From 656b7343917afbb5f50b07a14ec3725eb801ad76 Mon Sep 17 00:00:00 2001 From: Chanel Young Date: Thu, 3 Apr 2025 11:23:49 -0700 Subject: [PATCH 01/17] initial query --- .../InjectionHunter/UserInput.qll | 0 .../UserInputToDangerousMethod.qhelp | 40 ++++ .../UserInputToDangerousMethod.ql | 172 ++++++++++++++++++ 3 files changed, 212 insertions(+) create mode 100644 powershell/ql/src/experimental/InjectionHunter/UserInput.qll create mode 100644 powershell/ql/src/experimental/InjectionHunter/UserInputToDangerousMethod.qhelp create mode 100644 powershell/ql/src/experimental/InjectionHunter/UserInputToDangerousMethod.ql diff --git a/powershell/ql/src/experimental/InjectionHunter/UserInput.qll b/powershell/ql/src/experimental/InjectionHunter/UserInput.qll new file mode 100644 index 00000000000..e69de29bb2d diff --git a/powershell/ql/src/experimental/InjectionHunter/UserInputToDangerousMethod.qhelp b/powershell/ql/src/experimental/InjectionHunter/UserInputToDangerousMethod.qhelp new file mode 100644 index 00000000000..f9ffbe53403 --- /dev/null +++ b/powershell/ql/src/experimental/InjectionHunter/UserInputToDangerousMethod.qhelp @@ -0,0 +1,40 @@ + + + +

Code that passes user input directly to +Invoke-Expression, &, or some other library +routine that executes a command, allows the user to execute malicious +code.

+ + + + +

Possible script injection risk via the Invoke-Expression cmdlet. Untrusted input can cause arbitrary PowerShell expressions to be run. +Variables may be used directly for dynamic parameter arguments, splatting can be used for dynamic parameter names, +and the invocation operator can be used for dynamic command names. If content escaping is truly needed, PowerShell has several valid quote characters, +so [System.Management.Automation.Language.CodeGeneration]::Escape* should be used.

+ + + + +

The following example shows code that takes a shell script that can be changed +maliciously by a user, and passes it straight to Invoke-Expression +without examining it first.

+ + + + + + +
  • +OWASP: +Command Injection. +
    • + + + +     +     diff --git a/powershell/ql/src/experimental/InjectionHunter/UserInputToDangerousMethod.ql b/powershell/ql/src/experimental/InjectionHunter/UserInputToDangerousMethod.ql new file mode 100644 index 00000000000..bdbcdbddfe3 --- /dev/null +++ b/powershell/ql/src/experimental/InjectionHunter/UserInputToDangerousMethod.ql @@ -0,0 +1,172 @@ +/** + * @name User Input to Invoke-Expression + * @description Finding cases where the user input is passed an Invoke-Expression command + * @kind path-problem + * @problem.severity error + * @security-severity 9.8 + * @precision high + * @id powershell/microsoft/public/user-input-to-invoke-expression + * @tags security + * external/cwe/cwe-078 + * external/cwe/cwe-088 + */ + +import powershell +import semmle.code.powershell.dataflow.TaintTracking +import semmle.code.powershell.dataflow.DataFlow +import semmle.code.powershell.ApiGraphs + +private module TestConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { + exists(CmdCall c | + c.getName() = "Read-Host" and + source.asExpr().getExpr() = c) } + + predicate isSink(DataFlow::Node sink) { sink instanceof Sink } + predicate isBarrier(DataFlow::Node node) {node instanceof Sanitizer} +} + +abstract class Source extends DataFlow::Node {} + +class ReadHostSource extends Source { + ReadHostSource() { + exists(CmdCall c | + this.asExpr().getExpr() = c and + c.getName() = "Read-Host" ) + } +} + +class GetContentSource extends Source { + GetContentSource() { + exists(CmdCall c | + this.asExpr().getExpr() = c and + c.getName() = "Get-Content" ) + } +} + +class ValueFromPipelineSource extends Source { + ValueFromPipelineSource() { + exists(Parameter p | + p.getAnAttribute().toString() = "ValueFromPipeline" and + this.asExpr().getExpr() = p.getAnAccess() + ) + } +} + +abstract class Sink extends DataFlow::Node {} + +class InvokeExpressionCall extends Sink { + InvokeExpressionCall() { + exists(CmdCall c | + this.asExpr().getExpr() = c.getAnArgument() and + c.getName() = ["Invoke-Expression", "iex", "Add-Type" ] ) + } +} + +class InvokeScriptSink extends Sink { + InvokeScriptSink() { + exists(InvokeMemberExpr ie | + this.asExpr().getExpr() = ie.getAnArgument() and + ie.getName() = "InvokeScript" and + ie.getQualifier().toString() = "InvokeCommand" and + ie.getQualifier().getAChild().toString() = "executioncontext" + ) + } +} + +class CreateNestedPipelineSink extends Sink { + CreateNestedPipelineSink() { + exists(InvokeMemberExpr ie | + this.asExpr().getExpr() = ie.getAnArgument() and + ie.getName() = "CreateNestedPipeline" and + ie.getQualifier().toString() = "InvokeCommand" and + ie.getQualifier().getAChild().toString() = "executioncontext") + } +} + +class AddScriptInvokeSink extends Sink { + AddScriptInvokeSink() { + exists(InvokeMemberExpr ie | + this.asExpr().getExpr() = ie.getAnArgument() and + ie.getName() = "AddScript" and + ie.getQualifier().(InvokeMemberExpr).getName() = "Create" and + ie.getQualifier().getAChild().toString() = "PowerShell" and + ie.getParent().(InvokeMemberExpr).getName() = "Invoke" + ) + } +} + +abstract class Sanitizer extends DataFlow::Node {} + +// class TypedParameterSanitizer extends Sanitizer{ +// TypedParameterSanitizer() { +// exists(Function f, CmdCall c, Parameter p, Argument a | +// p = f.getAParameter() and +// a = c.getAnArgument() and +// p.getName().toLowerCase() = a.getName() and +// p.getStaticType() != "Object" and +// c.getName() = f.getName() and + +// this.asExpr().getExpr() = a +// ) +// } +// } + +class SingleQuoteSanitizer extends Sanitizer { + SingleQuoteSanitizer() { + exists(Expr e, VarReadAccess v | + e = this.asExpr().getExpr().getParent() and + e.toString().matches("%'$" + v.getVariable().getName() + "'%") + ) + } +} + +module TestFlow = TaintTracking::Global; +import TestFlow::PathGraph + +// from TestFlow::PathNode source, TestFlow::PathNode sink +// where +// TestFlow::flowPath(source, sink) and +// sink.getNode().asExpr().getExpr().getLocation().getFile().getBaseName() = "sanitizers.ps1" +// select sink.getNode(), source, sink, "Flow from user input to Invoke-Expression" + +// from Function f, CmdCall c +// where f.getLocation().getFile().getBaseName() = "sanitizers.ps1" +// select f, f.getAParameter().getStaticType(), f.getAParameter().getName() + + +//TBD, waiting on mathias on how to connect f and c +// from Function f, CmdCall c, Parameter p, Argument a +// where +// p = f.getAParameter() and +// a = c.getAnArgument() and +// p.getName().toLowerCase() = a.getName() and +// p.getStaticType() != "Object" and +// c.getName() = f.getName() +// select a, "argument has a specified static type" + +// from Argument a, VarReadAccess v +// where a.getAChild() = v and +// v.getVariable().getName() = "UserInput" +// select a, v + +// from Argument e +// where e.getLocation().getFile().getBaseName() = "sanitizers.ps1" +// and e.getLocation().getStartLine() = 14 +// select e, e.getAChild(), e.getParent(), e.toString() + + +from Parameter p +where p.getLocation().getFile().getBaseName() = "userinput.ps1" +// p.getAnAttribute().toString() = "ValueFromPipeline" and + +select p, p.getName() + +// from Expr e +// where e.getLocation().getFile().getBaseName() = "userinput.ps1" +// select e, e.getAQlClass() + +// from InvokeMemberExpr ie +// where +// ie.getLocation().getStartLine() = 28 and ie.getName() = "AddScript" +// select ie, ie.getName(), ie.getQualifier().toString(), ie.getQualifier().getAChild().toString(), ie.getParent().(InvokeMemberExpr).getName() \ No newline at end of file From 38f0f07d57bdc08c534806fc1cf7fef852a4ec98 Mon Sep 17 00:00:00 2001 From: Chanel Young Date: Fri, 4 Apr 2025 09:03:39 -0700 Subject: [PATCH 02/17] modeled some user input, sanitizers --- .../UserInputToDangerousMethod.ql | 59 +++++++++---------- 1 file changed, 29 insertions(+), 30 deletions(-) diff --git a/powershell/ql/src/experimental/InjectionHunter/UserInputToDangerousMethod.ql b/powershell/ql/src/experimental/InjectionHunter/UserInputToDangerousMethod.ql index bdbcdbddfe3..aaa450815de 100644 --- a/powershell/ql/src/experimental/InjectionHunter/UserInputToDangerousMethod.ql +++ b/powershell/ql/src/experimental/InjectionHunter/UserInputToDangerousMethod.ql @@ -22,7 +22,7 @@ private module TestConfig implements DataFlow::ConfigSig { c.getName() = "Read-Host" and source.asExpr().getExpr() = c) } - predicate isSink(DataFlow::Node sink) { sink instanceof Sink } + predicate isSink(DataFlow::Node sink) { any()}//sink instanceof Sink } predicate isBarrier(DataFlow::Node node) {node instanceof Sanitizer} } @@ -98,37 +98,33 @@ class AddScriptInvokeSink extends Sink { abstract class Sanitizer extends DataFlow::Node {} -// class TypedParameterSanitizer extends Sanitizer{ -// TypedParameterSanitizer() { -// exists(Function f, CmdCall c, Parameter p, Argument a | -// p = f.getAParameter() and -// a = c.getAnArgument() and -// p.getName().toLowerCase() = a.getName() and -// p.getStaticType() != "Object" and -// c.getName() = f.getName() and - -// this.asExpr().getExpr() = a +// class TypedParameterSanitizer extends Sanitizer { +// TypedParameterSanitizer() { +// exists(Function f, Parameter p | +// p = f.getAParameter() and +// p.getStaticType() != "Object" and +// this.asParameter() = p +// ) +// } +// } + +// class SingleQuoteSanitizer extends Sanitizer { +// SingleQuoteSanitizer() { +// exists(Expr e, VarReadAccess v | +// e = this.asExpr().getExpr().getParent() and +// e.toString().matches("%'$" + v.getVariable().getName() + "'%") // ) // } // } -class SingleQuoteSanitizer extends Sanitizer { - SingleQuoteSanitizer() { - exists(Expr e, VarReadAccess v | - e = this.asExpr().getExpr().getParent() and - e.toString().matches("%'$" + v.getVariable().getName() + "'%") - ) - } -} - module TestFlow = TaintTracking::Global; import TestFlow::PathGraph -// from TestFlow::PathNode source, TestFlow::PathNode sink -// where -// TestFlow::flowPath(source, sink) and -// sink.getNode().asExpr().getExpr().getLocation().getFile().getBaseName() = "sanitizers.ps1" -// select sink.getNode(), source, sink, "Flow from user input to Invoke-Expression" +from TestFlow::PathNode source, TestFlow::PathNode sink +where + TestFlow::flowPath(source, sink) and + sink.getNode().asExpr().getExpr().getLocation().getFile().getBaseName() = "sanitizers.ps1" +select sink.getNode(), source, sink, "Flow from user input to Invoke-Expression" // from Function f, CmdCall c // where f.getLocation().getFile().getBaseName() = "sanitizers.ps1" @@ -155,15 +151,18 @@ import TestFlow::PathGraph // and e.getLocation().getStartLine() = 14 // select e, e.getAChild(), e.getParent(), e.toString() +// from PipelineParameter p +// where p.getLocation().getFile().getBaseName() = "userinput.ps1" +// select p, p.getName(), p.getAChild() + +// from Attribute a +// select a, a.getParent(), a.getParent().getAQlClass(), a.getANamedArgument() -from Parameter p -where p.getLocation().getFile().getBaseName() = "userinput.ps1" -// p.getAnAttribute().toString() = "ValueFromPipeline" and -select p, p.getName() // from Expr e -// where e.getLocation().getFile().getBaseName() = "userinput.ps1" +// where e.getLocation().getFile().getBaseName() = "sanitizers.ps1" +// and e.getLocation().getStartLine() = 31 // select e, e.getAQlClass() // from InvokeMemberExpr ie From 5f643509f01cd1a7ca83d02862f600b5d0ba0e18 Mon Sep 17 00:00:00 2001 From: Chanel Young Date: Wed, 16 Apr 2025 11:18:02 -0700 Subject: [PATCH 03/17] added script block, expandstring sinks, moved sanitizers to separate file --- .../InjectionHunter/Sanitizers.qll | 26 ++++ .../InjectionHunter/UserInput.qll | 0 .../UserInputToDangerousMethod.ql | 142 +++++++++++++----- 3 files changed, 132 insertions(+), 36 deletions(-) create mode 100644 powershell/ql/src/experimental/InjectionHunter/Sanitizers.qll delete mode 100644 powershell/ql/src/experimental/InjectionHunter/UserInput.qll diff --git a/powershell/ql/src/experimental/InjectionHunter/Sanitizers.qll b/powershell/ql/src/experimental/InjectionHunter/Sanitizers.qll new file mode 100644 index 00000000000..ac635928e10 --- /dev/null +++ b/powershell/ql/src/experimental/InjectionHunter/Sanitizers.qll @@ -0,0 +1,26 @@ +import powershell +import semmle.code.powershell.dataflow.TaintTracking +import semmle.code.powershell.dataflow.DataFlow +import semmle.code.powershell.ApiGraphs + + +abstract class Sanitizer extends DataFlow::Node {} + +class TypedParameterSanitizer extends Sanitizer { + TypedParameterSanitizer() { + exists(Function f, Parameter p | + p = f.getAParameter() and + p.getStaticType() != "Object" and + this.asParameter() = p + ) + } +} + +class SingleQuoteSanitizer extends Sanitizer { + SingleQuoteSanitizer() { + exists(Expr e, VarReadAccess v | + e = this.asExpr().getExpr().getParent() and + e.toString().matches("%'$" + v.getVariable().getName() + "'%") + ) + } +} diff --git a/powershell/ql/src/experimental/InjectionHunter/UserInput.qll b/powershell/ql/src/experimental/InjectionHunter/UserInput.qll deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/powershell/ql/src/experimental/InjectionHunter/UserInputToDangerousMethod.ql b/powershell/ql/src/experimental/InjectionHunter/UserInputToDangerousMethod.ql index aaa450815de..75a0e3aab12 100644 --- a/powershell/ql/src/experimental/InjectionHunter/UserInputToDangerousMethod.ql +++ b/powershell/ql/src/experimental/InjectionHunter/UserInputToDangerousMethod.ql @@ -1,6 +1,6 @@ /** * @name User Input to Invoke-Expression - * @description Finding cases where the user input is passed an Invoke-Expression command + * @description Finding cases where the user input is passed an dangerous method that can lead to RCE * @kind path-problem * @problem.severity error * @security-severity 9.8 @@ -15,14 +15,17 @@ import powershell import semmle.code.powershell.dataflow.TaintTracking import semmle.code.powershell.dataflow.DataFlow import semmle.code.powershell.ApiGraphs +import semmle.code.powershell.dataflow.flowsources.FlowSources + +import Sanitizers private module TestConfig implements DataFlow::ConfigSig { predicate isSource(DataFlow::Node source) { - exists(CmdCall c | - c.getName() = "Read-Host" and - source.asExpr().getExpr() = c) } + source instanceof SourceNode or + source instanceof Source + } - predicate isSink(DataFlow::Node sink) { any()}//sink instanceof Sink } + predicate isSink(DataFlow::Node sink) { sink instanceof Sink } predicate isBarrier(DataFlow::Node node) {node instanceof Sanitizer} } @@ -65,22 +68,19 @@ class InvokeExpressionCall extends Sink { class InvokeScriptSink extends Sink { InvokeScriptSink() { - exists(InvokeMemberExpr ie | - this.asExpr().getExpr() = ie.getAnArgument() and - ie.getName() = "InvokeScript" and - ie.getQualifier().toString() = "InvokeCommand" and - ie.getQualifier().getAChild().toString() = "executioncontext" + exists(API::Node call | + API::getTopLevelMember("executioncontext").getMember("invokecommand").getMethod("invokescript") = call and + this = call.getArgument(_).asSink() ) } } class CreateNestedPipelineSink extends Sink { CreateNestedPipelineSink() { - exists(InvokeMemberExpr ie | - this.asExpr().getExpr() = ie.getAnArgument() and - ie.getName() = "CreateNestedPipeline" and - ie.getQualifier().toString() = "InvokeCommand" and - ie.getQualifier().getAChild().toString() = "executioncontext") + exists(API::Node call | + API::getTopLevelMember("host").getMember("runspace").getMethod("createnestedpipeline") = call and + this = call.getArgument(_).asSink() + ) } } @@ -96,35 +96,105 @@ class AddScriptInvokeSink extends Sink { } } -abstract class Sanitizer extends DataFlow::Node {} +class PowershellSink extends Sink { + PowershellSink() { + exists( CmdCall c | + c.getName() = "powershell" | + ( + this.asExpr().getExpr() = c.getArgument(1) and + c.getArgument(0).getValue().toString() = "-command" + ) or + ( + this.asExpr().getExpr() = c.getArgument(0) + ) + ) + } +} -// class TypedParameterSanitizer extends Sanitizer { -// TypedParameterSanitizer() { -// exists(Function f, Parameter p | -// p = f.getAParameter() and -// p.getStaticType() != "Object" and -// this.asParameter() = p -// ) -// } -// } +class CmdSink extends Sink { + CmdSink() { + exists(CmdCall c | + this.asExpr().getExpr() = c.getArgument(1) and + c.getName() = "cmd" and + c.getArgument(0).getValue().toString() = "/c" + ) + } +} -// class SingleQuoteSanitizer extends Sanitizer { -// SingleQuoteSanitizer() { -// exists(Expr e, VarReadAccess v | -// e = this.asExpr().getExpr().getParent() and -// e.toString().matches("%'$" + v.getVariable().getName() + "'%") -// ) -// } -// } +class ForEachObjectSink extends Sink { + ForEachObjectSink() { + exists(CmdCall c | + this.asExpr().getExpr() = c.getAnArgument() and + c.getName() = "Foreach-Object" + ) + } +} + +class InvokeSink extends Sink { + InvokeSink() { + exists(InvokeMemberExpr ie | + this.asExpr().getExpr() = ie.getCallee() or + this.asExpr().getExpr() = ie.getQualifier().getAChild*() + ) + } +} + +class CreateScriptBlockSink extends Sink { + CreateScriptBlockSink() { + exists(InvokeMemberExpr ie | + this.asExpr().getExpr() = ie.getAnArgument() and + ie.getName() = "Create" and + ie.getQualifier().toString() = "ScriptBlock" + ) + } +} + +class NewScriptBlockSink extends Sink { + NewScriptBlockSink() { + exists(API::Node call | + API::getTopLevelMember("executioncontext").getMember("invokecommand").getMethod("newscriptblock") = call and + this = call.getArgument(_).asSink() + ) + } +} + +class ExpandStringSink extends Sink { + ExpandStringSink() { + exists(API::Node call | this = call.getArgument(_).asSink() | + API::getTopLevelMember("executioncontext").getMember("invokecommand").getMethod("expandstring") = call or + API::getTopLevelMember("executioncontext").getMember("sessionstate").getMember("invokecommand").getMethod("expandstring") = call + + ) + } +} module TestFlow = TaintTracking::Global; import TestFlow::PathGraph from TestFlow::PathNode source, TestFlow::PathNode sink where - TestFlow::flowPath(source, sink) and - sink.getNode().asExpr().getExpr().getLocation().getFile().getBaseName() = "sanitizers.ps1" -select sink.getNode(), source, sink, "Flow from user input to Invoke-Expression" + TestFlow::flowPath(source, sink) +select sink.getNode(), source, sink, "Flow from user input to dangerous method" + +// from CmdCall c +// where c.getName() = "cmd" +// and c.getArgument(0).getValue().toString() = "/c" +// select c.getArgument(1) + +// from InvokeMemberExpr ie +// where ie.getName() = "Create" and +// ie.getQualifier().toString() = "ScriptBlock" +// select ie, ie.getQualifier(), ie.getAnArgument() + +// from API::Node call +// where API::getTopLevelMember("executioncontext").getMember("invokecommand").getMethod("newscriptblock") = call +// select call, call.getArgument(_).asSink() + +// from Expr e +// where e.getLocation().getFile().getBaseName() = "InjectionHunterTests.ps1" +// and e.getLocation().getStartLine() = 106 +// select e, e.getAQlClass() + // from Function f, CmdCall c // where f.getLocation().getFile().getBaseName() = "sanitizers.ps1" From 2266cd2eb8d7beb02736599a16f34296df628b52 Mon Sep 17 00:00:00 2001 From: Chanel Young Date: Wed, 16 Apr 2025 12:13:07 -0700 Subject: [PATCH 04/17] moved folder, added tests/docs --- .../UserInputToDangerousMethod.ql | 241 ------------------ .../cwe-078}/InjectionHunter/Sanitizers.qll | 0 .../cwe-078/InjectionHunter/Sinks.qll | 152 +++++++++++ .../UserInputToDangerousMethod.qhelp | 32 ++- .../UserInputToDangerousMethod.ql | 36 +++ .../InjectionHunter/InjectionHunter.expected | 146 +++++++++++ .../InjectionHunter/InjectionHunter.qlref | 1 + .../security/cwe-078/InjectionHunter/test.ps1 | 221 ++++++++++++++++ 8 files changed, 576 insertions(+), 253 deletions(-) delete mode 100644 powershell/ql/src/experimental/InjectionHunter/UserInputToDangerousMethod.ql rename powershell/ql/src/{experimental => queries/security/cwe-078}/InjectionHunter/Sanitizers.qll (100%) create mode 100644 powershell/ql/src/queries/security/cwe-078/InjectionHunter/Sinks.qll rename powershell/ql/src/{experimental => queries/security/cwe-078}/InjectionHunter/UserInputToDangerousMethod.qhelp (52%) create mode 100644 powershell/ql/src/queries/security/cwe-078/InjectionHunter/UserInputToDangerousMethod.ql create mode 100644 powershell/ql/test/query-tests/security/cwe-078/InjectionHunter/InjectionHunter.expected create mode 100644 powershell/ql/test/query-tests/security/cwe-078/InjectionHunter/InjectionHunter.qlref create mode 100644 powershell/ql/test/query-tests/security/cwe-078/InjectionHunter/test.ps1 diff --git a/powershell/ql/src/experimental/InjectionHunter/UserInputToDangerousMethod.ql b/powershell/ql/src/experimental/InjectionHunter/UserInputToDangerousMethod.ql deleted file mode 100644 index 75a0e3aab12..00000000000 --- a/powershell/ql/src/experimental/InjectionHunter/UserInputToDangerousMethod.ql +++ /dev/null @@ -1,241 +0,0 @@ -/** - * @name User Input to Invoke-Expression - * @description Finding cases where the user input is passed an dangerous method that can lead to RCE - * @kind path-problem - * @problem.severity error - * @security-severity 9.8 - * @precision high - * @id powershell/microsoft/public/user-input-to-invoke-expression - * @tags security - * external/cwe/cwe-078 - * external/cwe/cwe-088 - */ - -import powershell -import semmle.code.powershell.dataflow.TaintTracking -import semmle.code.powershell.dataflow.DataFlow -import semmle.code.powershell.ApiGraphs -import semmle.code.powershell.dataflow.flowsources.FlowSources - -import Sanitizers - -private module TestConfig implements DataFlow::ConfigSig { - predicate isSource(DataFlow::Node source) { - source instanceof SourceNode or - source instanceof Source - } - - predicate isSink(DataFlow::Node sink) { sink instanceof Sink } - predicate isBarrier(DataFlow::Node node) {node instanceof Sanitizer} -} - -abstract class Source extends DataFlow::Node {} - -class ReadHostSource extends Source { - ReadHostSource() { - exists(CmdCall c | - this.asExpr().getExpr() = c and - c.getName() = "Read-Host" ) - } -} - -class GetContentSource extends Source { - GetContentSource() { - exists(CmdCall c | - this.asExpr().getExpr() = c and - c.getName() = "Get-Content" ) - } -} - -class ValueFromPipelineSource extends Source { - ValueFromPipelineSource() { - exists(Parameter p | - p.getAnAttribute().toString() = "ValueFromPipeline" and - this.asExpr().getExpr() = p.getAnAccess() - ) - } -} - -abstract class Sink extends DataFlow::Node {} - -class InvokeExpressionCall extends Sink { - InvokeExpressionCall() { - exists(CmdCall c | - this.asExpr().getExpr() = c.getAnArgument() and - c.getName() = ["Invoke-Expression", "iex", "Add-Type" ] ) - } -} - -class InvokeScriptSink extends Sink { - InvokeScriptSink() { - exists(API::Node call | - API::getTopLevelMember("executioncontext").getMember("invokecommand").getMethod("invokescript") = call and - this = call.getArgument(_).asSink() - ) - } -} - -class CreateNestedPipelineSink extends Sink { - CreateNestedPipelineSink() { - exists(API::Node call | - API::getTopLevelMember("host").getMember("runspace").getMethod("createnestedpipeline") = call and - this = call.getArgument(_).asSink() - ) - } -} - -class AddScriptInvokeSink extends Sink { - AddScriptInvokeSink() { - exists(InvokeMemberExpr ie | - this.asExpr().getExpr() = ie.getAnArgument() and - ie.getName() = "AddScript" and - ie.getQualifier().(InvokeMemberExpr).getName() = "Create" and - ie.getQualifier().getAChild().toString() = "PowerShell" and - ie.getParent().(InvokeMemberExpr).getName() = "Invoke" - ) - } -} - -class PowershellSink extends Sink { - PowershellSink() { - exists( CmdCall c | - c.getName() = "powershell" | - ( - this.asExpr().getExpr() = c.getArgument(1) and - c.getArgument(0).getValue().toString() = "-command" - ) or - ( - this.asExpr().getExpr() = c.getArgument(0) - ) - ) - } -} - -class CmdSink extends Sink { - CmdSink() { - exists(CmdCall c | - this.asExpr().getExpr() = c.getArgument(1) and - c.getName() = "cmd" and - c.getArgument(0).getValue().toString() = "/c" - ) - } -} - -class ForEachObjectSink extends Sink { - ForEachObjectSink() { - exists(CmdCall c | - this.asExpr().getExpr() = c.getAnArgument() and - c.getName() = "Foreach-Object" - ) - } -} - -class InvokeSink extends Sink { - InvokeSink() { - exists(InvokeMemberExpr ie | - this.asExpr().getExpr() = ie.getCallee() or - this.asExpr().getExpr() = ie.getQualifier().getAChild*() - ) - } -} - -class CreateScriptBlockSink extends Sink { - CreateScriptBlockSink() { - exists(InvokeMemberExpr ie | - this.asExpr().getExpr() = ie.getAnArgument() and - ie.getName() = "Create" and - ie.getQualifier().toString() = "ScriptBlock" - ) - } -} - -class NewScriptBlockSink extends Sink { - NewScriptBlockSink() { - exists(API::Node call | - API::getTopLevelMember("executioncontext").getMember("invokecommand").getMethod("newscriptblock") = call and - this = call.getArgument(_).asSink() - ) - } -} - -class ExpandStringSink extends Sink { - ExpandStringSink() { - exists(API::Node call | this = call.getArgument(_).asSink() | - API::getTopLevelMember("executioncontext").getMember("invokecommand").getMethod("expandstring") = call or - API::getTopLevelMember("executioncontext").getMember("sessionstate").getMember("invokecommand").getMethod("expandstring") = call - - ) - } -} - -module TestFlow = TaintTracking::Global; -import TestFlow::PathGraph - -from TestFlow::PathNode source, TestFlow::PathNode sink -where - TestFlow::flowPath(source, sink) -select sink.getNode(), source, sink, "Flow from user input to dangerous method" - -// from CmdCall c -// where c.getName() = "cmd" -// and c.getArgument(0).getValue().toString() = "/c" -// select c.getArgument(1) - -// from InvokeMemberExpr ie -// where ie.getName() = "Create" and -// ie.getQualifier().toString() = "ScriptBlock" -// select ie, ie.getQualifier(), ie.getAnArgument() - -// from API::Node call -// where API::getTopLevelMember("executioncontext").getMember("invokecommand").getMethod("newscriptblock") = call -// select call, call.getArgument(_).asSink() - -// from Expr e -// where e.getLocation().getFile().getBaseName() = "InjectionHunterTests.ps1" -// and e.getLocation().getStartLine() = 106 -// select e, e.getAQlClass() - - -// from Function f, CmdCall c -// where f.getLocation().getFile().getBaseName() = "sanitizers.ps1" -// select f, f.getAParameter().getStaticType(), f.getAParameter().getName() - - -//TBD, waiting on mathias on how to connect f and c -// from Function f, CmdCall c, Parameter p, Argument a -// where -// p = f.getAParameter() and -// a = c.getAnArgument() and -// p.getName().toLowerCase() = a.getName() and -// p.getStaticType() != "Object" and -// c.getName() = f.getName() -// select a, "argument has a specified static type" - -// from Argument a, VarReadAccess v -// where a.getAChild() = v and -// v.getVariable().getName() = "UserInput" -// select a, v - -// from Argument e -// where e.getLocation().getFile().getBaseName() = "sanitizers.ps1" -// and e.getLocation().getStartLine() = 14 -// select e, e.getAChild(), e.getParent(), e.toString() - -// from PipelineParameter p -// where p.getLocation().getFile().getBaseName() = "userinput.ps1" -// select p, p.getName(), p.getAChild() - -// from Attribute a -// select a, a.getParent(), a.getParent().getAQlClass(), a.getANamedArgument() - - - -// from Expr e -// where e.getLocation().getFile().getBaseName() = "sanitizers.ps1" -// and e.getLocation().getStartLine() = 31 -// select e, e.getAQlClass() - -// from InvokeMemberExpr ie -// where -// ie.getLocation().getStartLine() = 28 and ie.getName() = "AddScript" -// select ie, ie.getName(), ie.getQualifier().toString(), ie.getQualifier().getAChild().toString(), ie.getParent().(InvokeMemberExpr).getName() \ No newline at end of file diff --git a/powershell/ql/src/experimental/InjectionHunter/Sanitizers.qll b/powershell/ql/src/queries/security/cwe-078/InjectionHunter/Sanitizers.qll similarity index 100% rename from powershell/ql/src/experimental/InjectionHunter/Sanitizers.qll rename to powershell/ql/src/queries/security/cwe-078/InjectionHunter/Sanitizers.qll diff --git a/powershell/ql/src/queries/security/cwe-078/InjectionHunter/Sinks.qll b/powershell/ql/src/queries/security/cwe-078/InjectionHunter/Sinks.qll new file mode 100644 index 00000000000..4c62966746f --- /dev/null +++ b/powershell/ql/src/queries/security/cwe-078/InjectionHunter/Sinks.qll @@ -0,0 +1,152 @@ +import powershell +import semmle.code.powershell.dataflow.TaintTracking +import semmle.code.powershell.dataflow.DataFlow +import semmle.code.powershell.ApiGraphs +import semmle.code.powershell.dataflow.flowsources.FlowSources + +abstract class InjectionSink extends DataFlow::Node { + abstract string getSinkType(); +} + +class InvokeExpressionCall extends InjectionSink { + InvokeExpressionCall() { + exists(CmdCall c | + this.asExpr().getExpr() = c.getAnArgument() and + c.getName() = ["Invoke-Expression", "iex", "Add-Type" ] ) + } + override string getSinkType(){ + result = "call to Invoke-Expression" + } +} + +class InvokeScriptSink extends InjectionSink { + InvokeScriptSink() { + exists(API::Node call | + API::getTopLevelMember("executioncontext").getMember("invokecommand").getMethod("invokescript") = call and + this = call.getArgument(_).asSink() + ) + } + override string getSinkType(){ + result = "call to InvokeScript" + } +} + +class CreateNestedPipelineSink extends InjectionSink { + CreateNestedPipelineSink() { + exists(API::Node call | + API::getTopLevelMember("host").getMember("runspace").getMethod("createnestedpipeline") = call and + this = call.getArgument(_).asSink() + ) + } + override string getSinkType(){ + result = "call to CreateNestedPipeline" + } +} + +class AddScriptInvokeSink extends InjectionSink { + AddScriptInvokeSink() { + exists(InvokeMemberExpr ie | + this.asExpr().getExpr() = ie.getAnArgument() and + ie.getName() = "AddScript" and + ie.getQualifier().(InvokeMemberExpr).getName() = "Create" and + ie.getQualifier().getAChild().toString() = "PowerShell" and + ie.getParent().(InvokeMemberExpr).getName() = "Invoke" + ) + } + override string getSinkType(){ + result = "call to AddScript" + } +} + +class PowershellSink extends InjectionSink { + PowershellSink() { + exists( CmdCall c | + c.getName() = "powershell" | + ( + this.asExpr().getExpr() = c.getArgument(1) and + c.getArgument(0).getValue().toString() = "-command" + ) or + ( + this.asExpr().getExpr() = c.getArgument(0) + ) + ) + } + override string getSinkType(){ + result = "call to Powershell" + } +} + +class CmdSink extends InjectionSink { + CmdSink() { + exists(CmdCall c | + this.asExpr().getExpr() = c.getArgument(1) and + c.getName() = "cmd" and + c.getArgument(0).getValue().toString() = "/c" + ) + } + override string getSinkType(){ + result = "call to Cmd" + } +} + +class ForEachObjectSink extends InjectionSink { + ForEachObjectSink() { + exists(CmdCall c | + this.asExpr().getExpr() = c.getAnArgument() and + c.getName() = "Foreach-Object" + ) + } + override string getSinkType(){ + result = "call to ForEach-Object" + } +} + +class InvokeSink extends InjectionSink { + InvokeSink() { + exists(InvokeMemberExpr ie | + this.asExpr().getExpr() = ie.getCallee() or + this.asExpr().getExpr() = ie.getQualifier().getAChild*() + ) + } + override string getSinkType(){ + result = "call to Invoke" + } +} + +class CreateScriptBlockSink extends InjectionSink { + CreateScriptBlockSink() { + exists(InvokeMemberExpr ie | + this.asExpr().getExpr() = ie.getAnArgument() and + ie.getName() = "Create" and + ie.getQualifier().toString() = "ScriptBlock" + ) + } + override string getSinkType(){ + result = "call to CreateScriptBlock" + } +} + +class NewScriptBlockSink extends InjectionSink { + NewScriptBlockSink() { + exists(API::Node call | + API::getTopLevelMember("executioncontext").getMember("invokecommand").getMethod("newscriptblock") = call and + this = call.getArgument(_).asSink() + ) + } + override string getSinkType(){ + result = "call to NewScriptBlock" + } +} + +class ExpandStringSink extends InjectionSink { + ExpandStringSink() { + exists(API::Node call | this = call.getArgument(_).asSink() | + API::getTopLevelMember("executioncontext").getMember("invokecommand").getMethod("expandstring") = call or + API::getTopLevelMember("executioncontext").getMember("sessionstate").getMember("invokecommand").getMethod("expandstring") = call + + ) + } + override string getSinkType(){ + result = "call to ExpandString" + } +} \ No newline at end of file diff --git a/powershell/ql/src/experimental/InjectionHunter/UserInputToDangerousMethod.qhelp b/powershell/ql/src/queries/security/cwe-078/InjectionHunter/UserInputToDangerousMethod.qhelp similarity index 52% rename from powershell/ql/src/experimental/InjectionHunter/UserInputToDangerousMethod.qhelp rename to powershell/ql/src/queries/security/cwe-078/InjectionHunter/UserInputToDangerousMethod.qhelp index f9ffbe53403..de459c2e84f 100644 --- a/powershell/ql/src/experimental/InjectionHunter/UserInputToDangerousMethod.qhelp +++ b/powershell/ql/src/queries/security/cwe-078/InjectionHunter/UserInputToDangerousMethod.qhelp @@ -8,33 +8,41 @@ routine that executes a command, allows the user to execute malicious code.

    +

    This is a port of the InjectionHunter tool by Lee Holmes, and checks when user input is passed to any of the following:

    +
      +
    • Invoke-Expression
      • +
    • InvokeScript
      • +
    • CreateNestedPipeline
      • +
    • AddScript
      • +
    • powershell
      • +
    • cmd
      • +
    • Foreach-Object
      • +
    • Invoke
      • +
    • CreateScriptBlock
      • +
    • NewScriptBlock
      • +
    • ExpandString
      • +
    + -

    Possible script injection risk via the Invoke-Expression cmdlet. Untrusted input can cause arbitrary PowerShell expressions to be run. +

    Possible script injection risk. Untrusted input can cause arbitrary PowerShell expressions to be run. Variables may be used directly for dynamic parameter arguments, splatting can be used for dynamic parameter names, and the invocation operator can be used for dynamic command names. If content escaping is truly needed, PowerShell has several valid quote characters, so [System.Management.Automation.Language.CodeGeneration]::Escape* should be used.

     - -

    The following example shows code that takes a shell script that can be changed -maliciously by a user, and passes it straight to Invoke-Expression -without examining it first.

    - - - -
  • OWASP: Command Injection.
    • - - +
  • +Injection Hunter: +PowerShell Injection Hunter: Security Auditing for PowerShell Scripts. +
    •  diff --git a/powershell/ql/src/queries/security/cwe-078/InjectionHunter/UserInputToDangerousMethod.ql b/powershell/ql/src/queries/security/cwe-078/InjectionHunter/UserInputToDangerousMethod.ql new file mode 100644 index 00000000000..11730a65299 --- /dev/null +++ b/powershell/ql/src/queries/security/cwe-078/InjectionHunter/UserInputToDangerousMethod.ql @@ -0,0 +1,36 @@ +/** + * @name User Input to injection sink + * @description Finding cases where the user input is passed an dangerous method that can lead to RCE + * @kind path-problem + * @problem.severity error + * @security-severity 9.8 + * @precision high + * @id powershell/microsoft/public/user-input-to-injection-sink + * @tags security + * external/cwe/cwe-078 + * external/cwe/cwe-088 + */ + +import powershell +import semmle.code.powershell.dataflow.TaintTracking +import semmle.code.powershell.dataflow.DataFlow +import semmle.code.powershell.ApiGraphs +import semmle.code.powershell.dataflow.flowsources.FlowSources + +import Sanitizers +import Sinks + +private module InjectionConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { + source instanceof SourceNode + } + predicate isSink(DataFlow::Node sink) { sink instanceof InjectionSink } + predicate isBarrier(DataFlow::Node node) {node instanceof Sanitizer} +} + +module InjectionFlow = TaintTracking::Global; +import InjectionFlow::PathGraph + +from InjectionFlow::PathNode source, InjectionFlow::PathNode sink +where InjectionFlow::flowPath(source, sink) +select sink.getNode(), source, sink, "Possible injection path from user input to dangerous " + sink.getNode().(InjectionSink).getSinkType() diff --git a/powershell/ql/test/query-tests/security/cwe-078/InjectionHunter/InjectionHunter.expected b/powershell/ql/test/query-tests/security/cwe-078/InjectionHunter/InjectionHunter.expected new file mode 100644 index 00000000000..8bfcc1dafec --- /dev/null +++ b/powershell/ql/test/query-tests/security/cwe-078/InjectionHunter/InjectionHunter.expected @@ -0,0 +1,146 @@ +edges +| test.ps1:3:11:3:20 | UserInput | test.ps1:4:23:4:52 | Get-Process -Name $UserInput | provenance | | +| test.ps1:9:11:9:20 | UserInput | test.ps1:10:9:10:38 | Get-Process -Name $UserInput | provenance | | +| test.ps1:15:11:15:20 | UserInput | test.ps1:16:50:16:79 | Get-Process -Name $UserInput | provenance | | +| test.ps1:21:11:21:20 | UserInput | test.ps1:22:41:22:70 | Get-Process -Name $UserInput | provenance | | +| test.ps1:21:11:21:20 | UserInput | test.ps1:22:60:22:69 | UserInput | provenance | | +| test.ps1:27:11:27:20 | UserInput | test.ps1:28:38:28:67 | Get-Process -Name $UserInput | provenance | | +| test.ps1:27:11:27:20 | UserInput | test.ps1:28:57:28:66 | UserInput | provenance | | +| test.ps1:33:11:33:20 | UserInput | test.ps1:34:14:34:46 | public class Foo { $UserInput } | provenance | | +| test.ps1:39:11:39:20 | UserInput | test.ps1:40:30:40:62 | public class Foo { $UserInput } | provenance | | +| test.ps1:45:11:45:20 | UserInput | test.ps1:48:30:48:34 | code | provenance | | +| test.ps1:73:11:73:20 | UserInput | test.ps1:75:25:75:54 | Get-Process -Name $UserInput | provenance | | +| test.ps1:80:11:80:20 | UserInput | test.ps1:82:16:82:45 | Get-Process -Name $UserInput | provenance | | +| test.ps1:87:11:87:20 | UserInput | test.ps1:89:12:89:28 | ping $UserInput | provenance | | +| test.ps1:102:11:102:20 | UserInput | test.ps1:106:33:106:62 | Get-Process -Name $UserInput | provenance | | +| test.ps1:112:11:112:20 | UserInput | test.ps1:116:58:116:87 | Get-Process -Name $UserInput | provenance | | +| test.ps1:122:11:122:20 | UserInput | test.ps1:124:34:124:43 | UserInput | provenance | | +| test.ps1:129:11:129:20 | UserInput | test.ps1:131:28:131:37 | UserInput | provenance | | +| test.ps1:136:11:136:20 | UserInput | test.ps1:138:28:138:37 | UserInput | provenance | | +| test.ps1:165:11:165:20 | UserInput | test.ps1:168:50:168:59 | UserInput | provenance | | +| test.ps1:173:11:173:20 | UserInput | test.ps1:176:63:176:72 | UserInput | provenance | | +| test.ps1:189:11:189:20 | UserInput | test.ps1:192:23:192:54 | Get-Process -Name "$escaped" | provenance | | +| test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:197:46:197:51 | input | provenance | Src:MaD:11464 | +| test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:198:46:198:51 | input | provenance | Src:MaD:11464 | +| test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:199:46:199:51 | input | provenance | Src:MaD:11464 | +| test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:200:46:200:51 | input | provenance | Src:MaD:11464 | +| test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:201:46:201:51 | input | provenance | Src:MaD:11464 | +| test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:202:46:202:51 | input | provenance | Src:MaD:11464 | +| test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:203:46:203:51 | input | provenance | Src:MaD:11464 | +| test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:204:46:204:51 | input | provenance | Src:MaD:11464 | +| test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:206:48:206:53 | input | provenance | Src:MaD:11464 | +| test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:207:48:207:53 | input | provenance | Src:MaD:11464 | +| test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:208:48:208:53 | input | provenance | Src:MaD:11464 | +| test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:210:41:210:46 | input | provenance | Src:MaD:11464 | +| test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:211:41:211:46 | input | provenance | Src:MaD:11464 | +| test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:212:36:212:41 | input | provenance | Src:MaD:11464 | +| test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:213:36:213:41 | input | provenance | Src:MaD:11464 | +| test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:214:36:214:41 | input | provenance | Src:MaD:11464 | +| test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:218:42:218:47 | input | provenance | Src:MaD:11464 | +| test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:219:42:219:47 | input | provenance | Src:MaD:11464 | +| test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:221:33:221:38 | input | provenance | Src:MaD:11464 | +| test.ps1:197:46:197:51 | input | test.ps1:3:11:3:20 | UserInput | provenance | | +| test.ps1:198:46:198:51 | input | test.ps1:9:11:9:20 | UserInput | provenance | | +| test.ps1:199:46:199:51 | input | test.ps1:15:11:15:20 | UserInput | provenance | | +| test.ps1:200:46:200:51 | input | test.ps1:21:11:21:20 | UserInput | provenance | | +| test.ps1:201:46:201:51 | input | test.ps1:27:11:27:20 | UserInput | provenance | | +| test.ps1:202:46:202:51 | input | test.ps1:33:11:33:20 | UserInput | provenance | | +| test.ps1:203:46:203:51 | input | test.ps1:39:11:39:20 | UserInput | provenance | | +| test.ps1:204:46:204:51 | input | test.ps1:45:11:45:20 | UserInput | provenance | | +| test.ps1:206:48:206:53 | input | test.ps1:73:11:73:20 | UserInput | provenance | | +| test.ps1:207:48:207:53 | input | test.ps1:80:11:80:20 | UserInput | provenance | | +| test.ps1:208:48:208:53 | input | test.ps1:87:11:87:20 | UserInput | provenance | | +| test.ps1:210:41:210:46 | input | test.ps1:102:11:102:20 | UserInput | provenance | | +| test.ps1:211:41:211:46 | input | test.ps1:112:11:112:20 | UserInput | provenance | | +| test.ps1:212:36:212:41 | input | test.ps1:122:11:122:20 | UserInput | provenance | | +| test.ps1:213:36:213:41 | input | test.ps1:129:11:129:20 | UserInput | provenance | | +| test.ps1:214:36:214:41 | input | test.ps1:136:11:136:20 | UserInput | provenance | | +| test.ps1:218:42:218:47 | input | test.ps1:165:11:165:20 | UserInput | provenance | | +| test.ps1:219:42:219:47 | input | test.ps1:173:11:173:20 | UserInput | provenance | | +| test.ps1:221:33:221:38 | input | test.ps1:189:11:189:20 | UserInput | provenance | | +nodes +| test.ps1:3:11:3:20 | UserInput | semmle.label | UserInput | +| test.ps1:4:23:4:52 | Get-Process -Name $UserInput | semmle.label | Get-Process -Name $UserInput | +| test.ps1:9:11:9:20 | UserInput | semmle.label | UserInput | +| test.ps1:10:9:10:38 | Get-Process -Name $UserInput | semmle.label | Get-Process -Name $UserInput | +| test.ps1:15:11:15:20 | UserInput | semmle.label | UserInput | +| test.ps1:16:50:16:79 | Get-Process -Name $UserInput | semmle.label | Get-Process -Name $UserInput | +| test.ps1:21:11:21:20 | UserInput | semmle.label | UserInput | +| test.ps1:22:41:22:70 | Get-Process -Name $UserInput | semmle.label | Get-Process -Name $UserInput | +| test.ps1:22:60:22:69 | UserInput | semmle.label | UserInput | +| test.ps1:27:11:27:20 | UserInput | semmle.label | UserInput | +| test.ps1:28:38:28:67 | Get-Process -Name $UserInput | semmle.label | Get-Process -Name $UserInput | +| test.ps1:28:57:28:66 | UserInput | semmle.label | UserInput | +| test.ps1:33:11:33:20 | UserInput | semmle.label | UserInput | +| test.ps1:34:14:34:46 | public class Foo { $UserInput } | semmle.label | public class Foo { $UserInput } | +| test.ps1:39:11:39:20 | UserInput | semmle.label | UserInput | +| test.ps1:40:30:40:62 | public class Foo { $UserInput } | semmle.label | public class Foo { $UserInput } | +| test.ps1:45:11:45:20 | UserInput | semmle.label | UserInput | +| test.ps1:48:30:48:34 | code | semmle.label | code | +| test.ps1:73:11:73:20 | UserInput | semmle.label | UserInput | +| test.ps1:75:25:75:54 | Get-Process -Name $UserInput | semmle.label | Get-Process -Name $UserInput | +| test.ps1:80:11:80:20 | UserInput | semmle.label | UserInput | +| test.ps1:82:16:82:45 | Get-Process -Name $UserInput | semmle.label | Get-Process -Name $UserInput | +| test.ps1:87:11:87:20 | UserInput | semmle.label | UserInput | +| test.ps1:89:12:89:28 | ping $UserInput | semmle.label | ping $UserInput | +| test.ps1:102:11:102:20 | UserInput | semmle.label | UserInput | +| test.ps1:106:33:106:62 | Get-Process -Name $UserInput | semmle.label | Get-Process -Name $UserInput | +| test.ps1:112:11:112:20 | UserInput | semmle.label | UserInput | +| test.ps1:116:58:116:87 | Get-Process -Name $UserInput | semmle.label | Get-Process -Name $UserInput | +| test.ps1:122:11:122:20 | UserInput | semmle.label | UserInput | +| test.ps1:124:34:124:43 | UserInput | semmle.label | UserInput | +| test.ps1:129:11:129:20 | UserInput | semmle.label | UserInput | +| test.ps1:131:28:131:37 | UserInput | semmle.label | UserInput | +| test.ps1:136:11:136:20 | UserInput | semmle.label | UserInput | +| test.ps1:138:28:138:37 | UserInput | semmle.label | UserInput | +| test.ps1:165:11:165:20 | UserInput | semmle.label | UserInput | +| test.ps1:168:50:168:59 | UserInput | semmle.label | UserInput | +| test.ps1:173:11:173:20 | UserInput | semmle.label | UserInput | +| test.ps1:176:63:176:72 | UserInput | semmle.label | UserInput | +| test.ps1:189:11:189:20 | UserInput | semmle.label | UserInput | +| test.ps1:192:23:192:54 | Get-Process -Name "$escaped" | semmle.label | Get-Process -Name "$escaped" | +| test.ps1:195:10:195:32 | Call to Read-Host | semmle.label | Call to Read-Host | +| test.ps1:197:46:197:51 | input | semmle.label | input | +| test.ps1:198:46:198:51 | input | semmle.label | input | +| test.ps1:199:46:199:51 | input | semmle.label | input | +| test.ps1:200:46:200:51 | input | semmle.label | input | +| test.ps1:201:46:201:51 | input | semmle.label | input | +| test.ps1:202:46:202:51 | input | semmle.label | input | +| test.ps1:203:46:203:51 | input | semmle.label | input | +| test.ps1:204:46:204:51 | input | semmle.label | input | +| test.ps1:206:48:206:53 | input | semmle.label | input | +| test.ps1:207:48:207:53 | input | semmle.label | input | +| test.ps1:208:48:208:53 | input | semmle.label | input | +| test.ps1:210:41:210:46 | input | semmle.label | input | +| test.ps1:211:41:211:46 | input | semmle.label | input | +| test.ps1:212:36:212:41 | input | semmle.label | input | +| test.ps1:213:36:213:41 | input | semmle.label | input | +| test.ps1:214:36:214:41 | input | semmle.label | input | +| test.ps1:218:42:218:47 | input | semmle.label | input | +| test.ps1:219:42:219:47 | input | semmle.label | input | +| test.ps1:221:33:221:38 | input | semmle.label | input | +subpaths +#select +| test.ps1:4:23:4:52 | Get-Process -Name $UserInput | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:4:23:4:52 | Get-Process -Name $UserInput | Possible injection path from user input to dangerous call to Invoke-Expression | +| test.ps1:10:9:10:38 | Get-Process -Name $UserInput | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:10:9:10:38 | Get-Process -Name $UserInput | Possible injection path from user input to dangerous call to Invoke-Expression | +| test.ps1:16:50:16:79 | Get-Process -Name $UserInput | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:16:50:16:79 | Get-Process -Name $UserInput | Possible injection path from user input to dangerous call to InvokeScript | +| test.ps1:22:41:22:70 | Get-Process -Name $UserInput | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:22:41:22:70 | Get-Process -Name $UserInput | Possible injection path from user input to dangerous call to CreateNestedPipeline | +| test.ps1:22:41:22:70 | Get-Process -Name $UserInput | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:22:41:22:70 | Get-Process -Name $UserInput | Possible injection path from user input to dangerous call to Invoke | +| test.ps1:22:60:22:69 | UserInput | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:22:60:22:69 | UserInput | Possible injection path from user input to dangerous call to Invoke | +| test.ps1:28:38:28:67 | Get-Process -Name $UserInput | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:28:38:28:67 | Get-Process -Name $UserInput | Possible injection path from user input to dangerous call to AddScript | +| test.ps1:28:38:28:67 | Get-Process -Name $UserInput | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:28:38:28:67 | Get-Process -Name $UserInput | Possible injection path from user input to dangerous call to Invoke | +| test.ps1:28:57:28:66 | UserInput | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:28:57:28:66 | UserInput | Possible injection path from user input to dangerous call to Invoke | +| test.ps1:34:14:34:46 | public class Foo { $UserInput } | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:34:14:34:46 | public class Foo { $UserInput } | Possible injection path from user input to dangerous call to Invoke-Expression | +| test.ps1:40:30:40:62 | public class Foo { $UserInput } | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:40:30:40:62 | public class Foo { $UserInput } | Possible injection path from user input to dangerous call to Invoke-Expression | +| test.ps1:48:30:48:34 | code | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:48:30:48:34 | code | Possible injection path from user input to dangerous call to Invoke-Expression | +| test.ps1:75:25:75:54 | Get-Process -Name $UserInput | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:75:25:75:54 | Get-Process -Name $UserInput | Possible injection path from user input to dangerous call to Powershell | +| test.ps1:82:16:82:45 | Get-Process -Name $UserInput | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:82:16:82:45 | Get-Process -Name $UserInput | Possible injection path from user input to dangerous call to Powershell | +| test.ps1:89:12:89:28 | ping $UserInput | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:89:12:89:28 | ping $UserInput | Possible injection path from user input to dangerous call to Cmd | +| test.ps1:106:33:106:62 | Get-Process -Name $UserInput | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:106:33:106:62 | Get-Process -Name $UserInput | Possible injection path from user input to dangerous call to CreateScriptBlock | +| test.ps1:116:58:116:87 | Get-Process -Name $UserInput | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:116:58:116:87 | Get-Process -Name $UserInput | Possible injection path from user input to dangerous call to NewScriptBlock | +| test.ps1:124:34:124:43 | UserInput | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:124:34:124:43 | UserInput | Possible injection path from user input to dangerous call to ForEach-Object | +| test.ps1:131:28:131:37 | UserInput | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:131:28:131:37 | UserInput | Possible injection path from user input to dangerous call to Invoke | +| test.ps1:138:28:138:37 | UserInput | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:138:28:138:37 | UserInput | Possible injection path from user input to dangerous call to Invoke | +| test.ps1:168:50:168:59 | UserInput | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:168:50:168:59 | UserInput | Possible injection path from user input to dangerous call to ExpandString | +| test.ps1:176:63:176:72 | UserInput | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:176:63:176:72 | UserInput | Possible injection path from user input to dangerous call to ExpandString | +| test.ps1:192:23:192:54 | Get-Process -Name "$escaped" | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:192:23:192:54 | Get-Process -Name "$escaped" | Possible injection path from user input to dangerous call to Invoke-Expression | diff --git a/powershell/ql/test/query-tests/security/cwe-078/InjectionHunter/InjectionHunter.qlref b/powershell/ql/test/query-tests/security/cwe-078/InjectionHunter/InjectionHunter.qlref new file mode 100644 index 00000000000..61447f65050 --- /dev/null +++ b/powershell/ql/test/query-tests/security/cwe-078/InjectionHunter/InjectionHunter.qlref @@ -0,0 +1 @@ +queries/security/cwe-078/InjectionHunter/UserInputToDangerousMethod.ql \ No newline at end of file diff --git a/powershell/ql/test/query-tests/security/cwe-078/InjectionHunter/test.ps1 b/powershell/ql/test/query-tests/security/cwe-078/InjectionHunter/test.ps1 new file mode 100644 index 00000000000..3757d9d4f2c --- /dev/null +++ b/powershell/ql/test/query-tests/security/cwe-078/InjectionHunter/test.ps1 @@ -0,0 +1,221 @@ +function Invoke-InvokeExpressionInjection1 +{ + param($UserInput) + Invoke-Expression "Get-Process -Name $UserInput" +} + +function Invoke-InvokeExpressionInjection2 +{ + param($UserInput) + iex "Get-Process -Name $UserInput" +} + +function Invoke-InvokeExpressionInjection3 +{ + param($UserInput) + $executionContext.InvokeCommand.InvokeScript("Get-Process -Name $UserInput") +} + +function Invoke-InvokeExpressionInjection4 +{ + param($UserInput) + $host.Runspace.CreateNestedPipeline("Get-Process -Name $UserInput", $false).Invoke() +} + +function Invoke-InvokeExpressionInjection5 +{ + param($UserInput) + [PowerShell]::Create().AddScript("Get-Process -Name $UserInput").Invoke() +} + +function Invoke-InvokeExpressionInjection6 +{ + param($UserInput) + Add-Type "public class Foo { $UserInput }" +} + +function Invoke-InvokeExpressionInjection7 +{ + param($UserInput) + Add-Type -TypeDefinition "public class Foo { $UserInput }" +} + +function Invoke-InvokeExpressionInjection8 +{ + param($UserInput) + + $code = "public class Foo { $UserInput }" + Add-Type -TypeDefinition $code +} + +function Invoke-InvokeExpressionInjectionFP +{ + param($UserInput) + + $code = @" + public class BasicTest + { + public static int Add(int a, int b) + { + return (a + b); + } + public int Multiply(int a, int b) + { + return (a * b); + } + } +"@ + Add-Type -TypeDefinition $code +} + +function Invoke-ExploitableCommandInjection1 +{ + param($UserInput) + + powershell -command "Get-Process -Name $UserInput" +} + +function Invoke-ExploitableCommandInjection2 +{ + param($UserInput) + + powershell "Get-Process -Name $UserInput" +} + +function Invoke-ExploitableCommandInjection3 +{ + param($UserInput) + + cmd /c "ping $UserInput" +} + +#Allowed +function Invoke-ExploitableCommandInjectionFP +{ + param($UserInput) + + cmd /c "ping localhost" +} + +function Invoke-ScriptBlockInjection1 +{ + param($UserInput) + + ## Often used when making remote connections + + $sb = [ScriptBlock]::Create("Get-Process -Name $UserInput") + Invoke-Command RemoteServer $sb +} + +function Invoke-ScriptBlockInjection2 +{ + param($UserInput) + + ## Often used when making remote connections + + $sb = $executionContext.InvokeCommand.NewScriptBlock("Get-Process -Name $UserInput") + Invoke-Command RemoteServer $sb +} + +function Invoke-MethodInjection1 +{ + param($UserInput) + + Get-Process | Foreach-Object $UserInput +} + +function Invoke-MethodInjection2 +{ + param($UserInput) + + (Get-Process -Id $pid).$UserInput() +} + +function Invoke-MethodInjection3 +{ + param($UserInput) + + (Get-Process -Id $pid).$UserInput.Invoke() +} + +#ALLOWED , uses script block +function Invoke-MethodInjectionFP1 +{ + param($UserInput) + + Get-Process | Foreach-Object { $_.Name } +} +#ALLOWED, uses constant member access +function Invoke-MethodInjectionFP2 +{ + param($UserInput) + + Get-Process | Foreach-Object "Name" +} + +function Invoke-PropertyInjection +{ + param($UserInput) + + [DateTime]::$UserInput +} + +function Invoke-ExpandStringInjection1 +{ + param($UserInput) + + ## Used to attempt a variable resolution + $executionContext.InvokeCommand.ExpandString($UserInput) +} + +function Invoke-ExpandStringInjection2 +{ + param($UserInput) + + ## Used to attempt a variable resolution + $executionContext.SessionState.InvokeCommand.ExpandString($UserInput) +} + +function Invoke-UnsafeEscape1 +{ + param($UserInput) + + $escaped = $UserInput -replace "'", "''" + Invoke-Expression "Get-Process -Name '$escaped'" +} + +function Invoke-UnsafeEscape2 +{ + param($UserInput) + + $escaped = $UserInput -replace '"', '`"' + Invoke-Expression "Get-Process -Name `"$escaped`"" +} + +$input = Read-Host "enter input" + +Invoke-InvokeExpressionInjection1 -UserInput $input +Invoke-InvokeExpressionInjection2 -UserInput $input +Invoke-InvokeExpressionInjection3 -UserInput $input +Invoke-InvokeExpressionInjection4 -UserInput $input +Invoke-InvokeExpressionInjection5 -UserInput $input +Invoke-InvokeExpressionInjection6 -UserInput $input +Invoke-InvokeExpressionInjection7 -UserInput $input +Invoke-InvokeExpressionInjection8 -UserInput $input +Invoke-InvokeExpressionInjectionFP -UserInput $input +Invoke-ExploitableCommandInjection1 -UserInput $input +Invoke-ExploitableCommandInjection2 -UserInput $input +Invoke-ExploitableCommandInjection3 -UserInput $input +Invoke-ExploitableCommandInjectionFP -UserInput $input +Invoke-ScriptBlockInjection1 -UserInput $input +Invoke-ScriptBlockInjection2 -UserInput $input +Invoke-MethodInjection1 -UserInput $input +Invoke-MethodInjection2 -UserInput $input +Invoke-MethodInjection3 -UserInput $input +Invoke-MethodInjectionFP1 -UserInput $input +Invoke-MethodInjectionFP2 -UserInput $input +Invoke-PropertyInjection -UserInput $input +Invoke-ExpandStringInjection1 -UserInput $input +Invoke-ExpandStringInjection2 -UserInput $input +Invoke-UnsafeEscape1 -UserInput $input +Invoke-UnsafeEscape2 -UserInput $input \ No newline at end of file From ed553d393b7bbe6c80974a07fb72c84aa9c287ab Mon Sep 17 00:00:00 2001 From: Chanel Young Date: Wed, 16 Apr 2025 14:32:30 -0700 Subject: [PATCH 05/17] merged work into CommandInjection query --- .../CommandInjectionCustomizations.qll | 168 ++++++++++++- .../security/cwe-078/CommandInjection.qhelp | 20 +- .../cwe-078/InjectionHunter/Sanitizers.qll | 26 --- .../cwe-078/InjectionHunter/Sinks.qll | 152 ------------ .../UserInputToDangerousMethod.qhelp | 48 ---- .../UserInputToDangerousMethod.ql | 36 --- .../cwe-078/CommandInjection/test.ps1 | 211 ++++++++++++++++- .../InjectionHunter/InjectionHunter.expected | 146 ------------ .../InjectionHunter/InjectionHunter.qlref | 1 - .../security/cwe-078/InjectionHunter/test.ps1 | 221 ------------------ 10 files changed, 392 insertions(+), 637 deletions(-) delete mode 100644 powershell/ql/src/queries/security/cwe-078/InjectionHunter/Sanitizers.qll delete mode 100644 powershell/ql/src/queries/security/cwe-078/InjectionHunter/Sinks.qll delete mode 100644 powershell/ql/src/queries/security/cwe-078/InjectionHunter/UserInputToDangerousMethod.qhelp delete mode 100644 powershell/ql/src/queries/security/cwe-078/InjectionHunter/UserInputToDangerousMethod.ql delete mode 100644 powershell/ql/test/query-tests/security/cwe-078/InjectionHunter/InjectionHunter.expected delete mode 100644 powershell/ql/test/query-tests/security/cwe-078/InjectionHunter/InjectionHunter.qlref delete mode 100644 powershell/ql/test/query-tests/security/cwe-078/InjectionHunter/test.ps1 diff --git a/powershell/ql/lib/semmle/code/powershell/security/CommandInjectionCustomizations.qll b/powershell/ql/lib/semmle/code/powershell/security/CommandInjectionCustomizations.qll index 1623941fb82..a75fd0028ca 100644 --- a/powershell/ql/lib/semmle/code/powershell/security/CommandInjectionCustomizations.qll +++ b/powershell/ql/lib/semmle/code/powershell/security/CommandInjectionCustomizations.qll @@ -5,6 +5,7 @@ */ private import semmle.code.powershell.dataflow.DataFlow +import semmle.code.powershell.ApiGraphs private import semmle.code.powershell.dataflow.flowsources.FlowSources private import semmle.code.powershell.Cfg @@ -20,7 +21,9 @@ module CommandInjection { /** * A data flow sink for command-injection vulnerabilities. */ - abstract class Sink extends DataFlow::Node { } + abstract class Sink extends DataFlow::Node { + abstract string getSinkType(); + } /** * A sanitizer for command-injection vulnerabilities. @@ -39,13 +42,16 @@ module CommandInjection { SystemCommandExecutionSink() { // An argument to a call exists(DataFlow::CallNode call | - call.getName() = "Invoke-Expression" and + call.getName() = ["Invoke-Expression", "iex"] and call.getAnArgument() = this ) or // Or the call command itself in case it's a use of operator &. any(DataFlow::CallOperatorNode call).getCommand() = this } + override string getSinkType() { + result = "call to Invoke-Expression" + } } class AddTypeSink extends Sink { @@ -55,11 +61,169 @@ module CommandInjection { call.getAnArgument() = this ) } + override string getSinkType() { + result = "call to Add-Type" + } } + class InvokeScriptSink extends Sink { + InvokeScriptSink() { + exists(API::Node call | + API::getTopLevelMember("executioncontext").getMember("invokecommand").getMethod("invokescript") = call and + this = call.getArgument(_).asSink() + ) + } + override string getSinkType(){ + result = "call to InvokeScript" + } +} + +class CreateNestedPipelineSink extends Sink { + CreateNestedPipelineSink() { + exists(API::Node call | + API::getTopLevelMember("host").getMember("runspace").getMethod("createnestedpipeline") = call and + this = call.getArgument(_).asSink() + ) + } + override string getSinkType(){ + result = "call to CreateNestedPipeline" + } +} + +class AddScriptInvokeSink extends Sink { + AddScriptInvokeSink() { + exists(InvokeMemberExpr ie | + this.asExpr().getExpr() = ie.getAnArgument() and + ie.getName() = "AddScript" and + ie.getQualifier().(InvokeMemberExpr).getName() = "Create" and + ie.getQualifier().getAChild().toString() = "PowerShell" and + ie.getParent().(InvokeMemberExpr).getName() = "Invoke" + ) + } + override string getSinkType(){ + result = "call to AddScript" + } +} + +class PowershellSink extends Sink { + PowershellSink() { + exists( CmdCall c | + c.getName() = "powershell" | + ( + this.asExpr().getExpr() = c.getArgument(1) and + c.getArgument(0).getValue().toString() = "-command" + ) or + ( + this.asExpr().getExpr() = c.getArgument(0) + ) + ) + } + override string getSinkType(){ + result = "call to Powershell" + } +} + +class CmdSink extends Sink { + CmdSink() { + exists(CmdCall c | + this.asExpr().getExpr() = c.getArgument(1) and + c.getName() = "cmd" and + c.getArgument(0).getValue().toString() = "/c" + ) + } + override string getSinkType(){ + result = "call to Cmd" + } +} + +class ForEachObjectSink extends Sink { + ForEachObjectSink() { + exists(CmdCall c | + this.asExpr().getExpr() = c.getAnArgument() and + c.getName() = "Foreach-Object" + ) + } + override string getSinkType(){ + result = "call to ForEach-Object" + } +} + +class InvokeSink extends Sink { + InvokeSink() { + exists(InvokeMemberExpr ie | + this.asExpr().getExpr() = ie.getCallee() or + this.asExpr().getExpr() = ie.getQualifier().getAChild*() + ) + } + override string getSinkType(){ + result = "call to Invoke" + } +} + +class CreateScriptBlockSink extends Sink { + CreateScriptBlockSink() { + exists(InvokeMemberExpr ie | + this.asExpr().getExpr() = ie.getAnArgument() and + ie.getName() = "Create" and + ie.getQualifier().toString() = "ScriptBlock" + ) + } + override string getSinkType(){ + result = "call to CreateScriptBlock" + } +} + +class NewScriptBlockSink extends Sink { + NewScriptBlockSink() { + exists(API::Node call | + API::getTopLevelMember("executioncontext").getMember("invokecommand").getMethod("newscriptblock") = call and + this = call.getArgument(_).asSink() + ) + } + override string getSinkType(){ + result = "call to NewScriptBlock" + } +} + +class ExpandStringSink extends Sink { + ExpandStringSink() { + exists(API::Node call | this = call.getArgument(_).asSink() | + API::getTopLevelMember("executioncontext").getMember("invokecommand").getMethod("expandstring") = call or + API::getTopLevelMember("executioncontext").getMember("sessionstate").getMember("invokecommand").getMethod("expandstring") = call + + ) + } + override string getSinkType(){ + result = "call to ExpandString" + } +} + private class ExternalCommandInjectionSink extends Sink { ExternalCommandInjectionSink() { this = ModelOutput::getASinkNode("command-injection").asSink() } + override string getSinkType() { + result = "external command injection" + } + } + + class TypedParameterSanitizer extends Sanitizer { + TypedParameterSanitizer() { + exists(Function f, Parameter p | + p = f.getAParameter() and + p.getStaticType() != "Object" and + this.asParameter() = p + ) + } + } + + class SingleQuoteSanitizer extends Sanitizer { + SingleQuoteSanitizer() { + exists(Expr e, VarReadAccess v | + e = this.asExpr().getExpr().getParent() and + e.toString().matches("%'$" + v.getVariable().getName() + "'%") + ) + } } } + diff --git a/powershell/ql/src/queries/security/cwe-078/CommandInjection.qhelp b/powershell/ql/src/queries/security/cwe-078/CommandInjection.qhelp index b75401a5d70..e89985142d9 100644 --- a/powershell/ql/src/queries/security/cwe-078/CommandInjection.qhelp +++ b/powershell/ql/src/queries/security/cwe-078/CommandInjection.qhelp @@ -8,6 +8,21 @@ routine that executes a command, allows the user to execute malicious code.

    +

    The following are considered dangerous sinks:

    +
      +
    • Invoke-Expression
      • +
    • InvokeScript
      • +
    • CreateNestedPipeline
      • +
    • AddScript
      • +
    • powershell
      • +
    • cmd
      • +
    • Foreach-Object
      • +
    • Invoke
      • +
    • CreateScriptBlock
      • +
    • NewScriptBlock
      • +
    • ExpandString
      • +
    + @@ -36,7 +51,10 @@ without examining it first.

    OWASP: Command Injection. - +
  • +Injection Hunter: +PowerShell Injection Hunter: Security Auditing for PowerShell Scripts. +
    • diff --git a/powershell/ql/src/queries/security/cwe-078/InjectionHunter/Sanitizers.qll b/powershell/ql/src/queries/security/cwe-078/InjectionHunter/Sanitizers.qll deleted file mode 100644 index ac635928e10..00000000000 --- a/powershell/ql/src/queries/security/cwe-078/InjectionHunter/Sanitizers.qll +++ /dev/null @@ -1,26 +0,0 @@ -import powershell -import semmle.code.powershell.dataflow.TaintTracking -import semmle.code.powershell.dataflow.DataFlow -import semmle.code.powershell.ApiGraphs - - -abstract class Sanitizer extends DataFlow::Node {} - -class TypedParameterSanitizer extends Sanitizer { - TypedParameterSanitizer() { - exists(Function f, Parameter p | - p = f.getAParameter() and - p.getStaticType() != "Object" and - this.asParameter() = p - ) - } -} - -class SingleQuoteSanitizer extends Sanitizer { - SingleQuoteSanitizer() { - exists(Expr e, VarReadAccess v | - e = this.asExpr().getExpr().getParent() and - e.toString().matches("%'$" + v.getVariable().getName() + "'%") - ) - } -} diff --git a/powershell/ql/src/queries/security/cwe-078/InjectionHunter/Sinks.qll b/powershell/ql/src/queries/security/cwe-078/InjectionHunter/Sinks.qll deleted file mode 100644 index 4c62966746f..00000000000 --- a/powershell/ql/src/queries/security/cwe-078/InjectionHunter/Sinks.qll +++ /dev/null @@ -1,152 +0,0 @@ -import powershell -import semmle.code.powershell.dataflow.TaintTracking -import semmle.code.powershell.dataflow.DataFlow -import semmle.code.powershell.ApiGraphs -import semmle.code.powershell.dataflow.flowsources.FlowSources - -abstract class InjectionSink extends DataFlow::Node { - abstract string getSinkType(); -} - -class InvokeExpressionCall extends InjectionSink { - InvokeExpressionCall() { - exists(CmdCall c | - this.asExpr().getExpr() = c.getAnArgument() and - c.getName() = ["Invoke-Expression", "iex", "Add-Type" ] ) - } - override string getSinkType(){ - result = "call to Invoke-Expression" - } -} - -class InvokeScriptSink extends InjectionSink { - InvokeScriptSink() { - exists(API::Node call | - API::getTopLevelMember("executioncontext").getMember("invokecommand").getMethod("invokescript") = call and - this = call.getArgument(_).asSink() - ) - } - override string getSinkType(){ - result = "call to InvokeScript" - } -} - -class CreateNestedPipelineSink extends InjectionSink { - CreateNestedPipelineSink() { - exists(API::Node call | - API::getTopLevelMember("host").getMember("runspace").getMethod("createnestedpipeline") = call and - this = call.getArgument(_).asSink() - ) - } - override string getSinkType(){ - result = "call to CreateNestedPipeline" - } -} - -class AddScriptInvokeSink extends InjectionSink { - AddScriptInvokeSink() { - exists(InvokeMemberExpr ie | - this.asExpr().getExpr() = ie.getAnArgument() and - ie.getName() = "AddScript" and - ie.getQualifier().(InvokeMemberExpr).getName() = "Create" and - ie.getQualifier().getAChild().toString() = "PowerShell" and - ie.getParent().(InvokeMemberExpr).getName() = "Invoke" - ) - } - override string getSinkType(){ - result = "call to AddScript" - } -} - -class PowershellSink extends InjectionSink { - PowershellSink() { - exists( CmdCall c | - c.getName() = "powershell" | - ( - this.asExpr().getExpr() = c.getArgument(1) and - c.getArgument(0).getValue().toString() = "-command" - ) or - ( - this.asExpr().getExpr() = c.getArgument(0) - ) - ) - } - override string getSinkType(){ - result = "call to Powershell" - } -} - -class CmdSink extends InjectionSink { - CmdSink() { - exists(CmdCall c | - this.asExpr().getExpr() = c.getArgument(1) and - c.getName() = "cmd" and - c.getArgument(0).getValue().toString() = "/c" - ) - } - override string getSinkType(){ - result = "call to Cmd" - } -} - -class ForEachObjectSink extends InjectionSink { - ForEachObjectSink() { - exists(CmdCall c | - this.asExpr().getExpr() = c.getAnArgument() and - c.getName() = "Foreach-Object" - ) - } - override string getSinkType(){ - result = "call to ForEach-Object" - } -} - -class InvokeSink extends InjectionSink { - InvokeSink() { - exists(InvokeMemberExpr ie | - this.asExpr().getExpr() = ie.getCallee() or - this.asExpr().getExpr() = ie.getQualifier().getAChild*() - ) - } - override string getSinkType(){ - result = "call to Invoke" - } -} - -class CreateScriptBlockSink extends InjectionSink { - CreateScriptBlockSink() { - exists(InvokeMemberExpr ie | - this.asExpr().getExpr() = ie.getAnArgument() and - ie.getName() = "Create" and - ie.getQualifier().toString() = "ScriptBlock" - ) - } - override string getSinkType(){ - result = "call to CreateScriptBlock" - } -} - -class NewScriptBlockSink extends InjectionSink { - NewScriptBlockSink() { - exists(API::Node call | - API::getTopLevelMember("executioncontext").getMember("invokecommand").getMethod("newscriptblock") = call and - this = call.getArgument(_).asSink() - ) - } - override string getSinkType(){ - result = "call to NewScriptBlock" - } -} - -class ExpandStringSink extends InjectionSink { - ExpandStringSink() { - exists(API::Node call | this = call.getArgument(_).asSink() | - API::getTopLevelMember("executioncontext").getMember("invokecommand").getMethod("expandstring") = call or - API::getTopLevelMember("executioncontext").getMember("sessionstate").getMember("invokecommand").getMethod("expandstring") = call - - ) - } - override string getSinkType(){ - result = "call to ExpandString" - } -} \ No newline at end of file diff --git a/powershell/ql/src/queries/security/cwe-078/InjectionHunter/UserInputToDangerousMethod.qhelp b/powershell/ql/src/queries/security/cwe-078/InjectionHunter/UserInputToDangerousMethod.qhelp deleted file mode 100644 index de459c2e84f..00000000000 --- a/powershell/ql/src/queries/security/cwe-078/InjectionHunter/UserInputToDangerousMethod.qhelp +++ /dev/null @@ -1,48 +0,0 @@ - - - -

    Code that passes user input directly to -Invoke-Expression, &, or some other library -routine that executes a command, allows the user to execute malicious -code.

    - -

    This is a port of the InjectionHunter tool by Lee Holmes, and checks when user input is passed to any of the following:

    -
      -
    • Invoke-Expression
      • -
    • InvokeScript
      • -
    • CreateNestedPipeline
      • -
    • AddScript
      • -
    • powershell
      • -
    • cmd
      • -
    • Foreach-Object
      • -
    • Invoke
      • -
    • CreateScriptBlock
      • -
    • NewScriptBlock
      • -
    • ExpandString
      • -
    - -     - - -

    Possible script injection risk. Untrusted input can cause arbitrary PowerShell expressions to be run. -Variables may be used directly for dynamic parameter arguments, splatting can be used for dynamic parameter names, -and the invocation operator can be used for dynamic command names. If content escaping is truly needed, PowerShell has several valid quote characters, -so [System.Management.Automation.Language.CodeGeneration]::Escape* should be used.

    - -     - - - -
  • -OWASP: -Command Injection. -
    • -
  • -Injection Hunter: -PowerShell Injection Hunter: Security Auditing for PowerShell Scripts. -
    • - -     -     diff --git a/powershell/ql/src/queries/security/cwe-078/InjectionHunter/UserInputToDangerousMethod.ql b/powershell/ql/src/queries/security/cwe-078/InjectionHunter/UserInputToDangerousMethod.ql deleted file mode 100644 index 11730a65299..00000000000 --- a/powershell/ql/src/queries/security/cwe-078/InjectionHunter/UserInputToDangerousMethod.ql +++ /dev/null @@ -1,36 +0,0 @@ -/** - * @name User Input to injection sink - * @description Finding cases where the user input is passed an dangerous method that can lead to RCE - * @kind path-problem - * @problem.severity error - * @security-severity 9.8 - * @precision high - * @id powershell/microsoft/public/user-input-to-injection-sink - * @tags security - * external/cwe/cwe-078 - * external/cwe/cwe-088 - */ - -import powershell -import semmle.code.powershell.dataflow.TaintTracking -import semmle.code.powershell.dataflow.DataFlow -import semmle.code.powershell.ApiGraphs -import semmle.code.powershell.dataflow.flowsources.FlowSources - -import Sanitizers -import Sinks - -private module InjectionConfig implements DataFlow::ConfigSig { - predicate isSource(DataFlow::Node source) { - source instanceof SourceNode - } - predicate isSink(DataFlow::Node sink) { sink instanceof InjectionSink } - predicate isBarrier(DataFlow::Node node) {node instanceof Sanitizer} -} - -module InjectionFlow = TaintTracking::Global; -import InjectionFlow::PathGraph - -from InjectionFlow::PathNode source, InjectionFlow::PathNode sink -where InjectionFlow::flowPath(source, sink) -select sink.getNode(), source, sink, "Possible injection path from user input to dangerous " + sink.getNode().(InjectionSink).getSinkType() diff --git a/powershell/ql/test/query-tests/security/cwe-078/CommandInjection/test.ps1 b/powershell/ql/test/query-tests/security/cwe-078/CommandInjection/test.ps1 index 682b1af3752..fd1bc38ce08 100644 --- a/powershell/ql/test/query-tests/security/cwe-078/CommandInjection/test.ps1 +++ b/powershell/ql/test/query-tests/security/cwe-078/CommandInjection/test.ps1 @@ -1,7 +1,210 @@ -param ($x) +function Invoke-InvokeExpressionInjection1 +{ + param($UserInput) + Invoke-Expression "Get-Process -Name $UserInput" +} -Invoke-Expression -Command "Get-Process -Id $x" # BAD +function Invoke-InvokeExpressionInjection2 +{ + param($UserInput) + iex "Get-Process -Name $UserInput" +} -$code = "$Env:MY_VAR" +function Invoke-InvokeExpressionInjection3 +{ + param($UserInput) + $executionContext.InvokeCommand.InvokeScript("Get-Process -Name $UserInput") +} -& "$code --enabled" # BAD \ No newline at end of file +function Invoke-InvokeExpressionInjection4 +{ + param($UserInput) + $host.Runspace.CreateNestedPipeline("Get-Process -Name $UserInput", $false).Invoke() +} + +function Invoke-InvokeExpressionInjection5 +{ + param($UserInput) + [PowerShell]::Create().AddScript("Get-Process -Name $UserInput").Invoke() +} + +function Invoke-InvokeExpressionInjection6 +{ + param($UserInput) + Add-Type "public class Foo { $UserInput }" +} + +function Invoke-InvokeExpressionInjection7 +{ + param($UserInput) + Add-Type -TypeDefinition "public class Foo { $UserInput }" +} + +function Invoke-InvokeExpressionInjection8 +{ + param($UserInput) + + $code = "public class Foo { $UserInput }" + Add-Type -TypeDefinition $code +} + +function Invoke-InvokeExpressionInjectionFP +{ + param($UserInput) + + $code = @" + public class BasicTest + { + public static int Add(int a, int b) + { + return (a + b); + } + public int Multiply(int a, int b) + { + return (a * b); + } + } +"@ + Add-Type -TypeDefinition $code +} + +function Invoke-ExploitableCommandInjection1 +{ + param($UserInput) + + powershell -command "Get-Process -Name $UserInput" +} + +function Invoke-ExploitableCommandInjection2 +{ + param($UserInput) + + powershell "Get-Process -Name $UserInput" +} + +function Invoke-ExploitableCommandInjection3 +{ + param($UserInput) + + cmd /c "ping $UserInput" +} + +function Invoke-ScriptBlockInjection1 +{ + param($UserInput) + + ## Often used when making remote connections + + $sb = [ScriptBlock]::Create("Get-Process -Name $UserInput") + Invoke-Command RemoteServer $sb +} + +function Invoke-ScriptBlockInjection2 +{ + param($UserInput) + + ## Often used when making remote connections + + $sb = $executionContext.InvokeCommand.NewScriptBlock("Get-Process -Name $UserInput") + Invoke-Command RemoteServer $sb +} + +function Invoke-MethodInjection1 +{ + param($UserInput) + + Get-Process | Foreach-Object $UserInput +} + +function Invoke-MethodInjection2 +{ + param($UserInput) + + (Get-Process -Id $pid).$UserInput() +} + +function Invoke-MethodInjection3 +{ + param($UserInput) + + (Get-Process -Id $pid).$UserInput.Invoke() +} + +#TODO: currently a FN +function Invoke-ExpandStringInjection1 +{ + param($UserInput) + + ## Used to attempt a variable resolution + $executionContext.InvokeCommand.ExpandString($UserInput) +} + +function Invoke-ExpandStringInjection2 +{ + param($UserInput) + + ## Used to attempt a variable resolution + $executionContext.SessionState.InvokeCommand.ExpandString($UserInput) +} + + + +$input = Read-Host "enter input" + +Invoke-InvokeExpressionInjection1 -UserInput $input +Invoke-InvokeExpressionInjection2 -UserInput $input +Invoke-InvokeExpressionInjection3 -UserInput $input +Invoke-InvokeExpressionInjection4 -UserInput $input +Invoke-InvokeExpressionInjection5 -UserInput $input +Invoke-InvokeExpressionInjection6 -UserInput $input +Invoke-InvokeExpressionInjection7 -UserInput $input +Invoke-InvokeExpressionInjection8 -UserInput $input +Invoke-InvokeExpressionInjectionFP -UserInput $input +Invoke-ExploitableCommandInjection1 -UserInput $input +Invoke-ExploitableCommandInjection2 -UserInput $input +Invoke-ExploitableCommandInjection3 -UserInput $input +Invoke-ScriptBlockInjection1 -UserInput $input +Invoke-ScriptBlockInjection2 -UserInput $input +Invoke-MethodInjection1 -UserInput $input +Invoke-MethodInjection2 -UserInput $input +Invoke-MethodInjection3 -UserInput $input +Invoke-PropertyInjection -UserInput $input +Invoke-ExpandStringInjection1 -UserInput $input +Invoke-ExpandStringInjection2 -UserInput $input + +#typed input +function Invoke-InvokeExpressionInjectionSafe1 +{ + param([int] $UserInput) + Invoke-Expression "Get-Process -Name $UserInput" +} + +#single quotes to treat them as string literal +function Invoke-InvokeExpressionInjectionSafe2 +{ + param($UserInput) + Invoke-Expression "Get-Process -Name '$UserInput'" +} +#EscapeSingleQuotedStringContent API +function Invoke-InvokeExpressionInjectionSafe3 +{ + param([int] $UserInput) + + $UserInputClean = [System.Management.Automation.Language.CodeGeneration]:: + EscapeSingleQuotedStringContent("$UserInput") + Invoke-Expression "Get-Process -Name $UserInputClean" +} + +#EscapeSingleQuotedStringContent API 2 +function Invoke-InvokeExpressionInjectionSafe4 +{ + param([int] $UserInput) + + $UserInputClean = [System.Management.Automation.Language.CodeGeneration]::EscapeSingleQuotedStringContent("$UserInput") + Invoke-Expression "Get-Process -Name $UserInputClean" +} + +Invoke-InvokeExpressionInjectionSafe1 -UserInput $input +Invoke-InvokeExpressionInjectionSafe2 -UserInput $input +Invoke-InvokeExpressionInjectionSafe3 -UserInput $input +Invoke-InvokeExpressionInjectionSafe4 -UserInput $input \ No newline at end of file diff --git a/powershell/ql/test/query-tests/security/cwe-078/InjectionHunter/InjectionHunter.expected b/powershell/ql/test/query-tests/security/cwe-078/InjectionHunter/InjectionHunter.expected deleted file mode 100644 index 8bfcc1dafec..00000000000 --- a/powershell/ql/test/query-tests/security/cwe-078/InjectionHunter/InjectionHunter.expected +++ /dev/null @@ -1,146 +0,0 @@ -edges -| test.ps1:3:11:3:20 | UserInput | test.ps1:4:23:4:52 | Get-Process -Name $UserInput | provenance | | -| test.ps1:9:11:9:20 | UserInput | test.ps1:10:9:10:38 | Get-Process -Name $UserInput | provenance | | -| test.ps1:15:11:15:20 | UserInput | test.ps1:16:50:16:79 | Get-Process -Name $UserInput | provenance | | -| test.ps1:21:11:21:20 | UserInput | test.ps1:22:41:22:70 | Get-Process -Name $UserInput | provenance | | -| test.ps1:21:11:21:20 | UserInput | test.ps1:22:60:22:69 | UserInput | provenance | | -| test.ps1:27:11:27:20 | UserInput | test.ps1:28:38:28:67 | Get-Process -Name $UserInput | provenance | | -| test.ps1:27:11:27:20 | UserInput | test.ps1:28:57:28:66 | UserInput | provenance | | -| test.ps1:33:11:33:20 | UserInput | test.ps1:34:14:34:46 | public class Foo { $UserInput } | provenance | | -| test.ps1:39:11:39:20 | UserInput | test.ps1:40:30:40:62 | public class Foo { $UserInput } | provenance | | -| test.ps1:45:11:45:20 | UserInput | test.ps1:48:30:48:34 | code | provenance | | -| test.ps1:73:11:73:20 | UserInput | test.ps1:75:25:75:54 | Get-Process -Name $UserInput | provenance | | -| test.ps1:80:11:80:20 | UserInput | test.ps1:82:16:82:45 | Get-Process -Name $UserInput | provenance | | -| test.ps1:87:11:87:20 | UserInput | test.ps1:89:12:89:28 | ping $UserInput | provenance | | -| test.ps1:102:11:102:20 | UserInput | test.ps1:106:33:106:62 | Get-Process -Name $UserInput | provenance | | -| test.ps1:112:11:112:20 | UserInput | test.ps1:116:58:116:87 | Get-Process -Name $UserInput | provenance | | -| test.ps1:122:11:122:20 | UserInput | test.ps1:124:34:124:43 | UserInput | provenance | | -| test.ps1:129:11:129:20 | UserInput | test.ps1:131:28:131:37 | UserInput | provenance | | -| test.ps1:136:11:136:20 | UserInput | test.ps1:138:28:138:37 | UserInput | provenance | | -| test.ps1:165:11:165:20 | UserInput | test.ps1:168:50:168:59 | UserInput | provenance | | -| test.ps1:173:11:173:20 | UserInput | test.ps1:176:63:176:72 | UserInput | provenance | | -| test.ps1:189:11:189:20 | UserInput | test.ps1:192:23:192:54 | Get-Process -Name "$escaped" | provenance | | -| test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:197:46:197:51 | input | provenance | Src:MaD:11464 | -| test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:198:46:198:51 | input | provenance | Src:MaD:11464 | -| test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:199:46:199:51 | input | provenance | Src:MaD:11464 | -| test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:200:46:200:51 | input | provenance | Src:MaD:11464 | -| test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:201:46:201:51 | input | provenance | Src:MaD:11464 | -| test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:202:46:202:51 | input | provenance | Src:MaD:11464 | -| test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:203:46:203:51 | input | provenance | Src:MaD:11464 | -| test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:204:46:204:51 | input | provenance | Src:MaD:11464 | -| test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:206:48:206:53 | input | provenance | Src:MaD:11464 | -| test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:207:48:207:53 | input | provenance | Src:MaD:11464 | -| test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:208:48:208:53 | input | provenance | Src:MaD:11464 | -| test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:210:41:210:46 | input | provenance | Src:MaD:11464 | -| test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:211:41:211:46 | input | provenance | Src:MaD:11464 | -| test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:212:36:212:41 | input | provenance | Src:MaD:11464 | -| test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:213:36:213:41 | input | provenance | Src:MaD:11464 | -| test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:214:36:214:41 | input | provenance | Src:MaD:11464 | -| test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:218:42:218:47 | input | provenance | Src:MaD:11464 | -| test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:219:42:219:47 | input | provenance | Src:MaD:11464 | -| test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:221:33:221:38 | input | provenance | Src:MaD:11464 | -| test.ps1:197:46:197:51 | input | test.ps1:3:11:3:20 | UserInput | provenance | | -| test.ps1:198:46:198:51 | input | test.ps1:9:11:9:20 | UserInput | provenance | | -| test.ps1:199:46:199:51 | input | test.ps1:15:11:15:20 | UserInput | provenance | | -| test.ps1:200:46:200:51 | input | test.ps1:21:11:21:20 | UserInput | provenance | | -| test.ps1:201:46:201:51 | input | test.ps1:27:11:27:20 | UserInput | provenance | | -| test.ps1:202:46:202:51 | input | test.ps1:33:11:33:20 | UserInput | provenance | | -| test.ps1:203:46:203:51 | input | test.ps1:39:11:39:20 | UserInput | provenance | | -| test.ps1:204:46:204:51 | input | test.ps1:45:11:45:20 | UserInput | provenance | | -| test.ps1:206:48:206:53 | input | test.ps1:73:11:73:20 | UserInput | provenance | | -| test.ps1:207:48:207:53 | input | test.ps1:80:11:80:20 | UserInput | provenance | | -| test.ps1:208:48:208:53 | input | test.ps1:87:11:87:20 | UserInput | provenance | | -| test.ps1:210:41:210:46 | input | test.ps1:102:11:102:20 | UserInput | provenance | | -| test.ps1:211:41:211:46 | input | test.ps1:112:11:112:20 | UserInput | provenance | | -| test.ps1:212:36:212:41 | input | test.ps1:122:11:122:20 | UserInput | provenance | | -| test.ps1:213:36:213:41 | input | test.ps1:129:11:129:20 | UserInput | provenance | | -| test.ps1:214:36:214:41 | input | test.ps1:136:11:136:20 | UserInput | provenance | | -| test.ps1:218:42:218:47 | input | test.ps1:165:11:165:20 | UserInput | provenance | | -| test.ps1:219:42:219:47 | input | test.ps1:173:11:173:20 | UserInput | provenance | | -| test.ps1:221:33:221:38 | input | test.ps1:189:11:189:20 | UserInput | provenance | | -nodes -| test.ps1:3:11:3:20 | UserInput | semmle.label | UserInput | -| test.ps1:4:23:4:52 | Get-Process -Name $UserInput | semmle.label | Get-Process -Name $UserInput | -| test.ps1:9:11:9:20 | UserInput | semmle.label | UserInput | -| test.ps1:10:9:10:38 | Get-Process -Name $UserInput | semmle.label | Get-Process -Name $UserInput | -| test.ps1:15:11:15:20 | UserInput | semmle.label | UserInput | -| test.ps1:16:50:16:79 | Get-Process -Name $UserInput | semmle.label | Get-Process -Name $UserInput | -| test.ps1:21:11:21:20 | UserInput | semmle.label | UserInput | -| test.ps1:22:41:22:70 | Get-Process -Name $UserInput | semmle.label | Get-Process -Name $UserInput | -| test.ps1:22:60:22:69 | UserInput | semmle.label | UserInput | -| test.ps1:27:11:27:20 | UserInput | semmle.label | UserInput | -| test.ps1:28:38:28:67 | Get-Process -Name $UserInput | semmle.label | Get-Process -Name $UserInput | -| test.ps1:28:57:28:66 | UserInput | semmle.label | UserInput | -| test.ps1:33:11:33:20 | UserInput | semmle.label | UserInput | -| test.ps1:34:14:34:46 | public class Foo { $UserInput } | semmle.label | public class Foo { $UserInput } | -| test.ps1:39:11:39:20 | UserInput | semmle.label | UserInput | -| test.ps1:40:30:40:62 | public class Foo { $UserInput } | semmle.label | public class Foo { $UserInput } | -| test.ps1:45:11:45:20 | UserInput | semmle.label | UserInput | -| test.ps1:48:30:48:34 | code | semmle.label | code | -| test.ps1:73:11:73:20 | UserInput | semmle.label | UserInput | -| test.ps1:75:25:75:54 | Get-Process -Name $UserInput | semmle.label | Get-Process -Name $UserInput | -| test.ps1:80:11:80:20 | UserInput | semmle.label | UserInput | -| test.ps1:82:16:82:45 | Get-Process -Name $UserInput | semmle.label | Get-Process -Name $UserInput | -| test.ps1:87:11:87:20 | UserInput | semmle.label | UserInput | -| test.ps1:89:12:89:28 | ping $UserInput | semmle.label | ping $UserInput | -| test.ps1:102:11:102:20 | UserInput | semmle.label | UserInput | -| test.ps1:106:33:106:62 | Get-Process -Name $UserInput | semmle.label | Get-Process -Name $UserInput | -| test.ps1:112:11:112:20 | UserInput | semmle.label | UserInput | -| test.ps1:116:58:116:87 | Get-Process -Name $UserInput | semmle.label | Get-Process -Name $UserInput | -| test.ps1:122:11:122:20 | UserInput | semmle.label | UserInput | -| test.ps1:124:34:124:43 | UserInput | semmle.label | UserInput | -| test.ps1:129:11:129:20 | UserInput | semmle.label | UserInput | -| test.ps1:131:28:131:37 | UserInput | semmle.label | UserInput | -| test.ps1:136:11:136:20 | UserInput | semmle.label | UserInput | -| test.ps1:138:28:138:37 | UserInput | semmle.label | UserInput | -| test.ps1:165:11:165:20 | UserInput | semmle.label | UserInput | -| test.ps1:168:50:168:59 | UserInput | semmle.label | UserInput | -| test.ps1:173:11:173:20 | UserInput | semmle.label | UserInput | -| test.ps1:176:63:176:72 | UserInput | semmle.label | UserInput | -| test.ps1:189:11:189:20 | UserInput | semmle.label | UserInput | -| test.ps1:192:23:192:54 | Get-Process -Name "$escaped" | semmle.label | Get-Process -Name "$escaped" | -| test.ps1:195:10:195:32 | Call to Read-Host | semmle.label | Call to Read-Host | -| test.ps1:197:46:197:51 | input | semmle.label | input | -| test.ps1:198:46:198:51 | input | semmle.label | input | -| test.ps1:199:46:199:51 | input | semmle.label | input | -| test.ps1:200:46:200:51 | input | semmle.label | input | -| test.ps1:201:46:201:51 | input | semmle.label | input | -| test.ps1:202:46:202:51 | input | semmle.label | input | -| test.ps1:203:46:203:51 | input | semmle.label | input | -| test.ps1:204:46:204:51 | input | semmle.label | input | -| test.ps1:206:48:206:53 | input | semmle.label | input | -| test.ps1:207:48:207:53 | input | semmle.label | input | -| test.ps1:208:48:208:53 | input | semmle.label | input | -| test.ps1:210:41:210:46 | input | semmle.label | input | -| test.ps1:211:41:211:46 | input | semmle.label | input | -| test.ps1:212:36:212:41 | input | semmle.label | input | -| test.ps1:213:36:213:41 | input | semmle.label | input | -| test.ps1:214:36:214:41 | input | semmle.label | input | -| test.ps1:218:42:218:47 | input | semmle.label | input | -| test.ps1:219:42:219:47 | input | semmle.label | input | -| test.ps1:221:33:221:38 | input | semmle.label | input | -subpaths -#select -| test.ps1:4:23:4:52 | Get-Process -Name $UserInput | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:4:23:4:52 | Get-Process -Name $UserInput | Possible injection path from user input to dangerous call to Invoke-Expression | -| test.ps1:10:9:10:38 | Get-Process -Name $UserInput | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:10:9:10:38 | Get-Process -Name $UserInput | Possible injection path from user input to dangerous call to Invoke-Expression | -| test.ps1:16:50:16:79 | Get-Process -Name $UserInput | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:16:50:16:79 | Get-Process -Name $UserInput | Possible injection path from user input to dangerous call to InvokeScript | -| test.ps1:22:41:22:70 | Get-Process -Name $UserInput | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:22:41:22:70 | Get-Process -Name $UserInput | Possible injection path from user input to dangerous call to CreateNestedPipeline | -| test.ps1:22:41:22:70 | Get-Process -Name $UserInput | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:22:41:22:70 | Get-Process -Name $UserInput | Possible injection path from user input to dangerous call to Invoke | -| test.ps1:22:60:22:69 | UserInput | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:22:60:22:69 | UserInput | Possible injection path from user input to dangerous call to Invoke | -| test.ps1:28:38:28:67 | Get-Process -Name $UserInput | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:28:38:28:67 | Get-Process -Name $UserInput | Possible injection path from user input to dangerous call to AddScript | -| test.ps1:28:38:28:67 | Get-Process -Name $UserInput | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:28:38:28:67 | Get-Process -Name $UserInput | Possible injection path from user input to dangerous call to Invoke | -| test.ps1:28:57:28:66 | UserInput | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:28:57:28:66 | UserInput | Possible injection path from user input to dangerous call to Invoke | -| test.ps1:34:14:34:46 | public class Foo { $UserInput } | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:34:14:34:46 | public class Foo { $UserInput } | Possible injection path from user input to dangerous call to Invoke-Expression | -| test.ps1:40:30:40:62 | public class Foo { $UserInput } | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:40:30:40:62 | public class Foo { $UserInput } | Possible injection path from user input to dangerous call to Invoke-Expression | -| test.ps1:48:30:48:34 | code | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:48:30:48:34 | code | Possible injection path from user input to dangerous call to Invoke-Expression | -| test.ps1:75:25:75:54 | Get-Process -Name $UserInput | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:75:25:75:54 | Get-Process -Name $UserInput | Possible injection path from user input to dangerous call to Powershell | -| test.ps1:82:16:82:45 | Get-Process -Name $UserInput | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:82:16:82:45 | Get-Process -Name $UserInput | Possible injection path from user input to dangerous call to Powershell | -| test.ps1:89:12:89:28 | ping $UserInput | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:89:12:89:28 | ping $UserInput | Possible injection path from user input to dangerous call to Cmd | -| test.ps1:106:33:106:62 | Get-Process -Name $UserInput | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:106:33:106:62 | Get-Process -Name $UserInput | Possible injection path from user input to dangerous call to CreateScriptBlock | -| test.ps1:116:58:116:87 | Get-Process -Name $UserInput | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:116:58:116:87 | Get-Process -Name $UserInput | Possible injection path from user input to dangerous call to NewScriptBlock | -| test.ps1:124:34:124:43 | UserInput | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:124:34:124:43 | UserInput | Possible injection path from user input to dangerous call to ForEach-Object | -| test.ps1:131:28:131:37 | UserInput | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:131:28:131:37 | UserInput | Possible injection path from user input to dangerous call to Invoke | -| test.ps1:138:28:138:37 | UserInput | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:138:28:138:37 | UserInput | Possible injection path from user input to dangerous call to Invoke | -| test.ps1:168:50:168:59 | UserInput | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:168:50:168:59 | UserInput | Possible injection path from user input to dangerous call to ExpandString | -| test.ps1:176:63:176:72 | UserInput | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:176:63:176:72 | UserInput | Possible injection path from user input to dangerous call to ExpandString | -| test.ps1:192:23:192:54 | Get-Process -Name "$escaped" | test.ps1:195:10:195:32 | Call to Read-Host | test.ps1:192:23:192:54 | Get-Process -Name "$escaped" | Possible injection path from user input to dangerous call to Invoke-Expression | diff --git a/powershell/ql/test/query-tests/security/cwe-078/InjectionHunter/InjectionHunter.qlref b/powershell/ql/test/query-tests/security/cwe-078/InjectionHunter/InjectionHunter.qlref deleted file mode 100644 index 61447f65050..00000000000 --- a/powershell/ql/test/query-tests/security/cwe-078/InjectionHunter/InjectionHunter.qlref +++ /dev/null @@ -1 +0,0 @@ -queries/security/cwe-078/InjectionHunter/UserInputToDangerousMethod.ql \ No newline at end of file diff --git a/powershell/ql/test/query-tests/security/cwe-078/InjectionHunter/test.ps1 b/powershell/ql/test/query-tests/security/cwe-078/InjectionHunter/test.ps1 deleted file mode 100644 index 3757d9d4f2c..00000000000 --- a/powershell/ql/test/query-tests/security/cwe-078/InjectionHunter/test.ps1 +++ /dev/null @@ -1,221 +0,0 @@ -function Invoke-InvokeExpressionInjection1 -{ - param($UserInput) - Invoke-Expression "Get-Process -Name $UserInput" -} - -function Invoke-InvokeExpressionInjection2 -{ - param($UserInput) - iex "Get-Process -Name $UserInput" -} - -function Invoke-InvokeExpressionInjection3 -{ - param($UserInput) - $executionContext.InvokeCommand.InvokeScript("Get-Process -Name $UserInput") -} - -function Invoke-InvokeExpressionInjection4 -{ - param($UserInput) - $host.Runspace.CreateNestedPipeline("Get-Process -Name $UserInput", $false).Invoke() -} - -function Invoke-InvokeExpressionInjection5 -{ - param($UserInput) - [PowerShell]::Create().AddScript("Get-Process -Name $UserInput").Invoke() -} - -function Invoke-InvokeExpressionInjection6 -{ - param($UserInput) - Add-Type "public class Foo { $UserInput }" -} - -function Invoke-InvokeExpressionInjection7 -{ - param($UserInput) - Add-Type -TypeDefinition "public class Foo { $UserInput }" -} - -function Invoke-InvokeExpressionInjection8 -{ - param($UserInput) - - $code = "public class Foo { $UserInput }" - Add-Type -TypeDefinition $code -} - -function Invoke-InvokeExpressionInjectionFP -{ - param($UserInput) - - $code = @" - public class BasicTest - { - public static int Add(int a, int b) - { - return (a + b); - } - public int Multiply(int a, int b) - { - return (a * b); - } - } -"@ - Add-Type -TypeDefinition $code -} - -function Invoke-ExploitableCommandInjection1 -{ - param($UserInput) - - powershell -command "Get-Process -Name $UserInput" -} - -function Invoke-ExploitableCommandInjection2 -{ - param($UserInput) - - powershell "Get-Process -Name $UserInput" -} - -function Invoke-ExploitableCommandInjection3 -{ - param($UserInput) - - cmd /c "ping $UserInput" -} - -#Allowed -function Invoke-ExploitableCommandInjectionFP -{ - param($UserInput) - - cmd /c "ping localhost" -} - -function Invoke-ScriptBlockInjection1 -{ - param($UserInput) - - ## Often used when making remote connections - - $sb = [ScriptBlock]::Create("Get-Process -Name $UserInput") - Invoke-Command RemoteServer $sb -} - -function Invoke-ScriptBlockInjection2 -{ - param($UserInput) - - ## Often used when making remote connections - - $sb = $executionContext.InvokeCommand.NewScriptBlock("Get-Process -Name $UserInput") - Invoke-Command RemoteServer $sb -} - -function Invoke-MethodInjection1 -{ - param($UserInput) - - Get-Process | Foreach-Object $UserInput -} - -function Invoke-MethodInjection2 -{ - param($UserInput) - - (Get-Process -Id $pid).$UserInput() -} - -function Invoke-MethodInjection3 -{ - param($UserInput) - - (Get-Process -Id $pid).$UserInput.Invoke() -} - -#ALLOWED , uses script block -function Invoke-MethodInjectionFP1 -{ - param($UserInput) - - Get-Process | Foreach-Object { $_.Name } -} -#ALLOWED, uses constant member access -function Invoke-MethodInjectionFP2 -{ - param($UserInput) - - Get-Process | Foreach-Object "Name" -} - -function Invoke-PropertyInjection -{ - param($UserInput) - - [DateTime]::$UserInput -} - -function Invoke-ExpandStringInjection1 -{ - param($UserInput) - - ## Used to attempt a variable resolution - $executionContext.InvokeCommand.ExpandString($UserInput) -} - -function Invoke-ExpandStringInjection2 -{ - param($UserInput) - - ## Used to attempt a variable resolution - $executionContext.SessionState.InvokeCommand.ExpandString($UserInput) -} - -function Invoke-UnsafeEscape1 -{ - param($UserInput) - - $escaped = $UserInput -replace "'", "''" - Invoke-Expression "Get-Process -Name '$escaped'" -} - -function Invoke-UnsafeEscape2 -{ - param($UserInput) - - $escaped = $UserInput -replace '"', '`"' - Invoke-Expression "Get-Process -Name `"$escaped`"" -} - -$input = Read-Host "enter input" - -Invoke-InvokeExpressionInjection1 -UserInput $input -Invoke-InvokeExpressionInjection2 -UserInput $input -Invoke-InvokeExpressionInjection3 -UserInput $input -Invoke-InvokeExpressionInjection4 -UserInput $input -Invoke-InvokeExpressionInjection5 -UserInput $input -Invoke-InvokeExpressionInjection6 -UserInput $input -Invoke-InvokeExpressionInjection7 -UserInput $input -Invoke-InvokeExpressionInjection8 -UserInput $input -Invoke-InvokeExpressionInjectionFP -UserInput $input -Invoke-ExploitableCommandInjection1 -UserInput $input -Invoke-ExploitableCommandInjection2 -UserInput $input -Invoke-ExploitableCommandInjection3 -UserInput $input -Invoke-ExploitableCommandInjectionFP -UserInput $input -Invoke-ScriptBlockInjection1 -UserInput $input -Invoke-ScriptBlockInjection2 -UserInput $input -Invoke-MethodInjection1 -UserInput $input -Invoke-MethodInjection2 -UserInput $input -Invoke-MethodInjection3 -UserInput $input -Invoke-MethodInjectionFP1 -UserInput $input -Invoke-MethodInjectionFP2 -UserInput $input -Invoke-PropertyInjection -UserInput $input -Invoke-ExpandStringInjection1 -UserInput $input -Invoke-ExpandStringInjection2 -UserInput $input -Invoke-UnsafeEscape1 -UserInput $input -Invoke-UnsafeEscape2 -UserInput $input \ No newline at end of file From b09d9f6772acbd8035e2e3421dd70b51f9b25d16 Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Thu, 17 Apr 2025 16:49:47 +0100 Subject: [PATCH 06/17] PS: Autoformat. --- .../lib/semmle/code/powershell/ast/internal/MemberExpr.qll | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/powershell/ql/lib/semmle/code/powershell/ast/internal/MemberExpr.qll b/powershell/ql/lib/semmle/code/powershell/ast/internal/MemberExpr.qll index 0af48cd6485..5df2b17c0f4 100644 --- a/powershell/ql/lib/semmle/code/powershell/ast/internal/MemberExpr.qll +++ b/powershell/ql/lib/semmle/code/powershell/ast/internal/MemberExpr.qll @@ -29,7 +29,8 @@ class MemberExpr extends Expr, TMemberExpr { /** Gets the name of the member being looked up, if any. */ string getMemberName() { - result = getRawAst(this).(Raw::MemberExpr).getMember().(Raw::StringConstExpr).getValue().getValue() + result = + getRawAst(this).(Raw::MemberExpr).getMember().(Raw::StringConstExpr).getValue().getValue() } predicate isNullConditional() { getRawAst(this).(Raw::MemberExpr).isNullConditional() } @@ -42,9 +43,7 @@ class MemberExpr extends Expr, TMemberExpr { explicitAssignment(getRawAst(this), getRawAst(assignment)) } - predicate isImplicitWrite() { - implicitAssignment(getRawAst(this)) - } + predicate isImplicitWrite() { implicitAssignment(getRawAst(this)) } } /** A `MemberExpr` that is being written to. */ From 7d7268349dbe50ea993c21de5eb56c00ceed88d7 Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Thu, 17 Apr 2025 16:53:26 +0100 Subject: [PATCH 07/17] PS: Add an example with a missing toString. --- .../ast/Expressions/MemberExpression.ps1 | 2 ++ .../ast/Expressions/expressions.expected | 4 ++++ .../library-tests/ast/Expressions/expressions.ql | 16 ++++++++-------- 3 files changed, 14 insertions(+), 8 deletions(-) create mode 100644 powershell/ql/test/library-tests/ast/Expressions/MemberExpression.ps1 diff --git a/powershell/ql/test/library-tests/ast/Expressions/MemberExpression.ps1 b/powershell/ql/test/library-tests/ast/Expressions/MemberExpression.ps1 new file mode 100644 index 00000000000..01c6623c620 --- /dev/null +++ b/powershell/ql/test/library-tests/ast/Expressions/MemberExpression.ps1 @@ -0,0 +1,2 @@ +param($x) +[DateTime]::$x \ No newline at end of file diff --git a/powershell/ql/test/library-tests/ast/Expressions/expressions.expected b/powershell/ql/test/library-tests/ast/Expressions/expressions.expected index 7deaa7795dd..115b87064a2 100644 --- a/powershell/ql/test/library-tests/ast/Expressions/expressions.expected +++ b/powershell/ql/test/library-tests/ast/Expressions/expressions.expected @@ -5,6 +5,7 @@ cmdExpr | BinaryExpression.ps1:4:1:4:7 | [Stmt] result | BinaryExpression.ps1:4:1:4:7 | result | | ExpandableString.ps1:1:1:1:39 | [Stmt] Date: $([DateTime]::Now)\nName: $name | ExpandableString.ps1:1:1:1:39 | Date: $([DateTime]::Now)\nName: $name | | ExpandableString.ps1:1:23:1:37 | [Stmt] Now | ExpandableString.ps1:1:23:1:37 | Now | +| MemberExpression.ps1:2:1:2:14 | (no string representation) | MemberExpression.ps1:2:1:2:14 | (no string representation) | | SubExpression.ps1:1:1:1:23 | [Stmt] Call to AddDays | SubExpression.ps1:1:1:1:23 | Call to AddDays | | SubExpression.ps1:1:3:1:10 | [Stmt] Call to Get-Date | SubExpression.ps1:1:3:1:10 | Call to Get-Date | | SubExpression.ps1:2:1:2:21 | [Stmt] Call to AddDays | SubExpression.ps1:2:1:2:21 | Call to AddDays | @@ -13,3 +14,6 @@ invokeMemoryExpression | SubExpression.ps1:1:1:1:23 | Call to AddDays | SubExpression.ps1:1:1:1:11 | $(...) | 0 | SubExpression.ps1:1:21:1:22 | 10 | expandableString | ExpandableString.ps1:1:1:1:39 | Date: $([DateTime]::Now)\nName: $name | 1 | ExpandableString.ps1:1:21:1:38 | $(...) | +memberExpr +| ExpandableString.ps1:1:23:1:37 | Now | ExpandableString.ps1:1:23:1:32 | DateTime | +| MemberExpression.ps1:2:1:2:14 | (no string representation) | MemberExpression.ps1:2:1:2:10 | DateTime | diff --git a/powershell/ql/test/library-tests/ast/Expressions/expressions.ql b/powershell/ql/test/library-tests/ast/Expressions/expressions.ql index 2583cdef4b8..3cd2e9c91a0 100644 --- a/powershell/ql/test/library-tests/ast/Expressions/expressions.ql +++ b/powershell/ql/test/library-tests/ast/Expressions/expressions.ql @@ -1,19 +1,19 @@ import powershell query predicate binaryExpr(BinaryExpr e, Expr e1, Expr e2) { - e1 = e.getLeft() and - e2 = e.getRight() + e1 = e.getLeft() and + e2 = e.getRight() } -query predicate cmdExpr(ExprStmt exprStmt, Expr e) { - e = exprStmt.getExpr() -} +query predicate cmdExpr(ExprStmt exprStmt, Expr e) { e = exprStmt.getExpr() } query predicate invokeMemoryExpression(InvokeMemberExpr invoke, Expr e, int i, Expr arg) { - e = invoke.getQualifier() and - arg = invoke.getArgument(i) + e = invoke.getQualifier() and + arg = invoke.getArgument(i) } query predicate expandableString(ExpandableStringExpr expandable, int i, Expr e) { - e = expandable.getExpr(i) + e = expandable.getExpr(i) } + +query predicate memberExpr(MemberExpr expr, Expr e) { e = expr.getQualifier() } From b70f7e219cdcfba9e0ee639e549af490e4a6ae54 Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Thu, 17 Apr 2025 17:01:33 +0100 Subject: [PATCH 08/17] PS: Fix missing toString and accept test changes. --- .../lib/semmle/code/powershell/ast/internal/MemberExpr.qll | 7 ++++++- .../library-tests/ast/Expressions/expressions.expected | 4 ++-- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/powershell/ql/lib/semmle/code/powershell/ast/internal/MemberExpr.qll b/powershell/ql/lib/semmle/code/powershell/ast/internal/MemberExpr.qll index 5df2b17c0f4..547385a52f7 100644 --- a/powershell/ql/lib/semmle/code/powershell/ast/internal/MemberExpr.qll +++ b/powershell/ql/lib/semmle/code/powershell/ast/internal/MemberExpr.qll @@ -37,7 +37,12 @@ class MemberExpr extends Expr, TMemberExpr { predicate isStatic() { getRawAst(this).(Raw::MemberExpr).isStatic() } - final override string toString() { result = this.getMemberName() } + final override string toString() { + result = this.getMemberName() + or + not exists(this.getMemberName()) and + result = "..." + } predicate isExplicitWrite(Ast assignment) { explicitAssignment(getRawAst(this), getRawAst(assignment)) diff --git a/powershell/ql/test/library-tests/ast/Expressions/expressions.expected b/powershell/ql/test/library-tests/ast/Expressions/expressions.expected index 115b87064a2..772ab137630 100644 --- a/powershell/ql/test/library-tests/ast/Expressions/expressions.expected +++ b/powershell/ql/test/library-tests/ast/Expressions/expressions.expected @@ -5,7 +5,7 @@ cmdExpr | BinaryExpression.ps1:4:1:4:7 | [Stmt] result | BinaryExpression.ps1:4:1:4:7 | result | | ExpandableString.ps1:1:1:1:39 | [Stmt] Date: $([DateTime]::Now)\nName: $name | ExpandableString.ps1:1:1:1:39 | Date: $([DateTime]::Now)\nName: $name | | ExpandableString.ps1:1:23:1:37 | [Stmt] Now | ExpandableString.ps1:1:23:1:37 | Now | -| MemberExpression.ps1:2:1:2:14 | (no string representation) | MemberExpression.ps1:2:1:2:14 | (no string representation) | +| MemberExpression.ps1:2:1:2:14 | [Stmt] ... | MemberExpression.ps1:2:1:2:14 | ... | | SubExpression.ps1:1:1:1:23 | [Stmt] Call to AddDays | SubExpression.ps1:1:1:1:23 | Call to AddDays | | SubExpression.ps1:1:3:1:10 | [Stmt] Call to Get-Date | SubExpression.ps1:1:3:1:10 | Call to Get-Date | | SubExpression.ps1:2:1:2:21 | [Stmt] Call to AddDays | SubExpression.ps1:2:1:2:21 | Call to AddDays | @@ -16,4 +16,4 @@ expandableString | ExpandableString.ps1:1:1:1:39 | Date: $([DateTime]::Now)\nName: $name | 1 | ExpandableString.ps1:1:21:1:38 | $(...) | memberExpr | ExpandableString.ps1:1:23:1:37 | Now | ExpandableString.ps1:1:23:1:32 | DateTime | -| MemberExpression.ps1:2:1:2:14 | (no string representation) | MemberExpression.ps1:2:1:2:10 | DateTime | +| MemberExpression.ps1:2:1:2:14 | ... | MemberExpression.ps1:2:1:2:10 | DateTime | From 12b918e900d99724390be6b2e7d974659b5d8a00 Mon Sep 17 00:00:00 2001 From: Chanel Young Date: Thu, 17 Apr 2025 10:39:42 -0700 Subject: [PATCH 09/17] pr feedback: removed toString, updated .expected --- .../CommandInjectionCustomizations.qll | 38 ++--- .../CommandInjection.expected | 141 +++++++++++++++++- 2 files changed, 153 insertions(+), 26 deletions(-) diff --git a/powershell/ql/lib/semmle/code/powershell/security/CommandInjectionCustomizations.qll b/powershell/ql/lib/semmle/code/powershell/security/CommandInjectionCustomizations.qll index a75fd0028ca..7f2ab885764 100644 --- a/powershell/ql/lib/semmle/code/powershell/security/CommandInjectionCustomizations.qll +++ b/powershell/ql/lib/semmle/code/powershell/security/CommandInjectionCustomizations.qll @@ -91,18 +91,19 @@ class CreateNestedPipelineSink extends Sink { } class AddScriptInvokeSink extends Sink { - AddScriptInvokeSink() { - exists(InvokeMemberExpr ie | - this.asExpr().getExpr() = ie.getAnArgument() and - ie.getName() = "AddScript" and - ie.getQualifier().(InvokeMemberExpr).getName() = "Create" and - ie.getQualifier().getAChild().toString() = "PowerShell" and - ie.getParent().(InvokeMemberExpr).getName() = "Invoke" - ) - } - override string getSinkType(){ - result = "call to AddScript" - } + AddScriptInvokeSink() { + exists(InvokeMemberExpr addscript, InvokeMemberExpr create | + this.asExpr().getExpr() = addscript.getAnArgument() and + addscript.getName() = "AddScript" and + create.getName() = "Create" and + + addscript.getQualifier().(InvokeMemberExpr) = create and + create.getQualifier().(TypeNameExpr).getName() = "PowerShell" + ) + } + override string getSinkType(){ + result = "call to AddScript" + } } class PowershellSink extends Sink { @@ -111,7 +112,7 @@ class PowershellSink extends Sink { c.getName() = "powershell" | ( this.asExpr().getExpr() = c.getArgument(1) and - c.getArgument(0).getValue().toString() = "-command" + c.getArgument(0).getValue().asString() = "-command" ) or ( this.asExpr().getExpr() = c.getArgument(0) @@ -128,7 +129,7 @@ class CmdSink extends Sink { exists(CmdCall c | this.asExpr().getExpr() = c.getArgument(1) and c.getName() = "cmd" and - c.getArgument(0).getValue().toString() = "/c" + c.getArgument(0).getValue().asString() = "/c" ) } override string getSinkType(){ @@ -165,7 +166,7 @@ class CreateScriptBlockSink extends Sink { exists(InvokeMemberExpr ie | this.asExpr().getExpr() = ie.getAnArgument() and ie.getName() = "Create" and - ie.getQualifier().toString() = "ScriptBlock" + ie.getQualifier().(TypeNameExpr).getName() = "ScriptBlock" ) } override string getSinkType(){ @@ -219,9 +220,10 @@ class ExpandStringSink extends Sink { class SingleQuoteSanitizer extends Sanitizer { SingleQuoteSanitizer() { - exists(Expr e, VarReadAccess v | - e = this.asExpr().getExpr().getParent() and - e.toString().matches("%'$" + v.getVariable().getName() + "'%") + exists(ExpandableStringExpr e, VarReadAccess v | + v = this.asExpr().getExpr() and + e.getUnexpandedValue().matches("%'$" + v.getVariable().getName() + "'%") and + e.getAnExpr() = v ) } } diff --git a/powershell/ql/test/query-tests/security/cwe-078/CommandInjection/CommandInjection.expected b/powershell/ql/test/query-tests/security/cwe-078/CommandInjection/CommandInjection.expected index 144255ccc3c..e8e97671e55 100644 --- a/powershell/ql/test/query-tests/security/cwe-078/CommandInjection/CommandInjection.expected +++ b/powershell/ql/test/query-tests/security/cwe-078/CommandInjection/CommandInjection.expected @@ -1,12 +1,137 @@ edges -| test.ps1:1:8:1:9 | x | test.ps1:3:28:3:47 | Get-Process -Id $x | provenance | | -| test.ps1:5:10:5:20 | my_var | test.ps1:7:3:7:19 | $code --enabled | provenance | | +| test.ps1:3:11:3:20 | UserInput | test.ps1:4:23:4:52 | Get-Process -Name $UserInput | provenance | | +| test.ps1:9:11:9:20 | UserInput | test.ps1:10:9:10:38 | Get-Process -Name $UserInput | provenance | | +| test.ps1:15:11:15:20 | UserInput | test.ps1:16:50:16:79 | Get-Process -Name $UserInput | provenance | | +| test.ps1:21:11:21:20 | UserInput | test.ps1:22:41:22:70 | Get-Process -Name $UserInput | provenance | | +| test.ps1:21:11:21:20 | UserInput | test.ps1:22:60:22:69 | UserInput | provenance | | +| test.ps1:27:11:27:20 | UserInput | test.ps1:28:38:28:67 | Get-Process -Name $UserInput | provenance | | +| test.ps1:27:11:27:20 | UserInput | test.ps1:28:57:28:66 | UserInput | provenance | | +| test.ps1:33:11:33:20 | UserInput | test.ps1:34:14:34:46 | public class Foo { $UserInput } | provenance | | +| test.ps1:39:11:39:20 | UserInput | test.ps1:40:30:40:62 | public class Foo { $UserInput } | provenance | | +| test.ps1:45:11:45:20 | UserInput | test.ps1:48:30:48:34 | code | provenance | | +| test.ps1:73:11:73:20 | UserInput | test.ps1:75:25:75:54 | Get-Process -Name $UserInput | provenance | | +| test.ps1:80:11:80:20 | UserInput | test.ps1:82:16:82:45 | Get-Process -Name $UserInput | provenance | | +| test.ps1:87:11:87:20 | UserInput | test.ps1:89:12:89:28 | ping $UserInput | provenance | | +| test.ps1:94:11:94:20 | UserInput | test.ps1:98:33:98:62 | Get-Process -Name $UserInput | provenance | | +| test.ps1:104:11:104:20 | UserInput | test.ps1:108:58:108:87 | Get-Process -Name $UserInput | provenance | | +| test.ps1:114:11:114:20 | UserInput | test.ps1:116:34:116:43 | UserInput | provenance | | +| test.ps1:121:11:121:20 | UserInput | test.ps1:123:28:123:37 | UserInput | provenance | | +| test.ps1:128:11:128:20 | UserInput | test.ps1:130:28:130:37 | UserInput | provenance | | +| test.ps1:136:11:136:20 | UserInput | test.ps1:139:50:139:59 | UserInput | provenance | | +| test.ps1:144:11:144:20 | UserInput | test.ps1:147:63:147:72 | UserInput | provenance | | +| test.ps1:152:10:152:32 | Call to Read-Host | test.ps1:154:46:154:51 | input | provenance | Src:MaD:11464 | +| test.ps1:152:10:152:32 | Call to Read-Host | test.ps1:155:46:155:51 | input | provenance | Src:MaD:11464 | +| test.ps1:152:10:152:32 | Call to Read-Host | test.ps1:156:46:156:51 | input | provenance | Src:MaD:11464 | +| test.ps1:152:10:152:32 | Call to Read-Host | test.ps1:157:46:157:51 | input | provenance | Src:MaD:11464 | +| test.ps1:152:10:152:32 | Call to Read-Host | test.ps1:158:46:158:51 | input | provenance | Src:MaD:11464 | +| test.ps1:152:10:152:32 | Call to Read-Host | test.ps1:159:46:159:51 | input | provenance | Src:MaD:11464 | +| test.ps1:152:10:152:32 | Call to Read-Host | test.ps1:160:46:160:51 | input | provenance | Src:MaD:11464 | +| test.ps1:152:10:152:32 | Call to Read-Host | test.ps1:161:46:161:51 | input | provenance | Src:MaD:11464 | +| test.ps1:152:10:152:32 | Call to Read-Host | test.ps1:163:48:163:53 | input | provenance | Src:MaD:11464 | +| test.ps1:152:10:152:32 | Call to Read-Host | test.ps1:164:48:164:53 | input | provenance | Src:MaD:11464 | +| test.ps1:152:10:152:32 | Call to Read-Host | test.ps1:165:48:165:53 | input | provenance | Src:MaD:11464 | +| test.ps1:152:10:152:32 | Call to Read-Host | test.ps1:166:41:166:46 | input | provenance | Src:MaD:11464 | +| test.ps1:152:10:152:32 | Call to Read-Host | test.ps1:167:41:167:46 | input | provenance | Src:MaD:11464 | +| test.ps1:152:10:152:32 | Call to Read-Host | test.ps1:168:36:168:41 | input | provenance | Src:MaD:11464 | +| test.ps1:152:10:152:32 | Call to Read-Host | test.ps1:169:36:169:41 | input | provenance | Src:MaD:11464 | +| test.ps1:152:10:152:32 | Call to Read-Host | test.ps1:170:36:170:41 | input | provenance | Src:MaD:11464 | +| test.ps1:152:10:152:32 | Call to Read-Host | test.ps1:172:42:172:47 | input | provenance | Src:MaD:11464 | +| test.ps1:152:10:152:32 | Call to Read-Host | test.ps1:173:42:173:47 | input | provenance | Src:MaD:11464 | +| test.ps1:154:46:154:51 | input | test.ps1:3:11:3:20 | UserInput | provenance | | +| test.ps1:155:46:155:51 | input | test.ps1:9:11:9:20 | UserInput | provenance | | +| test.ps1:156:46:156:51 | input | test.ps1:15:11:15:20 | UserInput | provenance | | +| test.ps1:157:46:157:51 | input | test.ps1:21:11:21:20 | UserInput | provenance | | +| test.ps1:158:46:158:51 | input | test.ps1:27:11:27:20 | UserInput | provenance | | +| test.ps1:159:46:159:51 | input | test.ps1:33:11:33:20 | UserInput | provenance | | +| test.ps1:160:46:160:51 | input | test.ps1:39:11:39:20 | UserInput | provenance | | +| test.ps1:161:46:161:51 | input | test.ps1:45:11:45:20 | UserInput | provenance | | +| test.ps1:163:48:163:53 | input | test.ps1:73:11:73:20 | UserInput | provenance | | +| test.ps1:164:48:164:53 | input | test.ps1:80:11:80:20 | UserInput | provenance | | +| test.ps1:165:48:165:53 | input | test.ps1:87:11:87:20 | UserInput | provenance | | +| test.ps1:166:41:166:46 | input | test.ps1:94:11:94:20 | UserInput | provenance | | +| test.ps1:167:41:167:46 | input | test.ps1:104:11:104:20 | UserInput | provenance | | +| test.ps1:168:36:168:41 | input | test.ps1:114:11:114:20 | UserInput | provenance | | +| test.ps1:169:36:169:41 | input | test.ps1:121:11:121:20 | UserInput | provenance | | +| test.ps1:170:36:170:41 | input | test.ps1:128:11:128:20 | UserInput | provenance | | +| test.ps1:172:42:172:47 | input | test.ps1:136:11:136:20 | UserInput | provenance | | +| test.ps1:173:42:173:47 | input | test.ps1:144:11:144:20 | UserInput | provenance | | nodes -| test.ps1:1:8:1:9 | x | semmle.label | x | -| test.ps1:3:28:3:47 | Get-Process -Id $x | semmle.label | Get-Process -Id $x | -| test.ps1:5:10:5:20 | my_var | semmle.label | my_var | -| test.ps1:7:3:7:19 | $code --enabled | semmle.label | $code --enabled | +| test.ps1:3:11:3:20 | UserInput | semmle.label | UserInput | +| test.ps1:4:23:4:52 | Get-Process -Name $UserInput | semmle.label | Get-Process -Name $UserInput | +| test.ps1:9:11:9:20 | UserInput | semmle.label | UserInput | +| test.ps1:10:9:10:38 | Get-Process -Name $UserInput | semmle.label | Get-Process -Name $UserInput | +| test.ps1:15:11:15:20 | UserInput | semmle.label | UserInput | +| test.ps1:16:50:16:79 | Get-Process -Name $UserInput | semmle.label | Get-Process -Name $UserInput | +| test.ps1:21:11:21:20 | UserInput | semmle.label | UserInput | +| test.ps1:22:41:22:70 | Get-Process -Name $UserInput | semmle.label | Get-Process -Name $UserInput | +| test.ps1:22:60:22:69 | UserInput | semmle.label | UserInput | +| test.ps1:27:11:27:20 | UserInput | semmle.label | UserInput | +| test.ps1:28:38:28:67 | Get-Process -Name $UserInput | semmle.label | Get-Process -Name $UserInput | +| test.ps1:28:57:28:66 | UserInput | semmle.label | UserInput | +| test.ps1:33:11:33:20 | UserInput | semmle.label | UserInput | +| test.ps1:34:14:34:46 | public class Foo { $UserInput } | semmle.label | public class Foo { $UserInput } | +| test.ps1:39:11:39:20 | UserInput | semmle.label | UserInput | +| test.ps1:40:30:40:62 | public class Foo { $UserInput } | semmle.label | public class Foo { $UserInput } | +| test.ps1:45:11:45:20 | UserInput | semmle.label | UserInput | +| test.ps1:48:30:48:34 | code | semmle.label | code | +| test.ps1:73:11:73:20 | UserInput | semmle.label | UserInput | +| test.ps1:75:25:75:54 | Get-Process -Name $UserInput | semmle.label | Get-Process -Name $UserInput | +| test.ps1:80:11:80:20 | UserInput | semmle.label | UserInput | +| test.ps1:82:16:82:45 | Get-Process -Name $UserInput | semmle.label | Get-Process -Name $UserInput | +| test.ps1:87:11:87:20 | UserInput | semmle.label | UserInput | +| test.ps1:89:12:89:28 | ping $UserInput | semmle.label | ping $UserInput | +| test.ps1:94:11:94:20 | UserInput | semmle.label | UserInput | +| test.ps1:98:33:98:62 | Get-Process -Name $UserInput | semmle.label | Get-Process -Name $UserInput | +| test.ps1:104:11:104:20 | UserInput | semmle.label | UserInput | +| test.ps1:108:58:108:87 | Get-Process -Name $UserInput | semmle.label | Get-Process -Name $UserInput | +| test.ps1:114:11:114:20 | UserInput | semmle.label | UserInput | +| test.ps1:116:34:116:43 | UserInput | semmle.label | UserInput | +| test.ps1:121:11:121:20 | UserInput | semmle.label | UserInput | +| test.ps1:123:28:123:37 | UserInput | semmle.label | UserInput | +| test.ps1:128:11:128:20 | UserInput | semmle.label | UserInput | +| test.ps1:130:28:130:37 | UserInput | semmle.label | UserInput | +| test.ps1:136:11:136:20 | UserInput | semmle.label | UserInput | +| test.ps1:139:50:139:59 | UserInput | semmle.label | UserInput | +| test.ps1:144:11:144:20 | UserInput | semmle.label | UserInput | +| test.ps1:147:63:147:72 | UserInput | semmle.label | UserInput | +| test.ps1:152:10:152:32 | Call to Read-Host | semmle.label | Call to Read-Host | +| test.ps1:154:46:154:51 | input | semmle.label | input | +| test.ps1:155:46:155:51 | input | semmle.label | input | +| test.ps1:156:46:156:51 | input | semmle.label | input | +| test.ps1:157:46:157:51 | input | semmle.label | input | +| test.ps1:158:46:158:51 | input | semmle.label | input | +| test.ps1:159:46:159:51 | input | semmle.label | input | +| test.ps1:160:46:160:51 | input | semmle.label | input | +| test.ps1:161:46:161:51 | input | semmle.label | input | +| test.ps1:163:48:163:53 | input | semmle.label | input | +| test.ps1:164:48:164:53 | input | semmle.label | input | +| test.ps1:165:48:165:53 | input | semmle.label | input | +| test.ps1:166:41:166:46 | input | semmle.label | input | +| test.ps1:167:41:167:46 | input | semmle.label | input | +| test.ps1:168:36:168:41 | input | semmle.label | input | +| test.ps1:169:36:169:41 | input | semmle.label | input | +| test.ps1:170:36:170:41 | input | semmle.label | input | +| test.ps1:172:42:172:47 | input | semmle.label | input | +| test.ps1:173:42:173:47 | input | semmle.label | input | subpaths #select -| test.ps1:3:28:3:47 | Get-Process -Id $x | test.ps1:1:8:1:9 | x | test.ps1:3:28:3:47 | Get-Process -Id $x | This command depends on a $@. | test.ps1:1:8:1:9 | x | user-provided value | -| test.ps1:7:3:7:19 | $code --enabled | test.ps1:5:10:5:20 | my_var | test.ps1:7:3:7:19 | $code --enabled | This command depends on a $@. | test.ps1:5:10:5:20 | my_var | user-provided value | +| test.ps1:4:23:4:52 | Get-Process -Name $UserInput | test.ps1:152:10:152:32 | Call to Read-Host | test.ps1:4:23:4:52 | Get-Process -Name $UserInput | This command depends on a $@. | test.ps1:152:10:152:32 | Call to Read-Host | user-provided value | +| test.ps1:10:9:10:38 | Get-Process -Name $UserInput | test.ps1:152:10:152:32 | Call to Read-Host | test.ps1:10:9:10:38 | Get-Process -Name $UserInput | This command depends on a $@. | test.ps1:152:10:152:32 | Call to Read-Host | user-provided value | +| test.ps1:16:50:16:79 | Get-Process -Name $UserInput | test.ps1:152:10:152:32 | Call to Read-Host | test.ps1:16:50:16:79 | Get-Process -Name $UserInput | This command depends on a $@. | test.ps1:152:10:152:32 | Call to Read-Host | user-provided value | +| test.ps1:22:41:22:70 | Get-Process -Name $UserInput | test.ps1:152:10:152:32 | Call to Read-Host | test.ps1:22:41:22:70 | Get-Process -Name $UserInput | This command depends on a $@. | test.ps1:152:10:152:32 | Call to Read-Host | user-provided value | +| test.ps1:22:60:22:69 | UserInput | test.ps1:152:10:152:32 | Call to Read-Host | test.ps1:22:60:22:69 | UserInput | This command depends on a $@. | test.ps1:152:10:152:32 | Call to Read-Host | user-provided value | +| test.ps1:28:38:28:67 | Get-Process -Name $UserInput | test.ps1:152:10:152:32 | Call to Read-Host | test.ps1:28:38:28:67 | Get-Process -Name $UserInput | This command depends on a $@. | test.ps1:152:10:152:32 | Call to Read-Host | user-provided value | +| test.ps1:28:57:28:66 | UserInput | test.ps1:152:10:152:32 | Call to Read-Host | test.ps1:28:57:28:66 | UserInput | This command depends on a $@. | test.ps1:152:10:152:32 | Call to Read-Host | user-provided value | +| test.ps1:34:14:34:46 | public class Foo { $UserInput } | test.ps1:152:10:152:32 | Call to Read-Host | test.ps1:34:14:34:46 | public class Foo { $UserInput } | This command depends on a $@. | test.ps1:152:10:152:32 | Call to Read-Host | user-provided value | +| test.ps1:40:30:40:62 | public class Foo { $UserInput } | test.ps1:152:10:152:32 | Call to Read-Host | test.ps1:40:30:40:62 | public class Foo { $UserInput } | This command depends on a $@. | test.ps1:152:10:152:32 | Call to Read-Host | user-provided value | +| test.ps1:48:30:48:34 | code | test.ps1:152:10:152:32 | Call to Read-Host | test.ps1:48:30:48:34 | code | This command depends on a $@. | test.ps1:152:10:152:32 | Call to Read-Host | user-provided value | +| test.ps1:75:25:75:54 | Get-Process -Name $UserInput | test.ps1:152:10:152:32 | Call to Read-Host | test.ps1:75:25:75:54 | Get-Process -Name $UserInput | This command depends on a $@. | test.ps1:152:10:152:32 | Call to Read-Host | user-provided value | +| test.ps1:82:16:82:45 | Get-Process -Name $UserInput | test.ps1:152:10:152:32 | Call to Read-Host | test.ps1:82:16:82:45 | Get-Process -Name $UserInput | This command depends on a $@. | test.ps1:152:10:152:32 | Call to Read-Host | user-provided value | +| test.ps1:89:12:89:28 | ping $UserInput | test.ps1:152:10:152:32 | Call to Read-Host | test.ps1:89:12:89:28 | ping $UserInput | This command depends on a $@. | test.ps1:152:10:152:32 | Call to Read-Host | user-provided value | +| test.ps1:98:33:98:62 | Get-Process -Name $UserInput | test.ps1:152:10:152:32 | Call to Read-Host | test.ps1:98:33:98:62 | Get-Process -Name $UserInput | This command depends on a $@. | test.ps1:152:10:152:32 | Call to Read-Host | user-provided value | +| test.ps1:108:58:108:87 | Get-Process -Name $UserInput | test.ps1:152:10:152:32 | Call to Read-Host | test.ps1:108:58:108:87 | Get-Process -Name $UserInput | This command depends on a $@. | test.ps1:152:10:152:32 | Call to Read-Host | user-provided value | +| test.ps1:116:34:116:43 | UserInput | test.ps1:152:10:152:32 | Call to Read-Host | test.ps1:116:34:116:43 | UserInput | This command depends on a $@. | test.ps1:152:10:152:32 | Call to Read-Host | user-provided value | +| test.ps1:123:28:123:37 | UserInput | test.ps1:152:10:152:32 | Call to Read-Host | test.ps1:123:28:123:37 | UserInput | This command depends on a $@. | test.ps1:152:10:152:32 | Call to Read-Host | user-provided value | +| test.ps1:130:28:130:37 | UserInput | test.ps1:152:10:152:32 | Call to Read-Host | test.ps1:130:28:130:37 | UserInput | This command depends on a $@. | test.ps1:152:10:152:32 | Call to Read-Host | user-provided value | +| test.ps1:139:50:139:59 | UserInput | test.ps1:152:10:152:32 | Call to Read-Host | test.ps1:139:50:139:59 | UserInput | This command depends on a $@. | test.ps1:152:10:152:32 | Call to Read-Host | user-provided value | +| test.ps1:147:63:147:72 | UserInput | test.ps1:152:10:152:32 | Call to Read-Host | test.ps1:147:63:147:72 | UserInput | This command depends on a $@. | test.ps1:152:10:152:32 | Call to Read-Host | user-provided value | From e7e88d39466ece0391671b26b0072255243a0df9 Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Fri, 18 Apr 2025 12:40:58 +0100 Subject: [PATCH 10/17] PS: Add upgrade script from some unknown dbscheme to the dbscheme that existed when Mathias joined Microsoft --- .../old.dbscheme | 1648 +++++++++++++++++ .../semmlecode.powershell.dbscheme | 1648 +++++++++++++++++ .../upgrade.properties | 2 + .../old.dbscheme | 1648 +++++++++++++++++ .../semmlecode.powershell.dbscheme | 1648 +++++++++++++++++ .../upgrade.properties | 2 + 6 files changed, 6596 insertions(+) create mode 100644 powershell/downgrades/40bf985f18b7a9affb0c97d342fa2d43c629b905/old.dbscheme create mode 100644 powershell/downgrades/40bf985f18b7a9affb0c97d342fa2d43c629b905/semmlecode.powershell.dbscheme create mode 100644 powershell/downgrades/40bf985f18b7a9affb0c97d342fa2d43c629b905/upgrade.properties create mode 100644 powershell/ql/lib/upgrades/ce269c61feda10a8ca0d16519085f7e55741a694/old.dbscheme create mode 100644 powershell/ql/lib/upgrades/ce269c61feda10a8ca0d16519085f7e55741a694/semmlecode.powershell.dbscheme create mode 100644 powershell/ql/lib/upgrades/ce269c61feda10a8ca0d16519085f7e55741a694/upgrade.properties diff --git a/powershell/downgrades/40bf985f18b7a9affb0c97d342fa2d43c629b905/old.dbscheme b/powershell/downgrades/40bf985f18b7a9affb0c97d342fa2d43c629b905/old.dbscheme new file mode 100644 index 00000000000..40bf985f18b --- /dev/null +++ b/powershell/downgrades/40bf985f18b7a9affb0c97d342fa2d43c629b905/old.dbscheme @@ -0,0 +1,1648 @@ +/* Mandatory */ +sourceLocationPrefix( + varchar(900) prefix: string ref +); + +/* Entity Locations */ +@location = @location_default; + +locations_default( + unique int id: @location_default, + int file: @file ref, + int beginLine: int ref, + int beginColumn: int ref, + int endLine: int ref, + int endColumn: int ref +); + +/* File Metadata */ + +numlines( + unique int element_id: @file ref, + int num_lines: int ref, + int num_code: int ref, + int num_comment: int ref +); + +files( + unique int id: @file, + varchar(900) name: string ref +); + +folders( + unique int id: @folder, + varchar(900) name: string ref +); + +@container = @folder | @file; + +containerparent( + int parent: @container ref, + unique int child: @container ref +); + +/* Comments */ +comment_entity( + unique int id: @comment_entity, + int text: @string_literal ref +); + +comment_entity_location( + unique int id: @comment_entity ref, + int loc: @location ref +); + +/* Messages */ +extractor_messages( + unique int id: @extractor_message, + int severity: int ref, + string origin : string ref, + string text : string ref, + string entity : string ref, + int location: @location_default ref, + string stack_trace : string ref +); + +parent( + int parent: @ast ref, + int child: @ast ref +); + +/* AST Nodes */ +// This is all the kinds of nodes that can inherit from Ast +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.ast?view=powershellsdk-7.3.0 +@ast = @not_implemented | @attribute_base | @catch_clause | @command_element | +@member | @named_block | @param_block | @parameter | @redirection | @script_block | @statement | @statement_block; +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.attributebaseast?view=powershellsdk-7.2.0 +@attribute_base = @attribute | @type_constraint; + +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.memberast?view=powershellsdk-7.3.0 +@member = @function_member | @property_member; + +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.commandbaseast?view=powershellsdk-7.3.0 +@command_base = @command | @command_expression; +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.chainableast?view=powershellsdk-7.3.0 +@chainable = @pipeline | @pipeline_chain; +//https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.pipelinebaseast?view=powershellsdk-7.3.0 +@pipeline_base = @chainable | @error_statement | @assignment_statement; +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.statementast?view=powershellsdk-7.3.0 +@statement = @block_statement +| @break_statement +| @command_base +| @configuration_definition +| @continue_statement +| @data_statement +| @dynamic_keyword_statement +| @exit_statement +| @function_definition +| @if_statement +| @labeled_statement +| @pipeline_base +| @return_statement +| @throw_statement +| @trap_statement +| @try_statement +| @type_definition +| @using_statement; + +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.loopstatementast?view=powershellsdk-7.3.0 +@loop_statement = @do_until_statement | @do_while_statement | @foreach_statement | @for_statement | @while_statement; +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.labeledstatementast?view=powershellsdk-7.3.0 +@labeled_statement = @loop_statement | @switch_statement; + +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.attributedexpressionast?view=powershellsdk-7.3.0 +@attributed_expression_ast = @attributed_expression | @convert_expression; + +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.memberexpressionast?view=powershellsdk-7.3.0 +@member_expression_base = @member_expression | @invoke_member_expression; // | @base_ctor_invoke_member_expression + +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.expressionast?view=powershellsdk-7.3.0 +@expression = @array_expression +| @array_literal +| @attributed_expression_ast +| @binary_expression +| @error_expression +| @expandable_string_expression +| @hash_table +| @index_expression +| @member_expression_base +| @paren_expression +| @script_block_expression +| @sub_expression +| @ternary_expression +| @type_expression +| @unary_expression +| @using_expression +| @variable_expression +| @base_constant_expression; + +// Constant expression can both be instanced and extended by string constant expression +@base_constant_expression = @constant_expression | @string_constant_expression; + +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.commandelementast?view=powershellsdk-7.3.0 +@command_element = @expression | @command_parameter; + +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.redirectionast?view=powershellsdk-7.3.0 +@redirection = @file_redirection | @merging_redirection; + +/** +Entries in this table indicate visited C# powershell ast objects which don't have parsing implemented yet. + +You can obtain the Type of the C# AST objects which don't yet have an associated entity to parse them + using this QL query on an extracted db: + +from string s +where not_implemented(_, s) +select s +*/ +not_implemented( + unique int id: @not_implemented, + string name: string ref +); + +not_implemented_location( + int id: @not_implemented ref, + int loc: @location ref +); + +// ArrayExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.arrayexpressionast?view=powershellsdk-7.3.0 +array_expression( + unique int id: @array_expression, + int subExpression: @statement_block ref +) + +array_expression_location( + int id: @array_expression ref, + int loc: @location ref +) + +// ArrayLiteralAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.arrayliteralast?view=powershellsdk-7.3.0 +array_literal( + unique int id: @array_literal +) + +array_literal_location( + int id: @array_literal ref, + int loc: @location ref +) + +array_literal_element( + int id: @array_literal ref, + int index: int ref, + int component: @expression ref +) + +// AssignmentStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.assignmentstatementast?view=powershellsdk-7.3.0 +// https://github.com/PowerShell/PowerShell/blob/48c9d683565ed9402430a27e09410d56d52d4bfd/src/System.Management.Automation/engine/parser/Compiler.cs#L983-L989 +assignment_statement( + unique int id: @assignment_statement, + int kind: int ref, // @token_kind ref + int left: @expression ref, + int right: @statement ref +) + +assignment_statement_location( + int id: @assignment_statement ref, + int loc: @location ref +) + +// NamedBlockAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.namedblockast?view=powershellsdk-7.3.0 +named_block( + unique int id: @named_block, + int numStatements: int ref, + int numTraps: int ref +) + +named_block_statement( + int id: @named_block ref, + int index: int ref, + int statement: @statement ref +) + +named_block_trap( + int id: @named_block ref, + int index: int ref, + int trap: @trap_statement ref +) + +named_block_location( + int id: @named_block ref, + int loc: @location ref +) + +// ScriptBlockAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.scriptblockast?view=powershellsdk-7.3.0 +script_block( + unique int id: @script_block, + int numUsings: int ref, + int numRequiredModules: int ref, + int numRequiredAssemblies: int ref, + int numRequiredPsEditions: int ref, + int numRequiredPsSnapins: int ref +) + +script_block_param_block( + int id: @script_block ref, + int the_param_block: @param_block ref +) + +script_block_begin_block( + int id: @script_block ref, + int begin_block: @named_block ref +) + +script_block_clean_block( + int id: @script_block ref, + int clean_block: @named_block ref +) + +script_block_dynamic_param_block( + int id: @script_block ref, + int dynamic_param_block: @named_block ref +) + +script_block_end_block( + int id: @script_block ref, + int end_block: @named_block ref +) + +script_block_process_block( + int id: @script_block ref, + int process_block: @named_block ref +) + +script_block_using( + int id: @script_block ref, + int index: int ref, + int using: @ast ref +) + +script_block_required_application_id( + int id: @script_block ref, + string application_id: string ref +) + +script_block_requires_elevation( + int id: @script_block ref, + boolean requires_elevation: boolean ref +) + +script_block_required_ps_version( + int id: @script_block ref, + string required_ps_version: string ref +) + +script_block_required_module( + int id: @script_block ref, + int index: int ref, + int required_module: @module_specification ref +) + +script_block_required_assembly( + int id: @script_block ref, + int index: int ref, + string required_assembly: string ref +) + +script_block_required_ps_edition( + int id: @script_block ref, + int index: int ref, + string required_ps_edition: string ref +) + +script_block_requires_ps_snapin( + int id: @script_block ref, + int index: int ref, + string name: string ref, + string version: string ref +) + +script_block_location( + int id: @script_block ref, + int loc: @location ref +) + +// ModuleSpecification +// https://learn.microsoft.com/en-us/dotnet/api/microsoft.powershell.commands.modulespecification?view=powershellsdk-7.3.0 +module_specification( + unique int id: @module_specification, + string name: string ref, + string guid: string ref, + string maxVersion: string ref, + string requiredVersion: string ref, + string version: string ref +) + +// BinaryExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.binaryexpressionast?view=powershellsdk-7.3.0 +// https://github.com/PowerShell/PowerShell/blob/48c9d683565ed9402430a27e09410d56d52d4bfd/src/System.Management.Automation/engine/parser/Compiler.cs#L5675-L5947 +binary_expression( + unique int id: @binary_expression, + int kind: int ref, // @token_kind ref + int left: @expression ref, + int right: @expression ref +) + +// @binary_expression_kind = @And | @Is | @IsNot | @As | @DotDot | @Multiply | @Divide | @Rem | @Plus | @Minus | @Format | @Xor | @Shl | @Shr | @Band | @Bor | @Bxor | @Join | @Ieq | @Ine | @Ige | @Igt | @Ilt | @Ile | @Ilike | @Inotlike | @Inotmatch | @Imatch | @Ireplace | @Inotcontains | @Icontains | @Iin | @Inotin | @Isplit | @Ceq | @Cge | @Cgt | @Clt | @Cle | @Clike | @Cnotlike | @Cnotmatch | @Cmatch | @Ccontains | @Creplace | @Cin | @Cnotin | @Csplit | @QuestionQuestion; + +binary_expression_location( + int id: @binary_expression ref, + int loc: @location ref +) + +// ConstantExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.constantexpressionast?view=powershellsdk-7.3.0 +constant_expression( + unique int id: @constant_expression, + string staticType: string ref +) + +constant_expression_value( + int id: @constant_expression ref, + int value: @string_literal ref +) + +constant_expression_location( + int id: @constant_expression ref, + int loc: @location ref +) + +// ConvertExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.convertexpressionast?view=powershellsdk-7.3.0 +convert_expression( + unique int id: @convert_expression, + int the_attribute: @ast ref, + int child: @ast ref, + int object_type: @ast ref, + string staticType: string ref +) + +convert_expression_location( + int id: @convert_expression ref, + int loc: @location ref +) + +// IndexExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.indexexpressionast?view=powershellsdk-7.3.0 +index_expression( + unique int id: @index_expression, + int index: @ast ref, + int target: @ast ref, + boolean nullConditional: boolean ref +) + +index_expression_location( + int id: @index_expression ref, + int loc: @location ref +) + +// IfStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.ifstatementast?view=powershellsdk-7.3.0 +if_statement( + unique int id: @if_statement +) + +if_statement_clause( + int id: @if_statement ref, + int index: int ref, + int item1: @ast ref, + int item2: @ast ref +) + +if_statement_else( + int id: @if_statement ref, + int elseItem: @ast ref +) + +if_statement_location( + int id: @if_statement ref, + int loc: @location ref +) + +// MemberExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.memberexpressionast?view=powershellsdk-7.3.0 +member_expression( + unique int id: @member_expression, + int expression: @ast ref, + int member: @ast ref, + boolean nullConditional: boolean ref, + boolean isStatic: boolean ref +) + +member_expression_location( + int id: @member_expression ref, + int loc: @location ref +) + +// StatementBlockAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.statementblockast?view=powershellsdk-7.3.0 +statement_block( + unique int id: @statement_block, + int numStatements: int ref, + int numTraps : int ref +) + +statement_block_location( + int id: @statement_block ref, + int loc: @location ref +) + +statement_block_statement( + int id: @statement_block ref, + int index: int ref, + int statement: @statement ref +) + +statement_block_trap( + int id: @statement_block ref, + int index: int ref, + int trap: @trap_statement ref +) + +// SubExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.subexpressionast?view=powershellsdk-7.3.0 +sub_expression( + unique int id: @sub_expression, + int subExpression: @ast ref +) + +sub_expression_location( + int id: @sub_expression ref, + int loc: @location ref +) + +// VariableExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.variableexpressionast?view=powershellsdk-7.3.0 +variable_expression( + unique int id: @variable_expression, + string userPath: string ref, + string driveName: string ref, + boolean isConstant: boolean ref, + boolean isGlobal: boolean ref, + boolean isLocal: boolean ref, + boolean isPrivate: boolean ref, + boolean isScript: boolean ref, + boolean isUnqualified: boolean ref, + boolean isUnscoped: boolean ref, + boolean isVariable: boolean ref, + boolean isDriveQualified: boolean ref +) + +variable_expression_location( + int id: @variable_expression ref, + int loc: @location ref +) + +// CommandExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.commandexpressionast?view=powershellsdk-7.3.0 +command_expression( + unique int id: @command_expression, + int wrapped: @expression ref, + int numRedirections: int ref +) + +command_expression_location( + int id: @command_expression ref, + int loc: @location ref +) + +command_expression_redirection( + int id: @command_expression ref, + int index: int ref, + int redirection: @redirection ref +) + +// StringConstantExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.stringconstantexpressionast?view=powershellsdk-7.3.0 +string_constant_expression( + unique int id: @string_constant_expression, + int value: @string_literal ref +) + +string_constant_expression_location( + int id: @string_constant_expression ref, + int loc: @location ref +) + +// PipelineAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.pipelineast?view=powershellsdk-7.3.0 +pipeline( + unique int id: @pipeline, + int numComponents: int ref +) + +pipeline_location( + int id: @pipeline ref, + int loc: @location ref +) + +pipeline_component( + int id: @pipeline ref, + int index: int ref, + int component: @command_base ref +) + +// CommandAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.commandast?view=powershellsdk-7.3.0 +command( + unique int id: @command, + string name: string ref, + int kind: int ref, // @token_kind ref + int numElements: int ref, + int numRedirections: int ref +) + +command_location( + int id: @command ref, + int loc: @location ref +) + +command_command_element( + int id: @command ref, + int index: int ref, + int component: @command_element ref +) + +command_redirection( + int id: @command ref, + int index: int ref, + int redirection: @redirection ref +) + +// InvokeMemberExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.invokememberexpressionast?view=powershellsdk-7.3.0 +invoke_member_expression( + unique int id: @invoke_member_expression, + int expression: @expression ref, + int member: @command_element ref +) + +invoke_member_expression_location( + int id: @invoke_member_expression ref, + int loc: @location ref +) + +invoke_member_expression_argument( + int id: @invoke_member_expression ref, + int index: int ref, + int argument: @expression ref +) + +// ParenExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.parenexpressionast?view=powershellsdk-7.3.0 +paren_expression( + unique int id: @paren_expression, + int expression: @pipeline_base ref +) + +paren_expression_location( + int id: @paren_expression ref, + int loc: @location ref +) + + +// TernaryStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.ternaryexpressionast?view=powershellsdk-7.3.0 +ternary_expression( + unique int id: @ternary_expression, + int condition: @expression ref, + int ifFalse: @expression ref, + int iftrue: @expression ref +) + +ternary_expression_location( + int id: @ternary_expression ref, + int loc: @location ref +) + +// ExitStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.exitstatementast?view=powershellsdk-7.3.0 +exit_statement( + unique int id: @exit_statement +) + +exit_statement_pipeline( + int id: @exit_statement ref, + int expression: @ast ref +) + +exit_statement_location( + int id: @exit_statement ref, + int loc: @location ref +) + + +// TypeExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.typeexpressionast?view=powershellsdk-7.3.0 +type_expression( + unique int id: @type_expression, + string name: string ref, + string fullName: string ref +) + +type_expression_location( + int id: @type_expression ref, + int loc: @location ref +) + +// CommandParameterAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.commandparameterast?view=powershellsdk-7.3.0 +command_parameter( + unique int id: @command_parameter, + string name: string ref +) + +command_parameter_location( + int id: @command_parameter ref, + int loc: @location ref +) + +command_parameter_argument( + int id: @command_parameter ref, + int argument: @ast ref +) + +// NamedAttributeArgumentAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.namedattributeargumentast?view=powershellsdk-7.3.0 +named_attribute_argument( + unique int id: @named_attribute_argument, + string name: string ref, + int argument: @expression ref +) + +named_attribute_argument_location( + int id: @named_attribute_argument ref, + int loc: @location ref +) + +// AttributeAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.attributeast?view=powershellsdk-7.3.0 +attribute( + unique int id: @attribute, + string name: string ref, + int numNamedArguments: int ref, + int numPositionalArguments: int ref +) + +attribute_named_argument( + int id: @attribute ref, + int index: int ref, + int argument: @named_attribute_argument ref +) + +attribute_positional_argument( + int id: @attribute ref, + int index: int ref, + int argument: @expression ref +) + +attribute_location( + int id: @attribute ref, + int id: @location ref +) + +// ParamBlockAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.paramblockast?view=powershellsdk-7.3.0 +param_block( + unique int id: @param_block, + int numAttributes: int ref, + int numParameters: int ref +) + +param_block_attribute( + int id: @param_block ref, + int index: int ref, + int the_attribute: @attribute ref +) + +param_block_parameter( + int id: @param_block ref, + int index: int ref, + int the_parameter: @parameter ref +) + +param_block_location( + int id: @param_block ref, + int id: @location ref +) + +// ParameterAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.parameterast?view=powershellsdk-7.3.0 +parameter( + unique int id: @parameter, + int name: @variable_expression ref, + string staticType: string ref, + int numAttributes: int ref +) + +parameter_attribute( + int id: @parameter ref, + int index: int ref, + int the_attribute: @attribute_base ref +) + +parameter_location( + int id: @parameter ref, + int loc: @location ref +) + +parameter_default_value( + int id: @parameter ref, + int default_value: @expression ref +) + +// TypeConstraintAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.typeconstraintast?view=powershellsdk-7.3.0 +type_constraint( + unique int id: @type_constraint, + string name: string ref, + string fullName: string ref +) + +type_constraint_location( + int id: @type_constraint ref, + int loc: @location ref +) + +// FunctionDefinitionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.functiondefinitionast?view=powershellsdk-7.3.0 +function_definition( + unique int id: @function_definition, + int body: @script_block ref, + string name: string ref, + boolean isFilter: boolean ref, + boolean isWorkflow: boolean ref +) + +function_definition_parameter( + int id: @function_definition ref, + int index: int ref, + int parameter: @parameter ref +) + +function_definition_location( + int id: @function_definition ref, + int loc: @location ref +) + +// BreakStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.breakstatementast?view=powershellsdk-7.3.0 +break_statement( + unique int id: @break_statement +) + +break_statement_location( + int id: @break_statement ref, + int loc: @location ref +) + +// ContinueStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.continuestatementast?view=powershellsdk-7.3.0 +continue_statement( + unique int id: @continue_statement +) + +continue_statement_location( + int id: @continue_statement ref, + int loc: @location ref +) +@labelled_statement = @continue_statement | @break_statement; + +statement_label( + int id: @labelled_statement ref, + int label: @ast ref +) + +// ReturnStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.returnstatementast?view=powershellsdk-7.3.0 +return_statement( + unique int id: @return_statement +) + +return_statement_pipeline( + int id: @return_statement ref, + int pipeline: @ast ref +) + +return_statement_location( + int id: @return_statement ref, + int loc: @location ref +) + +// DoWhileStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.dowhilestatementast?view=powershellsdk-7.3.0 +do_while_statement( + unique int id: @do_while_statement, + int body: @ast ref +) + +do_while_statement_condition( + int id: @do_while_statement ref, + int condition: @ast ref +) + +do_while_statement_location( + int id: @do_while_statement ref, + int loc: @location ref +) + +// DoUntilStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.dountilstatementast?view=powershellsdk-7.3.0 +do_until_statement( + unique int id: @do_until_statement, + int body: @ast ref +) + +do_until_statement_condition( + int id: @do_until_statement ref, + int condition: @ast ref +) + +do_until_statement_location( + int id: @do_until_statement ref, + int loc: @location ref +) + +// WhileStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.whilestatementast?view=powershellsdk-7.3.0 +while_statement( + unique int id: @while_statement, + int body: @ast ref +) + +while_statement_condition( + int id: @while_statement ref, + int condition: @ast ref +) + +while_statement_location( + int id: @while_statement ref, + int loc: @location ref +) + +// ForEachStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.foreachstatementast?view=powershellsdk-7.3.0 +foreach_statement( + unique int id: @foreach_statement, + int variable: @ast ref, + int condition: @ast ref, + int body: @ast ref, + int flags: int ref +) + +foreach_statement_location( + int id: @foreach_statement ref, + int loc: @location ref +) + +// ForStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.forstatementast?view=powershellsdk-7.3.0 +for_statement( + unique int id: @for_statement, + int body: @ast ref +) + +for_statement_location( + int id: @for_statement ref, + int loc: @location ref +) + +for_statement_condition( + int id: @for_statement ref, + int condition: @ast ref +) + +for_statement_initializer( + int id: @for_statement ref, + int initializer: @ast ref +) + +for_statement_iterator( + int id: @for_statement ref, + int iterator: @ast ref +) + +// ExpandableStringExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.expandablestringexpressionast?view=powershellsdk-7.3.0 +expandable_string_expression( + unique int id: @expandable_string_expression, + int value: @string_literal ref, + int kind: int ref, + int numExpression: int ref +) + +case @expandable_string_expression.kind of + 4 = @BareWord +| 2 = @DoubleQuoted +| 3 = @DoubleQuotedHereString +| 0 = @SingleQuoted +| 1 = @SingleQuotedHereString; + +expandable_string_expression_location( + int id: @expandable_string_expression ref, + int loc: @location ref +) + +expandable_string_expression_nested_expression( + int id: @expandable_string_expression ref, + int index: int ref, + int nestedExression: @expression ref +) + +// StringLiterals +// Contains string literals broken into lines to prevent breaks in the trap from multiline strings +string_literal( + unique int id: @string_literal +) + +string_literal_location( + int id: @string_literal ref, + int loc: @location ref +) + +string_literal_line( + int id: @string_literal ref, + int lineNum: int ref, + string line: string ref +) + +// UnaryExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.unaryexpressionast?view=powershellsdk-7.3.0 +unary_expression( + unique int id: @unary_expression, + int child: @ast ref, + int kind: int ref, + string staticType: string ref +) + +unary_expression_location( + int id: @unary_expression ref, + int loc: @location ref +) + +// CatchClauseAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.catchclauseast?view=powershellsdk-7.3.0 +catch_clause( + unique int id: @catch_clause, + int body: @ast ref, + boolean isCatchAll: boolean ref +) + +catch_clause_catch_type( + int id: @catch_clause ref, + int index: int ref, + int catch_type: @ast ref +) + +catch_clause_location( + int id: @catch_clause ref, + int loc: @location ref +) + +// ThrowStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.throwstatementast?view=powershellsdk-7.3.0 +throw_statement( + unique int id: @throw_statement, + boolean isRethrow: boolean ref +) + +throw_statement_location( + int id: @throw_statement ref, + int loc: @location ref +) + +throw_statement_pipeline( + int id: @throw_statement ref, + int pipeline: @ast ref +) + +// TryStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.trystatementast?view=powershellsdk-7.3.0 +try_statement( + unique int id: @try_statement, + int body: @ast ref +) + +try_statement_catch_clause( + int id: @try_statement ref, + int index: int ref, + int catch_clause: @catch_clause ref +) + + +try_statement_finally( + int id: @try_statement ref, + int finally: @ast ref +) + +try_statement_location( + int id: @try_statement ref, + int loc: @location ref +) + +// FileRedirectionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.fileredirectionast?view=powershellsdk-7.3.0 +file_redirection( + unique int id: @file_redirection, + int location: @ast ref, + boolean isAppend: boolean ref, + int redirectionType: int ref +) + +case @file_redirection.redirectionType of + 0 = @All +| 1 = @Output +| 2 = @Error +| 3 = @Warning +| 4 = @Verbose +| 5 = @Debug +| 6 = @Information; + +file_redirection_location( + int id: @file_redirection ref, + int loc: @location ref +) + +// BlockStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.blockstatementast?view=powershellsdk-7.3.0 +block_statement( + unique int id: @block_statement, + int body: @ast ref, + int token: @token ref +) + +block_statement_location( + int id: @block_statement ref, + int loc: @location ref +) + +// Token +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.token?view=powershellsdk-7.3.0 +token( + unique int id: @token, + boolean hasError: boolean ref, + int kind: int ref, + string text: string ref, + int tokenFlags: int ref +) + +token_location( + int id: @token ref, + int loc: @location ref +) + +// ConfigurationDefinitionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.configurationdefinitionast?view=powershellsdk-7.3.0 +configuration_definition( + unique int id: @configuration_definition, + int body: @ast ref, + int configurationType: int ref, + int name: @ast ref +) + +configuration_definition_location( + int id: @configuration_definition ref, + int loc: @location ref +) + +// DataStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.datastatementast?view=powershellsdk-7.3.0 +data_statement( + unique int id: @data_statement, + int body: @ast ref +) + +data_statement_variable( + int id: @data_statement ref, + string variable: string ref +) + +data_statement_commands_allowed( + int id: @data_statement ref, + int index: int ref, + int command_allowed: @ast ref +) + +data_statement_location( + int id: @data_statement ref, + int loc: @location ref +) + +// DynamicKeywordStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.dynamickeywordstatementast?view=powershellsdk-7.3.0 +dynamic_keyword_statement( + unique int id: @dynamic_keyword_statement +) + +dynamic_keyword_statement_command_elements( + int id: @dynamic_keyword_statement ref, + int index: int ref, + int element: @command_element ref +) + +dynamic_keyword_statement_location( + int id: @dynamic_keyword_statement ref, + int loc: @location ref +) + +// ErrorExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.errorexpressionast?view=powershellsdk-7.3.0 +error_expression( + unique int id: @error_expression +) + +error_expression_nested_ast( + int id: @error_expression ref, + int index: int ref, + int nested_ast: @ast ref +) + +error_expression_location( + int id: @error_expression ref, + int loc: @location ref +) + +// ErrorStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.errorstatementast?view=powershellsdk-7.3.0 +error_statement( + unique int id: @error_statement, + int token: @token ref +) + +error_statement_location( + int id: @error_statement ref, + int loc: @location ref +) + +error_statement_nested_ast( + int id: @error_statement ref, + int index: int ref, + int nested_ast: @ast ref +) + +error_statement_conditions( + int id: @error_statement ref, + int index: int ref, + int condition: @ast ref +) + +error_statement_bodies( + int id: @error_statement ref, + int index: int ref, + int body: @ast ref +) + +error_statement_flag( + int id: @error_statement ref, + int index: int ref, + int k: string ref, // The key + int token: @token ref, // These two form a tuple of the value + int ast: @ast ref +) + +// FunctionMemberAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.functionmemberast?view=powershellsdk-7.3.0 +function_member( + unique int id: @function_member, + int body: @ast ref, + boolean isConstructor: boolean ref, + boolean isHidden: boolean ref, + boolean isPrivate: boolean ref, + boolean isPublic: boolean ref, + boolean isStatic: boolean ref, + string name: string ref, + int methodAttributes: int ref +) + +function_member_location( + int id: @function_member ref, + int loc: @location ref +) + +function_member_parameter( + int id: @function_member ref, + int index: int ref, + int parameter: @ast ref +) + +function_member_attribute( + int id: @function_member ref, + int index: int ref, + int attribute: @ast ref +) + +function_member_return_type( + int id: @function_member ref, + int return_type: @type_constraint ref +) + +// MergingRedirectionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.mergingredirectionast?view=powershellsdk-7.3.0 +merging_redirection( + unique int id: @merging_redirection, + int from: int ref, + int to: int ref +) + +merging_redirection_location( + int id: @merging_redirection ref, + int loc: @location ref +) + + +label( + int id: @labeled_statement ref, + string label: string ref +) + +// TrapStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.trapstatementast?view=powershellsdk-7.3.0 +trap_statement( + unique int id: @trap_statement, + int body: @ast ref +) + +trap_statement_type( + int id: @trap_statement ref, + int trap_type: @type_constraint ref +) + +trap_statement_location( + int id: @trap_statement ref, + int loc: @location ref +) + +// PipelineChainAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.pipelinechainast?view=powershellsdk-7.3.0 +pipeline_chain( + unique int id: @pipeline_chain, + boolean isBackground: boolean ref, + int kind: int ref, + int left: @ast ref, + int right: @ast ref +) + +pipeline_chain_location( + int id: @pipeline_chain ref, + int loc: @location ref +) + +// PropertyMemberAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.propertymemberast?view=powershellsdk-7.3.0 +property_member( + unique int id: @property_member, + boolean isHidden: boolean ref, + boolean isPrivate: boolean ref, + boolean isPublic: boolean ref, + boolean isStatic: boolean ref, + string name: string ref, + int methodAttributes: int ref +) + +property_member_attribute( + int id: @property_member ref, + int index: int ref, + int attribute: @ast ref +) + +property_member_property_type( + int id: @property_member ref, + int property_type: @type_constraint ref +) + +property_member_initial_value( + int id: @property_member ref, + int initial_value: @ast ref +) + +property_member_location( + int id: @property_member ref, + int loc: @location ref +) + +// ScriptBlockExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.scriptblockexpressionast?view=powershellsdk-7.3.0 +script_block_expression( + unique int id: @script_block_expression, + int body: @script_block ref +) + +script_block_expression_location( + int id: @script_block_expression ref, + int loc: @location ref +) + +// SwitchStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.switchstatementast?view=powershellsdk-7.3.0 +switch_statement( + unique int id: @switch_statement, + int condition: @ast ref, + int flags: int ref +) + +switch_statement_clauses( + int id: @switch_statement ref, + int index: int ref, + int expression: @ast ref, + int statementBlock: @ast ref +) + +switch_statement_location( + int id: @switch_statement ref, + int loc: @location ref +) + +switch_statement_default( + int id: @switch_statement ref, + int default: @ast ref +) + +// TypeDefinitionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.typedefinitionast?view=powershellsdk-7.3.0 +type_definition( + unique int id: @type_definition, + string name: string ref, + int flags: int ref, + boolean isClass: boolean ref, + boolean isEnum: boolean ref, + boolean isInterface: boolean ref +) + +type_definition_attributes( + int id: @type_definition ref, + int index: int ref, + int attribute: @ast ref +) + +type_definition_members( + int id: @type_definition ref, + int index: int ref, + int member: @ast ref +) + +type_definition_location( + int id: @type_definition ref, + int loc: @location ref +) + +type_definition_base_type( + int id: @type_definition ref, + int index: int ref, + int base_type: @type_constraint ref +) + +// UsingExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.usingexpressionast?view=powershellsdk-7.3.0 +using_expression( + unique int id: @using_expression, + int subExpression: @ast ref +) + +using_expression_location( + int id: @using_expression ref, + int loc: @location ref +) + +// UsingStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.usingstatementast?view=powershellsdk-7.3.0 +using_statement( + unique int id: @using_statement, + int kind: int ref +) + +using_statement_location( + int id: @using_statement ref, + int loc: @location ref +) + +using_statement_alias( + int id: @using_statement ref, + int alias: @ast ref +) + +using_statement_module_specification( + int id: @using_statement ref, + int module_specification: @ast ref +) + +using_statement_name( + int id: @using_statement ref, + int name: @ast ref +) + +// HashTableAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.hashtableast?view=powershellsdk-7.3.0 +hash_table( + unique int id: @hash_table +) + +hash_table_location( + int id: @hash_table ref, + int loc: @location ref +) + +hash_table_key_value_pairs( + int id: @hash_table ref, + int index: int ref, + int k: @ast ref, + int v: @ast ref +) + +// AttributedExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.attributedexpressionast?view=powershellsdk-7.3.0 +attributed_expression( + unique int id: @attributed_expression, + int attribute: @ast ref, + int expression: @ast ref +) + +attributed_expression_location( + int id: @attributed_expression ref, + int loc: @location ref +) + +// TokenKind +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.tokenkind?view=powershellsdk-7.3.0 +token_kind_reference( + unique int id: @token_kind_reference, + string name: string ref, + int kind: int ref +) + +@token_kind = @ampersand | @and | @andAnd | @as | @assembly | @atCurly | @atParen | @band | @base | @begin | @bnot | @bor | @break +| @bxor | @catch | @ccontains | @ceq | @cge | @cgt | @cin | @class | @cle | @clean | @clike | @clt | @cmatch | @cne | @cnotcontains +| @cnotin | @cnotlike | @cnotmatch | @colon | @colonColon | @comma | @command_token | @comment | @configuration | @continue | @creplace +| @csplit | @data | @default | @define | @divide | @divideEquals | @do | @dollarParen | @dot | @dotDot | @dynamicKeyword | @dynamicparam +| @else | @elseIf | @end | @endOfInput | @enum | @equals | @exclaim | @exit | @filter | @finally | @for | @foreach | @format | @from +| @function | @generic | @hereStringExpandable | @hereStringLiteral | @hidden | @icontains | @identifier | @ieq | @if | @ige | @igt +| @iin | @ile | @ilike | @ilt | @imatch | @in | @ine | @inlineScript | @inotcontains | @inotin | @inotlike | @inotmatch | @interface +| @ireplace | @is | @isNot | @isplit | @join | @label | @lBracket | @lCurly | @lineContinuation | @lParen | @minus | @minusEquals +| @minusMinus | @module | @multiply | @multiplyEquals | @namespace | @newLine | @not | @number | @or | @orOr | @parallel | @param +| @parameter_token | @pipe | @plus | @plusEquals | @plusPlus | @postfixMinusMinus | @postfixPlusPlus | @private | @process | @public +| @questionDot | @questionLBracket | @questionMark | @questionQuestion | @questionQuestionEquals | @rBracket | @rCurly | @redirectInStd +| @redirection_token | @rem | @remainderEquals | @return | @rParen | @semi | @sequence | @shl | @shr | @splattedVariable | @static +| @stringExpandable | @stringLiteral_token | @switch | @throw | @trap | @try | @type | @unknown | @until | @using | @var | @variable +| @while | @workflow | @xor; + +case @token_kind_reference.kind of +28 = @ampersand // The invocation operator '&'. +| 53 = @and // The logical and operator '-and'. +| 26 = @andAnd // The (unimplemented) operator '&&'. +| 94 = @as // The type conversion operator '-as'. +| 165 = @assembly // The 'assembly' keyword +| 23 = @atCurly // The opening token of a hash expression '@{'. +| 22 = @atParen // The opening token of an array expression '@('. +| 56 = @band // The bitwise and operator '-band'. +| 168 = @base // The 'base' keyword +| 119 = @begin // The 'begin' keyword. +| 52 = @bnot // The bitwise not operator '-bnot'. +| 57 = @bor // The bitwise or operator '-bor'. +| 120 = @break // The 'break' keyword. +| 58 = @bxor // The bitwise exclusive or operator '-xor'. +| 121 = @catch // The 'catch' keyword. +| 87 = @ccontains // The case sensitive contains operator '-ccontains'. +| 76 = @ceq // The case sensitive equal operator '-ceq'. +| 78 = @cge // The case sensitive greater than or equal operator '-cge'. +| 79 = @cgt // The case sensitive greater than operator '-cgt'. +| 89 = @cin // The case sensitive in operator '-cin'. +| 122 = @class // The 'class' keyword. +| 81 = @cle // The case sensitive less than or equal operator '-cle'. +| 170 = @clean // The 'clean' keyword. +| 82 = @clike // The case sensitive like operator '-clike'. +| 80 = @clt // The case sensitive less than operator '-clt'. +| 84 = @cmatch // The case sensitive match operator '-cmatch'. +| 77 = @cne // The case sensitive not equal operator '-cne'. +| 88 = @cnotcontains // The case sensitive not contains operator '-cnotcontains'. +| 90 = @cnotin // The case sensitive not in operator '-notin'. +| 83 = @cnotlike // The case sensitive notlike operator '-cnotlike'. +| 85 = @cnotmatch // The case sensitive not match operator '-cnotmatch'. +| 99 = @colon // The PS class base class and implemented interfaces operator ':'. Also used in base class ctor calls. +| 34 = @colonColon // The static member access operator '::'. +| 30 = @comma // The unary or binary array operator ','. +| 166 = @command_token // The 'command' keyword +| 10 = @comment // A single line comment, or a delimited comment. +| 155 = @configuration // The "configuration" keyword +| 123 = @continue // The 'continue' keyword. +| 86 = @creplace // The case sensitive replace operator '-creplace'. +| 91 = @csplit // The case sensitive split operator '-csplit'. +| 124 = @data // The 'data' keyword. +| 169 = @default // The 'default' keyword +| 125 = @define // The (unimplemented) 'define' keyword. +| 38 = @divide // The division operator '/'. +| 46 = @divideEquals // The division assignment operator '/='. +| 126 = @do // The 'do' keyword. +| 24 = @dollarParen // The opening token of a sub-expression '$('. +| 35 = @dot // The instance member access or dot source invocation operator '.'. +| 33 = @dotDot // The range operator '..'. +| 156 = @dynamicKeyword // The token kind for dynamic keywords +| 127 = @dynamicparam // The 'dynamicparam' keyword. +| 128 = @else // The 'else' keyword. +| 129 = @elseIf // The 'elseif' keyword. +| 130 = @end // The 'end' keyword. +| 11 = @endOfInput // Marks the end of the input script or file. +| 161 = @enum // The 'enum' keyword +| 42 = @equals // The assignment operator '='. +| 36 = @exclaim // The logical not operator '!'. +| 131 = @exit // The 'exit' keyword. +| 132 = @filter // The 'filter' keyword. +| 133 = @finally // The 'finally' keyword. +| 134 = @for // The 'for' keyword. +| 135 = @foreach // The 'foreach' keyword. +| 50 = @format // The string format operator '-f'. +| 136 = @from // The (unimplemented) 'from' keyword. +| 137 = @function // The 'function' keyword. +| 7 = @generic // A token that is only valid as a command name, command argument, function name, or configuration name. It may contain characters not allowed in identifiers. Tokens with this kind are always instances of StringLiteralToken or StringExpandableToken if the token contains variable references or subexpressions. +| 15 = @hereStringExpandable // A double quoted here string literal. Tokens with this kind are always instances of StringExpandableToken. even if there are no nested tokens to expand. +| 14 = @hereStringLiteral // A single quoted here string literal. Tokens with this kind are always instances of StringLiteralToken. +| 167 = @hidden // The 'hidden' keyword +| 71 = @icontains // The case insensitive contains operator '-icontains' or '-contains'. +| 6 = @identifier // A simple identifier, always begins with a letter or '', and is followed by letters, numbers, or ''. +| 60 = @ieq // The case insensitive equal operator '-ieq' or '-eq'. +| 138 = @if // The 'if' keyword. +| 62 = @ige // The case insensitive greater than or equal operator '-ige' or '-ge'. +| 63 = @igt // The case insensitive greater than operator '-igt' or '-gt'. +| 73 = @iin // The case insensitive in operator '-iin' or '-in'. +| 65 = @ile // The case insensitive less than or equal operator '-ile' or '-le'. +| 66 = @ilike // The case insensitive like operator '-ilike' or '-like'. +| 64 = @ilt // The case insensitive less than operator '-ilt' or '-lt'. +| 68 = @imatch // The case insensitive match operator '-imatch' or '-match'. +| 139 = @in // The 'in' keyword. +| 61 = @ine // The case insensitive not equal operator '-ine' or '-ne'. +| 154 = @inlineScript // The 'InlineScript' keyword +| 72 = @inotcontains // The case insensitive notcontains operator '-inotcontains' or '-notcontains'. +| 74 = @inotin // The case insensitive notin operator '-inotin' or '-notin' +| 67 = @inotlike // The case insensitive not like operator '-inotlike' or '-notlike'. +| 69 = @inotmatch // The case insensitive not match operator '-inotmatch' or '-notmatch'. +| 160 = @interface // The 'interface' keyword +| 70 = @ireplace // The case insensitive replace operator '-ireplace' or '-replace'. +| 92 = @is // The type test operator '-is'. +| 93 = @isNot // The type test operator '-isnot'. +| 75 = @isplit // The case insensitive split operator '-isplit' or '-split'. +| 59 = @join // The join operator '-join'. +| 5 = @label // A label token - always begins with ':', followed by the label name. Tokens with this kind are always instances of LabelToken. +| 20 = @lBracket // The opening square brace token '['. +| 18 = @lCurly // The opening curly brace token '{'. +| 9 = @lineContinuation // A line continuation (backtick followed by newline). +| 16 = @lParen // The opening parenthesis token '('. +| 41 = @minus // The substraction operator '-'. +| 44 = @minusEquals // The subtraction assignment operator '-='. +| 31 = @minusMinus // The pre-decrement operator '--'. +| 163 = @module // The 'module' keyword +| 37 = @multiply // The multiplication operator '*'. +| 45 = @multiplyEquals // The multiplication assignment operator '*='. +| 162 = @namespace // The 'namespace' keyword +| 8 = @newLine // A newline (one of '\n', '\r', or '\r\n'). +| 51 = @not // The logical not operator '-not'. +| 4 = @number // Any numerical literal token. Tokens with this kind are always instances of NumberToken. +| 54 = @or // The logical or operator '-or'. +| 27 = @orOr // The (unimplemented) operator '||'. +| 152 = @parallel // The 'parallel' keyword. +| 140 = @param // The 'param' keyword. +| 3 = @parameter_token // A parameter to a command, always begins with a dash ('-'), followed by the parameter name. Tokens with this kind are always instances of ParameterToken. +| 29 = @pipe // The pipe operator '|'. +| 40 = @plus // The addition operator '+'. +| 43 = @plusEquals // The addition assignment operator '+='. +| 32 = @plusPlus // The pre-increment operator '++'. +| 96 = @postfixMinusMinus // The post-decrement operator '--'. +| 95 = @postfixPlusPlus // The post-increment operator '++'. +| 158 = @private // The 'private' keyword +| 141 = @process // The 'process' keyword. +| 157 = @public // The 'public' keyword +| 103 = @questionDot // The null conditional member access operator '?.'. +| 104 = @questionLBracket // The null conditional index access operator '?[]'. +| 100 = @questionMark // The ternary operator '?'. +| 102 = @questionQuestion // The null coalesce operator '??'. +| 101 = @questionQuestionEquals // The null conditional assignment operator '??='. +| 21 = @rBracket // The closing square brace token ']'. +| 19 = @rCurly // The closing curly brace token '}'. +| 49 = @redirectInStd // The (unimplemented) stdin redirection operator '<'. +| 48 = @redirection_token // A redirection operator such as '2>&1' or '>>'. +| 39 = @rem // The modulo division (remainder) operator '%'. +| 47 = @remainderEquals // The modulo division (remainder) assignment operator '%='. +| 142 = @return // The 'return' keyword. +| 17 = @rParen // The closing parenthesis token ')'. +| 25 = @semi // The statement terminator ';'. +| 153 = @sequence // The 'sequence' keyword. +| 97 = @shl // The shift left operator. +| 98 = @shr // The shift right operator. +| 2 = @splattedVariable // A splatted variable token, always begins with '@' and followed by the variable name. Tokens with this kind are always instances of VariableToken. +| 159 = @static // The 'static' keyword +| 13 = @stringExpandable // A double quoted string literal. Tokens with this kind are always instances of StringExpandableToken even if there are no nested tokens to expand. +| 12 = @stringLiteral_token // A single quoted string literal. Tokens with this kind are always instances of StringLiteralToken. +| 143 = @switch // The 'switch' keyword. +| 144 = @throw // The 'throw' keyword. +| 145 = @trap // The 'trap' keyword. +| 146 = @try // The 'try' keyword. +| 164 = @type // The 'type' keyword +| 0 = @unknown // An unknown token, signifies an error condition. +| 147 = @until // The 'until' keyword. +| 148 = @using // The (unimplemented) 'using' keyword. +| 149 = @var // The (unimplemented) 'var' keyword. +| 1 = @variable // A variable token, always begins with '$' and followed by the variable name, possibly enclose in curly braces. Tokens with this kind are always instances of VariableToken. +| 150 = @while // The 'while' keyword. +| 151 = @workflow // The 'workflow' keyword. +| 55 = @xor; // The logical exclusive or operator '-xor'. \ No newline at end of file diff --git a/powershell/downgrades/40bf985f18b7a9affb0c97d342fa2d43c629b905/semmlecode.powershell.dbscheme b/powershell/downgrades/40bf985f18b7a9affb0c97d342fa2d43c629b905/semmlecode.powershell.dbscheme new file mode 100644 index 00000000000..802d5b9f407 --- /dev/null +++ b/powershell/downgrades/40bf985f18b7a9affb0c97d342fa2d43c629b905/semmlecode.powershell.dbscheme @@ -0,0 +1,1648 @@ +/* Mandatory */ +sourceLocationPrefix( + varchar(900) prefix: string ref +); + +/* Entity Locations */ +@location = @location_default; + +locations_default( + unique int id: @location_default, + int file: @file ref, + int beginLine: int ref, + int beginColumn: int ref, + int endLine: int ref, + int endColumn: int ref +); + +/* File Metadata */ + +numlines( + unique int element_id: @file ref, + int num_lines: int ref, + int num_code: int ref, + int num_comment: int ref +); + +files( + unique int id: @file, + varchar(900) name: string ref +); + +folders( + unique int id: @folder, + varchar(900) name: string ref +); + +@container = @folder | @file; + +containerparent( + int parent: @container ref, + unique int child: @container ref +); + +/* Comments */ +comment_entity( + unique int id: @comment_entity, + int text: @string_literal ref +); + +comment_entity_location( + unique int id: @comment_entity ref, + int loc: @location ref +); + +/* Messages */ +extractor_messages( + unique int id: @extractor_message, + int severity: int ref, + string origin : string ref, + string text : string ref, + string entity : string ref, + int location: @location_default ref, + string stack_trace : string ref +); + +parent( + int child: @ast ref, + int parent: @ast ref +); + +/* AST Nodes */ +// This is all the kinds of nodes that can inherit from Ast +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.ast?view=powershellsdk-7.3.0 +@ast = @not_implemented | @attribute_base | @catch_clause | @command_element | +@member | @named_block | @param_block | @parameter | @redirection | @script_block | @statement | @statement_block | @named_attribute_argument; +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.attributebaseast?view=powershellsdk-7.2.0 +@attribute_base = @attribute | @type_constraint; + +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.memberast?view=powershellsdk-7.3.0 +@member = @function_member | @property_member; + +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.commandbaseast?view=powershellsdk-7.3.0 +@command_base = @command | @command_expression; +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.chainableast?view=powershellsdk-7.3.0 +@chainable = @command_base | @pipeline | @pipeline_chain; +//https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.pipelinebaseast?view=powershellsdk-7.3.0 +@pipeline_base = @chainable | @error_statement | @assignment_statement; +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.statementast?view=powershellsdk-7.3.0 +@statement = @block_statement +| @break_statement +| @command_base +| @configuration_definition +| @continue_statement +| @data_statement +| @dynamic_keyword_statement +| @exit_statement +| @function_definition +| @if_statement +| @labeled_statement +| @pipeline_base +| @return_statement +| @throw_statement +| @trap_statement +| @try_statement +| @type_definition +| @using_statement; + +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.loopstatementast?view=powershellsdk-7.3.0 +@loop_statement = @do_until_statement | @do_while_statement | @foreach_statement | @for_statement | @while_statement; +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.labeledstatementast?view=powershellsdk-7.3.0 +@labeled_statement = @loop_statement | @switch_statement; + +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.attributedexpressionast?view=powershellsdk-7.3.0 +@attributed_expression_ast = @attributed_expression | @convert_expression; + +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.memberexpressionast?view=powershellsdk-7.3.0 +@member_expression_base = @member_expression | @invoke_member_expression; // | @base_ctor_invoke_member_expression + +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.expressionast?view=powershellsdk-7.3.0 +@expression = @array_expression +| @array_literal +| @attributed_expression_ast +| @binary_expression +| @error_expression +| @expandable_string_expression +| @hash_table +| @index_expression +| @member_expression_base +| @paren_expression +| @script_block_expression +| @sub_expression +| @ternary_expression +| @type_expression +| @unary_expression +| @using_expression +| @variable_expression +| @base_constant_expression; + +// Constant expression can both be instanced and extended by string constant expression +@base_constant_expression = @constant_expression | @string_constant_expression; + +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.commandelementast?view=powershellsdk-7.3.0 +@command_element = @expression | @command_parameter; + +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.redirectionast?view=powershellsdk-7.3.0 +@redirection = @file_redirection | @merging_redirection; + +/** +Entries in this table indicate visited C# powershell ast objects which don't have parsing implemented yet. + +You can obtain the Type of the C# AST objects which don't yet have an associated entity to parse them + using this QL query on an extracted db: + +from string s +where not_implemented(_, s) +select s +*/ +not_implemented( + unique int id: @not_implemented, + string name: string ref +); + +not_implemented_location( + int id: @not_implemented ref, + int loc: @location ref +); + +// ArrayExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.arrayexpressionast?view=powershellsdk-7.3.0 +array_expression( + unique int id: @array_expression, + int subExpression: @statement_block ref +) + +array_expression_location( + int id: @array_expression ref, + int loc: @location ref +) + +// ArrayLiteralAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.arrayliteralast?view=powershellsdk-7.3.0 +array_literal( + unique int id: @array_literal +) + +array_literal_location( + int id: @array_literal ref, + int loc: @location ref +) + +array_literal_element( + int id: @array_literal ref, + int index: int ref, + int component: @expression ref +) + +// AssignmentStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.assignmentstatementast?view=powershellsdk-7.3.0 +// https://github.com/PowerShell/PowerShell/blob/48c9d683565ed9402430a27e09410d56d52d4bfd/src/System.Management.Automation/engine/parser/Compiler.cs#L983-L989 +assignment_statement( + unique int id: @assignment_statement, + int kind: int ref, // @token_kind ref + int left: @expression ref, + int right: @statement ref +) + +assignment_statement_location( + int id: @assignment_statement ref, + int loc: @location ref +) + +// NamedBlockAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.namedblockast?view=powershellsdk-7.3.0 +named_block( + unique int id: @named_block, + int numStatements: int ref, + int numTraps: int ref +) + +named_block_statement( + int id: @named_block ref, + int index: int ref, + int statement: @statement ref +) + +named_block_trap( + int id: @named_block ref, + int index: int ref, + int trap: @trap_statement ref +) + +named_block_location( + int id: @named_block ref, + int loc: @location ref +) + +// ScriptBlockAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.scriptblockast?view=powershellsdk-7.3.0 +script_block( + unique int id: @script_block, + int numUsings: int ref, + int numRequiredModules: int ref, + int numRequiredAssemblies: int ref, + int numRequiredPsEditions: int ref, + int numRequiredPsSnapins: int ref +) + +script_block_param_block( + int id: @script_block ref, + int the_param_block: @param_block ref +) + +script_block_begin_block( + int id: @script_block ref, + int begin_block: @named_block ref +) + +script_block_clean_block( + int id: @script_block ref, + int clean_block: @named_block ref +) + +script_block_dynamic_param_block( + int id: @script_block ref, + int dynamic_param_block: @named_block ref +) + +script_block_end_block( + int id: @script_block ref, + int end_block: @named_block ref +) + +script_block_process_block( + int id: @script_block ref, + int process_block: @named_block ref +) + +script_block_using( + int id: @script_block ref, + int index: int ref, + int using: @ast ref +) + +script_block_required_application_id( + int id: @script_block ref, + string application_id: string ref +) + +script_block_requires_elevation( + int id: @script_block ref, + boolean requires_elevation: boolean ref +) + +script_block_required_ps_version( + int id: @script_block ref, + string required_ps_version: string ref +) + +script_block_required_module( + int id: @script_block ref, + int index: int ref, + int required_module: @module_specification ref +) + +script_block_required_assembly( + int id: @script_block ref, + int index: int ref, + string required_assembly: string ref +) + +script_block_required_ps_edition( + int id: @script_block ref, + int index: int ref, + string required_ps_edition: string ref +) + +script_block_requires_ps_snapin( + int id: @script_block ref, + int index: int ref, + string name: string ref, + string version: string ref +) + +script_block_location( + int id: @script_block ref, + int loc: @location ref +) + +// ModuleSpecification +// https://learn.microsoft.com/en-us/dotnet/api/microsoft.powershell.commands.modulespecification?view=powershellsdk-7.3.0 +module_specification( + unique int id: @module_specification, + string name: string ref, + string guid: string ref, + string maxVersion: string ref, + string requiredVersion: string ref, + string version: string ref +) + +// BinaryExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.binaryexpressionast?view=powershellsdk-7.3.0 +// https://github.com/PowerShell/PowerShell/blob/48c9d683565ed9402430a27e09410d56d52d4bfd/src/System.Management.Automation/engine/parser/Compiler.cs#L5675-L5947 +binary_expression( + unique int id: @binary_expression, + int kind: int ref, // @token_kind ref + int left: @expression ref, + int right: @expression ref +) + +// @binary_expression_kind = @And | @Is | @IsNot | @As | @DotDot | @Multiply | @Divide | @Rem | @Plus | @Minus | @Format | @Xor | @Shl | @Shr | @Band | @Bor | @Bxor | @Join | @Ieq | @Ine | @Ige | @Igt | @Ilt | @Ile | @Ilike | @Inotlike | @Inotmatch | @Imatch | @Ireplace | @Inotcontains | @Icontains | @Iin | @Inotin | @Isplit | @Ceq | @Cge | @Cgt | @Clt | @Cle | @Clike | @Cnotlike | @Cnotmatch | @Cmatch | @Ccontains | @Creplace | @Cin | @Cnotin | @Csplit | @QuestionQuestion; + +binary_expression_location( + int id: @binary_expression ref, + int loc: @location ref +) + +// ConstantExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.constantexpressionast?view=powershellsdk-7.3.0 +constant_expression( + unique int id: @constant_expression, + string staticType: string ref +) + +constant_expression_value( + int id: @constant_expression ref, + int value: @string_literal ref +) + +constant_expression_location( + int id: @constant_expression ref, + int loc: @location ref +) + +// ConvertExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.convertexpressionast?view=powershellsdk-7.3.0 +convert_expression( + unique int id: @convert_expression, + int the_attribute: @ast ref, + int child: @ast ref, + int object_type: @ast ref, + string staticType: string ref +) + +convert_expression_location( + int id: @convert_expression ref, + int loc: @location ref +) + +// IndexExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.indexexpressionast?view=powershellsdk-7.3.0 +index_expression( + unique int id: @index_expression, + int index: @ast ref, + int target: @ast ref, + boolean nullConditional: boolean ref +) + +index_expression_location( + int id: @index_expression ref, + int loc: @location ref +) + +// IfStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.ifstatementast?view=powershellsdk-7.3.0 +if_statement( + unique int id: @if_statement +) + +if_statement_clause( + int id: @if_statement ref, + int index: int ref, + int item1: @pipeline_base ref, + int item2: @statement_block ref +) + +if_statement_else( + int id: @if_statement ref, + int elseItem: @statement_block ref +) + +if_statement_location( + int id: @if_statement ref, + int loc: @location ref +) + +// MemberExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.memberexpressionast?view=powershellsdk-7.3.0 +member_expression( + unique int id: @member_expression, + int expression: @ast ref, + int member: @ast ref, + boolean nullConditional: boolean ref, + boolean isStatic: boolean ref +) + +member_expression_location( + int id: @member_expression ref, + int loc: @location ref +) + +// StatementBlockAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.statementblockast?view=powershellsdk-7.3.0 +statement_block( + unique int id: @statement_block, + int numStatements: int ref, + int numTraps : int ref +) + +statement_block_location( + int id: @statement_block ref, + int loc: @location ref +) + +statement_block_statement( + int id: @statement_block ref, + int index: int ref, + int statement: @statement ref +) + +statement_block_trap( + int id: @statement_block ref, + int index: int ref, + int trap: @trap_statement ref +) + +// SubExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.subexpressionast?view=powershellsdk-7.3.0 +sub_expression( + unique int id: @sub_expression, + int subExpression: @statement_block ref +) + +sub_expression_location( + int id: @sub_expression ref, + int loc: @location ref +) + +// VariableExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.variableexpressionast?view=powershellsdk-7.3.0 +variable_expression( + unique int id: @variable_expression, + string userPath: string ref, + string driveName: string ref, + boolean isConstant: boolean ref, + boolean isGlobal: boolean ref, + boolean isLocal: boolean ref, + boolean isPrivate: boolean ref, + boolean isScript: boolean ref, + boolean isUnqualified: boolean ref, + boolean isUnscoped: boolean ref, + boolean isVariable: boolean ref, + boolean isDriveQualified: boolean ref +) + +variable_expression_location( + int id: @variable_expression ref, + int loc: @location ref +) + +// CommandExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.commandexpressionast?view=powershellsdk-7.3.0 +command_expression( + unique int id: @command_expression, + int wrapped: @expression ref, + int numRedirections: int ref +) + +command_expression_location( + int id: @command_expression ref, + int loc: @location ref +) + +command_expression_redirection( + int id: @command_expression ref, + int index: int ref, + int redirection: @redirection ref +) + +// StringConstantExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.stringconstantexpressionast?view=powershellsdk-7.3.0 +string_constant_expression( + unique int id: @string_constant_expression, + int value: @string_literal ref +) + +string_constant_expression_location( + int id: @string_constant_expression ref, + int loc: @location ref +) + +// PipelineAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.pipelineast?view=powershellsdk-7.3.0 +pipeline( + unique int id: @pipeline, + int numComponents: int ref +) + +pipeline_location( + int id: @pipeline ref, + int loc: @location ref +) + +pipeline_component( + int id: @pipeline ref, + int index: int ref, + int component: @command_base ref +) + +// CommandAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.commandast?view=powershellsdk-7.3.0 +command( + unique int id: @command, + string name: string ref, + int kind: int ref, // @token_kind ref + int numElements: int ref, + int numRedirections: int ref +) + +command_location( + int id: @command ref, + int loc: @location ref +) + +command_command_element( + int id: @command ref, + int index: int ref, + int component: @command_element ref +) + +command_redirection( + int id: @command ref, + int index: int ref, + int redirection: @redirection ref +) + +// InvokeMemberExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.invokememberexpressionast?view=powershellsdk-7.3.0 +invoke_member_expression( + unique int id: @invoke_member_expression, + int expression: @expression ref, + int member: @command_element ref +) + +invoke_member_expression_location( + int id: @invoke_member_expression ref, + int loc: @location ref +) + +invoke_member_expression_argument( + int id: @invoke_member_expression ref, + int index: int ref, + int argument: @expression ref +) + +// ParenExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.parenexpressionast?view=powershellsdk-7.3.0 +paren_expression( + unique int id: @paren_expression, + int expression: @pipeline_base ref +) + +paren_expression_location( + int id: @paren_expression ref, + int loc: @location ref +) + + +// TernaryStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.ternaryexpressionast?view=powershellsdk-7.3.0 +ternary_expression( + unique int id: @ternary_expression, + int condition: @expression ref, + int ifFalse: @expression ref, + int iftrue: @expression ref +) + +ternary_expression_location( + int id: @ternary_expression ref, + int loc: @location ref +) + +// ExitStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.exitstatementast?view=powershellsdk-7.3.0 +exit_statement( + unique int id: @exit_statement +) + +exit_statement_pipeline( + int id: @exit_statement ref, + int expression: @pipeline_base ref +) + +exit_statement_location( + int id: @exit_statement ref, + int loc: @location ref +) + + +// TypeExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.typeexpressionast?view=powershellsdk-7.3.0 +type_expression( + unique int id: @type_expression, + string name: string ref, + string fullName: string ref +) + +type_expression_location( + int id: @type_expression ref, + int loc: @location ref +) + +// CommandParameterAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.commandparameterast?view=powershellsdk-7.3.0 +command_parameter( + unique int id: @command_parameter, + string name: string ref +) + +command_parameter_location( + int id: @command_parameter ref, + int loc: @location ref +) + +command_parameter_argument( + int id: @command_parameter ref, + int argument: @ast ref +) + +// NamedAttributeArgumentAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.namedattributeargumentast?view=powershellsdk-7.3.0 +named_attribute_argument( + unique int id: @named_attribute_argument, + string name: string ref, + int argument: @expression ref +) + +named_attribute_argument_location( + int id: @named_attribute_argument ref, + int loc: @location ref +) + +// AttributeAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.attributeast?view=powershellsdk-7.3.0 +attribute( + unique int id: @attribute, + string name: string ref, + int numNamedArguments: int ref, + int numPositionalArguments: int ref +) + +attribute_named_argument( + int id: @attribute ref, + int index: int ref, + int argument: @named_attribute_argument ref +) + +attribute_positional_argument( + int id: @attribute ref, + int index: int ref, + int argument: @expression ref +) + +attribute_location( + int id: @attribute ref, + int id: @location ref +) + +// ParamBlockAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.paramblockast?view=powershellsdk-7.3.0 +param_block( + unique int id: @param_block, + int numAttributes: int ref, + int numParameters: int ref +) + +param_block_attribute( + int id: @param_block ref, + int index: int ref, + int the_attribute: @attribute ref +) + +param_block_parameter( + int id: @param_block ref, + int index: int ref, + int the_parameter: @parameter ref +) + +param_block_location( + int id: @param_block ref, + int id: @location ref +) + +// ParameterAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.parameterast?view=powershellsdk-7.3.0 +parameter( + unique int id: @parameter, + int name: @variable_expression ref, + string staticType: string ref, + int numAttributes: int ref +) + +parameter_attribute( + int id: @parameter ref, + int index: int ref, + int the_attribute: @attribute_base ref +) + +parameter_location( + int id: @parameter ref, + int loc: @location ref +) + +parameter_default_value( + int id: @parameter ref, + int default_value: @expression ref +) + +// TypeConstraintAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.typeconstraintast?view=powershellsdk-7.3.0 +type_constraint( + unique int id: @type_constraint, + string name: string ref, + string fullName: string ref +) + +type_constraint_location( + int id: @type_constraint ref, + int loc: @location ref +) + +// FunctionDefinitionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.functiondefinitionast?view=powershellsdk-7.3.0 +function_definition( + unique int id: @function_definition, + int body: @script_block ref, + string name: string ref, + boolean isFilter: boolean ref, + boolean isWorkflow: boolean ref +) + +function_definition_parameter( + int id: @function_definition ref, + int index: int ref, + int parameter: @parameter ref +) + +function_definition_location( + int id: @function_definition ref, + int loc: @location ref +) + +// BreakStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.breakstatementast?view=powershellsdk-7.3.0 +break_statement( + unique int id: @break_statement +) + +break_statement_location( + int id: @break_statement ref, + int loc: @location ref +) + +// ContinueStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.continuestatementast?view=powershellsdk-7.3.0 +continue_statement( + unique int id: @continue_statement +) + +continue_statement_location( + int id: @continue_statement ref, + int loc: @location ref +) +@labelled_statement = @continue_statement | @break_statement; + +statement_label( + int id: @labelled_statement ref, + int label: @expression ref +) + +// ReturnStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.returnstatementast?view=powershellsdk-7.3.0 +return_statement( + unique int id: @return_statement +) + +return_statement_pipeline( + int id: @return_statement ref, + int pipeline: @pipeline_base ref +) + +return_statement_location( + int id: @return_statement ref, + int loc: @location ref +) + +// DoWhileStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.dowhilestatementast?view=powershellsdk-7.3.0 +do_while_statement( + unique int id: @do_while_statement, + int body: @statement_block ref +) + +do_while_statement_condition( + int id: @do_while_statement ref, + int condition: @pipeline_base ref +) + +do_while_statement_location( + int id: @do_while_statement ref, + int loc: @location ref +) + +// DoUntilStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.dountilstatementast?view=powershellsdk-7.3.0 +do_until_statement( + unique int id: @do_until_statement, + int body: @statement_block ref +) + +do_until_statement_condition( + int id: @do_until_statement ref, + int condition: @pipeline_base ref +) + +do_until_statement_location( + int id: @do_until_statement ref, + int loc: @location ref +) + +// WhileStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.whilestatementast?view=powershellsdk-7.3.0 +while_statement( + unique int id: @while_statement, + int body: @statement_block ref +) + +while_statement_condition( + int id: @while_statement ref, + int condition: @pipeline_base ref +) + +while_statement_location( + int id: @while_statement ref, + int loc: @location ref +) + +// ForEachStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.foreachstatementast?view=powershellsdk-7.3.0 +foreach_statement( + unique int id: @foreach_statement, + int variable: @variable_expression ref, + int condition: @pipeline_base ref, + int body: @statement_block ref, + int flags: int ref +) + +foreach_statement_location( + int id: @foreach_statement ref, + int loc: @location ref +) + +// ForStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.forstatementast?view=powershellsdk-7.3.0 +for_statement( + unique int id: @for_statement, + int body: @statement_block ref +) + +for_statement_location( + int id: @for_statement ref, + int loc: @location ref +) + +for_statement_condition( + int id: @for_statement ref, + int condition: @pipeline_base ref +) + +for_statement_initializer( + int id: @for_statement ref, + int initializer: @pipeline_base ref +) + +for_statement_iterator( + int id: @for_statement ref, + int iterator: @pipeline_base ref +) + +// ExpandableStringExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.expandablestringexpressionast?view=powershellsdk-7.3.0 +expandable_string_expression( + unique int id: @expandable_string_expression, + int value: @string_literal ref, + int kind: int ref, + int numExpression: int ref +) + +case @expandable_string_expression.kind of + 4 = @BareWord +| 2 = @DoubleQuoted +| 3 = @DoubleQuotedHereString +| 0 = @SingleQuoted +| 1 = @SingleQuotedHereString; + +expandable_string_expression_location( + int id: @expandable_string_expression ref, + int loc: @location ref +) + +expandable_string_expression_nested_expression( + int id: @expandable_string_expression ref, + int index: int ref, + int nestedExression: @expression ref +) + +// StringLiterals +// Contains string literals broken into lines to prevent breaks in the trap from multiline strings +string_literal( + unique int id: @string_literal +) + +string_literal_location( + int id: @string_literal ref, + int loc: @location ref +) + +string_literal_line( + int id: @string_literal ref, + int lineNum: int ref, + string line: string ref +) + +// UnaryExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.unaryexpressionast?view=powershellsdk-7.3.0 +unary_expression( + unique int id: @unary_expression, + int child: @ast ref, + int kind: int ref, + string staticType: string ref +) + +unary_expression_location( + int id: @unary_expression ref, + int loc: @location ref +) + +// CatchClauseAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.catchclauseast?view=powershellsdk-7.3.0 +catch_clause( + unique int id: @catch_clause, + int body: @statement_block ref, + boolean isCatchAll: boolean ref +) + +catch_clause_catch_type( + int id: @catch_clause ref, + int index: int ref, + int catch_type: @type_constraint ref +) + +catch_clause_location( + int id: @catch_clause ref, + int loc: @location ref +) + +// ThrowStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.throwstatementast?view=powershellsdk-7.3.0 +throw_statement( + unique int id: @throw_statement, + boolean isRethrow: boolean ref +) + +throw_statement_location( + int id: @throw_statement ref, + int loc: @location ref +) + +throw_statement_pipeline( + int id: @throw_statement ref, + int pipeline: @ast ref +) + +// TryStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.trystatementast?view=powershellsdk-7.3.0 +try_statement( + unique int id: @try_statement, + int body: @statement_block ref +) + +try_statement_catch_clause( + int id: @try_statement ref, + int index: int ref, + int catch_clause: @catch_clause ref +) + + +try_statement_finally( + int id: @try_statement ref, + int finally: @ast ref +) + +try_statement_location( + int id: @try_statement ref, + int loc: @location ref +) + +// FileRedirectionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.fileredirectionast?view=powershellsdk-7.3.0 +file_redirection( + unique int id: @file_redirection, + int location: @ast ref, + boolean isAppend: boolean ref, + int redirectionType: int ref +) + +case @file_redirection.redirectionType of + 0 = @All +| 1 = @Output +| 2 = @Error +| 3 = @Warning +| 4 = @Verbose +| 5 = @Debug +| 6 = @Information; + +file_redirection_location( + int id: @file_redirection ref, + int loc: @location ref +) + +// BlockStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.blockstatementast?view=powershellsdk-7.3.0 +block_statement( + unique int id: @block_statement, + int body: @ast ref, + int token: @token ref +) + +block_statement_location( + int id: @block_statement ref, + int loc: @location ref +) + +// Token +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.token?view=powershellsdk-7.3.0 +token( + unique int id: @token, + boolean hasError: boolean ref, + int kind: int ref, + string text: string ref, + int tokenFlags: int ref +) + +token_location( + int id: @token ref, + int loc: @location ref +) + +// ConfigurationDefinitionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.configurationdefinitionast?view=powershellsdk-7.3.0 +configuration_definition( + unique int id: @configuration_definition, + int body: @script_block_expression ref, + int configurationType: int ref, + int name: @expression ref +) + +configuration_definition_location( + int id: @configuration_definition ref, + int loc: @location ref +) + +// DataStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.datastatementast?view=powershellsdk-7.3.0 +data_statement( + unique int id: @data_statement, + int body: @statement_block ref +) + +data_statement_variable( + int id: @data_statement ref, + string variable: string ref +) + +data_statement_commands_allowed( + int id: @data_statement ref, + int index: int ref, + int command_allowed: @ast ref +) + +data_statement_location( + int id: @data_statement ref, + int loc: @location ref +) + +// DynamicKeywordStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.dynamickeywordstatementast?view=powershellsdk-7.3.0 +dynamic_keyword_statement( + unique int id: @dynamic_keyword_statement +) + +dynamic_keyword_statement_command_elements( + int id: @dynamic_keyword_statement ref, + int index: int ref, + int element: @command_element ref +) + +dynamic_keyword_statement_location( + int id: @dynamic_keyword_statement ref, + int loc: @location ref +) + +// ErrorExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.errorexpressionast?view=powershellsdk-7.3.0 +error_expression( + unique int id: @error_expression +) + +error_expression_nested_ast( + int id: @error_expression ref, + int index: int ref, + int nested_ast: @ast ref +) + +error_expression_location( + int id: @error_expression ref, + int loc: @location ref +) + +// ErrorStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.errorstatementast?view=powershellsdk-7.3.0 +error_statement( + unique int id: @error_statement, + int token: @token ref +) + +error_statement_location( + int id: @error_statement ref, + int loc: @location ref +) + +error_statement_nested_ast( + int id: @error_statement ref, + int index: int ref, + int nested_ast: @ast ref +) + +error_statement_conditions( + int id: @error_statement ref, + int index: int ref, + int condition: @ast ref +) + +error_statement_bodies( + int id: @error_statement ref, + int index: int ref, + int body: @ast ref +) + +error_statement_flag( + int id: @error_statement ref, + int index: int ref, + int k: string ref, // The key + int token: @token ref, // These two form a tuple of the value + int ast: @ast ref +) + +// FunctionMemberAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.functionmemberast?view=powershellsdk-7.3.0 +function_member( + unique int id: @function_member, + int body: @ast ref, + boolean isConstructor: boolean ref, + boolean isHidden: boolean ref, + boolean isPrivate: boolean ref, + boolean isPublic: boolean ref, + boolean isStatic: boolean ref, + string name: string ref, + int methodAttributes: int ref +) + +function_member_location( + int id: @function_member ref, + int loc: @location ref +) + +function_member_parameter( + int id: @function_member ref, + int index: int ref, + int parameter: @ast ref +) + +function_member_attribute( + int id: @function_member ref, + int index: int ref, + int attribute: @ast ref +) + +function_member_return_type( + int id: @function_member ref, + int return_type: @type_constraint ref +) + +// MergingRedirectionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.mergingredirectionast?view=powershellsdk-7.3.0 +merging_redirection( + unique int id: @merging_redirection, + int from: int ref, + int to: int ref +) + +merging_redirection_location( + int id: @merging_redirection ref, + int loc: @location ref +) + + +label( + int id: @labeled_statement ref, + string label: string ref +) + +// TrapStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.trapstatementast?view=powershellsdk-7.3.0 +trap_statement( + unique int id: @trap_statement, + int body: @ast ref +) + +trap_statement_type( + int id: @trap_statement ref, + int trap_type: @type_constraint ref +) + +trap_statement_location( + int id: @trap_statement ref, + int loc: @location ref +) + +// PipelineChainAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.pipelinechainast?view=powershellsdk-7.3.0 +pipeline_chain( + unique int id: @pipeline_chain, + boolean isBackground: boolean ref, + int kind: int ref, + int left: @ast ref, + int right: @ast ref +) + +pipeline_chain_location( + int id: @pipeline_chain ref, + int loc: @location ref +) + +// PropertyMemberAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.propertymemberast?view=powershellsdk-7.3.0 +property_member( + unique int id: @property_member, + boolean isHidden: boolean ref, + boolean isPrivate: boolean ref, + boolean isPublic: boolean ref, + boolean isStatic: boolean ref, + string name: string ref, + int methodAttributes: int ref +) + +property_member_attribute( + int id: @property_member ref, + int index: int ref, + int attribute: @ast ref +) + +property_member_property_type( + int id: @property_member ref, + int property_type: @type_constraint ref +) + +property_member_initial_value( + int id: @property_member ref, + int initial_value: @ast ref +) + +property_member_location( + int id: @property_member ref, + int loc: @location ref +) + +// ScriptBlockExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.scriptblockexpressionast?view=powershellsdk-7.3.0 +script_block_expression( + unique int id: @script_block_expression, + int body: @script_block ref +) + +script_block_expression_location( + int id: @script_block_expression ref, + int loc: @location ref +) + +// SwitchStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.switchstatementast?view=powershellsdk-7.3.0 +switch_statement( + unique int id: @switch_statement, + int condition: @ast ref, + int flags: int ref +) + +switch_statement_clauses( + int id: @switch_statement ref, + int index: int ref, + int expression: @ast ref, + int statementBlock: @ast ref +) + +switch_statement_location( + int id: @switch_statement ref, + int loc: @location ref +) + +switch_statement_default( + int id: @switch_statement ref, + int default: @ast ref +) + +// TypeDefinitionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.typedefinitionast?view=powershellsdk-7.3.0 +type_definition( + unique int id: @type_definition, + string name: string ref, + int flags: int ref, + boolean isClass: boolean ref, + boolean isEnum: boolean ref, + boolean isInterface: boolean ref +) + +type_definition_attributes( + int id: @type_definition ref, + int index: int ref, + int attribute: @ast ref +) + +type_definition_members( + int id: @type_definition ref, + int index: int ref, + int member: @ast ref +) + +type_definition_location( + int id: @type_definition ref, + int loc: @location ref +) + +type_definition_base_type( + int id: @type_definition ref, + int index: int ref, + int base_type: @type_constraint ref +) + +// UsingExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.usingexpressionast?view=powershellsdk-7.3.0 +using_expression( + unique int id: @using_expression, + int subExpression: @ast ref +) + +using_expression_location( + int id: @using_expression ref, + int loc: @location ref +) + +// UsingStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.usingstatementast?view=powershellsdk-7.3.0 +using_statement( + unique int id: @using_statement, + int kind: int ref +) + +using_statement_location( + int id: @using_statement ref, + int loc: @location ref +) + +using_statement_alias( + int id: @using_statement ref, + int alias: @ast ref +) + +using_statement_module_specification( + int id: @using_statement ref, + int module_specification: @ast ref +) + +using_statement_name( + int id: @using_statement ref, + int name: @ast ref +) + +// HashTableAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.hashtableast?view=powershellsdk-7.3.0 +hash_table( + unique int id: @hash_table +) + +hash_table_location( + int id: @hash_table ref, + int loc: @location ref +) + +hash_table_key_value_pairs( + int id: @hash_table ref, + int index: int ref, + int k: @ast ref, + int v: @ast ref +) + +// AttributedExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.attributedexpressionast?view=powershellsdk-7.3.0 +attributed_expression( + unique int id: @attributed_expression, + int attribute: @ast ref, + int expression: @ast ref +) + +attributed_expression_location( + int id: @attributed_expression ref, + int loc: @location ref +) + +// TokenKind +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.tokenkind?view=powershellsdk-7.3.0 +token_kind_reference( + unique int id: @token_kind_reference, + string name: string ref, + int kind: int ref +) + +@token_kind = @ampersand | @and | @andAnd | @as | @assembly | @atCurly | @atParen | @band | @base | @begin | @bnot | @bor | @break +| @bxor | @catch | @ccontains | @ceq | @cge | @cgt | @cin | @class | @cle | @clean | @clike | @clt | @cmatch | @cne | @cnotcontains +| @cnotin | @cnotlike | @cnotmatch | @colon | @colonColon | @comma | @command_token | @comment | @configuration | @continue | @creplace +| @csplit | @data | @default | @define | @divide | @divideEquals | @do | @dollarParen | @dot | @dotDot | @dynamicKeyword | @dynamicparam +| @else | @elseIf | @end | @endOfInput | @enum | @equals | @exclaim | @exit | @filter | @finally | @for | @foreach | @format | @from +| @function | @generic | @hereStringExpandable | @hereStringLiteral | @hidden | @icontains | @identifier | @ieq | @if | @ige | @igt +| @iin | @ile | @ilike | @ilt | @imatch | @in | @ine | @inlineScript | @inotcontains | @inotin | @inotlike | @inotmatch | @interface +| @ireplace | @is | @isNot | @isplit | @join | @label | @lBracket | @lCurly | @lineContinuation | @lParen | @minus | @minusEquals +| @minusMinus | @module | @multiply | @multiplyEquals | @namespace | @newLine | @not | @number | @or | @orOr | @parallel | @param +| @parameter_token | @pipe | @plus | @plusEquals | @plusPlus | @postfixMinusMinus | @postfixPlusPlus | @private | @process | @public +| @questionDot | @questionLBracket | @questionMark | @questionQuestion | @questionQuestionEquals | @rBracket | @rCurly | @redirectInStd +| @redirection_token | @rem | @remainderEquals | @return | @rParen | @semi | @sequence | @shl | @shr | @splattedVariable | @static +| @stringExpandable | @stringLiteral_token | @switch | @throw | @trap | @try | @type | @unknown | @until | @using | @var | @variable +| @while | @workflow | @xor; + +case @token_kind_reference.kind of +28 = @ampersand // The invocation operator '&'. +| 53 = @and // The logical and operator '-and'. +| 26 = @andAnd // The (unimplemented) operator '&&'. +| 94 = @as // The type conversion operator '-as'. +| 165 = @assembly // The 'assembly' keyword +| 23 = @atCurly // The opening token of a hash expression '@{'. +| 22 = @atParen // The opening token of an array expression '@('. +| 56 = @band // The bitwise and operator '-band'. +| 168 = @base // The 'base' keyword +| 119 = @begin // The 'begin' keyword. +| 52 = @bnot // The bitwise not operator '-bnot'. +| 57 = @bor // The bitwise or operator '-bor'. +| 120 = @break // The 'break' keyword. +| 58 = @bxor // The bitwise exclusive or operator '-xor'. +| 121 = @catch // The 'catch' keyword. +| 87 = @ccontains // The case sensitive contains operator '-ccontains'. +| 76 = @ceq // The case sensitive equal operator '-ceq'. +| 78 = @cge // The case sensitive greater than or equal operator '-cge'. +| 79 = @cgt // The case sensitive greater than operator '-cgt'. +| 89 = @cin // The case sensitive in operator '-cin'. +| 122 = @class // The 'class' keyword. +| 81 = @cle // The case sensitive less than or equal operator '-cle'. +| 170 = @clean // The 'clean' keyword. +| 82 = @clike // The case sensitive like operator '-clike'. +| 80 = @clt // The case sensitive less than operator '-clt'. +| 84 = @cmatch // The case sensitive match operator '-cmatch'. +| 77 = @cne // The case sensitive not equal operator '-cne'. +| 88 = @cnotcontains // The case sensitive not contains operator '-cnotcontains'. +| 90 = @cnotin // The case sensitive not in operator '-notin'. +| 83 = @cnotlike // The case sensitive notlike operator '-cnotlike'. +| 85 = @cnotmatch // The case sensitive not match operator '-cnotmatch'. +| 99 = @colon // The PS class base class and implemented interfaces operator ':'. Also used in base class ctor calls. +| 34 = @colonColon // The static member access operator '::'. +| 30 = @comma // The unary or binary array operator ','. +| 166 = @command_token // The 'command' keyword +| 10 = @comment // A single line comment, or a delimited comment. +| 155 = @configuration // The "configuration" keyword +| 123 = @continue // The 'continue' keyword. +| 86 = @creplace // The case sensitive replace operator '-creplace'. +| 91 = @csplit // The case sensitive split operator '-csplit'. +| 124 = @data // The 'data' keyword. +| 169 = @default // The 'default' keyword +| 125 = @define // The (unimplemented) 'define' keyword. +| 38 = @divide // The division operator '/'. +| 46 = @divideEquals // The division assignment operator '/='. +| 126 = @do // The 'do' keyword. +| 24 = @dollarParen // The opening token of a sub-expression '$('. +| 35 = @dot // The instance member access or dot source invocation operator '.'. +| 33 = @dotDot // The range operator '..'. +| 156 = @dynamicKeyword // The token kind for dynamic keywords +| 127 = @dynamicparam // The 'dynamicparam' keyword. +| 128 = @else // The 'else' keyword. +| 129 = @elseIf // The 'elseif' keyword. +| 130 = @end // The 'end' keyword. +| 11 = @endOfInput // Marks the end of the input script or file. +| 161 = @enum // The 'enum' keyword +| 42 = @equals // The assignment operator '='. +| 36 = @exclaim // The logical not operator '!'. +| 131 = @exit // The 'exit' keyword. +| 132 = @filter // The 'filter' keyword. +| 133 = @finally // The 'finally' keyword. +| 134 = @for // The 'for' keyword. +| 135 = @foreach // The 'foreach' keyword. +| 50 = @format // The string format operator '-f'. +| 136 = @from // The (unimplemented) 'from' keyword. +| 137 = @function // The 'function' keyword. +| 7 = @generic // A token that is only valid as a command name, command argument, function name, or configuration name. It may contain characters not allowed in identifiers. Tokens with this kind are always instances of StringLiteralToken or StringExpandableToken if the token contains variable references or subexpressions. +| 15 = @hereStringExpandable // A double quoted here string literal. Tokens with this kind are always instances of StringExpandableToken. even if there are no nested tokens to expand. +| 14 = @hereStringLiteral // A single quoted here string literal. Tokens with this kind are always instances of StringLiteralToken. +| 167 = @hidden // The 'hidden' keyword +| 71 = @icontains // The case insensitive contains operator '-icontains' or '-contains'. +| 6 = @identifier // A simple identifier, always begins with a letter or '', and is followed by letters, numbers, or ''. +| 60 = @ieq // The case insensitive equal operator '-ieq' or '-eq'. +| 138 = @if // The 'if' keyword. +| 62 = @ige // The case insensitive greater than or equal operator '-ige' or '-ge'. +| 63 = @igt // The case insensitive greater than operator '-igt' or '-gt'. +| 73 = @iin // The case insensitive in operator '-iin' or '-in'. +| 65 = @ile // The case insensitive less than or equal operator '-ile' or '-le'. +| 66 = @ilike // The case insensitive like operator '-ilike' or '-like'. +| 64 = @ilt // The case insensitive less than operator '-ilt' or '-lt'. +| 68 = @imatch // The case insensitive match operator '-imatch' or '-match'. +| 139 = @in // The 'in' keyword. +| 61 = @ine // The case insensitive not equal operator '-ine' or '-ne'. +| 154 = @inlineScript // The 'InlineScript' keyword +| 72 = @inotcontains // The case insensitive notcontains operator '-inotcontains' or '-notcontains'. +| 74 = @inotin // The case insensitive notin operator '-inotin' or '-notin' +| 67 = @inotlike // The case insensitive not like operator '-inotlike' or '-notlike'. +| 69 = @inotmatch // The case insensitive not match operator '-inotmatch' or '-notmatch'. +| 160 = @interface // The 'interface' keyword +| 70 = @ireplace // The case insensitive replace operator '-ireplace' or '-replace'. +| 92 = @is // The type test operator '-is'. +| 93 = @isNot // The type test operator '-isnot'. +| 75 = @isplit // The case insensitive split operator '-isplit' or '-split'. +| 59 = @join // The join operator '-join'. +| 5 = @label // A label token - always begins with ':', followed by the label name. Tokens with this kind are always instances of LabelToken. +| 20 = @lBracket // The opening square brace token '['. +| 18 = @lCurly // The opening curly brace token '{'. +| 9 = @lineContinuation // A line continuation (backtick followed by newline). +| 16 = @lParen // The opening parenthesis token '('. +| 41 = @minus // The substraction operator '-'. +| 44 = @minusEquals // The subtraction assignment operator '-='. +| 31 = @minusMinus // The pre-decrement operator '--'. +| 163 = @module // The 'module' keyword +| 37 = @multiply // The multiplication operator '*'. +| 45 = @multiplyEquals // The multiplication assignment operator '*='. +| 162 = @namespace // The 'namespace' keyword +| 8 = @newLine // A newline (one of '\n', '\r', or '\r\n'). +| 51 = @not // The logical not operator '-not'. +| 4 = @number // Any numerical literal token. Tokens with this kind are always instances of NumberToken. +| 54 = @or // The logical or operator '-or'. +| 27 = @orOr // The (unimplemented) operator '||'. +| 152 = @parallel // The 'parallel' keyword. +| 140 = @param // The 'param' keyword. +| 3 = @parameter_token // A parameter to a command, always begins with a dash ('-'), followed by the parameter name. Tokens with this kind are always instances of ParameterToken. +| 29 = @pipe // The pipe operator '|'. +| 40 = @plus // The addition operator '+'. +| 43 = @plusEquals // The addition assignment operator '+='. +| 32 = @plusPlus // The pre-increment operator '++'. +| 96 = @postfixMinusMinus // The post-decrement operator '--'. +| 95 = @postfixPlusPlus // The post-increment operator '++'. +| 158 = @private // The 'private' keyword +| 141 = @process // The 'process' keyword. +| 157 = @public // The 'public' keyword +| 103 = @questionDot // The null conditional member access operator '?.'. +| 104 = @questionLBracket // The null conditional index access operator '?[]'. +| 100 = @questionMark // The ternary operator '?'. +| 102 = @questionQuestion // The null coalesce operator '??'. +| 101 = @questionQuestionEquals // The null conditional assignment operator '??='. +| 21 = @rBracket // The closing square brace token ']'. +| 19 = @rCurly // The closing curly brace token '}'. +| 49 = @redirectInStd // The (unimplemented) stdin redirection operator '<'. +| 48 = @redirection_token // A redirection operator such as '2>&1' or '>>'. +| 39 = @rem // The modulo division (remainder) operator '%'. +| 47 = @remainderEquals // The modulo division (remainder) assignment operator '%='. +| 142 = @return // The 'return' keyword. +| 17 = @rParen // The closing parenthesis token ')'. +| 25 = @semi // The statement terminator ';'. +| 153 = @sequence // The 'sequence' keyword. +| 97 = @shl // The shift left operator. +| 98 = @shr // The shift right operator. +| 2 = @splattedVariable // A splatted variable token, always begins with '@' and followed by the variable name. Tokens with this kind are always instances of VariableToken. +| 159 = @static // The 'static' keyword +| 13 = @stringExpandable // A double quoted string literal. Tokens with this kind are always instances of StringExpandableToken even if there are no nested tokens to expand. +| 12 = @stringLiteral_token // A single quoted string literal. Tokens with this kind are always instances of StringLiteralToken. +| 143 = @switch // The 'switch' keyword. +| 144 = @throw // The 'throw' keyword. +| 145 = @trap // The 'trap' keyword. +| 146 = @try // The 'try' keyword. +| 164 = @type // The 'type' keyword +| 0 = @unknown // An unknown token, signifies an error condition. +| 147 = @until // The 'until' keyword. +| 148 = @using // The (unimplemented) 'using' keyword. +| 149 = @var // The (unimplemented) 'var' keyword. +| 1 = @variable // A variable token, always begins with '$' and followed by the variable name, possibly enclose in curly braces. Tokens with this kind are always instances of VariableToken. +| 150 = @while // The 'while' keyword. +| 151 = @workflow // The 'workflow' keyword. +| 55 = @xor; // The logical exclusive or operator '-xor'. \ No newline at end of file diff --git a/powershell/downgrades/40bf985f18b7a9affb0c97d342fa2d43c629b905/upgrade.properties b/powershell/downgrades/40bf985f18b7a9affb0c97d342fa2d43c629b905/upgrade.properties new file mode 100644 index 00000000000..ca91630fb22 --- /dev/null +++ b/powershell/downgrades/40bf985f18b7a9affb0c97d342fa2d43c629b905/upgrade.properties @@ -0,0 +1,2 @@ +description: Unknown changes +compatibility: partial diff --git a/powershell/ql/lib/upgrades/ce269c61feda10a8ca0d16519085f7e55741a694/old.dbscheme b/powershell/ql/lib/upgrades/ce269c61feda10a8ca0d16519085f7e55741a694/old.dbscheme new file mode 100644 index 00000000000..40bf985f18b --- /dev/null +++ b/powershell/ql/lib/upgrades/ce269c61feda10a8ca0d16519085f7e55741a694/old.dbscheme @@ -0,0 +1,1648 @@ +/* Mandatory */ +sourceLocationPrefix( + varchar(900) prefix: string ref +); + +/* Entity Locations */ +@location = @location_default; + +locations_default( + unique int id: @location_default, + int file: @file ref, + int beginLine: int ref, + int beginColumn: int ref, + int endLine: int ref, + int endColumn: int ref +); + +/* File Metadata */ + +numlines( + unique int element_id: @file ref, + int num_lines: int ref, + int num_code: int ref, + int num_comment: int ref +); + +files( + unique int id: @file, + varchar(900) name: string ref +); + +folders( + unique int id: @folder, + varchar(900) name: string ref +); + +@container = @folder | @file; + +containerparent( + int parent: @container ref, + unique int child: @container ref +); + +/* Comments */ +comment_entity( + unique int id: @comment_entity, + int text: @string_literal ref +); + +comment_entity_location( + unique int id: @comment_entity ref, + int loc: @location ref +); + +/* Messages */ +extractor_messages( + unique int id: @extractor_message, + int severity: int ref, + string origin : string ref, + string text : string ref, + string entity : string ref, + int location: @location_default ref, + string stack_trace : string ref +); + +parent( + int parent: @ast ref, + int child: @ast ref +); + +/* AST Nodes */ +// This is all the kinds of nodes that can inherit from Ast +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.ast?view=powershellsdk-7.3.0 +@ast = @not_implemented | @attribute_base | @catch_clause | @command_element | +@member | @named_block | @param_block | @parameter | @redirection | @script_block | @statement | @statement_block; +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.attributebaseast?view=powershellsdk-7.2.0 +@attribute_base = @attribute | @type_constraint; + +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.memberast?view=powershellsdk-7.3.0 +@member = @function_member | @property_member; + +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.commandbaseast?view=powershellsdk-7.3.0 +@command_base = @command | @command_expression; +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.chainableast?view=powershellsdk-7.3.0 +@chainable = @pipeline | @pipeline_chain; +//https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.pipelinebaseast?view=powershellsdk-7.3.0 +@pipeline_base = @chainable | @error_statement | @assignment_statement; +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.statementast?view=powershellsdk-7.3.0 +@statement = @block_statement +| @break_statement +| @command_base +| @configuration_definition +| @continue_statement +| @data_statement +| @dynamic_keyword_statement +| @exit_statement +| @function_definition +| @if_statement +| @labeled_statement +| @pipeline_base +| @return_statement +| @throw_statement +| @trap_statement +| @try_statement +| @type_definition +| @using_statement; + +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.loopstatementast?view=powershellsdk-7.3.0 +@loop_statement = @do_until_statement | @do_while_statement | @foreach_statement | @for_statement | @while_statement; +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.labeledstatementast?view=powershellsdk-7.3.0 +@labeled_statement = @loop_statement | @switch_statement; + +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.attributedexpressionast?view=powershellsdk-7.3.0 +@attributed_expression_ast = @attributed_expression | @convert_expression; + +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.memberexpressionast?view=powershellsdk-7.3.0 +@member_expression_base = @member_expression | @invoke_member_expression; // | @base_ctor_invoke_member_expression + +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.expressionast?view=powershellsdk-7.3.0 +@expression = @array_expression +| @array_literal +| @attributed_expression_ast +| @binary_expression +| @error_expression +| @expandable_string_expression +| @hash_table +| @index_expression +| @member_expression_base +| @paren_expression +| @script_block_expression +| @sub_expression +| @ternary_expression +| @type_expression +| @unary_expression +| @using_expression +| @variable_expression +| @base_constant_expression; + +// Constant expression can both be instanced and extended by string constant expression +@base_constant_expression = @constant_expression | @string_constant_expression; + +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.commandelementast?view=powershellsdk-7.3.0 +@command_element = @expression | @command_parameter; + +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.redirectionast?view=powershellsdk-7.3.0 +@redirection = @file_redirection | @merging_redirection; + +/** +Entries in this table indicate visited C# powershell ast objects which don't have parsing implemented yet. + +You can obtain the Type of the C# AST objects which don't yet have an associated entity to parse them + using this QL query on an extracted db: + +from string s +where not_implemented(_, s) +select s +*/ +not_implemented( + unique int id: @not_implemented, + string name: string ref +); + +not_implemented_location( + int id: @not_implemented ref, + int loc: @location ref +); + +// ArrayExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.arrayexpressionast?view=powershellsdk-7.3.0 +array_expression( + unique int id: @array_expression, + int subExpression: @statement_block ref +) + +array_expression_location( + int id: @array_expression ref, + int loc: @location ref +) + +// ArrayLiteralAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.arrayliteralast?view=powershellsdk-7.3.0 +array_literal( + unique int id: @array_literal +) + +array_literal_location( + int id: @array_literal ref, + int loc: @location ref +) + +array_literal_element( + int id: @array_literal ref, + int index: int ref, + int component: @expression ref +) + +// AssignmentStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.assignmentstatementast?view=powershellsdk-7.3.0 +// https://github.com/PowerShell/PowerShell/blob/48c9d683565ed9402430a27e09410d56d52d4bfd/src/System.Management.Automation/engine/parser/Compiler.cs#L983-L989 +assignment_statement( + unique int id: @assignment_statement, + int kind: int ref, // @token_kind ref + int left: @expression ref, + int right: @statement ref +) + +assignment_statement_location( + int id: @assignment_statement ref, + int loc: @location ref +) + +// NamedBlockAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.namedblockast?view=powershellsdk-7.3.0 +named_block( + unique int id: @named_block, + int numStatements: int ref, + int numTraps: int ref +) + +named_block_statement( + int id: @named_block ref, + int index: int ref, + int statement: @statement ref +) + +named_block_trap( + int id: @named_block ref, + int index: int ref, + int trap: @trap_statement ref +) + +named_block_location( + int id: @named_block ref, + int loc: @location ref +) + +// ScriptBlockAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.scriptblockast?view=powershellsdk-7.3.0 +script_block( + unique int id: @script_block, + int numUsings: int ref, + int numRequiredModules: int ref, + int numRequiredAssemblies: int ref, + int numRequiredPsEditions: int ref, + int numRequiredPsSnapins: int ref +) + +script_block_param_block( + int id: @script_block ref, + int the_param_block: @param_block ref +) + +script_block_begin_block( + int id: @script_block ref, + int begin_block: @named_block ref +) + +script_block_clean_block( + int id: @script_block ref, + int clean_block: @named_block ref +) + +script_block_dynamic_param_block( + int id: @script_block ref, + int dynamic_param_block: @named_block ref +) + +script_block_end_block( + int id: @script_block ref, + int end_block: @named_block ref +) + +script_block_process_block( + int id: @script_block ref, + int process_block: @named_block ref +) + +script_block_using( + int id: @script_block ref, + int index: int ref, + int using: @ast ref +) + +script_block_required_application_id( + int id: @script_block ref, + string application_id: string ref +) + +script_block_requires_elevation( + int id: @script_block ref, + boolean requires_elevation: boolean ref +) + +script_block_required_ps_version( + int id: @script_block ref, + string required_ps_version: string ref +) + +script_block_required_module( + int id: @script_block ref, + int index: int ref, + int required_module: @module_specification ref +) + +script_block_required_assembly( + int id: @script_block ref, + int index: int ref, + string required_assembly: string ref +) + +script_block_required_ps_edition( + int id: @script_block ref, + int index: int ref, + string required_ps_edition: string ref +) + +script_block_requires_ps_snapin( + int id: @script_block ref, + int index: int ref, + string name: string ref, + string version: string ref +) + +script_block_location( + int id: @script_block ref, + int loc: @location ref +) + +// ModuleSpecification +// https://learn.microsoft.com/en-us/dotnet/api/microsoft.powershell.commands.modulespecification?view=powershellsdk-7.3.0 +module_specification( + unique int id: @module_specification, + string name: string ref, + string guid: string ref, + string maxVersion: string ref, + string requiredVersion: string ref, + string version: string ref +) + +// BinaryExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.binaryexpressionast?view=powershellsdk-7.3.0 +// https://github.com/PowerShell/PowerShell/blob/48c9d683565ed9402430a27e09410d56d52d4bfd/src/System.Management.Automation/engine/parser/Compiler.cs#L5675-L5947 +binary_expression( + unique int id: @binary_expression, + int kind: int ref, // @token_kind ref + int left: @expression ref, + int right: @expression ref +) + +// @binary_expression_kind = @And | @Is | @IsNot | @As | @DotDot | @Multiply | @Divide | @Rem | @Plus | @Minus | @Format | @Xor | @Shl | @Shr | @Band | @Bor | @Bxor | @Join | @Ieq | @Ine | @Ige | @Igt | @Ilt | @Ile | @Ilike | @Inotlike | @Inotmatch | @Imatch | @Ireplace | @Inotcontains | @Icontains | @Iin | @Inotin | @Isplit | @Ceq | @Cge | @Cgt | @Clt | @Cle | @Clike | @Cnotlike | @Cnotmatch | @Cmatch | @Ccontains | @Creplace | @Cin | @Cnotin | @Csplit | @QuestionQuestion; + +binary_expression_location( + int id: @binary_expression ref, + int loc: @location ref +) + +// ConstantExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.constantexpressionast?view=powershellsdk-7.3.0 +constant_expression( + unique int id: @constant_expression, + string staticType: string ref +) + +constant_expression_value( + int id: @constant_expression ref, + int value: @string_literal ref +) + +constant_expression_location( + int id: @constant_expression ref, + int loc: @location ref +) + +// ConvertExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.convertexpressionast?view=powershellsdk-7.3.0 +convert_expression( + unique int id: @convert_expression, + int the_attribute: @ast ref, + int child: @ast ref, + int object_type: @ast ref, + string staticType: string ref +) + +convert_expression_location( + int id: @convert_expression ref, + int loc: @location ref +) + +// IndexExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.indexexpressionast?view=powershellsdk-7.3.0 +index_expression( + unique int id: @index_expression, + int index: @ast ref, + int target: @ast ref, + boolean nullConditional: boolean ref +) + +index_expression_location( + int id: @index_expression ref, + int loc: @location ref +) + +// IfStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.ifstatementast?view=powershellsdk-7.3.0 +if_statement( + unique int id: @if_statement +) + +if_statement_clause( + int id: @if_statement ref, + int index: int ref, + int item1: @ast ref, + int item2: @ast ref +) + +if_statement_else( + int id: @if_statement ref, + int elseItem: @ast ref +) + +if_statement_location( + int id: @if_statement ref, + int loc: @location ref +) + +// MemberExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.memberexpressionast?view=powershellsdk-7.3.0 +member_expression( + unique int id: @member_expression, + int expression: @ast ref, + int member: @ast ref, + boolean nullConditional: boolean ref, + boolean isStatic: boolean ref +) + +member_expression_location( + int id: @member_expression ref, + int loc: @location ref +) + +// StatementBlockAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.statementblockast?view=powershellsdk-7.3.0 +statement_block( + unique int id: @statement_block, + int numStatements: int ref, + int numTraps : int ref +) + +statement_block_location( + int id: @statement_block ref, + int loc: @location ref +) + +statement_block_statement( + int id: @statement_block ref, + int index: int ref, + int statement: @statement ref +) + +statement_block_trap( + int id: @statement_block ref, + int index: int ref, + int trap: @trap_statement ref +) + +// SubExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.subexpressionast?view=powershellsdk-7.3.0 +sub_expression( + unique int id: @sub_expression, + int subExpression: @ast ref +) + +sub_expression_location( + int id: @sub_expression ref, + int loc: @location ref +) + +// VariableExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.variableexpressionast?view=powershellsdk-7.3.0 +variable_expression( + unique int id: @variable_expression, + string userPath: string ref, + string driveName: string ref, + boolean isConstant: boolean ref, + boolean isGlobal: boolean ref, + boolean isLocal: boolean ref, + boolean isPrivate: boolean ref, + boolean isScript: boolean ref, + boolean isUnqualified: boolean ref, + boolean isUnscoped: boolean ref, + boolean isVariable: boolean ref, + boolean isDriveQualified: boolean ref +) + +variable_expression_location( + int id: @variable_expression ref, + int loc: @location ref +) + +// CommandExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.commandexpressionast?view=powershellsdk-7.3.0 +command_expression( + unique int id: @command_expression, + int wrapped: @expression ref, + int numRedirections: int ref +) + +command_expression_location( + int id: @command_expression ref, + int loc: @location ref +) + +command_expression_redirection( + int id: @command_expression ref, + int index: int ref, + int redirection: @redirection ref +) + +// StringConstantExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.stringconstantexpressionast?view=powershellsdk-7.3.0 +string_constant_expression( + unique int id: @string_constant_expression, + int value: @string_literal ref +) + +string_constant_expression_location( + int id: @string_constant_expression ref, + int loc: @location ref +) + +// PipelineAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.pipelineast?view=powershellsdk-7.3.0 +pipeline( + unique int id: @pipeline, + int numComponents: int ref +) + +pipeline_location( + int id: @pipeline ref, + int loc: @location ref +) + +pipeline_component( + int id: @pipeline ref, + int index: int ref, + int component: @command_base ref +) + +// CommandAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.commandast?view=powershellsdk-7.3.0 +command( + unique int id: @command, + string name: string ref, + int kind: int ref, // @token_kind ref + int numElements: int ref, + int numRedirections: int ref +) + +command_location( + int id: @command ref, + int loc: @location ref +) + +command_command_element( + int id: @command ref, + int index: int ref, + int component: @command_element ref +) + +command_redirection( + int id: @command ref, + int index: int ref, + int redirection: @redirection ref +) + +// InvokeMemberExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.invokememberexpressionast?view=powershellsdk-7.3.0 +invoke_member_expression( + unique int id: @invoke_member_expression, + int expression: @expression ref, + int member: @command_element ref +) + +invoke_member_expression_location( + int id: @invoke_member_expression ref, + int loc: @location ref +) + +invoke_member_expression_argument( + int id: @invoke_member_expression ref, + int index: int ref, + int argument: @expression ref +) + +// ParenExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.parenexpressionast?view=powershellsdk-7.3.0 +paren_expression( + unique int id: @paren_expression, + int expression: @pipeline_base ref +) + +paren_expression_location( + int id: @paren_expression ref, + int loc: @location ref +) + + +// TernaryStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.ternaryexpressionast?view=powershellsdk-7.3.0 +ternary_expression( + unique int id: @ternary_expression, + int condition: @expression ref, + int ifFalse: @expression ref, + int iftrue: @expression ref +) + +ternary_expression_location( + int id: @ternary_expression ref, + int loc: @location ref +) + +// ExitStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.exitstatementast?view=powershellsdk-7.3.0 +exit_statement( + unique int id: @exit_statement +) + +exit_statement_pipeline( + int id: @exit_statement ref, + int expression: @ast ref +) + +exit_statement_location( + int id: @exit_statement ref, + int loc: @location ref +) + + +// TypeExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.typeexpressionast?view=powershellsdk-7.3.0 +type_expression( + unique int id: @type_expression, + string name: string ref, + string fullName: string ref +) + +type_expression_location( + int id: @type_expression ref, + int loc: @location ref +) + +// CommandParameterAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.commandparameterast?view=powershellsdk-7.3.0 +command_parameter( + unique int id: @command_parameter, + string name: string ref +) + +command_parameter_location( + int id: @command_parameter ref, + int loc: @location ref +) + +command_parameter_argument( + int id: @command_parameter ref, + int argument: @ast ref +) + +// NamedAttributeArgumentAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.namedattributeargumentast?view=powershellsdk-7.3.0 +named_attribute_argument( + unique int id: @named_attribute_argument, + string name: string ref, + int argument: @expression ref +) + +named_attribute_argument_location( + int id: @named_attribute_argument ref, + int loc: @location ref +) + +// AttributeAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.attributeast?view=powershellsdk-7.3.0 +attribute( + unique int id: @attribute, + string name: string ref, + int numNamedArguments: int ref, + int numPositionalArguments: int ref +) + +attribute_named_argument( + int id: @attribute ref, + int index: int ref, + int argument: @named_attribute_argument ref +) + +attribute_positional_argument( + int id: @attribute ref, + int index: int ref, + int argument: @expression ref +) + +attribute_location( + int id: @attribute ref, + int id: @location ref +) + +// ParamBlockAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.paramblockast?view=powershellsdk-7.3.0 +param_block( + unique int id: @param_block, + int numAttributes: int ref, + int numParameters: int ref +) + +param_block_attribute( + int id: @param_block ref, + int index: int ref, + int the_attribute: @attribute ref +) + +param_block_parameter( + int id: @param_block ref, + int index: int ref, + int the_parameter: @parameter ref +) + +param_block_location( + int id: @param_block ref, + int id: @location ref +) + +// ParameterAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.parameterast?view=powershellsdk-7.3.0 +parameter( + unique int id: @parameter, + int name: @variable_expression ref, + string staticType: string ref, + int numAttributes: int ref +) + +parameter_attribute( + int id: @parameter ref, + int index: int ref, + int the_attribute: @attribute_base ref +) + +parameter_location( + int id: @parameter ref, + int loc: @location ref +) + +parameter_default_value( + int id: @parameter ref, + int default_value: @expression ref +) + +// TypeConstraintAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.typeconstraintast?view=powershellsdk-7.3.0 +type_constraint( + unique int id: @type_constraint, + string name: string ref, + string fullName: string ref +) + +type_constraint_location( + int id: @type_constraint ref, + int loc: @location ref +) + +// FunctionDefinitionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.functiondefinitionast?view=powershellsdk-7.3.0 +function_definition( + unique int id: @function_definition, + int body: @script_block ref, + string name: string ref, + boolean isFilter: boolean ref, + boolean isWorkflow: boolean ref +) + +function_definition_parameter( + int id: @function_definition ref, + int index: int ref, + int parameter: @parameter ref +) + +function_definition_location( + int id: @function_definition ref, + int loc: @location ref +) + +// BreakStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.breakstatementast?view=powershellsdk-7.3.0 +break_statement( + unique int id: @break_statement +) + +break_statement_location( + int id: @break_statement ref, + int loc: @location ref +) + +// ContinueStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.continuestatementast?view=powershellsdk-7.3.0 +continue_statement( + unique int id: @continue_statement +) + +continue_statement_location( + int id: @continue_statement ref, + int loc: @location ref +) +@labelled_statement = @continue_statement | @break_statement; + +statement_label( + int id: @labelled_statement ref, + int label: @ast ref +) + +// ReturnStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.returnstatementast?view=powershellsdk-7.3.0 +return_statement( + unique int id: @return_statement +) + +return_statement_pipeline( + int id: @return_statement ref, + int pipeline: @ast ref +) + +return_statement_location( + int id: @return_statement ref, + int loc: @location ref +) + +// DoWhileStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.dowhilestatementast?view=powershellsdk-7.3.0 +do_while_statement( + unique int id: @do_while_statement, + int body: @ast ref +) + +do_while_statement_condition( + int id: @do_while_statement ref, + int condition: @ast ref +) + +do_while_statement_location( + int id: @do_while_statement ref, + int loc: @location ref +) + +// DoUntilStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.dountilstatementast?view=powershellsdk-7.3.0 +do_until_statement( + unique int id: @do_until_statement, + int body: @ast ref +) + +do_until_statement_condition( + int id: @do_until_statement ref, + int condition: @ast ref +) + +do_until_statement_location( + int id: @do_until_statement ref, + int loc: @location ref +) + +// WhileStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.whilestatementast?view=powershellsdk-7.3.0 +while_statement( + unique int id: @while_statement, + int body: @ast ref +) + +while_statement_condition( + int id: @while_statement ref, + int condition: @ast ref +) + +while_statement_location( + int id: @while_statement ref, + int loc: @location ref +) + +// ForEachStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.foreachstatementast?view=powershellsdk-7.3.0 +foreach_statement( + unique int id: @foreach_statement, + int variable: @ast ref, + int condition: @ast ref, + int body: @ast ref, + int flags: int ref +) + +foreach_statement_location( + int id: @foreach_statement ref, + int loc: @location ref +) + +// ForStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.forstatementast?view=powershellsdk-7.3.0 +for_statement( + unique int id: @for_statement, + int body: @ast ref +) + +for_statement_location( + int id: @for_statement ref, + int loc: @location ref +) + +for_statement_condition( + int id: @for_statement ref, + int condition: @ast ref +) + +for_statement_initializer( + int id: @for_statement ref, + int initializer: @ast ref +) + +for_statement_iterator( + int id: @for_statement ref, + int iterator: @ast ref +) + +// ExpandableStringExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.expandablestringexpressionast?view=powershellsdk-7.3.0 +expandable_string_expression( + unique int id: @expandable_string_expression, + int value: @string_literal ref, + int kind: int ref, + int numExpression: int ref +) + +case @expandable_string_expression.kind of + 4 = @BareWord +| 2 = @DoubleQuoted +| 3 = @DoubleQuotedHereString +| 0 = @SingleQuoted +| 1 = @SingleQuotedHereString; + +expandable_string_expression_location( + int id: @expandable_string_expression ref, + int loc: @location ref +) + +expandable_string_expression_nested_expression( + int id: @expandable_string_expression ref, + int index: int ref, + int nestedExression: @expression ref +) + +// StringLiterals +// Contains string literals broken into lines to prevent breaks in the trap from multiline strings +string_literal( + unique int id: @string_literal +) + +string_literal_location( + int id: @string_literal ref, + int loc: @location ref +) + +string_literal_line( + int id: @string_literal ref, + int lineNum: int ref, + string line: string ref +) + +// UnaryExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.unaryexpressionast?view=powershellsdk-7.3.0 +unary_expression( + unique int id: @unary_expression, + int child: @ast ref, + int kind: int ref, + string staticType: string ref +) + +unary_expression_location( + int id: @unary_expression ref, + int loc: @location ref +) + +// CatchClauseAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.catchclauseast?view=powershellsdk-7.3.0 +catch_clause( + unique int id: @catch_clause, + int body: @ast ref, + boolean isCatchAll: boolean ref +) + +catch_clause_catch_type( + int id: @catch_clause ref, + int index: int ref, + int catch_type: @ast ref +) + +catch_clause_location( + int id: @catch_clause ref, + int loc: @location ref +) + +// ThrowStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.throwstatementast?view=powershellsdk-7.3.0 +throw_statement( + unique int id: @throw_statement, + boolean isRethrow: boolean ref +) + +throw_statement_location( + int id: @throw_statement ref, + int loc: @location ref +) + +throw_statement_pipeline( + int id: @throw_statement ref, + int pipeline: @ast ref +) + +// TryStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.trystatementast?view=powershellsdk-7.3.0 +try_statement( + unique int id: @try_statement, + int body: @ast ref +) + +try_statement_catch_clause( + int id: @try_statement ref, + int index: int ref, + int catch_clause: @catch_clause ref +) + + +try_statement_finally( + int id: @try_statement ref, + int finally: @ast ref +) + +try_statement_location( + int id: @try_statement ref, + int loc: @location ref +) + +// FileRedirectionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.fileredirectionast?view=powershellsdk-7.3.0 +file_redirection( + unique int id: @file_redirection, + int location: @ast ref, + boolean isAppend: boolean ref, + int redirectionType: int ref +) + +case @file_redirection.redirectionType of + 0 = @All +| 1 = @Output +| 2 = @Error +| 3 = @Warning +| 4 = @Verbose +| 5 = @Debug +| 6 = @Information; + +file_redirection_location( + int id: @file_redirection ref, + int loc: @location ref +) + +// BlockStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.blockstatementast?view=powershellsdk-7.3.0 +block_statement( + unique int id: @block_statement, + int body: @ast ref, + int token: @token ref +) + +block_statement_location( + int id: @block_statement ref, + int loc: @location ref +) + +// Token +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.token?view=powershellsdk-7.3.0 +token( + unique int id: @token, + boolean hasError: boolean ref, + int kind: int ref, + string text: string ref, + int tokenFlags: int ref +) + +token_location( + int id: @token ref, + int loc: @location ref +) + +// ConfigurationDefinitionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.configurationdefinitionast?view=powershellsdk-7.3.0 +configuration_definition( + unique int id: @configuration_definition, + int body: @ast ref, + int configurationType: int ref, + int name: @ast ref +) + +configuration_definition_location( + int id: @configuration_definition ref, + int loc: @location ref +) + +// DataStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.datastatementast?view=powershellsdk-7.3.0 +data_statement( + unique int id: @data_statement, + int body: @ast ref +) + +data_statement_variable( + int id: @data_statement ref, + string variable: string ref +) + +data_statement_commands_allowed( + int id: @data_statement ref, + int index: int ref, + int command_allowed: @ast ref +) + +data_statement_location( + int id: @data_statement ref, + int loc: @location ref +) + +// DynamicKeywordStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.dynamickeywordstatementast?view=powershellsdk-7.3.0 +dynamic_keyword_statement( + unique int id: @dynamic_keyword_statement +) + +dynamic_keyword_statement_command_elements( + int id: @dynamic_keyword_statement ref, + int index: int ref, + int element: @command_element ref +) + +dynamic_keyword_statement_location( + int id: @dynamic_keyword_statement ref, + int loc: @location ref +) + +// ErrorExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.errorexpressionast?view=powershellsdk-7.3.0 +error_expression( + unique int id: @error_expression +) + +error_expression_nested_ast( + int id: @error_expression ref, + int index: int ref, + int nested_ast: @ast ref +) + +error_expression_location( + int id: @error_expression ref, + int loc: @location ref +) + +// ErrorStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.errorstatementast?view=powershellsdk-7.3.0 +error_statement( + unique int id: @error_statement, + int token: @token ref +) + +error_statement_location( + int id: @error_statement ref, + int loc: @location ref +) + +error_statement_nested_ast( + int id: @error_statement ref, + int index: int ref, + int nested_ast: @ast ref +) + +error_statement_conditions( + int id: @error_statement ref, + int index: int ref, + int condition: @ast ref +) + +error_statement_bodies( + int id: @error_statement ref, + int index: int ref, + int body: @ast ref +) + +error_statement_flag( + int id: @error_statement ref, + int index: int ref, + int k: string ref, // The key + int token: @token ref, // These two form a tuple of the value + int ast: @ast ref +) + +// FunctionMemberAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.functionmemberast?view=powershellsdk-7.3.0 +function_member( + unique int id: @function_member, + int body: @ast ref, + boolean isConstructor: boolean ref, + boolean isHidden: boolean ref, + boolean isPrivate: boolean ref, + boolean isPublic: boolean ref, + boolean isStatic: boolean ref, + string name: string ref, + int methodAttributes: int ref +) + +function_member_location( + int id: @function_member ref, + int loc: @location ref +) + +function_member_parameter( + int id: @function_member ref, + int index: int ref, + int parameter: @ast ref +) + +function_member_attribute( + int id: @function_member ref, + int index: int ref, + int attribute: @ast ref +) + +function_member_return_type( + int id: @function_member ref, + int return_type: @type_constraint ref +) + +// MergingRedirectionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.mergingredirectionast?view=powershellsdk-7.3.0 +merging_redirection( + unique int id: @merging_redirection, + int from: int ref, + int to: int ref +) + +merging_redirection_location( + int id: @merging_redirection ref, + int loc: @location ref +) + + +label( + int id: @labeled_statement ref, + string label: string ref +) + +// TrapStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.trapstatementast?view=powershellsdk-7.3.0 +trap_statement( + unique int id: @trap_statement, + int body: @ast ref +) + +trap_statement_type( + int id: @trap_statement ref, + int trap_type: @type_constraint ref +) + +trap_statement_location( + int id: @trap_statement ref, + int loc: @location ref +) + +// PipelineChainAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.pipelinechainast?view=powershellsdk-7.3.0 +pipeline_chain( + unique int id: @pipeline_chain, + boolean isBackground: boolean ref, + int kind: int ref, + int left: @ast ref, + int right: @ast ref +) + +pipeline_chain_location( + int id: @pipeline_chain ref, + int loc: @location ref +) + +// PropertyMemberAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.propertymemberast?view=powershellsdk-7.3.0 +property_member( + unique int id: @property_member, + boolean isHidden: boolean ref, + boolean isPrivate: boolean ref, + boolean isPublic: boolean ref, + boolean isStatic: boolean ref, + string name: string ref, + int methodAttributes: int ref +) + +property_member_attribute( + int id: @property_member ref, + int index: int ref, + int attribute: @ast ref +) + +property_member_property_type( + int id: @property_member ref, + int property_type: @type_constraint ref +) + +property_member_initial_value( + int id: @property_member ref, + int initial_value: @ast ref +) + +property_member_location( + int id: @property_member ref, + int loc: @location ref +) + +// ScriptBlockExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.scriptblockexpressionast?view=powershellsdk-7.3.0 +script_block_expression( + unique int id: @script_block_expression, + int body: @script_block ref +) + +script_block_expression_location( + int id: @script_block_expression ref, + int loc: @location ref +) + +// SwitchStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.switchstatementast?view=powershellsdk-7.3.0 +switch_statement( + unique int id: @switch_statement, + int condition: @ast ref, + int flags: int ref +) + +switch_statement_clauses( + int id: @switch_statement ref, + int index: int ref, + int expression: @ast ref, + int statementBlock: @ast ref +) + +switch_statement_location( + int id: @switch_statement ref, + int loc: @location ref +) + +switch_statement_default( + int id: @switch_statement ref, + int default: @ast ref +) + +// TypeDefinitionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.typedefinitionast?view=powershellsdk-7.3.0 +type_definition( + unique int id: @type_definition, + string name: string ref, + int flags: int ref, + boolean isClass: boolean ref, + boolean isEnum: boolean ref, + boolean isInterface: boolean ref +) + +type_definition_attributes( + int id: @type_definition ref, + int index: int ref, + int attribute: @ast ref +) + +type_definition_members( + int id: @type_definition ref, + int index: int ref, + int member: @ast ref +) + +type_definition_location( + int id: @type_definition ref, + int loc: @location ref +) + +type_definition_base_type( + int id: @type_definition ref, + int index: int ref, + int base_type: @type_constraint ref +) + +// UsingExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.usingexpressionast?view=powershellsdk-7.3.0 +using_expression( + unique int id: @using_expression, + int subExpression: @ast ref +) + +using_expression_location( + int id: @using_expression ref, + int loc: @location ref +) + +// UsingStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.usingstatementast?view=powershellsdk-7.3.0 +using_statement( + unique int id: @using_statement, + int kind: int ref +) + +using_statement_location( + int id: @using_statement ref, + int loc: @location ref +) + +using_statement_alias( + int id: @using_statement ref, + int alias: @ast ref +) + +using_statement_module_specification( + int id: @using_statement ref, + int module_specification: @ast ref +) + +using_statement_name( + int id: @using_statement ref, + int name: @ast ref +) + +// HashTableAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.hashtableast?view=powershellsdk-7.3.0 +hash_table( + unique int id: @hash_table +) + +hash_table_location( + int id: @hash_table ref, + int loc: @location ref +) + +hash_table_key_value_pairs( + int id: @hash_table ref, + int index: int ref, + int k: @ast ref, + int v: @ast ref +) + +// AttributedExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.attributedexpressionast?view=powershellsdk-7.3.0 +attributed_expression( + unique int id: @attributed_expression, + int attribute: @ast ref, + int expression: @ast ref +) + +attributed_expression_location( + int id: @attributed_expression ref, + int loc: @location ref +) + +// TokenKind +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.tokenkind?view=powershellsdk-7.3.0 +token_kind_reference( + unique int id: @token_kind_reference, + string name: string ref, + int kind: int ref +) + +@token_kind = @ampersand | @and | @andAnd | @as | @assembly | @atCurly | @atParen | @band | @base | @begin | @bnot | @bor | @break +| @bxor | @catch | @ccontains | @ceq | @cge | @cgt | @cin | @class | @cle | @clean | @clike | @clt | @cmatch | @cne | @cnotcontains +| @cnotin | @cnotlike | @cnotmatch | @colon | @colonColon | @comma | @command_token | @comment | @configuration | @continue | @creplace +| @csplit | @data | @default | @define | @divide | @divideEquals | @do | @dollarParen | @dot | @dotDot | @dynamicKeyword | @dynamicparam +| @else | @elseIf | @end | @endOfInput | @enum | @equals | @exclaim | @exit | @filter | @finally | @for | @foreach | @format | @from +| @function | @generic | @hereStringExpandable | @hereStringLiteral | @hidden | @icontains | @identifier | @ieq | @if | @ige | @igt +| @iin | @ile | @ilike | @ilt | @imatch | @in | @ine | @inlineScript | @inotcontains | @inotin | @inotlike | @inotmatch | @interface +| @ireplace | @is | @isNot | @isplit | @join | @label | @lBracket | @lCurly | @lineContinuation | @lParen | @minus | @minusEquals +| @minusMinus | @module | @multiply | @multiplyEquals | @namespace | @newLine | @not | @number | @or | @orOr | @parallel | @param +| @parameter_token | @pipe | @plus | @plusEquals | @plusPlus | @postfixMinusMinus | @postfixPlusPlus | @private | @process | @public +| @questionDot | @questionLBracket | @questionMark | @questionQuestion | @questionQuestionEquals | @rBracket | @rCurly | @redirectInStd +| @redirection_token | @rem | @remainderEquals | @return | @rParen | @semi | @sequence | @shl | @shr | @splattedVariable | @static +| @stringExpandable | @stringLiteral_token | @switch | @throw | @trap | @try | @type | @unknown | @until | @using | @var | @variable +| @while | @workflow | @xor; + +case @token_kind_reference.kind of +28 = @ampersand // The invocation operator '&'. +| 53 = @and // The logical and operator '-and'. +| 26 = @andAnd // The (unimplemented) operator '&&'. +| 94 = @as // The type conversion operator '-as'. +| 165 = @assembly // The 'assembly' keyword +| 23 = @atCurly // The opening token of a hash expression '@{'. +| 22 = @atParen // The opening token of an array expression '@('. +| 56 = @band // The bitwise and operator '-band'. +| 168 = @base // The 'base' keyword +| 119 = @begin // The 'begin' keyword. +| 52 = @bnot // The bitwise not operator '-bnot'. +| 57 = @bor // The bitwise or operator '-bor'. +| 120 = @break // The 'break' keyword. +| 58 = @bxor // The bitwise exclusive or operator '-xor'. +| 121 = @catch // The 'catch' keyword. +| 87 = @ccontains // The case sensitive contains operator '-ccontains'. +| 76 = @ceq // The case sensitive equal operator '-ceq'. +| 78 = @cge // The case sensitive greater than or equal operator '-cge'. +| 79 = @cgt // The case sensitive greater than operator '-cgt'. +| 89 = @cin // The case sensitive in operator '-cin'. +| 122 = @class // The 'class' keyword. +| 81 = @cle // The case sensitive less than or equal operator '-cle'. +| 170 = @clean // The 'clean' keyword. +| 82 = @clike // The case sensitive like operator '-clike'. +| 80 = @clt // The case sensitive less than operator '-clt'. +| 84 = @cmatch // The case sensitive match operator '-cmatch'. +| 77 = @cne // The case sensitive not equal operator '-cne'. +| 88 = @cnotcontains // The case sensitive not contains operator '-cnotcontains'. +| 90 = @cnotin // The case sensitive not in operator '-notin'. +| 83 = @cnotlike // The case sensitive notlike operator '-cnotlike'. +| 85 = @cnotmatch // The case sensitive not match operator '-cnotmatch'. +| 99 = @colon // The PS class base class and implemented interfaces operator ':'. Also used in base class ctor calls. +| 34 = @colonColon // The static member access operator '::'. +| 30 = @comma // The unary or binary array operator ','. +| 166 = @command_token // The 'command' keyword +| 10 = @comment // A single line comment, or a delimited comment. +| 155 = @configuration // The "configuration" keyword +| 123 = @continue // The 'continue' keyword. +| 86 = @creplace // The case sensitive replace operator '-creplace'. +| 91 = @csplit // The case sensitive split operator '-csplit'. +| 124 = @data // The 'data' keyword. +| 169 = @default // The 'default' keyword +| 125 = @define // The (unimplemented) 'define' keyword. +| 38 = @divide // The division operator '/'. +| 46 = @divideEquals // The division assignment operator '/='. +| 126 = @do // The 'do' keyword. +| 24 = @dollarParen // The opening token of a sub-expression '$('. +| 35 = @dot // The instance member access or dot source invocation operator '.'. +| 33 = @dotDot // The range operator '..'. +| 156 = @dynamicKeyword // The token kind for dynamic keywords +| 127 = @dynamicparam // The 'dynamicparam' keyword. +| 128 = @else // The 'else' keyword. +| 129 = @elseIf // The 'elseif' keyword. +| 130 = @end // The 'end' keyword. +| 11 = @endOfInput // Marks the end of the input script or file. +| 161 = @enum // The 'enum' keyword +| 42 = @equals // The assignment operator '='. +| 36 = @exclaim // The logical not operator '!'. +| 131 = @exit // The 'exit' keyword. +| 132 = @filter // The 'filter' keyword. +| 133 = @finally // The 'finally' keyword. +| 134 = @for // The 'for' keyword. +| 135 = @foreach // The 'foreach' keyword. +| 50 = @format // The string format operator '-f'. +| 136 = @from // The (unimplemented) 'from' keyword. +| 137 = @function // The 'function' keyword. +| 7 = @generic // A token that is only valid as a command name, command argument, function name, or configuration name. It may contain characters not allowed in identifiers. Tokens with this kind are always instances of StringLiteralToken or StringExpandableToken if the token contains variable references or subexpressions. +| 15 = @hereStringExpandable // A double quoted here string literal. Tokens with this kind are always instances of StringExpandableToken. even if there are no nested tokens to expand. +| 14 = @hereStringLiteral // A single quoted here string literal. Tokens with this kind are always instances of StringLiteralToken. +| 167 = @hidden // The 'hidden' keyword +| 71 = @icontains // The case insensitive contains operator '-icontains' or '-contains'. +| 6 = @identifier // A simple identifier, always begins with a letter or '', and is followed by letters, numbers, or ''. +| 60 = @ieq // The case insensitive equal operator '-ieq' or '-eq'. +| 138 = @if // The 'if' keyword. +| 62 = @ige // The case insensitive greater than or equal operator '-ige' or '-ge'. +| 63 = @igt // The case insensitive greater than operator '-igt' or '-gt'. +| 73 = @iin // The case insensitive in operator '-iin' or '-in'. +| 65 = @ile // The case insensitive less than or equal operator '-ile' or '-le'. +| 66 = @ilike // The case insensitive like operator '-ilike' or '-like'. +| 64 = @ilt // The case insensitive less than operator '-ilt' or '-lt'. +| 68 = @imatch // The case insensitive match operator '-imatch' or '-match'. +| 139 = @in // The 'in' keyword. +| 61 = @ine // The case insensitive not equal operator '-ine' or '-ne'. +| 154 = @inlineScript // The 'InlineScript' keyword +| 72 = @inotcontains // The case insensitive notcontains operator '-inotcontains' or '-notcontains'. +| 74 = @inotin // The case insensitive notin operator '-inotin' or '-notin' +| 67 = @inotlike // The case insensitive not like operator '-inotlike' or '-notlike'. +| 69 = @inotmatch // The case insensitive not match operator '-inotmatch' or '-notmatch'. +| 160 = @interface // The 'interface' keyword +| 70 = @ireplace // The case insensitive replace operator '-ireplace' or '-replace'. +| 92 = @is // The type test operator '-is'. +| 93 = @isNot // The type test operator '-isnot'. +| 75 = @isplit // The case insensitive split operator '-isplit' or '-split'. +| 59 = @join // The join operator '-join'. +| 5 = @label // A label token - always begins with ':', followed by the label name. Tokens with this kind are always instances of LabelToken. +| 20 = @lBracket // The opening square brace token '['. +| 18 = @lCurly // The opening curly brace token '{'. +| 9 = @lineContinuation // A line continuation (backtick followed by newline). +| 16 = @lParen // The opening parenthesis token '('. +| 41 = @minus // The substraction operator '-'. +| 44 = @minusEquals // The subtraction assignment operator '-='. +| 31 = @minusMinus // The pre-decrement operator '--'. +| 163 = @module // The 'module' keyword +| 37 = @multiply // The multiplication operator '*'. +| 45 = @multiplyEquals // The multiplication assignment operator '*='. +| 162 = @namespace // The 'namespace' keyword +| 8 = @newLine // A newline (one of '\n', '\r', or '\r\n'). +| 51 = @not // The logical not operator '-not'. +| 4 = @number // Any numerical literal token. Tokens with this kind are always instances of NumberToken. +| 54 = @or // The logical or operator '-or'. +| 27 = @orOr // The (unimplemented) operator '||'. +| 152 = @parallel // The 'parallel' keyword. +| 140 = @param // The 'param' keyword. +| 3 = @parameter_token // A parameter to a command, always begins with a dash ('-'), followed by the parameter name. Tokens with this kind are always instances of ParameterToken. +| 29 = @pipe // The pipe operator '|'. +| 40 = @plus // The addition operator '+'. +| 43 = @plusEquals // The addition assignment operator '+='. +| 32 = @plusPlus // The pre-increment operator '++'. +| 96 = @postfixMinusMinus // The post-decrement operator '--'. +| 95 = @postfixPlusPlus // The post-increment operator '++'. +| 158 = @private // The 'private' keyword +| 141 = @process // The 'process' keyword. +| 157 = @public // The 'public' keyword +| 103 = @questionDot // The null conditional member access operator '?.'. +| 104 = @questionLBracket // The null conditional index access operator '?[]'. +| 100 = @questionMark // The ternary operator '?'. +| 102 = @questionQuestion // The null coalesce operator '??'. +| 101 = @questionQuestionEquals // The null conditional assignment operator '??='. +| 21 = @rBracket // The closing square brace token ']'. +| 19 = @rCurly // The closing curly brace token '}'. +| 49 = @redirectInStd // The (unimplemented) stdin redirection operator '<'. +| 48 = @redirection_token // A redirection operator such as '2>&1' or '>>'. +| 39 = @rem // The modulo division (remainder) operator '%'. +| 47 = @remainderEquals // The modulo division (remainder) assignment operator '%='. +| 142 = @return // The 'return' keyword. +| 17 = @rParen // The closing parenthesis token ')'. +| 25 = @semi // The statement terminator ';'. +| 153 = @sequence // The 'sequence' keyword. +| 97 = @shl // The shift left operator. +| 98 = @shr // The shift right operator. +| 2 = @splattedVariable // A splatted variable token, always begins with '@' and followed by the variable name. Tokens with this kind are always instances of VariableToken. +| 159 = @static // The 'static' keyword +| 13 = @stringExpandable // A double quoted string literal. Tokens with this kind are always instances of StringExpandableToken even if there are no nested tokens to expand. +| 12 = @stringLiteral_token // A single quoted string literal. Tokens with this kind are always instances of StringLiteralToken. +| 143 = @switch // The 'switch' keyword. +| 144 = @throw // The 'throw' keyword. +| 145 = @trap // The 'trap' keyword. +| 146 = @try // The 'try' keyword. +| 164 = @type // The 'type' keyword +| 0 = @unknown // An unknown token, signifies an error condition. +| 147 = @until // The 'until' keyword. +| 148 = @using // The (unimplemented) 'using' keyword. +| 149 = @var // The (unimplemented) 'var' keyword. +| 1 = @variable // A variable token, always begins with '$' and followed by the variable name, possibly enclose in curly braces. Tokens with this kind are always instances of VariableToken. +| 150 = @while // The 'while' keyword. +| 151 = @workflow // The 'workflow' keyword. +| 55 = @xor; // The logical exclusive or operator '-xor'. \ No newline at end of file diff --git a/powershell/ql/lib/upgrades/ce269c61feda10a8ca0d16519085f7e55741a694/semmlecode.powershell.dbscheme b/powershell/ql/lib/upgrades/ce269c61feda10a8ca0d16519085f7e55741a694/semmlecode.powershell.dbscheme new file mode 100644 index 00000000000..40bf985f18b --- /dev/null +++ b/powershell/ql/lib/upgrades/ce269c61feda10a8ca0d16519085f7e55741a694/semmlecode.powershell.dbscheme @@ -0,0 +1,1648 @@ +/* Mandatory */ +sourceLocationPrefix( + varchar(900) prefix: string ref +); + +/* Entity Locations */ +@location = @location_default; + +locations_default( + unique int id: @location_default, + int file: @file ref, + int beginLine: int ref, + int beginColumn: int ref, + int endLine: int ref, + int endColumn: int ref +); + +/* File Metadata */ + +numlines( + unique int element_id: @file ref, + int num_lines: int ref, + int num_code: int ref, + int num_comment: int ref +); + +files( + unique int id: @file, + varchar(900) name: string ref +); + +folders( + unique int id: @folder, + varchar(900) name: string ref +); + +@container = @folder | @file; + +containerparent( + int parent: @container ref, + unique int child: @container ref +); + +/* Comments */ +comment_entity( + unique int id: @comment_entity, + int text: @string_literal ref +); + +comment_entity_location( + unique int id: @comment_entity ref, + int loc: @location ref +); + +/* Messages */ +extractor_messages( + unique int id: @extractor_message, + int severity: int ref, + string origin : string ref, + string text : string ref, + string entity : string ref, + int location: @location_default ref, + string stack_trace : string ref +); + +parent( + int parent: @ast ref, + int child: @ast ref +); + +/* AST Nodes */ +// This is all the kinds of nodes that can inherit from Ast +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.ast?view=powershellsdk-7.3.0 +@ast = @not_implemented | @attribute_base | @catch_clause | @command_element | +@member | @named_block | @param_block | @parameter | @redirection | @script_block | @statement | @statement_block; +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.attributebaseast?view=powershellsdk-7.2.0 +@attribute_base = @attribute | @type_constraint; + +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.memberast?view=powershellsdk-7.3.0 +@member = @function_member | @property_member; + +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.commandbaseast?view=powershellsdk-7.3.0 +@command_base = @command | @command_expression; +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.chainableast?view=powershellsdk-7.3.0 +@chainable = @pipeline | @pipeline_chain; +//https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.pipelinebaseast?view=powershellsdk-7.3.0 +@pipeline_base = @chainable | @error_statement | @assignment_statement; +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.statementast?view=powershellsdk-7.3.0 +@statement = @block_statement +| @break_statement +| @command_base +| @configuration_definition +| @continue_statement +| @data_statement +| @dynamic_keyword_statement +| @exit_statement +| @function_definition +| @if_statement +| @labeled_statement +| @pipeline_base +| @return_statement +| @throw_statement +| @trap_statement +| @try_statement +| @type_definition +| @using_statement; + +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.loopstatementast?view=powershellsdk-7.3.0 +@loop_statement = @do_until_statement | @do_while_statement | @foreach_statement | @for_statement | @while_statement; +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.labeledstatementast?view=powershellsdk-7.3.0 +@labeled_statement = @loop_statement | @switch_statement; + +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.attributedexpressionast?view=powershellsdk-7.3.0 +@attributed_expression_ast = @attributed_expression | @convert_expression; + +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.memberexpressionast?view=powershellsdk-7.3.0 +@member_expression_base = @member_expression | @invoke_member_expression; // | @base_ctor_invoke_member_expression + +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.expressionast?view=powershellsdk-7.3.0 +@expression = @array_expression +| @array_literal +| @attributed_expression_ast +| @binary_expression +| @error_expression +| @expandable_string_expression +| @hash_table +| @index_expression +| @member_expression_base +| @paren_expression +| @script_block_expression +| @sub_expression +| @ternary_expression +| @type_expression +| @unary_expression +| @using_expression +| @variable_expression +| @base_constant_expression; + +// Constant expression can both be instanced and extended by string constant expression +@base_constant_expression = @constant_expression | @string_constant_expression; + +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.commandelementast?view=powershellsdk-7.3.0 +@command_element = @expression | @command_parameter; + +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.redirectionast?view=powershellsdk-7.3.0 +@redirection = @file_redirection | @merging_redirection; + +/** +Entries in this table indicate visited C# powershell ast objects which don't have parsing implemented yet. + +You can obtain the Type of the C# AST objects which don't yet have an associated entity to parse them + using this QL query on an extracted db: + +from string s +where not_implemented(_, s) +select s +*/ +not_implemented( + unique int id: @not_implemented, + string name: string ref +); + +not_implemented_location( + int id: @not_implemented ref, + int loc: @location ref +); + +// ArrayExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.arrayexpressionast?view=powershellsdk-7.3.0 +array_expression( + unique int id: @array_expression, + int subExpression: @statement_block ref +) + +array_expression_location( + int id: @array_expression ref, + int loc: @location ref +) + +// ArrayLiteralAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.arrayliteralast?view=powershellsdk-7.3.0 +array_literal( + unique int id: @array_literal +) + +array_literal_location( + int id: @array_literal ref, + int loc: @location ref +) + +array_literal_element( + int id: @array_literal ref, + int index: int ref, + int component: @expression ref +) + +// AssignmentStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.assignmentstatementast?view=powershellsdk-7.3.0 +// https://github.com/PowerShell/PowerShell/blob/48c9d683565ed9402430a27e09410d56d52d4bfd/src/System.Management.Automation/engine/parser/Compiler.cs#L983-L989 +assignment_statement( + unique int id: @assignment_statement, + int kind: int ref, // @token_kind ref + int left: @expression ref, + int right: @statement ref +) + +assignment_statement_location( + int id: @assignment_statement ref, + int loc: @location ref +) + +// NamedBlockAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.namedblockast?view=powershellsdk-7.3.0 +named_block( + unique int id: @named_block, + int numStatements: int ref, + int numTraps: int ref +) + +named_block_statement( + int id: @named_block ref, + int index: int ref, + int statement: @statement ref +) + +named_block_trap( + int id: @named_block ref, + int index: int ref, + int trap: @trap_statement ref +) + +named_block_location( + int id: @named_block ref, + int loc: @location ref +) + +// ScriptBlockAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.scriptblockast?view=powershellsdk-7.3.0 +script_block( + unique int id: @script_block, + int numUsings: int ref, + int numRequiredModules: int ref, + int numRequiredAssemblies: int ref, + int numRequiredPsEditions: int ref, + int numRequiredPsSnapins: int ref +) + +script_block_param_block( + int id: @script_block ref, + int the_param_block: @param_block ref +) + +script_block_begin_block( + int id: @script_block ref, + int begin_block: @named_block ref +) + +script_block_clean_block( + int id: @script_block ref, + int clean_block: @named_block ref +) + +script_block_dynamic_param_block( + int id: @script_block ref, + int dynamic_param_block: @named_block ref +) + +script_block_end_block( + int id: @script_block ref, + int end_block: @named_block ref +) + +script_block_process_block( + int id: @script_block ref, + int process_block: @named_block ref +) + +script_block_using( + int id: @script_block ref, + int index: int ref, + int using: @ast ref +) + +script_block_required_application_id( + int id: @script_block ref, + string application_id: string ref +) + +script_block_requires_elevation( + int id: @script_block ref, + boolean requires_elevation: boolean ref +) + +script_block_required_ps_version( + int id: @script_block ref, + string required_ps_version: string ref +) + +script_block_required_module( + int id: @script_block ref, + int index: int ref, + int required_module: @module_specification ref +) + +script_block_required_assembly( + int id: @script_block ref, + int index: int ref, + string required_assembly: string ref +) + +script_block_required_ps_edition( + int id: @script_block ref, + int index: int ref, + string required_ps_edition: string ref +) + +script_block_requires_ps_snapin( + int id: @script_block ref, + int index: int ref, + string name: string ref, + string version: string ref +) + +script_block_location( + int id: @script_block ref, + int loc: @location ref +) + +// ModuleSpecification +// https://learn.microsoft.com/en-us/dotnet/api/microsoft.powershell.commands.modulespecification?view=powershellsdk-7.3.0 +module_specification( + unique int id: @module_specification, + string name: string ref, + string guid: string ref, + string maxVersion: string ref, + string requiredVersion: string ref, + string version: string ref +) + +// BinaryExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.binaryexpressionast?view=powershellsdk-7.3.0 +// https://github.com/PowerShell/PowerShell/blob/48c9d683565ed9402430a27e09410d56d52d4bfd/src/System.Management.Automation/engine/parser/Compiler.cs#L5675-L5947 +binary_expression( + unique int id: @binary_expression, + int kind: int ref, // @token_kind ref + int left: @expression ref, + int right: @expression ref +) + +// @binary_expression_kind = @And | @Is | @IsNot | @As | @DotDot | @Multiply | @Divide | @Rem | @Plus | @Minus | @Format | @Xor | @Shl | @Shr | @Band | @Bor | @Bxor | @Join | @Ieq | @Ine | @Ige | @Igt | @Ilt | @Ile | @Ilike | @Inotlike | @Inotmatch | @Imatch | @Ireplace | @Inotcontains | @Icontains | @Iin | @Inotin | @Isplit | @Ceq | @Cge | @Cgt | @Clt | @Cle | @Clike | @Cnotlike | @Cnotmatch | @Cmatch | @Ccontains | @Creplace | @Cin | @Cnotin | @Csplit | @QuestionQuestion; + +binary_expression_location( + int id: @binary_expression ref, + int loc: @location ref +) + +// ConstantExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.constantexpressionast?view=powershellsdk-7.3.0 +constant_expression( + unique int id: @constant_expression, + string staticType: string ref +) + +constant_expression_value( + int id: @constant_expression ref, + int value: @string_literal ref +) + +constant_expression_location( + int id: @constant_expression ref, + int loc: @location ref +) + +// ConvertExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.convertexpressionast?view=powershellsdk-7.3.0 +convert_expression( + unique int id: @convert_expression, + int the_attribute: @ast ref, + int child: @ast ref, + int object_type: @ast ref, + string staticType: string ref +) + +convert_expression_location( + int id: @convert_expression ref, + int loc: @location ref +) + +// IndexExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.indexexpressionast?view=powershellsdk-7.3.0 +index_expression( + unique int id: @index_expression, + int index: @ast ref, + int target: @ast ref, + boolean nullConditional: boolean ref +) + +index_expression_location( + int id: @index_expression ref, + int loc: @location ref +) + +// IfStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.ifstatementast?view=powershellsdk-7.3.0 +if_statement( + unique int id: @if_statement +) + +if_statement_clause( + int id: @if_statement ref, + int index: int ref, + int item1: @ast ref, + int item2: @ast ref +) + +if_statement_else( + int id: @if_statement ref, + int elseItem: @ast ref +) + +if_statement_location( + int id: @if_statement ref, + int loc: @location ref +) + +// MemberExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.memberexpressionast?view=powershellsdk-7.3.0 +member_expression( + unique int id: @member_expression, + int expression: @ast ref, + int member: @ast ref, + boolean nullConditional: boolean ref, + boolean isStatic: boolean ref +) + +member_expression_location( + int id: @member_expression ref, + int loc: @location ref +) + +// StatementBlockAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.statementblockast?view=powershellsdk-7.3.0 +statement_block( + unique int id: @statement_block, + int numStatements: int ref, + int numTraps : int ref +) + +statement_block_location( + int id: @statement_block ref, + int loc: @location ref +) + +statement_block_statement( + int id: @statement_block ref, + int index: int ref, + int statement: @statement ref +) + +statement_block_trap( + int id: @statement_block ref, + int index: int ref, + int trap: @trap_statement ref +) + +// SubExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.subexpressionast?view=powershellsdk-7.3.0 +sub_expression( + unique int id: @sub_expression, + int subExpression: @ast ref +) + +sub_expression_location( + int id: @sub_expression ref, + int loc: @location ref +) + +// VariableExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.variableexpressionast?view=powershellsdk-7.3.0 +variable_expression( + unique int id: @variable_expression, + string userPath: string ref, + string driveName: string ref, + boolean isConstant: boolean ref, + boolean isGlobal: boolean ref, + boolean isLocal: boolean ref, + boolean isPrivate: boolean ref, + boolean isScript: boolean ref, + boolean isUnqualified: boolean ref, + boolean isUnscoped: boolean ref, + boolean isVariable: boolean ref, + boolean isDriveQualified: boolean ref +) + +variable_expression_location( + int id: @variable_expression ref, + int loc: @location ref +) + +// CommandExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.commandexpressionast?view=powershellsdk-7.3.0 +command_expression( + unique int id: @command_expression, + int wrapped: @expression ref, + int numRedirections: int ref +) + +command_expression_location( + int id: @command_expression ref, + int loc: @location ref +) + +command_expression_redirection( + int id: @command_expression ref, + int index: int ref, + int redirection: @redirection ref +) + +// StringConstantExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.stringconstantexpressionast?view=powershellsdk-7.3.0 +string_constant_expression( + unique int id: @string_constant_expression, + int value: @string_literal ref +) + +string_constant_expression_location( + int id: @string_constant_expression ref, + int loc: @location ref +) + +// PipelineAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.pipelineast?view=powershellsdk-7.3.0 +pipeline( + unique int id: @pipeline, + int numComponents: int ref +) + +pipeline_location( + int id: @pipeline ref, + int loc: @location ref +) + +pipeline_component( + int id: @pipeline ref, + int index: int ref, + int component: @command_base ref +) + +// CommandAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.commandast?view=powershellsdk-7.3.0 +command( + unique int id: @command, + string name: string ref, + int kind: int ref, // @token_kind ref + int numElements: int ref, + int numRedirections: int ref +) + +command_location( + int id: @command ref, + int loc: @location ref +) + +command_command_element( + int id: @command ref, + int index: int ref, + int component: @command_element ref +) + +command_redirection( + int id: @command ref, + int index: int ref, + int redirection: @redirection ref +) + +// InvokeMemberExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.invokememberexpressionast?view=powershellsdk-7.3.0 +invoke_member_expression( + unique int id: @invoke_member_expression, + int expression: @expression ref, + int member: @command_element ref +) + +invoke_member_expression_location( + int id: @invoke_member_expression ref, + int loc: @location ref +) + +invoke_member_expression_argument( + int id: @invoke_member_expression ref, + int index: int ref, + int argument: @expression ref +) + +// ParenExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.parenexpressionast?view=powershellsdk-7.3.0 +paren_expression( + unique int id: @paren_expression, + int expression: @pipeline_base ref +) + +paren_expression_location( + int id: @paren_expression ref, + int loc: @location ref +) + + +// TernaryStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.ternaryexpressionast?view=powershellsdk-7.3.0 +ternary_expression( + unique int id: @ternary_expression, + int condition: @expression ref, + int ifFalse: @expression ref, + int iftrue: @expression ref +) + +ternary_expression_location( + int id: @ternary_expression ref, + int loc: @location ref +) + +// ExitStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.exitstatementast?view=powershellsdk-7.3.0 +exit_statement( + unique int id: @exit_statement +) + +exit_statement_pipeline( + int id: @exit_statement ref, + int expression: @ast ref +) + +exit_statement_location( + int id: @exit_statement ref, + int loc: @location ref +) + + +// TypeExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.typeexpressionast?view=powershellsdk-7.3.0 +type_expression( + unique int id: @type_expression, + string name: string ref, + string fullName: string ref +) + +type_expression_location( + int id: @type_expression ref, + int loc: @location ref +) + +// CommandParameterAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.commandparameterast?view=powershellsdk-7.3.0 +command_parameter( + unique int id: @command_parameter, + string name: string ref +) + +command_parameter_location( + int id: @command_parameter ref, + int loc: @location ref +) + +command_parameter_argument( + int id: @command_parameter ref, + int argument: @ast ref +) + +// NamedAttributeArgumentAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.namedattributeargumentast?view=powershellsdk-7.3.0 +named_attribute_argument( + unique int id: @named_attribute_argument, + string name: string ref, + int argument: @expression ref +) + +named_attribute_argument_location( + int id: @named_attribute_argument ref, + int loc: @location ref +) + +// AttributeAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.attributeast?view=powershellsdk-7.3.0 +attribute( + unique int id: @attribute, + string name: string ref, + int numNamedArguments: int ref, + int numPositionalArguments: int ref +) + +attribute_named_argument( + int id: @attribute ref, + int index: int ref, + int argument: @named_attribute_argument ref +) + +attribute_positional_argument( + int id: @attribute ref, + int index: int ref, + int argument: @expression ref +) + +attribute_location( + int id: @attribute ref, + int id: @location ref +) + +// ParamBlockAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.paramblockast?view=powershellsdk-7.3.0 +param_block( + unique int id: @param_block, + int numAttributes: int ref, + int numParameters: int ref +) + +param_block_attribute( + int id: @param_block ref, + int index: int ref, + int the_attribute: @attribute ref +) + +param_block_parameter( + int id: @param_block ref, + int index: int ref, + int the_parameter: @parameter ref +) + +param_block_location( + int id: @param_block ref, + int id: @location ref +) + +// ParameterAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.parameterast?view=powershellsdk-7.3.0 +parameter( + unique int id: @parameter, + int name: @variable_expression ref, + string staticType: string ref, + int numAttributes: int ref +) + +parameter_attribute( + int id: @parameter ref, + int index: int ref, + int the_attribute: @attribute_base ref +) + +parameter_location( + int id: @parameter ref, + int loc: @location ref +) + +parameter_default_value( + int id: @parameter ref, + int default_value: @expression ref +) + +// TypeConstraintAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.typeconstraintast?view=powershellsdk-7.3.0 +type_constraint( + unique int id: @type_constraint, + string name: string ref, + string fullName: string ref +) + +type_constraint_location( + int id: @type_constraint ref, + int loc: @location ref +) + +// FunctionDefinitionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.functiondefinitionast?view=powershellsdk-7.3.0 +function_definition( + unique int id: @function_definition, + int body: @script_block ref, + string name: string ref, + boolean isFilter: boolean ref, + boolean isWorkflow: boolean ref +) + +function_definition_parameter( + int id: @function_definition ref, + int index: int ref, + int parameter: @parameter ref +) + +function_definition_location( + int id: @function_definition ref, + int loc: @location ref +) + +// BreakStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.breakstatementast?view=powershellsdk-7.3.0 +break_statement( + unique int id: @break_statement +) + +break_statement_location( + int id: @break_statement ref, + int loc: @location ref +) + +// ContinueStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.continuestatementast?view=powershellsdk-7.3.0 +continue_statement( + unique int id: @continue_statement +) + +continue_statement_location( + int id: @continue_statement ref, + int loc: @location ref +) +@labelled_statement = @continue_statement | @break_statement; + +statement_label( + int id: @labelled_statement ref, + int label: @ast ref +) + +// ReturnStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.returnstatementast?view=powershellsdk-7.3.0 +return_statement( + unique int id: @return_statement +) + +return_statement_pipeline( + int id: @return_statement ref, + int pipeline: @ast ref +) + +return_statement_location( + int id: @return_statement ref, + int loc: @location ref +) + +// DoWhileStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.dowhilestatementast?view=powershellsdk-7.3.0 +do_while_statement( + unique int id: @do_while_statement, + int body: @ast ref +) + +do_while_statement_condition( + int id: @do_while_statement ref, + int condition: @ast ref +) + +do_while_statement_location( + int id: @do_while_statement ref, + int loc: @location ref +) + +// DoUntilStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.dountilstatementast?view=powershellsdk-7.3.0 +do_until_statement( + unique int id: @do_until_statement, + int body: @ast ref +) + +do_until_statement_condition( + int id: @do_until_statement ref, + int condition: @ast ref +) + +do_until_statement_location( + int id: @do_until_statement ref, + int loc: @location ref +) + +// WhileStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.whilestatementast?view=powershellsdk-7.3.0 +while_statement( + unique int id: @while_statement, + int body: @ast ref +) + +while_statement_condition( + int id: @while_statement ref, + int condition: @ast ref +) + +while_statement_location( + int id: @while_statement ref, + int loc: @location ref +) + +// ForEachStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.foreachstatementast?view=powershellsdk-7.3.0 +foreach_statement( + unique int id: @foreach_statement, + int variable: @ast ref, + int condition: @ast ref, + int body: @ast ref, + int flags: int ref +) + +foreach_statement_location( + int id: @foreach_statement ref, + int loc: @location ref +) + +// ForStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.forstatementast?view=powershellsdk-7.3.0 +for_statement( + unique int id: @for_statement, + int body: @ast ref +) + +for_statement_location( + int id: @for_statement ref, + int loc: @location ref +) + +for_statement_condition( + int id: @for_statement ref, + int condition: @ast ref +) + +for_statement_initializer( + int id: @for_statement ref, + int initializer: @ast ref +) + +for_statement_iterator( + int id: @for_statement ref, + int iterator: @ast ref +) + +// ExpandableStringExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.expandablestringexpressionast?view=powershellsdk-7.3.0 +expandable_string_expression( + unique int id: @expandable_string_expression, + int value: @string_literal ref, + int kind: int ref, + int numExpression: int ref +) + +case @expandable_string_expression.kind of + 4 = @BareWord +| 2 = @DoubleQuoted +| 3 = @DoubleQuotedHereString +| 0 = @SingleQuoted +| 1 = @SingleQuotedHereString; + +expandable_string_expression_location( + int id: @expandable_string_expression ref, + int loc: @location ref +) + +expandable_string_expression_nested_expression( + int id: @expandable_string_expression ref, + int index: int ref, + int nestedExression: @expression ref +) + +// StringLiterals +// Contains string literals broken into lines to prevent breaks in the trap from multiline strings +string_literal( + unique int id: @string_literal +) + +string_literal_location( + int id: @string_literal ref, + int loc: @location ref +) + +string_literal_line( + int id: @string_literal ref, + int lineNum: int ref, + string line: string ref +) + +// UnaryExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.unaryexpressionast?view=powershellsdk-7.3.0 +unary_expression( + unique int id: @unary_expression, + int child: @ast ref, + int kind: int ref, + string staticType: string ref +) + +unary_expression_location( + int id: @unary_expression ref, + int loc: @location ref +) + +// CatchClauseAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.catchclauseast?view=powershellsdk-7.3.0 +catch_clause( + unique int id: @catch_clause, + int body: @ast ref, + boolean isCatchAll: boolean ref +) + +catch_clause_catch_type( + int id: @catch_clause ref, + int index: int ref, + int catch_type: @ast ref +) + +catch_clause_location( + int id: @catch_clause ref, + int loc: @location ref +) + +// ThrowStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.throwstatementast?view=powershellsdk-7.3.0 +throw_statement( + unique int id: @throw_statement, + boolean isRethrow: boolean ref +) + +throw_statement_location( + int id: @throw_statement ref, + int loc: @location ref +) + +throw_statement_pipeline( + int id: @throw_statement ref, + int pipeline: @ast ref +) + +// TryStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.trystatementast?view=powershellsdk-7.3.0 +try_statement( + unique int id: @try_statement, + int body: @ast ref +) + +try_statement_catch_clause( + int id: @try_statement ref, + int index: int ref, + int catch_clause: @catch_clause ref +) + + +try_statement_finally( + int id: @try_statement ref, + int finally: @ast ref +) + +try_statement_location( + int id: @try_statement ref, + int loc: @location ref +) + +// FileRedirectionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.fileredirectionast?view=powershellsdk-7.3.0 +file_redirection( + unique int id: @file_redirection, + int location: @ast ref, + boolean isAppend: boolean ref, + int redirectionType: int ref +) + +case @file_redirection.redirectionType of + 0 = @All +| 1 = @Output +| 2 = @Error +| 3 = @Warning +| 4 = @Verbose +| 5 = @Debug +| 6 = @Information; + +file_redirection_location( + int id: @file_redirection ref, + int loc: @location ref +) + +// BlockStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.blockstatementast?view=powershellsdk-7.3.0 +block_statement( + unique int id: @block_statement, + int body: @ast ref, + int token: @token ref +) + +block_statement_location( + int id: @block_statement ref, + int loc: @location ref +) + +// Token +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.token?view=powershellsdk-7.3.0 +token( + unique int id: @token, + boolean hasError: boolean ref, + int kind: int ref, + string text: string ref, + int tokenFlags: int ref +) + +token_location( + int id: @token ref, + int loc: @location ref +) + +// ConfigurationDefinitionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.configurationdefinitionast?view=powershellsdk-7.3.0 +configuration_definition( + unique int id: @configuration_definition, + int body: @ast ref, + int configurationType: int ref, + int name: @ast ref +) + +configuration_definition_location( + int id: @configuration_definition ref, + int loc: @location ref +) + +// DataStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.datastatementast?view=powershellsdk-7.3.0 +data_statement( + unique int id: @data_statement, + int body: @ast ref +) + +data_statement_variable( + int id: @data_statement ref, + string variable: string ref +) + +data_statement_commands_allowed( + int id: @data_statement ref, + int index: int ref, + int command_allowed: @ast ref +) + +data_statement_location( + int id: @data_statement ref, + int loc: @location ref +) + +// DynamicKeywordStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.dynamickeywordstatementast?view=powershellsdk-7.3.0 +dynamic_keyword_statement( + unique int id: @dynamic_keyword_statement +) + +dynamic_keyword_statement_command_elements( + int id: @dynamic_keyword_statement ref, + int index: int ref, + int element: @command_element ref +) + +dynamic_keyword_statement_location( + int id: @dynamic_keyword_statement ref, + int loc: @location ref +) + +// ErrorExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.errorexpressionast?view=powershellsdk-7.3.0 +error_expression( + unique int id: @error_expression +) + +error_expression_nested_ast( + int id: @error_expression ref, + int index: int ref, + int nested_ast: @ast ref +) + +error_expression_location( + int id: @error_expression ref, + int loc: @location ref +) + +// ErrorStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.errorstatementast?view=powershellsdk-7.3.0 +error_statement( + unique int id: @error_statement, + int token: @token ref +) + +error_statement_location( + int id: @error_statement ref, + int loc: @location ref +) + +error_statement_nested_ast( + int id: @error_statement ref, + int index: int ref, + int nested_ast: @ast ref +) + +error_statement_conditions( + int id: @error_statement ref, + int index: int ref, + int condition: @ast ref +) + +error_statement_bodies( + int id: @error_statement ref, + int index: int ref, + int body: @ast ref +) + +error_statement_flag( + int id: @error_statement ref, + int index: int ref, + int k: string ref, // The key + int token: @token ref, // These two form a tuple of the value + int ast: @ast ref +) + +// FunctionMemberAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.functionmemberast?view=powershellsdk-7.3.0 +function_member( + unique int id: @function_member, + int body: @ast ref, + boolean isConstructor: boolean ref, + boolean isHidden: boolean ref, + boolean isPrivate: boolean ref, + boolean isPublic: boolean ref, + boolean isStatic: boolean ref, + string name: string ref, + int methodAttributes: int ref +) + +function_member_location( + int id: @function_member ref, + int loc: @location ref +) + +function_member_parameter( + int id: @function_member ref, + int index: int ref, + int parameter: @ast ref +) + +function_member_attribute( + int id: @function_member ref, + int index: int ref, + int attribute: @ast ref +) + +function_member_return_type( + int id: @function_member ref, + int return_type: @type_constraint ref +) + +// MergingRedirectionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.mergingredirectionast?view=powershellsdk-7.3.0 +merging_redirection( + unique int id: @merging_redirection, + int from: int ref, + int to: int ref +) + +merging_redirection_location( + int id: @merging_redirection ref, + int loc: @location ref +) + + +label( + int id: @labeled_statement ref, + string label: string ref +) + +// TrapStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.trapstatementast?view=powershellsdk-7.3.0 +trap_statement( + unique int id: @trap_statement, + int body: @ast ref +) + +trap_statement_type( + int id: @trap_statement ref, + int trap_type: @type_constraint ref +) + +trap_statement_location( + int id: @trap_statement ref, + int loc: @location ref +) + +// PipelineChainAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.pipelinechainast?view=powershellsdk-7.3.0 +pipeline_chain( + unique int id: @pipeline_chain, + boolean isBackground: boolean ref, + int kind: int ref, + int left: @ast ref, + int right: @ast ref +) + +pipeline_chain_location( + int id: @pipeline_chain ref, + int loc: @location ref +) + +// PropertyMemberAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.propertymemberast?view=powershellsdk-7.3.0 +property_member( + unique int id: @property_member, + boolean isHidden: boolean ref, + boolean isPrivate: boolean ref, + boolean isPublic: boolean ref, + boolean isStatic: boolean ref, + string name: string ref, + int methodAttributes: int ref +) + +property_member_attribute( + int id: @property_member ref, + int index: int ref, + int attribute: @ast ref +) + +property_member_property_type( + int id: @property_member ref, + int property_type: @type_constraint ref +) + +property_member_initial_value( + int id: @property_member ref, + int initial_value: @ast ref +) + +property_member_location( + int id: @property_member ref, + int loc: @location ref +) + +// ScriptBlockExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.scriptblockexpressionast?view=powershellsdk-7.3.0 +script_block_expression( + unique int id: @script_block_expression, + int body: @script_block ref +) + +script_block_expression_location( + int id: @script_block_expression ref, + int loc: @location ref +) + +// SwitchStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.switchstatementast?view=powershellsdk-7.3.0 +switch_statement( + unique int id: @switch_statement, + int condition: @ast ref, + int flags: int ref +) + +switch_statement_clauses( + int id: @switch_statement ref, + int index: int ref, + int expression: @ast ref, + int statementBlock: @ast ref +) + +switch_statement_location( + int id: @switch_statement ref, + int loc: @location ref +) + +switch_statement_default( + int id: @switch_statement ref, + int default: @ast ref +) + +// TypeDefinitionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.typedefinitionast?view=powershellsdk-7.3.0 +type_definition( + unique int id: @type_definition, + string name: string ref, + int flags: int ref, + boolean isClass: boolean ref, + boolean isEnum: boolean ref, + boolean isInterface: boolean ref +) + +type_definition_attributes( + int id: @type_definition ref, + int index: int ref, + int attribute: @ast ref +) + +type_definition_members( + int id: @type_definition ref, + int index: int ref, + int member: @ast ref +) + +type_definition_location( + int id: @type_definition ref, + int loc: @location ref +) + +type_definition_base_type( + int id: @type_definition ref, + int index: int ref, + int base_type: @type_constraint ref +) + +// UsingExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.usingexpressionast?view=powershellsdk-7.3.0 +using_expression( + unique int id: @using_expression, + int subExpression: @ast ref +) + +using_expression_location( + int id: @using_expression ref, + int loc: @location ref +) + +// UsingStatementAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.usingstatementast?view=powershellsdk-7.3.0 +using_statement( + unique int id: @using_statement, + int kind: int ref +) + +using_statement_location( + int id: @using_statement ref, + int loc: @location ref +) + +using_statement_alias( + int id: @using_statement ref, + int alias: @ast ref +) + +using_statement_module_specification( + int id: @using_statement ref, + int module_specification: @ast ref +) + +using_statement_name( + int id: @using_statement ref, + int name: @ast ref +) + +// HashTableAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.hashtableast?view=powershellsdk-7.3.0 +hash_table( + unique int id: @hash_table +) + +hash_table_location( + int id: @hash_table ref, + int loc: @location ref +) + +hash_table_key_value_pairs( + int id: @hash_table ref, + int index: int ref, + int k: @ast ref, + int v: @ast ref +) + +// AttributedExpressionAst +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.attributedexpressionast?view=powershellsdk-7.3.0 +attributed_expression( + unique int id: @attributed_expression, + int attribute: @ast ref, + int expression: @ast ref +) + +attributed_expression_location( + int id: @attributed_expression ref, + int loc: @location ref +) + +// TokenKind +// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.tokenkind?view=powershellsdk-7.3.0 +token_kind_reference( + unique int id: @token_kind_reference, + string name: string ref, + int kind: int ref +) + +@token_kind = @ampersand | @and | @andAnd | @as | @assembly | @atCurly | @atParen | @band | @base | @begin | @bnot | @bor | @break +| @bxor | @catch | @ccontains | @ceq | @cge | @cgt | @cin | @class | @cle | @clean | @clike | @clt | @cmatch | @cne | @cnotcontains +| @cnotin | @cnotlike | @cnotmatch | @colon | @colonColon | @comma | @command_token | @comment | @configuration | @continue | @creplace +| @csplit | @data | @default | @define | @divide | @divideEquals | @do | @dollarParen | @dot | @dotDot | @dynamicKeyword | @dynamicparam +| @else | @elseIf | @end | @endOfInput | @enum | @equals | @exclaim | @exit | @filter | @finally | @for | @foreach | @format | @from +| @function | @generic | @hereStringExpandable | @hereStringLiteral | @hidden | @icontains | @identifier | @ieq | @if | @ige | @igt +| @iin | @ile | @ilike | @ilt | @imatch | @in | @ine | @inlineScript | @inotcontains | @inotin | @inotlike | @inotmatch | @interface +| @ireplace | @is | @isNot | @isplit | @join | @label | @lBracket | @lCurly | @lineContinuation | @lParen | @minus | @minusEquals +| @minusMinus | @module | @multiply | @multiplyEquals | @namespace | @newLine | @not | @number | @or | @orOr | @parallel | @param +| @parameter_token | @pipe | @plus | @plusEquals | @plusPlus | @postfixMinusMinus | @postfixPlusPlus | @private | @process | @public +| @questionDot | @questionLBracket | @questionMark | @questionQuestion | @questionQuestionEquals | @rBracket | @rCurly | @redirectInStd +| @redirection_token | @rem | @remainderEquals | @return | @rParen | @semi | @sequence | @shl | @shr | @splattedVariable | @static +| @stringExpandable | @stringLiteral_token | @switch | @throw | @trap | @try | @type | @unknown | @until | @using | @var | @variable +| @while | @workflow | @xor; + +case @token_kind_reference.kind of +28 = @ampersand // The invocation operator '&'. +| 53 = @and // The logical and operator '-and'. +| 26 = @andAnd // The (unimplemented) operator '&&'. +| 94 = @as // The type conversion operator '-as'. +| 165 = @assembly // The 'assembly' keyword +| 23 = @atCurly // The opening token of a hash expression '@{'. +| 22 = @atParen // The opening token of an array expression '@('. +| 56 = @band // The bitwise and operator '-band'. +| 168 = @base // The 'base' keyword +| 119 = @begin // The 'begin' keyword. +| 52 = @bnot // The bitwise not operator '-bnot'. +| 57 = @bor // The bitwise or operator '-bor'. +| 120 = @break // The 'break' keyword. +| 58 = @bxor // The bitwise exclusive or operator '-xor'. +| 121 = @catch // The 'catch' keyword. +| 87 = @ccontains // The case sensitive contains operator '-ccontains'. +| 76 = @ceq // The case sensitive equal operator '-ceq'. +| 78 = @cge // The case sensitive greater than or equal operator '-cge'. +| 79 = @cgt // The case sensitive greater than operator '-cgt'. +| 89 = @cin // The case sensitive in operator '-cin'. +| 122 = @class // The 'class' keyword. +| 81 = @cle // The case sensitive less than or equal operator '-cle'. +| 170 = @clean // The 'clean' keyword. +| 82 = @clike // The case sensitive like operator '-clike'. +| 80 = @clt // The case sensitive less than operator '-clt'. +| 84 = @cmatch // The case sensitive match operator '-cmatch'. +| 77 = @cne // The case sensitive not equal operator '-cne'. +| 88 = @cnotcontains // The case sensitive not contains operator '-cnotcontains'. +| 90 = @cnotin // The case sensitive not in operator '-notin'. +| 83 = @cnotlike // The case sensitive notlike operator '-cnotlike'. +| 85 = @cnotmatch // The case sensitive not match operator '-cnotmatch'. +| 99 = @colon // The PS class base class and implemented interfaces operator ':'. Also used in base class ctor calls. +| 34 = @colonColon // The static member access operator '::'. +| 30 = @comma // The unary or binary array operator ','. +| 166 = @command_token // The 'command' keyword +| 10 = @comment // A single line comment, or a delimited comment. +| 155 = @configuration // The "configuration" keyword +| 123 = @continue // The 'continue' keyword. +| 86 = @creplace // The case sensitive replace operator '-creplace'. +| 91 = @csplit // The case sensitive split operator '-csplit'. +| 124 = @data // The 'data' keyword. +| 169 = @default // The 'default' keyword +| 125 = @define // The (unimplemented) 'define' keyword. +| 38 = @divide // The division operator '/'. +| 46 = @divideEquals // The division assignment operator '/='. +| 126 = @do // The 'do' keyword. +| 24 = @dollarParen // The opening token of a sub-expression '$('. +| 35 = @dot // The instance member access or dot source invocation operator '.'. +| 33 = @dotDot // The range operator '..'. +| 156 = @dynamicKeyword // The token kind for dynamic keywords +| 127 = @dynamicparam // The 'dynamicparam' keyword. +| 128 = @else // The 'else' keyword. +| 129 = @elseIf // The 'elseif' keyword. +| 130 = @end // The 'end' keyword. +| 11 = @endOfInput // Marks the end of the input script or file. +| 161 = @enum // The 'enum' keyword +| 42 = @equals // The assignment operator '='. +| 36 = @exclaim // The logical not operator '!'. +| 131 = @exit // The 'exit' keyword. +| 132 = @filter // The 'filter' keyword. +| 133 = @finally // The 'finally' keyword. +| 134 = @for // The 'for' keyword. +| 135 = @foreach // The 'foreach' keyword. +| 50 = @format // The string format operator '-f'. +| 136 = @from // The (unimplemented) 'from' keyword. +| 137 = @function // The 'function' keyword. +| 7 = @generic // A token that is only valid as a command name, command argument, function name, or configuration name. It may contain characters not allowed in identifiers. Tokens with this kind are always instances of StringLiteralToken or StringExpandableToken if the token contains variable references or subexpressions. +| 15 = @hereStringExpandable // A double quoted here string literal. Tokens with this kind are always instances of StringExpandableToken. even if there are no nested tokens to expand. +| 14 = @hereStringLiteral // A single quoted here string literal. Tokens with this kind are always instances of StringLiteralToken. +| 167 = @hidden // The 'hidden' keyword +| 71 = @icontains // The case insensitive contains operator '-icontains' or '-contains'. +| 6 = @identifier // A simple identifier, always begins with a letter or '', and is followed by letters, numbers, or ''. +| 60 = @ieq // The case insensitive equal operator '-ieq' or '-eq'. +| 138 = @if // The 'if' keyword. +| 62 = @ige // The case insensitive greater than or equal operator '-ige' or '-ge'. +| 63 = @igt // The case insensitive greater than operator '-igt' or '-gt'. +| 73 = @iin // The case insensitive in operator '-iin' or '-in'. +| 65 = @ile // The case insensitive less than or equal operator '-ile' or '-le'. +| 66 = @ilike // The case insensitive like operator '-ilike' or '-like'. +| 64 = @ilt // The case insensitive less than operator '-ilt' or '-lt'. +| 68 = @imatch // The case insensitive match operator '-imatch' or '-match'. +| 139 = @in // The 'in' keyword. +| 61 = @ine // The case insensitive not equal operator '-ine' or '-ne'. +| 154 = @inlineScript // The 'InlineScript' keyword +| 72 = @inotcontains // The case insensitive notcontains operator '-inotcontains' or '-notcontains'. +| 74 = @inotin // The case insensitive notin operator '-inotin' or '-notin' +| 67 = @inotlike // The case insensitive not like operator '-inotlike' or '-notlike'. +| 69 = @inotmatch // The case insensitive not match operator '-inotmatch' or '-notmatch'. +| 160 = @interface // The 'interface' keyword +| 70 = @ireplace // The case insensitive replace operator '-ireplace' or '-replace'. +| 92 = @is // The type test operator '-is'. +| 93 = @isNot // The type test operator '-isnot'. +| 75 = @isplit // The case insensitive split operator '-isplit' or '-split'. +| 59 = @join // The join operator '-join'. +| 5 = @label // A label token - always begins with ':', followed by the label name. Tokens with this kind are always instances of LabelToken. +| 20 = @lBracket // The opening square brace token '['. +| 18 = @lCurly // The opening curly brace token '{'. +| 9 = @lineContinuation // A line continuation (backtick followed by newline). +| 16 = @lParen // The opening parenthesis token '('. +| 41 = @minus // The substraction operator '-'. +| 44 = @minusEquals // The subtraction assignment operator '-='. +| 31 = @minusMinus // The pre-decrement operator '--'. +| 163 = @module // The 'module' keyword +| 37 = @multiply // The multiplication operator '*'. +| 45 = @multiplyEquals // The multiplication assignment operator '*='. +| 162 = @namespace // The 'namespace' keyword +| 8 = @newLine // A newline (one of '\n', '\r', or '\r\n'). +| 51 = @not // The logical not operator '-not'. +| 4 = @number // Any numerical literal token. Tokens with this kind are always instances of NumberToken. +| 54 = @or // The logical or operator '-or'. +| 27 = @orOr // The (unimplemented) operator '||'. +| 152 = @parallel // The 'parallel' keyword. +| 140 = @param // The 'param' keyword. +| 3 = @parameter_token // A parameter to a command, always begins with a dash ('-'), followed by the parameter name. Tokens with this kind are always instances of ParameterToken. +| 29 = @pipe // The pipe operator '|'. +| 40 = @plus // The addition operator '+'. +| 43 = @plusEquals // The addition assignment operator '+='. +| 32 = @plusPlus // The pre-increment operator '++'. +| 96 = @postfixMinusMinus // The post-decrement operator '--'. +| 95 = @postfixPlusPlus // The post-increment operator '++'. +| 158 = @private // The 'private' keyword +| 141 = @process // The 'process' keyword. +| 157 = @public // The 'public' keyword +| 103 = @questionDot // The null conditional member access operator '?.'. +| 104 = @questionLBracket // The null conditional index access operator '?[]'. +| 100 = @questionMark // The ternary operator '?'. +| 102 = @questionQuestion // The null coalesce operator '??'. +| 101 = @questionQuestionEquals // The null conditional assignment operator '??='. +| 21 = @rBracket // The closing square brace token ']'. +| 19 = @rCurly // The closing curly brace token '}'. +| 49 = @redirectInStd // The (unimplemented) stdin redirection operator '<'. +| 48 = @redirection_token // A redirection operator such as '2>&1' or '>>'. +| 39 = @rem // The modulo division (remainder) operator '%'. +| 47 = @remainderEquals // The modulo division (remainder) assignment operator '%='. +| 142 = @return // The 'return' keyword. +| 17 = @rParen // The closing parenthesis token ')'. +| 25 = @semi // The statement terminator ';'. +| 153 = @sequence // The 'sequence' keyword. +| 97 = @shl // The shift left operator. +| 98 = @shr // The shift right operator. +| 2 = @splattedVariable // A splatted variable token, always begins with '@' and followed by the variable name. Tokens with this kind are always instances of VariableToken. +| 159 = @static // The 'static' keyword +| 13 = @stringExpandable // A double quoted string literal. Tokens with this kind are always instances of StringExpandableToken even if there are no nested tokens to expand. +| 12 = @stringLiteral_token // A single quoted string literal. Tokens with this kind are always instances of StringLiteralToken. +| 143 = @switch // The 'switch' keyword. +| 144 = @throw // The 'throw' keyword. +| 145 = @trap // The 'trap' keyword. +| 146 = @try // The 'try' keyword. +| 164 = @type // The 'type' keyword +| 0 = @unknown // An unknown token, signifies an error condition. +| 147 = @until // The 'until' keyword. +| 148 = @using // The (unimplemented) 'using' keyword. +| 149 = @var // The (unimplemented) 'var' keyword. +| 1 = @variable // A variable token, always begins with '$' and followed by the variable name, possibly enclose in curly braces. Tokens with this kind are always instances of VariableToken. +| 150 = @while // The 'while' keyword. +| 151 = @workflow // The 'workflow' keyword. +| 55 = @xor; // The logical exclusive or operator '-xor'. \ No newline at end of file diff --git a/powershell/ql/lib/upgrades/ce269c61feda10a8ca0d16519085f7e55741a694/upgrade.properties b/powershell/ql/lib/upgrades/ce269c61feda10a8ca0d16519085f7e55741a694/upgrade.properties new file mode 100644 index 00000000000..ca91630fb22 --- /dev/null +++ b/powershell/ql/lib/upgrades/ce269c61feda10a8ca0d16519085f7e55741a694/upgrade.properties @@ -0,0 +1,2 @@ +description: Unknown changes +compatibility: partial From 4518f18b9faeeb4e1fc2ee6c7cd3027f4d033b97 Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Fri, 18 Apr 2025 12:41:13 +0100 Subject: [PATCH 11/17] PS: Delete a cycle in the upgrade script. --- .../old.dbscheme | 1652 ----------------- .../semmlecode.powershell.dbscheme | 1648 ---------------- .../upgrade.properties | 3 - 3 files changed, 3303 deletions(-) delete mode 100644 powershell/ql/lib/upgrades/c5191f89a6e3e8cea428b5c7326a06e335738533/old.dbscheme delete mode 100644 powershell/ql/lib/upgrades/c5191f89a6e3e8cea428b5c7326a06e335738533/semmlecode.powershell.dbscheme delete mode 100644 powershell/ql/lib/upgrades/c5191f89a6e3e8cea428b5c7326a06e335738533/upgrade.properties diff --git a/powershell/ql/lib/upgrades/c5191f89a6e3e8cea428b5c7326a06e335738533/old.dbscheme b/powershell/ql/lib/upgrades/c5191f89a6e3e8cea428b5c7326a06e335738533/old.dbscheme deleted file mode 100644 index c5191f89a6e..00000000000 --- a/powershell/ql/lib/upgrades/c5191f89a6e3e8cea428b5c7326a06e335738533/old.dbscheme +++ /dev/null @@ -1,1652 +0,0 @@ -/* Mandatory */ -sourceLocationPrefix( - varchar(900) prefix: string ref -); - -/* Entity Locations */ -@location = @location_default; - -locations_default( - unique int id: @location_default, - int file: @file ref, - int beginLine: int ref, - int beginColumn: int ref, - int endLine: int ref, - int endColumn: int ref -); - -/* File Metadata */ - -numlines( - unique int element_id: @file ref, - int num_lines: int ref, - int num_code: int ref, - int num_comment: int ref -); - -files( - unique int id: @file, - varchar(900) name: string ref -); - -folders( - unique int id: @folder, - varchar(900) name: string ref -); - -@container = @folder | @file; - -containerparent( - int parent: @container ref, - unique int child: @container ref -); - -is_in_psmodule_path( - int file: @file ref -); - -/* Comments */ -comment_entity( - unique int id: @comment_entity, - int text: @string_literal ref -); - -comment_entity_location( - unique int id: @comment_entity ref, - int loc: @location ref -); - -/* Messages */ -extractor_messages( - unique int id: @extractor_message, - int severity: int ref, - string origin : string ref, - string text : string ref, - string entity : string ref, - int location: @location_default ref, - string stack_trace : string ref -); - -parent( - int child: @ast ref, - int parent: @ast ref -); - -/* AST Nodes */ -// This is all the kinds of nodes that can inherit from Ast -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.ast?view=powershellsdk-7.3.0 -@ast = @not_implemented | @attribute_base | @catch_clause | @command_element | -@member | @named_block | @param_block | @parameter | @redirection | @script_block | @statement | @statement_block | @named_attribute_argument; -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.attributebaseast?view=powershellsdk-7.2.0 -@attribute_base = @attribute | @type_constraint; - -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.memberast?view=powershellsdk-7.3.0 -@member = @function_member | @property_member; - -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.commandbaseast?view=powershellsdk-7.3.0 -@command_base = @command | @command_expression; -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.chainableast?view=powershellsdk-7.3.0 -@chainable = @command_base | @pipeline | @pipeline_chain; -//https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.pipelinebaseast?view=powershellsdk-7.3.0 -@pipeline_base = @chainable | @error_statement | @assignment_statement; -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.statementast?view=powershellsdk-7.3.0 -@statement = @block_statement -| @break_statement -| @command_base -| @configuration_definition -| @continue_statement -| @data_statement -| @dynamic_keyword_statement -| @exit_statement -| @function_definition -| @if_statement -| @labeled_statement -| @pipeline_base -| @return_statement -| @throw_statement -| @trap_statement -| @try_statement -| @type_definition -| @using_statement; - -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.loopstatementast?view=powershellsdk-7.3.0 -@loop_statement = @do_until_statement | @do_while_statement | @foreach_statement | @for_statement | @while_statement; -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.labeledstatementast?view=powershellsdk-7.3.0 -@labeled_statement = @loop_statement | @switch_statement; - -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.attributedexpressionast?view=powershellsdk-7.3.0 -@attributed_expression_ast = @attributed_expression | @convert_expression; - -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.memberexpressionast?view=powershellsdk-7.3.0 -@member_expression_base = @member_expression | @invoke_member_expression; // | @base_ctor_invoke_member_expression - -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.expressionast?view=powershellsdk-7.3.0 -@expression = @array_expression -| @array_literal -| @attributed_expression_ast -| @binary_expression -| @error_expression -| @expandable_string_expression -| @hash_table -| @index_expression -| @member_expression_base -| @paren_expression -| @script_block_expression -| @sub_expression -| @ternary_expression -| @type_expression -| @unary_expression -| @using_expression -| @variable_expression -| @base_constant_expression; - -// Constant expression can both be instanced and extended by string constant expression -@base_constant_expression = @constant_expression | @string_constant_expression; - -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.commandelementast?view=powershellsdk-7.3.0 -@command_element = @expression | @command_parameter; - -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.redirectionast?view=powershellsdk-7.3.0 -@redirection = @file_redirection | @merging_redirection; - -/** -Entries in this table indicate visited C# powershell ast objects which don't have parsing implemented yet. - -You can obtain the Type of the C# AST objects which don't yet have an associated entity to parse them - using this QL query on an extracted db: - -from string s -where not_implemented(_, s) -select s -*/ -not_implemented( - unique int id: @not_implemented, - string name: string ref -); - -not_implemented_location( - int id: @not_implemented ref, - int loc: @location ref -); - -// ArrayExpressionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.arrayexpressionast?view=powershellsdk-7.3.0 -array_expression( - unique int id: @array_expression, - int subExpression: @statement_block ref -) - -array_expression_location( - int id: @array_expression ref, - int loc: @location ref -) - -// ArrayLiteralAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.arrayliteralast?view=powershellsdk-7.3.0 -array_literal( - unique int id: @array_literal -) - -array_literal_location( - int id: @array_literal ref, - int loc: @location ref -) - -array_literal_element( - int id: @array_literal ref, - int index: int ref, - int component: @expression ref -) - -// AssignmentStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.assignmentstatementast?view=powershellsdk-7.3.0 -// https://github.com/PowerShell/PowerShell/blob/48c9d683565ed9402430a27e09410d56d52d4bfd/src/System.Management.Automation/engine/parser/Compiler.cs#L983-L989 -assignment_statement( - unique int id: @assignment_statement, - int kind: int ref, // @token_kind ref - int left: @expression ref, - int right: @statement ref -) - -assignment_statement_location( - int id: @assignment_statement ref, - int loc: @location ref -) - -// NamedBlockAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.namedblockast?view=powershellsdk-7.3.0 -named_block( - unique int id: @named_block, - int numStatements: int ref, - int numTraps: int ref -) - -named_block_statement( - int id: @named_block ref, - int index: int ref, - int statement: @statement ref -) - -named_block_trap( - int id: @named_block ref, - int index: int ref, - int trap: @trap_statement ref -) - -named_block_location( - int id: @named_block ref, - int loc: @location ref -) - -// ScriptBlockAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.scriptblockast?view=powershellsdk-7.3.0 -script_block( - unique int id: @script_block, - int numUsings: int ref, - int numRequiredModules: int ref, - int numRequiredAssemblies: int ref, - int numRequiredPsEditions: int ref, - int numRequiredPsSnapins: int ref -) - -script_block_param_block( - int id: @script_block ref, - int the_param_block: @param_block ref -) - -script_block_begin_block( - int id: @script_block ref, - int begin_block: @named_block ref -) - -script_block_clean_block( - int id: @script_block ref, - int clean_block: @named_block ref -) - -script_block_dynamic_param_block( - int id: @script_block ref, - int dynamic_param_block: @named_block ref -) - -script_block_end_block( - int id: @script_block ref, - int end_block: @named_block ref -) - -script_block_process_block( - int id: @script_block ref, - int process_block: @named_block ref -) - -script_block_using( - int id: @script_block ref, - int index: int ref, - int using: @ast ref -) - -script_block_required_application_id( - int id: @script_block ref, - string application_id: string ref -) - -script_block_requires_elevation( - int id: @script_block ref, - boolean requires_elevation: boolean ref -) - -script_block_required_ps_version( - int id: @script_block ref, - string required_ps_version: string ref -) - -script_block_required_module( - int id: @script_block ref, - int index: int ref, - int required_module: @module_specification ref -) - -script_block_required_assembly( - int id: @script_block ref, - int index: int ref, - string required_assembly: string ref -) - -script_block_required_ps_edition( - int id: @script_block ref, - int index: int ref, - string required_ps_edition: string ref -) - -script_block_requires_ps_snapin( - int id: @script_block ref, - int index: int ref, - string name: string ref, - string version: string ref -) - -script_block_location( - int id: @script_block ref, - int loc: @location ref -) - -// ModuleSpecification -// https://learn.microsoft.com/en-us/dotnet/api/microsoft.powershell.commands.modulespecification?view=powershellsdk-7.3.0 -module_specification( - unique int id: @module_specification, - string name: string ref, - string guid: string ref, - string maxVersion: string ref, - string requiredVersion: string ref, - string version: string ref -) - -// BinaryExpressionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.binaryexpressionast?view=powershellsdk-7.3.0 -// https://github.com/PowerShell/PowerShell/blob/48c9d683565ed9402430a27e09410d56d52d4bfd/src/System.Management.Automation/engine/parser/Compiler.cs#L5675-L5947 -binary_expression( - unique int id: @binary_expression, - int kind: int ref, // @token_kind ref - int left: @expression ref, - int right: @expression ref -) - -// @binary_expression_kind = @And | @Is | @IsNot | @As | @DotDot | @Multiply | @Divide | @Rem | @Plus | @Minus | @Format | @Xor | @Shl | @Shr | @Band | @Bor | @Bxor | @Join | @Ieq | @Ine | @Ige | @Igt | @Ilt | @Ile | @Ilike | @Inotlike | @Inotmatch | @Imatch | @Ireplace | @Inotcontains | @Icontains | @Iin | @Inotin | @Isplit | @Ceq | @Cge | @Cgt | @Clt | @Cle | @Clike | @Cnotlike | @Cnotmatch | @Cmatch | @Ccontains | @Creplace | @Cin | @Cnotin | @Csplit | @QuestionQuestion; - -binary_expression_location( - int id: @binary_expression ref, - int loc: @location ref -) - -// ConstantExpressionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.constantexpressionast?view=powershellsdk-7.3.0 -constant_expression( - unique int id: @constant_expression, - string staticType: string ref -) - -constant_expression_value( - int id: @constant_expression ref, - int value: @string_literal ref -) - -constant_expression_location( - int id: @constant_expression ref, - int loc: @location ref -) - -// ConvertExpressionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.convertexpressionast?view=powershellsdk-7.3.0 -convert_expression( - unique int id: @convert_expression, - int the_attribute: @ast ref, - int child: @ast ref, - int object_type: @ast ref, - string staticType: string ref -) - -convert_expression_location( - int id: @convert_expression ref, - int loc: @location ref -) - -// IndexExpressionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.indexexpressionast?view=powershellsdk-7.3.0 -index_expression( - unique int id: @index_expression, - int index: @ast ref, - int target: @ast ref, - boolean nullConditional: boolean ref -) - -index_expression_location( - int id: @index_expression ref, - int loc: @location ref -) - -// IfStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.ifstatementast?view=powershellsdk-7.3.0 -if_statement( - unique int id: @if_statement -) - -if_statement_clause( - int id: @if_statement ref, - int index: int ref, - int item1: @pipeline_base ref, - int item2: @statement_block ref -) - -if_statement_else( - int id: @if_statement ref, - int elseItem: @statement_block ref -) - -if_statement_location( - int id: @if_statement ref, - int loc: @location ref -) - -// MemberExpressionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.memberexpressionast?view=powershellsdk-7.3.0 -member_expression( - unique int id: @member_expression, - int expression: @ast ref, - int member: @ast ref, - boolean nullConditional: boolean ref, - boolean isStatic: boolean ref -) - -member_expression_location( - int id: @member_expression ref, - int loc: @location ref -) - -// StatementBlockAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.statementblockast?view=powershellsdk-7.3.0 -statement_block( - unique int id: @statement_block, - int numStatements: int ref, - int numTraps : int ref -) - -statement_block_location( - int id: @statement_block ref, - int loc: @location ref -) - -statement_block_statement( - int id: @statement_block ref, - int index: int ref, - int statement: @statement ref -) - -statement_block_trap( - int id: @statement_block ref, - int index: int ref, - int trap: @trap_statement ref -) - -// SubExpressionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.subexpressionast?view=powershellsdk-7.3.0 -sub_expression( - unique int id: @sub_expression, - int subExpression: @statement_block ref -) - -sub_expression_location( - int id: @sub_expression ref, - int loc: @location ref -) - -// VariableExpressionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.variableexpressionast?view=powershellsdk-7.3.0 -variable_expression( - unique int id: @variable_expression, - string userPath: string ref, - string driveName: string ref, - boolean isConstant: boolean ref, - boolean isGlobal: boolean ref, - boolean isLocal: boolean ref, - boolean isPrivate: boolean ref, - boolean isScript: boolean ref, - boolean isUnqualified: boolean ref, - boolean isUnscoped: boolean ref, - boolean isVariable: boolean ref, - boolean isDriveQualified: boolean ref -) - -variable_expression_location( - int id: @variable_expression ref, - int loc: @location ref -) - -// CommandExpressionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.commandexpressionast?view=powershellsdk-7.3.0 -command_expression( - unique int id: @command_expression, - int wrapped: @expression ref, - int numRedirections: int ref -) - -command_expression_location( - int id: @command_expression ref, - int loc: @location ref -) - -command_expression_redirection( - int id: @command_expression ref, - int index: int ref, - int redirection: @redirection ref -) - -// StringConstantExpressionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.stringconstantexpressionast?view=powershellsdk-7.3.0 -string_constant_expression( - unique int id: @string_constant_expression, - int value: @string_literal ref -) - -string_constant_expression_location( - int id: @string_constant_expression ref, - int loc: @location ref -) - -// PipelineAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.pipelineast?view=powershellsdk-7.3.0 -pipeline( - unique int id: @pipeline, - int numComponents: int ref -) - -pipeline_location( - int id: @pipeline ref, - int loc: @location ref -) - -pipeline_component( - int id: @pipeline ref, - int index: int ref, - int component: @command_base ref -) - -// CommandAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.commandast?view=powershellsdk-7.3.0 -command( - unique int id: @command, - string name: string ref, - int kind: int ref, // @token_kind ref - int numElements: int ref, - int numRedirections: int ref -) - -command_location( - int id: @command ref, - int loc: @location ref -) - -command_command_element( - int id: @command ref, - int index: int ref, - int component: @command_element ref -) - -command_redirection( - int id: @command ref, - int index: int ref, - int redirection: @redirection ref -) - -// InvokeMemberExpressionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.invokememberexpressionast?view=powershellsdk-7.3.0 -invoke_member_expression( - unique int id: @invoke_member_expression, - int expression: @expression ref, - int member: @command_element ref -) - -invoke_member_expression_location( - int id: @invoke_member_expression ref, - int loc: @location ref -) - -invoke_member_expression_argument( - int id: @invoke_member_expression ref, - int index: int ref, - int argument: @expression ref -) - -// ParenExpressionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.parenexpressionast?view=powershellsdk-7.3.0 -paren_expression( - unique int id: @paren_expression, - int expression: @pipeline_base ref -) - -paren_expression_location( - int id: @paren_expression ref, - int loc: @location ref -) - - -// TernaryStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.ternaryexpressionast?view=powershellsdk-7.3.0 -ternary_expression( - unique int id: @ternary_expression, - int condition: @expression ref, - int ifFalse: @expression ref, - int iftrue: @expression ref -) - -ternary_expression_location( - int id: @ternary_expression ref, - int loc: @location ref -) - -// ExitStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.exitstatementast?view=powershellsdk-7.3.0 -exit_statement( - unique int id: @exit_statement -) - -exit_statement_pipeline( - int id: @exit_statement ref, - int expression: @pipeline_base ref -) - -exit_statement_location( - int id: @exit_statement ref, - int loc: @location ref -) - - -// TypeExpressionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.typeexpressionast?view=powershellsdk-7.3.0 -type_expression( - unique int id: @type_expression, - string name: string ref, - string fullName: string ref -) - -type_expression_location( - int id: @type_expression ref, - int loc: @location ref -) - -// CommandParameterAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.commandparameterast?view=powershellsdk-7.3.0 -command_parameter( - unique int id: @command_parameter, - string name: string ref -) - -command_parameter_location( - int id: @command_parameter ref, - int loc: @location ref -) - -command_parameter_argument( - int id: @command_parameter ref, - int argument: @ast ref -) - -// NamedAttributeArgumentAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.namedattributeargumentast?view=powershellsdk-7.3.0 -named_attribute_argument( - unique int id: @named_attribute_argument, - string name: string ref, - int argument: @expression ref -) - -named_attribute_argument_location( - int id: @named_attribute_argument ref, - int loc: @location ref -) - -// AttributeAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.attributeast?view=powershellsdk-7.3.0 -attribute( - unique int id: @attribute, - string name: string ref, - int numNamedArguments: int ref, - int numPositionalArguments: int ref -) - -attribute_named_argument( - int id: @attribute ref, - int index: int ref, - int argument: @named_attribute_argument ref -) - -attribute_positional_argument( - int id: @attribute ref, - int index: int ref, - int argument: @expression ref -) - -attribute_location( - int id: @attribute ref, - int id: @location ref -) - -// ParamBlockAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.paramblockast?view=powershellsdk-7.3.0 -param_block( - unique int id: @param_block, - int numAttributes: int ref, - int numParameters: int ref -) - -param_block_attribute( - int id: @param_block ref, - int index: int ref, - int the_attribute: @attribute ref -) - -param_block_parameter( - int id: @param_block ref, - int index: int ref, - int the_parameter: @parameter ref -) - -param_block_location( - int id: @param_block ref, - int id: @location ref -) - -// ParameterAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.parameterast?view=powershellsdk-7.3.0 -parameter( - unique int id: @parameter, - int name: @variable_expression ref, - string staticType: string ref, - int numAttributes: int ref -) - -parameter_attribute( - int id: @parameter ref, - int index: int ref, - int the_attribute: @attribute_base ref -) - -parameter_location( - int id: @parameter ref, - int loc: @location ref -) - -parameter_default_value( - int id: @parameter ref, - int default_value: @expression ref -) - -// TypeConstraintAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.typeconstraintast?view=powershellsdk-7.3.0 -type_constraint( - unique int id: @type_constraint, - string name: string ref, - string fullName: string ref -) - -type_constraint_location( - int id: @type_constraint ref, - int loc: @location ref -) - -// FunctionDefinitionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.functiondefinitionast?view=powershellsdk-7.3.0 -function_definition( - unique int id: @function_definition, - int body: @script_block ref, - string name: string ref, - boolean isFilter: boolean ref, - boolean isWorkflow: boolean ref -) - -function_definition_parameter( - int id: @function_definition ref, - int index: int ref, - int parameter: @parameter ref -) - -function_definition_location( - int id: @function_definition ref, - int loc: @location ref -) - -// BreakStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.breakstatementast?view=powershellsdk-7.3.0 -break_statement( - unique int id: @break_statement -) - -break_statement_location( - int id: @break_statement ref, - int loc: @location ref -) - -// ContinueStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.continuestatementast?view=powershellsdk-7.3.0 -continue_statement( - unique int id: @continue_statement -) - -continue_statement_location( - int id: @continue_statement ref, - int loc: @location ref -) -@labelled_statement = @continue_statement | @break_statement; - -statement_label( - int id: @labelled_statement ref, - int label: @expression ref -) - -// ReturnStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.returnstatementast?view=powershellsdk-7.3.0 -return_statement( - unique int id: @return_statement -) - -return_statement_pipeline( - int id: @return_statement ref, - int pipeline: @pipeline_base ref -) - -return_statement_location( - int id: @return_statement ref, - int loc: @location ref -) - -// DoWhileStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.dowhilestatementast?view=powershellsdk-7.3.0 -do_while_statement( - unique int id: @do_while_statement, - int body: @statement_block ref -) - -do_while_statement_condition( - int id: @do_while_statement ref, - int condition: @pipeline_base ref -) - -do_while_statement_location( - int id: @do_while_statement ref, - int loc: @location ref -) - -// DoUntilStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.dountilstatementast?view=powershellsdk-7.3.0 -do_until_statement( - unique int id: @do_until_statement, - int body: @statement_block ref -) - -do_until_statement_condition( - int id: @do_until_statement ref, - int condition: @pipeline_base ref -) - -do_until_statement_location( - int id: @do_until_statement ref, - int loc: @location ref -) - -// WhileStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.whilestatementast?view=powershellsdk-7.3.0 -while_statement( - unique int id: @while_statement, - int body: @statement_block ref -) - -while_statement_condition( - int id: @while_statement ref, - int condition: @pipeline_base ref -) - -while_statement_location( - int id: @while_statement ref, - int loc: @location ref -) - -// ForEachStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.foreachstatementast?view=powershellsdk-7.3.0 -foreach_statement( - unique int id: @foreach_statement, - int variable: @variable_expression ref, - int condition: @pipeline_base ref, - int body: @statement_block ref, - int flags: int ref -) - -foreach_statement_location( - int id: @foreach_statement ref, - int loc: @location ref -) - -// ForStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.forstatementast?view=powershellsdk-7.3.0 -for_statement( - unique int id: @for_statement, - int body: @statement_block ref -) - -for_statement_location( - int id: @for_statement ref, - int loc: @location ref -) - -for_statement_condition( - int id: @for_statement ref, - int condition: @pipeline_base ref -) - -for_statement_initializer( - int id: @for_statement ref, - int initializer: @pipeline_base ref -) - -for_statement_iterator( - int id: @for_statement ref, - int iterator: @pipeline_base ref -) - -// ExpandableStringExpressionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.expandablestringexpressionast?view=powershellsdk-7.3.0 -expandable_string_expression( - unique int id: @expandable_string_expression, - int value: @string_literal ref, - int kind: int ref, - int numExpression: int ref -) - -case @expandable_string_expression.kind of - 4 = @BareWord -| 2 = @DoubleQuoted -| 3 = @DoubleQuotedHereString -| 0 = @SingleQuoted -| 1 = @SingleQuotedHereString; - -expandable_string_expression_location( - int id: @expandable_string_expression ref, - int loc: @location ref -) - -expandable_string_expression_nested_expression( - int id: @expandable_string_expression ref, - int index: int ref, - int nestedExression: @expression ref -) - -// StringLiterals -// Contains string literals broken into lines to prevent breaks in the trap from multiline strings -string_literal( - unique int id: @string_literal -) - -string_literal_location( - int id: @string_literal ref, - int loc: @location ref -) - -string_literal_line( - int id: @string_literal ref, - int lineNum: int ref, - string line: string ref -) - -// UnaryExpressionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.unaryexpressionast?view=powershellsdk-7.3.0 -unary_expression( - unique int id: @unary_expression, - int child: @ast ref, - int kind: int ref, - string staticType: string ref -) - -unary_expression_location( - int id: @unary_expression ref, - int loc: @location ref -) - -// CatchClauseAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.catchclauseast?view=powershellsdk-7.3.0 -catch_clause( - unique int id: @catch_clause, - int body: @statement_block ref, - boolean isCatchAll: boolean ref -) - -catch_clause_catch_type( - int id: @catch_clause ref, - int index: int ref, - int catch_type: @type_constraint ref -) - -catch_clause_location( - int id: @catch_clause ref, - int loc: @location ref -) - -// ThrowStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.throwstatementast?view=powershellsdk-7.3.0 -throw_statement( - unique int id: @throw_statement, - boolean isRethrow: boolean ref -) - -throw_statement_location( - int id: @throw_statement ref, - int loc: @location ref -) - -throw_statement_pipeline( - int id: @throw_statement ref, - int pipeline: @ast ref -) - -// TryStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.trystatementast?view=powershellsdk-7.3.0 -try_statement( - unique int id: @try_statement, - int body: @statement_block ref -) - -try_statement_catch_clause( - int id: @try_statement ref, - int index: int ref, - int catch_clause: @catch_clause ref -) - - -try_statement_finally( - int id: @try_statement ref, - int finally: @ast ref -) - -try_statement_location( - int id: @try_statement ref, - int loc: @location ref -) - -// FileRedirectionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.fileredirectionast?view=powershellsdk-7.3.0 -file_redirection( - unique int id: @file_redirection, - int location: @ast ref, - boolean isAppend: boolean ref, - int redirectionType: int ref -) - -case @file_redirection.redirectionType of - 0 = @All -| 1 = @Output -| 2 = @Error -| 3 = @Warning -| 4 = @Verbose -| 5 = @Debug -| 6 = @Information; - -file_redirection_location( - int id: @file_redirection ref, - int loc: @location ref -) - -// BlockStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.blockstatementast?view=powershellsdk-7.3.0 -block_statement( - unique int id: @block_statement, - int body: @ast ref, - int token: @token ref -) - -block_statement_location( - int id: @block_statement ref, - int loc: @location ref -) - -// Token -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.token?view=powershellsdk-7.3.0 -token( - unique int id: @token, - boolean hasError: boolean ref, - int kind: int ref, - string text: string ref, - int tokenFlags: int ref -) - -token_location( - int id: @token ref, - int loc: @location ref -) - -// ConfigurationDefinitionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.configurationdefinitionast?view=powershellsdk-7.3.0 -configuration_definition( - unique int id: @configuration_definition, - int body: @script_block_expression ref, - int configurationType: int ref, - int name: @expression ref -) - -configuration_definition_location( - int id: @configuration_definition ref, - int loc: @location ref -) - -// DataStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.datastatementast?view=powershellsdk-7.3.0 -data_statement( - unique int id: @data_statement, - int body: @statement_block ref -) - -data_statement_variable( - int id: @data_statement ref, - string variable: string ref -) - -data_statement_commands_allowed( - int id: @data_statement ref, - int index: int ref, - int command_allowed: @ast ref -) - -data_statement_location( - int id: @data_statement ref, - int loc: @location ref -) - -// DynamicKeywordStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.dynamickeywordstatementast?view=powershellsdk-7.3.0 -dynamic_keyword_statement( - unique int id: @dynamic_keyword_statement -) - -dynamic_keyword_statement_command_elements( - int id: @dynamic_keyword_statement ref, - int index: int ref, - int element: @command_element ref -) - -dynamic_keyword_statement_location( - int id: @dynamic_keyword_statement ref, - int loc: @location ref -) - -// ErrorExpressionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.errorexpressionast?view=powershellsdk-7.3.0 -error_expression( - unique int id: @error_expression -) - -error_expression_nested_ast( - int id: @error_expression ref, - int index: int ref, - int nested_ast: @ast ref -) - -error_expression_location( - int id: @error_expression ref, - int loc: @location ref -) - -// ErrorStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.errorstatementast?view=powershellsdk-7.3.0 -error_statement( - unique int id: @error_statement, - int token: @token ref -) - -error_statement_location( - int id: @error_statement ref, - int loc: @location ref -) - -error_statement_nested_ast( - int id: @error_statement ref, - int index: int ref, - int nested_ast: @ast ref -) - -error_statement_conditions( - int id: @error_statement ref, - int index: int ref, - int condition: @ast ref -) - -error_statement_bodies( - int id: @error_statement ref, - int index: int ref, - int body: @ast ref -) - -error_statement_flag( - int id: @error_statement ref, - int index: int ref, - int k: string ref, // The key - int token: @token ref, // These two form a tuple of the value - int ast: @ast ref -) - -// FunctionMemberAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.functionmemberast?view=powershellsdk-7.3.0 -function_member( - unique int id: @function_member, - int body: @ast ref, - boolean isConstructor: boolean ref, - boolean isHidden: boolean ref, - boolean isPrivate: boolean ref, - boolean isPublic: boolean ref, - boolean isStatic: boolean ref, - string name: string ref, - int methodAttributes: int ref -) - -function_member_location( - int id: @function_member ref, - int loc: @location ref -) - -function_member_parameter( - int id: @function_member ref, - int index: int ref, - int parameter: @ast ref -) - -function_member_attribute( - int id: @function_member ref, - int index: int ref, - int attribute: @ast ref -) - -function_member_return_type( - int id: @function_member ref, - int return_type: @type_constraint ref -) - -// MergingRedirectionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.mergingredirectionast?view=powershellsdk-7.3.0 -merging_redirection( - unique int id: @merging_redirection, - int from: int ref, - int to: int ref -) - -merging_redirection_location( - int id: @merging_redirection ref, - int loc: @location ref -) - - -label( - int id: @labeled_statement ref, - string label: string ref -) - -// TrapStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.trapstatementast?view=powershellsdk-7.3.0 -trap_statement( - unique int id: @trap_statement, - int body: @ast ref -) - -trap_statement_type( - int id: @trap_statement ref, - int trap_type: @type_constraint ref -) - -trap_statement_location( - int id: @trap_statement ref, - int loc: @location ref -) - -// PipelineChainAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.pipelinechainast?view=powershellsdk-7.3.0 -pipeline_chain( - unique int id: @pipeline_chain, - boolean isBackground: boolean ref, - int kind: int ref, - int left: @ast ref, - int right: @ast ref -) - -pipeline_chain_location( - int id: @pipeline_chain ref, - int loc: @location ref -) - -// PropertyMemberAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.propertymemberast?view=powershellsdk-7.3.0 -property_member( - unique int id: @property_member, - boolean isHidden: boolean ref, - boolean isPrivate: boolean ref, - boolean isPublic: boolean ref, - boolean isStatic: boolean ref, - string name: string ref, - int methodAttributes: int ref -) - -property_member_attribute( - int id: @property_member ref, - int index: int ref, - int attribute: @ast ref -) - -property_member_property_type( - int id: @property_member ref, - int property_type: @type_constraint ref -) - -property_member_initial_value( - int id: @property_member ref, - int initial_value: @ast ref -) - -property_member_location( - int id: @property_member ref, - int loc: @location ref -) - -// ScriptBlockExpressionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.scriptblockexpressionast?view=powershellsdk-7.3.0 -script_block_expression( - unique int id: @script_block_expression, - int body: @script_block ref -) - -script_block_expression_location( - int id: @script_block_expression ref, - int loc: @location ref -) - -// SwitchStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.switchstatementast?view=powershellsdk-7.3.0 -switch_statement( - unique int id: @switch_statement, - int condition: @ast ref, - int flags: int ref -) - -switch_statement_clauses( - int id: @switch_statement ref, - int index: int ref, - int expression: @ast ref, - int statementBlock: @ast ref -) - -switch_statement_location( - int id: @switch_statement ref, - int loc: @location ref -) - -switch_statement_default( - int id: @switch_statement ref, - int default: @ast ref -) - -// TypeDefinitionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.typedefinitionast?view=powershellsdk-7.3.0 -type_definition( - unique int id: @type_definition, - string name: string ref, - int flags: int ref, - boolean isClass: boolean ref, - boolean isEnum: boolean ref, - boolean isInterface: boolean ref -) - -type_definition_attributes( - int id: @type_definition ref, - int index: int ref, - int attribute: @ast ref -) - -type_definition_members( - int id: @type_definition ref, - int index: int ref, - int member: @ast ref -) - -type_definition_location( - int id: @type_definition ref, - int loc: @location ref -) - -type_definition_base_type( - int id: @type_definition ref, - int index: int ref, - int base_type: @type_constraint ref -) - -// UsingExpressionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.usingexpressionast?view=powershellsdk-7.3.0 -using_expression( - unique int id: @using_expression, - int subExpression: @ast ref -) - -using_expression_location( - int id: @using_expression ref, - int loc: @location ref -) - -// UsingStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.usingstatementast?view=powershellsdk-7.3.0 -using_statement( - unique int id: @using_statement, - int kind: int ref -) - -using_statement_location( - int id: @using_statement ref, - int loc: @location ref -) - -using_statement_alias( - int id: @using_statement ref, - int alias: @ast ref -) - -using_statement_module_specification( - int id: @using_statement ref, - int module_specification: @ast ref -) - -using_statement_name( - int id: @using_statement ref, - int name: @ast ref -) - -// HashTableAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.hashtableast?view=powershellsdk-7.3.0 -hash_table( - unique int id: @hash_table -) - -hash_table_location( - int id: @hash_table ref, - int loc: @location ref -) - -hash_table_key_value_pairs( - int id: @hash_table ref, - int index: int ref, - int k: @ast ref, - int v: @ast ref -) - -// AttributedExpressionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.attributedexpressionast?view=powershellsdk-7.3.0 -attributed_expression( - unique int id: @attributed_expression, - int attribute: @ast ref, - int expression: @ast ref -) - -attributed_expression_location( - int id: @attributed_expression ref, - int loc: @location ref -) - -// TokenKind -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.tokenkind?view=powershellsdk-7.3.0 -token_kind_reference( - unique int id: @token_kind_reference, - string name: string ref, - int kind: int ref -) - -@token_kind = @ampersand | @and | @andAnd | @as | @assembly | @atCurly | @atParen | @band | @base | @begin | @bnot | @bor | @break -| @bxor | @catch | @ccontains | @ceq | @cge | @cgt | @cin | @class | @cle | @clean | @clike | @clt | @cmatch | @cne | @cnotcontains -| @cnotin | @cnotlike | @cnotmatch | @colon | @colonColon | @comma | @command_token | @comment | @configuration | @continue | @creplace -| @csplit | @data | @default | @define | @divide | @divideEquals | @do | @dollarParen | @dot | @dotDot | @dynamicKeyword | @dynamicparam -| @else | @elseIf | @end | @endOfInput | @enum | @equals | @exclaim | @exit | @filter | @finally | @for | @foreach | @format | @from -| @function | @generic | @hereStringExpandable | @hereStringLiteral | @hidden | @icontains | @identifier | @ieq | @if | @ige | @igt -| @iin | @ile | @ilike | @ilt | @imatch | @in | @ine | @inlineScript | @inotcontains | @inotin | @inotlike | @inotmatch | @interface -| @ireplace | @is | @isNot | @isplit | @join | @label | @lBracket | @lCurly | @lineContinuation | @lParen | @minus | @minusEquals -| @minusMinus | @module | @multiply | @multiplyEquals | @namespace | @newLine | @not | @number | @or | @orOr | @parallel | @param -| @parameter_token | @pipe | @plus | @plusEquals | @plusPlus | @postfixMinusMinus | @postfixPlusPlus | @private | @process | @public -| @questionDot | @questionLBracket | @questionMark | @questionQuestion | @questionQuestionEquals | @rBracket | @rCurly | @redirectInStd -| @redirection_token | @rem | @remainderEquals | @return | @rParen | @semi | @sequence | @shl | @shr | @splattedVariable | @static -| @stringExpandable | @stringLiteral_token | @switch | @throw | @trap | @try | @type | @unknown | @until | @using | @var | @variable -| @while | @workflow | @xor; - -case @token_kind_reference.kind of -28 = @ampersand // The invocation operator '&'. -| 53 = @and // The logical and operator '-and'. -| 26 = @andAnd // The (unimplemented) operator '&&'. -| 94 = @as // The type conversion operator '-as'. -| 165 = @assembly // The 'assembly' keyword -| 23 = @atCurly // The opening token of a hash expression '@{'. -| 22 = @atParen // The opening token of an array expression '@('. -| 56 = @band // The bitwise and operator '-band'. -| 168 = @base // The 'base' keyword -| 119 = @begin // The 'begin' keyword. -| 52 = @bnot // The bitwise not operator '-bnot'. -| 57 = @bor // The bitwise or operator '-bor'. -| 120 = @break // The 'break' keyword. -| 58 = @bxor // The bitwise exclusive or operator '-xor'. -| 121 = @catch // The 'catch' keyword. -| 87 = @ccontains // The case sensitive contains operator '-ccontains'. -| 76 = @ceq // The case sensitive equal operator '-ceq'. -| 78 = @cge // The case sensitive greater than or equal operator '-cge'. -| 79 = @cgt // The case sensitive greater than operator '-cgt'. -| 89 = @cin // The case sensitive in operator '-cin'. -| 122 = @class // The 'class' keyword. -| 81 = @cle // The case sensitive less than or equal operator '-cle'. -| 170 = @clean // The 'clean' keyword. -| 82 = @clike // The case sensitive like operator '-clike'. -| 80 = @clt // The case sensitive less than operator '-clt'. -| 84 = @cmatch // The case sensitive match operator '-cmatch'. -| 77 = @cne // The case sensitive not equal operator '-cne'. -| 88 = @cnotcontains // The case sensitive not contains operator '-cnotcontains'. -| 90 = @cnotin // The case sensitive not in operator '-notin'. -| 83 = @cnotlike // The case sensitive notlike operator '-cnotlike'. -| 85 = @cnotmatch // The case sensitive not match operator '-cnotmatch'. -| 99 = @colon // The PS class base class and implemented interfaces operator ':'. Also used in base class ctor calls. -| 34 = @colonColon // The static member access operator '::'. -| 30 = @comma // The unary or binary array operator ','. -| 166 = @command_token // The 'command' keyword -| 10 = @comment // A single line comment, or a delimited comment. -| 155 = @configuration // The "configuration" keyword -| 123 = @continue // The 'continue' keyword. -| 86 = @creplace // The case sensitive replace operator '-creplace'. -| 91 = @csplit // The case sensitive split operator '-csplit'. -| 124 = @data // The 'data' keyword. -| 169 = @default // The 'default' keyword -| 125 = @define // The (unimplemented) 'define' keyword. -| 38 = @divide // The division operator '/'. -| 46 = @divideEquals // The division assignment operator '/='. -| 126 = @do // The 'do' keyword. -| 24 = @dollarParen // The opening token of a sub-expression '$('. -| 35 = @dot // The instance member access or dot source invocation operator '.'. -| 33 = @dotDot // The range operator '..'. -| 156 = @dynamicKeyword // The token kind for dynamic keywords -| 127 = @dynamicparam // The 'dynamicparam' keyword. -| 128 = @else // The 'else' keyword. -| 129 = @elseIf // The 'elseif' keyword. -| 130 = @end // The 'end' keyword. -| 11 = @endOfInput // Marks the end of the input script or file. -| 161 = @enum // The 'enum' keyword -| 42 = @equals // The assignment operator '='. -| 36 = @exclaim // The logical not operator '!'. -| 131 = @exit // The 'exit' keyword. -| 132 = @filter // The 'filter' keyword. -| 133 = @finally // The 'finally' keyword. -| 134 = @for // The 'for' keyword. -| 135 = @foreach // The 'foreach' keyword. -| 50 = @format // The string format operator '-f'. -| 136 = @from // The (unimplemented) 'from' keyword. -| 137 = @function // The 'function' keyword. -| 7 = @generic // A token that is only valid as a command name, command argument, function name, or configuration name. It may contain characters not allowed in identifiers. Tokens with this kind are always instances of StringLiteralToken or StringExpandableToken if the token contains variable references or subexpressions. -| 15 = @hereStringExpandable // A double quoted here string literal. Tokens with this kind are always instances of StringExpandableToken. even if there are no nested tokens to expand. -| 14 = @hereStringLiteral // A single quoted here string literal. Tokens with this kind are always instances of StringLiteralToken. -| 167 = @hidden // The 'hidden' keyword -| 71 = @icontains // The case insensitive contains operator '-icontains' or '-contains'. -| 6 = @identifier // A simple identifier, always begins with a letter or '', and is followed by letters, numbers, or ''. -| 60 = @ieq // The case insensitive equal operator '-ieq' or '-eq'. -| 138 = @if // The 'if' keyword. -| 62 = @ige // The case insensitive greater than or equal operator '-ige' or '-ge'. -| 63 = @igt // The case insensitive greater than operator '-igt' or '-gt'. -| 73 = @iin // The case insensitive in operator '-iin' or '-in'. -| 65 = @ile // The case insensitive less than or equal operator '-ile' or '-le'. -| 66 = @ilike // The case insensitive like operator '-ilike' or '-like'. -| 64 = @ilt // The case insensitive less than operator '-ilt' or '-lt'. -| 68 = @imatch // The case insensitive match operator '-imatch' or '-match'. -| 139 = @in // The 'in' keyword. -| 61 = @ine // The case insensitive not equal operator '-ine' or '-ne'. -| 154 = @inlineScript // The 'InlineScript' keyword -| 72 = @inotcontains // The case insensitive notcontains operator '-inotcontains' or '-notcontains'. -| 74 = @inotin // The case insensitive notin operator '-inotin' or '-notin' -| 67 = @inotlike // The case insensitive not like operator '-inotlike' or '-notlike'. -| 69 = @inotmatch // The case insensitive not match operator '-inotmatch' or '-notmatch'. -| 160 = @interface // The 'interface' keyword -| 70 = @ireplace // The case insensitive replace operator '-ireplace' or '-replace'. -| 92 = @is // The type test operator '-is'. -| 93 = @isNot // The type test operator '-isnot'. -| 75 = @isplit // The case insensitive split operator '-isplit' or '-split'. -| 59 = @join // The join operator '-join'. -| 5 = @label // A label token - always begins with ':', followed by the label name. Tokens with this kind are always instances of LabelToken. -| 20 = @lBracket // The opening square brace token '['. -| 18 = @lCurly // The opening curly brace token '{'. -| 9 = @lineContinuation // A line continuation (backtick followed by newline). -| 16 = @lParen // The opening parenthesis token '('. -| 41 = @minus // The substraction operator '-'. -| 44 = @minusEquals // The subtraction assignment operator '-='. -| 31 = @minusMinus // The pre-decrement operator '--'. -| 163 = @module // The 'module' keyword -| 37 = @multiply // The multiplication operator '*'. -| 45 = @multiplyEquals // The multiplication assignment operator '*='. -| 162 = @namespace // The 'namespace' keyword -| 8 = @newLine // A newline (one of '\n', '\r', or '\r\n'). -| 51 = @not // The logical not operator '-not'. -| 4 = @number // Any numerical literal token. Tokens with this kind are always instances of NumberToken. -| 54 = @or // The logical or operator '-or'. -| 27 = @orOr // The (unimplemented) operator '||'. -| 152 = @parallel // The 'parallel' keyword. -| 140 = @param // The 'param' keyword. -| 3 = @parameter_token // A parameter to a command, always begins with a dash ('-'), followed by the parameter name. Tokens with this kind are always instances of ParameterToken. -| 29 = @pipe // The pipe operator '|'. -| 40 = @plus // The addition operator '+'. -| 43 = @plusEquals // The addition assignment operator '+='. -| 32 = @plusPlus // The pre-increment operator '++'. -| 96 = @postfixMinusMinus // The post-decrement operator '--'. -| 95 = @postfixPlusPlus // The post-increment operator '++'. -| 158 = @private // The 'private' keyword -| 141 = @process // The 'process' keyword. -| 157 = @public // The 'public' keyword -| 103 = @questionDot // The null conditional member access operator '?.'. -| 104 = @questionLBracket // The null conditional index access operator '?[]'. -| 100 = @questionMark // The ternary operator '?'. -| 102 = @questionQuestion // The null coalesce operator '??'. -| 101 = @questionQuestionEquals // The null conditional assignment operator '??='. -| 21 = @rBracket // The closing square brace token ']'. -| 19 = @rCurly // The closing curly brace token '}'. -| 49 = @redirectInStd // The (unimplemented) stdin redirection operator '<'. -| 48 = @redirection_token // A redirection operator such as '2>&1' or '>>'. -| 39 = @rem // The modulo division (remainder) operator '%'. -| 47 = @remainderEquals // The modulo division (remainder) assignment operator '%='. -| 142 = @return // The 'return' keyword. -| 17 = @rParen // The closing parenthesis token ')'. -| 25 = @semi // The statement terminator ';'. -| 153 = @sequence // The 'sequence' keyword. -| 97 = @shl // The shift left operator. -| 98 = @shr // The shift right operator. -| 2 = @splattedVariable // A splatted variable token, always begins with '@' and followed by the variable name. Tokens with this kind are always instances of VariableToken. -| 159 = @static // The 'static' keyword -| 13 = @stringExpandable // A double quoted string literal. Tokens with this kind are always instances of StringExpandableToken even if there are no nested tokens to expand. -| 12 = @stringLiteral_token // A single quoted string literal. Tokens with this kind are always instances of StringLiteralToken. -| 143 = @switch // The 'switch' keyword. -| 144 = @throw // The 'throw' keyword. -| 145 = @trap // The 'trap' keyword. -| 146 = @try // The 'try' keyword. -| 164 = @type // The 'type' keyword -| 0 = @unknown // An unknown token, signifies an error condition. -| 147 = @until // The 'until' keyword. -| 148 = @using // The (unimplemented) 'using' keyword. -| 149 = @var // The (unimplemented) 'var' keyword. -| 1 = @variable // A variable token, always begins with '$' and followed by the variable name, possibly enclose in curly braces. Tokens with this kind are always instances of VariableToken. -| 150 = @while // The 'while' keyword. -| 151 = @workflow // The 'workflow' keyword. -| 55 = @xor; // The logical exclusive or operator '-xor'. \ No newline at end of file diff --git a/powershell/ql/lib/upgrades/c5191f89a6e3e8cea428b5c7326a06e335738533/semmlecode.powershell.dbscheme b/powershell/ql/lib/upgrades/c5191f89a6e3e8cea428b5c7326a06e335738533/semmlecode.powershell.dbscheme deleted file mode 100644 index 802d5b9f407..00000000000 --- a/powershell/ql/lib/upgrades/c5191f89a6e3e8cea428b5c7326a06e335738533/semmlecode.powershell.dbscheme +++ /dev/null @@ -1,1648 +0,0 @@ -/* Mandatory */ -sourceLocationPrefix( - varchar(900) prefix: string ref -); - -/* Entity Locations */ -@location = @location_default; - -locations_default( - unique int id: @location_default, - int file: @file ref, - int beginLine: int ref, - int beginColumn: int ref, - int endLine: int ref, - int endColumn: int ref -); - -/* File Metadata */ - -numlines( - unique int element_id: @file ref, - int num_lines: int ref, - int num_code: int ref, - int num_comment: int ref -); - -files( - unique int id: @file, - varchar(900) name: string ref -); - -folders( - unique int id: @folder, - varchar(900) name: string ref -); - -@container = @folder | @file; - -containerparent( - int parent: @container ref, - unique int child: @container ref -); - -/* Comments */ -comment_entity( - unique int id: @comment_entity, - int text: @string_literal ref -); - -comment_entity_location( - unique int id: @comment_entity ref, - int loc: @location ref -); - -/* Messages */ -extractor_messages( - unique int id: @extractor_message, - int severity: int ref, - string origin : string ref, - string text : string ref, - string entity : string ref, - int location: @location_default ref, - string stack_trace : string ref -); - -parent( - int child: @ast ref, - int parent: @ast ref -); - -/* AST Nodes */ -// This is all the kinds of nodes that can inherit from Ast -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.ast?view=powershellsdk-7.3.0 -@ast = @not_implemented | @attribute_base | @catch_clause | @command_element | -@member | @named_block | @param_block | @parameter | @redirection | @script_block | @statement | @statement_block | @named_attribute_argument; -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.attributebaseast?view=powershellsdk-7.2.0 -@attribute_base = @attribute | @type_constraint; - -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.memberast?view=powershellsdk-7.3.0 -@member = @function_member | @property_member; - -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.commandbaseast?view=powershellsdk-7.3.0 -@command_base = @command | @command_expression; -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.chainableast?view=powershellsdk-7.3.0 -@chainable = @command_base | @pipeline | @pipeline_chain; -//https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.pipelinebaseast?view=powershellsdk-7.3.0 -@pipeline_base = @chainable | @error_statement | @assignment_statement; -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.statementast?view=powershellsdk-7.3.0 -@statement = @block_statement -| @break_statement -| @command_base -| @configuration_definition -| @continue_statement -| @data_statement -| @dynamic_keyword_statement -| @exit_statement -| @function_definition -| @if_statement -| @labeled_statement -| @pipeline_base -| @return_statement -| @throw_statement -| @trap_statement -| @try_statement -| @type_definition -| @using_statement; - -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.loopstatementast?view=powershellsdk-7.3.0 -@loop_statement = @do_until_statement | @do_while_statement | @foreach_statement | @for_statement | @while_statement; -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.labeledstatementast?view=powershellsdk-7.3.0 -@labeled_statement = @loop_statement | @switch_statement; - -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.attributedexpressionast?view=powershellsdk-7.3.0 -@attributed_expression_ast = @attributed_expression | @convert_expression; - -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.memberexpressionast?view=powershellsdk-7.3.0 -@member_expression_base = @member_expression | @invoke_member_expression; // | @base_ctor_invoke_member_expression - -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.expressionast?view=powershellsdk-7.3.0 -@expression = @array_expression -| @array_literal -| @attributed_expression_ast -| @binary_expression -| @error_expression -| @expandable_string_expression -| @hash_table -| @index_expression -| @member_expression_base -| @paren_expression -| @script_block_expression -| @sub_expression -| @ternary_expression -| @type_expression -| @unary_expression -| @using_expression -| @variable_expression -| @base_constant_expression; - -// Constant expression can both be instanced and extended by string constant expression -@base_constant_expression = @constant_expression | @string_constant_expression; - -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.commandelementast?view=powershellsdk-7.3.0 -@command_element = @expression | @command_parameter; - -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.redirectionast?view=powershellsdk-7.3.0 -@redirection = @file_redirection | @merging_redirection; - -/** -Entries in this table indicate visited C# powershell ast objects which don't have parsing implemented yet. - -You can obtain the Type of the C# AST objects which don't yet have an associated entity to parse them - using this QL query on an extracted db: - -from string s -where not_implemented(_, s) -select s -*/ -not_implemented( - unique int id: @not_implemented, - string name: string ref -); - -not_implemented_location( - int id: @not_implemented ref, - int loc: @location ref -); - -// ArrayExpressionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.arrayexpressionast?view=powershellsdk-7.3.0 -array_expression( - unique int id: @array_expression, - int subExpression: @statement_block ref -) - -array_expression_location( - int id: @array_expression ref, - int loc: @location ref -) - -// ArrayLiteralAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.arrayliteralast?view=powershellsdk-7.3.0 -array_literal( - unique int id: @array_literal -) - -array_literal_location( - int id: @array_literal ref, - int loc: @location ref -) - -array_literal_element( - int id: @array_literal ref, - int index: int ref, - int component: @expression ref -) - -// AssignmentStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.assignmentstatementast?view=powershellsdk-7.3.0 -// https://github.com/PowerShell/PowerShell/blob/48c9d683565ed9402430a27e09410d56d52d4bfd/src/System.Management.Automation/engine/parser/Compiler.cs#L983-L989 -assignment_statement( - unique int id: @assignment_statement, - int kind: int ref, // @token_kind ref - int left: @expression ref, - int right: @statement ref -) - -assignment_statement_location( - int id: @assignment_statement ref, - int loc: @location ref -) - -// NamedBlockAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.namedblockast?view=powershellsdk-7.3.0 -named_block( - unique int id: @named_block, - int numStatements: int ref, - int numTraps: int ref -) - -named_block_statement( - int id: @named_block ref, - int index: int ref, - int statement: @statement ref -) - -named_block_trap( - int id: @named_block ref, - int index: int ref, - int trap: @trap_statement ref -) - -named_block_location( - int id: @named_block ref, - int loc: @location ref -) - -// ScriptBlockAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.scriptblockast?view=powershellsdk-7.3.0 -script_block( - unique int id: @script_block, - int numUsings: int ref, - int numRequiredModules: int ref, - int numRequiredAssemblies: int ref, - int numRequiredPsEditions: int ref, - int numRequiredPsSnapins: int ref -) - -script_block_param_block( - int id: @script_block ref, - int the_param_block: @param_block ref -) - -script_block_begin_block( - int id: @script_block ref, - int begin_block: @named_block ref -) - -script_block_clean_block( - int id: @script_block ref, - int clean_block: @named_block ref -) - -script_block_dynamic_param_block( - int id: @script_block ref, - int dynamic_param_block: @named_block ref -) - -script_block_end_block( - int id: @script_block ref, - int end_block: @named_block ref -) - -script_block_process_block( - int id: @script_block ref, - int process_block: @named_block ref -) - -script_block_using( - int id: @script_block ref, - int index: int ref, - int using: @ast ref -) - -script_block_required_application_id( - int id: @script_block ref, - string application_id: string ref -) - -script_block_requires_elevation( - int id: @script_block ref, - boolean requires_elevation: boolean ref -) - -script_block_required_ps_version( - int id: @script_block ref, - string required_ps_version: string ref -) - -script_block_required_module( - int id: @script_block ref, - int index: int ref, - int required_module: @module_specification ref -) - -script_block_required_assembly( - int id: @script_block ref, - int index: int ref, - string required_assembly: string ref -) - -script_block_required_ps_edition( - int id: @script_block ref, - int index: int ref, - string required_ps_edition: string ref -) - -script_block_requires_ps_snapin( - int id: @script_block ref, - int index: int ref, - string name: string ref, - string version: string ref -) - -script_block_location( - int id: @script_block ref, - int loc: @location ref -) - -// ModuleSpecification -// https://learn.microsoft.com/en-us/dotnet/api/microsoft.powershell.commands.modulespecification?view=powershellsdk-7.3.0 -module_specification( - unique int id: @module_specification, - string name: string ref, - string guid: string ref, - string maxVersion: string ref, - string requiredVersion: string ref, - string version: string ref -) - -// BinaryExpressionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.binaryexpressionast?view=powershellsdk-7.3.0 -// https://github.com/PowerShell/PowerShell/blob/48c9d683565ed9402430a27e09410d56d52d4bfd/src/System.Management.Automation/engine/parser/Compiler.cs#L5675-L5947 -binary_expression( - unique int id: @binary_expression, - int kind: int ref, // @token_kind ref - int left: @expression ref, - int right: @expression ref -) - -// @binary_expression_kind = @And | @Is | @IsNot | @As | @DotDot | @Multiply | @Divide | @Rem | @Plus | @Minus | @Format | @Xor | @Shl | @Shr | @Band | @Bor | @Bxor | @Join | @Ieq | @Ine | @Ige | @Igt | @Ilt | @Ile | @Ilike | @Inotlike | @Inotmatch | @Imatch | @Ireplace | @Inotcontains | @Icontains | @Iin | @Inotin | @Isplit | @Ceq | @Cge | @Cgt | @Clt | @Cle | @Clike | @Cnotlike | @Cnotmatch | @Cmatch | @Ccontains | @Creplace | @Cin | @Cnotin | @Csplit | @QuestionQuestion; - -binary_expression_location( - int id: @binary_expression ref, - int loc: @location ref -) - -// ConstantExpressionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.constantexpressionast?view=powershellsdk-7.3.0 -constant_expression( - unique int id: @constant_expression, - string staticType: string ref -) - -constant_expression_value( - int id: @constant_expression ref, - int value: @string_literal ref -) - -constant_expression_location( - int id: @constant_expression ref, - int loc: @location ref -) - -// ConvertExpressionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.convertexpressionast?view=powershellsdk-7.3.0 -convert_expression( - unique int id: @convert_expression, - int the_attribute: @ast ref, - int child: @ast ref, - int object_type: @ast ref, - string staticType: string ref -) - -convert_expression_location( - int id: @convert_expression ref, - int loc: @location ref -) - -// IndexExpressionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.indexexpressionast?view=powershellsdk-7.3.0 -index_expression( - unique int id: @index_expression, - int index: @ast ref, - int target: @ast ref, - boolean nullConditional: boolean ref -) - -index_expression_location( - int id: @index_expression ref, - int loc: @location ref -) - -// IfStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.ifstatementast?view=powershellsdk-7.3.0 -if_statement( - unique int id: @if_statement -) - -if_statement_clause( - int id: @if_statement ref, - int index: int ref, - int item1: @pipeline_base ref, - int item2: @statement_block ref -) - -if_statement_else( - int id: @if_statement ref, - int elseItem: @statement_block ref -) - -if_statement_location( - int id: @if_statement ref, - int loc: @location ref -) - -// MemberExpressionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.memberexpressionast?view=powershellsdk-7.3.0 -member_expression( - unique int id: @member_expression, - int expression: @ast ref, - int member: @ast ref, - boolean nullConditional: boolean ref, - boolean isStatic: boolean ref -) - -member_expression_location( - int id: @member_expression ref, - int loc: @location ref -) - -// StatementBlockAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.statementblockast?view=powershellsdk-7.3.0 -statement_block( - unique int id: @statement_block, - int numStatements: int ref, - int numTraps : int ref -) - -statement_block_location( - int id: @statement_block ref, - int loc: @location ref -) - -statement_block_statement( - int id: @statement_block ref, - int index: int ref, - int statement: @statement ref -) - -statement_block_trap( - int id: @statement_block ref, - int index: int ref, - int trap: @trap_statement ref -) - -// SubExpressionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.subexpressionast?view=powershellsdk-7.3.0 -sub_expression( - unique int id: @sub_expression, - int subExpression: @statement_block ref -) - -sub_expression_location( - int id: @sub_expression ref, - int loc: @location ref -) - -// VariableExpressionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.variableexpressionast?view=powershellsdk-7.3.0 -variable_expression( - unique int id: @variable_expression, - string userPath: string ref, - string driveName: string ref, - boolean isConstant: boolean ref, - boolean isGlobal: boolean ref, - boolean isLocal: boolean ref, - boolean isPrivate: boolean ref, - boolean isScript: boolean ref, - boolean isUnqualified: boolean ref, - boolean isUnscoped: boolean ref, - boolean isVariable: boolean ref, - boolean isDriveQualified: boolean ref -) - -variable_expression_location( - int id: @variable_expression ref, - int loc: @location ref -) - -// CommandExpressionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.commandexpressionast?view=powershellsdk-7.3.0 -command_expression( - unique int id: @command_expression, - int wrapped: @expression ref, - int numRedirections: int ref -) - -command_expression_location( - int id: @command_expression ref, - int loc: @location ref -) - -command_expression_redirection( - int id: @command_expression ref, - int index: int ref, - int redirection: @redirection ref -) - -// StringConstantExpressionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.stringconstantexpressionast?view=powershellsdk-7.3.0 -string_constant_expression( - unique int id: @string_constant_expression, - int value: @string_literal ref -) - -string_constant_expression_location( - int id: @string_constant_expression ref, - int loc: @location ref -) - -// PipelineAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.pipelineast?view=powershellsdk-7.3.0 -pipeline( - unique int id: @pipeline, - int numComponents: int ref -) - -pipeline_location( - int id: @pipeline ref, - int loc: @location ref -) - -pipeline_component( - int id: @pipeline ref, - int index: int ref, - int component: @command_base ref -) - -// CommandAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.commandast?view=powershellsdk-7.3.0 -command( - unique int id: @command, - string name: string ref, - int kind: int ref, // @token_kind ref - int numElements: int ref, - int numRedirections: int ref -) - -command_location( - int id: @command ref, - int loc: @location ref -) - -command_command_element( - int id: @command ref, - int index: int ref, - int component: @command_element ref -) - -command_redirection( - int id: @command ref, - int index: int ref, - int redirection: @redirection ref -) - -// InvokeMemberExpressionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.invokememberexpressionast?view=powershellsdk-7.3.0 -invoke_member_expression( - unique int id: @invoke_member_expression, - int expression: @expression ref, - int member: @command_element ref -) - -invoke_member_expression_location( - int id: @invoke_member_expression ref, - int loc: @location ref -) - -invoke_member_expression_argument( - int id: @invoke_member_expression ref, - int index: int ref, - int argument: @expression ref -) - -// ParenExpressionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.parenexpressionast?view=powershellsdk-7.3.0 -paren_expression( - unique int id: @paren_expression, - int expression: @pipeline_base ref -) - -paren_expression_location( - int id: @paren_expression ref, - int loc: @location ref -) - - -// TernaryStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.ternaryexpressionast?view=powershellsdk-7.3.0 -ternary_expression( - unique int id: @ternary_expression, - int condition: @expression ref, - int ifFalse: @expression ref, - int iftrue: @expression ref -) - -ternary_expression_location( - int id: @ternary_expression ref, - int loc: @location ref -) - -// ExitStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.exitstatementast?view=powershellsdk-7.3.0 -exit_statement( - unique int id: @exit_statement -) - -exit_statement_pipeline( - int id: @exit_statement ref, - int expression: @pipeline_base ref -) - -exit_statement_location( - int id: @exit_statement ref, - int loc: @location ref -) - - -// TypeExpressionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.typeexpressionast?view=powershellsdk-7.3.0 -type_expression( - unique int id: @type_expression, - string name: string ref, - string fullName: string ref -) - -type_expression_location( - int id: @type_expression ref, - int loc: @location ref -) - -// CommandParameterAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.commandparameterast?view=powershellsdk-7.3.0 -command_parameter( - unique int id: @command_parameter, - string name: string ref -) - -command_parameter_location( - int id: @command_parameter ref, - int loc: @location ref -) - -command_parameter_argument( - int id: @command_parameter ref, - int argument: @ast ref -) - -// NamedAttributeArgumentAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.namedattributeargumentast?view=powershellsdk-7.3.0 -named_attribute_argument( - unique int id: @named_attribute_argument, - string name: string ref, - int argument: @expression ref -) - -named_attribute_argument_location( - int id: @named_attribute_argument ref, - int loc: @location ref -) - -// AttributeAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.attributeast?view=powershellsdk-7.3.0 -attribute( - unique int id: @attribute, - string name: string ref, - int numNamedArguments: int ref, - int numPositionalArguments: int ref -) - -attribute_named_argument( - int id: @attribute ref, - int index: int ref, - int argument: @named_attribute_argument ref -) - -attribute_positional_argument( - int id: @attribute ref, - int index: int ref, - int argument: @expression ref -) - -attribute_location( - int id: @attribute ref, - int id: @location ref -) - -// ParamBlockAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.paramblockast?view=powershellsdk-7.3.0 -param_block( - unique int id: @param_block, - int numAttributes: int ref, - int numParameters: int ref -) - -param_block_attribute( - int id: @param_block ref, - int index: int ref, - int the_attribute: @attribute ref -) - -param_block_parameter( - int id: @param_block ref, - int index: int ref, - int the_parameter: @parameter ref -) - -param_block_location( - int id: @param_block ref, - int id: @location ref -) - -// ParameterAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.parameterast?view=powershellsdk-7.3.0 -parameter( - unique int id: @parameter, - int name: @variable_expression ref, - string staticType: string ref, - int numAttributes: int ref -) - -parameter_attribute( - int id: @parameter ref, - int index: int ref, - int the_attribute: @attribute_base ref -) - -parameter_location( - int id: @parameter ref, - int loc: @location ref -) - -parameter_default_value( - int id: @parameter ref, - int default_value: @expression ref -) - -// TypeConstraintAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.typeconstraintast?view=powershellsdk-7.3.0 -type_constraint( - unique int id: @type_constraint, - string name: string ref, - string fullName: string ref -) - -type_constraint_location( - int id: @type_constraint ref, - int loc: @location ref -) - -// FunctionDefinitionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.functiondefinitionast?view=powershellsdk-7.3.0 -function_definition( - unique int id: @function_definition, - int body: @script_block ref, - string name: string ref, - boolean isFilter: boolean ref, - boolean isWorkflow: boolean ref -) - -function_definition_parameter( - int id: @function_definition ref, - int index: int ref, - int parameter: @parameter ref -) - -function_definition_location( - int id: @function_definition ref, - int loc: @location ref -) - -// BreakStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.breakstatementast?view=powershellsdk-7.3.0 -break_statement( - unique int id: @break_statement -) - -break_statement_location( - int id: @break_statement ref, - int loc: @location ref -) - -// ContinueStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.continuestatementast?view=powershellsdk-7.3.0 -continue_statement( - unique int id: @continue_statement -) - -continue_statement_location( - int id: @continue_statement ref, - int loc: @location ref -) -@labelled_statement = @continue_statement | @break_statement; - -statement_label( - int id: @labelled_statement ref, - int label: @expression ref -) - -// ReturnStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.returnstatementast?view=powershellsdk-7.3.0 -return_statement( - unique int id: @return_statement -) - -return_statement_pipeline( - int id: @return_statement ref, - int pipeline: @pipeline_base ref -) - -return_statement_location( - int id: @return_statement ref, - int loc: @location ref -) - -// DoWhileStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.dowhilestatementast?view=powershellsdk-7.3.0 -do_while_statement( - unique int id: @do_while_statement, - int body: @statement_block ref -) - -do_while_statement_condition( - int id: @do_while_statement ref, - int condition: @pipeline_base ref -) - -do_while_statement_location( - int id: @do_while_statement ref, - int loc: @location ref -) - -// DoUntilStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.dountilstatementast?view=powershellsdk-7.3.0 -do_until_statement( - unique int id: @do_until_statement, - int body: @statement_block ref -) - -do_until_statement_condition( - int id: @do_until_statement ref, - int condition: @pipeline_base ref -) - -do_until_statement_location( - int id: @do_until_statement ref, - int loc: @location ref -) - -// WhileStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.whilestatementast?view=powershellsdk-7.3.0 -while_statement( - unique int id: @while_statement, - int body: @statement_block ref -) - -while_statement_condition( - int id: @while_statement ref, - int condition: @pipeline_base ref -) - -while_statement_location( - int id: @while_statement ref, - int loc: @location ref -) - -// ForEachStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.foreachstatementast?view=powershellsdk-7.3.0 -foreach_statement( - unique int id: @foreach_statement, - int variable: @variable_expression ref, - int condition: @pipeline_base ref, - int body: @statement_block ref, - int flags: int ref -) - -foreach_statement_location( - int id: @foreach_statement ref, - int loc: @location ref -) - -// ForStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.forstatementast?view=powershellsdk-7.3.0 -for_statement( - unique int id: @for_statement, - int body: @statement_block ref -) - -for_statement_location( - int id: @for_statement ref, - int loc: @location ref -) - -for_statement_condition( - int id: @for_statement ref, - int condition: @pipeline_base ref -) - -for_statement_initializer( - int id: @for_statement ref, - int initializer: @pipeline_base ref -) - -for_statement_iterator( - int id: @for_statement ref, - int iterator: @pipeline_base ref -) - -// ExpandableStringExpressionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.expandablestringexpressionast?view=powershellsdk-7.3.0 -expandable_string_expression( - unique int id: @expandable_string_expression, - int value: @string_literal ref, - int kind: int ref, - int numExpression: int ref -) - -case @expandable_string_expression.kind of - 4 = @BareWord -| 2 = @DoubleQuoted -| 3 = @DoubleQuotedHereString -| 0 = @SingleQuoted -| 1 = @SingleQuotedHereString; - -expandable_string_expression_location( - int id: @expandable_string_expression ref, - int loc: @location ref -) - -expandable_string_expression_nested_expression( - int id: @expandable_string_expression ref, - int index: int ref, - int nestedExression: @expression ref -) - -// StringLiterals -// Contains string literals broken into lines to prevent breaks in the trap from multiline strings -string_literal( - unique int id: @string_literal -) - -string_literal_location( - int id: @string_literal ref, - int loc: @location ref -) - -string_literal_line( - int id: @string_literal ref, - int lineNum: int ref, - string line: string ref -) - -// UnaryExpressionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.unaryexpressionast?view=powershellsdk-7.3.0 -unary_expression( - unique int id: @unary_expression, - int child: @ast ref, - int kind: int ref, - string staticType: string ref -) - -unary_expression_location( - int id: @unary_expression ref, - int loc: @location ref -) - -// CatchClauseAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.catchclauseast?view=powershellsdk-7.3.0 -catch_clause( - unique int id: @catch_clause, - int body: @statement_block ref, - boolean isCatchAll: boolean ref -) - -catch_clause_catch_type( - int id: @catch_clause ref, - int index: int ref, - int catch_type: @type_constraint ref -) - -catch_clause_location( - int id: @catch_clause ref, - int loc: @location ref -) - -// ThrowStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.throwstatementast?view=powershellsdk-7.3.0 -throw_statement( - unique int id: @throw_statement, - boolean isRethrow: boolean ref -) - -throw_statement_location( - int id: @throw_statement ref, - int loc: @location ref -) - -throw_statement_pipeline( - int id: @throw_statement ref, - int pipeline: @ast ref -) - -// TryStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.trystatementast?view=powershellsdk-7.3.0 -try_statement( - unique int id: @try_statement, - int body: @statement_block ref -) - -try_statement_catch_clause( - int id: @try_statement ref, - int index: int ref, - int catch_clause: @catch_clause ref -) - - -try_statement_finally( - int id: @try_statement ref, - int finally: @ast ref -) - -try_statement_location( - int id: @try_statement ref, - int loc: @location ref -) - -// FileRedirectionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.fileredirectionast?view=powershellsdk-7.3.0 -file_redirection( - unique int id: @file_redirection, - int location: @ast ref, - boolean isAppend: boolean ref, - int redirectionType: int ref -) - -case @file_redirection.redirectionType of - 0 = @All -| 1 = @Output -| 2 = @Error -| 3 = @Warning -| 4 = @Verbose -| 5 = @Debug -| 6 = @Information; - -file_redirection_location( - int id: @file_redirection ref, - int loc: @location ref -) - -// BlockStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.blockstatementast?view=powershellsdk-7.3.0 -block_statement( - unique int id: @block_statement, - int body: @ast ref, - int token: @token ref -) - -block_statement_location( - int id: @block_statement ref, - int loc: @location ref -) - -// Token -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.token?view=powershellsdk-7.3.0 -token( - unique int id: @token, - boolean hasError: boolean ref, - int kind: int ref, - string text: string ref, - int tokenFlags: int ref -) - -token_location( - int id: @token ref, - int loc: @location ref -) - -// ConfigurationDefinitionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.configurationdefinitionast?view=powershellsdk-7.3.0 -configuration_definition( - unique int id: @configuration_definition, - int body: @script_block_expression ref, - int configurationType: int ref, - int name: @expression ref -) - -configuration_definition_location( - int id: @configuration_definition ref, - int loc: @location ref -) - -// DataStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.datastatementast?view=powershellsdk-7.3.0 -data_statement( - unique int id: @data_statement, - int body: @statement_block ref -) - -data_statement_variable( - int id: @data_statement ref, - string variable: string ref -) - -data_statement_commands_allowed( - int id: @data_statement ref, - int index: int ref, - int command_allowed: @ast ref -) - -data_statement_location( - int id: @data_statement ref, - int loc: @location ref -) - -// DynamicKeywordStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.dynamickeywordstatementast?view=powershellsdk-7.3.0 -dynamic_keyword_statement( - unique int id: @dynamic_keyword_statement -) - -dynamic_keyword_statement_command_elements( - int id: @dynamic_keyword_statement ref, - int index: int ref, - int element: @command_element ref -) - -dynamic_keyword_statement_location( - int id: @dynamic_keyword_statement ref, - int loc: @location ref -) - -// ErrorExpressionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.errorexpressionast?view=powershellsdk-7.3.0 -error_expression( - unique int id: @error_expression -) - -error_expression_nested_ast( - int id: @error_expression ref, - int index: int ref, - int nested_ast: @ast ref -) - -error_expression_location( - int id: @error_expression ref, - int loc: @location ref -) - -// ErrorStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.errorstatementast?view=powershellsdk-7.3.0 -error_statement( - unique int id: @error_statement, - int token: @token ref -) - -error_statement_location( - int id: @error_statement ref, - int loc: @location ref -) - -error_statement_nested_ast( - int id: @error_statement ref, - int index: int ref, - int nested_ast: @ast ref -) - -error_statement_conditions( - int id: @error_statement ref, - int index: int ref, - int condition: @ast ref -) - -error_statement_bodies( - int id: @error_statement ref, - int index: int ref, - int body: @ast ref -) - -error_statement_flag( - int id: @error_statement ref, - int index: int ref, - int k: string ref, // The key - int token: @token ref, // These two form a tuple of the value - int ast: @ast ref -) - -// FunctionMemberAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.functionmemberast?view=powershellsdk-7.3.0 -function_member( - unique int id: @function_member, - int body: @ast ref, - boolean isConstructor: boolean ref, - boolean isHidden: boolean ref, - boolean isPrivate: boolean ref, - boolean isPublic: boolean ref, - boolean isStatic: boolean ref, - string name: string ref, - int methodAttributes: int ref -) - -function_member_location( - int id: @function_member ref, - int loc: @location ref -) - -function_member_parameter( - int id: @function_member ref, - int index: int ref, - int parameter: @ast ref -) - -function_member_attribute( - int id: @function_member ref, - int index: int ref, - int attribute: @ast ref -) - -function_member_return_type( - int id: @function_member ref, - int return_type: @type_constraint ref -) - -// MergingRedirectionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.mergingredirectionast?view=powershellsdk-7.3.0 -merging_redirection( - unique int id: @merging_redirection, - int from: int ref, - int to: int ref -) - -merging_redirection_location( - int id: @merging_redirection ref, - int loc: @location ref -) - - -label( - int id: @labeled_statement ref, - string label: string ref -) - -// TrapStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.trapstatementast?view=powershellsdk-7.3.0 -trap_statement( - unique int id: @trap_statement, - int body: @ast ref -) - -trap_statement_type( - int id: @trap_statement ref, - int trap_type: @type_constraint ref -) - -trap_statement_location( - int id: @trap_statement ref, - int loc: @location ref -) - -// PipelineChainAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.pipelinechainast?view=powershellsdk-7.3.0 -pipeline_chain( - unique int id: @pipeline_chain, - boolean isBackground: boolean ref, - int kind: int ref, - int left: @ast ref, - int right: @ast ref -) - -pipeline_chain_location( - int id: @pipeline_chain ref, - int loc: @location ref -) - -// PropertyMemberAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.propertymemberast?view=powershellsdk-7.3.0 -property_member( - unique int id: @property_member, - boolean isHidden: boolean ref, - boolean isPrivate: boolean ref, - boolean isPublic: boolean ref, - boolean isStatic: boolean ref, - string name: string ref, - int methodAttributes: int ref -) - -property_member_attribute( - int id: @property_member ref, - int index: int ref, - int attribute: @ast ref -) - -property_member_property_type( - int id: @property_member ref, - int property_type: @type_constraint ref -) - -property_member_initial_value( - int id: @property_member ref, - int initial_value: @ast ref -) - -property_member_location( - int id: @property_member ref, - int loc: @location ref -) - -// ScriptBlockExpressionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.scriptblockexpressionast?view=powershellsdk-7.3.0 -script_block_expression( - unique int id: @script_block_expression, - int body: @script_block ref -) - -script_block_expression_location( - int id: @script_block_expression ref, - int loc: @location ref -) - -// SwitchStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.switchstatementast?view=powershellsdk-7.3.0 -switch_statement( - unique int id: @switch_statement, - int condition: @ast ref, - int flags: int ref -) - -switch_statement_clauses( - int id: @switch_statement ref, - int index: int ref, - int expression: @ast ref, - int statementBlock: @ast ref -) - -switch_statement_location( - int id: @switch_statement ref, - int loc: @location ref -) - -switch_statement_default( - int id: @switch_statement ref, - int default: @ast ref -) - -// TypeDefinitionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.typedefinitionast?view=powershellsdk-7.3.0 -type_definition( - unique int id: @type_definition, - string name: string ref, - int flags: int ref, - boolean isClass: boolean ref, - boolean isEnum: boolean ref, - boolean isInterface: boolean ref -) - -type_definition_attributes( - int id: @type_definition ref, - int index: int ref, - int attribute: @ast ref -) - -type_definition_members( - int id: @type_definition ref, - int index: int ref, - int member: @ast ref -) - -type_definition_location( - int id: @type_definition ref, - int loc: @location ref -) - -type_definition_base_type( - int id: @type_definition ref, - int index: int ref, - int base_type: @type_constraint ref -) - -// UsingExpressionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.usingexpressionast?view=powershellsdk-7.3.0 -using_expression( - unique int id: @using_expression, - int subExpression: @ast ref -) - -using_expression_location( - int id: @using_expression ref, - int loc: @location ref -) - -// UsingStatementAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.usingstatementast?view=powershellsdk-7.3.0 -using_statement( - unique int id: @using_statement, - int kind: int ref -) - -using_statement_location( - int id: @using_statement ref, - int loc: @location ref -) - -using_statement_alias( - int id: @using_statement ref, - int alias: @ast ref -) - -using_statement_module_specification( - int id: @using_statement ref, - int module_specification: @ast ref -) - -using_statement_name( - int id: @using_statement ref, - int name: @ast ref -) - -// HashTableAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.hashtableast?view=powershellsdk-7.3.0 -hash_table( - unique int id: @hash_table -) - -hash_table_location( - int id: @hash_table ref, - int loc: @location ref -) - -hash_table_key_value_pairs( - int id: @hash_table ref, - int index: int ref, - int k: @ast ref, - int v: @ast ref -) - -// AttributedExpressionAst -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.attributedexpressionast?view=powershellsdk-7.3.0 -attributed_expression( - unique int id: @attributed_expression, - int attribute: @ast ref, - int expression: @ast ref -) - -attributed_expression_location( - int id: @attributed_expression ref, - int loc: @location ref -) - -// TokenKind -// https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.language.tokenkind?view=powershellsdk-7.3.0 -token_kind_reference( - unique int id: @token_kind_reference, - string name: string ref, - int kind: int ref -) - -@token_kind = @ampersand | @and | @andAnd | @as | @assembly | @atCurly | @atParen | @band | @base | @begin | @bnot | @bor | @break -| @bxor | @catch | @ccontains | @ceq | @cge | @cgt | @cin | @class | @cle | @clean | @clike | @clt | @cmatch | @cne | @cnotcontains -| @cnotin | @cnotlike | @cnotmatch | @colon | @colonColon | @comma | @command_token | @comment | @configuration | @continue | @creplace -| @csplit | @data | @default | @define | @divide | @divideEquals | @do | @dollarParen | @dot | @dotDot | @dynamicKeyword | @dynamicparam -| @else | @elseIf | @end | @endOfInput | @enum | @equals | @exclaim | @exit | @filter | @finally | @for | @foreach | @format | @from -| @function | @generic | @hereStringExpandable | @hereStringLiteral | @hidden | @icontains | @identifier | @ieq | @if | @ige | @igt -| @iin | @ile | @ilike | @ilt | @imatch | @in | @ine | @inlineScript | @inotcontains | @inotin | @inotlike | @inotmatch | @interface -| @ireplace | @is | @isNot | @isplit | @join | @label | @lBracket | @lCurly | @lineContinuation | @lParen | @minus | @minusEquals -| @minusMinus | @module | @multiply | @multiplyEquals | @namespace | @newLine | @not | @number | @or | @orOr | @parallel | @param -| @parameter_token | @pipe | @plus | @plusEquals | @plusPlus | @postfixMinusMinus | @postfixPlusPlus | @private | @process | @public -| @questionDot | @questionLBracket | @questionMark | @questionQuestion | @questionQuestionEquals | @rBracket | @rCurly | @redirectInStd -| @redirection_token | @rem | @remainderEquals | @return | @rParen | @semi | @sequence | @shl | @shr | @splattedVariable | @static -| @stringExpandable | @stringLiteral_token | @switch | @throw | @trap | @try | @type | @unknown | @until | @using | @var | @variable -| @while | @workflow | @xor; - -case @token_kind_reference.kind of -28 = @ampersand // The invocation operator '&'. -| 53 = @and // The logical and operator '-and'. -| 26 = @andAnd // The (unimplemented) operator '&&'. -| 94 = @as // The type conversion operator '-as'. -| 165 = @assembly // The 'assembly' keyword -| 23 = @atCurly // The opening token of a hash expression '@{'. -| 22 = @atParen // The opening token of an array expression '@('. -| 56 = @band // The bitwise and operator '-band'. -| 168 = @base // The 'base' keyword -| 119 = @begin // The 'begin' keyword. -| 52 = @bnot // The bitwise not operator '-bnot'. -| 57 = @bor // The bitwise or operator '-bor'. -| 120 = @break // The 'break' keyword. -| 58 = @bxor // The bitwise exclusive or operator '-xor'. -| 121 = @catch // The 'catch' keyword. -| 87 = @ccontains // The case sensitive contains operator '-ccontains'. -| 76 = @ceq // The case sensitive equal operator '-ceq'. -| 78 = @cge // The case sensitive greater than or equal operator '-cge'. -| 79 = @cgt // The case sensitive greater than operator '-cgt'. -| 89 = @cin // The case sensitive in operator '-cin'. -| 122 = @class // The 'class' keyword. -| 81 = @cle // The case sensitive less than or equal operator '-cle'. -| 170 = @clean // The 'clean' keyword. -| 82 = @clike // The case sensitive like operator '-clike'. -| 80 = @clt // The case sensitive less than operator '-clt'. -| 84 = @cmatch // The case sensitive match operator '-cmatch'. -| 77 = @cne // The case sensitive not equal operator '-cne'. -| 88 = @cnotcontains // The case sensitive not contains operator '-cnotcontains'. -| 90 = @cnotin // The case sensitive not in operator '-notin'. -| 83 = @cnotlike // The case sensitive notlike operator '-cnotlike'. -| 85 = @cnotmatch // The case sensitive not match operator '-cnotmatch'. -| 99 = @colon // The PS class base class and implemented interfaces operator ':'. Also used in base class ctor calls. -| 34 = @colonColon // The static member access operator '::'. -| 30 = @comma // The unary or binary array operator ','. -| 166 = @command_token // The 'command' keyword -| 10 = @comment // A single line comment, or a delimited comment. -| 155 = @configuration // The "configuration" keyword -| 123 = @continue // The 'continue' keyword. -| 86 = @creplace // The case sensitive replace operator '-creplace'. -| 91 = @csplit // The case sensitive split operator '-csplit'. -| 124 = @data // The 'data' keyword. -| 169 = @default // The 'default' keyword -| 125 = @define // The (unimplemented) 'define' keyword. -| 38 = @divide // The division operator '/'. -| 46 = @divideEquals // The division assignment operator '/='. -| 126 = @do // The 'do' keyword. -| 24 = @dollarParen // The opening token of a sub-expression '$('. -| 35 = @dot // The instance member access or dot source invocation operator '.'. -| 33 = @dotDot // The range operator '..'. -| 156 = @dynamicKeyword // The token kind for dynamic keywords -| 127 = @dynamicparam // The 'dynamicparam' keyword. -| 128 = @else // The 'else' keyword. -| 129 = @elseIf // The 'elseif' keyword. -| 130 = @end // The 'end' keyword. -| 11 = @endOfInput // Marks the end of the input script or file. -| 161 = @enum // The 'enum' keyword -| 42 = @equals // The assignment operator '='. -| 36 = @exclaim // The logical not operator '!'. -| 131 = @exit // The 'exit' keyword. -| 132 = @filter // The 'filter' keyword. -| 133 = @finally // The 'finally' keyword. -| 134 = @for // The 'for' keyword. -| 135 = @foreach // The 'foreach' keyword. -| 50 = @format // The string format operator '-f'. -| 136 = @from // The (unimplemented) 'from' keyword. -| 137 = @function // The 'function' keyword. -| 7 = @generic // A token that is only valid as a command name, command argument, function name, or configuration name. It may contain characters not allowed in identifiers. Tokens with this kind are always instances of StringLiteralToken or StringExpandableToken if the token contains variable references or subexpressions. -| 15 = @hereStringExpandable // A double quoted here string literal. Tokens with this kind are always instances of StringExpandableToken. even if there are no nested tokens to expand. -| 14 = @hereStringLiteral // A single quoted here string literal. Tokens with this kind are always instances of StringLiteralToken. -| 167 = @hidden // The 'hidden' keyword -| 71 = @icontains // The case insensitive contains operator '-icontains' or '-contains'. -| 6 = @identifier // A simple identifier, always begins with a letter or '', and is followed by letters, numbers, or ''. -| 60 = @ieq // The case insensitive equal operator '-ieq' or '-eq'. -| 138 = @if // The 'if' keyword. -| 62 = @ige // The case insensitive greater than or equal operator '-ige' or '-ge'. -| 63 = @igt // The case insensitive greater than operator '-igt' or '-gt'. -| 73 = @iin // The case insensitive in operator '-iin' or '-in'. -| 65 = @ile // The case insensitive less than or equal operator '-ile' or '-le'. -| 66 = @ilike // The case insensitive like operator '-ilike' or '-like'. -| 64 = @ilt // The case insensitive less than operator '-ilt' or '-lt'. -| 68 = @imatch // The case insensitive match operator '-imatch' or '-match'. -| 139 = @in // The 'in' keyword. -| 61 = @ine // The case insensitive not equal operator '-ine' or '-ne'. -| 154 = @inlineScript // The 'InlineScript' keyword -| 72 = @inotcontains // The case insensitive notcontains operator '-inotcontains' or '-notcontains'. -| 74 = @inotin // The case insensitive notin operator '-inotin' or '-notin' -| 67 = @inotlike // The case insensitive not like operator '-inotlike' or '-notlike'. -| 69 = @inotmatch // The case insensitive not match operator '-inotmatch' or '-notmatch'. -| 160 = @interface // The 'interface' keyword -| 70 = @ireplace // The case insensitive replace operator '-ireplace' or '-replace'. -| 92 = @is // The type test operator '-is'. -| 93 = @isNot // The type test operator '-isnot'. -| 75 = @isplit // The case insensitive split operator '-isplit' or '-split'. -| 59 = @join // The join operator '-join'. -| 5 = @label // A label token - always begins with ':', followed by the label name. Tokens with this kind are always instances of LabelToken. -| 20 = @lBracket // The opening square brace token '['. -| 18 = @lCurly // The opening curly brace token '{'. -| 9 = @lineContinuation // A line continuation (backtick followed by newline). -| 16 = @lParen // The opening parenthesis token '('. -| 41 = @minus // The substraction operator '-'. -| 44 = @minusEquals // The subtraction assignment operator '-='. -| 31 = @minusMinus // The pre-decrement operator '--'. -| 163 = @module // The 'module' keyword -| 37 = @multiply // The multiplication operator '*'. -| 45 = @multiplyEquals // The multiplication assignment operator '*='. -| 162 = @namespace // The 'namespace' keyword -| 8 = @newLine // A newline (one of '\n', '\r', or '\r\n'). -| 51 = @not // The logical not operator '-not'. -| 4 = @number // Any numerical literal token. Tokens with this kind are always instances of NumberToken. -| 54 = @or // The logical or operator '-or'. -| 27 = @orOr // The (unimplemented) operator '||'. -| 152 = @parallel // The 'parallel' keyword. -| 140 = @param // The 'param' keyword. -| 3 = @parameter_token // A parameter to a command, always begins with a dash ('-'), followed by the parameter name. Tokens with this kind are always instances of ParameterToken. -| 29 = @pipe // The pipe operator '|'. -| 40 = @plus // The addition operator '+'. -| 43 = @plusEquals // The addition assignment operator '+='. -| 32 = @plusPlus // The pre-increment operator '++'. -| 96 = @postfixMinusMinus // The post-decrement operator '--'. -| 95 = @postfixPlusPlus // The post-increment operator '++'. -| 158 = @private // The 'private' keyword -| 141 = @process // The 'process' keyword. -| 157 = @public // The 'public' keyword -| 103 = @questionDot // The null conditional member access operator '?.'. -| 104 = @questionLBracket // The null conditional index access operator '?[]'. -| 100 = @questionMark // The ternary operator '?'. -| 102 = @questionQuestion // The null coalesce operator '??'. -| 101 = @questionQuestionEquals // The null conditional assignment operator '??='. -| 21 = @rBracket // The closing square brace token ']'. -| 19 = @rCurly // The closing curly brace token '}'. -| 49 = @redirectInStd // The (unimplemented) stdin redirection operator '<'. -| 48 = @redirection_token // A redirection operator such as '2>&1' or '>>'. -| 39 = @rem // The modulo division (remainder) operator '%'. -| 47 = @remainderEquals // The modulo division (remainder) assignment operator '%='. -| 142 = @return // The 'return' keyword. -| 17 = @rParen // The closing parenthesis token ')'. -| 25 = @semi // The statement terminator ';'. -| 153 = @sequence // The 'sequence' keyword. -| 97 = @shl // The shift left operator. -| 98 = @shr // The shift right operator. -| 2 = @splattedVariable // A splatted variable token, always begins with '@' and followed by the variable name. Tokens with this kind are always instances of VariableToken. -| 159 = @static // The 'static' keyword -| 13 = @stringExpandable // A double quoted string literal. Tokens with this kind are always instances of StringExpandableToken even if there are no nested tokens to expand. -| 12 = @stringLiteral_token // A single quoted string literal. Tokens with this kind are always instances of StringLiteralToken. -| 143 = @switch // The 'switch' keyword. -| 144 = @throw // The 'throw' keyword. -| 145 = @trap // The 'trap' keyword. -| 146 = @try // The 'try' keyword. -| 164 = @type // The 'type' keyword -| 0 = @unknown // An unknown token, signifies an error condition. -| 147 = @until // The 'until' keyword. -| 148 = @using // The (unimplemented) 'using' keyword. -| 149 = @var // The (unimplemented) 'var' keyword. -| 1 = @variable // A variable token, always begins with '$' and followed by the variable name, possibly enclose in curly braces. Tokens with this kind are always instances of VariableToken. -| 150 = @while // The 'while' keyword. -| 151 = @workflow // The 'workflow' keyword. -| 55 = @xor; // The logical exclusive or operator '-xor'. \ No newline at end of file diff --git a/powershell/ql/lib/upgrades/c5191f89a6e3e8cea428b5c7326a06e335738533/upgrade.properties b/powershell/ql/lib/upgrades/c5191f89a6e3e8cea428b5c7326a06e335738533/upgrade.properties deleted file mode 100644 index 3b1fb5b7928..00000000000 --- a/powershell/ql/lib/upgrades/c5191f89a6e3e8cea428b5c7326a06e335738533/upgrade.properties +++ /dev/null @@ -1,3 +0,0 @@ -description: Remove psmodule file extraction -compatibility: full -is_in_psmodule_path.rel: delete From 7553e14873bca62bc14e14d72a86fe118699066c Mon Sep 17 00:00:00 2001 From: Dilan Bhalla Date: Mon, 21 Apr 2025 12:21:23 -0700 Subject: [PATCH 12/17] sync upstream tags to main --- .github/workflows/sync-main-tags.yml | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 .github/workflows/sync-main-tags.yml diff --git a/.github/workflows/sync-main-tags.yml b/.github/workflows/sync-main-tags.yml new file mode 100644 index 00000000000..f27a112ed9b --- /dev/null +++ b/.github/workflows/sync-main-tags.yml @@ -0,0 +1,27 @@ +name: Sync Main Tags + +on: + pull_request: + types: + - closed + branches: + - main + +jobs: + sync-main-tags: + name: Sync Main Tags + runs-on: ubuntu-latest + if: github.repository == 'microsoft/codeql' && github.event.pull_request.merged == true && github.event.pull_request.head.ref == 'auto/sync-main-pr' + permissions: + contents: write + steps: + - name: Checkout + uses: actions/checkout@v3 + with: + fetch-depth: 0 + - name: Push Tags + run: | + git fetch upstream --tags --force + git push --force origin --tags + env: + GH_TOKEN: ${{ secrets.WORKFLOW_TOKEN }} From 57f060beedcec1f8c387ef9d69e250753a17180c Mon Sep 17 00:00:00 2001 From: Lindsay Simpkins Date: Mon, 21 Apr 2025 16:41:36 -0400 Subject: [PATCH 13/17] Update DataFlowImpl.qll --- rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll b/rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll index e3183c9f82e..4224038e9b5 100644 --- a/rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll +++ b/rust/ql/lib/codeql/rust/dataflow/internal/DataFlowImpl.qll @@ -95,7 +95,7 @@ final class DataFlowCall extends TDataFlowCall { //** TODO JB1: Move to subclass, monkey patching for #153 */ DataFlowCallable getARuntimeTarget(){ none() } - Node::ArgumentNode getAnArgumentNode(){ none() } + ArgumentNode getAnArgumentNode(){ none() } int totalorder(){ none() } //** TODO JB1: end stubs for #153 */ } From b9fdc78c16841447d061f9e76524ecf266250aa3 Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Tue, 22 Apr 2025 14:59:45 +0100 Subject: [PATCH 14/17] PS: Add argument tests. --- .../test/library-tests/ast/Arguments/arguments.expected | 9 +++++++++ .../ql/test/library-tests/ast/Arguments/arguments.ps1 | 8 ++++++++ .../ql/test/library-tests/ast/Arguments/arguments.ql | 5 +++++ powershell/ql/test/library-tests/ast/parent.expected | 8 ++++++++ 4 files changed, 30 insertions(+) create mode 100644 powershell/ql/test/library-tests/ast/Arguments/arguments.expected create mode 100644 powershell/ql/test/library-tests/ast/Arguments/arguments.ps1 create mode 100644 powershell/ql/test/library-tests/ast/Arguments/arguments.ql diff --git a/powershell/ql/test/library-tests/ast/Arguments/arguments.expected b/powershell/ql/test/library-tests/ast/Arguments/arguments.expected new file mode 100644 index 00000000000..030de88158e --- /dev/null +++ b/powershell/ql/test/library-tests/ast/Arguments/arguments.expected @@ -0,0 +1,9 @@ +positionalArguments +| arguments.ps1:1:5:1:5 | 1 | 0 | +namedArguments +| arguments.ps1:2:8:2:8 | 1 | x | +| arguments.ps1:3:8:3:8 | 1 | x | +| arguments.ps1:7:8:7:8 | 1 | x | +| arguments.ps1:7:13:7:13 | 2 | y | +| arguments.ps1:8:8:8:8 | 1 | x | +| arguments.ps1:8:13:8:13 | 2 | y | diff --git a/powershell/ql/test/library-tests/ast/Arguments/arguments.ps1 b/powershell/ql/test/library-tests/ast/Arguments/arguments.ps1 new file mode 100644 index 00000000000..88f98d2dbed --- /dev/null +++ b/powershell/ql/test/library-tests/ast/Arguments/arguments.ps1 @@ -0,0 +1,8 @@ +Foo 1 +Foo -x 1 +Foo -x:1 +Foo -x + +Bar -x -y +Bar -x 1 -y 2 +Bar -x:1 -y:2 \ No newline at end of file diff --git a/powershell/ql/test/library-tests/ast/Arguments/arguments.ql b/powershell/ql/test/library-tests/ast/Arguments/arguments.ql new file mode 100644 index 00000000000..fb5ab3c699f --- /dev/null +++ b/powershell/ql/test/library-tests/ast/Arguments/arguments.ql @@ -0,0 +1,5 @@ +import powershell + +query predicate positionalArguments(Argument a, int p) { p = a.getPosition() } + +query predicate namedArguments(Argument a, string name) { name = a.getName() } diff --git a/powershell/ql/test/library-tests/ast/parent.expected b/powershell/ql/test/library-tests/ast/parent.expected index 7c27e930667..026e6f3ff6a 100644 --- a/powershell/ql/test/library-tests/ast/parent.expected +++ b/powershell/ql/test/library-tests/ast/parent.expected @@ -199,6 +199,14 @@ | Expressions/ExpandableString.ps1:1:23:1:37 | [Stmt] Now | Expressions/ExpandableString.ps1:1:23:1:37 | {...} | | Expressions/ExpandableString.ps1:1:23:1:37 | {...} | Expressions/ExpandableString.ps1:1:21:1:38 | $(...) | | Expressions/ExpandableString.ps1:1:35:1:37 | Now | Expressions/ExpandableString.ps1:1:23:1:37 | Now | +| Expressions/MemberExpression.ps1:1:1:2:14 | [synth] pipeline | Expressions/MemberExpression.ps1:1:1:2:14 | {...} | +| Expressions/MemberExpression.ps1:1:1:2:14 | {...} | Expressions/MemberExpression.ps1:1:1:2:14 | toplevel function for MemberExpression.ps1 | +| Expressions/MemberExpression.ps1:1:1:2:14 | {...} | Expressions/MemberExpression.ps1:1:1:2:14 | {...} | +| Expressions/MemberExpression.ps1:1:7:1:8 | x | Expressions/MemberExpression.ps1:1:1:2:14 | {...} | +| Expressions/MemberExpression.ps1:2:1:2:10 | DateTime | Expressions/MemberExpression.ps1:2:1:2:14 | ... | +| Expressions/MemberExpression.ps1:2:1:2:14 | ... | Expressions/MemberExpression.ps1:2:1:2:14 | [Stmt] ... | +| Expressions/MemberExpression.ps1:2:1:2:14 | [Stmt] ... | Expressions/MemberExpression.ps1:1:1:2:14 | {...} | +| Expressions/MemberExpression.ps1:2:13:2:14 | x | Expressions/MemberExpression.ps1:2:1:2:14 | ... | | Expressions/SubExpression.ps1:1:1:1:11 | $(...) | Expressions/SubExpression.ps1:1:1:1:23 | Call to AddDays | | Expressions/SubExpression.ps1:1:1:1:23 | Call to AddDays | Expressions/SubExpression.ps1:1:1:1:23 | [Stmt] Call to AddDays | | Expressions/SubExpression.ps1:1:1:1:23 | [Stmt] Call to AddDays | Expressions/SubExpression.ps1:1:1:2:21 | {...} | From 72266cb0004a09a67605c08048f97ad579cd4dfa Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Tue, 22 Apr 2025 15:00:49 +0100 Subject: [PATCH 15/17] PS: Drive-by cleanup in Constant.qll --- .../code/powershell/ast/internal/Constant.qll | 15 +++------------ 1 file changed, 3 insertions(+), 12 deletions(-) diff --git a/powershell/ql/lib/semmle/code/powershell/ast/internal/Constant.qll b/powershell/ql/lib/semmle/code/powershell/ast/internal/Constant.qll index f39a9bdfff7..b68cc5f6e49 100644 --- a/powershell/ql/lib/semmle/code/powershell/ast/internal/Constant.qll +++ b/powershell/ql/lib/semmle/code/powershell/ast/internal/Constant.qll @@ -1,4 +1,5 @@ private import AstImport +private import codeql.util.Boolean private newtype TConstantValue = TConstInteger(int value) { @@ -12,15 +13,7 @@ private newtype TConstantValue = ) } or TConstString(string value) { exists(Raw::StringLiteral sl | sl.getValue() = value) } or - TConstBoolean(boolean value) { - exists(Raw::VarAccess va | - value = true and - va.getUserPath() = "true" - or - value = false and - va.getUserPath() = "false" - ) - } or + TConstBoolean(Boolean b) or TNull() /** A constant value. */ @@ -61,9 +54,7 @@ class ConstInteger extends ConstantValue, TConstInteger { final override string serialize() { result = this.getValue() } - final override ConstExpr getAnExpr() { - result.getValueString() = this.getValue() - } + final override ConstExpr getAnExpr() { result.getValueString() = this.getValue() } } /** A constant floating point value. */ From e9fd50b67c35dc1da7a74d0d3d39f564dd277580 Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Tue, 22 Apr 2025 15:03:21 +0100 Subject: [PATCH 16/17] PS: Handle switch arguments by synthesizing a boolean true literal and represent them as named arguments. --- .../powershell/ast/internal/Raw/Command.qll | 53 +++++++++++++++---- .../powershell/ast/internal/Synthesis.qll | 46 ++++++++++------ 2 files changed, 73 insertions(+), 26 deletions(-) diff --git a/powershell/ql/lib/semmle/code/powershell/ast/internal/Raw/Command.qll b/powershell/ql/lib/semmle/code/powershell/ast/internal/Raw/Command.qll index 7186de94065..da889b1f573 100644 --- a/powershell/ql/lib/semmle/code/powershell/ast/internal/Raw/Command.qll +++ b/powershell/ql/lib/semmle/code/powershell/ast/internal/Raw/Command.qll @@ -53,9 +53,15 @@ class Cmd extends @command, CmdBase { Redirection getARedirection() { result = this.getRedirection(_) } - Expr getArgument(int i) { + /** + * Gets the `i`th argument to this command. + * + * This is either an expression, or a CmdParameter with no expression. + * The latter is only used to denote switch parameters. + */ + CmdElement getArgument(int i) { result = - rank[i + 1](CmdElement e, Expr r, int j | + rank[i + 1](CmdElement e, CmdElement r, int j | ( // For most commands the 0'th element is the command name ... j > 0 @@ -71,7 +77,25 @@ class Cmd extends @command, CmdBase { not e instanceof CmdParameter and r = e or - r = e.(CmdParameter).getExpr() + exists(CmdParameter p | e = p | + // If it has an expression, use that + p.getExpr() = r + or + // Otherwise, if it doesn't have an expression it's either + // because it's of the form (1) `-Name x`, (2) `-Name -SomethingElse`, + // or (3) `-Name` (with no other elements). + // In (1) we use `x` as the argument, and in (2) and (3) we use + // `-Name` as the argument. + not exists(p.getExpr()) and + ( + this.getElement(j + 1) instanceof CmdParameter and + p = r + or + // Case 3 + not exists(this.getElement(j + 1)) and + r = p + ) + ) ) | r order by j @@ -80,16 +104,23 @@ class Cmd extends @command, CmdBase { Expr getNamedArgument(string name) { exists(CmdParameter p, int index | - result = this.getArgument(index) and - p.getName() = name + p = this.getElement(index) and + p.getName().toLowerCase() = name | - p.getExpr() = result + result = p.getExpr() or - exists(int jndex | - not exists(p.getExpr()) and - this.getElement(jndex) = p and - this.getElement(jndex + 1) = result - ) + not exists(p.getExpr()) and + // `not result instanceof CmdParameter` is implied + result = this.getElement(index + 1) + ) + } + + CmdParameter getSwitchArgument(string name) { + not exists(this.getNamedArgument(name)) and + exists(int index | + result = this.getElement(index) and + result.getName().toLowerCase() = name and + not exists(result.getExpr()) ) } } diff --git a/powershell/ql/lib/semmle/code/powershell/ast/internal/Synthesis.qll b/powershell/ql/lib/semmle/code/powershell/ast/internal/Synthesis.qll index b6634ad7dc0..24cb4d323b6 100644 --- a/powershell/ql/lib/semmle/code/powershell/ast/internal/Synthesis.qll +++ b/powershell/ql/lib/semmle/code/powershell/ast/internal/Synthesis.qll @@ -550,13 +550,18 @@ private module CmdExprRemoval { private module CmdArguments { private class CmdParameterRemoval extends Synthesis { override predicate child(Raw::Ast parent, ChildIndex i, Child child) { - exists(Raw::Expr e | - this.rawChild(parent, i, e) and - child = childRef(getResultAst(e)) + exists(Raw::CmdElement elem | this.rawChild(parent, i, elem) | + elem instanceof Raw::Expr and + child = childRef(getResultAst(elem)) + or + // By construction of `Cmd::getArgument` this `CmdParameter` does not + // have an expression attached to it. + elem instanceof Raw::CmdParameter and + child = SynthChild(BoolLiteralKind(true)) ) } - private predicate rawChild(Raw::Cmd cmd, ChildIndex i, Raw::Expr child) { + private predicate rawChild(Raw::Cmd cmd, ChildIndex i, Raw::CmdElement child) { exists(int index | i = cmdArgument(index) and child = cmd.getArgument(index) @@ -564,19 +569,30 @@ private module CmdArguments { } override predicate isNamedArgument(CmdCall call, int i, string name) { - exists(Raw::Cmd cmd, Raw::Expr e, Raw::CmdParameter p | - this.rawChild(cmd, cmdArgument(i), e) and + exists(Raw::Cmd cmd, Raw::CmdElement elem | call = getResultAst(cmd) and - p.getName().toLowerCase() = name + cmd.getArgument(i) = elem | - p.getExpr() = e - or - exists(ChildIndex j, int jndex | - j = cmdElement_(jndex) and - not exists(p.getExpr()) and - cmd.getChild(toRawChildIndex(j)) = p and - cmd.getChild(toRawChildIndex(cmdElement_(jndex + 1))) = e - ) + elem = cmd.getNamedArgument(name) or cmd.getSwitchArgument(name) = elem + ) + } + + final override predicate isRelevant(Raw::Ast a) { + a instanceof Raw::CmdParameter and + this.rawChild(_, _, a) + } + + final override Expr getResultAstImpl(Raw::Ast r) { + exists(Raw::Cmd cmd, ChildIndex i | + this.rawChild(cmd, i, r) and + result = TBoolLiteral(cmd, i) + ) + } + + final override predicate booleanValue(BoolLiteral b, boolean value) { + exists(Raw::Ast parent, ChildIndex i | + b = TBoolLiteral(parent, i) and + this.child(parent, i, SynthChild(BoolLiteralKind(value))) ) } } From 09ebc76a2302dade1f0cfd0344c27d169c9220af Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Tue, 22 Apr 2025 15:32:35 +0100 Subject: [PATCH 17/17] PS: Accept test changes. --- .../ast/Arguments/arguments.expected | 3 ++ .../ql/test/library-tests/ast/parent.expected | 35 +++++++++++++++++++ 2 files changed, 38 insertions(+) diff --git a/powershell/ql/test/library-tests/ast/Arguments/arguments.expected b/powershell/ql/test/library-tests/ast/Arguments/arguments.expected index 030de88158e..3aee831fcb3 100644 --- a/powershell/ql/test/library-tests/ast/Arguments/arguments.expected +++ b/powershell/ql/test/library-tests/ast/Arguments/arguments.expected @@ -3,6 +3,9 @@ positionalArguments namedArguments | arguments.ps1:2:8:2:8 | 1 | x | | arguments.ps1:3:8:3:8 | 1 | x | +| arguments.ps1:4:5:4:6 | true | x | +| arguments.ps1:6:5:6:6 | true | x | +| arguments.ps1:6:8:6:9 | true | y | | arguments.ps1:7:8:7:8 | 1 | x | | arguments.ps1:7:13:7:13 | 2 | y | | arguments.ps1:8:8:8:8 | 1 | x | diff --git a/powershell/ql/test/library-tests/ast/parent.expected b/powershell/ql/test/library-tests/ast/parent.expected index 026e6f3ff6a..c4462fbebf8 100644 --- a/powershell/ql/test/library-tests/ast/parent.expected +++ b/powershell/ql/test/library-tests/ast/parent.expected @@ -1,3 +1,36 @@ +| Arguments/arguments.ps1:1:1:1:3 | Foo | Arguments/arguments.ps1:1:1:1:5 | Call to Foo | +| Arguments/arguments.ps1:1:1:1:5 | Call to Foo | Arguments/arguments.ps1:1:1:1:5 | [Stmt] Call to Foo | +| Arguments/arguments.ps1:1:1:1:5 | [Stmt] Call to Foo | Arguments/arguments.ps1:1:1:8:13 | {...} | +| Arguments/arguments.ps1:1:1:8:13 | {...} | Arguments/arguments.ps1:1:1:8:13 | toplevel function for arguments.ps1 | +| Arguments/arguments.ps1:1:1:8:13 | {...} | Arguments/arguments.ps1:1:1:8:13 | {...} | +| Arguments/arguments.ps1:1:5:1:5 | 1 | Arguments/arguments.ps1:1:1:1:5 | Call to Foo | +| Arguments/arguments.ps1:2:1:2:3 | Foo | Arguments/arguments.ps1:2:1:2:8 | Call to Foo | +| Arguments/arguments.ps1:2:1:2:8 | Call to Foo | Arguments/arguments.ps1:2:1:2:8 | [Stmt] Call to Foo | +| Arguments/arguments.ps1:2:1:2:8 | [Stmt] Call to Foo | Arguments/arguments.ps1:1:1:8:13 | {...} | +| Arguments/arguments.ps1:2:8:2:8 | 1 | Arguments/arguments.ps1:2:1:2:8 | Call to Foo | +| Arguments/arguments.ps1:3:1:3:3 | Foo | Arguments/arguments.ps1:3:1:3:8 | Call to Foo | +| Arguments/arguments.ps1:3:1:3:8 | Call to Foo | Arguments/arguments.ps1:3:1:3:8 | [Stmt] Call to Foo | +| Arguments/arguments.ps1:3:1:3:8 | [Stmt] Call to Foo | Arguments/arguments.ps1:1:1:8:13 | {...} | +| Arguments/arguments.ps1:3:8:3:8 | 1 | Arguments/arguments.ps1:3:1:3:8 | Call to Foo | +| Arguments/arguments.ps1:4:1:4:3 | Foo | Arguments/arguments.ps1:4:1:4:6 | Call to Foo | +| Arguments/arguments.ps1:4:1:4:6 | Call to Foo | Arguments/arguments.ps1:4:1:4:6 | [Stmt] Call to Foo | +| Arguments/arguments.ps1:4:1:4:6 | [Stmt] Call to Foo | Arguments/arguments.ps1:1:1:8:13 | {...} | +| Arguments/arguments.ps1:4:5:4:6 | true | Arguments/arguments.ps1:4:1:4:6 | Call to Foo | +| Arguments/arguments.ps1:6:1:6:3 | Bar | Arguments/arguments.ps1:6:1:6:9 | Call to Bar | +| Arguments/arguments.ps1:6:1:6:9 | Call to Bar | Arguments/arguments.ps1:6:1:6:9 | [Stmt] Call to Bar | +| Arguments/arguments.ps1:6:1:6:9 | [Stmt] Call to Bar | Arguments/arguments.ps1:1:1:8:13 | {...} | +| Arguments/arguments.ps1:6:5:6:6 | true | Arguments/arguments.ps1:6:1:6:9 | Call to Bar | +| Arguments/arguments.ps1:6:8:6:9 | true | Arguments/arguments.ps1:6:1:6:9 | Call to Bar | +| Arguments/arguments.ps1:7:1:7:3 | Bar | Arguments/arguments.ps1:7:1:7:13 | Call to Bar | +| Arguments/arguments.ps1:7:1:7:13 | Call to Bar | Arguments/arguments.ps1:7:1:7:13 | [Stmt] Call to Bar | +| Arguments/arguments.ps1:7:1:7:13 | [Stmt] Call to Bar | Arguments/arguments.ps1:1:1:8:13 | {...} | +| Arguments/arguments.ps1:7:8:7:8 | 1 | Arguments/arguments.ps1:7:1:7:13 | Call to Bar | +| Arguments/arguments.ps1:7:13:7:13 | 2 | Arguments/arguments.ps1:7:1:7:13 | Call to Bar | +| Arguments/arguments.ps1:8:1:8:3 | Bar | Arguments/arguments.ps1:8:1:8:13 | Call to Bar | +| Arguments/arguments.ps1:8:1:8:13 | Call to Bar | Arguments/arguments.ps1:8:1:8:13 | [Stmt] Call to Bar | +| Arguments/arguments.ps1:8:1:8:13 | [Stmt] Call to Bar | Arguments/arguments.ps1:1:1:8:13 | {...} | +| Arguments/arguments.ps1:8:8:8:8 | 1 | Arguments/arguments.ps1:8:1:8:13 | Call to Bar | +| Arguments/arguments.ps1:8:13:8:13 | 2 | Arguments/arguments.ps1:8:1:8:13 | Call to Bar | | Arrays/Arrays.ps1:0:0:0:-1 | {...} | Arrays/Arrays.ps1:14:41:14:43 | @(...) | | Arrays/Arrays.ps1:1:1:1:7 | array1 | Arrays/Arrays.ps1:1:1:1:36 | ...=... | | Arrays/Arrays.ps1:1:1:1:7 | array1 | Arrays/Arrays.ps1:1:1:15:14 | {...} | @@ -189,6 +222,8 @@ | Expressions/ConvertWithSecureString.ps1:2:19:2:40 | ConvertTo-SecureString | Expressions/ConvertWithSecureString.ps1:2:19:2:79 | Call to ConvertTo-SecureString | | Expressions/ConvertWithSecureString.ps1:2:19:2:79 | Call to ConvertTo-SecureString | Expressions/ConvertWithSecureString.ps1:2:1:2:79 | ...=... | | Expressions/ConvertWithSecureString.ps1:2:50:2:59 | UserInput | Expressions/ConvertWithSecureString.ps1:2:19:2:79 | Call to ConvertTo-SecureString | +| Expressions/ConvertWithSecureString.ps1:2:61:2:72 | true | Expressions/ConvertWithSecureString.ps1:2:19:2:79 | Call to ConvertTo-SecureString | +| Expressions/ConvertWithSecureString.ps1:2:74:2:79 | true | Expressions/ConvertWithSecureString.ps1:2:19:2:79 | Call to ConvertTo-SecureString | | Expressions/ExpandableString.ps1:1:1:1:39 | Date: $([DateTime]::Now)\nName: $name | Expressions/ExpandableString.ps1:1:1:1:39 | [Stmt] Date: $([DateTime]::Now)\nName: $name | | Expressions/ExpandableString.ps1:1:1:1:39 | [Stmt] Date: $([DateTime]::Now)\nName: $name | Expressions/ExpandableString.ps1:1:1:1:39 | {...} | | Expressions/ExpandableString.ps1:1:1:1:39 | {...} | Expressions/ExpandableString.ps1:1:1:1:39 | toplevel function for ExpandableString.ps1 |