Overlay: Add overlay annotations to Java & shared libraries

2025-12-16 16:53:25 +01:00 · 2025-06-16 13:06:31 +02:00
parent 2218a981f6
commit c207cfdeb7
428 changed files with 966 additions and 0 deletions
--- a/shared/dataflow/codeql/dataflow/DataFlow.qll
+++ b/shared/dataflow/codeql/dataflow/DataFlow.qll
@@ -3,6 +3,8 @@
 * adds a global analysis, mainly exposed through the `Global` and `GlobalWithState`
 * modules.
 */
+overlay[local?]
+module;

 private import codeql.util.Location

--- a/shared/dataflow/codeql/dataflow/TaintTracking.qll
+++ b/shared/dataflow/codeql/dataflow/TaintTracking.qll
@@ -2,6 +2,8 @@
 * Provides modules for performing local (intra-procedural) and
 * global (inter-procedural) taint-tracking analyses.
 */
+overlay[local?]
+module;

 private import DataFlow as DF
 private import internal.DataFlowImpl
--- a/shared/dataflow/codeql/dataflow/VariableCapture.qll
+++ b/shared/dataflow/codeql/dataflow/VariableCapture.qll
@@ -2,6 +2,8 @@
 * Provides a module for synthesizing data-flow nodes and related step relations
 * for supporting flow through captured variables.
 */
+overlay[local?]
+module;

 private import codeql.util.Boolean
 private import codeql.util.Unit
--- a/shared/dataflow/codeql/dataflow/internal/AccessPathSyntax.qll
+++ b/shared/dataflow/codeql/dataflow/internal/AccessPathSyntax.qll
@@ -5,6 +5,8 @@
 * This file is used by the shared data flow library and by the JavaScript libraries
 * (which does not use the shared data flow libraries).
 */
+overlay[local?]
+module;

 /**
 * Convenience-predicate for extracting two capture groups at once.
--- a/shared/dataflow/codeql/dataflow/internal/ContentDataFlowImpl.qll
+++ b/shared/dataflow/codeql/dataflow/internal/ContentDataFlowImpl.qll
@@ -22,6 +22,8 @@
 * steps, followed by 0 or more stores, with value-preserving steps allowed in
 * between all other steps.
 */
+overlay[local?]
+module;

 private import codeql.dataflow.DataFlow
 private import codeql.util.Boolean
--- a/shared/dataflow/codeql/dataflow/internal/DataFlowImpl.qll
+++ b/shared/dataflow/codeql/dataflow/internal/DataFlowImpl.qll
@@ -3,6 +3,8 @@
 *
 * Provides an implementation of global (interprocedural) data flow.
 */
+overlay[local?]
+module;

 private import codeql.util.Unit
 private import codeql.util.Option
@@ -792,6 +794,7 @@ module MakeImpl<LocationSig Location, InputSig<Location> Lang> {
            innercc = getCallContextCall(call, inner)
          }

+          overlay[caller]
          pragma[inline]
          predicate fwdFlowIn(
            Call call, ArgNd arg, Callable inner, ParamNd p, Cc outercc, CcCall innercc,
@@ -2321,6 +2324,7 @@ module MakeImpl<LocationSig Location, InputSig<Location> Lang> {
               * For more information, see
               * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/).
               */
+              overlay[caller]
              pragma[inline]
              deprecated final predicate hasLocationInfo(
                string filepath, int startline, int startcolumn, int endline, int endcolumn
@@ -2524,6 +2528,7 @@ module MakeImpl<LocationSig Location, InputSig<Location> Lang> {

      class ApHeadContent = Unit;

+      overlay[caller]
      pragma[inline]
      ApHeadContent getHeadContent(Ap ap) { exists(result) and ap = true }

--- a/shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll
+++ b/shared/dataflow/codeql/dataflow/internal/DataFlowImplCommon.qll
@@ -1,3 +1,6 @@
+overlay[local?]
+module;
+
 private import codeql.dataflow.DataFlow
 private import codeql.typetracking.TypeTracking as Tt
 private import codeql.util.Location
@@ -674,6 +677,7 @@ module MakeImplCommon<LocationSig Location, InputSig<Location> Lang> {

      class CcCall = CallContextCall;

+      overlay[caller]
      pragma[inline]
      predicate matchesCall(CcCall cc, Call call) {
        cc = Input2::getSpecificCallContextCall(call, _) or
@@ -885,6 +889,7 @@ module MakeImplCommon<LocationSig Location, InputSig<Location> Lang> {
    pragma[nomagic]
    private Callable getEnclosingCallable0() { nodeEnclosingCallable(this.projectToNode(), result) }

+    overlay[caller]
    pragma[inline]
    Callable getEnclosingCallable() {
      pragma[only_bind_out](this).getEnclosingCallable0() = pragma[only_bind_into](result)
@@ -899,6 +904,7 @@ module MakeImplCommon<LocationSig Location, InputSig<Location> Lang> {
      isTopType(result) and this.isImplicitReadNode(_)
    }

+    overlay[caller]
    pragma[inline]
    Type getType() { pragma[only_bind_out](this).getType0() = pragma[only_bind_into](result) }

@@ -2410,12 +2416,14 @@ module MakeImplCommon<LocationSig Location, InputSig<Location> Lang> {
   * predicate ensures that joins go from `n` to the result instead of the other
   * way around.
   */
+  overlay[caller]
  pragma[inline]
  Callable getNodeEnclosingCallable(Node n) {
    nodeEnclosingCallable(pragma[only_bind_out](n), pragma[only_bind_into](result))
  }

  /** Gets the type of `n` used for type pruning. */
+  overlay[caller]
  pragma[inline]
  Type getNodeDataFlowType(Node n) {
    nodeType(pragma[only_bind_out](n), pragma[only_bind_into](result))
--- a/shared/dataflow/codeql/dataflow/internal/DataFlowImplConsistency.qll
+++ b/shared/dataflow/codeql/dataflow/internal/DataFlowImplConsistency.qll
@@ -2,6 +2,8 @@
 * Provides consistency queries for checking invariants in the language-specific
 * data-flow classes and predicates.
 */
+overlay[local?]
+module;

 private import codeql.dataflow.DataFlow as DF
 private import codeql.dataflow.TaintTracking as TT
--- a/shared/dataflow/codeql/dataflow/internal/DataFlowImplStage1.qll
+++ b/shared/dataflow/codeql/dataflow/internal/DataFlowImplStage1.qll
@@ -4,6 +4,8 @@
 * Provides an implementation of a fast initial pruning of global
 * (interprocedural) data flow reachability (Stage 1).
 */
+overlay[local?]
+module;

 private import codeql.util.Unit
 private import codeql.util.Location
@@ -1784,6 +1786,7 @@ module MakeImplStage1<LocationSig Location, InputSig<Location> Lang> {
           * For more information, see
           * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/).
           */
+          overlay[caller]
          pragma[inline]
          deprecated predicate hasLocationInfo(
            string filepath, int startline, int startcolumn, int endline, int endcolumn
--- a/shared/dataflow/codeql/dataflow/internal/FlowSummaryImpl.qll
+++ b/shared/dataflow/codeql/dataflow/internal/FlowSummaryImpl.qll
@@ -1,6 +1,8 @@
 /**
 * Provides classes and predicates for defining flow summaries.
 */
+overlay[local?]
+module;

 private import codeql.dataflow.DataFlow as DF
 private import codeql.util.Location
--- a/shared/dataflow/codeql/dataflow/test/ProvenancePathGraph.qll
+++ b/shared/dataflow/codeql/dataflow/test/ProvenancePathGraph.qll
@@ -5,6 +5,8 @@
 * In addition to the `PathGraph`, a `query predicate models` is provided to
 * list the contents of the referenced MaD rows.
 */
+overlay[local?]
+module;

 private import codeql.dataflow.DataFlow as DF