotation { // Returns the type `Foo` of any type literal `Foo.class` occurring // within the "value" element of this annotation. // Uses `getAChildExpr*()` since the "value" element can have type `Class` or `Class[]`. - exists(TypeLiteral tl | tl = getValue("value").getAChildExpr*() | + exists(TypeLiteral tl | tl = this.getValue("value").getAChildExpr*() | result = tl.getReferencedType() ) } @@ -447,7 +447,7 @@ class AnnotatedRemoteHomeInterface extends LegacyEjbRemoteHomeInterface { SessionEJB getAnEJB() { result.getAnAnnotation().(RemoteHomeAnnotation).getANamedType() = this } /** Gets a remote interface associated with this legacy remote home interface. */ - Interface getAnAssociatedRemoteInterface() { result = getACreateMethod().getReturnType() } + Interface getAnAssociatedRemoteInterface() { result = this.getACreateMethod().getReturnType() } } /** A legacy remote home interface specified within an XML deployment descriptor. */ @@ -511,7 +511,7 @@ class AnnotatedLocalHomeInterface extends LegacyEjbLocalHomeInterface { SessionEJB getAnEJB() { result.getAnAnnotation().(LocalHomeAnnotation).getANamedType() = this } /** Gets a local interface associated with this legacy local home interface. */ - Interface getAnAssociatedLocalInterface() { result = getACreateMethod().getReturnType() } + Interface getAnAssociatedLocalInterface() { result = this.getACreateMethod().getReturnType() } } /** A legacy local home interface specified within an XML deployment descriptor. */ @@ -562,8 +562,8 @@ class RemoteInterface extends Interface { /** Gets a remote method implementation for this remote interface. */ Method getARemoteMethodImplementation() { - result = getARemoteMethodImplementationChecked() or - result = getARemoteMethodImplementationUnchecked() + result = this.getARemoteMethodImplementationChecked() or + result = this.getARemoteMethodImplementationUnchecked() } /** @@ -572,7 +572,7 @@ class RemoteInterface extends Interface { * abstract methods or overriding within an interface hierarchy. */ Method getARemoteMethodImplementationChecked() { - result.overrides(getARemoteMethod()) and + result.overrides(this.getARemoteMethod()) and exists(result.getBody()) } @@ -586,9 +586,9 @@ class RemoteInterface extends Interface { */ Method getARemoteMethodImplementationUnchecked() { exists(SessionEJB ejb, Method rm | - ejb = getAnEJB() and + ejb = this.getAnEJB() and not ejb.getASupertype*() = this and - rm = getARemoteMethod() and + rm = this.getARemoteMethod() and result = getAnInheritedMatchingMethodIgnoreThrows(ejb, rm.getSignature()) and not exists(inheritsMatchingMethodExceptThrows(ejb, rm)) ) and diff --git a/java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJBJarXML.qll b/java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJBJarXML.qll index 02e73c2be5c..db89836ff9d 100644 --- a/java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJBJarXML.qll +++ b/java/ql/lib/semmle/code/java/frameworks/javaee/ejb/EJBJarXML.qll @@ -114,8 +114,8 @@ class EjbJarSessionElement extends EjbJarBeanTypeElement { * This is either a `business-local` or `business-remote` element. */ XMLElement getABusinessElement() { - result = getABusinessLocalElement() or - result = getABusinessRemoteElement() + result = this.getABusinessLocalElement() or + result = this.getABusinessRemoteElement() } /** Gets a `remote` child XML element of this `session` XML element. */ @@ -153,7 +153,7 @@ class EjbJarSessionElement extends EjbJarBeanTypeElement { * XML element nested within this `session` XML element. */ XMLElement getACreateMethodNameElement() { - result = getAnInitMethodElement().getACreateMethodElement().getAMethodNameElement() + result = this.getAnInitMethodElement().getACreateMethodElement().getAMethodNameElement() } /** @@ -161,7 +161,7 @@ class EjbJarSessionElement extends EjbJarBeanTypeElement { * XML element nested within this `session` XML element. */ XMLElement getABeanMethodNameElement() { - result = getAnInitMethodElement().getABeanMethodElement().getAMethodNameElement() + result = this.getAnInitMethodElement().getABeanMethodElement().getAMethodNameElement() } } diff --git a/java/ql/lib/semmle/code/java/frameworks/javaee/jsf/JSFFacesContextXML.qll b/java/ql/lib/semmle/code/java/frameworks/javaee/jsf/JSFFacesContextXML.qll index 8d26c1efc62..2d6721298a9 100644 --- a/java/ql/lib/semmle/code/java/frameworks/javaee/jsf/JSFFacesContextXML.qll +++ b/java/ql/lib/semmle/code/java/frameworks/javaee/jsf/JSFFacesContextXML.qll @@ -25,14 +25,14 @@ class FacesConfigXMLElement extends XMLElement { /** * Gets the value for this element, with leading and trailing whitespace trimmed. */ - string getValue() { result = allCharactersString().trim() } + string getValue() { result = this.allCharactersString().trim() } } /** * An element in a JSF config file that declares a managed bean. */ class FacesConfigManagedBean extends FacesConfigXMLElement { - FacesConfigManagedBean() { getName() = "managed-bean" } + FacesConfigManagedBean() { this.getName() = "managed-bean" } } /** @@ -40,21 +40,21 @@ class FacesConfigManagedBean extends FacesConfigXMLElement { */ class FacesConfigManagedBeanClass extends FacesConfigXMLElement { FacesConfigManagedBeanClass() { - getName() = "managed-bean-class" and - getParent() instanceof FacesConfigManagedBean + this.getName() = "managed-bean-class" and + this.getParent() instanceof FacesConfigManagedBean } /** * Gets the `Class` of the managed bean. */ - Class getManagedBeanClass() { result.getQualifiedName() = getValue() } + Class getManagedBeanClass() { result.getQualifiedName() = this.getValue() } } /** * An element in a JSF config file that declares a custom component. */ class FacesConfigComponent extends FacesConfigXMLElement { - FacesConfigComponent() { getName() = "component" } + FacesConfigComponent() { this.getName() = "component" } } /** @@ -62,12 +62,12 @@ class FacesConfigComponent extends FacesConfigXMLElement { */ class FacesConfigComponentClass extends FacesConfigXMLElement { FacesConfigComponentClass() { - getName() = "component-class" and - getParent() instanceof FacesConfigComponent + this.getName() = "component-class" and + this.getParent() instanceof FacesConfigComponent } /** * Gets the `Class` of the faces component. */ - Class getFacesComponentClass() { result.getQualifiedName() = getValue() } + Class getFacesComponentClass() { result.getQualifiedName() = this.getValue() } } diff --git a/java/ql/lib/semmle/code/java/frameworks/javaee/jsf/JSFRenderer.qll b/java/ql/lib/semmle/code/java/frameworks/javaee/jsf/JSFRenderer.qll index 5703cde79ed..1b825d29c2f 100644 --- a/java/ql/lib/semmle/code/java/frameworks/javaee/jsf/JSFRenderer.qll +++ b/java/ql/lib/semmle/code/java/frameworks/javaee/jsf/JSFRenderer.qll @@ -33,9 +33,9 @@ private class ExternalContextSource extends SourceModelCsv { */ class FacesGetResponseWriterMethod extends Method { FacesGetResponseWriterMethod() { - getDeclaringType() instanceof FacesContext and - hasName("getResponseWriter") and - getNumberOfParameters() = 0 + this.getDeclaringType() instanceof FacesContext and + this.hasName("getResponseWriter") and + this.getNumberOfParameters() = 0 } } @@ -44,9 +44,9 @@ class FacesGetResponseWriterMethod extends Method { */ class FacesGetResponseStreamMethod extends Method { FacesGetResponseStreamMethod() { - getDeclaringType() instanceof FacesContext and - hasName("getResponseStream") and - getNumberOfParameters() = 0 + this.getDeclaringType() instanceof FacesContext and + this.hasName("getResponseStream") and + this.getNumberOfParameters() = 0 } } diff --git a/java/ql/lib/semmle/code/java/frameworks/javase/Http.qll b/java/ql/lib/semmle/code/java/frameworks/javase/Http.qll index 29a6c5f6646..5f03c0b190f 100644 --- a/java/ql/lib/semmle/code/java/frameworks/javase/Http.qll +++ b/java/ql/lib/semmle/code/java/frameworks/javase/Http.qll @@ -6,12 +6,12 @@ import java /** The interface representing `HttpRequest.Builder`. */ class TypeHttpRequestBuilder extends Interface { - TypeHttpRequestBuilder() { hasQualifiedName("java.net.http", "HttpRequest$Builder") } + TypeHttpRequestBuilder() { this.hasQualifiedName("java.net.http", "HttpRequest$Builder") } } /** The interface representing `java.net.http.HttpRequest`. */ class TypeHttpRequest extends Interface { - TypeHttpRequest() { hasQualifiedName("java.net.http", "HttpRequest") } + TypeHttpRequest() { this.hasQualifiedName("java.net.http", "HttpRequest") } } /** The `uri` method on `java.net.http.HttpRequest.Builder`. */ diff --git a/java/ql/lib/semmle/code/java/frameworks/play/Play.qll b/java/ql/lib/semmle/code/java/frameworks/play/Play.qll index efe2e128fee..695f64f53d1 100644 --- a/java/ql/lib/semmle/code/java/frameworks/play/Play.qll +++ b/java/ql/lib/semmle/code/java/frameworks/play/Play.qll @@ -45,7 +45,7 @@ class PlayAddCsrfTokenAnnotation extends Annotation { * The type `play.libs.F.Promise`. */ class PlayAsyncResultPromise extends MemberType { - PlayAsyncResultPromise() { hasQualifiedName("play.libs", "F$Promise") } + PlayAsyncResultPromise() { this.hasQualifiedName("play.libs", "F$Promise") } } /** diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringAutowire.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringAutowire.qll index e695b26ba0c..f387b40a547 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringAutowire.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringAutowire.qll @@ -24,7 +24,7 @@ predicate hasInjectAnnotation(Annotatable a) { class SpringComponentConstructor extends Constructor { SpringComponentConstructor() { // Must be a live Spring component. - getDeclaringType().(SpringComponent).isLive() and + this.getDeclaringType().(SpringComponent).isLive() and ( this.getNumberOfParameters() = 0 or hasInjectAnnotation(this) @@ -93,8 +93,8 @@ class SpringBeanXMLAutowiredSetterMethod extends Method { ) ) and // The resulting bean is of the right type. - result.getClass().getAnAncestor() = getParameter(0).getType() and - getNumberOfParameters() = 1 and + result.getClass().getAnAncestor() = this.getParameter(0).getType() and + this.getNumberOfParameters() = 1 and this.getName().matches("set%") ) } @@ -110,7 +110,7 @@ class SpringBeanAutowiredCallable extends Callable { // Marked as `@Autowired`. hasInjectAnnotation(this) and // No autowiring occurs if there are no parameters - getNumberOfParameters() > 0 + this.getNumberOfParameters() > 0 } /** @@ -118,7 +118,7 @@ class SpringBeanAutowiredCallable extends Callable { * defined in. */ SpringBean getEnclosingSpringBean() { - result = getDeclaringType().(SpringBeanRefType).getSpringBean() + result = this.getDeclaringType().(SpringBeanRefType).getSpringBean() } /** @@ -129,22 +129,24 @@ class SpringBeanAutowiredCallable extends Callable { /** * Gets the qualifier annotation for parameter at `pos`, if any. */ - SpringQualifierAnnotation getQualifier(int pos) { result = getParameter(pos).getAnAnnotation() } + SpringQualifierAnnotation getQualifier(int pos) { + result = this.getParameter(pos).getAnAnnotation() + } /** * Gets the qualifier annotation for this method, if any. */ - SpringQualifierAnnotation getQualifier() { result = getAnAnnotation() } + SpringQualifierAnnotation getQualifier() { result = this.getAnAnnotation() } /** * Gets the resource annotation for this method, if any. */ - SpringResourceAnnotation getResource() { result = getAnAnnotation() } + SpringResourceAnnotation getResource() { result = this.getAnAnnotation() } /** * Gets a bean that will be injected into this callable. */ - SpringBean getAnInjectedBean() { result = getInjectedBean(_) } + SpringBean getAnInjectedBean() { result = this.getInjectedBean(_) } /** * Gets the `SpringBean`, if any, that will be injected for the parameter at position `pos`, @@ -152,24 +154,24 @@ class SpringBeanAutowiredCallable extends Callable { */ SpringBean getInjectedBean(int pos) { // Must be a sub-type of the parameter type - result.getClass().getAnAncestor() = getParameterType(pos) and + result.getClass().getAnAncestor() = this.getParameterType(pos) and // Now look up bean - if exists(getQualifier(pos)) + if exists(this.getQualifier(pos)) then // Resolved by `@Qualifier("qualifier")` specified on the parameter - result = getQualifier(pos).getSpringBean() + result = this.getQualifier(pos).getSpringBean() else - if exists(getQualifier()) and getNumberOfParameters() = 1 + if exists(this.getQualifier()) and this.getNumberOfParameters() = 1 then // Resolved by `@Qualifier("qualifier")` on the method pos = 0 and - result = getQualifier().getSpringBean() + result = this.getQualifier().getSpringBean() else - if exists(getResource().getNameValue()) and getNumberOfParameters() = 1 + if exists(this.getResource().getNameValue()) and this.getNumberOfParameters() = 1 then // Resolved by looking at the name part of `@Resource(name="qualifier")` pos = 0 and - result = getResource().getSpringBean() + result = this.getResource().getSpringBean() else // Otherwise no restrictions, just by type any() @@ -181,24 +183,24 @@ class SpringBeanAutowiredCallable extends Callable { */ SpringComponent getInjectedComponent(int pos) { // Must be a sub-type of the parameter type - result.getAnAncestor() = getParameterType(pos) and + result.getAnAncestor() = this.getParameterType(pos) and // Now look up bean - if exists(getQualifier(pos)) + if exists(this.getQualifier(pos)) then // Resolved by `@Qualifier("qualifier")` specified on the parameter - result = getQualifier(pos).getSpringComponent() + result = this.getQualifier(pos).getSpringComponent() else - if exists(getQualifier()) and getNumberOfParameters() = 1 + if exists(this.getQualifier()) and this.getNumberOfParameters() = 1 then // Resolved by `@Qualifier("qualifier")` on the method pos = 0 and - result = getQualifier().getSpringComponent() + result = this.getQualifier().getSpringComponent() else - if exists(getResource().getNameValue()) and getNumberOfParameters() = 1 + if exists(this.getResource().getNameValue()) and this.getNumberOfParameters() = 1 then // Resolved by looking at the name part of `@Resource(name="qualifier")` pos = 0 and - result = getResource().getSpringComponent() + result = this.getResource().getSpringComponent() else // Otherwise no restrictions, just by type any() @@ -219,7 +221,7 @@ class SpringBeanAutowiredField extends Field { * defined in. */ SpringBean getEnclosingSpringBean() { - result = getDeclaringType().(SpringBeanRefType).getSpringBean() + result = this.getDeclaringType().(SpringBeanRefType).getSpringBean() } /** @@ -230,12 +232,12 @@ class SpringBeanAutowiredField extends Field { /** * Gets the qualifier annotation for this method, if any. */ - SpringQualifierAnnotation getQualifier() { result = getAnAnnotation() } + SpringQualifierAnnotation getQualifier() { result = this.getAnAnnotation() } /** * Gets the resource annotation for this method, if any. */ - SpringResourceAnnotation getResource() { result = getAnAnnotation() } + SpringResourceAnnotation getResource() { result = this.getAnAnnotation() } /** * Gets the `SpringBean`, if any, that will be injected for this field, considering any `@Qualifier` @@ -243,17 +245,17 @@ class SpringBeanAutowiredField extends Field { */ SpringBean getInjectedBean() { // Must be a sub-type of the parameter type - result.getClass().getAnAncestor() = getType() and + result.getClass().getAnAncestor() = this.getType() and // Now look up bean - if exists(getQualifier()) + if exists(this.getQualifier()) then // Resolved by `@Qualifier("qualifier")` specified on the field - result = getQualifier().getSpringBean() + result = this.getQualifier().getSpringBean() else - if exists(getResource().getNameValue()) + if exists(this.getResource().getNameValue()) then // Resolved by looking at the name part of `@Resource(name="qualifier")` - result = getResource().getSpringBean() + result = this.getResource().getSpringBean() else // Otherwise no restrictions, just by type any() @@ -265,17 +267,17 @@ class SpringBeanAutowiredField extends Field { */ SpringComponent getInjectedComponent() { // Must be a sub-type of the parameter type - result.getAnAncestor() = getType() and + result.getAnAncestor() = this.getType() and // Now look up bean - if exists(getQualifier()) + if exists(this.getQualifier()) then // Resolved by `@Qualifier("qualifier")` specified on the field - result = getQualifier().getSpringComponent() + result = this.getQualifier().getSpringComponent() else - if exists(getResource().getNameValue()) + if exists(this.getResource().getNameValue()) then // Resolved by looking at the name part of `@Resource(name="qualifier")` - result = getResource().getSpringComponent() + result = this.getResource().getSpringComponent() else // Otherwise no restrictions, just by type any() @@ -287,9 +289,9 @@ class SpringBeanAutowiredField extends Field { */ class SpringQualifierAnnotationType extends AnnotationType { SpringQualifierAnnotationType() { - hasQualifiedName("org.springframework.beans.factory.annotation", "Qualifier") or - hasQualifiedName("javax.inject", "Qualifier") or - getAnAnnotation().getType() instanceof SpringQualifierAnnotationType + this.hasQualifiedName("org.springframework.beans.factory.annotation", "Qualifier") or + this.hasQualifiedName("javax.inject", "Qualifier") or + this.getAnAnnotation().getType() instanceof SpringQualifierAnnotationType } } @@ -299,15 +301,15 @@ class SpringQualifierAnnotationType extends AnnotationType { */ class SpringQualifierDefinitionAnnotation extends Annotation { SpringQualifierDefinitionAnnotation() { - getType() instanceof SpringQualifierAnnotationType and - getAnnotatedElement() instanceof SpringComponent + this.getType() instanceof SpringQualifierAnnotationType and + this.getAnnotatedElement() instanceof SpringComponent } /** * Gets the value of the qualifier field for this qualifier. */ string getQualifierValue() { - result = getValue("value").(CompileTimeConstantExpr).getStringValue() + result = this.getValue("value").(CompileTimeConstantExpr).getStringValue() } } @@ -315,24 +317,24 @@ class SpringQualifierDefinitionAnnotation extends Annotation { * A qualifier annotation on a method or field that is used to disambiguate which bean will be used. */ class SpringQualifierAnnotation extends Annotation { - SpringQualifierAnnotation() { getType() instanceof SpringQualifierAnnotationType } + SpringQualifierAnnotation() { this.getType() instanceof SpringQualifierAnnotationType } /** * Gets the value of the qualifier field for this qualifier. */ string getQualifierValue() { - result = getValue("value").(CompileTimeConstantExpr).getStringValue() + result = this.getValue("value").(CompileTimeConstantExpr).getStringValue() } /** * Gets the bean definition in an XML file that this qualifier resolves to, if any. */ - SpringBean getSpringBean() { result.getQualifierValue() = getQualifierValue() } + SpringBean getSpringBean() { result.getQualifierValue() = this.getQualifierValue() } /** * Gets the Spring component that this qualifier resolves to, if any. */ - SpringComponent getSpringComponent() { result.getQualifierValue() = getQualifierValue() } + SpringComponent getSpringComponent() { result.getQualifierValue() = this.getQualifierValue() } } /** @@ -340,20 +342,22 @@ class SpringQualifierAnnotation extends Annotation { * autowired by Spring, and can optionally specify a qualifier in the "name". */ class SpringResourceAnnotation extends Annotation { - SpringResourceAnnotation() { getType().hasQualifiedName("javax.inject", "Resource") } + SpringResourceAnnotation() { this.getType().hasQualifiedName("javax.inject", "Resource") } /** * Gets the specified name value, if any. */ - string getNameValue() { result = getValue("name").(CompileTimeConstantExpr).getStringValue() } + string getNameValue() { + result = this.getValue("name").(CompileTimeConstantExpr).getStringValue() + } /** * Gets the bean definition in an XML file that the resource resolves to, if any. */ - SpringBean getSpringBean() { result.getQualifierValue() = getNameValue() } + SpringBean getSpringBean() { result.getQualifierValue() = this.getNameValue() } /** * Gets the Spring component that this qualifier resolves to, if any. */ - SpringComponent getSpringComponent() { result.getQualifierValue() = getNameValue() } + SpringComponent getSpringComponent() { result.getQualifierValue() = this.getNameValue() } } diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringBean.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringBean.qll index e4b97375efd..df3799153e4 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringBean.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringBean.qll @@ -16,7 +16,7 @@ class SpringBean extends SpringXMLElement { SpringBean() { this.getName() = "bean" and // Do not capture Camel beans, which are different - not getNamespace().getURI() = "http://camel.apache.org/schema/spring" + not this.getNamespace().getURI() = "http://camel.apache.org/schema/spring" } override string toString() { result = this.getBeanIdentifier() } @@ -383,7 +383,7 @@ class SpringBean extends SpringXMLElement { // If a factory bean is specified, use that, otherwise use the current bean. ( if exists(this.getFactoryBeanName()) - then result.getDeclaringType() = getFactoryBean().getClass() + then result.getDeclaringType() = this.getFactoryBean().getClass() else ( result.getDeclaringType() = this.getClass() and // Must be static because we don't yet have an instance. @@ -400,9 +400,9 @@ class SpringBean extends SpringXMLElement { * the bean identifier if no qualifier is specified. */ string getQualifierValue() { - if exists(getQualifier()) - then result = getQualifier().getQualifierValue() - else result = getBeanIdentifier() + if exists(this.getQualifier()) + then result = this.getQualifier().getQualifierValue() + else result = this.getBeanIdentifier() } /** diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringBeanFile.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringBeanFile.qll index e9549676e1f..2417002a412 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringBeanFile.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringBeanFile.qll @@ -35,7 +35,12 @@ class SpringBeanFile extends XMLFile { */ string getAProfileExpr() { result = - getBeansElement().getAttribute("profile").getValue().splitAt(",").splitAt(" ").splitAt(";") and + this.getBeansElement() + .getAttribute("profile") + .getValue() + .splitAt(",") + .splitAt(" ") + .splitAt(";") and result.length() != 0 } diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringComponentScan.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringComponentScan.qll index 568987114f2..6ee3e68d7f2 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringComponentScan.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringComponentScan.qll @@ -20,7 +20,7 @@ class SpringXMLComponentScan extends SpringXMLElement { * Gets a profile expression for which this `component-scan` is enabled, or nothing if it is * applicable to any profile. */ - string getAProfileExpr() { result = getSpringBeanFile().getAProfileExpr() } + string getAProfileExpr() { result = this.getSpringBeanFile().getAProfileExpr() } } /** @@ -29,7 +29,7 @@ class SpringXMLComponentScan extends SpringXMLElement { */ class SpringComponentScan extends Annotation { SpringComponentScan() { - getType().hasQualifiedName("org.springframework.context.annotation", "ComponentScan") + this.getType().hasQualifiedName("org.springframework.context.annotation", "ComponentScan") } /** @@ -37,13 +37,13 @@ class SpringComponentScan extends Annotation { */ string getBasePackages() { // "value" and "basePackages" are synonymous, and are simple strings - result = getAValue("basePackages").(StringLiteral).getRepresentedString() + result = this.getAValue("basePackages").(StringLiteral).getRepresentedString() or - result = getAValue("value").(StringLiteral).getRepresentedString() + result = this.getAValue("value").(StringLiteral).getRepresentedString() or exists(TypeLiteral typeLiteral | // Base package classes are type literals whose package should be considered a base package. - typeLiteral = getAValue("basePackageClasses") + typeLiteral = this.getAValue("basePackageClasses") | result = typeLiteral.getReferencedType().(RefType).getPackage().getName() ) @@ -97,10 +97,10 @@ class SpringBasePackage extends string { class SpringComponentAnnotation extends AnnotationType { SpringComponentAnnotation() { // Component used directly as an annotation. - hasQualifiedName("org.springframework.stereotype", "Component") + this.hasQualifiedName("org.springframework.stereotype", "Component") or // Component can be used as a meta-annotation on other annotation types. - getAnAnnotation().getType() instanceof SpringComponentAnnotation + this.getAnAnnotation().getType() instanceof SpringComponentAnnotation } } @@ -117,20 +117,20 @@ private predicate isSpringXMLEnabled() { exists(SpringXMLElement springXMLElemen */ class SpringComponent extends RefType { SpringComponent() { - getAnAnnotation().getType() instanceof SpringComponentAnnotation and + this.getAnAnnotation().getType() instanceof SpringComponentAnnotation and not this instanceof AnnotationType } /** * Gets a qualifier used to distinguish when this class should be autowired into other classes. */ - SpringQualifierDefinitionAnnotation getQualifier() { result = getAnAnnotation() } + SpringQualifierDefinitionAnnotation getQualifier() { result = this.getAnAnnotation() } /** * Gets the `@Component` or equivalent annotation. */ Annotation getComponentAnnotation() { - result = getAnAnnotation() and + result = this.getAnAnnotation() and result.getType() instanceof SpringComponentAnnotation } @@ -138,13 +138,14 @@ class SpringComponent extends RefType { * Gets the bean identifier for this component. */ string getBeanIdentifier() { - if exists(getComponentAnnotation().getValue("value")) + if exists(this.getComponentAnnotation().getValue("value")) then // If the name has been specified in the component annotation, use that. - result = getComponentAnnotation().getValue("value").(CompileTimeConstantExpr).getStringValue() + result = + this.getComponentAnnotation().getValue("value").(CompileTimeConstantExpr).getStringValue() else // Otherwise use the name of the class, with the initial letter lower cased. - exists(string name | name = getName() | + exists(string name | name = this.getName() | result = name.charAt(0).toLowerCase() + name.suffix(1) ) } @@ -154,13 +155,13 @@ class SpringComponent extends RefType { * resolving autowiring on other classes. */ string getQualifierValue() { - if exists(getQualifier()) + if exists(this.getQualifier()) then // If given a qualifier, use the value specified. - result = getQualifier().getQualifierValue() + result = this.getQualifier().getQualifierValue() else // Otherwise, default to the bean identifier. - result = getBeanIdentifier() + result = this.getBeanIdentifier() } /** @@ -184,8 +185,8 @@ class SpringComponent extends RefType { this.getPackage().getName() = sbp ) and ( - not exists(getAProfileExpr()) or - getAProfileExpr().(SpringProfileExpr).isActive() + not exists(this.getAProfileExpr()) or + this.getAProfileExpr().(SpringProfileExpr).isActive() ) } @@ -195,7 +196,7 @@ class SpringComponent extends RefType { */ string getAProfileExpr() { exists(Annotation profileAnnotation | - profileAnnotation = getAnAnnotation() and + profileAnnotation = this.getAnAnnotation() and profileAnnotation .getType() .hasQualifiedName("org.springframework.context.annotation", "Profile") diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringController.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringController.qll index 6a3e9c9eb48..53829d02752 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringController.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringController.qll @@ -9,10 +9,10 @@ import SpringWebClient class SpringControllerAnnotation extends AnnotationType { SpringControllerAnnotation() { // `@Controller` used directly as an annotation. - hasQualifiedName("org.springframework.stereotype", "Controller") + this.hasQualifiedName("org.springframework.stereotype", "Controller") or // `@Controller` can be used as a meta-annotation on other annotation types. - getAnAnnotation().getType() instanceof SpringControllerAnnotation + this.getAnAnnotation().getType() instanceof SpringControllerAnnotation } } @@ -22,28 +22,30 @@ class SpringControllerAnnotation extends AnnotationType { * Rest controllers are the same as controllers, but imply the `@ResponseBody` annotation. */ class SpringRestControllerAnnotation extends SpringControllerAnnotation { - SpringRestControllerAnnotation() { hasName("RestController") } + SpringRestControllerAnnotation() { this.hasName("RestController") } } /** * A class annotated, directly or indirectly, as a Spring `Controller`. */ class SpringController extends Class { - SpringController() { getAnAnnotation().getType() instanceof SpringControllerAnnotation } + SpringController() { this.getAnAnnotation().getType() instanceof SpringControllerAnnotation } } /** * A class annotated, directly or indirectly, as a Spring `RestController`. */ class SpringRestController extends SpringController { - SpringRestController() { getAnAnnotation().getType() instanceof SpringRestControllerAnnotation } + SpringRestController() { + this.getAnAnnotation().getType() instanceof SpringRestControllerAnnotation + } } /** * A method on a Spring controller which is accessed by the Spring MVC framework. */ abstract class SpringControllerMethod extends Method { - SpringControllerMethod() { getDeclaringType() instanceof SpringController } + SpringControllerMethod() { this.getDeclaringType() instanceof SpringController } } /** @@ -83,10 +85,10 @@ class SpringInitBinderMethod extends SpringControllerMethod { class SpringRequestMappingAnnotationType extends AnnotationType { SpringRequestMappingAnnotationType() { // `@RequestMapping` used directly as an annotation. - hasQualifiedName("org.springframework.web.bind.annotation", "RequestMapping") + this.hasQualifiedName("org.springframework.web.bind.annotation", "RequestMapping") or // `@RequestMapping` can be used as a meta-annotation on other annotation types, e.g. GetMapping, PostMapping etc. - getAnAnnotation().getType() instanceof SpringRequestMappingAnnotationType + this.getAnAnnotation().getType() instanceof SpringRequestMappingAnnotationType } } @@ -96,7 +98,7 @@ class SpringRequestMappingAnnotationType extends AnnotationType { class SpringResponseBodyAnnotationType extends AnnotationType { SpringResponseBodyAnnotationType() { // `@ResponseBody` used directly as an annotation. - hasQualifiedName("org.springframework.web.bind.annotation", "ResponseBody") + this.hasQualifiedName("org.springframework.web.bind.annotation", "ResponseBody") } } @@ -129,7 +131,7 @@ class SpringRequestMappingMethod extends SpringControllerMethod { } /** Gets a request mapping parameter. */ - SpringRequestMappingParameter getARequestParameter() { result = getAParameter() } + SpringRequestMappingParameter getARequestParameter() { result = this.getAParameter() } /** Gets the "produces" @RequestMapping annotation value, if present. If an array is specified, gets the array. */ Expr getProducesExpr() { @@ -158,9 +160,9 @@ class SpringRequestMappingMethod extends SpringControllerMethod { /** Holds if this is considered an `@ResponseBody` method. */ predicate isResponseBody() { - getAnAnnotation().getType() instanceof SpringResponseBodyAnnotationType or - getDeclaringType().getAnAnnotation().getType() instanceof SpringResponseBodyAnnotationType or - getDeclaringType() instanceof SpringRestController + this.getAnAnnotation().getType() instanceof SpringResponseBodyAnnotationType or + this.getDeclaringType().getAnAnnotation().getType() instanceof SpringResponseBodyAnnotationType or + this.getDeclaringType() instanceof SpringRestController } } @@ -185,44 +187,50 @@ class SpringServletInputAnnotation extends Annotation { /** An annotation of the type `org.springframework.web.bind.annotation.ModelAttribute`. */ class SpringModelAttributeAnnotation extends Annotation { SpringModelAttributeAnnotation() { - getType().hasQualifiedName("org.springframework.web.bind.annotation", "ModelAttribute") + this.getType().hasQualifiedName("org.springframework.web.bind.annotation", "ModelAttribute") } } /** A parameter of a `SpringRequestMappingMethod`. */ class SpringRequestMappingParameter extends Parameter { - SpringRequestMappingParameter() { getCallable() instanceof SpringRequestMappingMethod } + SpringRequestMappingParameter() { this.getCallable() instanceof SpringRequestMappingMethod } /** Holds if the parameter should not be consider a direct source of taint. */ predicate isNotDirectlyTaintedInput() { - getType().(RefType).getAnAncestor() instanceof SpringWebRequest or - getType().(RefType).getAnAncestor() instanceof SpringNativeWebRequest or - getType().(RefType).getAnAncestor().hasQualifiedName("javax.servlet", "ServletRequest") or - getType().(RefType).getAnAncestor().hasQualifiedName("javax.servlet", "ServletResponse") or - getType().(RefType).getAnAncestor().hasQualifiedName("javax.servlet.http", "HttpSession") or - getType().(RefType).getAnAncestor().hasQualifiedName("javax.servlet.http", "PushBuilder") or - getType().(RefType).getAnAncestor().hasQualifiedName("java.security", "Principal") or - getType().(RefType).getAnAncestor().hasQualifiedName("org.springframework.http", "HttpMethod") or - getType().(RefType).getAnAncestor().hasQualifiedName("java.util", "Locale") or - getType().(RefType).getAnAncestor().hasQualifiedName("java.util", "TimeZone") or - getType().(RefType).getAnAncestor().hasQualifiedName("java.time", "ZoneId") or - getType().(RefType).getAnAncestor().hasQualifiedName("java.io", "OutputStream") or - getType().(RefType).getAnAncestor().hasQualifiedName("java.io", "Writer") or - getType() + this.getType().(RefType).getAnAncestor() instanceof SpringWebRequest or + this.getType().(RefType).getAnAncestor() instanceof SpringNativeWebRequest or + this.getType().(RefType).getAnAncestor().hasQualifiedName("javax.servlet", "ServletRequest") or + this.getType().(RefType).getAnAncestor().hasQualifiedName("javax.servlet", "ServletResponse") or + this.getType().(RefType).getAnAncestor().hasQualifiedName("javax.servlet.http", "HttpSession") or + this.getType().(RefType).getAnAncestor().hasQualifiedName("javax.servlet.http", "PushBuilder") or + this.getType().(RefType).getAnAncestor().hasQualifiedName("java.security", "Principal") or + this.getType() + .(RefType) + .getAnAncestor() + .hasQualifiedName("org.springframework.http", "HttpMethod") or + this.getType().(RefType).getAnAncestor().hasQualifiedName("java.util", "Locale") or + this.getType().(RefType).getAnAncestor().hasQualifiedName("java.util", "TimeZone") or + this.getType().(RefType).getAnAncestor().hasQualifiedName("java.time", "ZoneId") or + this.getType().(RefType).getAnAncestor().hasQualifiedName("java.io", "OutputStream") or + this.getType().(RefType).getAnAncestor().hasQualifiedName("java.io", "Writer") or + this.getType() .(RefType) .getAnAncestor() .hasQualifiedName("org.springframework.web.servlet.mvc.support", "RedirectAttributes") or // Also covers BindingResult. Note, you can access the field value through this interface, which should be considered tainted - getType().(RefType).getAnAncestor().hasQualifiedName("org.springframework.validation", "Errors") or - getType() + this.getType() + .(RefType) + .getAnAncestor() + .hasQualifiedName("org.springframework.validation", "Errors") or + this.getType() .(RefType) .getAnAncestor() .hasQualifiedName("org.springframework.web.bind.support", "SessionStatus") or - getType() + this.getType() .(RefType) .getAnAncestor() .hasQualifiedName("org.springframework.web.util", "UriComponentsBuilder") or - getType() + this.getType() .(RefType) .getAnAncestor() .hasQualifiedName("org.springframework.data.domain", "Pageable") or @@ -231,13 +239,13 @@ class SpringRequestMappingParameter extends Parameter { private predicate isExplicitlyTaintedInput() { // InputStream or Reader parameters allow access to the body of a request - getType().(RefType).getAnAncestor().hasQualifiedName("java.io", "InputStream") or - getType().(RefType).getAnAncestor().hasQualifiedName("java.io", "Reader") or + this.getType().(RefType).getAnAncestor().hasQualifiedName("java.io", "InputStream") or + this.getType().(RefType).getAnAncestor().hasQualifiedName("java.io", "Reader") or // The SpringServletInputAnnotations allow access to the URI, request parameters, cookie values and the body of the request this.getAnAnnotation() instanceof SpringServletInputAnnotation or // HttpEntity is like @RequestBody, but with a wrapper including the headers // TODO model unwrapping aspects - getType().(RefType).getASourceSupertype*() instanceof SpringHttpEntity or + this.getType().(RefType).getASourceSupertype*() instanceof SpringHttpEntity or this.getAnAnnotation() .getType() .hasQualifiedName("org.springframework.web.bind.annotation", "RequestAttribute") or @@ -249,35 +257,35 @@ class SpringRequestMappingParameter extends Parameter { private predicate isImplicitRequestParam() { // Any parameter which is not explicitly handled, is consider to be an `@RequestParam`, if // it is a simple bean property - not isNotDirectlyTaintedInput() and - not isExplicitlyTaintedInput() and + not this.isNotDirectlyTaintedInput() and + not this.isExplicitlyTaintedInput() and ( - getType() instanceof PrimitiveType or - getType() instanceof TypeString + this.getType() instanceof PrimitiveType or + this.getType() instanceof TypeString ) } private predicate isImplicitModelAttribute() { // Any parameter which is not explicitly handled, is consider to be an `@ModelAttribute`, if // it is not an implicit request param - not isNotDirectlyTaintedInput() and - not isExplicitlyTaintedInput() and - not isImplicitRequestParam() + not this.isNotDirectlyTaintedInput() and + not this.isExplicitlyTaintedInput() and + not this.isImplicitRequestParam() } /** Holds if this is an explicit or implicit `@ModelAttribute` parameter. */ predicate isModelAttribute() { - isImplicitModelAttribute() or - getAnAnnotation() instanceof SpringModelAttributeAnnotation + this.isImplicitModelAttribute() or + this.getAnAnnotation() instanceof SpringModelAttributeAnnotation } /** Holds if the input is tainted. */ predicate isTaintedInput() { - isExplicitlyTaintedInput() + this.isExplicitlyTaintedInput() or // Any parameter which is not explicitly identified, is consider to be an `@RequestParam`, if // it is a simple bean property) or a @ModelAttribute if not - not isNotDirectlyTaintedInput() + not this.isNotDirectlyTaintedInput() } } @@ -286,7 +294,7 @@ class SpringRequestMappingParameter extends Parameter { * the method, which will be used to render the response e.g. as a JSP file. */ abstract class SpringModel extends Parameter { - SpringModel() { getCallable() instanceof SpringRequestMappingMethod } + SpringModel() { this.getCallable() instanceof SpringRequestMappingMethod } /** * Types for which instances are placed inside the model. @@ -298,11 +306,11 @@ abstract class SpringModel extends Parameter { * A `java.util.Map` can be accepted as the model parameter for a Spring `RequestMapping` method. */ class SpringModelPlainMap extends SpringModel { - SpringModelPlainMap() { getType() instanceof MapType } + SpringModelPlainMap() { this.getType() instanceof MapType } override RefType getATypeInModel() { exists(MethodAccess methodCall | - methodCall.getQualifier() = getAnAccess() and + methodCall.getQualifier() = this.getAnAccess() and methodCall.getCallee().hasName("put") | result = methodCall.getArgument(1).getType() @@ -316,13 +324,13 @@ class SpringModelPlainMap extends SpringModel { */ class SpringModelModel extends SpringModel { SpringModelModel() { - getType().(RefType).hasQualifiedName("org.springframework.ui", "Model") or - getType().(RefType).hasQualifiedName("org.springframework.ui", "ModelMap") + this.getType().(RefType).hasQualifiedName("org.springframework.ui", "Model") or + this.getType().(RefType).hasQualifiedName("org.springframework.ui", "ModelMap") } override RefType getATypeInModel() { exists(MethodAccess methodCall | - methodCall.getQualifier() = getAnAccess() and + methodCall.getQualifier() = this.getAnAccess() and methodCall.getCallee().hasName("addAttribute") | result = methodCall.getArgument(methodCall.getNumArgument() - 1).getType() diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringExpression.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringExpression.qll index 0b79587c551..155e11544fc 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringExpression.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringExpression.qll @@ -18,7 +18,7 @@ class ExpressionEvaluationMethod extends Method { * The class `org.springframework.expression.ExpressionParser`. */ class ExpressionParser extends RefType { - ExpressionParser() { hasQualifiedName("org.springframework.expression", "ExpressionParser") } + ExpressionParser() { this.hasQualifiedName("org.springframework.expression", "ExpressionParser") } } /** @@ -26,7 +26,7 @@ class ExpressionParser extends RefType { */ class SimpleEvaluationContextBuilder extends RefType { SimpleEvaluationContextBuilder() { - hasQualifiedName("org.springframework.expression.spel.support", + this.hasQualifiedName("org.springframework.expression.spel.support", "SimpleEvaluationContext$Builder") } } @@ -35,7 +35,7 @@ class SimpleEvaluationContextBuilder extends RefType { * The class `org.springframework.expression.Expression`. */ class Expression extends RefType { - Expression() { hasQualifiedName("org.springframework.expression", "Expression") } + Expression() { this.hasQualifiedName("org.springframework.expression", "Expression") } } /** @@ -43,6 +43,6 @@ class Expression extends RefType { */ class SimpleEvaluationContext extends RefType { SimpleEvaluationContext() { - hasQualifiedName("org.springframework.expression.spel.support", "SimpleEvaluationContext") + this.hasQualifiedName("org.springframework.expression.spel.support", "SimpleEvaluationContext") } } diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringFlex.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringFlex.qll index 30ca9db14f7..7ed0f78fd37 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringFlex.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringFlex.qll @@ -16,22 +16,22 @@ class SpringRemotingDestination extends SpringXMLElement { * Gets the bean that this remoting destination refers to. */ SpringBean getSpringBean() { - result = getParent() or - result.getBeanIdentifier() = getAttribute("ref").getValue() + result = this.getParent() or + result.getBeanIdentifier() = this.getAttribute("ref").getValue() } /** * Methods that are specifically included when the bean is exposed as a remote destination. */ string getAnIncludeMethod() { - result = getAttribute("include-methods").getValue().splitAt(",").trim() + result = this.getAttribute("include-methods").getValue().splitAt(",").trim() } /** * Methods that are specifically excluded when the bean is exposed as a remote destination. */ string getAnExcludeMethod() { - result = getAttribute("exclude-methods").getValue().splitAt(",").trim() + result = this.getAttribute("exclude-methods").getValue().splitAt(",").trim() } } @@ -44,7 +44,7 @@ class SpringRemotingDestinationClass extends Class { this = remotingDestination.getSpringBean().getClass() ) or - hasAnnotation("org.springframework.flex.remoting", "RemotingDestination") and + this.hasAnnotation("org.springframework.flex.remoting", "RemotingDestination") and // Must either be a live bean, or a live component. ( this.(SpringComponent).isLive() or @@ -66,11 +66,11 @@ class SpringRemotingDestinationClass extends Class { * basis, only those methods that are not marked as excluded are exported. */ predicate isIncluding() { - exists(Method m | m = getAMethod() | + exists(Method m | m = this.getAMethod() | m.hasAnnotation("org.springframework.flex.remoting", "RemotingInclude") ) or - exists(getRemotingDestinationXML().getAnIncludeMethod()) + exists(this.getRemotingDestinationXML().getAnIncludeMethod()) } /** @@ -78,13 +78,13 @@ class SpringRemotingDestinationClass extends Class { */ Method getARemotingMethod() { result = this.getAMethod() and - if isIncluding() + if this.isIncluding() then result.hasAnnotation("org.springframework.flex.remoting", "RemotingInclude") or - result.getName() = getRemotingDestinationXML().getAnIncludeMethod() + result.getName() = this.getRemotingDestinationXML().getAnIncludeMethod() else ( not result.hasAnnotation("org.springframework.flex.remoting", "RemotingExclude") and - not result.getName() = getRemotingDestinationXML().getAnExcludeMethod() + not result.getName() = this.getRemotingDestinationXML().getAnExcludeMethod() ) } } diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringProfile.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringProfile.qll index 17fedacdefe..7f284b0771f 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringProfile.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringProfile.qll @@ -26,10 +26,10 @@ class SpringProfileExpr extends string { */ predicate isActive() { ( - getProfile() instanceof AlwaysEnabledSpringProfile or - getProfile() instanceof SometimesEnabledSpringProfile + this.getProfile() instanceof AlwaysEnabledSpringProfile or + this.getProfile() instanceof SometimesEnabledSpringProfile ) and - not getProfile() instanceof NeverEnabledSpringProfile + not this.getProfile() instanceof NeverEnabledSpringProfile } } @@ -48,7 +48,7 @@ class NotSpringProfileExpr extends SpringProfileExpr { * This profile expression is active if it can ever be evaluated to true, according to our * knowledge of which profiles are sometimes/never/always enabled. */ - override predicate isActive() { not getProfile() instanceof AlwaysEnabledSpringProfile } + override predicate isActive() { not this.getProfile() instanceof AlwaysEnabledSpringProfile } } /** diff --git a/java/ql/lib/semmle/code/java/frameworks/spring/SpringWeb.qll b/java/ql/lib/semmle/code/java/frameworks/spring/SpringWeb.qll index dd8e660fd26..b91c6de4933 100644 --- a/java/ql/lib/semmle/code/java/frameworks/spring/SpringWeb.qll +++ b/java/ql/lib/semmle/code/java/frameworks/spring/SpringWeb.qll @@ -25,7 +25,7 @@ class SpringNativeWebRequest extends Class { */ class ModelAndView extends Class { ModelAndView() { - hasQualifiedName(["org.springframework.web.servlet", "org.springframework.web.portlet"], + this.hasQualifiedName(["org.springframework.web.servlet", "org.springframework.web.portlet"], "ModelAndView") } } @@ -33,7 +33,7 @@ class ModelAndView extends Class { /** A call to the Spring `ModelAndView.setViewName` method. */ class SpringModelAndViewSetViewNameCall extends MethodAccess { SpringModelAndViewSetViewNameCall() { - getMethod().getDeclaringType() instanceof ModelAndView and - getMethod().hasName("setViewName") + this.getMethod().getDeclaringType() instanceof ModelAndView and + this.getMethod().hasName("setViewName") } } diff --git a/java/ql/lib/semmle/code/java/frameworks/struts/StrutsActions.qll b/java/ql/lib/semmle/code/java/frameworks/struts/StrutsActions.qll index 0edfaa3711c..775eb3e2b6f 100644 --- a/java/ql/lib/semmle/code/java/frameworks/struts/StrutsActions.qll +++ b/java/ql/lib/semmle/code/java/frameworks/struts/StrutsActions.qll @@ -86,7 +86,7 @@ class Struts2ActionClass extends Class { * Holds if this action class extends the preparable interface. */ predicate isPreparable() { - getAnAncestor().hasQualifiedName("com.opensymphony.xwork2", "Preparable") + this.getAnAncestor().hasQualifiedName("com.opensymphony.xwork2", "Preparable") } /** @@ -96,10 +96,10 @@ class Struts2ActionClass extends Class { * methods only exist if the class `isPreparable()`. */ Method getPrepareMethod() { - isPreparable() and + this.isPreparable() and exists(Struts2ActionMethod actionMethod | - actionMethod = getActionMethod() and - inherits(result) and + actionMethod = this.getActionMethod() and + this.inherits(result) and result .hasName("prepare" + actionMethod.getName().charAt(0).toUpperCase() + actionMethod.getName().suffix(1)) diff --git a/java/ql/lib/semmle/code/java/frameworks/struts/StrutsAnnotations.qll b/java/ql/lib/semmle/code/java/frameworks/struts/StrutsAnnotations.qll index c024f4d6b16..5ee8f25724e 100644 --- a/java/ql/lib/semmle/code/java/frameworks/struts/StrutsAnnotations.qll +++ b/java/ql/lib/semmle/code/java/frameworks/struts/StrutsAnnotations.qll @@ -16,7 +16,7 @@ class StrutsActionAnnotation extends StrutsAnnotation { StrutsActionAnnotation() { this.getType().hasName("Action") } Callable getActionCallable() { - result = getAnnotatedElement() + result = this.getAnnotatedElement() or exists(StrutsActionsAnnotation actions | this = actions.getAnAction() | result = actions.getAnnotatedElement() diff --git a/java/ql/lib/semmle/code/java/frameworks/struts/StrutsConventions.qll b/java/ql/lib/semmle/code/java/frameworks/struts/StrutsConventions.qll index b6b62b72cef..35faa0e55ff 100644 --- a/java/ql/lib/semmle/code/java/frameworks/struts/StrutsConventions.qll +++ b/java/ql/lib/semmle/code/java/frameworks/struts/StrutsConventions.qll @@ -8,8 +8,8 @@ import semmle.code.xml.MavenPom */ library class Struts2ConventionDependency extends Dependency { Struts2ConventionDependency() { - getGroup().getValue() = "org.apache.struts" and - getArtifact().getValue() = "struts2-convention-plugin" + this.getGroup().getValue() = "org.apache.struts" and + this.getArtifact().getValue() = "struts2-convention-plugin" } } @@ -100,7 +100,7 @@ class Struts2ConventionActionClass extends Class { isStrutsConventionPluginUsed(this) and exists(string ancestorPackage | // Has an ancestor package on the whitelist - ancestorPackage = getPackage().getName().splitAt(".") and + ancestorPackage = this.getPackage().getName().splitAt(".") and ( ancestorPackage = "struts" or ancestorPackage = "struts2" or @@ -109,7 +109,7 @@ class Struts2ConventionActionClass extends Class { ) ) and ( - getName().matches("%" + getConventionSuffix(this)) or + this.getName().matches("%" + getConventionSuffix(this)) or this.getAnAncestor().hasQualifiedName("com.opensymphony.xwork2", "Action") ) } diff --git a/java/ql/lib/semmle/code/java/frameworks/struts/StrutsXML.qll b/java/ql/lib/semmle/code/java/frameworks/struts/StrutsXML.qll index 35340e890cf..8e69c5d9a83 100644 --- a/java/ql/lib/semmle/code/java/frameworks/struts/StrutsXML.qll +++ b/java/ql/lib/semmle/code/java/frameworks/struts/StrutsXML.qll @@ -31,18 +31,18 @@ abstract class StrutsXMLFile extends XMLFile { /** * Gets a transitively included file. */ - StrutsXMLFile getAnIncludedFile() { result = getADirectlyIncludedFile*() } + StrutsXMLFile getAnIncludedFile() { result = this.getADirectlyIncludedFile*() } /** * Gets a `` defined in this file, or an included file. */ - StrutsXMLConstant getAConstant() { result.getFile() = getAnIncludedFile() } + StrutsXMLConstant getAConstant() { result.getFile() = this.getAnIncludedFile() } /** * Gets the value of the constant with the given `name`. */ string getConstantValue(string name) { - exists(StrutsXMLConstant constant | constant = getAConstant() | + exists(StrutsXMLConstant constant | constant = this.getAConstant() | constant.getConstantName() = name and result = constant.getConstantValue() ) @@ -56,8 +56,8 @@ abstract class StrutsXMLFile extends XMLFile { */ class StrutsRootXMLFile extends StrutsXMLFile { StrutsRootXMLFile() { - getBaseName() = "struts.xml" or - getBaseName() = "struts-plugin.xml" + this.getBaseName() = "struts.xml" or + this.getBaseName() = "struts-plugin.xml" } } @@ -73,7 +73,7 @@ class StrutsIncludedXMLFile extends StrutsXMLFile { */ class StrutsFolder extends Folder { StrutsFolder() { - exists(Container c | c = getAChildContainer() | + exists(Container c | c = this.getAChildContainer() | c instanceof StrutsFolder or c instanceof StrutsXMLFile ) @@ -82,14 +82,14 @@ class StrutsFolder extends Folder { /** * Holds if this folder has a unique Struts root configuration file. */ - predicate isUnique() { count(getAStrutsRootFile()) = 1 } + predicate isUnique() { count(this.getAStrutsRootFile()) = 1 } /** * Gets a struts root configuration that applies to this folder. */ StrutsRootXMLFile getAStrutsRootFile() { - result = getAChildContainer() or - result = getAChildContainer().(StrutsFolder).getAStrutsRootFile() + result = this.getAChildContainer() or + result = this.getAChildContainer().(StrutsFolder).getAStrutsRootFile() } } @@ -102,7 +102,7 @@ class StrutsXMLElement extends XMLElement { /** * Gets the value for this element, with leading and trailing whitespace trimmed. */ - string getValue() { result = allCharactersString().trim() } + string getValue() { result = this.allCharactersString().trim() } } /** @@ -121,7 +121,7 @@ class StrutsXMLInclude extends StrutsXMLElement { * potentially be included. */ XMLFile getIncludedFile() { - exists(string file | file = getAttribute("file").getValue() | + exists(string file | file = this.getAttribute("file").getValue() | result.getAbsolutePath().matches("%" + escapeForMatch(file)) ) } @@ -157,10 +157,10 @@ class StrutsXMLAction extends StrutsXMLElement { * Gets the `Class` that is referenced by this Struts action. */ Class getActionClass() { - strutsWildcardMatching(result.getQualifiedName(), getAttribute("class").getValue()) + strutsWildcardMatching(result.getQualifiedName(), this.getAttribute("class").getValue()) } - string getMethodName() { result = getAttribute("method").getValue() } + string getMethodName() { result = this.getAttribute("method").getValue() } /** * Gets the `Method` which is referenced by this action. @@ -168,9 +168,9 @@ class StrutsXMLAction extends StrutsXMLElement { * If no method is specified in the attributes of this element, a method named `execute` is chosen. */ Method getActionMethod() { - getActionClass().inherits(result) and - if exists(getMethodName()) - then strutsWildcardMatching(result.getName(), getMethodName()) + this.getActionClass().inherits(result) and + if exists(this.getMethodName()) + then strutsWildcardMatching(result.getName(), this.getMethodName()) else result.hasName("execute") } } @@ -179,9 +179,9 @@ class StrutsXMLAction extends StrutsXMLElement { * A `` property, representing a configuration parameter to struts. */ class StrutsXMLConstant extends StrutsXMLElement { - StrutsXMLConstant() { getName() = "constant" } + StrutsXMLConstant() { this.getName() = "constant" } - string getConstantName() { result = getAttribute("name").getValue() } + string getConstantName() { result = this.getAttribute("name").getValue() } - string getConstantValue() { result = getAttribute("value").getValue() } + string getConstantValue() { result = this.getAttribute("value").getValue() } } diff --git a/java/ql/lib/semmle/code/java/metrics/MetricRefType.qll b/java/ql/lib/semmle/code/java/metrics/MetricRefType.qll index 79c65dd1bef..ce4e52c8eec 100755 --- a/java/ql/lib/semmle/code/java/metrics/MetricRefType.qll +++ b/java/ql/lib/semmle/code/java/metrics/MetricRefType.qll @@ -137,7 +137,9 @@ class MetricRefType extends RefType, MetricElement { /** Holds if the specified callable should be included in the CK cohesion computation. */ predicate includeInLackOfCohesionCK(Callable c) { not c instanceof TestMethod and - exists(Field f | c.getDeclaringType() = this and c.accesses(f) and relevantFieldForCohesion(f)) + exists(Field f | + c.getDeclaringType() = this and c.accesses(f) and this.relevantFieldForCohesion(f) + ) } pragma[noopt] @@ -152,8 +154,8 @@ class MetricRefType extends RefType, MetricElement { /** Holds if a (non-ignored) callable reads a field relevant for cohesion. */ private predicate relevantCallableAndFieldCK(Callable m, Field f) { - includeInLackOfCohesionCK(m) and - relevantFieldForCohesion(f) and + this.includeInLackOfCohesionCK(m) and + this.relevantFieldForCohesion(f) and m.accesses(f) and m.getDeclaringType() = this } @@ -180,12 +182,12 @@ class MetricRefType extends RefType, MetricElement { */ float getLackOfCohesionCK() { exists(int callables, int linked, float n | - callables = count(Callable m | includeInLackOfCohesionCK(m)) and + callables = count(Callable m | this.includeInLackOfCohesionCK(m)) and linked = count(Callable m1, Callable m2 | exists(Field f | - relevantCallableAndFieldCK(m1, f) and - relevantCallableAndFieldCK(m2, f) and + this.relevantCallableAndFieldCK(m1, f) and + this.relevantCallableAndFieldCK(m2, f) and m1 != m2 ) ) and @@ -207,7 +209,7 @@ class MetricRefType extends RefType, MetricElement { int getADepth() { this.hasQualifiedName("java.lang", "Object") and result = 0 or - not cyclic() and result = this.getASupertype().(MetricRefType).getADepth() + 1 + not this.cyclic() and result = this.getASupertype().(MetricRefType).getADepth() + 1 } /** @@ -229,10 +231,10 @@ class MetricRefType extends RefType, MetricElement { int getADepth(RefType reference) { this = reference and result = 0 or - not cyclic() and result = this.getASupertype().(MetricRefType).getADepth(reference) + 1 + not this.cyclic() and result = this.getASupertype().(MetricRefType).getADepth(reference) + 1 } - private predicate cyclic() { getASupertype+() = this } + private predicate cyclic() { this.getASupertype+() = this } /** Gets the depth of inheritance metric relative to the specified reference type. */ int getInheritanceDepth(RefType reference) { result = max(this.getADepth(reference)) } diff --git a/java/ql/lib/semmle/code/java/security/CommandArguments.qll b/java/ql/lib/semmle/code/java/security/CommandArguments.qll index c0934e49411..d8ec58e623e 100644 --- a/java/ql/lib/semmle/code/java/security/CommandArguments.qll +++ b/java/ql/lib/semmle/code/java/security/CommandArguments.qll @@ -69,10 +69,10 @@ private class CommandArgumentList extends SsaExplicitUpdate { /** Gets a use of the variable for which the list could be empty. */ private RValue getAUseBeforeFirstAdd() { - result = getAFirstUse() + result = this.getAFirstUse() or exists(RValue mid | - mid = getAUseBeforeFirstAdd() and + mid = this.getAUseBeforeFirstAdd() and adjacentUseUse(mid, result) and not exists(MethodAccess ma | mid = ma.getQualifier() and @@ -85,25 +85,25 @@ private class CommandArgumentList extends SsaExplicitUpdate { * Gets an addition to this list, i.e. a call to an `add` or `addAll` method. */ MethodAccess getAnAdd() { - result.getQualifier() = getAUse() and + result.getQualifier() = this.getAUse() and result.getMethod().getName().matches("add%") } /** Gets an addition to this list which could be its first element. */ MethodAccess getAFirstAdd() { - result = getAnAdd() and - result.getQualifier() = getAUseBeforeFirstAdd() + result = this.getAnAdd() and + result.getQualifier() = this.getAUseBeforeFirstAdd() } /** Gets an addition to this list which is not the first element. */ MethodAccess getASubsequentAdd() { - result = getAnAdd() and - not result = getAFirstAdd() + result = this.getAnAdd() and + not result = this.getAFirstAdd() } /** Holds if the first element of this list is a shell command. */ predicate isShell() { - exists(MethodAccess ma | ma = getAFirstAdd() and isShell(ma.getArgument(0))) + exists(MethodAccess ma | ma = this.getAFirstAdd() and isShell(ma.getArgument(0))) } } @@ -122,7 +122,7 @@ private predicate arrayLValue(ArrayAccess acc) { exists(Assignment a | a.getDest private class CommandArgumentArray extends SsaExplicitUpdate { CommandArgumentArray() { this.getSourceVariable().getType() instanceof ArrayOfStringType and - forall(ArrayAccess a | a.getArray() = getAUse() and arrayLValue(a) | + forall(ArrayAccess a | a.getArray() = this.getAUse() and arrayLValue(a) | a.getIndexExpr() instanceof CompileTimeConstantExpr ) } @@ -139,7 +139,7 @@ private class CommandArgumentArray extends SsaExplicitUpdate { } /** Gets an expression that is written to the given index of this array. */ - Expr getAWrite(int index) { result = getAWrite(index, _) } + Expr getAWrite(int index) { result = this.getAWrite(index, _) } } /** @@ -147,20 +147,20 @@ private class CommandArgumentArray extends SsaExplicitUpdate { */ private class CommandArgArrayImmutableFirst extends CommandArgumentArray { CommandArgArrayImmutableFirst() { - (exists(getAWrite(0)) or exists(firstElementOf(this.getDefiningExpr()))) and + (exists(this.getAWrite(0)) or exists(firstElementOf(this.getDefiningExpr()))) and forall(RValue use | exists(this.getAWrite(0, use)) | use = this.getAFirstUse()) } /** Gets the first element of this array. */ Expr getFirstElement() { - result = getAWrite(0) + result = this.getAWrite(0) or - not exists(getAWrite(0)) and - result = firstElementOf(getDefiningExpr()) + not exists(this.getAWrite(0)) and + result = firstElementOf(this.getDefiningExpr()) } /** Holds if the first element of this array is a shell command. */ - predicate isShell() { isShell(getFirstElement()) } + predicate isShell() { isShell(this.getFirstElement()) } } /** Gets the first element of an imutable array of strings */ diff --git a/java/ql/lib/semmle/code/java/security/Encryption.qll b/java/ql/lib/semmle/code/java/security/Encryption.qll index 3e65375d91f..8f4cef23ee6 100644 --- a/java/ql/lib/semmle/code/java/security/Encryption.qll +++ b/java/ql/lib/semmle/code/java/security/Encryption.qll @@ -18,7 +18,7 @@ class X509TrustManager extends RefType { } class HttpsURLConnection extends RefType { - HttpsURLConnection() { hasQualifiedName("javax.net.ssl", "HttpsURLConnection") } + HttpsURLConnection() { this.hasQualifiedName("javax.net.ssl", "HttpsURLConnection") } } class SSLSocketFactory extends RefType { @@ -26,16 +26,16 @@ class SSLSocketFactory extends RefType { } class SSLContext extends RefType { - SSLContext() { hasQualifiedName("javax.net.ssl", "SSLContext") } + SSLContext() { this.hasQualifiedName("javax.net.ssl", "SSLContext") } } /** The `javax.net.ssl.SSLSession` class. */ class SSLSession extends RefType { - SSLSession() { hasQualifiedName("javax.net.ssl", "SSLSession") } + SSLSession() { this.hasQualifiedName("javax.net.ssl", "SSLSession") } } class HostnameVerifier extends RefType { - HostnameVerifier() { hasQualifiedName("javax.net.ssl", "HostnameVerifier") } + HostnameVerifier() { this.hasQualifiedName("javax.net.ssl", "HostnameVerifier") } } /** The Java class `javax.crypto.KeyGenerator`. */ @@ -51,10 +51,10 @@ class KeyPairGenerator extends RefType { /** The `verify` method of the class `javax.net.ssl.HostnameVerifier`. */ class HostnameVerifierVerify extends Method { HostnameVerifierVerify() { - hasName("verify") and - getDeclaringType().getASupertype*() instanceof HostnameVerifier and - getParameterType(0) instanceof TypeString and - getParameterType(1) instanceof SSLSession + this.hasName("verify") and + this.getDeclaringType().getASupertype*() instanceof HostnameVerifier and + this.getParameterType(0) instanceof TypeString and + this.getParameterType(1) instanceof SSLSession } } @@ -67,37 +67,37 @@ class TrustManagerCheckMethod extends Method { class CreateSocket extends Method { CreateSocket() { - hasName("createSocket") and - getDeclaringType() instanceof SSLSocketFactory + this.hasName("createSocket") and + this.getDeclaringType() instanceof SSLSocketFactory } } class GetSocketFactory extends Method { GetSocketFactory() { - hasName("getSocketFactory") and - getDeclaringType() instanceof SSLContext + this.hasName("getSocketFactory") and + this.getDeclaringType() instanceof SSLContext } } class SetConnectionFactoryMethod extends Method { SetConnectionFactoryMethod() { - hasName("setSSLSocketFactory") and - getDeclaringType().getASupertype*() instanceof HttpsURLConnection + this.hasName("setSSLSocketFactory") and + this.getDeclaringType().getASupertype*() instanceof HttpsURLConnection } } class SetHostnameVerifierMethod extends Method { SetHostnameVerifierMethod() { - hasName("setHostnameVerifier") and - getDeclaringType().getASupertype*() instanceof HttpsURLConnection + this.hasName("setHostnameVerifier") and + this.getDeclaringType().getASupertype*() instanceof HttpsURLConnection } } /** The `setDefaultHostnameVerifier` method of the class `javax.net.ssl.HttpsURLConnection`. */ class SetDefaultHostnameVerifierMethod extends Method { SetDefaultHostnameVerifierMethod() { - hasName("setDefaultHostnameVerifier") and - getDeclaringType().getASupertype*() instanceof HttpsURLConnection + this.hasName("setDefaultHostnameVerifier") and + this.getDeclaringType().getASupertype*() instanceof HttpsURLConnection } } diff --git a/java/ql/lib/semmle/code/java/security/ExternalAPIs.qll b/java/ql/lib/semmle/code/java/security/ExternalAPIs.qll index f2675645a6a..3b264bd0283 100644 --- a/java/ql/lib/semmle/code/java/security/ExternalAPIs.qll +++ b/java/ql/lib/semmle/code/java/security/ExternalAPIs.qll @@ -17,38 +17,38 @@ private class DefaultSafeExternalAPIMethod extends SafeExternalAPIMethod { DefaultSafeExternalAPIMethod() { this instanceof EqualsMethod or - getName().regexpMatch("size|length|compareTo|getClass|lastIndexOf") + this.getName().regexpMatch("size|length|compareTo|getClass|lastIndexOf") or this.getDeclaringType().hasQualifiedName("org.apache.commons.lang3", "Validate") or - getQualifiedName() = "Objects.equals" + this.getQualifiedName() = "Objects.equals" or - getDeclaringType() instanceof TypeString and getName() = "equals" + this.getDeclaringType() instanceof TypeString and this.getName() = "equals" or - getDeclaringType().hasQualifiedName("com.google.common.base", "Preconditions") + this.getDeclaringType().hasQualifiedName("com.google.common.base", "Preconditions") or - getDeclaringType().getPackage().getName().matches("org.junit%") + this.getDeclaringType().getPackage().getName().matches("org.junit%") or - getDeclaringType().hasQualifiedName("com.google.common.base", "Strings") and - getName() = "isNullOrEmpty" + this.getDeclaringType().hasQualifiedName("com.google.common.base", "Strings") and + this.getName() = "isNullOrEmpty" or - getDeclaringType().hasQualifiedName("org.apache.commons.lang3", "StringUtils") and - getName() = "isNotEmpty" + this.getDeclaringType().hasQualifiedName("org.apache.commons.lang3", "StringUtils") and + this.getName() = "isNotEmpty" or - getDeclaringType().hasQualifiedName("java.lang", "Character") and - getName() = "isDigit" + this.getDeclaringType().hasQualifiedName("java.lang", "Character") and + this.getName() = "isDigit" or - getDeclaringType().hasQualifiedName("java.lang", "String") and - getName().regexpMatch("equalsIgnoreCase|regionMatches") + this.getDeclaringType().hasQualifiedName("java.lang", "String") and + this.getName().regexpMatch("equalsIgnoreCase|regionMatches") or - getDeclaringType().hasQualifiedName("java.lang", "Boolean") and - getName() = "parseBoolean" + this.getDeclaringType().hasQualifiedName("java.lang", "Boolean") and + this.getName() = "parseBoolean" or - getDeclaringType().hasQualifiedName("org.apache.commons.io", "IOUtils") and - getName() = "closeQuietly" + this.getDeclaringType().hasQualifiedName("org.apache.commons.io", "IOUtils") and + this.getName() = "closeQuietly" or - getDeclaringType().hasQualifiedName("org.springframework.util", "StringUtils") and - getName().regexpMatch("hasText|isEmpty") + this.getDeclaringType().hasQualifiedName("org.springframework.util", "StringUtils") and + this.getName().regexpMatch("hasText|isEmpty") } } @@ -90,7 +90,8 @@ class ExternalAPIDataNode extends DataFlow::Node { /** Gets the description of the method being called. */ string getMethodDescription() { - result = getMethod().getDeclaringType().getPackage() + "." + getMethod().getQualifiedName() + result = + this.getMethod().getDeclaringType().getPackage() + "." + this.getMethod().getQualifiedName() } } @@ -130,7 +131,7 @@ class ExternalAPIUsedWithUntrustedData extends TExternalAPI { /** Gets the number of untrusted sources used with this external API. */ int getNumberOfUntrustedSources() { - result = count(getUntrustedDataNode().getAnUntrustedSource()) + result = count(this.getUntrustedDataNode().getAnUntrustedSource()) } /** Gets a textual representation of this element. */ diff --git a/java/ql/lib/semmle/code/java/security/JexlInjectionQuery.qll b/java/ql/lib/semmle/code/java/security/JexlInjectionQuery.qll index bfb77715569..9e70be5c12f 100644 --- a/java/ql/lib/semmle/code/java/security/JexlInjectionQuery.qll +++ b/java/ql/lib/semmle/code/java/security/JexlInjectionQuery.qll @@ -168,7 +168,9 @@ private predicate createJexlEngineStep(DataFlow::Node fromNode, DataFlow::Node t * A method that creates a JEXL script. */ private class CreateJexlScriptMethod extends Method { - CreateJexlScriptMethod() { getDeclaringType() instanceof JexlEngine and hasName("createScript") } + CreateJexlScriptMethod() { + this.getDeclaringType() instanceof JexlEngine and this.hasName("createScript") + } } /** @@ -176,8 +178,11 @@ private class CreateJexlScriptMethod extends Method { */ private class CreateJexlTemplateMethod extends Method { CreateJexlTemplateMethod() { - (getDeclaringType() instanceof JxltEngine or getDeclaringType() instanceof UnifiedJexl) and - hasName("createTemplate") + ( + this.getDeclaringType() instanceof JxltEngine or + this.getDeclaringType() instanceof UnifiedJexl + ) and + this.hasName("createTemplate") } } @@ -186,40 +191,42 @@ private class CreateJexlTemplateMethod extends Method { */ private class CreateJexlExpressionMethod extends Method { CreateJexlExpressionMethod() { - (getDeclaringType() instanceof JexlEngine or getDeclaringType() instanceof JxltEngine) and - hasName("createExpression") + (this.getDeclaringType() instanceof JexlEngine or this.getDeclaringType() instanceof JxltEngine) and + this.hasName("createExpression") or - getDeclaringType() instanceof UnifiedJexl and hasName("parse") + this.getDeclaringType() instanceof UnifiedJexl and this.hasName("parse") } } private class JexlRefType extends RefType { - JexlRefType() { getPackage().hasName(["org.apache.commons.jexl2", "org.apache.commons.jexl3"]) } + JexlRefType() { + this.getPackage().hasName(["org.apache.commons.jexl2", "org.apache.commons.jexl3"]) + } } private class JexlBuilder extends JexlRefType { - JexlBuilder() { hasName("JexlBuilder") } + JexlBuilder() { this.hasName("JexlBuilder") } } private class JexlEngine extends JexlRefType { - JexlEngine() { hasName("JexlEngine") } + JexlEngine() { this.hasName("JexlEngine") } } private class JxltEngine extends JexlRefType { - JxltEngine() { hasName("JxltEngine") } + JxltEngine() { this.hasName("JxltEngine") } } private class UnifiedJexl extends JexlRefType { - UnifiedJexl() { hasName("UnifiedJEXL") } + UnifiedJexl() { this.hasName("UnifiedJEXL") } } private class JexlUberspect extends Interface { JexlUberspect() { - hasQualifiedName("org.apache.commons.jexl2.introspection", "Uberspect") or - hasQualifiedName("org.apache.commons.jexl3.introspection", "JexlUberspect") + this.hasQualifiedName("org.apache.commons.jexl2.introspection", "Uberspect") or + this.hasQualifiedName("org.apache.commons.jexl3.introspection", "JexlUberspect") } } private class Reader extends RefType { - Reader() { hasQualifiedName("java.io", "Reader") } + Reader() { this.hasQualifiedName("java.io", "Reader") } } diff --git a/java/ql/lib/semmle/code/java/security/MvelInjection.qll b/java/ql/lib/semmle/code/java/security/MvelInjection.qll index 984641fbd18..a75f582b72a 100644 --- a/java/ql/lib/semmle/code/java/security/MvelInjection.qll +++ b/java/ql/lib/semmle/code/java/security/MvelInjection.qll @@ -183,8 +183,8 @@ private predicate templateCompileStep(DataFlow::Node node1, DataFlow::Node node2 */ private class MvelScriptEngineCompilationMethod extends Method { MvelScriptEngineCompilationMethod() { - getDeclaringType() instanceof MvelScriptEngine and - hasName(["compile", "compiledScript"]) + this.getDeclaringType() instanceof MvelScriptEngine and + this.hasName(["compile", "compiledScript"]) } } @@ -193,8 +193,8 @@ private class MvelScriptEngineCompilationMethod extends Method { */ private class TemplateCompilerCompileMethod extends Method { TemplateCompilerCompileMethod() { - getDeclaringType() instanceof TemplateCompiler and - hasName("compile") + this.getDeclaringType() instanceof TemplateCompiler and + this.hasName("compile") } } @@ -203,31 +203,31 @@ private class TemplateCompilerCompileMethod extends Method { */ private class TemplateCompilerCompileTemplateMethod extends Method { TemplateCompilerCompileTemplateMethod() { - getDeclaringType() instanceof TemplateCompiler and - hasName("compileTemplate") + this.getDeclaringType() instanceof TemplateCompiler and + this.hasName("compileTemplate") } } private class MVEL extends RefType { - MVEL() { hasQualifiedName("org.mvel2", "MVEL") } + MVEL() { this.hasQualifiedName("org.mvel2", "MVEL") } } private class ExpressionCompiler extends RefType { - ExpressionCompiler() { hasQualifiedName("org.mvel2.compiler", "ExpressionCompiler") } + ExpressionCompiler() { this.hasQualifiedName("org.mvel2.compiler", "ExpressionCompiler") } } private class CompiledAccExpression extends RefType { - CompiledAccExpression() { hasQualifiedName("org.mvel2.compiler", "CompiledAccExpression") } + CompiledAccExpression() { this.hasQualifiedName("org.mvel2.compiler", "CompiledAccExpression") } } private class MvelScriptEngine extends RefType { - MvelScriptEngine() { hasQualifiedName("org.mvel2.jsr223", "MvelScriptEngine") } + MvelScriptEngine() { this.hasQualifiedName("org.mvel2.jsr223", "MvelScriptEngine") } } private class MvelCompiledScript extends RefType { - MvelCompiledScript() { hasQualifiedName("org.mvel2.jsr223", "MvelCompiledScript") } + MvelCompiledScript() { this.hasQualifiedName("org.mvel2.jsr223", "MvelCompiledScript") } } private class TemplateCompiler extends RefType { - TemplateCompiler() { hasQualifiedName("org.mvel2.templates", "TemplateCompiler") } + TemplateCompiler() { this.hasQualifiedName("org.mvel2.templates", "TemplateCompiler") } } diff --git a/java/ql/lib/semmle/code/java/security/RequestForgery.qll b/java/ql/lib/semmle/code/java/security/RequestForgery.qll index b23d0a855c0..268bd364b15 100644 --- a/java/ql/lib/semmle/code/java/security/RequestForgery.qll +++ b/java/ql/lib/semmle/code/java/security/RequestForgery.qll @@ -138,7 +138,7 @@ private class StringBuilderVarExt extends StringBuilderVar { private StringBuilderAppend getNextAppendIncludingAssignmentChains( StringBuilderConstructorOrAppend prev ) { - result = getNextAssignmentChainedAppend(prev) + result = this.getNextAssignmentChainedAppend(prev) or prev = this.getAnAssignedValue() and result = this.getAFirstAppendAfterAssignment() diff --git a/java/ql/lib/semmle/code/java/security/SpelInjectionQuery.qll b/java/ql/lib/semmle/code/java/security/SpelInjectionQuery.qll index ffccce1fbfa..0d9cdc853bb 100644 --- a/java/ql/lib/semmle/code/java/security/SpelInjectionQuery.qll +++ b/java/ql/lib/semmle/code/java/security/SpelInjectionQuery.qll @@ -58,8 +58,8 @@ private class SafeEvaluationContextFlowConfig extends DataFlow2::Configuration { */ private class SafeContextSource extends DataFlow::ExprNode { SafeContextSource() { - isSimpleEvaluationContextConstructorCall(getExpr()) or - isSimpleEvaluationContextBuilderCall(getExpr()) + isSimpleEvaluationContextConstructorCall(this.getExpr()) or + isSimpleEvaluationContextBuilderCall(this.getExpr()) } } diff --git a/java/ql/lib/semmle/code/java/security/UnsafeDeserializationQuery.qll b/java/ql/lib/semmle/code/java/security/UnsafeDeserializationQuery.qll index 41c15a83823..4152cb907ad 100644 --- a/java/ql/lib/semmle/code/java/security/UnsafeDeserializationQuery.qll +++ b/java/ql/lib/semmle/code/java/security/UnsafeDeserializationQuery.qll @@ -67,10 +67,10 @@ private class SafeKryo extends DataFlow2::Configuration { } override predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) { - stepKryoPoolBuilderFactoryArgToConstructor(node1, node2) or - stepKryoPoolRunMethodAccessQualifierToFunctionalArgument(node1, node2) or - stepKryoPoolBuilderChainMethod(node1, node2) or - stepKryoPoolBorrowMethod(node1, node2) + this.stepKryoPoolBuilderFactoryArgToConstructor(node1, node2) or + this.stepKryoPoolRunMethodAccessQualifierToFunctionalArgument(node1, node2) or + this.stepKryoPoolBuilderChainMethod(node1, node2) or + this.stepKryoPoolBorrowMethod(node1, node2) } /** diff --git a/java/ql/lib/semmle/code/java/security/XSS.qll b/java/ql/lib/semmle/code/java/security/XSS.qll index 941b3c6c7fe..c2144c18921 100644 --- a/java/ql/lib/semmle/code/java/security/XSS.qll +++ b/java/ql/lib/semmle/code/java/security/XSS.qll @@ -79,7 +79,7 @@ private class XssVulnerableWriterSourceToWritingMethodFlowConfig extends TaintTr /** A method that can be used to output data to an output stream or writer. */ private class WritingMethod extends Method { WritingMethod() { - getDeclaringType().getASupertype*().hasQualifiedName("java.io", _) and + this.getDeclaringType().getASupertype*().hasQualifiedName("java.io", _) and ( this.getName().matches("print%") or this.getName() = "append" or diff --git a/java/ql/lib/semmle/code/xml/AndroidManifest.qll b/java/ql/lib/semmle/code/xml/AndroidManifest.qll index ae40b800ef9..234aacca967 100644 --- a/java/ql/lib/semmle/code/xml/AndroidManifest.qll +++ b/java/ql/lib/semmle/code/xml/AndroidManifest.qll @@ -36,7 +36,7 @@ class AndroidManifestXmlElement extends XMLElement { /** * Gets the value of the `package` attribute of this `` element. */ - string getPackageAttributeValue() { result = getAttributeValue("package") } + string getPackageAttributeValue() { result = this.getAttributeValue("package") } } /** @@ -141,7 +141,7 @@ class AndroidComponentXmlElement extends XMLElement { */ string getComponentName() { exists(XMLAttribute attr | - attr = getAnAttribute() and + attr = this.getAnAttribute() and attr.getNamespace().getPrefix() = "android" and attr.getName() = "name" | @@ -153,12 +153,15 @@ class AndroidComponentXmlElement extends XMLElement { * Gets the resolved value of the `android:name` attribute of this component element. */ string getResolvedComponentName() { - if getComponentName().matches(".%") + if this.getComponentName().matches(".%") then result = - getParent().(XMLElement).getParent().(AndroidManifestXmlElement).getPackageAttributeValue() + - getComponentName() - else result = getComponentName() + this.getParent() + .(XMLElement) + .getParent() + .(AndroidManifestXmlElement) + .getPackageAttributeValue() + this.getComponentName() + else result = this.getComponentName() } /** @@ -166,7 +169,7 @@ class AndroidComponentXmlElement extends XMLElement { */ string getExportedAttributeValue() { exists(XMLAttribute attr | - attr = getAnAttribute() and + attr = this.getAnAttribute() and attr.getNamespace().getPrefix() = "android" and attr.getName() = "exported" | @@ -177,12 +180,12 @@ class AndroidComponentXmlElement extends XMLElement { /** * Holds if the `android:exported` attribute of this component element is `true`. */ - predicate isExported() { getExportedAttributeValue() = "true" } + predicate isExported() { this.getExportedAttributeValue() = "true" } /** * Holds if the `android:exported` attribute of this component element is explicitly set to `false`. */ - predicate isNotExported() { getExportedAttributeValue() = "false" } + predicate isNotExported() { this.getExportedAttributeValue() = "false" } } /** @@ -212,7 +215,7 @@ class AndroidActionXmlElement extends XMLElement { */ string getActionName() { exists(XMLAttribute attr | - attr = getAnAttribute() and + attr = this.getAnAttribute() and attr.getNamespace().getPrefix() = "android" and attr.getName() = "name" | diff --git a/java/ql/lib/semmle/code/xml/MavenPom.qll b/java/ql/lib/semmle/code/xml/MavenPom.qll index 921f9be0bff..6303de34348 100644 --- a/java/ql/lib/semmle/code/xml/MavenPom.qll +++ b/java/ql/lib/semmle/code/xml/MavenPom.qll @@ -32,7 +32,9 @@ class ProtoPom extends XMLElement { * tag was provided. */ string getVersionString() { - if exists(getVersion().getValue()) then result = getVersion().getValue() else result = "" + if exists(this.getVersion().getValue()) + then result = this.getVersion().getValue() + else result = "" } /** Gets a Maven coordinate of the form `groupId:artifactId`. */ @@ -78,25 +80,25 @@ class Pom extends ProtoPom { Dependencies getDependencies() { result = this.getAChild() } /** Gets a child XML element named "dependencyManagement". */ - DependencyManagement getDependencyManagement() { result = getAChild() } + DependencyManagement getDependencyManagement() { result = this.getAChild() } /** Gets a Dependency element for this POM. */ - Dependency getADependency() { result = getAChild().(Dependencies).getADependency() } + Dependency getADependency() { result = this.getAChild().(Dependencies).getADependency() } /** * Gets a property defined in the `` section of this POM. */ - PomProperty getALocalProperty() { result = getAChild().(PomProperties).getAProperty() } + PomProperty getALocalProperty() { result = this.getAChild().(PomProperties).getAProperty() } /** * Gets a property value defined for this project, either in a local `` section, or * in the `` section of an ancestor POM. */ PomProperty getAProperty() { - result = getALocalProperty() + result = this.getALocalProperty() or - result = getParentPom().getAProperty() and - not getALocalProperty().getName() = result.getName() + result = this.getParentPom().getAProperty() and + not this.getALocalProperty().getName() = result.getName() } /** @@ -105,7 +107,7 @@ class Pom extends ProtoPom { */ PomProperty getProperty(string name) { result.getName() = name and - result = getAProperty() + result = this.getAProperty() } /** @@ -114,11 +116,11 @@ class Pom extends ProtoPom { PomElement getProjectProperty() { ( // It must either be a child of the POM, or a child of the parent node of the POM - result = getAChild() + result = this.getAChild() or - result = getParentPom().getAChild() and + result = this.getParentPom().getAChild() and // The parent project property is not shadowed by a local project property - not exists(PomElement p | p = getAChild() and p.getName() = result.getName()) + not exists(PomElement p | p = this.getAChild() and p.getName() = result.getName()) ) and // Can't be a property if it has children of its own not exists(result.getAChild()) @@ -132,13 +134,13 @@ class Pom extends ProtoPom { if name.matches("project.%") then exists(PomElement p | - p = getProjectProperty() and + p = this.getProjectProperty() and "project." + p.getName() = name and result = p.getValue() ) else exists(PomProperty prop | - prop = getAProperty() and prop.getName() = name and result = prop.getValue() + prop = this.getAProperty() and prop.getName() = name and result = prop.getValue() ) } @@ -147,24 +149,24 @@ class Pom extends ProtoPom { * is transitively available, i.e. one with scope "compile". */ Dependency getAnExportedDependency() { - result = getADependency() and result.getScope() = "compile" + result = this.getADependency() and result.getScope() = "compile" } /** * Gets a POM dependency that is exported by this POM. An exported dependency is one that * is transitively available, i.e. one with scope "compile". */ - Pom getAnExportedPom() { result = getAnExportedDependency().getPom() } + Pom getAnExportedPom() { result = this.getAnExportedDependency().getPom() } /** * Gets the `` element of this POM, if any. */ - Parent getParentElement() { result = getAChild() } + Parent getParentElement() { result = this.getAChild() } /** * Gets the POM referred to by the `` element of this POM, if any. */ - Pom getParentPom() { result = getParentElement().getPom() } + Pom getParentPom() { result = this.getParentElement().getPom() } /** * Gets the version specified for dependency `dep` in a `dependencyManagement` @@ -172,11 +174,11 @@ class Pom extends ProtoPom { * is specified. */ string getVersionStringForDependency(Dependency dep) { - if exists(getDependencyManagement().getDependency(dep)) - then result = getDependencyManagement().getDependency(dep).getVersionString() + if exists(this.getDependencyManagement().getDependency(dep)) + then result = this.getDependencyManagement().getDependency(dep).getVersionString() else - if exists(getParentPom()) - then result = getParentPom().getVersionStringForDependency(dep) + if exists(this.getParentPom()) + then result = this.getParentPom().getVersionStringForDependency(dep) else result = "" } @@ -189,24 +191,24 @@ class Pom extends ProtoPom { */ Folder getSourceDirectory() { exists(string relativePath | - if exists(getProperty("sourceDirectory")) + if exists(this.getProperty("sourceDirectory")) then // A custom source directory has been specified. - relativePath = getProperty("sourceDirectory").getValue() + relativePath = this.getProperty("sourceDirectory").getValue() else // The Maven default source directory. relativePath = "src" | // Resolve the relative path against the base directory for this POM result.getAbsolutePath() = - normalize(getFile().getParentContainer().getAbsolutePath() + "/" + relativePath) + normalize(this.getFile().getParentContainer().getAbsolutePath() + "/" + relativePath) ) } /** * Gets a `RefType` contained in the source directory. */ - RefType getASourceRefType() { result.getFile().getParentContainer*() = getSourceDirectory() } + RefType getASourceRefType() { result.getFile().getParentContainer*() = this.getSourceDirectory() } } /** @@ -235,13 +237,13 @@ class Dependency extends ProtoPom { * be the string contents of that tag, otherwise it defaults to "compile". */ string getScope() { - if exists(getAChild().(Scope)) - then exists(Scope s | s = getAChild() and result = s.getValue()) + if exists(this.getAChild().(Scope)) + then exists(Scope s | s = this.getAChild() and result = s.getValue()) else result = "compile" } override string getVersionString() { - if exists(getVersion()) + if exists(this.getVersion()) then result = super.getVersionString() else if exists(Pom p | this = p.getADependency()) @@ -263,11 +265,11 @@ class PomDependency extends Dependency { source.getADependency() = this and // Consider dependencies that can be used at compile time. ( - getScope() = "compile" + this.getScope() = "compile" or // Provided dependencies are like compile time dependencies except (a) they are not packaged // when creating the jar and (b) they are not transitive. - getScope() = "provided" + this.getScope() = "provided" // We ignore "test" dependencies because they can be runtime or compile time dependencies ) ) @@ -284,11 +286,11 @@ class PomElement extends XMLElement { */ string getValue() { exists(string s | - s = allCharactersString() and + s = this.allCharactersString() and if s.matches("${%") then // Resolve the placeholder in the parent POM - result = getParent*().(Pom).resolvePlaceholder(s.substring(2, s.length() - 1)) + result = this.getParent*().(Pom).resolvePlaceholder(s.substring(2, s.length() - 1)) else result = s ) } @@ -335,18 +337,18 @@ class Dependencies extends PomElement { /** An XML element named "dependencyManagement", as found in Maven POM XML files. */ class DependencyManagement extends PomElement { - DependencyManagement() { getName() = "dependencyManagement" } + DependencyManagement() { this.getName() = "dependencyManagement" } - Dependencies getDependencies() { result = getAChild() } + Dependencies getDependencies() { result = this.getAChild() } - Dependency getADependency() { result = getDependencies().getADependency() } + Dependency getADependency() { result = this.getDependencies().getADependency() } /** * Gets a dependency declared in this `dependencyManagement` element that has * the same (short) coordinates as `dep`. */ Dependency getDependency(Dependency dep) { - result = getADependency() and + result = this.getADependency() and result.getShortCoordinate() = dep.getShortCoordinate() } } @@ -365,7 +367,7 @@ class PomProperties extends PomElement { * Represents a single property. */ class PomProperty extends PomElement { - PomProperty() { getParent() instanceof PomProperties } + PomProperty() { this.getParent() instanceof PomProperties } } /** @@ -378,7 +380,7 @@ class DeclaredRepository extends PomElement { * Gets the url for this repository. If the `url` tag is present, this will * be the string contents of that tag. */ - string getUrl() { result = getAChild("url").(PomElement).getValue() } + string getUrl() { result = this.getAChild("url").(PomElement).getValue() } } /** @@ -386,12 +388,16 @@ class DeclaredRepository extends PomElement { * "repository" with a parent name ".m2" is considered to be a Maven repository. */ class MavenRepo extends Folder { - MavenRepo() { getBaseName() = "repository" and getParentContainer().getBaseName() = ".m2" } + MavenRepo() { + this.getBaseName() = "repository" and this.getParentContainer().getBaseName() = ".m2" + } /** * Gets a Jar file contained within this repository. */ - File getAJarFile() { result = getAChildContainer*().(File) and result.getExtension() = "jar" } + File getAJarFile() { + result = this.getAChildContainer*().(File) and result.getExtension() = "jar" + } /** * Gets any jar artifacts in this repository that match the POM project definition. This is an @@ -400,7 +406,7 @@ class MavenRepo extends Folder { * For all other qualifiers, all matches are returned regardless of version. */ MavenRepoJar getAnArtifact(ProtoPom pom) { - result = getAJarFile() and + result = this.getAJarFile() and if exists(MavenRepoJar mrj | mrj.preciseMatch(pom)) or versionHardMatch(pom) then // Either a hard match qualifier, or soft and there is at least one precise match @@ -432,7 +438,7 @@ class MavenRepoJar extends File { // Assuming the standard layout, the first part of the directory structure from the Maven // repository will be the groupId converted to a path by replacing "." with "/". result = - getParentContainer() + this.getParentContainer() .getParentContainer() .getParentContainer() .getAbsolutePath() @@ -444,44 +450,44 @@ class MavenRepoJar extends File { /** * DEPRECATED: name changed to `getGroupId` for consistent use of camel-case. */ - deprecated string getGroupID() { result = getGroupId() } + deprecated string getGroupID() { result = this.getGroupId() } /** * Gets the `artifactId` of this jar. */ - string getArtifactId() { result = getParentContainer().getParentContainer().getBaseName() } + string getArtifactId() { result = this.getParentContainer().getParentContainer().getBaseName() } /** * DEPRECATED: name changed to `getArtifactId` for consistent casing and consistent spelling with Maven. */ - deprecated string getArtefactID() { result = getArtifactId() } + deprecated string getArtefactID() { result = this.getArtifactId() } /** * Gets the artifact version string of this jar. */ - string getVersion() { result = getParentContainer().getBaseName() } + string getVersion() { result = this.getParentContainer().getBaseName() } /** * Holds if this jar is an artifact for the given POM or dependency, regardless of which version it is. */ predicate artifactMatches(ProtoPom pom) { - pom.getGroup().getValue() = getGroupId() and - pom.getArtifact().getValue() = getArtifactId() + pom.getGroup().getValue() = this.getGroupId() and + pom.getArtifact().getValue() = this.getArtifactId() } /** * DEPRECATED: name changed to `artifactMatches` for consistent spelling with Maven. */ - deprecated predicate artefactMatches(ProtoPom pom) { artifactMatches(pom) } + deprecated predicate artefactMatches(ProtoPom pom) { this.artifactMatches(pom) } /** * Holds if this jar is both an artifact for the POM, and has a version string that matches the POM * version string. Only soft and hard version matches are supported. */ predicate preciseMatch(ProtoPom pom) { - artifactMatches(pom) and + this.artifactMatches(pom) and if versionHardMatch(pom) - then ("[" + getVersion() + "]").matches(pom.getVersionString() + "%") - else getVersion().matches(pom.getVersionString() + "%") + then ("[" + this.getVersion() + "]").matches(pom.getVersionString() + "%") + else this.getVersion().matches(pom.getVersionString() + "%") } } diff --git a/java/ql/lib/semmle/code/xml/WebXML.qll b/java/ql/lib/semmle/code/xml/WebXML.qll index 306f908afd5..c7dec5fd600 100644 --- a/java/ql/lib/semmle/code/xml/WebXML.qll +++ b/java/ql/lib/semmle/code/xml/WebXML.qll @@ -37,7 +37,7 @@ class WebXMLElement extends XMLElement { /** * Gets the value for this element, with leading and trailing whitespace trimmed. */ - string getValue() { result = allCharactersString().trim() } + string getValue() { result = this.allCharactersString().trim() } } /** @@ -49,33 +49,33 @@ class WebContextParameter extends WebXMLElement { /** * Gets the `` element of this ``. */ - WebContextParamName getParamName() { result = getAChild() } + WebContextParamName getParamName() { result = this.getAChild() } /** * Gets the `` element of this ``. */ - WebContextParamValue getParamValue() { result = getAChild() } + WebContextParamValue getParamValue() { result = this.getAChild() } } /** * A `` element in a `web.xml` file. */ class WebContextParamName extends WebXMLElement { - WebContextParamName() { getName() = "param-name" } + WebContextParamName() { this.getName() = "param-name" } } /** * A `` element in a `web.xml` file. */ class WebContextParamValue extends WebXMLElement { - WebContextParamValue() { getName() = "param-value" } + WebContextParamValue() { this.getName() = "param-value" } } /** * A `` element in a `web.xml` file. */ class WebFilter extends WebXMLElement { - WebFilter() { getName() = "filter" } + WebFilter() { this.getName() = "filter" } } /** @@ -83,18 +83,18 @@ class WebFilter extends WebXMLElement { */ class WebFilterClass extends WebXMLElement { WebFilterClass() { - getName() = "filter-class" and - getParent() instanceof WebFilter + this.getName() = "filter-class" and + this.getParent() instanceof WebFilter } - Class getClass() { result.getQualifiedName() = getValue() } + Class getClass() { result.getQualifiedName() = this.getValue() } } /** * A `` element in a `web.xml` file. */ class WebServlet extends WebXMLElement { - WebServlet() { getName() = "servlet" } + WebServlet() { this.getName() = "servlet" } } /** @@ -102,18 +102,18 @@ class WebServlet extends WebXMLElement { */ class WebServletClass extends WebXMLElement { WebServletClass() { - getName() = "servlet-class" and - getParent() instanceof WebServlet + this.getName() = "servlet-class" and + this.getParent() instanceof WebServlet } - Class getClass() { result.getQualifiedName() = getValue() } + Class getClass() { result.getQualifiedName() = this.getValue() } } /** * A `` element in a `web.xml` file. */ class WebListener extends WebXMLElement { - WebListener() { getName() = "listener" } + WebListener() { this.getName() = "listener" } } /** @@ -121,14 +121,14 @@ class WebListener extends WebXMLElement { */ class WebListenerClass extends WebXMLElement { WebListenerClass() { - getName() = "listener-class" and - getParent() instanceof WebListener + this.getName() = "listener-class" and + this.getParent() instanceof WebListener } /** * Gets the `Class` instance associated with this element. */ - Class getClass() { result.getQualifiedName() = getValue() } + Class getClass() { result.getQualifiedName() = this.getValue() } } /** @@ -140,12 +140,12 @@ class WebErrorPage extends WebXMLElement { /** * Gets the `` element of this ``. */ - WebErrorPageType getPageType() { result = getAChild() } + WebErrorPageType getPageType() { result = this.getAChild() } /** * Gets the `` element of this ``. */ - WebErrorPageLocation getPageLocation() { result = getAChild() } + WebErrorPageLocation getPageLocation() { result = this.getAChild() } } /** @@ -153,8 +153,8 @@ class WebErrorPage extends WebXMLElement { */ class WebErrorPageType extends WebXMLElement { WebErrorPageType() { - getName() = "exception-type" and - getParent() instanceof WebErrorPage + this.getName() = "exception-type" and + this.getParent() instanceof WebErrorPage } } @@ -163,7 +163,7 @@ class WebErrorPageType extends WebXMLElement { */ class WebErrorPageLocation extends WebXMLElement { WebErrorPageLocation() { - getName() = "location" and - getParent() instanceof WebErrorPage + this.getName() = "location" and + this.getParent() instanceof WebErrorPage } } diff --git a/java/ql/src/experimental/Security/CWE/CWE-016/InsecureSpringActuatorConfig.ql b/java/ql/src/experimental/Security/CWE/CWE-016/InsecureSpringActuatorConfig.ql index 52c4c9417e2..698dae57b96 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-016/InsecureSpringActuatorConfig.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-016/InsecureSpringActuatorConfig.ql @@ -58,10 +58,10 @@ class ManagementSecurityConfig extends ApplicationProperties { string getValue() { result = this.getValueElement().getValue().trim() } /** Holds if `management.security.enabled` is set to `false`. */ - predicate hasSecurityDisabled() { getValue() = "false" } + predicate hasSecurityDisabled() { this.getValue() = "false" } /** Holds if `management.security.enabled` is set to `true`. */ - predicate hasSecurityEnabled() { getValue() = "true" } + predicate hasSecurityEnabled() { this.getValue() = "true" } } /** The configuration property `management.endpoints.web.exposure.include`. */ diff --git a/java/ql/src/external/Clover.qll b/java/ql/src/external/Clover.qll index d17acfd8408..1b6fd9fe5c0 100644 --- a/java/ql/src/external/Clover.qll +++ b/java/ql/src/external/Clover.qll @@ -152,7 +152,7 @@ class CloverClass extends CloverMetricsContainer { /** Gets the Java type for this Clover class. */ RefType getRealClass() { result - .hasQualifiedName(getPackage().getAttribute("name").getValue(), + .hasQualifiedName(this.getPackage().getAttribute("name").getValue(), getAttribute("name").getValue()) } } From df9836cce092094d5cdae6243a58aef3c9605dab Mon Sep 17 00:00:00 2001 From: Anders Schack-Mulligen Date: Mon, 18 Oct 2021 14:04:16 +0200 Subject: [PATCH 2/3] Work around compiler bug. --- java/ql/lib/semmle/code/java/security/CommandArguments.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/ql/lib/semmle/code/java/security/CommandArguments.qll b/java/ql/lib/semmle/code/java/security/CommandArguments.qll index d8ec58e623e..8be5536f25c 100644 --- a/java/ql/lib/semmle/code/java/security/CommandArguments.qll +++ b/java/ql/lib/semmle/code/java/security/CommandArguments.qll @@ -155,7 +155,7 @@ private class CommandArgArrayImmutableFirst extends CommandArgumentArray { Expr getFirstElement() { result = this.getAWrite(0) or - not exists(this.getAWrite(0)) and + not exists(getAWrite(0)) and result = firstElementOf(this.getDefiningExpr()) } From 91ea064980b077582cb7cca194e4a84a38a197f3 Mon Sep 17 00:00:00 2001 From: Anders Schack-Mulligen Date: Mon, 18 Oct 2021 14:04:50 +0200 Subject: [PATCH 3/3] Sync --- .../code/cpp/dataflow/internal/DataFlowImpl.qll | 16 +++++++++------- .../code/cpp/dataflow/internal/DataFlowImpl2.qll | 16 +++++++++------- .../code/cpp/dataflow/internal/DataFlowImpl3.qll | 16 +++++++++------- .../code/cpp/dataflow/internal/DataFlowImpl4.qll | 16 +++++++++------- .../cpp/dataflow/internal/DataFlowImplLocal.qll | 16 +++++++++------- .../cpp/ir/dataflow/internal/DataFlowImpl.qll | 16 +++++++++------- .../cpp/ir/dataflow/internal/DataFlowImpl2.qll | 16 +++++++++------- .../cpp/ir/dataflow/internal/DataFlowImpl3.qll | 16 +++++++++------- .../cpp/ir/dataflow/internal/DataFlowImpl4.qll | 16 +++++++++------- .../csharp/dataflow/internal/DataFlowImpl.qll | 16 +++++++++------- .../csharp/dataflow/internal/DataFlowImpl2.qll | 16 +++++++++------- .../csharp/dataflow/internal/DataFlowImpl3.qll | 16 +++++++++------- .../csharp/dataflow/internal/DataFlowImpl4.qll | 16 +++++++++------- .../csharp/dataflow/internal/DataFlowImpl5.qll | 16 +++++++++------- .../dataflow/new/internal/DataFlowImpl.qll | 16 +++++++++------- .../dataflow/new/internal/DataFlowImpl2.qll | 16 +++++++++------- .../dataflow/new/internal/DataFlowImpl3.qll | 16 +++++++++------- .../dataflow/new/internal/DataFlowImpl4.qll | 16 +++++++++------- 18 files changed, 162 insertions(+), 126 deletions(-) diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll index 4ca06c93362..c3b2fc44f14 100644 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll @@ -110,12 +110,12 @@ abstract class Configuration extends string { /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowTo(Node sink) { hasFlow(_, sink) } + predicate hasFlowTo(Node sink) { this.hasFlow(_, sink) } /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowToExpr(DataFlowExpr sink) { hasFlowTo(exprNode(sink)) } + predicate hasFlowToExpr(DataFlowExpr sink) { this.hasFlowTo(exprNode(sink)) } /** * Gets the exploration limit for `hasPartialFlow` and `hasPartialFlowRev` @@ -3170,7 +3170,7 @@ private class AccessPathCons extends AccessPath, TAccessPathCons { } override string toString() { - result = "[" + this.toStringImpl(true) + length().toString() + ")]" + result = "[" + this.toStringImpl(true) + this.length().toString() + ")]" or result = "[" + this.toStringImpl(false) } @@ -3309,9 +3309,11 @@ abstract private class PathNodeImpl extends PathNode { result = " <" + this.(PathNodeMid).getCallContext().toString() + ">" } - override string toString() { result = this.getNodeEx().toString() + ppAp() } + override string toString() { result = this.getNodeEx().toString() + this.ppAp() } - override string toStringWithContext() { result = this.getNodeEx().toString() + ppAp() + ppCtx() } + override string toStringWithContext() { + result = this.getNodeEx().toString() + this.ppAp() + this.ppCtx() + } override predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn @@ -3379,11 +3381,11 @@ private class PathNodeMid extends PathNodeImpl, TPathNodeMid { override PathNodeImpl getASuccessorImpl() { // an intermediate step to another intermediate node - result = getSuccMid() + result = this.getSuccMid() or // a final step to a sink via zero steps means we merge the last two steps to prevent trivial-looking edges exists(PathNodeMid mid, PathNodeSink sink | - mid = getSuccMid() and + mid = this.getSuccMid() and mid.getNodeEx() = sink.getNodeEx() and mid.getAp() instanceof AccessPathNil and sink.getConfiguration() = unbindConf(mid.getConfiguration()) and diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl2.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl2.qll index 4ca06c93362..c3b2fc44f14 100644 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl2.qll +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl2.qll @@ -110,12 +110,12 @@ abstract class Configuration extends string { /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowTo(Node sink) { hasFlow(_, sink) } + predicate hasFlowTo(Node sink) { this.hasFlow(_, sink) } /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowToExpr(DataFlowExpr sink) { hasFlowTo(exprNode(sink)) } + predicate hasFlowToExpr(DataFlowExpr sink) { this.hasFlowTo(exprNode(sink)) } /** * Gets the exploration limit for `hasPartialFlow` and `hasPartialFlowRev` @@ -3170,7 +3170,7 @@ private class AccessPathCons extends AccessPath, TAccessPathCons { } override string toString() { - result = "[" + this.toStringImpl(true) + length().toString() + ")]" + result = "[" + this.toStringImpl(true) + this.length().toString() + ")]" or result = "[" + this.toStringImpl(false) } @@ -3309,9 +3309,11 @@ abstract private class PathNodeImpl extends PathNode { result = " <" + this.(PathNodeMid).getCallContext().toString() + ">" } - override string toString() { result = this.getNodeEx().toString() + ppAp() } + override string toString() { result = this.getNodeEx().toString() + this.ppAp() } - override string toStringWithContext() { result = this.getNodeEx().toString() + ppAp() + ppCtx() } + override string toStringWithContext() { + result = this.getNodeEx().toString() + this.ppAp() + this.ppCtx() + } override predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn @@ -3379,11 +3381,11 @@ private class PathNodeMid extends PathNodeImpl, TPathNodeMid { override PathNodeImpl getASuccessorImpl() { // an intermediate step to another intermediate node - result = getSuccMid() + result = this.getSuccMid() or // a final step to a sink via zero steps means we merge the last two steps to prevent trivial-looking edges exists(PathNodeMid mid, PathNodeSink sink | - mid = getSuccMid() and + mid = this.getSuccMid() and mid.getNodeEx() = sink.getNodeEx() and mid.getAp() instanceof AccessPathNil and sink.getConfiguration() = unbindConf(mid.getConfiguration()) and diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl3.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl3.qll index 4ca06c93362..c3b2fc44f14 100644 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl3.qll +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl3.qll @@ -110,12 +110,12 @@ abstract class Configuration extends string { /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowTo(Node sink) { hasFlow(_, sink) } + predicate hasFlowTo(Node sink) { this.hasFlow(_, sink) } /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowToExpr(DataFlowExpr sink) { hasFlowTo(exprNode(sink)) } + predicate hasFlowToExpr(DataFlowExpr sink) { this.hasFlowTo(exprNode(sink)) } /** * Gets the exploration limit for `hasPartialFlow` and `hasPartialFlowRev` @@ -3170,7 +3170,7 @@ private class AccessPathCons extends AccessPath, TAccessPathCons { } override string toString() { - result = "[" + this.toStringImpl(true) + length().toString() + ")]" + result = "[" + this.toStringImpl(true) + this.length().toString() + ")]" or result = "[" + this.toStringImpl(false) } @@ -3309,9 +3309,11 @@ abstract private class PathNodeImpl extends PathNode { result = " <" + this.(PathNodeMid).getCallContext().toString() + ">" } - override string toString() { result = this.getNodeEx().toString() + ppAp() } + override string toString() { result = this.getNodeEx().toString() + this.ppAp() } - override string toStringWithContext() { result = this.getNodeEx().toString() + ppAp() + ppCtx() } + override string toStringWithContext() { + result = this.getNodeEx().toString() + this.ppAp() + this.ppCtx() + } override predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn @@ -3379,11 +3381,11 @@ private class PathNodeMid extends PathNodeImpl, TPathNodeMid { override PathNodeImpl getASuccessorImpl() { // an intermediate step to another intermediate node - result = getSuccMid() + result = this.getSuccMid() or // a final step to a sink via zero steps means we merge the last two steps to prevent trivial-looking edges exists(PathNodeMid mid, PathNodeSink sink | - mid = getSuccMid() and + mid = this.getSuccMid() and mid.getNodeEx() = sink.getNodeEx() and mid.getAp() instanceof AccessPathNil and sink.getConfiguration() = unbindConf(mid.getConfiguration()) and diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl4.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl4.qll index 4ca06c93362..c3b2fc44f14 100644 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl4.qll +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl4.qll @@ -110,12 +110,12 @@ abstract class Configuration extends string { /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowTo(Node sink) { hasFlow(_, sink) } + predicate hasFlowTo(Node sink) { this.hasFlow(_, sink) } /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowToExpr(DataFlowExpr sink) { hasFlowTo(exprNode(sink)) } + predicate hasFlowToExpr(DataFlowExpr sink) { this.hasFlowTo(exprNode(sink)) } /** * Gets the exploration limit for `hasPartialFlow` and `hasPartialFlowRev` @@ -3170,7 +3170,7 @@ private class AccessPathCons extends AccessPath, TAccessPathCons { } override string toString() { - result = "[" + this.toStringImpl(true) + length().toString() + ")]" + result = "[" + this.toStringImpl(true) + this.length().toString() + ")]" or result = "[" + this.toStringImpl(false) } @@ -3309,9 +3309,11 @@ abstract private class PathNodeImpl extends PathNode { result = " <" + this.(PathNodeMid).getCallContext().toString() + ">" } - override string toString() { result = this.getNodeEx().toString() + ppAp() } + override string toString() { result = this.getNodeEx().toString() + this.ppAp() } - override string toStringWithContext() { result = this.getNodeEx().toString() + ppAp() + ppCtx() } + override string toStringWithContext() { + result = this.getNodeEx().toString() + this.ppAp() + this.ppCtx() + } override predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn @@ -3379,11 +3381,11 @@ private class PathNodeMid extends PathNodeImpl, TPathNodeMid { override PathNodeImpl getASuccessorImpl() { // an intermediate step to another intermediate node - result = getSuccMid() + result = this.getSuccMid() or // a final step to a sink via zero steps means we merge the last two steps to prevent trivial-looking edges exists(PathNodeMid mid, PathNodeSink sink | - mid = getSuccMid() and + mid = this.getSuccMid() and mid.getNodeEx() = sink.getNodeEx() and mid.getAp() instanceof AccessPathNil and sink.getConfiguration() = unbindConf(mid.getConfiguration()) and diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplLocal.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplLocal.qll index 4ca06c93362..c3b2fc44f14 100644 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplLocal.qll +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplLocal.qll @@ -110,12 +110,12 @@ abstract class Configuration extends string { /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowTo(Node sink) { hasFlow(_, sink) } + predicate hasFlowTo(Node sink) { this.hasFlow(_, sink) } /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowToExpr(DataFlowExpr sink) { hasFlowTo(exprNode(sink)) } + predicate hasFlowToExpr(DataFlowExpr sink) { this.hasFlowTo(exprNode(sink)) } /** * Gets the exploration limit for `hasPartialFlow` and `hasPartialFlowRev` @@ -3170,7 +3170,7 @@ private class AccessPathCons extends AccessPath, TAccessPathCons { } override string toString() { - result = "[" + this.toStringImpl(true) + length().toString() + ")]" + result = "[" + this.toStringImpl(true) + this.length().toString() + ")]" or result = "[" + this.toStringImpl(false) } @@ -3309,9 +3309,11 @@ abstract private class PathNodeImpl extends PathNode { result = " <" + this.(PathNodeMid).getCallContext().toString() + ">" } - override string toString() { result = this.getNodeEx().toString() + ppAp() } + override string toString() { result = this.getNodeEx().toString() + this.ppAp() } - override string toStringWithContext() { result = this.getNodeEx().toString() + ppAp() + ppCtx() } + override string toStringWithContext() { + result = this.getNodeEx().toString() + this.ppAp() + this.ppCtx() + } override predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn @@ -3379,11 +3381,11 @@ private class PathNodeMid extends PathNodeImpl, TPathNodeMid { override PathNodeImpl getASuccessorImpl() { // an intermediate step to another intermediate node - result = getSuccMid() + result = this.getSuccMid() or // a final step to a sink via zero steps means we merge the last two steps to prevent trivial-looking edges exists(PathNodeMid mid, PathNodeSink sink | - mid = getSuccMid() and + mid = this.getSuccMid() and mid.getNodeEx() = sink.getNodeEx() and mid.getAp() instanceof AccessPathNil and sink.getConfiguration() = unbindConf(mid.getConfiguration()) and diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll index 4ca06c93362..c3b2fc44f14 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll @@ -110,12 +110,12 @@ abstract class Configuration extends string { /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowTo(Node sink) { hasFlow(_, sink) } + predicate hasFlowTo(Node sink) { this.hasFlow(_, sink) } /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowToExpr(DataFlowExpr sink) { hasFlowTo(exprNode(sink)) } + predicate hasFlowToExpr(DataFlowExpr sink) { this.hasFlowTo(exprNode(sink)) } /** * Gets the exploration limit for `hasPartialFlow` and `hasPartialFlowRev` @@ -3170,7 +3170,7 @@ private class AccessPathCons extends AccessPath, TAccessPathCons { } override string toString() { - result = "[" + this.toStringImpl(true) + length().toString() + ")]" + result = "[" + this.toStringImpl(true) + this.length().toString() + ")]" or result = "[" + this.toStringImpl(false) } @@ -3309,9 +3309,11 @@ abstract private class PathNodeImpl extends PathNode { result = " <" + this.(PathNodeMid).getCallContext().toString() + ">" } - override string toString() { result = this.getNodeEx().toString() + ppAp() } + override string toString() { result = this.getNodeEx().toString() + this.ppAp() } - override string toStringWithContext() { result = this.getNodeEx().toString() + ppAp() + ppCtx() } + override string toStringWithContext() { + result = this.getNodeEx().toString() + this.ppAp() + this.ppCtx() + } override predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn @@ -3379,11 +3381,11 @@ private class PathNodeMid extends PathNodeImpl, TPathNodeMid { override PathNodeImpl getASuccessorImpl() { // an intermediate step to another intermediate node - result = getSuccMid() + result = this.getSuccMid() or // a final step to a sink via zero steps means we merge the last two steps to prevent trivial-looking edges exists(PathNodeMid mid, PathNodeSink sink | - mid = getSuccMid() and + mid = this.getSuccMid() and mid.getNodeEx() = sink.getNodeEx() and mid.getAp() instanceof AccessPathNil and sink.getConfiguration() = unbindConf(mid.getConfiguration()) and diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl2.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl2.qll index 4ca06c93362..c3b2fc44f14 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl2.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl2.qll @@ -110,12 +110,12 @@ abstract class Configuration extends string { /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowTo(Node sink) { hasFlow(_, sink) } + predicate hasFlowTo(Node sink) { this.hasFlow(_, sink) } /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowToExpr(DataFlowExpr sink) { hasFlowTo(exprNode(sink)) } + predicate hasFlowToExpr(DataFlowExpr sink) { this.hasFlowTo(exprNode(sink)) } /** * Gets the exploration limit for `hasPartialFlow` and `hasPartialFlowRev` @@ -3170,7 +3170,7 @@ private class AccessPathCons extends AccessPath, TAccessPathCons { } override string toString() { - result = "[" + this.toStringImpl(true) + length().toString() + ")]" + result = "[" + this.toStringImpl(true) + this.length().toString() + ")]" or result = "[" + this.toStringImpl(false) } @@ -3309,9 +3309,11 @@ abstract private class PathNodeImpl extends PathNode { result = " <" + this.(PathNodeMid).getCallContext().toString() + ">" } - override string toString() { result = this.getNodeEx().toString() + ppAp() } + override string toString() { result = this.getNodeEx().toString() + this.ppAp() } - override string toStringWithContext() { result = this.getNodeEx().toString() + ppAp() + ppCtx() } + override string toStringWithContext() { + result = this.getNodeEx().toString() + this.ppAp() + this.ppCtx() + } override predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn @@ -3379,11 +3381,11 @@ private class PathNodeMid extends PathNodeImpl, TPathNodeMid { override PathNodeImpl getASuccessorImpl() { // an intermediate step to another intermediate node - result = getSuccMid() + result = this.getSuccMid() or // a final step to a sink via zero steps means we merge the last two steps to prevent trivial-looking edges exists(PathNodeMid mid, PathNodeSink sink | - mid = getSuccMid() and + mid = this.getSuccMid() and mid.getNodeEx() = sink.getNodeEx() and mid.getAp() instanceof AccessPathNil and sink.getConfiguration() = unbindConf(mid.getConfiguration()) and diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl3.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl3.qll index 4ca06c93362..c3b2fc44f14 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl3.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl3.qll @@ -110,12 +110,12 @@ abstract class Configuration extends string { /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowTo(Node sink) { hasFlow(_, sink) } + predicate hasFlowTo(Node sink) { this.hasFlow(_, sink) } /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowToExpr(DataFlowExpr sink) { hasFlowTo(exprNode(sink)) } + predicate hasFlowToExpr(DataFlowExpr sink) { this.hasFlowTo(exprNode(sink)) } /** * Gets the exploration limit for `hasPartialFlow` and `hasPartialFlowRev` @@ -3170,7 +3170,7 @@ private class AccessPathCons extends AccessPath, TAccessPathCons { } override string toString() { - result = "[" + this.toStringImpl(true) + length().toString() + ")]" + result = "[" + this.toStringImpl(true) + this.length().toString() + ")]" or result = "[" + this.toStringImpl(false) } @@ -3309,9 +3309,11 @@ abstract private class PathNodeImpl extends PathNode { result = " <" + this.(PathNodeMid).getCallContext().toString() + ">" } - override string toString() { result = this.getNodeEx().toString() + ppAp() } + override string toString() { result = this.getNodeEx().toString() + this.ppAp() } - override string toStringWithContext() { result = this.getNodeEx().toString() + ppAp() + ppCtx() } + override string toStringWithContext() { + result = this.getNodeEx().toString() + this.ppAp() + this.ppCtx() + } override predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn @@ -3379,11 +3381,11 @@ private class PathNodeMid extends PathNodeImpl, TPathNodeMid { override PathNodeImpl getASuccessorImpl() { // an intermediate step to another intermediate node - result = getSuccMid() + result = this.getSuccMid() or // a final step to a sink via zero steps means we merge the last two steps to prevent trivial-looking edges exists(PathNodeMid mid, PathNodeSink sink | - mid = getSuccMid() and + mid = this.getSuccMid() and mid.getNodeEx() = sink.getNodeEx() and mid.getAp() instanceof AccessPathNil and sink.getConfiguration() = unbindConf(mid.getConfiguration()) and diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl4.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl4.qll index 4ca06c93362..c3b2fc44f14 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl4.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl4.qll @@ -110,12 +110,12 @@ abstract class Configuration extends string { /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowTo(Node sink) { hasFlow(_, sink) } + predicate hasFlowTo(Node sink) { this.hasFlow(_, sink) } /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowToExpr(DataFlowExpr sink) { hasFlowTo(exprNode(sink)) } + predicate hasFlowToExpr(DataFlowExpr sink) { this.hasFlowTo(exprNode(sink)) } /** * Gets the exploration limit for `hasPartialFlow` and `hasPartialFlowRev` @@ -3170,7 +3170,7 @@ private class AccessPathCons extends AccessPath, TAccessPathCons { } override string toString() { - result = "[" + this.toStringImpl(true) + length().toString() + ")]" + result = "[" + this.toStringImpl(true) + this.length().toString() + ")]" or result = "[" + this.toStringImpl(false) } @@ -3309,9 +3309,11 @@ abstract private class PathNodeImpl extends PathNode { result = " <" + this.(PathNodeMid).getCallContext().toString() + ">" } - override string toString() { result = this.getNodeEx().toString() + ppAp() } + override string toString() { result = this.getNodeEx().toString() + this.ppAp() } - override string toStringWithContext() { result = this.getNodeEx().toString() + ppAp() + ppCtx() } + override string toStringWithContext() { + result = this.getNodeEx().toString() + this.ppAp() + this.ppCtx() + } override predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn @@ -3379,11 +3381,11 @@ private class PathNodeMid extends PathNodeImpl, TPathNodeMid { override PathNodeImpl getASuccessorImpl() { // an intermediate step to another intermediate node - result = getSuccMid() + result = this.getSuccMid() or // a final step to a sink via zero steps means we merge the last two steps to prevent trivial-looking edges exists(PathNodeMid mid, PathNodeSink sink | - mid = getSuccMid() and + mid = this.getSuccMid() and mid.getNodeEx() = sink.getNodeEx() and mid.getAp() instanceof AccessPathNil and sink.getConfiguration() = unbindConf(mid.getConfiguration()) and diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll index 4ca06c93362..c3b2fc44f14 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll @@ -110,12 +110,12 @@ abstract class Configuration extends string { /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowTo(Node sink) { hasFlow(_, sink) } + predicate hasFlowTo(Node sink) { this.hasFlow(_, sink) } /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowToExpr(DataFlowExpr sink) { hasFlowTo(exprNode(sink)) } + predicate hasFlowToExpr(DataFlowExpr sink) { this.hasFlowTo(exprNode(sink)) } /** * Gets the exploration limit for `hasPartialFlow` and `hasPartialFlowRev` @@ -3170,7 +3170,7 @@ private class AccessPathCons extends AccessPath, TAccessPathCons { } override string toString() { - result = "[" + this.toStringImpl(true) + length().toString() + ")]" + result = "[" + this.toStringImpl(true) + this.length().toString() + ")]" or result = "[" + this.toStringImpl(false) } @@ -3309,9 +3309,11 @@ abstract private class PathNodeImpl extends PathNode { result = " <" + this.(PathNodeMid).getCallContext().toString() + ">" } - override string toString() { result = this.getNodeEx().toString() + ppAp() } + override string toString() { result = this.getNodeEx().toString() + this.ppAp() } - override string toStringWithContext() { result = this.getNodeEx().toString() + ppAp() + ppCtx() } + override string toStringWithContext() { + result = this.getNodeEx().toString() + this.ppAp() + this.ppCtx() + } override predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn @@ -3379,11 +3381,11 @@ private class PathNodeMid extends PathNodeImpl, TPathNodeMid { override PathNodeImpl getASuccessorImpl() { // an intermediate step to another intermediate node - result = getSuccMid() + result = this.getSuccMid() or // a final step to a sink via zero steps means we merge the last two steps to prevent trivial-looking edges exists(PathNodeMid mid, PathNodeSink sink | - mid = getSuccMid() and + mid = this.getSuccMid() and mid.getNodeEx() = sink.getNodeEx() and mid.getAp() instanceof AccessPathNil and sink.getConfiguration() = unbindConf(mid.getConfiguration()) and diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl2.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl2.qll index 4ca06c93362..c3b2fc44f14 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl2.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl2.qll @@ -110,12 +110,12 @@ abstract class Configuration extends string { /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowTo(Node sink) { hasFlow(_, sink) } + predicate hasFlowTo(Node sink) { this.hasFlow(_, sink) } /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowToExpr(DataFlowExpr sink) { hasFlowTo(exprNode(sink)) } + predicate hasFlowToExpr(DataFlowExpr sink) { this.hasFlowTo(exprNode(sink)) } /** * Gets the exploration limit for `hasPartialFlow` and `hasPartialFlowRev` @@ -3170,7 +3170,7 @@ private class AccessPathCons extends AccessPath, TAccessPathCons { } override string toString() { - result = "[" + this.toStringImpl(true) + length().toString() + ")]" + result = "[" + this.toStringImpl(true) + this.length().toString() + ")]" or result = "[" + this.toStringImpl(false) } @@ -3309,9 +3309,11 @@ abstract private class PathNodeImpl extends PathNode { result = " <" + this.(PathNodeMid).getCallContext().toString() + ">" } - override string toString() { result = this.getNodeEx().toString() + ppAp() } + override string toString() { result = this.getNodeEx().toString() + this.ppAp() } - override string toStringWithContext() { result = this.getNodeEx().toString() + ppAp() + ppCtx() } + override string toStringWithContext() { + result = this.getNodeEx().toString() + this.ppAp() + this.ppCtx() + } override predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn @@ -3379,11 +3381,11 @@ private class PathNodeMid extends PathNodeImpl, TPathNodeMid { override PathNodeImpl getASuccessorImpl() { // an intermediate step to another intermediate node - result = getSuccMid() + result = this.getSuccMid() or // a final step to a sink via zero steps means we merge the last two steps to prevent trivial-looking edges exists(PathNodeMid mid, PathNodeSink sink | - mid = getSuccMid() and + mid = this.getSuccMid() and mid.getNodeEx() = sink.getNodeEx() and mid.getAp() instanceof AccessPathNil and sink.getConfiguration() = unbindConf(mid.getConfiguration()) and diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl3.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl3.qll index 4ca06c93362..c3b2fc44f14 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl3.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl3.qll @@ -110,12 +110,12 @@ abstract class Configuration extends string { /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowTo(Node sink) { hasFlow(_, sink) } + predicate hasFlowTo(Node sink) { this.hasFlow(_, sink) } /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowToExpr(DataFlowExpr sink) { hasFlowTo(exprNode(sink)) } + predicate hasFlowToExpr(DataFlowExpr sink) { this.hasFlowTo(exprNode(sink)) } /** * Gets the exploration limit for `hasPartialFlow` and `hasPartialFlowRev` @@ -3170,7 +3170,7 @@ private class AccessPathCons extends AccessPath, TAccessPathCons { } override string toString() { - result = "[" + this.toStringImpl(true) + length().toString() + ")]" + result = "[" + this.toStringImpl(true) + this.length().toString() + ")]" or result = "[" + this.toStringImpl(false) } @@ -3309,9 +3309,11 @@ abstract private class PathNodeImpl extends PathNode { result = " <" + this.(PathNodeMid).getCallContext().toString() + ">" } - override string toString() { result = this.getNodeEx().toString() + ppAp() } + override string toString() { result = this.getNodeEx().toString() + this.ppAp() } - override string toStringWithContext() { result = this.getNodeEx().toString() + ppAp() + ppCtx() } + override string toStringWithContext() { + result = this.getNodeEx().toString() + this.ppAp() + this.ppCtx() + } override predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn @@ -3379,11 +3381,11 @@ private class PathNodeMid extends PathNodeImpl, TPathNodeMid { override PathNodeImpl getASuccessorImpl() { // an intermediate step to another intermediate node - result = getSuccMid() + result = this.getSuccMid() or // a final step to a sink via zero steps means we merge the last two steps to prevent trivial-looking edges exists(PathNodeMid mid, PathNodeSink sink | - mid = getSuccMid() and + mid = this.getSuccMid() and mid.getNodeEx() = sink.getNodeEx() and mid.getAp() instanceof AccessPathNil and sink.getConfiguration() = unbindConf(mid.getConfiguration()) and diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl4.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl4.qll index 4ca06c93362..c3b2fc44f14 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl4.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl4.qll @@ -110,12 +110,12 @@ abstract class Configuration extends string { /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowTo(Node sink) { hasFlow(_, sink) } + predicate hasFlowTo(Node sink) { this.hasFlow(_, sink) } /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowToExpr(DataFlowExpr sink) { hasFlowTo(exprNode(sink)) } + predicate hasFlowToExpr(DataFlowExpr sink) { this.hasFlowTo(exprNode(sink)) } /** * Gets the exploration limit for `hasPartialFlow` and `hasPartialFlowRev` @@ -3170,7 +3170,7 @@ private class AccessPathCons extends AccessPath, TAccessPathCons { } override string toString() { - result = "[" + this.toStringImpl(true) + length().toString() + ")]" + result = "[" + this.toStringImpl(true) + this.length().toString() + ")]" or result = "[" + this.toStringImpl(false) } @@ -3309,9 +3309,11 @@ abstract private class PathNodeImpl extends PathNode { result = " <" + this.(PathNodeMid).getCallContext().toString() + ">" } - override string toString() { result = this.getNodeEx().toString() + ppAp() } + override string toString() { result = this.getNodeEx().toString() + this.ppAp() } - override string toStringWithContext() { result = this.getNodeEx().toString() + ppAp() + ppCtx() } + override string toStringWithContext() { + result = this.getNodeEx().toString() + this.ppAp() + this.ppCtx() + } override predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn @@ -3379,11 +3381,11 @@ private class PathNodeMid extends PathNodeImpl, TPathNodeMid { override PathNodeImpl getASuccessorImpl() { // an intermediate step to another intermediate node - result = getSuccMid() + result = this.getSuccMid() or // a final step to a sink via zero steps means we merge the last two steps to prevent trivial-looking edges exists(PathNodeMid mid, PathNodeSink sink | - mid = getSuccMid() and + mid = this.getSuccMid() and mid.getNodeEx() = sink.getNodeEx() and mid.getAp() instanceof AccessPathNil and sink.getConfiguration() = unbindConf(mid.getConfiguration()) and diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl5.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl5.qll index 4ca06c93362..c3b2fc44f14 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl5.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl5.qll @@ -110,12 +110,12 @@ abstract class Configuration extends string { /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowTo(Node sink) { hasFlow(_, sink) } + predicate hasFlowTo(Node sink) { this.hasFlow(_, sink) } /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowToExpr(DataFlowExpr sink) { hasFlowTo(exprNode(sink)) } + predicate hasFlowToExpr(DataFlowExpr sink) { this.hasFlowTo(exprNode(sink)) } /** * Gets the exploration limit for `hasPartialFlow` and `hasPartialFlowRev` @@ -3170,7 +3170,7 @@ private class AccessPathCons extends AccessPath, TAccessPathCons { } override string toString() { - result = "[" + this.toStringImpl(true) + length().toString() + ")]" + result = "[" + this.toStringImpl(true) + this.length().toString() + ")]" or result = "[" + this.toStringImpl(false) } @@ -3309,9 +3309,11 @@ abstract private class PathNodeImpl extends PathNode { result = " <" + this.(PathNodeMid).getCallContext().toString() + ">" } - override string toString() { result = this.getNodeEx().toString() + ppAp() } + override string toString() { result = this.getNodeEx().toString() + this.ppAp() } - override string toStringWithContext() { result = this.getNodeEx().toString() + ppAp() + ppCtx() } + override string toStringWithContext() { + result = this.getNodeEx().toString() + this.ppAp() + this.ppCtx() + } override predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn @@ -3379,11 +3381,11 @@ private class PathNodeMid extends PathNodeImpl, TPathNodeMid { override PathNodeImpl getASuccessorImpl() { // an intermediate step to another intermediate node - result = getSuccMid() + result = this.getSuccMid() or // a final step to a sink via zero steps means we merge the last two steps to prevent trivial-looking edges exists(PathNodeMid mid, PathNodeSink sink | - mid = getSuccMid() and + mid = this.getSuccMid() and mid.getNodeEx() = sink.getNodeEx() and mid.getAp() instanceof AccessPathNil and sink.getConfiguration() = unbindConf(mid.getConfiguration()) and diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll index 4ca06c93362..c3b2fc44f14 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll @@ -110,12 +110,12 @@ abstract class Configuration extends string { /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowTo(Node sink) { hasFlow(_, sink) } + predicate hasFlowTo(Node sink) { this.hasFlow(_, sink) } /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowToExpr(DataFlowExpr sink) { hasFlowTo(exprNode(sink)) } + predicate hasFlowToExpr(DataFlowExpr sink) { this.hasFlowTo(exprNode(sink)) } /** * Gets the exploration limit for `hasPartialFlow` and `hasPartialFlowRev` @@ -3170,7 +3170,7 @@ private class AccessPathCons extends AccessPath, TAccessPathCons { } override string toString() { - result = "[" + this.toStringImpl(true) + length().toString() + ")]" + result = "[" + this.toStringImpl(true) + this.length().toString() + ")]" or result = "[" + this.toStringImpl(false) } @@ -3309,9 +3309,11 @@ abstract private class PathNodeImpl extends PathNode { result = " <" + this.(PathNodeMid).getCallContext().toString() + ">" } - override string toString() { result = this.getNodeEx().toString() + ppAp() } + override string toString() { result = this.getNodeEx().toString() + this.ppAp() } - override string toStringWithContext() { result = this.getNodeEx().toString() + ppAp() + ppCtx() } + override string toStringWithContext() { + result = this.getNodeEx().toString() + this.ppAp() + this.ppCtx() + } override predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn @@ -3379,11 +3381,11 @@ private class PathNodeMid extends PathNodeImpl, TPathNodeMid { override PathNodeImpl getASuccessorImpl() { // an intermediate step to another intermediate node - result = getSuccMid() + result = this.getSuccMid() or // a final step to a sink via zero steps means we merge the last two steps to prevent trivial-looking edges exists(PathNodeMid mid, PathNodeSink sink | - mid = getSuccMid() and + mid = this.getSuccMid() and mid.getNodeEx() = sink.getNodeEx() and mid.getAp() instanceof AccessPathNil and sink.getConfiguration() = unbindConf(mid.getConfiguration()) and diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl2.qll b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl2.qll index 4ca06c93362..c3b2fc44f14 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl2.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl2.qll @@ -110,12 +110,12 @@ abstract class Configuration extends string { /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowTo(Node sink) { hasFlow(_, sink) } + predicate hasFlowTo(Node sink) { this.hasFlow(_, sink) } /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowToExpr(DataFlowExpr sink) { hasFlowTo(exprNode(sink)) } + predicate hasFlowToExpr(DataFlowExpr sink) { this.hasFlowTo(exprNode(sink)) } /** * Gets the exploration limit for `hasPartialFlow` and `hasPartialFlowRev` @@ -3170,7 +3170,7 @@ private class AccessPathCons extends AccessPath, TAccessPathCons { } override string toString() { - result = "[" + this.toStringImpl(true) + length().toString() + ")]" + result = "[" + this.toStringImpl(true) + this.length().toString() + ")]" or result = "[" + this.toStringImpl(false) } @@ -3309,9 +3309,11 @@ abstract private class PathNodeImpl extends PathNode { result = " <" + this.(PathNodeMid).getCallContext().toString() + ">" } - override string toString() { result = this.getNodeEx().toString() + ppAp() } + override string toString() { result = this.getNodeEx().toString() + this.ppAp() } - override string toStringWithContext() { result = this.getNodeEx().toString() + ppAp() + ppCtx() } + override string toStringWithContext() { + result = this.getNodeEx().toString() + this.ppAp() + this.ppCtx() + } override predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn @@ -3379,11 +3381,11 @@ private class PathNodeMid extends PathNodeImpl, TPathNodeMid { override PathNodeImpl getASuccessorImpl() { // an intermediate step to another intermediate node - result = getSuccMid() + result = this.getSuccMid() or // a final step to a sink via zero steps means we merge the last two steps to prevent trivial-looking edges exists(PathNodeMid mid, PathNodeSink sink | - mid = getSuccMid() and + mid = this.getSuccMid() and mid.getNodeEx() = sink.getNodeEx() and mid.getAp() instanceof AccessPathNil and sink.getConfiguration() = unbindConf(mid.getConfiguration()) and diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl3.qll b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl3.qll index 4ca06c93362..c3b2fc44f14 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl3.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl3.qll @@ -110,12 +110,12 @@ abstract class Configuration extends string { /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowTo(Node sink) { hasFlow(_, sink) } + predicate hasFlowTo(Node sink) { this.hasFlow(_, sink) } /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowToExpr(DataFlowExpr sink) { hasFlowTo(exprNode(sink)) } + predicate hasFlowToExpr(DataFlowExpr sink) { this.hasFlowTo(exprNode(sink)) } /** * Gets the exploration limit for `hasPartialFlow` and `hasPartialFlowRev` @@ -3170,7 +3170,7 @@ private class AccessPathCons extends AccessPath, TAccessPathCons { } override string toString() { - result = "[" + this.toStringImpl(true) + length().toString() + ")]" + result = "[" + this.toStringImpl(true) + this.length().toString() + ")]" or result = "[" + this.toStringImpl(false) } @@ -3309,9 +3309,11 @@ abstract private class PathNodeImpl extends PathNode { result = " <" + this.(PathNodeMid).getCallContext().toString() + ">" } - override string toString() { result = this.getNodeEx().toString() + ppAp() } + override string toString() { result = this.getNodeEx().toString() + this.ppAp() } - override string toStringWithContext() { result = this.getNodeEx().toString() + ppAp() + ppCtx() } + override string toStringWithContext() { + result = this.getNodeEx().toString() + this.ppAp() + this.ppCtx() + } override predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn @@ -3379,11 +3381,11 @@ private class PathNodeMid extends PathNodeImpl, TPathNodeMid { override PathNodeImpl getASuccessorImpl() { // an intermediate step to another intermediate node - result = getSuccMid() + result = this.getSuccMid() or // a final step to a sink via zero steps means we merge the last two steps to prevent trivial-looking edges exists(PathNodeMid mid, PathNodeSink sink | - mid = getSuccMid() and + mid = this.getSuccMid() and mid.getNodeEx() = sink.getNodeEx() and mid.getAp() instanceof AccessPathNil and sink.getConfiguration() = unbindConf(mid.getConfiguration()) and diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl4.qll b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl4.qll index 4ca06c93362..c3b2fc44f14 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl4.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl4.qll @@ -110,12 +110,12 @@ abstract class Configuration extends string { /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowTo(Node sink) { hasFlow(_, sink) } + predicate hasFlowTo(Node sink) { this.hasFlow(_, sink) } /** * Holds if data may flow from some source to `sink` for this configuration. */ - predicate hasFlowToExpr(DataFlowExpr sink) { hasFlowTo(exprNode(sink)) } + predicate hasFlowToExpr(DataFlowExpr sink) { this.hasFlowTo(exprNode(sink)) } /** * Gets the exploration limit for `hasPartialFlow` and `hasPartialFlowRev` @@ -3170,7 +3170,7 @@ private class AccessPathCons extends AccessPath, TAccessPathCons { } override string toString() { - result = "[" + this.toStringImpl(true) + length().toString() + ")]" + result = "[" + this.toStringImpl(true) + this.length().toString() + ")]" or result = "[" + this.toStringImpl(false) } @@ -3309,9 +3309,11 @@ abstract private class PathNodeImpl extends PathNode { result = " <" + this.(PathNodeMid).getCallContext().toString() + ">" } - override string toString() { result = this.getNodeEx().toString() + ppAp() } + override string toString() { result = this.getNodeEx().toString() + this.ppAp() } - override string toStringWithContext() { result = this.getNodeEx().toString() + ppAp() + ppCtx() } + override string toStringWithContext() { + result = this.getNodeEx().toString() + this.ppAp() + this.ppCtx() + } override predicate hasLocationInfo( string filepath, int startline, int startcolumn, int endline, int endcolumn @@ -3379,11 +3381,11 @@ private class PathNodeMid extends PathNodeImpl, TPathNodeMid { override PathNodeImpl getASuccessorImpl() { // an intermediate step to another intermediate node - result = getSuccMid() + result = this.getSuccMid() or // a final step to a sink via zero steps means we merge the last two steps to prevent trivial-looking edges exists(PathNodeMid mid, PathNodeSink sink | - mid = getSuccMid() and + mid = this.getSuccMid() and mid.getNodeEx() = sink.getNodeEx() and mid.getAp() instanceof AccessPathNil and sink.getConfiguration() = unbindConf(mid.getConfiguration()) and